· 6 years ago · Mar 19, 2020, 03:42 AM
1###################################################################################################################################
2===================================================================================================================================
3Hostname www.wowmodels.info ISP IP Volume inc
4Continent Europe Flag
5NL
6Country Netherlands Country Code NL
7Region North Holland Local time 19 Mar 2020 03:16 CET
8City Amsterdam Postal Code 1091
9IP Address 94.102.51.111 Latitude 52.353
10 Longitude 4.909
11==================================================================================================================================
12##################################################################################################################################
13> www.wowmodels.info
14Server: 10.101.0.243
15Address: 10.101.0.243#53
16
17Non-authoritative answer:
18Name: www.wowmodels.info
19Address: 94.102.51.111
20>
21##################################################################################################################################
22Domain Name: WOWMODELS.INFO
23Registry Domain ID: D18217600-LRMS
24Registrar WHOIS Server: whois.namesilo.com
25Registrar URL: http://www.namesilo.com
26Updated Date: 2020-02-29T00:10:39Z
27Creation Date: 2007-06-02T21:13:23Z
28Registry Expiry Date: 2021-06-02T21:13:23Z
29Registrar Registration Expiration Date:
30Registrar: Namesilo, LLC
31Registrar IANA ID: 1479
32Registrar Abuse Contact Email: abuse@namesilo.com
33Registrar Abuse Contact Phone: +1.4805240066
34Reseller:
35Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
36Domain Status: serverTransferProhibited https://icann.org/epp#serverTransferProhibited
37Registrant Organization: See PrivacyGuardian.org
38Registrant State/Province: AZ
39Registrant Country: US
40Name Server: NS2.MONCHEKIN.COM
41Name Server: NS1.MONCHEKIN.COM
42DNSSEC: unsigned
43##################################################################################################################################
44[+] Target : www.wowmodels.info
45
46[+] IP Address : 94.102.51.111
47
48[+] Headers :
49
50[+] Server : nginx
51[+] Date : Thu, 19 Mar 2020 02:22:35 GMT
52[+] Content-Type : text/html
53[+] Transfer-Encoding : chunked
54[+] Connection : keep-alive
55[+] Vary : Accept-Encoding
56[+] X-Powered-By : PHP/5.4.45
57[+] Set-Cookie : faceID=1; expires=Thu, 02-Apr-2020 02:22:35 GMT, TM_CJ_TID=1; path=/, TM_CJ_UNIQUE=da2be2c9eb1e60f237f3bab207b08028; path=/
58[+] Cache-Control : no-cashe, must-revalidate
59[+] Pragma : no-cache
60[+] Content-Encoding : gzip
61
62[+] SSL Certificate Information :
63
64[-] SSL is not Present on Target URL...Skipping...
65
66[+] Whois Lookup :
67
68[+] NIR : None
69[+] ASN Registry : ripencc
70[+] ASN : 202425
71[+] ASN CIDR : 94.102.51.0/24
72[+] ASN Country Code : NL
73[+] ASN Date : 2008-08-29
74[+] ASN Description : INT-NETWORK, SC
75[+] cidr : 94.102.51.0/24
76[+] name : NET-4-51
77[+] handle : IVI24-RIPE
78[+] range : 94.102.51.0 - 94.102.51.255
79[+] description : IPV NETBLOCK
80[+] country : NL
81[+] state : None
82[+] city : None
83[+] address : Suite 9
84Victoria, Mahe
85Seychelles
86[+] postal_code : None
87[+] emails : None
88[+] created : 2019-02-04T13:25:18Z
89[+] updated : 2019-02-04T13:25:18Z
90
91[+] Crawling Target...
92
93[+] Looking for robots.txt........[ Found ]
94[+] Extracting robots Links.......[ 5 ]
95[+] Looking for sitemap.xml.......[ Not Found ]
96[+] Extracting CSS Links..........[ 0 ]
97[+] Extracting Javascript Links...[ 0 ]
98[+] Extracting Internal Links.....[ 55 ]
99[+] Extracting External Links.....[ 28 ]
100[+] Extracting Images.............[ 84 ]
101
102[+] Total Links Extracted : 172
103
104[+] Dumping Links in /opt/FinalRecon/dumps/www.wowmodels.info.dump
105[+] Completed!
106#################################################################################################################################
107[i] Scanning Site: http://www.wowmodels.info
108
109
110
111B A S I C I N F O
112====================
113
114
115[+] Site Title: WoW Models. Young models images.
116[+] IP address: 94.102.51.111
117[+] Web Server: nginx
118[+] CMS: Could Not Detect
119[+] Cloudflare: Not Detected
120[+] Robots File: Found
121
122-------------[ contents ]----------------
123User-agent: *
124Disallow: /cgi-bin/
125Disallow: /admin/
126Disallow: /log/
127Disallow: /sys_log/
128Disallow: /cj_out.php
129
130-----------[end of contents]-------------
131
132
133
134W H O I S L O O K U P
135========================
136
137 Domain Name: WOWMODELS.INFO
138Registry Domain ID: D18217600-LRMS
139Registrar WHOIS Server: whois.namesilo.com
140Registrar URL: http://www.namesilo.com
141Updated Date: 2020-02-29T00:10:39Z
142Creation Date: 2007-06-02T21:13:23Z
143Registry Expiry Date: 2021-06-02T21:13:23Z
144Registrar Registration Expiration Date:
145Registrar: Namesilo, LLC
146Registrar IANA ID: 1479
147Registrar Abuse Contact Email: abuse@namesilo.com
148Registrar Abuse Contact Phone: +1.4805240066
149Reseller:
150Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
151Domain Status: serverTransferProhibited https://icann.org/epp#serverTransferProhibited
152Registrant Organization: See PrivacyGuardian.org
153Registrant State/Province: AZ
154Registrant Country: US
155Name Server: NS2.MONCHEKIN.COM
156Name Server: NS1.MONCHEKIN.COM
157DNSSEC: unsigned
158URL of the ICANN Whois Inaccuracy Complaint Form is https://www.icann.org/wicf/
159>>> Last update of WHOIS database: 2020-03-19T02:21:51Z <<<
160
161For more information on Whois status codes, please visit https://icann.org/epp
162
163
164
165
166
167G E O I P L O O K U P
168=========================
169
170[i] IP Address: 94.102.51.111
171[i] Country: Netherlands
172[i] State: North Holland
173[i] City: Amsterdam
174[i] Latitude: 52.35
175[i] Longitude: 4.9167
176
177
178
179
180H T T P H E A D E R S
181=======================
182
183
184[i] HTTP/1.1 200 OK
185[i] Server: nginx
186[i] Date: Thu, 19 Mar 2020 02:22:53 GMT
187[i] Content-Type: text/html
188[i] Connection: close
189[i] Vary: Accept-Encoding
190[i] X-Powered-By: PHP/5.4.45
191[i] Set-Cookie: faceID=1; expires=Thu, 02-Apr-2020 02:22:53 GMT
192[i] Set-Cookie: TM_CJ_TID=1; path=/
193[i] Set-Cookie: TM_CJ_UNIQUE=da2be2c9eb1e60f237f3bab207b08028; path=/
194[i] Cache-Control: no-cashe, must-revalidate
195[i] Pragma: no-cache
196
197
198
199
200D N S L O O K U P
201===================
202
203wowmodels.info. 3599 IN SOA a13s08.host.com. root.example.com. 2018030600 3600 3600 604800 86400
204wowmodels.info. 3599 IN NS ns1.monchekin.com.
205wowmodels.info. 3599 IN NS ns2.monchekin.com.
206wowmodels.info. 3599 IN TXT "v=spf1 ip4:94.102.51.33 a mx ~all"
207wowmodels.info. 3599 IN MX 20 mail.wowmodels.info.
208wowmodels.info. 3599 IN MX 10 mail.wowmodels.info.
209wowmodels.info. 3599 IN A 94.102.51.111
210
211
212
213
214S U B N E T C A L C U L A T I O N
215====================================
216
217Address = 94.102.51.111
218Network = 94.102.51.111 / 32
219Netmask = 255.255.255.255
220Broadcast = not needed on Point-to-Point links
221Wildcard Mask = 0.0.0.0
222Hosts Bits = 0
223Max. Hosts = 1 (2^0 - 0)
224Host Range = { 94.102.51.111 - 94.102.51.111 }
225
226
227
228N M A P P O R T S C A N
229============================
230
231Starting Nmap 7.70 ( https://nmap.org ) at 2020-03-19 02:22 UTC
232Nmap scan report for wowmodels.info (94.102.51.111)
233Host is up (0.083s latency).
234
235PORT STATE SERVICE
23621/tcp filtered ftp
23722/tcp open ssh
23880/tcp open http
239443/tcp closed https
240
241Nmap done: 1 IP address (1 host up) scanned in 2.03 seconds
242################################################################################################################################
243[+] Starting At 2020-03-18 22:23:12.485580
244[+] Collecting Information On: http://www.wowmodels.info/
245[#] Status: 403
246--------------------------------------------------
247[#] Web Server Detected: nginx
248[!] X-Frame-Options Headers not detect! target might be vulnerable Click Jacking
249- Server: nginx
250- Date: Thu, 19 Mar 2020 02:23:06 GMT
251- Content-Type: text/html; charset=iso-8859-1
252- Transfer-Encoding: chunked
253- Connection: keep-alive
254- Vary: Accept-Encoding
255- Content-Encoding: gzip
256--------------------------------------------------
257[#] Finding Location..!
258[#] status: success
259[#] country: Netherlands
260[#] countryCode: NL
261[#] region: NH
262[#] regionName: North Holland
263[#] city: Amsterdam
264[#] zip: 1091
265[#] lat: 52.3534
266[#] lon: 4.9087
267[#] timezone: Europe/Amsterdam
268[#] isp: IP Volume inc
269[#] org: IP Volume inc
270[#] as: AS202425 IP Volume inc
271[#] query: 94.102.51.111
272--------------------------------------------------
273[x] Didn't Detect WAF Presence on: http://www.wowmodels.info/
274--------------------------------------------------
275[#] Starting Reverse DNS
276[!] Found 1 any Domain
277- wowmodels.info
278--------------------------------------------------
279[!] Scanning Open Port
280[#] 22/tcp open ssh
281[#] 25/tcp open smtp
282[#] 53/tcp open domain
283[#] 80/tcp open http
284[#] 110/tcp open pop3
285[#] 143/tcp open imap
286[#] 465/tcp open smtps
287[#] 993/tcp open imaps
288[#] 995/tcp open pop3s
289--------------------------------------------------
290[+] Getting SSL Info
291[Errno 111] Connection refused
292--------------------------------------------------
293[+] Collecting Information Disclosure!
294[#] Detecting sitemap.xml file
295[!] sitemap.xml File Found: http://www.wowmodels.info//sitemap.xml
296[#] Detecting robots.txt file
297[!] robots.txt File Found: http://www.wowmodels.info//robots.txt
298[#] Detecting GNU Mailman
299[-] GNU Mailman App Not Detected!?
300--------------------------------------------------
301[+] Crawling Url Parameter On: http://www.wowmodels.info/
302--------------------------------------------------
303[#] Searching Html Form !
304[-] No Html Form Found!?
305--------------------------------------------------
306[-] No DOM Paramter Found!?
307--------------------------------------------------
308[-] No internal Dynamic Parameter Found!?
309--------------------------------------------------
310[-] No external Dynamic Paramter Found!?
311--------------------------------------------------
312[-] No Internal Link Found!?
313--------------------------------------------------
314[-] No External Link Found!?
315--------------------------------------------------
316[#] Mapping Subdomain..
317[!] Found 1 Subdomain
318- wowmodels.info
319--------------------------------------------------
320[!] Done At 2020-03-18 22:23:46.981287
321##################################################################################################################################
322[INFO] ------TARGET info------
323[*] TARGET: http://www.wowmodels.info/
324[*] TARGET IP: 94.102.51.111
325[INFO] NO load balancer detected for www.wowmodels.info...
326[*] DNS servers: a13s08.host.com.
327[*] TARGET server: nginx
328[*] CC: NL
329[*] Country: Netherlands
330[*] RegionCode: NH
331[*] RegionName: North Holland
332[*] City: Amsterdam
333[*] ASN: AS202425
334[*] BGP_PREFIX: 94.102.51.0/24
335[*] ISP: INT-NETWORK IP Volume inc, SC
336[INFO] DNS enumeration:
337[*] ftp.wowmodels.info 94.102.51.111
338[*] mail.wowmodels.info 94.102.51.111
339[INFO] Possible abuse mails are:
340[*] abuse@ipvolume.net
341[*] abuse@wowmodels.info
342[*] abuse@www.wowmodels.info
343[INFO] NO PAC (Proxy Auto Configuration) file FOUND
344[INFO] Starting FUZZing in http://www.wowmodels.info/FUzZzZzZzZz...
345[INFO] Status code Folders
346[ALERT] Look in the source code. It may contain passwords
347[INFO] Links found from http://www.wowmodels.info/ http://94.102.51.111/:
348[*] http://www.andypioneer.com/cgi-bin/accounts.cgi
349[*] http://www.andypioneer.com/cgi-bin/accounts.cgi?login
350[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=1000mo&url=http://1000models.net/
351[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=100nn&url=http://100nonude.net
352[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=alena&url=http://www.alenamodel.com
353[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=alesea&url=http%3a%2f%2fwww.aleseamodel.com
354[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=alesea&url=http://www.aleseamodel.com
355[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=artblo&url=http%3a%2f%2fart-models.info
356[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=artblo&url=http://art-models.info
357[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=artcool&url=http://coolarts.net/cgi-bin/in.cgi?id=51
358[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=bbbs&url=http%3a%2f%2fnnbbs.net
359[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=bbbs&url=http://nnbbs.net
360[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=bcma&url=http://www.bestcma.com/
361[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=candy&url=http%3a%2f%2fcandydoll-chan.com
362[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=candy&url=http://candydoll-chan.com
363[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=cmamag&url=http://www.cmamag.com
364[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=cmas&url=http://www.cma-starts.com/?ft=andypioneer.com
365[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=cmavid&url=http://www.cma-video.com/
366[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=cool&url=http://www.coolnymph.com/cgi-bin/rankem.cgi?id=andy
367[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=dolltop&url=http://www.nndoltop.com/cgi-bin/rankem.cgi?id=andy
368[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=dolmod&url=http%3a%2f%2fdolce-models.com
369[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=dolmod&url=http://dolce-models.com
370[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=dream&url=http%3a%2f%2fdream-models.net
371[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=dream&url=http://dream-models.net
372[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=drvid&url=http%3a%2f%2fdream-video.com%2f
373[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=drvid&url=http://dream-video.com/
374[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=eros&url=http://www.modland.info/eros/
375[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=fashi&url=http://models-fashion.net
376[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=finej&url=http%3a%2f%2fwww.fine-julia.com%2f
377[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=finej&url=http://www.fine-julia.com/
378[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=flash&url=http%3a%2f%2fflash-top.net%2fcgi-bin%2fin.cgi%3fid%3d57
379[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=flash&url=http://flash-top.net/cgi-bin/in.cgi?id=57
380[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=forum&url=http://forum-nn.com
381[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=gadinebe&url=http%3a%2f%2fwww.newnnmod.com%2f
382[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=gadinebe&url=http://www.newnnmod.com/
383[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=gagavuz&url=http%3a%2f%2fwww.newnnmod.com%2f
384[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=gagavuz&url=http://www.newnnmod.com/
385[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=gala&url=http://www.goodtalens.com/gala/
386[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=goodtale&url=http://www.goodtalens.com
387[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=hchat&url=http://hello-chat.com/cgi-bin/rank/in.cgi?id=6
388[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=heruqiru&url=http%3a%2f%2fsmallmodels.net%2fcgi-bin%2fin.cgi%3fid%3d104
389[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=heruqiru&url=http://smallmodels.net/cgi-bin/in.cgi?id=104
390[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=honeys&url=http://www.hongirls.com
391[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=img3d&url=http%3a%2f%2fwww.fineimages3d.com%2f
392[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=img3d&url=http://www.fineimages3d.com/
393[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=iraa&url=http://www.iramodel.com
394[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=katmod&url=http://www.katmod.com/
395[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=lina&url=http://www.linamodel.net/
396[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=littlem0&url=http%3a%2f%2fwww.newnnmod.com%2f
397[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=littlem0&url=http://www.newnnmod.com/
398[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=lsmodels&url=http%3a%2f%2fwww.goodtalens.com%2flsmodels%2f
399[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=lsmodels&url=http://www.goodtalens.com/lsmodels/
400[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=luisa&url=http%3a%2f%2fwww.luisamodel.com%2f
401[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=luisa&url=http://www.luisamodel.com/
402[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=masha&url=http://www.goodtalens.com/masha/
403[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=moblo&url=http%3a%2f%2fnnmodelblog.com%2f
404[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=moblo&url=http://nnmodelblog.com/
405[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=modart&url=http://ice-pie.com/cgi-bin/in.cgi?id=50
406[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=mode&url=http://www.models-top.com/cgi-bin/rankem.cgi?id=andy
407[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=modland&url=http%3a%2f%2fwww.modland.info
408[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=modland&url=http://www.modland.info
409[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=modlinks&url=http%3a%2f%2fwww.modlinka.com
410[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=modlinks&url=http://www.modlinka.com
411[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=mymod&url=http%3a%2f%2fmy-models.net%2f
412[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=mymod&url=http://my-models.net/
413[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nedphoto&url=http%3a%2f%2fteenmodels.club%2flanding%2f
414[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nedphoto&url=http://teenmodels.club/landing/
415[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=newadd&url=http%3a%2f%2fwww.goodtalens.com%2fnewadd%2f
416[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=newadd&url=http://www.goodtalens.com/newadd/
417[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=newcma&url=http://newyear.modlinka.com
418[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nnbook&url=http%3a%2f%2fnonubook.com
419[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nnbook&url=http://nonubook.com
420[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nnclub&url=http%3a%2f%2fnonuclub.com
421[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nnclub&url=http://nonuclub.com
422[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nndol&url=http://www.nndolmod.com
423[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nnmds&url=http://nonublog.com
424[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nnntop&url=http%3a%2f%2fnn-top.com%2fcgi-bin%2fin.cgi%3fid%3d81
425[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nnntop&url=http://nn-top.com/cgi-bin/in.cgi?id=81
426[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=noncha&url=http%3a%2f%2fnonu-chan.com
427[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=noncha&url=http://nonu-chan.com
428[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nonin&url=http%3a%2f%2fnonutop.com%2fcgi-bin%2fin.cgi%3fid%3d31
429[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nonin&url=http://nonutop.com/cgi-bin/in.cgi?id=31
430[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nonstop&url=http://www.nonstop-nn.net/cgi-bin/in.cgi?id=158
431[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nonudere&url=http%3a%2f%2fnonude.re
432[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nonudere&url=http://nonude.re
433[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nonufo&url=http://nonuforum.com/
434[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nonuwad3&url=http://nonude-top.xyz/cgi-bin/in.cgi?id=52
435[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nonuwad4&url=http://nonude-top.info/cgi-bin/in.cgi?id=17
436[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nostar&url=http%3a%2f%2fnonustars.com%2fcgi-bin%2fin.cgi%3fid%3d80
437[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nostar&url=http://nonustars.com/cgi-bin/in.cgi?id=80
438[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=olam&url=http://www.olamodel.com/
439[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=olesya&url=http://www.olesyamodel.com
440[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=olyam&url=http://www.olyamodel.com
441[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=onegirl&url=http%3a%2f%2fwww.honeymod.com%2f%3fft%3dandypioneer.com
442[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=onegirl&url=http://www.honeymod.com/?ft=andypioneer.com
443[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=picasa&url=http://nnville.net/
444[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=pisonahe&url=http%3a%2f%2fwww.newnnmod.com%2f
445[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=pisonahe&url=http://www.newnnmod.com/
446[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=play&url=http://www.playing-girl.com
447[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=prd4u&url=http%3a%2f%2fnn-magazine.com
448[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=prd4u&url=http://nn-magazine.com
449[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=pre10mix&url=http%3a%2f%2fpre10mix.com%2fsite%2ftop-list%2f%3fide%3d674
450[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=pre10mix&url=http://pre10mix.com/site/top-list/?ide=674
451[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=preteen2&url=http%3a%2f%2fwww.newnnmod.com%2f
452[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=preteen2&url=http://www.newnnmod.com/
453[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=qoqupave&url=http%3a%2f%2fwww.cinderella-dreams.org%2fcgi-bin%2fin.cgi%3fid%3d844
454[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=qoqupave&url=http://www.cinderella-dreams.org/cgi-bin/in.cgi?id=844
455[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=share&url=http%3a%2f%2fshare-chan.com
456[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=share&url=http://share-chan.com
457[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=sotatuna&url=http%3a%2f%2fnew.nnmodsets.com
458[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=sotatuna&url=http://new.nnmodsets.com
459[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=stars&url=http://www.goodtalens.com/stars/
460[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=star&url=http%3a%2f%2fcute-stars.net
461[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=star&url=http://cute-stars.net
462[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=summer&url=http://www.summmerdays.com/
463[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=svetam&url=http://www.svetamodel.com
464[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=sveta&url=http://www.svetamodel.net/cgi-bin/top/rankem.cgi?id=andy
465[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=svetlana&url=http://www.svetlanamodel.com/
466[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=sweet&url=http://top.modlinka.com/cgi-bin/rankem.cgi?id=andy
467[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=talents&url=http://www.talyoungart.com
468[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=tart&url=http://www.goodtalens.com/talent/
469[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=teenbl&url=http%3a%2f%2fteensblog.net%2f
470[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=teenbl&url=http://teensblog.net/
471[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=teen&url=http://www.fteenimg.com/?ft=andypioneer.com
472[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=they18&url=http%3a%2f%2fnew.nnmodsets.com
473[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=they18&url=http://new.nnmodsets.com
474[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=thind&url=http://modlinka.com/thind/
475[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=tiana&url=http%3a%2f%2fwww.tianamodel.com%2f
476[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=tiana&url=http://www.tianamodel.com/
477[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=ultra&url=http://www.honey-ultra.com/
478[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=vasia&url=http%3a%2f%2fwww.vasilisamodel.com%2f
479[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=vasia&url=http://www.vasilisamodel.com/
480[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=vinka&url=http://www.vinkamodel.com/
481[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=wonder&url=http://www.wonteens.com/?ft=andypioneer.com
482[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=wowmod&url=http://www.wownm.com/?ft=andypioneer.com
483[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=yood&url=http%3a%2f%2fyour-model.com
484[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=yood&url=http://your-model.com
485[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=young&url=http://www.young-models.info/cgi-bin/rankem.cgi?id=andy
486[*] http://www.bestcma.com/
487[*] http://www.goodtalens.com/diapers/
488[*] http://www.goodtalens.com/kitty/
489[*] http://www.goodtalens.com/lsmodels/
490[*] http://www.goodtalens.com/secret/
491[*] http://www.goodtalens.com/usenet/
492[*] http://www.honey-ultra.com/
493[*] http://www.newnnmod.com/
494[*] http://www.nndoltop.com/models/
495[*] http://www.nnmodsets.com/
496[*] http://www.talyoungart.com/
497cut: intervalle de champ incorrecte
498Saisissez « cut --help » pour plus d'informations.
499[INFO] Shodan detected the following opened ports on 94.102.51.111:
500[*] 1
501[*] 110
502[*] 143
503[*] 22
504[*] 25
505[*] 4
506[*] 465
507[*] 53
508[*] 80
509[*] 993
510[*] 995
511[INFO] ------VirusTotal SECTION------
512[INFO] VirusTotal passive DNS only stores address records. The following domains resolved to the given IP address:
513[INFO] Latest URLs hosted in this IP address detected by at least one URL scanner or malicious URL dataset:
514[INFO] Latest files that are not detected by any antivirus solution and were downloaded by VirusTotal from the IP address provided:
515[INFO] ------Alexa Rank SECTION------
516[INFO] Percent of Visitors Rank in Country:
517[INFO] Percent of Search Traffic:
518[INFO] Percent of Unique Visits:
519[INFO] Total Sites Linking In:
520[*] Total Sites
521[INFO] Useful links related to www.wowmodels.info - 94.102.51.111:
522[*] https://www.virustotal.com/pt/ip-address/94.102.51.111/information/
523[*] https://www.hybrid-analysis.com/search?host=94.102.51.111
524[*] https://www.shodan.io/host/94.102.51.111
525[*] https://www.senderbase.org/lookup/?search_string=94.102.51.111
526[*] https://www.alienvault.com/open-threat-exchange/ip/94.102.51.111
527[*] http://pastebin.com/search?q=94.102.51.111
528[*] http://urlquery.net/search.php?q=94.102.51.111
529[*] http://www.alexa.com/siteinfo/www.wowmodels.info
530[*] http://www.google.com/safebrowsing/diagnostic?site=www.wowmodels.info
531[*] https://censys.io/ipv4/94.102.51.111
532[*] https://www.abuseipdb.com/check/94.102.51.111
533[*] https://urlscan.io/search/#94.102.51.111
534[*] https://github.com/search?q=94.102.51.111&type=Code
535[INFO] Useful links related to AS202425 - 94.102.51.0/24:
536[*] http://www.google.com/safebrowsing/diagnostic?site=AS:202425
537[*] https://www.senderbase.org/lookup/?search_string=94.102.51.0/24
538[*] http://bgp.he.net/AS202425
539[*] https://stat.ripe.net/AS202425
540[INFO] Date: 18/03/20 | Time: 22:24:41
541[INFO] Total time: 1 minute(s) and 25 second(s)
542#################################################################################################################################
543Trying "wowmodels.info"
544;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12455
545;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 2
546
547;; QUESTION SECTION:
548;wowmodels.info. IN ANY
549
550;; ANSWER SECTION:
551wowmodels.info. 3600 IN A 94.102.51.111
552wowmodels.info. 3600 IN MX 10 mail.wowmodels.info.
553wowmodels.info. 3600 IN MX 20 mail.wowmodels.info.
554wowmodels.info. 3600 IN TXT "v=spf1 ip4:94.102.51.33 a mx ~all"
555wowmodels.info. 3600 IN SOA a13s08.host.com. root.example.com. 2018030600 3600 3600 604800 86400
556wowmodels.info. 3600 IN NS ns1.monchekin.com.
557wowmodels.info. 3600 IN NS ns2.monchekin.com.
558
559;; ADDITIONAL SECTION:
560ns1.monchekin.com. 29195 IN A 94.102.51.111
561ns2.monchekin.com. 29195 IN A 94.102.51.112
562
563Received 273 bytes from 2001:18c0:121:6900:724f:b8ff:fefd:5b6a#53 in 131 ms
564#################################################################################################################################
565
566; <<>> DiG 9.11.16-2-Debian <<>> +trace wowmodels.info any
567;; global options: +cmd
568. 70444 IN NS a.root-servers.net.
569. 70444 IN NS b.root-servers.net.
570. 70444 IN NS c.root-servers.net.
571. 70444 IN NS d.root-servers.net.
572. 70444 IN NS e.root-servers.net.
573. 70444 IN NS f.root-servers.net.
574. 70444 IN NS g.root-servers.net.
575. 70444 IN NS h.root-servers.net.
576. 70444 IN NS i.root-servers.net.
577. 70444 IN NS j.root-servers.net.
578. 70444 IN NS k.root-servers.net.
579. 70444 IN NS l.root-servers.net.
580. 70444 IN NS m.root-servers.net.
581. 70444 IN RRSIG NS 8 0 518400 20200331170000 20200318160000 33853 . qgasYmvTaMw/ft2FJz7Ze3a8EYdfzDR3E/n9ffoT8zkgJZhW74Yf1Tdn yt7zJUoZjZSL0px3bOccsey7rwAAt7PG3PKsG50hINxFU/G65DdLn5Fe 0E3wqLh7J2oix+own3AHEUyntF3nuL/surpqvvZpLoS+DU4enbMfJlZf KSu2/73I+n6tx57gGWnekkFlgq7JVBS6MDry5UsFR4C3GwBInUqcFiQQ ATVi6s9+xcWmTWhUOLtZa9JyStBDWanch24001hD51VLFix7DOnA1+oG 9IcdQjqO4WTbzk2TgfRGNvax6IPeVWwLOTaDfpH/1UjfqI6OVNldnXSE xBsI6g==
582;; Received 525 bytes from 10.101.0.243#53(10.101.0.243) in 386 ms
583
584info. 172800 IN NS b2.info.afilias-nst.org.
585info. 172800 IN NS c0.info.afilias-nst.info.
586info. 172800 IN NS b0.info.afilias-nst.org.
587info. 172800 IN NS a0.info.afilias-nst.info.
588info. 172800 IN NS a2.info.afilias-nst.info.
589info. 172800 IN NS d0.info.afilias-nst.org.
590info. 86400 IN DS 8674 7 2 EC9B6082B96B5F87143696F2B483ACC9B2C433DCE0C94E70F1FF5648 CA18008B
591info. 86400 IN DS 8674 7 1 197789A2CBABA6FECD0B5AC88C5BC414CE1FC309
592info. 86400 IN RRSIG DS 8 1 86400 20200331170000 20200318160000 33853 . nRsBm0DT2484WAg+6uf3Qjr/WkzuLWBvt0A88FkDBNyt7Y3FgbqOWHPP 9Cn0BQ6rSeT3efE2wY3aE7odBlD3Yt+GGw+95zkIpy8r3OpZMDhGL4p0 aB9oXCm2LqE51GWMjBJTy7t4Ivmu+qGkhEmpJyDuvXiFzKSc8oVPg0JZ WUQQqM1FSzt287xrHfQXksyHtoZYmNuTGX/2hvVOyl7HjatVkxGn3y2Z bO4N4k9IYcqQ+bodgZP/Z+WnTjDjVi031Jmvqfxe6asukJo7RGDGfVjV /xXyu6XWbEIfl8G77RprJ/QbEvGymzdgjE7M+PkAm5e56sGVi8mgE6Mp o8yeSw==
593;; Received 817 bytes from 2001:7fe::53#53(i.root-servers.net) in 44 ms
594
595wowmodels.info. 86400 IN NS ns1.monchekin.com.
596wowmodels.info. 86400 IN NS ns2.monchekin.com.
597adnsd9nk7nk82he8h21rj0jjhj11o5gb.info. 3600 IN NSEC3 1 1 1 D399EAAB ADNVG6B2JJN9MIEU7DJB24BL7RG5MDPI NS SOA RRSIG DNSKEY NSEC3PARAM
598adnsd9nk7nk82he8h21rj0jjhj11o5gb.info. 3600 IN RRSIG NSEC3 7 2 3600 20200409023007 20200319013007 43982 info. VtFRQxOjNaHGr9WbVfa7EsBpBN2AWDgBYo6EA0YMJtVapfWV32vvt54u Rp8M1DqTsVUGruxP5Zu8vnTkxtoiafL5H7+kP4+cChQmjQGH8YtKtDpN 7JO1k+PrC1OqOnGY5NbKbFFvCvucNWKDTDQjU+jI1O6PCv/U/lID2Fu6 SdY=
5990a79u8ddoakrrc0itt18v06vpbo58g3f.info. 3600 IN NSEC3 1 1 1 D399EAAB 0A7E8F4PRK220RU3II3I6V7DU0496C1O NS DS RRSIG
6000a79u8ddoakrrc0itt18v06vpbo58g3f.info. 3600 IN RRSIG NSEC3 7 2 3600 20200407152144 20200317142144 43982 info. CVyxRrgVT/FZPyBFZhPLgAff91YEXUPGTBgLxh2ee2pwfXT3oFZEPYgE AKkdXYTVMGhS+AWUEHvTp+q4kAX8kmsfoM++eFipeq+8L0mUAeocOZ3T N133TMJ/f0HRfFnfcAWQqfAQ3sL3cK2CVRiDa2obiQFLvE0lbz1o2Ezc BeQ=
601;; Received 587 bytes from 199.254.31.1#53(a0.info.afilias-nst.info) in 342 ms
602
603wowmodels.info. 3600 IN SOA a13s08.host.com. root.example.com. 2018030600 3600 3600 604800 86400
604wowmodels.info. 3600 IN NS ns2.monchekin.com.
605wowmodels.info. 3600 IN NS ns1.monchekin.com.
606wowmodels.info. 3600 IN TXT "v=spf1 ip4:94.102.51.33 a mx ~all"
607wowmodels.info. 3600 IN MX 10 mail.wowmodels.info.
608wowmodels.info. 3600 IN MX 20 mail.wowmodels.info.
609wowmodels.info. 3600 IN A 94.102.51.111
610;; Received 300 bytes from 94.102.51.112#53(ns2.monchekin.com) in 342 ms
611
612#################################################################################################################################
613route to www.wowmodels.info (94.102.51.111), 30 hops max, 60 byte packets
614 1 _gateway (10.202.1.1) 242.105 ms 242.108 ms 242.100 ms
615 2 unn-89-187-165-62.cdn77.com (89.187.165.62) 242.093 ms 242.085 ms 242.074 ms
616 3 vl1337.fra-itx2-core-1.cdn77.com (185.229.188.4) 242.056 ms 242.042 ms 242.033 ms
617 4 he-net.peering.cz (91.213.211.118) 242.060 ms 242.049 ms 341.032 ms
618 5 100ge16-1.core1.fra1.he.net (184.105.213.233) 241.938 ms 241.928 ms 241.917 ms
619 6 100ge11-1.core1.fra2.he.net (72.52.92.86) 340.947 ms 361.773 ms 100ge6-1.core1.ams1.he.net (72.52.92.5) 361.724 ms
620 7 * 100ge0-54.core1.ams2.he.net (184.104.192.130) 361.713 ms 361.691 ms
621 8 94.102.51.111 (94.102.51.111) 361.641 ms 361.580 ms 361.558 ms
622#################################################################################################################################
623omains still to check: 1
624 Checking if the hostname wowmodels.info. given is in fact a domain...
625
626Analyzing domain: wowmodels.info.
627 Checking NameServers using system default resolver...
628 IP: 94.102.51.111 (Netherlands)
629 HostName: ns1.monchekin.com Type: NS
630 IP: 94.102.51.112 (Netherlands)
631 HostName: ns2.monchekin.com Type: NS
632 HostName: no-reverse-dns-configured.com Type: PTR
633
634 Checking MailServers using system default resolver...
635 IP: 94.102.51.111 (Netherlands)
636 HostName: ns1.monchekin.com Type: NS
637 HostName: mail.wowmodels.info Type: MX
638 IP: 94.102.51.111 (Netherlands)
639 HostName: ns1.monchekin.com Type: NS
640 HostName: mail.wowmodels.info Type: MX
641 HostName: mail.wowmodels.info Type: MX
642
643 Checking the zone transfer for each NS... (if this takes more than 10 seconds, just hit CTRL-C and it will continue. Bug in the libs)
644 No zone transfer found on nameserver 94.102.51.112
645 No zone transfer found on nameserver 94.102.51.111
646
647 Checking SPF record...
648 New IP found: 94.102.51.33
649
650 Checking 192 most common hostnames using system default resolver...
651 IP: 94.102.51.111 (Netherlands)
652 HostName: ns1.monchekin.com Type: NS
653 HostName: mail.wowmodels.info Type: MX
654 HostName: mail.wowmodels.info Type: MX
655 HostName: www.wowmodels.info. Type: A
656 IP: 94.102.51.111 (Netherlands)
657 HostName: ns1.monchekin.com Type: NS
658 HostName: mail.wowmodels.info Type: MX
659 HostName: mail.wowmodels.info Type: MX
660 HostName: www.wowmodels.info. Type: A
661 HostName: ftp.wowmodels.info. Type: A
662 IP: 94.102.51.111 (Netherlands)
663 HostName: ns1.monchekin.com Type: NS
664 HostName: mail.wowmodels.info Type: MX
665 HostName: mail.wowmodels.info Type: MX
666 HostName: www.wowmodels.info. Type: A
667 HostName: ftp.wowmodels.info. Type: A
668 HostName: mail.wowmodels.info. Type: A
669 IP: 94.102.51.111 (Netherlands)
670 HostName: ns1.monchekin.com Type: NS
671 HostName: mail.wowmodels.info Type: MX
672 HostName: mail.wowmodels.info Type: MX
673 HostName: www.wowmodels.info. Type: A
674 HostName: ftp.wowmodels.info. Type: A
675 HostName: mail.wowmodels.info. Type: A
676 HostName: smtp.wowmodels.info. Type: A
677 IP: 94.102.51.111 (Netherlands)
678 HostName: ns1.monchekin.com Type: NS
679 HostName: mail.wowmodels.info Type: MX
680 HostName: mail.wowmodels.info Type: MX
681 HostName: www.wowmodels.info. Type: A
682 HostName: ftp.wowmodels.info. Type: A
683 HostName: mail.wowmodels.info. Type: A
684 HostName: smtp.wowmodels.info. Type: A
685 HostName: pop.wowmodels.info. Type: A
686
687 Checking with nmap the reverse DNS hostnames of every <ip>/24 netblock using system default resolver...
688 Checking netblock 94.102.51.0
689
690 Searching for wowmodels.info. emails in Google
691
692 Checking 3 active hosts using nmap... (nmap -sn -n -v -PP -PM -PS80,25 -PA -PY -PU53,40125 -PE --reason <ip> -oA <output_directory>/nmap/<ip>.sn)
693 Host 94.102.51.33 is up (echo-reply ttl 58)
694 Host 94.102.51.112 is up (echo-reply ttl 58)
695 Host 94.102.51.111 is up (syn-ack ttl 58)
696
697 Checking ports on every active host using nmap... (nmap -O --reason --webxml --traceroute -sS -sV -sC -Pn -n -v -F <ip> -oA <output_directory>/nmap/<ip>)
698 Scanning ip 94.102.51.33 ():
699 22/tcp open ssh syn-ack ttl 58 OpenSSH 7.4 (protocol 2.0)
700 | ssh-hostkey:
701 | 2048 27:10:8b:2d:55:3f:93:10:9f:ba:60:48:15:2f:0d:a4 (RSA)
702 | 256 0d:61:df:64:d8:cf:76:01:c2:57:79:de:ef:12:b2:8a (ECDSA)
703 |_ 256 e8:da:20:c5:36:c1:5b:ec:a6:43:e9:8b:76:a9:43:96 (ED25519)
704 25/tcp open smtp syn-ack ttl 58 Exim smtpd 4.89
705 | smtp-commands: a13s08.host.com Hello nmap.scanme.org [89.187.165.60], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN CRAM-MD5, CHUNKING, STARTTLS, HELP,
706 |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
707 | ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
708 | Issuer: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
709 | Public Key type: rsa
710 | Public Key bits: 1024
711 | Signature Algorithm: sha256WithRSAEncryption
712 | Not valid before: 2018-03-05T07:49:40
713 | Not valid after: 2028-03-02T07:49:40
714 | MD5: 5725 8193 eba3 6655 85e8 03ba ac88 3a0d
715 |_SHA-1: b25e d398 61f7 f64d 48ec a833 2fc2 ec3d 818c 497b
716 |_ssl-date: TLS randomness does not represent time
717 53/tcp open domain syn-ack ttl 58 ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
718 | dns-nsid:
719 |_ bind.version: 9.9.4-RedHat-9.9.4-51.el7_4.2
720 80/tcp open http syn-ack ttl 58 nginx
721 |_http-favicon: Unknown favicon MD5: 1DD7E26D04237FA651903A0917D57955
722 |_http-generator: Microsoft FrontPage 5.0
723 | http-methods:
724 | Supported Methods: POST OPTIONS GET HEAD TRACE
725 |_ Potentially risky methods: TRACE
726 |_http-title: Andy Pioneer Top Sites
727 110/tcp open pop3 syn-ack ttl 58 Dovecot pop3d
728 |_pop3-capabilities: STLS PIPELINING SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) RESP-CODES UIDL CAPA USER AUTH-RESP-CODE TOP
729 |_ssl-date: TLS randomness does not represent time
730 143/tcp open imap syn-ack ttl 58 Dovecot imapd
731 |_imap-capabilities: AUTH=PLAIN IDLE ENABLE post-login OK AUTH=DIGEST-MD5 ID AUTH=LOGIN listed more Pre-login SASL-IR IMAP4rev1 AUTH=CRAM-MD5A0001 capabilities LOGIN-REFERRALS STARTTLS have LITERAL+
732 |_ssl-date: TLS randomness does not represent time
733 465/tcp open ssl/smtp syn-ack ttl 58 Exim smtpd 4.89
734 |_smtp-commands: SMTP EHLO nmap.scanme.org: failed to receive data: failed to receive data
735 | ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
736 | Issuer: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
737 | Public Key type: rsa
738 | Public Key bits: 1024
739 | Signature Algorithm: sha256WithRSAEncryption
740 | Not valid before: 2018-03-05T07:49:40
741 | Not valid after: 2028-03-02T07:49:40
742 | MD5: 5725 8193 eba3 6655 85e8 03ba ac88 3a0d
743 |_SHA-1: b25e d398 61f7 f64d 48ec a833 2fc2 ec3d 818c 497b
744 |_ssl-date: TLS randomness does not represent time
745 993/tcp open ssl/imaps? syn-ack ttl 58
746 |_ssl-date: TLS randomness does not represent time
747 995/tcp open ssl/pop3s? syn-ack ttl 58
748 |_ssl-date: TLS randomness does not represent time
749 OS Info: Service Info: Host: a13s08.host.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
750 Scanning ip 94.102.51.112 (no-reverse-dns-configured.com (PTR)):
751 22/tcp open ssh syn-ack ttl 58 OpenSSH 7.4 (protocol 2.0)
752 | ssh-hostkey:
753 | 2048 27:10:8b:2d:55:3f:93:10:9f:ba:60:48:15:2f:0d:a4 (RSA)
754 | 256 0d:61:df:64:d8:cf:76:01:c2:57:79:de:ef:12:b2:8a (ECDSA)
755 |_ 256 e8:da:20:c5:36:c1:5b:ec:a6:43:e9:8b:76:a9:43:96 (ED25519)
756 25/tcp open smtp syn-ack ttl 58 Exim smtpd 4.89
757 | smtp-commands: a13s08.host.com Hello nmap.scanme.org [89.187.165.60], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN CRAM-MD5, CHUNKING, STARTTLS, HELP,
758 |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
759 | ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
760 | Issuer: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
761 | Public Key type: rsa
762 | Public Key bits: 1024
763 | Signature Algorithm: sha256WithRSAEncryption
764 | Not valid before: 2018-03-05T07:49:40
765 | Not valid after: 2028-03-02T07:49:40
766 | MD5: 5725 8193 eba3 6655 85e8 03ba ac88 3a0d
767 |_SHA-1: b25e d398 61f7 f64d 48ec a833 2fc2 ec3d 818c 497b
768 |_ssl-date: TLS randomness does not represent time
769 53/tcp open domain syn-ack ttl 58 ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
770 | dns-nsid:
771 |_ bind.version: 9.9.4-RedHat-9.9.4-51.el7_4.2
772 80/tcp open http syn-ack ttl 58 nginx
773 |_http-favicon: Unknown favicon MD5: 1DD7E26D04237FA651903A0917D57955
774 |_http-generator: Microsoft FrontPage 5.0
775 | http-methods:
776 | Supported Methods: POST OPTIONS GET HEAD TRACE
777 |_ Potentially risky methods: TRACE
778 |_http-title: Andy Pioneer Top Sites
779 110/tcp open pop3 syn-ack ttl 58 Dovecot pop3d
780 |_pop3-capabilities: TOP PIPELINING RESP-CODES CAPA SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) AUTH-RESP-CODE USER STLS UIDL
781 |_ssl-date: TLS randomness does not represent time
782 143/tcp open imap syn-ack ttl 58 Dovecot imapd
783 |_imap-capabilities: have SASL-IR Pre-login ENABLE AUTH=CRAM-MD5A0001 IMAP4rev1 more post-login ID LOGIN-REFERRALS AUTH=DIGEST-MD5 IDLE STARTTLS AUTH=LOGIN OK listed AUTH=PLAIN capabilities LITERAL+
784 |_ssl-date: TLS randomness does not represent time
785 465/tcp open ssl/smtp syn-ack ttl 58 Exim smtpd 4.89
786 |_smtp-commands: Couldn't establish connection on port 465
787 | ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
788 | Issuer: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
789 | Public Key type: rsa
790 | Public Key bits: 1024
791 | Signature Algorithm: sha256WithRSAEncryption
792 | Not valid before: 2018-03-05T07:49:40
793 | Not valid after: 2028-03-02T07:49:40
794 | MD5: 5725 8193 eba3 6655 85e8 03ba ac88 3a0d
795 |_SHA-1: b25e d398 61f7 f64d 48ec a833 2fc2 ec3d 818c 497b
796 |_ssl-date: TLS randomness does not represent time
797 993/tcp open ssl/imaps? syn-ack ttl 58
798 |_ssl-date: TLS randomness does not represent time
799 995/tcp open ssl/pop3s? syn-ack ttl 58
800 |_ssl-date: TLS randomness does not represent time
801 OS Info: Service Info: Host: a13s08.host.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
802 Scanning ip 94.102.51.111 (pop.wowmodels.info.):
803 22/tcp open ssh? syn-ack ttl 58
804 |_ssh-hostkey: ERROR: Script execution failed (use -d to debug)
805 25/tcp open smtp syn-ack ttl 58 Exim smtpd
806 | smtp-commands: a13s08.host.com Hello nmap.scanme.org [89.187.165.60], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN CRAM-MD5, CHUNKING, STARTTLS, HELP,
807 |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
808 | ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
809 | Issuer: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
810 | Public Key type: rsa
811 | Public Key bits: 1024
812 | Signature Algorithm: sha256WithRSAEncryption
813 | Not valid before: 2018-03-05T07:49:40
814 | Not valid after: 2028-03-02T07:49:40
815 | MD5: 5725 8193 eba3 6655 85e8 03ba ac88 3a0d
816 |_SHA-1: b25e d398 61f7 f64d 48ec a833 2fc2 ec3d 818c 497b
817 |_ssl-date: TLS randomness does not represent time
818 53/tcp open domain syn-ack ttl 58 ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
819 | dns-nsid:
820 |_ bind.version: 9.9.4-RedHat-9.9.4-51.el7_4.2
821 80/tcp open http syn-ack ttl 58 nginx
822 |_http-favicon: Unknown favicon MD5: 1DD7E26D04237FA651903A0917D57955
823 |_http-generator: Microsoft FrontPage 5.0
824 | http-methods:
825 | Supported Methods: POST OPTIONS GET HEAD TRACE
826 |_ Potentially risky methods: TRACE
827 |_http-title: Andy Pioneer Top Sites
828 110/tcp open pop3 syn-ack ttl 58 Dovecot pop3d
829 |_pop3-capabilities: PIPELINING UIDL USER TOP SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) CAPA STLS AUTH-RESP-CODE RESP-CODES
830 |_ssl-date: TLS randomness does not represent time
831 143/tcp open imap syn-ack ttl 58 Dovecot imapd
832 |_imap-capabilities: ENABLE LOGIN-REFERRALS LITERAL+ STARTTLS OK AUTH=DIGEST-MD5 have IDLE more post-login listed capabilities IMAP4rev1 AUTH=PLAIN ID AUTH=CRAM-MD5A0001 AUTH=LOGIN Pre-login SASL-IR
833 |_ssl-date: TLS randomness does not represent time
834 465/tcp open ssl/smtp syn-ack ttl 58 Exim smtpd 4.89
835 |_smtp-commands: Couldn't establish connection on port 465
836 | ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
837 | Issuer: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
838 | Public Key type: rsa
839 | Public Key bits: 1024
840 | Signature Algorithm: sha256WithRSAEncryption
841 | Not valid before: 2018-03-05T07:49:40
842 | Not valid after: 2028-03-02T07:49:40
843 | MD5: 5725 8193 eba3 6655 85e8 03ba ac88 3a0d
844 |_SHA-1: b25e d398 61f7 f64d 48ec a833 2fc2 ec3d 818c 497b
845 |_ssl-date: TLS randomness does not represent time
846 993/tcp open ssl/imaps? syn-ack ttl 58
847 |_ssl-date: TLS randomness does not represent time
848 995/tcp open ssl/pop3s? syn-ack ttl 58
849 |_ssl-date: TLS randomness does not represent time
850 OS Info: Service Info: Host: a13s08.host.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
851 WebCrawling domain's web servers... up to 50 max links.
852
853 + URL to crawl: http://ns2.monchekin.com
854 + Date: 2020-03-18
855
856 + Crawling URL: http://ns2.monchekin.com:
857 + Links:
858 + Crawling http://ns2.monchekin.com
859 + Searching for directories...
860 + Searching open folders...
861
862
863 + URL to crawl: http://pop.wowmodels.info.
864 + Date: 2020-03-18
865
866 + Crawling URL: http://pop.wowmodels.info.:
867 + Links:
868 + Crawling http://pop.wowmodels.info.
869 + Searching for directories...
870 + Searching open folders...
871
872
873 + URL to crawl: http://mail.wowmodels.info
874 + Date: 2020-03-18
875
876 + Crawling URL: http://mail.wowmodels.info:
877 + Links:
878 + Crawling http://mail.wowmodels.info
879 + Searching for directories...
880 + Searching open folders...
881
882
883 + URL to crawl: http://ns1.monchekin.com
884 + Date: 2020-03-18
885
886 + Crawling URL: http://ns1.monchekin.com:
887 + Links:
888 + Crawling http://ns1.monchekin.com
889 + Searching for directories...
890 + Searching open folders...
891
892
893 + URL to crawl: http://smtp.wowmodels.info.
894 + Date: 2020-03-18
895
896 + Crawling URL: http://smtp.wowmodels.info.:
897 + Links:
898 + Crawling http://smtp.wowmodels.info.
899 + Searching for directories...
900 + Searching open folders...
901
902
903 + URL to crawl: http://mail.wowmodels.info.
904 + Date: 2020-03-18
905
906 + Crawling URL: http://mail.wowmodels.info.:
907 + Links:
908 + Crawling http://mail.wowmodels.info.
909 + Searching for directories...
910 + Searching open folders...
911
912
913 + URL to crawl: http://www.wowmodels.info.
914 + Date: 2020-03-18
915
916 + Crawling URL: http://www.wowmodels.info.:
917 + Links:
918 + Crawling http://www.wowmodels.info. (403 Forbidden)
919 + Searching for directories...
920 + Searching open folders...
921
922
923 + URL to crawl: http://ftp.wowmodels.info.
924 + Date: 2020-03-18
925
926 + Crawling URL: http://ftp.wowmodels.info.:
927 + Links:
928 + Crawling http://ftp.wowmodels.info.
929 + Searching for directories...
930 + Searching open folders...
931
932--Finished--
933Summary information for domain wowmodels.info.
934-----------------------------------------
935
936 Domain Ips Information:
937 IP: 94.102.51.33
938 Type: SPF
939 Is Active: True (echo-reply ttl 58)
940 Port: 22/tcp open ssh syn-ack ttl 58 OpenSSH 7.4 (protocol 2.0)
941 Script Info: | ssh-hostkey:
942 Script Info: | 2048 27:10:8b:2d:55:3f:93:10:9f:ba:60:48:15:2f:0d:a4 (RSA)
943 Script Info: | 256 0d:61:df:64:d8:cf:76:01:c2:57:79:de:ef:12:b2:8a (ECDSA)
944 Script Info: |_ 256 e8:da:20:c5:36:c1:5b:ec:a6:43:e9:8b:76:a9:43:96 (ED25519)
945 Port: 25/tcp open smtp syn-ack ttl 58 Exim smtpd 4.89
946 Script Info: | smtp-commands: a13s08.host.com Hello nmap.scanme.org [89.187.165.60], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN CRAM-MD5, CHUNKING, STARTTLS, HELP,
947 Script Info: |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
948 Script Info: | ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
949 Script Info: | Issuer: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
950 Script Info: | Public Key type: rsa
951 Script Info: | Public Key bits: 1024
952 Script Info: | Signature Algorithm: sha256WithRSAEncryption
953 Script Info: | Not valid before: 2018-03-05T07:49:40
954 Script Info: | Not valid after: 2028-03-02T07:49:40
955 Script Info: | MD5: 5725 8193 eba3 6655 85e8 03ba ac88 3a0d
956 Script Info: |_SHA-1: b25e d398 61f7 f64d 48ec a833 2fc2 ec3d 818c 497b
957 Script Info: |_ssl-date: TLS randomness does not represent time
958 Port: 53/tcp open domain syn-ack ttl 58 ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
959 Script Info: | dns-nsid:
960 Script Info: |_ bind.version: 9.9.4-RedHat-9.9.4-51.el7_4.2
961 Port: 80/tcp open http syn-ack ttl 58 nginx
962 Script Info: |_http-favicon: Unknown favicon MD5: 1DD7E26D04237FA651903A0917D57955
963 Script Info: |_http-generator: Microsoft FrontPage 5.0
964 Script Info: | http-methods:
965 Script Info: | Supported Methods: POST OPTIONS GET HEAD TRACE
966 Script Info: |_ Potentially risky methods: TRACE
967 Script Info: |_http-title: Andy Pioneer Top Sites
968 Port: 110/tcp open pop3 syn-ack ttl 58 Dovecot pop3d
969 Script Info: |_pop3-capabilities: STLS PIPELINING SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) RESP-CODES UIDL CAPA USER AUTH-RESP-CODE TOP
970 Script Info: |_ssl-date: TLS randomness does not represent time
971 Port: 143/tcp open imap syn-ack ttl 58 Dovecot imapd
972 Script Info: |_imap-capabilities: AUTH=PLAIN IDLE ENABLE post-login OK AUTH=DIGEST-MD5 ID AUTH=LOGIN listed more Pre-login SASL-IR IMAP4rev1 AUTH=CRAM-MD5A0001 capabilities LOGIN-REFERRALS STARTTLS have LITERAL+
973 Script Info: |_ssl-date: TLS randomness does not represent time
974 Port: 465/tcp open ssl/smtp syn-ack ttl 58 Exim smtpd 4.89
975 Script Info: |_smtp-commands: SMTP EHLO nmap.scanme.org: failed to receive data: failed to receive data
976 Script Info: | ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
977 Script Info: | Issuer: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
978 Script Info: | Public Key type: rsa
979 Script Info: | Public Key bits: 1024
980 Script Info: | Signature Algorithm: sha256WithRSAEncryption
981 Script Info: | Not valid before: 2018-03-05T07:49:40
982 Script Info: | Not valid after: 2028-03-02T07:49:40
983 Script Info: | MD5: 5725 8193 eba3 6655 85e8 03ba ac88 3a0d
984 Script Info: |_SHA-1: b25e d398 61f7 f64d 48ec a833 2fc2 ec3d 818c 497b
985 Script Info: |_ssl-date: TLS randomness does not represent time
986 Port: 993/tcp open ssl/imaps? syn-ack ttl 58
987 Script Info: |_ssl-date: TLS randomness does not represent time
988 Port: 995/tcp open ssl/pop3s? syn-ack ttl 58
989 Script Info: |_ssl-date: TLS randomness does not represent time
990 Os Info: Host: a13s08.host.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
991 IP: 94.102.51.112
992 HostName: ns2.monchekin.com Type: NS
993 HostName: no-reverse-dns-configured.com Type: PTR
994 Country: Netherlands
995 Is Active: True (echo-reply ttl 58)
996 Port: 22/tcp open ssh syn-ack ttl 58 OpenSSH 7.4 (protocol 2.0)
997 Script Info: | ssh-hostkey:
998 Script Info: | 2048 27:10:8b:2d:55:3f:93:10:9f:ba:60:48:15:2f:0d:a4 (RSA)
999 Script Info: | 256 0d:61:df:64:d8:cf:76:01:c2:57:79:de:ef:12:b2:8a (ECDSA)
1000 Script Info: |_ 256 e8:da:20:c5:36:c1:5b:ec:a6:43:e9:8b:76:a9:43:96 (ED25519)
1001 Port: 25/tcp open smtp syn-ack ttl 58 Exim smtpd 4.89
1002 Script Info: | smtp-commands: a13s08.host.com Hello nmap.scanme.org [89.187.165.60], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN CRAM-MD5, CHUNKING, STARTTLS, HELP,
1003 Script Info: |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
1004 Script Info: | ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
1005 Script Info: | Issuer: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
1006 Script Info: | Public Key type: rsa
1007 Script Info: | Public Key bits: 1024
1008 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1009 Script Info: | Not valid before: 2018-03-05T07:49:40
1010 Script Info: | Not valid after: 2028-03-02T07:49:40
1011 Script Info: | MD5: 5725 8193 eba3 6655 85e8 03ba ac88 3a0d
1012 Script Info: |_SHA-1: b25e d398 61f7 f64d 48ec a833 2fc2 ec3d 818c 497b
1013 Script Info: |_ssl-date: TLS randomness does not represent time
1014 Port: 53/tcp open domain syn-ack ttl 58 ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
1015 Script Info: | dns-nsid:
1016 Script Info: |_ bind.version: 9.9.4-RedHat-9.9.4-51.el7_4.2
1017 Port: 80/tcp open http syn-ack ttl 58 nginx
1018 Script Info: |_http-favicon: Unknown favicon MD5: 1DD7E26D04237FA651903A0917D57955
1019 Script Info: |_http-generator: Microsoft FrontPage 5.0
1020 Script Info: | http-methods:
1021 Script Info: | Supported Methods: POST OPTIONS GET HEAD TRACE
1022 Script Info: |_ Potentially risky methods: TRACE
1023 Script Info: |_http-title: Andy Pioneer Top Sites
1024 Port: 110/tcp open pop3 syn-ack ttl 58 Dovecot pop3d
1025 Script Info: |_pop3-capabilities: TOP PIPELINING RESP-CODES CAPA SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) AUTH-RESP-CODE USER STLS UIDL
1026 Script Info: |_ssl-date: TLS randomness does not represent time
1027 Port: 143/tcp open imap syn-ack ttl 58 Dovecot imapd
1028 Script Info: |_imap-capabilities: have SASL-IR Pre-login ENABLE AUTH=CRAM-MD5A0001 IMAP4rev1 more post-login ID LOGIN-REFERRALS AUTH=DIGEST-MD5 IDLE STARTTLS AUTH=LOGIN OK listed AUTH=PLAIN capabilities LITERAL+
1029 Script Info: |_ssl-date: TLS randomness does not represent time
1030 Port: 465/tcp open ssl/smtp syn-ack ttl 58 Exim smtpd 4.89
1031 Script Info: |_smtp-commands: Couldn't establish connection on port 465
1032 Script Info: | ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
1033 Script Info: | Issuer: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
1034 Script Info: | Public Key type: rsa
1035 Script Info: | Public Key bits: 1024
1036 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1037 Script Info: | Not valid before: 2018-03-05T07:49:40
1038 Script Info: | Not valid after: 2028-03-02T07:49:40
1039 Script Info: | MD5: 5725 8193 eba3 6655 85e8 03ba ac88 3a0d
1040 Script Info: |_SHA-1: b25e d398 61f7 f64d 48ec a833 2fc2 ec3d 818c 497b
1041 Script Info: |_ssl-date: TLS randomness does not represent time
1042 Port: 993/tcp open ssl/imaps? syn-ack ttl 58
1043 Script Info: |_ssl-date: TLS randomness does not represent time
1044 Port: 995/tcp open ssl/pop3s? syn-ack ttl 58
1045 Script Info: |_ssl-date: TLS randomness does not represent time
1046 Os Info: Host: a13s08.host.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
1047 IP: 94.102.51.111
1048 HostName: ns1.monchekin.com Type: NS
1049 HostName: mail.wowmodels.info Type: MX
1050 HostName: mail.wowmodels.info Type: MX
1051 HostName: www.wowmodels.info. Type: A
1052 HostName: ftp.wowmodels.info. Type: A
1053 HostName: mail.wowmodels.info. Type: A
1054 HostName: smtp.wowmodels.info. Type: A
1055 HostName: pop.wowmodels.info. Type: A
1056 Country: Netherlands
1057 Is Active: True (syn-ack ttl 58)
1058 Port: 22/tcp open ssh? syn-ack ttl 58
1059 Script Info: |_ssh-hostkey: ERROR: Script execution failed (use -d to debug)
1060 Port: 25/tcp open smtp syn-ack ttl 58 Exim smtpd
1061 Script Info: | smtp-commands: a13s08.host.com Hello nmap.scanme.org [89.187.165.60], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN CRAM-MD5, CHUNKING, STARTTLS, HELP,
1062 Script Info: |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
1063 Script Info: | ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
1064 Script Info: | Issuer: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
1065 Script Info: | Public Key type: rsa
1066 Script Info: | Public Key bits: 1024
1067 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1068 Script Info: | Not valid before: 2018-03-05T07:49:40
1069 Script Info: | Not valid after: 2028-03-02T07:49:40
1070 Script Info: | MD5: 5725 8193 eba3 6655 85e8 03ba ac88 3a0d
1071 Script Info: |_SHA-1: b25e d398 61f7 f64d 48ec a833 2fc2 ec3d 818c 497b
1072 Script Info: |_ssl-date: TLS randomness does not represent time
1073 Port: 53/tcp open domain syn-ack ttl 58 ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
1074 Script Info: | dns-nsid:
1075 Script Info: |_ bind.version: 9.9.4-RedHat-9.9.4-51.el7_4.2
1076 Port: 80/tcp open http syn-ack ttl 58 nginx
1077 Script Info: |_http-favicon: Unknown favicon MD5: 1DD7E26D04237FA651903A0917D57955
1078 Script Info: |_http-generator: Microsoft FrontPage 5.0
1079 Script Info: | http-methods:
1080 Script Info: | Supported Methods: POST OPTIONS GET HEAD TRACE
1081 Script Info: |_ Potentially risky methods: TRACE
1082 Script Info: |_http-title: Andy Pioneer Top Sites
1083 Port: 110/tcp open pop3 syn-ack ttl 58 Dovecot pop3d
1084 Script Info: |_pop3-capabilities: PIPELINING UIDL USER TOP SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) CAPA STLS AUTH-RESP-CODE RESP-CODES
1085 Script Info: |_ssl-date: TLS randomness does not represent time
1086 Port: 143/tcp open imap syn-ack ttl 58 Dovecot imapd
1087 Script Info: |_imap-capabilities: ENABLE LOGIN-REFERRALS LITERAL+ STARTTLS OK AUTH=DIGEST-MD5 have IDLE more post-login listed capabilities IMAP4rev1 AUTH=PLAIN ID AUTH=CRAM-MD5A0001 AUTH=LOGIN Pre-login SASL-IR
1088 Script Info: |_ssl-date: TLS randomness does not represent time
1089 Port: 465/tcp open ssl/smtp syn-ack ttl 58 Exim smtpd 4.89
1090 Script Info: |_smtp-commands: Couldn't establish connection on port 465
1091 Script Info: | ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
1092 Script Info: | Issuer: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
1093 Script Info: | Public Key type: rsa
1094 Script Info: | Public Key bits: 1024
1095 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1096 Script Info: | Not valid before: 2018-03-05T07:49:40
1097 Script Info: | Not valid after: 2028-03-02T07:49:40
1098 Script Info: | MD5: 5725 8193 eba3 6655 85e8 03ba ac88 3a0d
1099 Script Info: |_SHA-1: b25e d398 61f7 f64d 48ec a833 2fc2 ec3d 818c 497b
1100 Script Info: |_ssl-date: TLS randomness does not represent time
1101 Port: 993/tcp open ssl/imaps? syn-ack ttl 58
1102 Script Info: |_ssl-date: TLS randomness does not represent time
1103 Port: 995/tcp open ssl/pop3s? syn-ack ttl 58
1104 Script Info: |_ssl-date: TLS randomness does not represent time
1105 Os Info: Host: a13s08.host.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
1106
1107--------------End Summary --------------
1108-----------------------------------------
1109#################################################################################################################################
1110----- wowmodels.info -----
1111
1112
1113Host's addresses:
1114__________________
1115
1116wowmodels.info. 2965 IN A 94.102.51.111
1117
1118
1119Name Servers:
1120______________
1121
1122ns2.monchekin.com. 2505 IN A 94.102.51.112
1123ns1.monchekin.com. 2505 IN A 94.102.51.111
1124
1125
1126Mail (MX) Servers:
1127___________________
1128
1129mail.wowmodels.info. 2977 IN A 94.102.51.111
1130mail.wowmodels.info. 2977 IN A 94.102.51.111
1131
1132
1133
1134Brute forcing with /usr/share/dnsenum/dns.txt:
1135_______________________________________________
1136
1137ftp.wowmodels.info. 2932 IN A 94.102.51.111
1138mail.wowmodels.info. 2921 IN A 94.102.51.111
1139pop.wowmodels.info. 3484 IN A 94.102.51.111
1140smtp.wowmodels.info. 3471 IN A 94.102.51.111
1141www.wowmodels.info. 2410 IN A 94.102.51.111
1142
1143
1144Launching Whois Queries:
1145_________________________
1146
1147 whois ip result: 94.102.51.0 -> 94.102.51.0/24
1148
1149
1150wowmodels.info______________
1151
1152 94.102.51.0/24
1153##################################################################################################################################
1154URLCrazy Domain Report
1155Domain : www.wowmodels.info
1156Keyboard : qwerty
1157At : 2020-03-18 22:30:10 -0400
1158
1159# Please wait. 195 hostnames to process
1160
1161Typo Type Typo DNS-A CC-A DNS-MX Extn
1162--------------------------------------------------------------------------------------------------------------------------
1163Character Omission ww.wowmodels.info ? info
1164Character Omission www.owmodels.info ? info
1165Character Omission www.womodels.info ? info
1166Character Omission www.wowmdels.info ? info
1167Character Omission www.wowmodel.info 87.236.16.203 RU,RUSSIAN FEDERATION mx2.beget.com info
1168Character Omission www.wowmodes.info ? info
1169Character Omission www.wowmodls.info ? info
1170Character Omission www.wowmoels.info ? info
1171Character Omission www.wowodels.info ? info
1172Character Omission www.wwmodels.info ? info
1173Character Omission wwwwowmodels.info ? info
1174Character Repeat www.woowmodels.info ? info
1175Character Repeat www.wowmmodels.info ? info
1176Character Repeat www.wowmoddels.info ? info
1177Character Repeat www.wowmodeels.info ? info
1178Character Repeat www.wowmodells.info ? info
1179Character Repeat www.wowmodelss.info ? info
1180Character Repeat www.wowmoodels.info ? info
1181Character Repeat www.wowwmodels.info ? info
1182Character Repeat www.wwowmodels.info ? info
1183Character Repeat wwww.wowmodels.info ? info
1184Character Swap ww.wwowmodels.info ? info
1185Character Swap www.owwmodels.info ? info
1186Character Swap www.womwodels.info ? info
1187Character Swap www.wowmdoels.info ? info
1188Character Swap www.wowmodesl.info ? info
1189Character Swap www.wowmodles.info ? info
1190Character Swap www.wowmoedls.info ? info
1191Character Swap www.wowomdels.info ? info
1192Character Swap www.wwomodels.info ? info
1193Character Swap wwww.owmodels.info ? info
1194Character Replacement eww.wowmodels.info ? info
1195Character Replacement qww.wowmodels.info ? info
1196Character Replacement wew.wowmodels.info ? info
1197Character Replacement wqw.wowmodels.info ? info
1198Character Replacement wwe.wowmodels.info ? info
1199Character Replacement wwq.wowmodels.info ? info
1200Character Replacement www.eowmodels.info ? info
1201Character Replacement www.qowmodels.info ? info
1202Character Replacement www.wiwmodels.info ? info
1203Character Replacement www.woemodels.info ? info
1204Character Replacement www.woqmodels.info ? info
1205Character Replacement www.wowmidels.info ? info
1206Character Replacement www.wowmodeks.info ? info
1207Character Replacement www.wowmodela.info ? info
1208Character Replacement www.wowmodeld.info ? info
1209Character Replacement www.wowmodrls.info ? info
1210Character Replacement www.wowmodwls.info ? info
1211Character Replacement www.wowmofels.info ? info
1212Character Replacement www.wowmosels.info ? info
1213Character Replacement www.wowmpdels.info ? info
1214Character Replacement www.wownodels.info ? info
1215Character Replacement www.wpwmodels.info ? info
1216Double Character Replacement eew.wowmodels.info ? info
1217Double Character Replacement qqw.wowmodels.info ? info
1218Double Character Replacement wee.wowmodels.info ? info
1219Double Character Replacement wqq.wowmodels.info ? info
1220Character Insertion weww.wowmodels.info ? info
1221Character Insertion wqww.wowmodels.info ? info
1222Character Insertion wwew.wowmodels.info ? info
1223Character Insertion wwqw.wowmodels.info ? info
1224Character Insertion www.weowmodels.info ? info
1225Character Insertion www.woiwmodels.info ? info
1226Character Insertion www.wopwmodels.info ? info
1227Character Insertion www.wowemodels.info ? info
1228Character Insertion www.wowmnodels.info ? info
1229Character Insertion www.wowmodelks.info ? info
1230Character Insertion www.wowmodelsa.info ? info
1231Character Insertion www.wowmodelsd.info ? info
1232Character Insertion www.wowmoderls.info ? info
1233Character Insertion www.wowmodewls.info ? info
1234Character Insertion www.wowmodfels.info ? info
1235Character Insertion www.wowmodsels.info ? info
1236Character Insertion www.wowmoidels.info ? info
1237Character Insertion www.wowmopdels.info ? info
1238Character Insertion www.wowqmodels.info ? info
1239Character Insertion www.wqowmodels.info ? info
1240Character Insertion wwwe.wowmodels.info ? info
1241Character Insertion wwwq.wowmodels.info ? info
1242Missing Dot wwwwww.wowmodels.info ? info
1243Singular or Pluralise wowmodel.info 87.236.16.203 CA,CANADA mx1.beget.com info
1244Singular or Pluralise wowmodels.info 94.102.51.111 NL,NETHERLANDS mail.wowmodels.info info
1245Vowel Swap www.wowmodals.info ? info
1246Vowel Swap www.wowmodils.info ? info
1247Vowel Swap www.wowmodols.info ? info
1248Vowel Swap www.wowmoduls.info ? info
1249Homophones www.wowmowedls.info ? info
1250Bit Flipping 7ww.wowmodels.info ? info
1251Bit Flipping gww.wowmodels.info ? info
1252Bit Flipping sww.wowmodels.info ? info
1253Bit Flipping uww.wowmodels.info ? info
1254Bit Flipping vww.wowmodels.info ? info
1255Bit Flipping w7w.wowmodels.info ? info
1256Bit Flipping wgw.wowmodels.info ? info
1257Bit Flipping wsw.wowmodels.info ? info
1258Bit Flipping wuw.wowmodels.info ? info
1259Bit Flipping wvw.wowmodels.info ? info
1260Bit Flipping ww7.wowmodels.info ? info
1261Bit Flipping wwg.wowmodels.info ? info
1262Bit Flipping wws.wowmodels.info ? info
1263Bit Flipping wwu.wowmodels.info ? info
1264Bit Flipping wwv.wowmodels.info ? info
1265Bit Flipping www.7owmodels.info ? info
1266Bit Flipping www.gowmodels.info ? info
1267Bit Flipping www.sowmodels.info ? info
1268Bit Flipping www.uowmodels.info ? info
1269Bit Flipping www.vowmodels.info ? info
1270Bit Flipping www.wgwmodels.info ? info
1271Bit Flipping www.wkwmodels.info ? info
1272Bit Flipping www.wmwmodels.info ? info
1273Bit Flipping www.wnwmodels.info ? info
1274Bit Flipping www.wo7models.info ? info
1275Bit Flipping www.wogmodels.info ? info
1276Bit Flipping www.wosmodels.info ? info
1277Bit Flipping www.woumodels.info ? info
1278Bit Flipping www.wovmodels.info ? info
1279Bit Flipping www.wow-odels.info ? info
1280Bit Flipping www.woweodels.info ? info
1281Bit Flipping www.wowiodels.info ? info
1282Bit Flipping www.wowlodels.info ? info
1283Bit Flipping www.wowmgdels.info ? info
1284Bit Flipping www.wowmkdels.info ? info
1285Bit Flipping www.wowmmdels.info ? info
1286Bit Flipping www.wowmndels.info ? info
1287Bit Flipping www.wowmoddls.info ? info
1288Bit Flipping www.wowmodeds.info ? info
1289Bit Flipping www.wowmodehs.info ? info
1290Bit Flipping www.wowmodel3.info ? info
1291Bit Flipping www.wowmodelc.info ? info
1292Bit Flipping www.wowmodelq.info ? info
1293Bit Flipping www.wowmodelr.info ? info
1294Bit Flipping www.wowmodels.i.fo 217.116.232.226 DK,DENMARK mx1.gigahost.dk fo
1295Bit Flipping www.wowmodelw.info ? info
1296Bit Flipping www.wowmodems.info ? info
1297Bit Flipping www.wowmodens.info ? info
1298Bit Flipping www.wowmodgls.info ? info
1299Bit Flipping www.wowmodmls.info ? info
1300Bit Flipping www.wowmoeels.info ? info
1301Bit Flipping www.wowmolels.info ? info
1302Bit Flipping www.wowmotels.info ? info
1303Bit Flipping www.wowoodels.info ? info
1304Bit Flipping wwwnwowmodels.info ? info
1305Homoglyphs vvvvvv.vvovvmodels.info ? info
1306Homoglyphs vvvvvv.vvowmodels.info ? info
1307Homoglyphs vvvvvv.wovvmodels.info ? info
1308Homoglyphs vvvvvv.wowmodels.info ? info
1309Homoglyphs vvvvw.vvovvmodels.info ? info
1310Homoglyphs vvvvw.vvowmodels.info ? info
1311Homoglyphs vvvvw.wovvmodels.info ? info
1312Homoglyphs vvvvw.wowmodels.info ? info
1313Homoglyphs vvwvv.vvovvmodels.info ? info
1314Homoglyphs vvwvv.vvowmodels.info ? info
1315Homoglyphs vvwvv.wovvmodels.info ? info
1316Homoglyphs vvwvv.wowmodels.info ? info
1317Homoglyphs vvww.vvovvmodels.info ? info
1318Homoglyphs vvww.vvowmodels.info ? info
1319Homoglyphs vvww.wovvmodels.info ? info
1320Homoglyphs vvww.wowmodels.info ? info
1321Homoglyphs wvvvv.vvovvmodels.info ? info
1322Homoglyphs wvvvv.vvowmodels.info ? info
1323Homoglyphs wvvvv.wovvmodels.info ? info
1324Homoglyphs wvvvv.wowmodels.info ? info
1325Homoglyphs wvvw.vvovvmodels.info ? info
1326Homoglyphs wvvw.vvowmodels.info ? info
1327Homoglyphs wvvw.wovvmodels.info ? info
1328Homoglyphs wvvw.wowmodels.info ? info
1329Homoglyphs wwvv.vvovvmodels.info ? info
1330Homoglyphs wwvv.vvowmodels.info ? info
1331Homoglyphs wwvv.wovvmodels.info ? info
1332Homoglyphs wwvv.wowmodels.info ? info
1333Homoglyphs www.vvovvmodels.info ? info
1334Homoglyphs www.vvowmodels.info ? info
1335Homoglyphs www.w0wm0dels.info ? info
1336Homoglyphs www.w0wmodels.info ? info
1337Homoglyphs www.wovvmodels.info ? info
1338Homoglyphs www.wowm0dels.info ? info
1339Homoglyphs www.wowmoclels.info ? info
1340Homoglyphs www.wowmode1s.info ? info
1341Homoglyphs www.wowrnodels.info ? info
1342Wrong TLD wowmodels.ca 74.208.236.246 US,UNITED STATES mx00.1and1.com ca
1343Wrong TLD wowmodels.ch ? ch
1344Wrong TLD wowmodels.com 64.188.62.168 US,UNITED STATES mail.yourpost.email com
1345Wrong TLD wowmodels.de ? de
1346Wrong TLD wowmodels.edu ? edu
1347Wrong TLD wowmodels.es ? es
1348Wrong TLD wowmodels.fr ? fr
1349Wrong TLD wowmodels.it ? it
1350Wrong TLD wowmodels.jp ? jp
1351Wrong TLD wowmodels.net 104.18.52.252 mx1.emailowl.com net
1352Wrong TLD wowmodels.nl 91.184.0.100 IE,IRELAND nl
1353Wrong TLD wowmodels.no ? no
1354Wrong TLD wowmodels.org ? org
1355Wrong TLD wowmodels.ru 109.70.26.37 RU,RUSSIAN FEDERATION ru
1356Wrong TLD wowmodels.se ? se
1357Wrong TLD wowmodels.us ? us
1358#################################################################################################################################
1359[+] www.wowmodels.info has no SPF record!
1360[*] No DMARC record found. Looking for organizational record
1361[+] No organizational DMARC record
1362[+] Spoofing possible for www.wowmodels.info!
1363#################################################################################################################################
1364WARNING: Duplicate port number(s) specified. Are you alert enough to be using Nmap? Have some coffee or Jolt(tm).
1365Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 22:37 EDT
1366Nmap scan report for www.wowmodels.info (94.102.51.111)
1367Host is up (0.23s latency).
1368Not shown: 486 filtered ports, 1 closed port
1369Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
1370PORT STATE SERVICE
137122/tcp open ssh
137225/tcp open smtp
137353/tcp open domain
137480/tcp open http
1375110/tcp open pop3
1376143/tcp open imap
1377465/tcp open smtps
1378993/tcp open imaps
1379995/tcp open pop3s
1380
1381Nmap done: 1 IP address (1 host up) scanned in 12.24 seconds
1382#################################################################################################################################
1383Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 22:37 EDT
1384Nmap scan report for www.wowmodels.info (94.102.51.111)
1385Host is up.
1386
1387PORT STATE SERVICE
138853/udp open|filtered domain
138967/udp open|filtered dhcps
139068/udp open|filtered dhcpc
139169/udp open|filtered tftp
139288/udp open|filtered kerberos-sec
1393123/udp open|filtered ntp
1394137/udp open|filtered netbios-ns
1395138/udp open|filtered netbios-dgm
1396139/udp open|filtered netbios-ssn
1397161/udp open|filtered snmp
1398162/udp open|filtered snmptrap
1399389/udp open|filtered ldap
1400500/udp open|filtered isakmp
1401520/udp open|filtered route
14022049/udp open|filtered nfs
1403
1404Nmap done: 1 IP address (1 host up) scanned in 5.40 seconds
1405#################################################################################################################################
1406# general
1407(gen) banner: SSH-2.0-OpenSSH_7.4
1408(gen) software: OpenSSH 7.4
1409(gen) compatibility: OpenSSH 7.3+ (some functionality from 6.6), Dropbear SSH 2016.73+ (some functionality from 0.52)
1410(gen) compression: enabled (zlib@openssh.com)
1411
1412# key exchange algorithms
1413(kex) curve25519-sha256 -- [warn] unknown algorithm
1414(kex) curve25519-sha256@libssh.org -- [info] available since OpenSSH 6.5, Dropbear SSH 2013.62
1415(kex) ecdh-sha2-nistp256 -- [fail] using weak elliptic curves
1416 `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
1417(kex) ecdh-sha2-nistp384 -- [fail] using weak elliptic curves
1418 `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
1419(kex) ecdh-sha2-nistp521 -- [fail] using weak elliptic curves
1420 `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
1421(kex) diffie-hellman-group-exchange-sha256 -- [warn] using custom size modulus (possibly weak)
1422 `- [info] available since OpenSSH 4.4
1423(kex) diffie-hellman-group16-sha512 -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
1424(kex) diffie-hellman-group18-sha512 -- [info] available since OpenSSH 7.3
1425(kex) diffie-hellman-group-exchange-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1426 `- [warn] using weak hashing algorithm
1427 `- [info] available since OpenSSH 2.3.0
1428(kex) diffie-hellman-group14-sha256 -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
1429(kex) diffie-hellman-group14-sha1 -- [warn] using weak hashing algorithm
1430 `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53
1431(kex) diffie-hellman-group1-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1432 `- [fail] disabled (in client) since OpenSSH 7.0, logjam attack
1433 `- [warn] using small 1024-bit modulus
1434 `- [warn] using weak hashing algorithm
1435 `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
1436
1437# host-key algorithms
1438(key) ssh-rsa -- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
1439(key) rsa-sha2-512 -- [info] available since OpenSSH 7.2
1440(key) rsa-sha2-256 -- [info] available since OpenSSH 7.2
1441(key) ecdsa-sha2-nistp256 -- [fail] using weak elliptic curves
1442 `- [warn] using weak random number generator could reveal the key
1443 `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
1444(key) ssh-ed25519 -- [info] available since OpenSSH 6.5
1445
1446# encryption algorithms (ciphers)
1447(enc) chacha20-poly1305@openssh.com -- [info] available since OpenSSH 6.5
1448 `- [info] default cipher since OpenSSH 6.9.
1449(enc) aes128-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
1450(enc) aes192-ctr -- [info] available since OpenSSH 3.7
1451(enc) aes256-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
1452(enc) aes128-gcm@openssh.com -- [info] available since OpenSSH 6.2
1453(enc) aes256-gcm@openssh.com -- [info] available since OpenSSH 6.2
1454(enc) aes128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1455 `- [warn] using weak cipher mode
1456 `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
1457(enc) aes192-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1458 `- [warn] using weak cipher mode
1459 `- [info] available since OpenSSH 2.3.0
1460(enc) aes256-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1461 `- [warn] using weak cipher mode
1462 `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.47
1463(enc) blowfish-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1464 `- [fail] disabled since Dropbear SSH 0.53
1465 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
1466 `- [warn] using weak cipher mode
1467 `- [warn] using small 64-bit block size
1468 `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
1469(enc) cast128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1470 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
1471 `- [warn] using weak cipher mode
1472 `- [warn] using small 64-bit block size
1473 `- [info] available since OpenSSH 2.1.0
1474(enc) 3des-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1475 `- [warn] using weak cipher
1476 `- [warn] using weak cipher mode
1477 `- [warn] using small 64-bit block size
1478 `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
1479
1480# message authentication code algorithms
1481(mac) umac-64-etm@openssh.com -- [warn] using small 64-bit tag size
1482 `- [info] available since OpenSSH 6.2
1483(mac) umac-128-etm@openssh.com -- [info] available since OpenSSH 6.2
1484(mac) hmac-sha2-256-etm@openssh.com -- [info] available since OpenSSH 6.2
1485(mac) hmac-sha2-512-etm@openssh.com -- [info] available since OpenSSH 6.2
1486(mac) hmac-sha1-etm@openssh.com -- [warn] using weak hashing algorithm
1487 `- [info] available since OpenSSH 6.2
1488(mac) umac-64@openssh.com -- [warn] using encrypt-and-MAC mode
1489 `- [warn] using small 64-bit tag size
1490 `- [info] available since OpenSSH 4.7
1491(mac) umac-128@openssh.com -- [warn] using encrypt-and-MAC mode
1492 `- [info] available since OpenSSH 6.2
1493(mac) hmac-sha2-256 -- [warn] using encrypt-and-MAC mode
1494 `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
1495(mac) hmac-sha2-512 -- [warn] using encrypt-and-MAC mode
1496 `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
1497(mac) hmac-sha1 -- [warn] using encrypt-and-MAC mode
1498 `- [warn] using weak hashing algorithm
1499 `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
1500
1501# algorithm recommendations (for OpenSSH 7.4)
1502(rec) -diffie-hellman-group14-sha1 -- kex algorithm to remove
1503(rec) -ecdh-sha2-nistp256 -- kex algorithm to remove
1504(rec) -diffie-hellman-group-exchange-sha256 -- kex algorithm to remove
1505(rec) -diffie-hellman-group1-sha1 -- kex algorithm to remove
1506(rec) -diffie-hellman-group-exchange-sha1 -- kex algorithm to remove
1507(rec) -ecdh-sha2-nistp521 -- kex algorithm to remove
1508(rec) -ecdh-sha2-nistp384 -- kex algorithm to remove
1509(rec) -ecdsa-sha2-nistp256 -- key algorithm to remove
1510(rec) -blowfish-cbc -- enc algorithm to remove
1511(rec) -3des-cbc -- enc algorithm to remove
1512(rec) -aes256-cbc -- enc algorithm to remove
1513(rec) -cast128-cbc -- enc algorithm to remove
1514(rec) -aes192-cbc -- enc algorithm to remove
1515(rec) -aes128-cbc -- enc algorithm to remove
1516(rec) -hmac-sha2-512 -- mac algorithm to remove
1517(rec) -umac-128@openssh.com -- mac algorithm to remove
1518(rec) -hmac-sha2-256 -- mac algorithm to remove
1519(rec) -umac-64@openssh.com -- mac algorithm to remove
1520(rec) -hmac-sha1 -- mac algorithm to remove
1521(rec) -hmac-sha1-etm@openssh.com -- mac algorithm to remove
1522(rec) -umac-64-etm@openssh.com -- mac algorithm to remove
1523#################################################################################################################################
1524Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 22:38 EDT
1525NSE: Loaded 51 scripts for scanning.
1526NSE: Script Pre-scanning.
1527Initiating NSE at 22:38
1528Completed NSE at 22:38, 0.00s elapsed
1529Initiating NSE at 22:38
1530Completed NSE at 22:38, 0.00s elapsed
1531Initiating Parallel DNS resolution of 1 host. at 22:38
1532Completed Parallel DNS resolution of 1 host. at 22:38, 0.02s elapsed
1533Initiating SYN Stealth Scan at 22:38
1534Scanning www.wowmodels.info (94.102.51.111) [1 port]
1535Discovered open port 22/tcp on 94.102.51.111
1536Completed SYN Stealth Scan at 22:38, 0.20s elapsed (1 total ports)
1537Initiating Service scan at 22:38
1538Scanning 1 service on www.wowmodels.info (94.102.51.111)
1539Completed Service scan at 22:38, 0.66s elapsed (1 service on 1 host)
1540Initiating OS detection (try #1) against www.wowmodels.info (94.102.51.111)
1541Retrying OS detection (try #2) against www.wowmodels.info (94.102.51.111)
1542Initiating Traceroute at 22:38
1543Completed Traceroute at 22:38, 0.20s elapsed
1544Initiating Parallel DNS resolution of 8 hosts. at 22:38
1545Completed Parallel DNS resolution of 8 hosts. at 22:38, 0.32s elapsed
1546NSE: Script scanning 94.102.51.111.
1547Initiating NSE at 22:38
1548NSE: [ssh-run 94.102.51.111:22] Failed to specify credentials and command to run.
1549Completed NSE at 22:39, 90.45s elapsed
1550Initiating NSE at 22:39
1551Completed NSE at 22:39, 0.05s elapsed
1552Nmap scan report for www.wowmodels.info (94.102.51.111)
1553Host is up (0.25s latency).
1554
1555PORT STATE SERVICE VERSION
155622/tcp open ssh OpenSSH 7.4 (protocol 2.0)
1557| ssh-auth-methods:
1558| Supported authentication methods:
1559| publickey
1560| gssapi-keyex
1561| gssapi-with-mic
1562|_ password
1563|_ssh-publickey-acceptance: ERROR: Script execution failed (use -d to debug)
1564|_ssh-run: Failed to specify credentials and command to run.
1565| vulners:
1566| cpe:/a:openbsd:openssh:7.4:
1567| CVE-2018-15919 5.0 https://vulners.com/cve/CVE-2018-15919
1568|_ CVE-2017-15906 5.0 https://vulners.com/cve/CVE-2017-15906
1569Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1570Device type: WAP|general purpose|specialized|broadband router
1571Running (JUST GUESSING): Linux 2.4.X|2.6.X (94%), Philips embedded (90%), Crestron 2-Series (90%), Asus embedded (87%)
1572OS CPE: cpe:/o:linux:linux_kernel:2.4 cpe:/o:linux:linux_kernel:2.6.22 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel cpe:/o:crestron:2_series cpe:/h:asus:rt-ac66u cpe:/o:linux:linux_kernel:2.6 cpe:/h:asus:rt-n10
1573Aggressive OS guesses: OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (94%), OpenWrt White Russian 0.9 (Linux 2.4.30) (94%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (94%), Linux 2.4.18 (92%), Philips Hue Bridge 2.0 (Linux) (90%), Crestron XPanel control system (90%), OpenWrt (Linux 2.4.30 - 2.4.34) (89%), OpenWrt (Linux 2.4.32) (89%), Asus RT-AC66U router (Linux 2.6) (87%), Asus RT-N10 router or AXIS 211A Network Camera (Linux 2.6) (87%)
1574No exact OS matches for host (test conditions non-ideal).
1575Network Distance: 8 hops
1576TCP Sequence Prediction: Difficulty=261 (Good luck!)
1577IP ID Sequence Generation: All zeros
1578
1579TRACEROUTE (using port 22/tcp)
1580HOP RTT ADDRESS
15811 182.85 ms 10.202.1.1
15822 182.91 ms unn-89-187-165-62.cdn77.com (89.187.165.62)
15833 182.93 ms vl1337.fra-itx2-core-1.cdn77.com (185.229.188.4)
15844 183.00 ms he-net.peering.cz (91.213.211.118)
15855 182.97 ms 100ge16-1.core1.fra1.he.net (184.105.213.233)
15866 182.99 ms 100ge11-1.core1.fra2.he.net (72.52.92.86)
15877 183.05 ms 100ge0-54.core1.ams2.he.net (184.104.192.130)
15888 183.08 ms 94.102.51.111
1589
1590NSE: Script Post-scanning.
1591Initiating NSE at 22:39
1592Completed NSE at 22:39, 0.00s elapsed
1593Initiating NSE at 22:39
1594Completed NSE at 22:39, 0.00s elapsed
1595#################################################################################################################################
1596Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 22:40 EDT
1597NSE: Loaded 55 scripts for scanning.
1598NSE: Script Pre-scanning.
1599Initiating NSE at 22:40
1600Completed NSE at 22:40, 0.00s elapsed
1601Initiating NSE at 22:40
1602Completed NSE at 22:40, 0.00s elapsed
1603Initiating Parallel DNS resolution of 1 host. at 22:40
1604Completed Parallel DNS resolution of 1 host. at 22:40, 0.02s elapsed
1605Initiating SYN Stealth Scan at 22:40
1606Scanning www.wowmodels.info (94.102.51.111) [1 port]
1607Discovered open port 25/tcp on 94.102.51.111
1608Completed SYN Stealth Scan at 22:40, 0.20s elapsed (1 total ports)
1609Initiating Service scan at 22:40
1610Scanning 1 service on www.wowmodels.info (94.102.51.111)
1611Completed Service scan at 22:40, 0.46s elapsed (1 service on 1 host)
1612Initiating OS detection (try #1) against www.wowmodels.info (94.102.51.111)
1613Retrying OS detection (try #2) against www.wowmodels.info (94.102.51.111)
1614Initiating Traceroute at 22:40
1615Completed Traceroute at 22:40, 0.20s elapsed
1616Initiating Parallel DNS resolution of 8 hosts. at 22:40
1617Completed Parallel DNS resolution of 8 hosts. at 22:40, 0.39s elapsed
1618NSE: Script scanning 94.102.51.111.
1619Initiating NSE at 22:40
1620NSE Timing: About 71.23% done; ETC: 22:42 (0:00:30 remaining)
1621Completed NSE at 22:42, 90.96s elapsed
1622Initiating NSE at 22:42
1623Completed NSE at 22:42, 0.05s elapsed
1624Nmap scan report for www.wowmodels.info (94.102.51.111)
1625Host is up (0.24s latency).
1626
1627PORT STATE SERVICE VERSION
162825/tcp open smtp Exim smtpd 4.89
1629| smtp-commands: a13s08.host.com Hello www.wowmodels.info [89.187.165.60], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN CRAM-MD5, CHUNKING, STARTTLS, HELP,
1630|_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
1631| smtp-enum-users:
1632|_ Method RCPT returned a unhandled status code.
1633|_smtp-open-relay: SMTP RSET: failed to receive data: connection closed
1634| smtp-vuln-cve2010-4344:
1635| Exim version: 4.89
1636| Exim heap overflow vulnerability (CVE-2010-4344):
1637| Exim (CVE-2010-4344): NOT VULNERABLE
1638| Exim privileges escalation vulnerability (CVE-2010-4345):
1639| Exim (CVE-2010-4345): NOT VULNERABLE
1640|_ To confirm and exploit the vulnerabilities, run with --script-args='smtp-vuln-cve2010-4344.exploit'
1641| vulners:
1642| cpe:/a:exim:exim:4.89:
1643| CVE-2019-15846 10.0 https://vulners.com/cve/CVE-2019-15846
1644| CVE-2019-13917 10.0 https://vulners.com/cve/CVE-2019-13917
1645| CVE-2019-10149 7.5 https://vulners.com/cve/CVE-2019-10149
1646| CVE-2018-6789 7.5 https://vulners.com/cve/CVE-2018-6789
1647| CVE-2017-16943 7.5 https://vulners.com/cve/CVE-2017-16943
1648| CVE-2017-16944 5.0 https://vulners.com/cve/CVE-2017-16944
1649|_ CVE-2017-1000369 2.1 https://vulners.com/cve/CVE-2017-1000369
1650Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1651Device type: WAP|general purpose|specialized|broadband router
1652Running (JUST GUESSING): Linux 2.4.X|2.6.X (94%), Philips embedded (92%), Crestron 2-Series (90%), Asus embedded (87%)
1653OS CPE: cpe:/o:linux:linux_kernel:2.4 cpe:/o:linux:linux_kernel:2.6.22 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel cpe:/o:crestron:2_series cpe:/h:asus:rt-ac66u cpe:/o:linux:linux_kernel:2.6 cpe:/h:asus:rt-n10
1654Aggressive OS guesses: OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (94%), OpenWrt White Russian 0.9 (Linux 2.4.30) (94%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (94%), Linux 2.4.18 (92%), Philips Hue Bridge 2.0 (Linux) (92%), Crestron XPanel control system (90%), OpenWrt (Linux 2.4.30 - 2.4.34) (89%), OpenWrt (Linux 2.4.32) (89%), Asus RT-AC66U router (Linux 2.6) (87%), Asus RT-N10 router or AXIS 211A Network Camera (Linux 2.6) (87%)
1655No exact OS matches for host (test conditions non-ideal).
1656Network Distance: 8 hops
1657TCP Sequence Prediction: Difficulty=264 (Good luck!)
1658IP ID Sequence Generation: All zeros
1659Service Info: Host: a13s08.host.com
1660
1661TRACEROUTE (using port 25/tcp)
1662HOP RTT ADDRESS
16631 188.00 ms 10.202.1.1
16642 188.02 ms unn-89-187-165-62.cdn77.com (89.187.165.62)
16653 188.03 ms vl1337.fra-itx2-core-1.cdn77.com (185.229.188.4)
16664 188.05 ms he-net.peering.cz (91.213.211.118)
16675 188.05 ms 100ge16-1.core1.fra1.he.net (184.105.213.233)
16686 188.06 ms 100ge11-1.core1.fra2.he.net (72.52.92.86)
16697 188.11 ms 100ge0-54.core1.ams2.he.net (184.104.192.130)
16708 188.10 ms 94.102.51.111
1671
1672NSE: Script Post-scanning.
1673Initiating NSE at 22:42
1674Completed NSE at 22:42, 0.00s elapsed
1675Initiating NSE at 22:42
1676Completed NSE at 22:42, 0.00s elapsed
1677#################################################################################################################################
1678Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 22:44 EDT
1679NSE: Loaded 64 scripts for scanning.
1680NSE: Script Pre-scanning.
1681Initiating NSE at 22:44
1682Completed NSE at 22:44, 0.00s elapsed
1683Initiating NSE at 22:44
1684Completed NSE at 22:44, 0.00s elapsed
1685Initiating Parallel DNS resolution of 1 host. at 22:44
1686Completed Parallel DNS resolution of 1 host. at 22:44, 0.02s elapsed
1687Initiating SYN Stealth Scan at 22:44
1688Scanning www.wowmodels.info (94.102.51.111) [1 port]
1689Discovered open port 53/tcp on 94.102.51.111
1690Completed SYN Stealth Scan at 22:44, 0.25s elapsed (1 total ports)
1691Initiating Service scan at 22:44
1692Scanning 1 service on www.wowmodels.info (94.102.51.111)
1693Completed Service scan at 22:44, 6.38s elapsed (1 service on 1 host)
1694Initiating OS detection (try #1) against www.wowmodels.info (94.102.51.111)
1695Retrying OS detection (try #2) against www.wowmodels.info (94.102.51.111)
1696Initiating Traceroute at 22:44
1697Completed Traceroute at 22:44, 3.01s elapsed
1698Initiating Parallel DNS resolution of 8 hosts. at 22:44
1699Completed Parallel DNS resolution of 8 hosts. at 22:44, 0.21s elapsed
1700NSE: Script scanning 94.102.51.111.
1701Initiating NSE at 22:44
1702Completed NSE at 22:44, 12.40s elapsed
1703Initiating NSE at 22:44
1704Completed NSE at 22:44, 0.00s elapsed
1705Nmap scan report for www.wowmodels.info (94.102.51.111)
1706Host is up (0.29s latency).
1707
1708PORT STATE SERVICE VERSION
170953/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
1710|_dns-fuzz: Server didn't response to our probe, can't fuzz
1711| dns-nsec-enum:
1712|_ No NSEC records found
1713| dns-nsec3-enum:
1714|_ DNSSEC NSEC3 not supported
1715| dns-nsid:
1716|_ bind.version: 9.9.4-RedHat-9.9.4-51.el7_4.2
1717| vulners:
1718| cpe:/a:isc:bind:9.9.4:
1719| CVE-2015-4620 7.8 https://vulners.com/cve/CVE-2015-4620
1720| CVE-2014-8500 7.8 https://vulners.com/cve/CVE-2014-8500
1721| CVE-2017-3141 7.2 https://vulners.com/cve/CVE-2017-3141
1722| CVE-2015-8461 7.1 https://vulners.com/cve/CVE-2015-8461
1723| CVE-2015-1349 5.4 https://vulners.com/cve/CVE-2015-1349
1724| CVE-2018-5740 5.0 https://vulners.com/cve/CVE-2018-5740
1725| CVE-2017-3145 5.0 https://vulners.com/cve/CVE-2017-3145
1726| CVE-2016-9131 5.0 https://vulners.com/cve/CVE-2016-9131
1727| CVE-2016-8864 5.0 https://vulners.com/cve/CVE-2016-8864
1728| CVE-2016-1286 5.0 https://vulners.com/cve/CVE-2016-1286
1729| CVE-2015-8000 5.0 https://vulners.com/cve/CVE-2015-8000
1730| CVE-2019-6465 4.3 https://vulners.com/cve/CVE-2019-6465
1731| CVE-2018-5743 4.3 https://vulners.com/cve/CVE-2018-5743
1732| CVE-2018-5742 4.3 https://vulners.com/cve/CVE-2018-5742
1733| CVE-2017-3143 4.3 https://vulners.com/cve/CVE-2017-3143
1734| CVE-2017-3142 4.3 https://vulners.com/cve/CVE-2017-3142
1735| CVE-2017-3136 4.3 https://vulners.com/cve/CVE-2017-3136
1736| CVE-2016-2775 4.3 https://vulners.com/cve/CVE-2016-2775
1737| CVE-2016-1285 4.3 https://vulners.com/cve/CVE-2016-1285
1738| CVE-2018-5741 4.0 https://vulners.com/cve/CVE-2018-5741
1739| CVE-2016-6170 4.0 https://vulners.com/cve/CVE-2016-6170
1740|_ CVE-2018-5745 3.5 https://vulners.com/cve/CVE-2018-5745
1741Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1742Aggressive OS guesses: OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (96%), OpenWrt White Russian 0.9 (Linux 2.4.30) (96%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (96%), OpenWrt (Linux 2.4.32) (92%), Linux 2.6.24 (91%), Philips Hue Bridge 2.0 (Linux) (91%), OpenWrt (Linux 2.4.30 - 2.4.34) (90%), Crestron XPanel control system (90%), Linux 2.4.18 (90%), Toshiba Magnia SG10 server appliance (Linux 2.4.18) (89%)
1743No exact OS matches for host (test conditions non-ideal).
1744Network Distance: 9 hops
1745TCP Sequence Prediction: Difficulty=263 (Good luck!)
1746IP ID Sequence Generation: All zeros
1747Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
1748
1749Host script results:
1750| dns-blacklist:
1751| SPAM
1752|_ l2.apews.org - SPAM
1753| dns-brute:
1754| DNS Brute-force hostnames:
1755| mail.wowmodels.info - 94.102.51.111
1756| www.wowmodels.info - 94.102.51.111
1757| ftp.wowmodels.info - 94.102.51.111
1758|_ smtp.wowmodels.info - 94.102.51.111
1759
1760TRACEROUTE (using port 53/tcp)
1761HOP RTT ADDRESS
17621 321.03 ms 10.202.1.1
17632 321.07 ms unn-89-187-165-62.cdn77.com (89.187.165.62)
17643 321.09 ms vl1337.fra-itx2-core-1.cdn77.com (185.229.188.4)
17654 321.12 ms he-net.peering.cz (91.213.211.118)
17665 321.12 ms 100ge16-1.core1.fra1.he.net (184.105.213.233)
17676 321.15 ms 100ge6-1.core1.ams1.he.net (72.52.92.5)
17687 ...
17698 321.19 ms 100ge2-1.core1.ams1.he.net (184.104.192.129)
17709 321.21 ms 94.102.51.111
1771
1772NSE: Script Post-scanning.
1773Initiating NSE at 22:44
1774Completed NSE at 22:44, 0.00s elapsed
1775Initiating NSE at 22:44
1776Completed NSE at 22:44, 0.00s elapsed
1777#################################################################################################################################
1778HTTP/1.1 403 Forbidden
1779Server: nginx
1780Date: Thu, 19 Mar 2020 02:44:35 GMT
1781Content-Type: text/html; charset=iso-8859-1
1782Connection: keep-alive
1783Vary: Accept-Encoding
1784#################################################################################################################################
1785
1786wig - WebApp Information Gatherer
1787
1788
1789Scanning http://www.wowmodels.info...
1790_________________________________________ SITE INFO _________________________________________
1791IP Title
179294.102.51.111 403 Forbidden
1793
1794__________________________________________ VERSION __________________________________________
1795Name Versions Type
1796phpMyAdmin 4_4_15_8 CMS
1797Apache 2.4.10 | 2.4.11 | 2.4.12 | 2.4.5 | 2.4.6 | 2.4.7 | 2.4.8 Platform
1798 2.4.9
1799PHP 5.4.45 Platform
1800nginx Platform
1801FreeBSD 10 | 11 OS
1802OpenBSD 5.9 OS
1803
1804________________________________________ INTERESTING ________________________________________
1805URL Note Type
1806/readme.html Readme file Interesting
1807/install.php Installation file Interesting
1808/test.php Test file Interesting
1809
1810_____________________________________________________________________________________________
1811Time: 69.6 sec Urls: 712 Fingerprints: 40401
1812#################################################################################################################################
1813Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 22:46 EDT
1814NSE: Loaded 161 scripts for scanning.
1815NSE: Script Pre-scanning.
1816Initiating NSE at 22:46
1817Completed NSE at 22:46, 0.00s elapsed
1818Initiating NSE at 22:46
1819Completed NSE at 22:46, 0.00s elapsed
1820Initiating Parallel DNS resolution of 1 host. at 22:46
1821Completed Parallel DNS resolution of 1 host. at 22:46, 0.02s elapsed
1822Initiating SYN Stealth Scan at 22:46
1823Scanning www.wowmodels.info (94.102.51.111) [1 port]
1824Discovered open port 80/tcp on 94.102.51.111
1825Completed SYN Stealth Scan at 22:46, 0.20s elapsed (1 total ports)
1826Initiating Service scan at 22:46
1827Scanning 1 service on www.wowmodels.info (94.102.51.111)
1828Completed Service scan at 22:46, 6.43s elapsed (1 service on 1 host)
1829Initiating OS detection (try #1) against www.wowmodels.info (94.102.51.111)
1830Retrying OS detection (try #2) against www.wowmodels.info (94.102.51.111)
1831Initiating Traceroute at 22:46
1832Completed Traceroute at 22:46, 3.01s elapsed
1833Initiating Parallel DNS resolution of 8 hosts. at 22:46
1834Completed Parallel DNS resolution of 8 hosts. at 22:46, 0.23s elapsed
1835NSE: Script scanning 94.102.51.111.
1836Initiating NSE at 22:46
1837Completed NSE at 22:47, 64.64s elapsed
1838Initiating NSE at 22:47
1839Completed NSE at 22:47, 1.28s elapsed
1840Nmap scan report for www.wowmodels.info (94.102.51.111)
1841Host is up (0.26s latency).
1842
1843PORT STATE SERVICE VERSION
184480/tcp open http nginx
1845| http-brute:
1846|_ Path "/" does not require authentication
1847|_http-chrono: Request times for /; avg: 833.65ms; min: 689.16ms; max: 1060.01ms
1848|_http-csrf: Couldn't find any CSRF vulnerabilities.
1849|_http-date: Thu, 19 Mar 2020 02:46:30 GMT; -7s from local time.
1850|_http-devframework: Couldn't determine the underlying framework or CMS. Try increasing 'httpspider.maxpagecount' value to spider more pages.
1851|_http-dombased-xss: Couldn't find any DOM based XSS.
1852|_http-drupal-enum: Nothing found amongst the top 100 resources,use --script-args number=<number|all> for deeper analysis)
1853| http-errors:
1854| Spidering limited to: maxpagecount=40; withinhost=www.wowmodels.info
1855| Found the following error pages:
1856|
1857| Error Code: 403
1858|_ http://www.wowmodels.info:80/
1859|_http-feed: Couldn't find any feeds.
1860|_http-fetch: Please enter the complete path of the directory to save data in.
1861| http-headers:
1862| Server: nginx
1863| Date: Thu, 19 Mar 2020 02:46:34 GMT
1864| Content-Type: text/html; charset=iso-8859-1
1865| Transfer-Encoding: chunked
1866| Connection: close
1867| Vary: Accept-Encoding
1868|
1869|_ (Request type: GET)
1870|_http-jsonp-detection: Couldn't find any JSONP endpoints.
1871|_http-mobileversion-checker: No mobile version detected.
1872|_http-security-headers:
1873| http-sitemap-generator:
1874| Directory structure:
1875| Longest directory structure:
1876| Depth: 0
1877| Dir: /
1878| Total files found (by extension):
1879|_
1880|_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
1881|_http-title: 403 Forbidden
1882| http-vhosts:
1883| 126 names had status 200
1884|_www.wowmodels.info : 403
1885|_http-wordpress-enum: Nothing found amongst the top 100 resources,use --script-args search-limit=<number|all> for deeper analysis)
1886|_http-wordpress-users: [Error] Wordpress installation was not found. We couldn't find wp-login.php
1887|_http-xssed: No previously reported XSS vuln.
1888Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1889Device type: WAP|general purpose|specialized|broadband router
1890Running (JUST GUESSING): Linux 2.6.X|2.4.X (96%), Philips embedded (92%), Crestron 2-Series (90%), Asus embedded (87%)
1891OS CPE: cpe:/o:linux:linux_kernel:2.6.22 cpe:/o:linux:linux_kernel:2.4 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel cpe:/o:crestron:2_series cpe:/h:asus:rt-ac66u cpe:/o:linux:linux_kernel:2.6 cpe:/h:asus:rt-n10
1892Aggressive OS guesses: OpenWrt Kamikaze 7.09 (Linux 2.6.22) (96%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (94%), OpenWrt White Russian 0.9 (Linux 2.4.30) (94%), Linux 2.4.18 (92%), Philips Hue Bridge 2.0 (Linux) (92%), Crestron XPanel control system (90%), OpenWrt (Linux 2.4.30 - 2.4.34) (89%), OpenWrt (Linux 2.4.32) (89%), Asus RT-AC66U router (Linux 2.6) (87%), Asus RT-N10 router or AXIS 211A Network Camera (Linux 2.6) (87%)
1893No exact OS matches for host (test conditions non-ideal).
1894Network Distance: 9 hops
1895TCP Sequence Prediction: Difficulty=260 (Good luck!)
1896IP ID Sequence Generation: All zeros
1897
1898TRACEROUTE (using port 80/tcp)
1899HOP RTT ADDRESS
19001 181.10 ms 10.202.1.1
19012 181.14 ms unn-89-187-165-62.cdn77.com (89.187.165.62)
19023 181.16 ms vl1337.fra-itx2-core-1.cdn77.com (185.229.188.4)
19034 181.19 ms he-net.peering.cz (91.213.211.118)
19045 181.19 ms 100ge16-1.core1.fra1.he.net (184.105.213.233)
19056 181.23 ms 100ge6-1.core1.ams1.he.net (72.52.92.5)
19067 ...
19078 294.91 ms 100ge2-1.core1.ams1.he.net (184.104.192.129)
19089 181.27 ms 94.102.51.111
1909
1910NSE: Script Post-scanning.
1911Initiating NSE at 22:47
1912Completed NSE at 22:47, 0.00s elapsed
1913Initiating NSE at 22:47
1914Completed NSE at 22:47, 0.00s elapsed
1915#################################################################################################################################
1916Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 22:54 EDT
1917NSE: Loaded 49 scripts for scanning.
1918NSE: Script Pre-scanning.
1919Initiating NSE at 22:54
1920Completed NSE at 22:54, 0.00s elapsed
1921Initiating NSE at 22:54
1922Completed NSE at 22:54, 0.00s elapsed
1923Initiating Ping Scan at 22:54
1924Scanning www.wowmodels.info (94.102.51.111) [4 ports]
1925Completed Ping Scan at 22:54, 0.27s elapsed (1 total hosts)
1926Initiating Parallel DNS resolution of 1 host. at 22:54
1927Completed Parallel DNS resolution of 1 host. at 22:54, 0.20s elapsed
1928Initiating SYN Stealth Scan at 22:54
1929Scanning www.wowmodels.info (94.102.51.111) [1 port]
1930Discovered open port 110/tcp on 94.102.51.111
1931Completed SYN Stealth Scan at 22:54, 0.27s elapsed (1 total ports)
1932Initiating Service scan at 22:54
1933Scanning 1 service on www.wowmodels.info (94.102.51.111)
1934Completed Service scan at 22:54, 0.51s elapsed (1 service on 1 host)
1935Initiating OS detection (try #1) against www.wowmodels.info (94.102.51.111)
1936Retrying OS detection (try #2) against www.wowmodels.info (94.102.51.111)
1937Initiating Traceroute at 22:54
1938Completed Traceroute at 22:54, 0.29s elapsed
1939Initiating Parallel DNS resolution of 8 hosts. at 22:54
1940Completed Parallel DNS resolution of 8 hosts. at 22:54, 0.22s elapsed
1941NSE: Script scanning 94.102.51.111.
1942Initiating NSE at 22:54
1943NSE Timing: About 68.66% done; ETC: 22:55 (0:00:30 remaining)
1944Completed NSE at 22:55, 90.55s elapsed
1945Initiating NSE at 22:55
1946Completed NSE at 22:55, 0.05s elapsed
1947Nmap scan report for www.wowmodels.info (94.102.51.111)
1948Host is up (0.27s latency).
1949
1950PORT STATE SERVICE VERSION
1951110/tcp open pop3 Dovecot pop3d
1952|_pop3-capabilities: RESP-CODES PIPELINING AUTH-RESP-CODE UIDL STLS USER SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) TOP CAPA
1953Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1954Device type: WAP|general purpose|specialized|broadband router
1955Running (JUST GUESSING): Linux 2.6.X|2.4.X (96%), Philips embedded (90%), Crestron 2-Series (90%), Asus embedded (87%)
1956OS CPE: cpe:/o:linux:linux_kernel:2.6.22 cpe:/o:linux:linux_kernel:2.4 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel cpe:/o:crestron:2_series cpe:/h:asus:rt-ac66u cpe:/o:linux:linux_kernel:2.6 cpe:/h:asus:rt-n10
1957Aggressive OS guesses: OpenWrt Kamikaze 7.09 (Linux 2.6.22) (96%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (94%), OpenWrt White Russian 0.9 (Linux 2.4.30) (94%), Linux 2.4.18 (92%), Philips Hue Bridge 2.0 (Linux) (90%), Crestron XPanel control system (90%), OpenWrt (Linux 2.4.30 - 2.4.34) (89%), OpenWrt (Linux 2.4.32) (89%), Asus RT-AC66U router (Linux 2.6) (87%), Asus RT-N10 router or AXIS 211A Network Camera (Linux 2.6) (87%)
1958No exact OS matches for host (test conditions non-ideal).
1959Network Distance: 8 hops
1960TCP Sequence Prediction: Difficulty=247 (Good luck!)
1961IP ID Sequence Generation: All zeros
1962
1963TRACEROUTE (using port 110/tcp)
1964HOP RTT ADDRESS
19651 289.36 ms 10.202.1.1
19662 289.39 ms unn-89-187-165-62.cdn77.com (89.187.165.62)
19673 289.40 ms vl1337.fra-itx2-core-1.cdn77.com (185.229.188.4)
19684 289.44 ms he-net.peering.cz (91.213.211.118)
19695 289.43 ms 100ge16-1.core1.fra1.he.net (184.105.213.233)
19706 289.45 ms 100ge11-1.core1.fra2.he.net (72.52.92.86)
19717 289.50 ms 100ge0-54.core1.ams2.he.net (184.104.192.130)
19728 289.48 ms 94.102.51.111
1973
1974NSE: Script Post-scanning.
1975Initiating NSE at 22:55
1976Completed NSE at 22:55, 0.00s elapsed
1977Initiating NSE at 22:55
1978Completed NSE at 22:55, 0.00s elapsed
1979#################################################################################################################################
1980--------------------------------------------------------
1981<<<Yasuo discovered following vulnerable applications>>>
1982--------------------------------------------------------
1983+------------+-------------------------------------+--------------------------------------------------+-----------+-----------+
1984| App Name | URL to Application | Potential Exploit | Username | Password |
1985+------------+-------------------------------------+--------------------------------------------------+-----------+-----------+
1986| phpMyAdmin | http://94.102.51.111:80/phpmyadmin/ | ./exploits/multi/http/phpmyadmin_preg_replace.rb | Not Found | Not Found |
1987+------------+-------------------------------------+--------------------------------------------------+-----------+-----------+
1988#################################################################################################################################
1989Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 22:29 EDT
1990Nmap scan report for 94.102.51.111
1991Host is up (0.19s latency).
1992Not shown: 466 filtered ports, 1 closed port
1993Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
1994PORT STATE SERVICE VERSION
199522/tcp open ssh OpenSSH 7.4 (protocol 2.0)
1996| ssh-hostkey:
1997| 2048 27:10:8b:2d:55:3f:93:10:9f:ba:60:48:15:2f:0d:a4 (RSA)
1998| 256 0d:61:df:64:d8:cf:76:01:c2:57:79:de:ef:12:b2:8a (ECDSA)
1999|_ 256 e8:da:20:c5:36:c1:5b:ec:a6:43:e9:8b:76:a9:43:96 (ED25519)
200025/tcp open smtp Exim smtpd 4.89
2001| smtp-commands: a13s08.host.com Hello nmap.scanme.org [89.187.165.60], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN CRAM-MD5, CHUNKING, STARTTLS, HELP,
2002|_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
2003| ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
2004| Not valid before: 2018-03-05T07:49:40
2005|_Not valid after: 2028-03-02T07:49:40
2006|_ssl-date: TLS randomness does not represent time
200753/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
2008| dns-nsid:
2009|_ bind.version: 9.9.4-RedHat-9.9.4-51.el7_4.2
201080/tcp open http nginx
2011|_http-generator: Microsoft FrontPage 5.0
2012| http-methods:
2013|_ Potentially risky methods: TRACE
2014|_http-title: Andy Pioneer Top Sites
2015110/tcp open pop3 Dovecot pop3d
2016|_pop3-capabilities: RESP-CODES USER TOP UIDL PIPELINING CAPA AUTH-RESP-CODE STLS SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5)
2017|_ssl-date: TLS randomness does not represent time
2018143/tcp open imap Dovecot imapd
2019|_imap-capabilities: LITERAL+ Pre-login AUTH=PLAIN AUTH=LOGIN SASL-IR ID post-login OK IDLE more have IMAP4rev1 listed AUTH=DIGEST-MD5 capabilities ENABLE STARTTLS AUTH=CRAM-MD5A0001 LOGIN-REFERRALS
2020|_ssl-date: TLS randomness does not represent time
2021465/tcp open ssl/smtp Exim smtpd 4.89
2022|_smtp-commands: SMTP EHLO nmap.scanme.org: failed to receive data: failed to receive data
2023| ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
2024| Not valid before: 2018-03-05T07:49:40
2025|_Not valid after: 2028-03-02T07:49:40
2026|_ssl-date: TLS randomness does not represent time
2027993/tcp open ssl/imaps?
2028|_ssl-date: TLS randomness does not represent time
2029995/tcp open ssl/pop3s?
2030|_ssl-date: TLS randomness does not represent time
2031Aggressive OS guesses: OpenWrt Kamikaze 7.09 (Linux 2.6.22) (97%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (96%), OpenWrt White Russian 0.9 (Linux 2.4.30) (96%), Linux 2.4.18 (90%), Asus RT-AC66U router (Linux 2.6) (89%), Asus RT-N16 WAP (Linux 2.6) (89%), Asus RT-N66U WAP (Linux 2.6) (89%), Tomato 1.28 (Linux 2.6.22) (89%), Philips Hue Bridge 2.0 (Linux) (89%), OpenWrt (Linux 2.4.32) (89%)
2032No exact OS matches for host (test conditions non-ideal).
2033Network Distance: 8 hops
2034Service Info: Host: a13s08.host.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
2035
2036TRACEROUTE (using port 53/tcp)
2037HOP RTT ADDRESS
20381 250.88 ms 10.202.1.1
20392 250.90 ms unn-89-187-165-62.cdn77.com (89.187.165.62)
20403 250.94 ms vl1337.fra-itx2-core-1.cdn77.com (185.229.188.4)
20414 250.95 ms he-net.peering.cz (91.213.211.118)
20425 250.98 ms 100ge16-1.core1.fra1.he.net (184.105.213.233)
20436 250.96 ms 100ge11-1.core1.fra2.he.net (72.52.92.86)
20447 368.60 ms 100ge0-54.core1.ams2.he.net (184.104.192.130)
20458 368.63 ms 94.102.51.111
2046#################################################################################################################################
2047Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 22:33 EDT
2048Nmap scan report for 94.102.51.111
2049Host is up (0.25s latency).
2050Not shown: 13 filtered ports
2051Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
2052PORT STATE SERVICE VERSION
205353/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
205453/udp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
2055| dns-nsid:
2056|_ bind.version: 9.9.4-RedHat-9.9.4-51.el7_4.2
205767/udp open|filtered dhcps
205868/udp open|filtered dhcpc
205969/udp open|filtered tftp
206088/udp open|filtered kerberos-sec
2061123/udp open|filtered ntp
2062137/udp open|filtered netbios-ns
2063138/udp open|filtered netbios-dgm
2064139/udp open|filtered netbios-ssn
2065161/udp open|filtered snmp
2066162/udp open|filtered snmptrap
2067389/udp open|filtered ldap
2068520/udp open|filtered route
20692049/udp open|filtered nfs
2070Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2071Device type: WAP|general purpose|specialized|broadband router
2072Running (JUST GUESSING): Linux 2.6.X|2.4.X (96%), Crestron 2-Series (90%), Philips embedded (89%), Asus embedded (87%)
2073OS CPE: cpe:/o:linux:linux_kernel:2.6.22 cpe:/o:linux:linux_kernel:2.4 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:crestron:2_series cpe:/o:linux:linux_kernel cpe:/h:asus:rt-ac66u cpe:/o:linux:linux_kernel:2.6 cpe:/h:asus:rt-n10
2074Aggressive OS guesses: OpenWrt Kamikaze 7.09 (Linux 2.6.22) (96%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (94%), OpenWrt White Russian 0.9 (Linux 2.4.30) (94%), Linux 2.4.18 (92%), Crestron XPanel control system (90%), OpenWrt (Linux 2.4.30 - 2.4.34) (89%), OpenWrt (Linux 2.4.32) (89%), Philips Hue Bridge 2.0 (Linux) (89%), Asus RT-AC66U router (Linux 2.6) (87%), Asus RT-N10 router or AXIS 211A Network Camera (Linux 2.6) (87%)
2075No exact OS matches for host (test conditions non-ideal).
2076Network Distance: 8 hops
2077Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
2078
2079TRACEROUTE (using port 53/tcp)
2080HOP RTT ADDRESS
20811 260.81 ms 10.202.1.1
20822 260.86 ms unn-89-187-165-62.cdn77.com (89.187.165.62)
20833 260.89 ms vl1337.fra-itx2-core-1.cdn77.com (185.229.188.4)
20844 260.94 ms he-net.peering.cz (91.213.211.118)
20855 260.92 ms 100ge16-1.core1.fra1.he.net (184.105.213.233)
20866 260.94 ms 100ge11-1.core1.fra2.he.net (72.52.92.86)
20877 260.99 ms 100ge0-54.core1.ams2.he.net (184.104.192.130)
20888 261.01 ms 94.102.51.111
2089#################################################################################################################################
2090# general
2091(gen) banner: SSH-2.0-OpenSSH_7.4
2092(gen) software: OpenSSH 7.4
2093(gen) compatibility: OpenSSH 7.3+ (some functionality from 6.6), Dropbear SSH 2016.73+ (some functionality from 0.52)
2094(gen) compression: enabled (zlib@openssh.com)
2095
2096# key exchange algorithms
2097(kex) curve25519-sha256 -- [warn] unknown algorithm
2098(kex) curve25519-sha256@libssh.org -- [info] available since OpenSSH 6.5, Dropbear SSH 2013.62
2099(kex) ecdh-sha2-nistp256 -- [fail] using weak elliptic curves
2100 `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
2101(kex) ecdh-sha2-nistp384 -- [fail] using weak elliptic curves
2102 `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
2103(kex) ecdh-sha2-nistp521 -- [fail] using weak elliptic curves
2104 `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
2105(kex) diffie-hellman-group-exchange-sha256 -- [warn] using custom size modulus (possibly weak)
2106 `- [info] available since OpenSSH 4.4
2107(kex) diffie-hellman-group16-sha512 -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
2108(kex) diffie-hellman-group18-sha512 -- [info] available since OpenSSH 7.3
2109(kex) diffie-hellman-group-exchange-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2110 `- [warn] using weak hashing algorithm
2111 `- [info] available since OpenSSH 2.3.0
2112(kex) diffie-hellman-group14-sha256 -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
2113(kex) diffie-hellman-group14-sha1 -- [warn] using weak hashing algorithm
2114 `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53
2115(kex) diffie-hellman-group1-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2116 `- [fail] disabled (in client) since OpenSSH 7.0, logjam attack
2117 `- [warn] using small 1024-bit modulus
2118 `- [warn] using weak hashing algorithm
2119 `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
2120
2121# host-key algorithms
2122(key) ssh-rsa -- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
2123(key) rsa-sha2-512 -- [info] available since OpenSSH 7.2
2124(key) rsa-sha2-256 -- [info] available since OpenSSH 7.2
2125(key) ecdsa-sha2-nistp256 -- [fail] using weak elliptic curves
2126 `- [warn] using weak random number generator could reveal the key
2127 `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
2128(key) ssh-ed25519 -- [info] available since OpenSSH 6.5
2129
2130# encryption algorithms (ciphers)
2131(enc) chacha20-poly1305@openssh.com -- [info] available since OpenSSH 6.5
2132 `- [info] default cipher since OpenSSH 6.9.
2133(enc) aes128-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
2134(enc) aes192-ctr -- [info] available since OpenSSH 3.7
2135(enc) aes256-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
2136(enc) aes128-gcm@openssh.com -- [info] available since OpenSSH 6.2
2137(enc) aes256-gcm@openssh.com -- [info] available since OpenSSH 6.2
2138(enc) aes128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2139 `- [warn] using weak cipher mode
2140 `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
2141(enc) aes192-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2142 `- [warn] using weak cipher mode
2143 `- [info] available since OpenSSH 2.3.0
2144(enc) aes256-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2145 `- [warn] using weak cipher mode
2146 `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.47
2147(enc) blowfish-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2148 `- [fail] disabled since Dropbear SSH 0.53
2149 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2150 `- [warn] using weak cipher mode
2151 `- [warn] using small 64-bit block size
2152 `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
2153(enc) cast128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2154 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2155 `- [warn] using weak cipher mode
2156 `- [warn] using small 64-bit block size
2157 `- [info] available since OpenSSH 2.1.0
2158(enc) 3des-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2159 `- [warn] using weak cipher
2160 `- [warn] using weak cipher mode
2161 `- [warn] using small 64-bit block size
2162 `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
2163
2164# message authentication code algorithms
2165(mac) umac-64-etm@openssh.com -- [warn] using small 64-bit tag size
2166 `- [info] available since OpenSSH 6.2
2167(mac) umac-128-etm@openssh.com -- [info] available since OpenSSH 6.2
2168(mac) hmac-sha2-256-etm@openssh.com -- [info] available since OpenSSH 6.2
2169(mac) hmac-sha2-512-etm@openssh.com -- [info] available since OpenSSH 6.2
2170(mac) hmac-sha1-etm@openssh.com -- [warn] using weak hashing algorithm
2171 `- [info] available since OpenSSH 6.2
2172(mac) umac-64@openssh.com -- [warn] using encrypt-and-MAC mode
2173 `- [warn] using small 64-bit tag size
2174 `- [info] available since OpenSSH 4.7
2175(mac) umac-128@openssh.com -- [warn] using encrypt-and-MAC mode
2176 `- [info] available since OpenSSH 6.2
2177(mac) hmac-sha2-256 -- [warn] using encrypt-and-MAC mode
2178 `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
2179(mac) hmac-sha2-512 -- [warn] using encrypt-and-MAC mode
2180 `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
2181(mac) hmac-sha1 -- [warn] using encrypt-and-MAC mode
2182 `- [warn] using weak hashing algorithm
2183 `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
2184
2185# algorithm recommendations (for OpenSSH 7.4)
2186(rec) -diffie-hellman-group14-sha1 -- kex algorithm to remove
2187(rec) -ecdh-sha2-nistp256 -- kex algorithm to remove
2188(rec) -diffie-hellman-group-exchange-sha256 -- kex algorithm to remove
2189(rec) -diffie-hellman-group1-sha1 -- kex algorithm to remove
2190(rec) -diffie-hellman-group-exchange-sha1 -- kex algorithm to remove
2191(rec) -ecdh-sha2-nistp521 -- kex algorithm to remove
2192(rec) -ecdh-sha2-nistp384 -- kex algorithm to remove
2193(rec) -ecdsa-sha2-nistp256 -- key algorithm to remove
2194(rec) -blowfish-cbc -- enc algorithm to remove
2195(rec) -3des-cbc -- enc algorithm to remove
2196(rec) -aes256-cbc -- enc algorithm to remove
2197(rec) -cast128-cbc -- enc algorithm to remove
2198(rec) -aes192-cbc -- enc algorithm to remove
2199(rec) -aes128-cbc -- enc algorithm to remove
2200(rec) -hmac-sha2-512 -- mac algorithm to remove
2201(rec) -umac-128@openssh.com -- mac algorithm to remove
2202(rec) -hmac-sha2-256 -- mac algorithm to remove
2203(rec) -umac-64@openssh.com -- mac algorithm to remove
2204(rec) -hmac-sha1 -- mac algorithm to remove
2205(rec) -hmac-sha1-etm@openssh.com -- mac algorithm to remove
2206(rec) -umac-64-etm@openssh.com -- mac algorithm to remove
2207##################################################################################################################################
2208Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 22:38 EDT
2209NSE: [ssh-run] Failed to specify credentials and command to run.
2210Nmap scan report for 94.102.51.111
2211Host is up (0.21s latency).
2212
2213PORT STATE SERVICE VERSION
221422/tcp open ssh OpenSSH 7.4 (protocol 2.0)
2215| ssh-auth-methods:
2216| Supported authentication methods:
2217| publickey
2218| gssapi-keyex
2219| gssapi-with-mic
2220|_ password
2221|_ssh-publickey-acceptance: ERROR: Script execution failed (use -d to debug)
2222|_ssh-run: Failed to specify credentials and command to run.
2223Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2224Device type: WAP|general purpose|specialized|broadband router
2225Running (JUST GUESSING): Linux 2.6.X|2.4.X (96%), Philips embedded (92%), Crestron 2-Series (90%), Asus embedded (87%)
2226OS CPE: cpe:/o:linux:linux_kernel:2.6.22 cpe:/o:linux:linux_kernel:2.4 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel cpe:/o:crestron:2_series cpe:/h:asus:rt-ac66u cpe:/o:linux:linux_kernel:2.6 cpe:/h:asus:rt-n10
2227Aggressive OS guesses: OpenWrt Kamikaze 7.09 (Linux 2.6.22) (96%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (94%), OpenWrt White Russian 0.9 (Linux 2.4.30) (94%), Linux 2.4.18 (92%), Philips Hue Bridge 2.0 (Linux) (92%), Crestron XPanel control system (90%), OpenWrt (Linux 2.4.30 - 2.4.34) (89%), OpenWrt (Linux 2.4.32) (89%), Asus RT-AC66U router (Linux 2.6) (87%), Asus RT-N10 router or AXIS 211A Network Camera (Linux 2.6) (87%)
2228No exact OS matches for host (test conditions non-ideal).
2229Network Distance: 9 hops
2230
2231TRACEROUTE (using port 22/tcp)
2232HOP RTT ADDRESS
22331 287.09 ms 10.202.1.1
22342 287.16 ms unn-89-187-165-62.cdn77.com (89.187.165.62)
22353 287.20 ms vl1337.fra-itx2-core-1.cdn77.com (185.229.188.4)
22364 287.24 ms he-net.peering.cz (91.213.211.118)
22375 287.23 ms 100ge16-1.core1.fra1.he.net (184.105.213.233)
22386 287.39 ms 100ge6-1.core1.ams1.he.net (72.52.92.5)
22397 ...
22408 287.27 ms 100ge2-1.core1.ams1.he.net (184.104.192.129)
22419 287.31 ms 94.102.51.111
2242#################################################################################################################################
2243Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 22:48 EDT
2244NSE: [smtp-brute] usernames: Time limit 3m00s exceeded.
2245NSE: [smtp-brute] usernames: Time limit 3m00s exceeded.
2246NSE: [smtp-brute] passwords: Time limit 3m00s exceeded.
2247Nmap scan report for 94.102.51.111
2248Host is up (0.20s latency).
2249
2250PORT STATE SERVICE VERSION
225125/tcp open smtp Exim smtpd 4.89
2252| smtp-brute:
2253| Accounts: No valid accounts found
2254|_ Statistics: Performed 1792 guesses in 181 seconds, average tps: 9.5
2255| smtp-commands: a13s08.host.com Hello nmap.scanme.org [89.187.165.60], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN CRAM-MD5, CHUNKING, STARTTLS, HELP,
2256|_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
2257| smtp-enum-users:
2258|_ Couldn't find any accounts
2259|_smtp-open-relay: SMTP EHLO nmap.scanme.org: failed to receive data: connection closed
2260| smtp-vuln-cve2010-4344:
2261| Exim version: 4.89
2262| Exim heap overflow vulnerability (CVE-2010-4344):
2263| Exim (CVE-2010-4344): NOT VULNERABLE
2264| Exim privileges escalation vulnerability (CVE-2010-4345):
2265| Exim (CVE-2010-4345): NOT VULNERABLE
2266|_ To confirm and exploit the vulnerabilities, run with --script-args='smtp-vuln-cve2010-4344.exploit'
2267Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2268Device type: WAP|general purpose|specialized|broadband router
2269Running (JUST GUESSING): Linux 2.6.X|2.4.X (96%), Philips embedded (92%), Crestron 2-Series (90%), Asus embedded (87%)
2270OS CPE: cpe:/o:linux:linux_kernel:2.6.22 cpe:/o:linux:linux_kernel:2.4 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel cpe:/o:crestron:2_series cpe:/h:asus:rt-ac66u cpe:/o:linux:linux_kernel:2.6 cpe:/h:asus:rt-n10
2271Aggressive OS guesses: OpenWrt Kamikaze 7.09 (Linux 2.6.22) (96%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (94%), OpenWrt White Russian 0.9 (Linux 2.4.30) (94%), Linux 2.4.18 (92%), Philips Hue Bridge 2.0 (Linux) (92%), Crestron XPanel control system (90%), OpenWrt (Linux 2.4.30 - 2.4.34) (89%), OpenWrt (Linux 2.4.32) (89%), Asus RT-AC66U router (Linux 2.6) (87%), Asus RT-N10 router or AXIS 211A Network Camera (Linux 2.6) (87%)
2272No exact OS matches for host (test conditions non-ideal).
2273Network Distance: 8 hops
2274Service Info: Host: a13s08.host.com
2275
2276TRACEROUTE (using port 25/tcp)
2277HOP RTT ADDRESS
22781 250.05 ms 10.202.1.1
22792 364.25 ms unn-89-187-165-62.cdn77.com (89.187.165.62)
22803 364.28 ms vl1337.fra-itx2-core-1.cdn77.com (185.229.188.4)
22814 364.30 ms he-net.peering.cz (91.213.211.118)
22825 364.30 ms 100ge16-1.core1.fra1.he.net (184.105.213.233)
22836 364.32 ms 100ge11-1.core1.fra2.he.net (72.52.92.86)
22847 364.33 ms 100ge0-54.core1.ams2.he.net (184.104.192.130)
22858 364.35 ms 94.102.51.111
2286#################################################################################################################################
2287Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 22:54 EDT
2288Nmap scan report for 94.102.51.111
2289Host is up (0.24s latency).
2290
2291PORT STATE SERVICE VERSION
229253/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
2293|_dns-fuzz: Server didn't response to our probe, can't fuzz
2294|_dns-nsec-enum: Can't determine domain for host 94.102.51.111; use dns-nsec-enum.domains script arg.
2295|_dns-nsec3-enum: Can't determine domain for host 94.102.51.111; use dns-nsec3-enum.domains script arg.
2296| dns-nsid:
2297|_ bind.version: 9.9.4-RedHat-9.9.4-51.el7_4.2
2298Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2299Device type: WAP|general purpose|specialized|broadband router
2300Running (JUST GUESSING): Linux 2.6.X|2.4.X (96%), Philips embedded (90%), Crestron 2-Series (90%), Asus embedded (87%)
2301OS CPE: cpe:/o:linux:linux_kernel:2.6.22 cpe:/o:linux:linux_kernel:2.4 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel cpe:/o:crestron:2_series cpe:/h:asus:rt-ac66u cpe:/o:linux:linux_kernel:2.6 cpe:/h:asus:rt-n10
2302Aggressive OS guesses: OpenWrt Kamikaze 7.09 (Linux 2.6.22) (96%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (94%), OpenWrt White Russian 0.9 (Linux 2.4.30) (94%), Linux 2.4.18 (92%), Philips Hue Bridge 2.0 (Linux) (90%), Crestron XPanel control system (90%), OpenWrt (Linux 2.4.30 - 2.4.34) (89%), OpenWrt (Linux 2.4.32) (89%), Asus RT-AC66U router (Linux 2.6) (87%), Asus RT-N10 router or AXIS 211A Network Camera (Linux 2.6) (87%)
2303No exact OS matches for host (test conditions non-ideal).
2304Network Distance: 8 hops
2305Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
2306
2307Host script results:
2308| dns-blacklist:
2309| SPAM
2310|_ l2.apews.org - SPAM
2311|_dns-brute: Can't guess domain of "94.102.51.111"; use dns-brute.domain script argument.
2312
2313TRACEROUTE (using port 53/tcp)
2314HOP RTT ADDRESS
23151 274.67 ms 10.202.1.1
23162 274.70 ms unn-89-187-165-62.cdn77.com (89.187.165.62)
23173 274.72 ms vl1337.fra-itx2-core-1.cdn77.com (185.229.188.4)
23184 274.77 ms he-net.peering.cz (91.213.211.118)
23195 274.75 ms 100ge16-1.core1.fra1.he.net (184.105.213.233)
23206 274.77 ms 100ge11-1.core1.fra2.he.net (72.52.92.86)
23217 274.81 ms 100ge0-54.core1.ams2.he.net (184.104.192.130)
23228 274.87 ms 94.102.51.111
2323#################################################################################################################################
2324Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 22:54 EDT
2325Nmap scan report for 94.102.51.111
2326Host is up (0.064s latency).
2327
2328PORT STATE SERVICE VERSION
232967/tcp filtered dhcps
233067/udp open|filtered dhcps
2331|_dhcp-discover: ERROR: Script execution failed (use -d to debug)
2332Too many fingerprints match this host to give specific OS details
2333Network Distance: 8 hops
2334
2335TRACEROUTE (using proto 1/icmp)
2336HOP RTT ADDRESS
23371 170.39 ms 10.202.1.1
23382 170.43 ms unn-89-187-165-62.cdn77.com (89.187.165.62)
23393 170.44 ms vl1337.fra-itx2-core-1.cdn77.com (185.229.188.4)
23404 170.47 ms he-net.peering.cz (91.213.211.118)
23415 170.46 ms 100ge16-1.core1.fra1.he.net (184.105.213.233)
23426 170.48 ms 100ge6-1.core1.ams1.he.net (72.52.92.5)
23437 ...
23448 170.53 ms 94.102.51.111
2345#################################################################################################################################
2346Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 22:56 EDT
2347Nmap scan report for 94.102.51.111
2348Host is up (0.18s latency).
2349
2350PORT STATE SERVICE VERSION
235168/tcp filtered dhcpc
235268/udp open|filtered dhcpc
2353Too many fingerprints match this host to give specific OS details
2354Network Distance: 8 hops
2355
2356TRACEROUTE (using proto 1/icmp)
2357HOP RTT ADDRESS
23581 148.05 ms 10.202.1.1
23592 148.09 ms unn-89-187-165-62.cdn77.com (89.187.165.62)
23603 263.39 ms vl1337.fra-itx2-core-1.cdn77.com (185.229.188.4)
23614 263.45 ms he-net.peering.cz (91.213.211.118)
23625 263.44 ms 100ge16-1.core1.fra1.he.net (184.105.213.233)
23636 263.48 ms 100ge6-1.core1.ams1.he.net (72.52.92.5)
23647 ...
23658 263.54 ms 94.102.51.111
2366#################################################################################################################################
2367Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 22:58 EDT
2368Nmap scan report for 94.102.51.111
2369Host is up (0.070s latency).
2370
2371PORT STATE SERVICE VERSION
237269/tcp filtered tftp
237369/udp open|filtered tftp
2374Too many fingerprints match this host to give specific OS details
2375Network Distance: 8 hops
2376
2377TRACEROUTE (using proto 1/icmp)
2378HOP RTT ADDRESS
23791 198.07 ms 10.202.1.1
23802 198.11 ms unn-89-187-165-62.cdn77.com (89.187.165.62)
23813 198.13 ms vl1337.fra-itx2-core-1.cdn77.com (185.229.188.4)
23824 198.17 ms he-net.peering.cz (91.213.211.118)
23835 198.16 ms 100ge16-1.core1.fra1.he.net (184.105.213.233)
23846 198.19 ms 100ge6-1.core1.ams1.he.net (72.52.92.5)
23857 ...
23868 198.31 ms 94.102.51.111
2387#################################################################################################################################
2388
2389wig - WebApp Information Gatherer
2390
2391
2392Scanning http://94.102.51.111...
2393________________________________________ SITE INFO _________________________________________
2394IP Title
239594.102.51.111 Andy Pioneer Top Sites
2396
2397_________________________________________ VERSION __________________________________________
2398Name Versions Type
2399phpMyAdmin 4_4_15_8 CMS
2400Apache 2.4.10 | 2.4.11 | 2.4.12 | 2.4.5 | 2.4.6 | 2.4.7 | 2.4.8 Platform
2401 2.4.9
2402PHP 5.4.45 Platform
2403nginx Platform
2404FreeBSD 10 | 11 OS
2405OpenBSD 5.9 OS
2406
2407____________________________________________________________________________________________
2408Time: 1.1 sec Urls: 714 Fingerprints: 40401
2409#################################################################################################################################
2410HTTP/1.1 200 OK
2411Server: nginx
2412Date: Thu, 19 Mar 2020 03:00:23 GMT
2413Content-Type: text/html
2414Connection: keep-alive
2415Vary: Accept-Encoding
2416
2417HTTP/1.1 200 OK
2418Server: nginx
2419Date: Thu, 19 Mar 2020 03:00:24 GMT
2420Content-Type: text/html
2421Connection: keep-alive
2422Vary: Accept-Encoding
2423#################################################################################################################################
2424Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 23:00 EDT
2425NSE: [pop3-brute] usernames: Time limit 3m00s exceeded.
2426NSE: [pop3-brute] usernames: Time limit 3m00s exceeded.
2427NSE: [pop3-brute] passwords: Time limit 3m00s exceeded.
2428Nmap scan report for 94.102.51.111
2429Host is up (0.21s latency).
2430
2431PORT STATE SERVICE VERSION
2432110/tcp open pop3 Dovecot pop3d
2433| pop3-brute:
2434| Accounts: No valid accounts found
2435|_ Statistics: Performed 215 guesses in 196 seconds, average tps: 1.2
2436|_pop3-capabilities: TOP UIDL AUTH-RESP-CODE PIPELINING CAPA RESP-CODES SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) USER STLS
2437Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2438Device type: WAP|general purpose|specialized|broadband router
2439Running (JUST GUESSING): Linux 2.6.X|2.4.X (96%), Philips embedded (90%), Crestron 2-Series (89%), Toshiba embedded (86%), Asus embedded (86%)
2440OS CPE: cpe:/o:linux:linux_kernel:2.6.22 cpe:/o:linux:linux_kernel:2.4 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel cpe:/o:crestron:2_series cpe:/h:toshiba:magnia_sg10 cpe:/h:asus:rt-ac66u cpe:/o:linux:linux_kernel:2.6
2441Aggressive OS guesses: OpenWrt Kamikaze 7.09 (Linux 2.6.22) (96%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (94%), OpenWrt White Russian 0.9 (Linux 2.4.30) (94%), Linux 2.4.18 (92%), Philips Hue Bridge 2.0 (Linux) (90%), Crestron XPanel control system (89%), OpenWrt (Linux 2.4.30 - 2.4.34) (88%), OpenWrt (Linux 2.4.32) (88%), Toshiba Magnia SG10 server appliance (Linux 2.4.18) (86%), Asus RT-AC66U router (Linux 2.6) (86%)
2442No exact OS matches for host (test conditions non-ideal).
2443Network Distance: 8 hops
2444
2445TRACEROUTE (using port 110/tcp)
2446HOP RTT ADDRESS
24471 247.55 ms 10.202.1.1
24482 247.58 ms unn-89-187-165-62.cdn77.com (89.187.165.62)
24493 247.59 ms vl1337.fra-itx2-core-1.cdn77.com (185.229.188.4)
24504 247.61 ms he-net.peering.cz (91.213.211.118)
24515 364.57 ms 100ge16-1.core1.fra1.he.net (184.105.213.233)
24526 247.63 ms 100ge11-1.core1.fra2.he.net (72.52.92.86)
24537 247.65 ms 100ge0-54.core1.ams2.he.net (184.104.192.130)
24548 364.57 ms 94.102.51.111
2455#################################################################################################################################
2456Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 23:04 EDT
2457Nmap scan report for 94.102.51.111
2458Host is up (0.20s latency).
2459
2460PORT STATE SERVICE VERSION
2461123/tcp filtered ntp
2462123/udp open|filtered ntp
2463Too many fingerprints match this host to give specific OS details
2464Network Distance: 8 hops
2465
2466TRACEROUTE (using proto 1/icmp)
2467HOP RTT ADDRESS
24681 249.17 ms 10.202.1.1
24692 249.20 ms unn-89-187-165-62.cdn77.com (89.187.165.62)
24703 249.22 ms vl1337.fra-itx2-core-1.cdn77.com (185.229.188.4)
24714 249.25 ms he-net.peering.cz (91.213.211.118)
24725 362.92 ms 100ge16-1.core1.fra1.he.net (184.105.213.233)
24736 249.28 ms 100ge6-1.core1.ams1.he.net (72.52.92.5)
24747 ...
24758 249.33 ms 94.102.51.111
2476#################################################################################################################################
2477--------------------------------------------------------
2478<<<Yasuo discovered following vulnerable applications>>>
2479--------------------------------------------------------
2480+------------+-------------------------------------+--------------------------------------------------+-----------+-----------+
2481| App Name | URL to Application | Potential Exploit | Username | Password |
2482+------------+-------------------------------------+--------------------------------------------------+-----------+-----------+
2483| phpMyAdmin | http://94.102.51.111:80/phpmyadmin/ | ./exploits/multi/http/phpmyadmin_preg_replace.rb | Not Found | Not Found |
2484+------------+-------------------------------------+--------------------------------------------------+-----------+-----------+
2485#################################################################################################################################
2486Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 23:10 EDT
2487Nmap scan report for 94.102.51.111
2488Host is up (0.18s latency).
2489Not shown: 64514 filtered ports, 1012 closed ports
2490PORT STATE SERVICE VERSION
249122/tcp open ssh?
2492|_ssh-hostkey: ERROR: Script execution failed (use -d to debug)
249325/tcp open smtp Exim smtpd 4.89
2494| smtp-commands: a13s08.host.com Hello nmap.scanme.org [89.187.165.60], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN CRAM-MD5, CHUNKING, STARTTLS, HELP,
2495|_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
2496| ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
2497| Not valid before: 2018-03-05T07:49:40
2498|_Not valid after: 2028-03-02T07:49:40
2499|_ssl-date: TLS randomness does not represent time
250053/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
2501| dns-nsid:
2502|_ bind.version: 9.9.4-RedHat-9.9.4-51.el7_4.2
250380/tcp open http nginx
2504|_http-generator: Microsoft FrontPage 5.0
2505| http-methods:
2506|_ Potentially risky methods: TRACE
2507|_http-title: Andy Pioneer Top Sites
2508110/tcp open pop3 Dovecot pop3d
2509|_pop3-capabilities: UIDL TOP PIPELINING CAPA SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) RESP-CODES USER STLS AUTH-RESP-CODE
2510|_ssl-date: TLS randomness does not represent time
2511143/tcp open imap Dovecot imapd
2512|_imap-capabilities: AUTH=CRAM-MD5A0001 AUTH=DIGEST-MD5 STARTTLS capabilities more LOGIN-REFERRALS have IDLE listed ENABLE Pre-login LITERAL+ OK SASL-IR IMAP4rev1 post-login ID AUTH=LOGIN AUTH=PLAIN
2513|_ssl-date: TLS randomness does not represent time
2514465/tcp open ssl/smtp Exim smtpd 4.89
2515|_smtp-commands: SMTP EHLO nmap.scanme.org: failed to receive data: failed to receive data
2516| ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
2517| Not valid before: 2018-03-05T07:49:40
2518|_Not valid after: 2028-03-02T07:49:40
2519|_ssl-date: TLS randomness does not represent time
2520993/tcp open ssl/imaps?
2521|_ssl-date: TLS randomness does not represent time
2522995/tcp open ssl/pop3s?
2523|_ssl-date: TLS randomness does not represent time
2524Aggressive OS guesses: OpenWrt Kamikaze 7.09 (Linux 2.6.22) (97%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (96%), OpenWrt White Russian 0.9 (Linux 2.4.30) (96%), Linux 2.4.18 (93%), Asus RT-AC66U router (Linux 2.6) (92%), Asus RT-N16 WAP (Linux 2.6) (92%), Asus RT-N66U WAP (Linux 2.6) (92%), Tomato 1.28 (Linux 2.6.22) (92%), OpenWrt Attitude Adjustment 12.09 (Linux 3.3) (90%), Philips Hue Bridge 2.0 (Linux) (90%)
2525No exact OS matches for host (test conditions non-ideal).
2526Network Distance: 8 hops
2527Service Info: Host: a13s08.host.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
2528
2529TRACEROUTE (using port 443/tcp)
2530HOP RTT ADDRESS
25311 247.75 ms 10.202.1.1
25322 247.78 ms unn-89-187-165-62.cdn77.com (89.187.165.62)
25333 247.80 ms vl1337.fra-itx2-core-1.cdn77.com (185.229.188.4)
25344 247.82 ms he-net.peering.cz (91.213.211.118)
25355 247.82 ms 100ge16-1.core1.fra1.he.net (184.105.213.233)
25366 247.85 ms 100ge11-1.core1.fra2.he.net (72.52.92.86)
25377 247.87 ms 100ge0-54.core1.ams2.he.net (184.104.192.130)
25388 247.88 ms 94.102.51.111
2539#################################################################################################################################
2540Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 23:21 EDT
2541Nmap scan report for 94.102.51.111
2542Host is up (0.17s latency).
2543
2544PORT STATE SERVICE VERSION
254553/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
254667/tcp filtered dhcps
254768/tcp filtered dhcpc
254869/tcp filtered tftp
254988/tcp filtered kerberos-sec
2550123/tcp filtered ntp
2551137/tcp filtered netbios-ns
2552138/tcp filtered netbios-dgm
2553139/tcp filtered netbios-ssn
2554161/tcp filtered snmp
2555162/tcp filtered snmptrap
2556389/tcp filtered ldap
2557520/tcp filtered efs
25582049/tcp filtered nfs
255953/udp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
2560| dns-nsid:
2561|_ bind.version: 9.9.4-RedHat-9.9.4-51.el7_4.2
256267/udp open|filtered dhcps
256368/udp open|filtered dhcpc
256469/udp open|filtered tftp
256588/udp open|filtered kerberos-sec
2566123/udp open|filtered ntp
2567137/udp open|filtered netbios-ns
2568138/udp open|filtered netbios-dgm
2569139/udp open|filtered netbios-ssn
2570161/udp open|filtered snmp
2571162/udp open|filtered snmptrap
2572389/udp open|filtered ldap
2573520/udp open|filtered route
25742049/udp open|filtered nfs
2575Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2576Aggressive OS guesses: OpenWrt Kamikaze 7.09 (Linux 2.6.22) (97%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (96%), OpenWrt White Russian 0.9 (Linux 2.4.30) (96%), OpenWrt (Linux 2.4.32) (92%), Linux 2.6.24 (91%), Philips Hue Bridge 2.0 (Linux) (91%), OpenWrt (Linux 2.4.30 - 2.4.34) (90%), Crestron XPanel control system (90%), Linux 2.4.18 (90%), Toshiba Magnia SG10 server appliance (Linux 2.4.18) (89%)
2577No exact OS matches for host (test conditions non-ideal).
2578Network Distance: 8 hops
2579Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
2580
2581TRACEROUTE (using port 53/tcp)
2582HOP RTT ADDRESS
25831 249.44 ms 10.202.1.1
25842 363.51 ms unn-89-187-165-62.cdn77.com (89.187.165.62)
25853 363.57 ms vl1337.fra-itx2-core-1.cdn77.com (185.229.188.4)
25864 363.61 ms he-net.peering.cz (91.213.211.118)
25875 363.60 ms 100ge16-1.core1.fra1.he.net (184.105.213.233)
25886 363.65 ms 100ge11-1.core1.fra2.he.net (72.52.92.86)
25897 363.73 ms 100ge0-54.core1.ams2.he.net (184.104.192.130)
25908 363.69 ms 94.102.51.111
2591#################################################################################################################################
2592Hosts
2593=====
2594
2595address mac name os_name os_flavor os_sp purpose info comments
2596------- --- ---- ------- --------- ----- ------- ---- --------
25973.83.211.23 ec2-3-83-211-23.compute-1.amazonaws.com embedded device
25983.216.98.236 ec2-3-216-98-236.compute-1.amazonaws.com Linux 3.X server
259934.224.171.238 ec2-34-224-171-238.compute-1.amazonaws.com Linux server
260034.236.0.217 ec2-34-236-0-217.compute-1.amazonaws.com Linux 3.X server
260134.253.89.155 ec2-34-253-89-155.eu-west-1.compute.amazonaws.com Linux 4.X server
260237.1.207.121 teens-sins.net 2-Series 3.X device
260343.245.223.4 Linux 2.6.X server
260445.60.47.218 Linux 3.X server
260545.88.202.111 Linux 3.X server
260645.239.108.252 whale.ecohosting.cl Linux 3.X server
260752.1.2.24 ec2-52-1-2-24.compute-1.amazonaws.com Linux server
260852.1.174.10 ec2-52-1-174-10.compute-1.amazonaws.com Linux 3.X server
260952.30.54.73 ec2-52-30-54-73.eu-west-1.compute.amazonaws.com Linux 4.X server
261052.52.234.222 ec2-52-52-234-222.us-west-1.compute.amazonaws.com Unknown device
261154.72.57.25 ec2-54-72-57-25.eu-west-1.compute.amazonaws.com Linux 4.X server
261254.85.59.109 ec2-54-85-59-109.compute-1.amazonaws.com Linux 3.X server
261354.194.134.190 ec2-54-194-134-190.eu-west-1.compute.amazonaws.com Linux 4.X server
261464.69.94.253 Unknown device
261569.163.233.4 ps54052.dreamhostps.com Linux 14.04 server
261674.117.180.192 embedded device
261782.94.222.131 Unknown device
261892.123.250.35 a92-123-250-35.deploy.static.akamaitechnologies.com embedded device
261992.123.250.65 a92-123-250-65.deploy.static.akamaitechnologies.com Linux 3.X server
262094.102.51.111 Linux 2.6.X server
262194.102.51.112 no-reverse-dns-configured.com Linux 2.6.X server
2622104.244.73.40 Unknown device
2623104.244.76.231 Linux 3.X server
2624104.244.77.188 Linux 3.X server
2625104.244.79.89 Linux 3.X server
2626107.180.28.114 ip-107-180-28-114.ip.secureserver.net Unknown device
2627111.90.145.39 web16.support-emilid.com Linux 2.6.X server
2628143.95.110.248 ip-143-95-110-248.iplocal Linux 3.X server
2629149.126.72.220 149.126.72.220.ip.incapdns.net Linux 3.X server
2630151.106.38.107 ns3152160.ip-151-106-38.eu embedded device
2631158.69.13.254 ip254.ip-158-69-13.net 2-Series 2.6.X device
2632162.244.35.13 xnlog.com FreeBSD 7.X device
2633163.247.48.46 Unknown device
2634163.247.127.20 Unknown device
2635163.247.130.114 embedded device
2636163.247.175.176 Unknown device
2637165.22.143.229 Linux 2.6.X server
2638165.227.99.239 Linux 3.X server
2639169.239.218.20 cp10.domains.co.za Linux 2.6.X server
2640173.214.244.169 173.214.244.169.serverel.net Unknown device
2641174.142.53.51 mail.marineland.ca Linux 3.X server
2642186.64.118.40 mail.blue127.dnsmisitio.net embedded device
2643190.98.209.37 static.190.98.209.37.gtdinternet.com Unknown device
2644190.107.177.35 srv25.cpanelhost.cl Linux 2.6.X server
2645190.110.121.175 todofutbol.hn.cl Unknown device
2646190.153.209.187 static.190.153.209.187.gtdinternet.com Unknown device
2647190.153.219.254 mail.evopoli.cl Linux 3.X server
2648192.185.134.58 ns36.accountservergroup.com Linux 3.X server
2649199.38.245.243 embedded device
2650200.2.249.28 Linux 3.X server
2651200.10.251.82 homer.sii.cl Unknown device
2652200.12.19.101 embedded device
2653200.29.0.33 cp33.puntoweb.cl Unknown device
2654200.54.92.108 Linux 9.0 server
2655200.54.230.247 plesk.tdata.cloud Linux 3.X server
2656200.55.198.228 Linux 2.4.X server
2657200.68.30.227 mail.gorecoquimbo.cl Unknown device
2658200.68.34.99 Unknown device
2659200.73.54.34 mail.maxtel.cl Linux 2.6.X server
2660200.91.40.252 200-91-40-252.avz.cl Unknown device
2661200.91.41.5 cruzblanca.cl Unknown device
2662200.126.100.83 toqui.gorearaucania.cl Unknown device
2663201.159.170.136 soloweb.sinc.cl Unknown device
2664204.93.193.141 suzuka.mochahost.com Unknown device
2665206.48.140.40 Unknown device
2666207.246.147.189 2-Series device
2667207.246.147.190 Linux 4.X server
2668207.246.147.247 Linux 4.X server
2669207.246.147.248 Linux 4.X server
2670211.13.196.135 sv3.isle.ne.jp Linux 2.6.X server
2671212.174.0.150 Windows 2012 server
2672216.172.184.117 Linux 3.X server
2673218.45.5.97 www.town.koya.wakayama.jp Linux 2.6.X server
2674#################################################################################################################################
2675Services
2676========
2677
2678host port proto name state info
2679---- ---- ----- ---- ----- ----
26803.83.211.23 53 tcp domain filtered
26813.83.211.23 53 udp domain unknown
26823.83.211.23 67 tcp dhcps filtered
26833.83.211.23 67 udp dhcps unknown
26843.83.211.23 68 tcp dhcpc filtered
26853.83.211.23 68 udp dhcpc unknown
26863.83.211.23 69 tcp tftp filtered
26873.83.211.23 69 udp tftp unknown
26883.83.211.23 80 tcp http open Microsoft IIS httpd 10.0
26893.83.211.23 88 tcp kerberos-sec filtered
26903.83.211.23 88 udp kerberos-sec unknown
26913.83.211.23 123 tcp ntp filtered
26923.83.211.23 123 udp ntp unknown
26933.83.211.23 137 tcp netbios-ns filtered
26943.83.211.23 137 udp netbios-ns unknown
26953.83.211.23 138 tcp netbios-dgm filtered
26963.83.211.23 138 udp netbios-dgm unknown
26973.83.211.23 139 tcp netbios-ssn filtered
26983.83.211.23 139 udp netbios-ssn unknown
26993.83.211.23 161 tcp snmp filtered
27003.83.211.23 161 udp snmp unknown
27013.83.211.23 162 tcp snmptrap filtered
27023.83.211.23 162 udp snmptrap unknown
27033.83.211.23 389 tcp ldap filtered
27043.83.211.23 389 udp ldap unknown
27053.83.211.23 443 tcp ssl/http open Microsoft IIS httpd 10.0
27063.83.211.23 520 tcp efs filtered
27073.83.211.23 520 udp route unknown
27083.83.211.23 2049 tcp nfs filtered
27093.83.211.23 2049 udp nfs unknown
27103.216.98.236 53 tcp domain filtered
27113.216.98.236 53 udp domain unknown
27123.216.98.236 67 tcp dhcps filtered
27133.216.98.236 67 udp dhcps unknown
27143.216.98.236 68 tcp dhcpc filtered
27153.216.98.236 68 udp dhcpc unknown
27163.216.98.236 69 tcp tftp filtered
27173.216.98.236 69 udp tftp unknown
27183.216.98.236 80 tcp http open Microsoft IIS httpd 10.0
27193.216.98.236 88 tcp kerberos-sec filtered
27203.216.98.236 88 udp kerberos-sec unknown
27213.216.98.236 123 tcp ntp filtered
27223.216.98.236 123 udp ntp unknown
27233.216.98.236 137 tcp netbios-ns filtered
27243.216.98.236 137 udp netbios-ns unknown
27253.216.98.236 138 tcp netbios-dgm filtered
27263.216.98.236 138 udp netbios-dgm unknown
27273.216.98.236 139 tcp netbios-ssn filtered
27283.216.98.236 139 udp netbios-ssn unknown
27293.216.98.236 161 tcp snmp filtered
27303.216.98.236 161 udp snmp unknown
27313.216.98.236 162 tcp snmptrap filtered
27323.216.98.236 162 udp snmptrap unknown
27333.216.98.236 389 tcp ldap filtered
27343.216.98.236 389 udp ldap unknown
27353.216.98.236 443 tcp ssl/http open Microsoft IIS httpd 10.0
27363.216.98.236 520 tcp efs filtered
27373.216.98.236 520 udp route unknown
27383.216.98.236 2049 tcp nfs filtered
27393.216.98.236 2049 udp nfs unknown
274034.224.171.238 53 tcp domain filtered
274134.224.171.238 53 udp domain unknown
274234.224.171.238 67 tcp dhcps filtered
274334.224.171.238 67 udp dhcps unknown
274434.224.171.238 68 tcp dhcpc filtered
274534.224.171.238 68 udp dhcpc unknown
274634.224.171.238 69 tcp tftp filtered
274734.224.171.238 69 udp tftp unknown
274834.224.171.238 80 tcp http open Apache httpd 2.4.29 (Ubuntu)
274934.224.171.238 88 tcp kerberos-sec filtered
275034.224.171.238 88 udp kerberos-sec unknown
275134.224.171.238 123 tcp ntp filtered
275234.224.171.238 123 udp ntp unknown
275334.224.171.238 137 tcp netbios-ns filtered
275434.224.171.238 137 udp netbios-ns unknown
275534.224.171.238 138 tcp netbios-dgm filtered
275634.224.171.238 138 udp netbios-dgm unknown
275734.224.171.238 139 tcp netbios-ssn filtered
275834.224.171.238 139 udp netbios-ssn unknown
275934.224.171.238 161 tcp snmp filtered
276034.224.171.238 161 udp snmp unknown
276134.224.171.238 162 tcp snmptrap filtered
276234.224.171.238 162 udp snmptrap unknown
276334.224.171.238 389 tcp ldap filtered
276434.224.171.238 389 udp ldap unknown
276534.224.171.238 443 tcp ssl/http open Apache httpd 2.4.29 (Ubuntu)
276634.224.171.238 520 tcp efs filtered
276734.224.171.238 520 udp route unknown
276834.224.171.238 2049 tcp nfs filtered
276934.224.171.238 2049 udp nfs unknown
277034.236.0.217 53 tcp domain filtered
277134.236.0.217 53 udp domain unknown
277234.236.0.217 67 tcp dhcps filtered
277334.236.0.217 67 udp dhcps unknown
277434.236.0.217 68 tcp dhcpc filtered
277534.236.0.217 68 udp dhcpc unknown
277634.236.0.217 69 tcp tftp filtered
277734.236.0.217 69 udp tftp unknown
277834.236.0.217 80 tcp http open nginx
277934.236.0.217 88 tcp kerberos-sec filtered
278034.236.0.217 88 udp kerberos-sec unknown
278134.236.0.217 123 tcp ntp filtered
278234.236.0.217 123 udp ntp unknown
278334.236.0.217 137 tcp netbios-ns filtered
278434.236.0.217 137 udp netbios-ns unknown
278534.236.0.217 138 tcp netbios-dgm filtered
278634.236.0.217 138 udp netbios-dgm unknown
278734.236.0.217 139 tcp netbios-ssn filtered
278834.236.0.217 139 udp netbios-ssn unknown
278934.236.0.217 161 tcp snmp filtered
279034.236.0.217 161 udp snmp unknown
279134.236.0.217 162 tcp snmptrap filtered
279234.236.0.217 162 udp snmptrap unknown
279334.236.0.217 389 tcp ldap filtered
279434.236.0.217 389 udp ldap unknown
279534.236.0.217 443 tcp ssl/http open nginx
279634.236.0.217 520 tcp efs filtered
279734.236.0.217 520 udp route unknown
279834.236.0.217 2049 tcp nfs filtered
279934.236.0.217 2049 udp nfs unknown
280034.253.89.155 53 tcp domain closed
280134.253.89.155 53 udp domain unknown
280234.253.89.155 67 tcp dhcps closed
280334.253.89.155 67 udp dhcps unknown
280434.253.89.155 68 tcp dhcpc closed
280534.253.89.155 68 udp dhcpc unknown
280634.253.89.155 69 tcp tftp closed
280734.253.89.155 69 udp tftp unknown
280834.253.89.155 80 tcp http open nginx
280934.253.89.155 88 tcp kerberos-sec closed
281034.253.89.155 88 udp kerberos-sec unknown
281134.253.89.155 123 tcp ntp closed
281234.253.89.155 123 udp ntp unknown
281334.253.89.155 137 tcp netbios-ns closed
281434.253.89.155 137 udp netbios-ns unknown
281534.253.89.155 138 tcp netbios-dgm closed
281634.253.89.155 138 udp netbios-dgm unknown
281734.253.89.155 139 tcp netbios-ssn closed
281834.253.89.155 139 udp netbios-ssn unknown
281934.253.89.155 161 tcp snmp closed
282034.253.89.155 161 udp snmp unknown
282134.253.89.155 162 tcp snmptrap closed
282234.253.89.155 162 udp snmptrap unknown
282334.253.89.155 389 tcp ldap closed
282434.253.89.155 389 udp ldap unknown
282534.253.89.155 443 tcp ssl/http open nginx
282634.253.89.155 520 tcp efs closed
282734.253.89.155 520 udp route unknown
282834.253.89.155 2049 tcp nfs closed
282934.253.89.155 2049 udp nfs unknown
283037.1.207.121 53 tcp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
283137.1.207.121 53 udp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
283237.1.207.121 67 tcp dhcps filtered
283337.1.207.121 67 udp dhcps unknown
283437.1.207.121 68 tcp dhcpc filtered
283537.1.207.121 68 udp dhcpc filtered
283637.1.207.121 69 tcp tftp filtered
283737.1.207.121 69 udp tftp unknown
283837.1.207.121 88 tcp kerberos-sec filtered
283937.1.207.121 88 udp kerberos-sec filtered
284037.1.207.121 123 tcp ntp filtered
284137.1.207.121 123 udp ntp unknown
284237.1.207.121 137 tcp netbios-ns filtered
284337.1.207.121 137 udp netbios-ns unknown
284437.1.207.121 138 tcp netbios-dgm filtered
284537.1.207.121 138 udp netbios-dgm unknown
284637.1.207.121 139 tcp netbios-ssn filtered
284737.1.207.121 139 udp netbios-ssn unknown
284837.1.207.121 161 tcp snmp filtered
284937.1.207.121 161 udp snmp unknown
285037.1.207.121 162 tcp snmptrap filtered
285137.1.207.121 162 udp snmptrap unknown
285237.1.207.121 389 tcp ldap filtered
285337.1.207.121 389 udp ldap unknown
285437.1.207.121 520 tcp efs filtered
285537.1.207.121 520 udp route unknown
285637.1.207.121 2049 tcp nfs filtered
285737.1.207.121 2049 udp nfs filtered
285843.245.223.4 80 tcp http open nginx
285943.245.223.4 443 tcp ssl/http open nginx
286043.245.223.4 32022 tcp ssh open OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 Ubuntu Linux; protocol 2.0
286145.60.47.218 25 tcp http open Incapsula CDN httpd
286245.60.47.218 53 tcp domain open
286345.60.47.218 53 udp domain open
286445.60.47.218 67 udp dhcps unknown
286545.60.47.218 68 udp dhcpc unknown
286645.60.47.218 69 udp tftp unknown
286745.60.47.218 80 tcp http open Incapsula CDN httpd
286845.60.47.218 81 tcp http open Incapsula CDN httpd
286945.60.47.218 85 tcp http open Incapsula CDN httpd
287045.60.47.218 88 tcp http open Incapsula CDN httpd
287145.60.47.218 88 udp kerberos-sec unknown
287245.60.47.218 123 udp ntp unknown
287345.60.47.218 137 udp netbios-ns unknown
287445.60.47.218 138 udp netbios-dgm unknown
287545.60.47.218 139 udp netbios-ssn unknown
287645.60.47.218 161 udp snmp unknown
287745.60.47.218 162 udp snmptrap unknown
287845.60.47.218 389 tcp ssl/http open Incapsula CDN httpd
287945.60.47.218 389 udp ldap unknown
288045.60.47.218 443 tcp ssl/http open Incapsula CDN httpd
288145.60.47.218 444 tcp ssl/http open Incapsula CDN httpd
288245.60.47.218 445 tcp ssl/http open Incapsula CDN httpd
288345.60.47.218 446 tcp http open Incapsula CDN httpd
288445.60.47.218 520 udp route unknown
288545.60.47.218 587 tcp http open Incapsula CDN httpd
288645.60.47.218 631 tcp http open Incapsula CDN httpd
288745.60.47.218 888 tcp http open Incapsula CDN httpd
288845.60.47.218 995 tcp ssl/http open Incapsula CDN httpd
288945.60.47.218 998 tcp ssl/http open Incapsula CDN httpd
289045.60.47.218 999 tcp http open Incapsula CDN httpd
289145.60.47.218 1000 tcp http open Incapsula CDN httpd
289245.60.47.218 1024 tcp http open Incapsula CDN httpd
289345.60.47.218 1103 tcp http open Incapsula CDN httpd
289445.60.47.218 1234 tcp http open Incapsula CDN httpd
289545.60.47.218 1433 tcp http open Incapsula CDN httpd
289645.60.47.218 1494 tcp http open Incapsula CDN httpd
289745.60.47.218 2000 tcp ssl/http open Incapsula CDN httpd
289845.60.47.218 2001 tcp http open Incapsula CDN httpd
289945.60.47.218 2049 tcp http open Incapsula CDN httpd
290045.60.47.218 2049 udp nfs unknown
290145.60.47.218 2067 tcp http open Incapsula CDN httpd
290245.60.47.218 2100 tcp ssl/http open Incapsula CDN httpd
290345.60.47.218 2222 tcp http open Incapsula CDN httpd
290445.60.47.218 2598 tcp http open Incapsula CDN httpd
290545.60.47.218 3000 tcp http open Incapsula CDN httpd
290645.60.47.218 3050 tcp http open Incapsula CDN httpd
290745.60.47.218 3057 tcp http open Incapsula CDN httpd
290845.60.47.218 3299 tcp http open Incapsula CDN httpd
290945.60.47.218 3306 tcp ssl/http open Incapsula CDN httpd
291045.60.47.218 3333 tcp http open Incapsula CDN httpd
291145.60.47.218 3389 tcp ssl/http open Incapsula CDN httpd
291245.60.47.218 3500 tcp http open Incapsula CDN httpd
291345.60.47.218 3790 tcp http open Incapsula CDN httpd
291445.60.47.218 4000 tcp http open Incapsula CDN httpd
291545.60.47.218 4444 tcp ssl/http open Incapsula CDN httpd
291645.60.47.218 4445 tcp ssl/http open Incapsula CDN httpd
291745.60.47.218 4848 tcp http open Incapsula CDN httpd
291845.60.47.218 5000 tcp http open Incapsula CDN httpd
291945.60.47.218 5009 tcp http open Incapsula CDN httpd
292045.60.47.218 5051 tcp ssl/http open Incapsula CDN httpd
292145.60.47.218 5060 tcp ssl/http open Incapsula CDN httpd
292245.60.47.218 5061 tcp ssl/http open Incapsula CDN httpd
292345.60.47.218 5227 tcp ssl/http open Incapsula CDN httpd
292445.60.47.218 5247 tcp ssl/http open Incapsula CDN httpd
292545.60.47.218 5250 tcp ssl/http open Incapsula CDN httpd
292645.60.47.218 5555 tcp http open Incapsula CDN httpd
292745.60.47.218 5900 tcp http open Incapsula CDN httpd
292845.60.47.218 5901 tcp ssl/http open Incapsula CDN httpd
292945.60.47.218 5902 tcp ssl/http open Incapsula CDN httpd
293045.60.47.218 5903 tcp ssl/http open Incapsula CDN httpd
293145.60.47.218 5904 tcp ssl/http open Incapsula CDN httpd
293245.60.47.218 5905 tcp ssl/http open Incapsula CDN httpd
293345.60.47.218 5906 tcp ssl/http open Incapsula CDN httpd
293445.60.47.218 5907 tcp ssl/http open Incapsula CDN httpd
293545.60.47.218 5908 tcp ssl/http open Incapsula CDN httpd
293645.60.47.218 5909 tcp ssl/http open Incapsula CDN httpd
293745.60.47.218 5910 tcp ssl/http open Incapsula CDN httpd
293845.60.47.218 5920 tcp ssl/http open Incapsula CDN httpd
293945.60.47.218 5984 tcp ssl/http open Incapsula CDN httpd
294045.60.47.218 5985 tcp http open Incapsula CDN httpd
294145.60.47.218 5986 tcp ssl/http open Incapsula CDN httpd
294245.60.47.218 5999 tcp ssl/http open Incapsula CDN httpd
294345.60.47.218 6000 tcp http open Incapsula CDN httpd
294445.60.47.218 6060 tcp http open Incapsula CDN httpd
294545.60.47.218 6161 tcp http open Incapsula CDN httpd
294645.60.47.218 6379 tcp http open Incapsula CDN httpd
294745.60.47.218 6661 tcp ssl/http open Incapsula CDN httpd
294845.60.47.218 6789 tcp http open Incapsula CDN httpd
294945.60.47.218 7000 tcp ssl/http open Incapsula CDN httpd
295045.60.47.218 7001 tcp http open Incapsula CDN httpd
295145.60.47.218 7021 tcp http open Incapsula CDN httpd
295245.60.47.218 7071 tcp ssl/http open Incapsula CDN httpd
295345.60.47.218 7080 tcp http open Incapsula CDN httpd
295445.60.47.218 7272 tcp ssl/http open Incapsula CDN httpd
295545.60.47.218 7443 tcp ssl/http open Incapsula CDN httpd
295645.60.47.218 7700 tcp http open Incapsula CDN httpd
295745.60.47.218 7777 tcp http open Incapsula CDN httpd
295845.60.47.218 7778 tcp http open Incapsula CDN httpd
295945.60.47.218 8000 tcp http open Incapsula CDN httpd
296045.60.47.218 8001 tcp http open Incapsula CDN httpd
296145.60.47.218 8008 tcp http open Incapsula CDN httpd
296245.60.47.218 8014 tcp http open Incapsula CDN httpd
296345.60.47.218 8020 tcp http open Incapsula CDN httpd
296445.60.47.218 8023 tcp http open Incapsula CDN httpd
296545.60.47.218 8028 tcp http open Incapsula CDN httpd
296645.60.47.218 8030 tcp http open Incapsula CDN httpd
296745.60.47.218 8050 tcp http open Incapsula CDN httpd
296845.60.47.218 8051 tcp http open Incapsula CDN httpd
296945.60.47.218 8080 tcp http open Incapsula CDN httpd
297045.60.47.218 8081 tcp http open Incapsula CDN httpd
297145.60.47.218 8082 tcp http open Incapsula CDN httpd
297245.60.47.218 8085 tcp http open Incapsula CDN httpd
297345.60.47.218 8086 tcp http open Incapsula CDN httpd
297445.60.47.218 8087 tcp http open Incapsula CDN httpd
297545.60.47.218 8088 tcp http open Incapsula CDN httpd
297645.60.47.218 8090 tcp http open Incapsula CDN httpd
297745.60.47.218 8091 tcp http open Incapsula CDN httpd
297845.60.47.218 8095 tcp http open Incapsula CDN httpd
297945.60.47.218 8101 tcp http open Incapsula CDN httpd
298045.60.47.218 8161 tcp http open Incapsula CDN httpd
298145.60.47.218 8180 tcp http open Incapsula CDN httpd
298245.60.47.218 8222 tcp http open Incapsula CDN httpd
298345.60.47.218 8333 tcp http open Incapsula CDN httpd
298445.60.47.218 8443 tcp ssl/http open Incapsula CDN httpd
298545.60.47.218 8444 tcp http open Incapsula CDN httpd
298645.60.47.218 8445 tcp http open Incapsula CDN httpd
298745.60.47.218 8503 tcp ssl/http open Incapsula CDN httpd
298845.60.47.218 8686 tcp http open Incapsula CDN httpd
298945.60.47.218 8701 tcp ssl/http open Incapsula CDN httpd
299045.60.47.218 8787 tcp http open Incapsula CDN httpd
299145.60.47.218 8800 tcp http open Incapsula CDN httpd
299245.60.47.218 8812 tcp http open Incapsula CDN httpd
299345.60.47.218 8834 tcp http open Incapsula CDN httpd
299445.60.47.218 8880 tcp http open Incapsula CDN httpd
299545.60.47.218 8888 tcp http open Incapsula CDN httpd
299645.60.47.218 8889 tcp http open Incapsula CDN httpd
299745.60.47.218 8890 tcp http open Incapsula CDN httpd
299845.60.47.218 8899 tcp http open Incapsula CDN httpd
299945.60.47.218 8901 tcp http open Incapsula CDN httpd
300045.60.47.218 8902 tcp http open Incapsula CDN httpd
300145.60.47.218 8999 tcp http open Incapsula CDN httpd
300245.60.47.218 9000 tcp http open Incapsula CDN httpd
300345.60.47.218 9001 tcp http open Incapsula CDN httpd
300445.60.47.218 9002 tcp http open Incapsula CDN httpd
300545.60.47.218 9003 tcp http open Incapsula CDN httpd
300645.60.47.218 9004 tcp http open Incapsula CDN httpd
300745.60.47.218 9005 tcp http open Incapsula CDN httpd
300845.60.47.218 9010 tcp http open Incapsula CDN httpd
300945.60.47.218 9050 tcp http open Incapsula CDN httpd
301045.60.47.218 9080 tcp http open Incapsula CDN httpd
301145.60.47.218 9081 tcp ssl/http open Incapsula CDN httpd
301245.60.47.218 9084 tcp http open Incapsula CDN httpd
301345.60.47.218 9090 tcp http open Incapsula CDN httpd
301445.60.47.218 9099 tcp http open Incapsula CDN httpd
301545.60.47.218 9100 tcp jetdirect open
301645.60.47.218 9111 tcp http open Incapsula CDN httpd
301745.60.47.218 9200 tcp http open Incapsula CDN httpd
301845.60.47.218 9300 tcp http open Incapsula CDN httpd
301945.60.47.218 9500 tcp http open Incapsula CDN httpd
302045.60.47.218 9711 tcp ssl/http open Incapsula CDN httpd
302145.60.47.218 9991 tcp http open Incapsula CDN httpd
302245.60.47.218 9999 tcp http open Incapsula CDN httpd
302345.60.47.218 10000 tcp http open Incapsula CDN httpd
302445.60.47.218 10001 tcp http open Incapsula CDN httpd
302545.60.47.218 10008 tcp http open Incapsula CDN httpd
302645.60.47.218 10443 tcp ssl/http open Incapsula CDN httpd
302745.60.47.218 11001 tcp ssl/http open Incapsula CDN httpd
302845.60.47.218 12174 tcp http open Incapsula CDN httpd
302945.60.47.218 12203 tcp http open Incapsula CDN httpd
303045.60.47.218 12221 tcp http open Incapsula CDN httpd
303145.60.47.218 12345 tcp http open Incapsula CDN httpd
303245.60.47.218 12397 tcp http open Incapsula CDN httpd
303345.60.47.218 12401 tcp http open Incapsula CDN httpd
303445.60.47.218 14330 tcp http open Incapsula CDN httpd
303545.60.47.218 16000 tcp http open Incapsula CDN httpd
303645.60.47.218 20000 tcp http open Incapsula CDN httpd
303745.60.47.218 20010 tcp ssl/http open Incapsula CDN httpd
303845.60.47.218 25000 tcp ssl/http open Incapsula CDN httpd
303945.60.47.218 30000 tcp http open Incapsula CDN httpd
304045.60.47.218 44334 tcp ssl/http open Incapsula CDN httpd
304145.60.47.218 50000 tcp http open Incapsula CDN httpd
304245.60.47.218 50001 tcp ssl/http open Incapsula CDN httpd
304345.60.47.218 50050 tcp ssl/http open Incapsula CDN httpd
304445.88.202.111 22 tcp ssh open OpenSSH 7.9p1 Debian 10+deb10u1 protocol 2.0
304545.88.202.111 53 tcp domain open PowerDNS Authoritative Server 4.2.0-rc3
304645.88.202.111 53 udp domain open PowerDNS Authoritative Server 4.2.0-rc3
304745.88.202.111 67 tcp dhcps closed
304845.88.202.111 67 udp dhcps unknown
304945.88.202.111 68 tcp dhcpc closed
305045.88.202.111 68 udp dhcpc unknown
305145.88.202.111 69 tcp tftp closed
305245.88.202.111 69 udp tftp closed
305345.88.202.111 80 tcp http open nginx
305445.88.202.111 88 tcp kerberos-sec closed
305545.88.202.111 88 udp kerberos-sec unknown
305645.88.202.111 123 tcp ntp closed
305745.88.202.111 123 udp ntp closed
305845.88.202.111 137 tcp netbios-ns closed
305945.88.202.111 137 udp netbios-ns filtered
306045.88.202.111 138 tcp netbios-dgm closed
306145.88.202.111 138 udp netbios-dgm filtered
306245.88.202.111 139 tcp netbios-ssn closed
306345.88.202.111 139 udp netbios-ssn closed
306445.88.202.111 161 tcp snmp closed
306545.88.202.111 161 udp snmp closed
306645.88.202.111 162 tcp snmptrap closed
306745.88.202.111 162 udp snmptrap closed
306845.88.202.111 179 tcp bgp filtered
306945.88.202.111 389 tcp ldap closed
307045.88.202.111 389 udp ldap unknown
307145.88.202.111 443 tcp ssl/http open nginx
307245.88.202.111 520 tcp efs closed
307345.88.202.111 520 udp route unknown
307445.88.202.111 2049 tcp nfs closed
307545.88.202.111 2049 udp nfs closed
307645.88.202.111 10050 tcp tcpwrapped open
307745.239.108.252 53 tcp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
307845.239.108.252 53 udp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
307945.239.108.252 67 tcp dhcps filtered
308045.239.108.252 67 udp dhcps unknown
308145.239.108.252 68 tcp dhcpc filtered
308245.239.108.252 68 udp dhcpc unknown
308345.239.108.252 69 tcp tftp filtered
308445.239.108.252 69 udp tftp unknown
308545.239.108.252 88 tcp kerberos-sec filtered
308645.239.108.252 88 udp kerberos-sec unknown
308745.239.108.252 123 tcp ntp filtered
308845.239.108.252 123 udp ntp unknown
308945.239.108.252 137 tcp netbios-ns filtered
309045.239.108.252 137 udp netbios-ns unknown
309145.239.108.252 138 tcp netbios-dgm filtered
309245.239.108.252 138 udp netbios-dgm unknown
309345.239.108.252 139 tcp netbios-ssn filtered
309445.239.108.252 139 udp netbios-ssn unknown
309545.239.108.252 161 tcp snmp filtered
309645.239.108.252 161 udp snmp unknown
309745.239.108.252 162 tcp snmptrap filtered
309845.239.108.252 162 udp snmptrap unknown
309945.239.108.252 389 tcp ldap filtered
310045.239.108.252 389 udp ldap unknown
310145.239.108.252 520 tcp efs filtered
310245.239.108.252 520 udp route unknown
310345.239.108.252 2049 tcp nfs filtered
310445.239.108.252 2049 udp nfs unknown
310552.1.2.24 53 tcp domain filtered
310652.1.2.24 53 udp domain unknown
310752.1.2.24 67 tcp dhcps filtered
310852.1.2.24 67 udp dhcps unknown
310952.1.2.24 68 tcp dhcpc filtered
311052.1.2.24 68 udp dhcpc unknown
311152.1.2.24 69 tcp tftp filtered
311252.1.2.24 69 udp tftp unknown
311352.1.2.24 80 tcp http open Apache httpd 2.4.29 (Ubuntu)
311452.1.2.24 88 tcp kerberos-sec filtered
311552.1.2.24 88 udp kerberos-sec unknown
311652.1.2.24 123 tcp ntp filtered
311752.1.2.24 123 udp ntp unknown
311852.1.2.24 137 tcp netbios-ns filtered
311952.1.2.24 137 udp netbios-ns unknown
312052.1.2.24 138 tcp netbios-dgm filtered
312152.1.2.24 138 udp netbios-dgm unknown
312252.1.2.24 139 tcp netbios-ssn filtered
312352.1.2.24 139 udp netbios-ssn unknown
312452.1.2.24 161 tcp snmp filtered
312552.1.2.24 161 udp snmp unknown
312652.1.2.24 162 tcp snmptrap filtered
312752.1.2.24 162 udp snmptrap unknown
312852.1.2.24 389 tcp ldap filtered
312952.1.2.24 389 udp ldap unknown
313052.1.2.24 443 tcp ssl/http open Apache httpd 2.4.29 (Ubuntu)
313152.1.2.24 520 tcp efs filtered
313252.1.2.24 520 udp route unknown
313352.1.2.24 2049 tcp nfs filtered
313452.1.2.24 2049 udp nfs unknown
313552.1.174.10 53 tcp domain filtered
313652.1.174.10 53 udp domain unknown
313752.1.174.10 67 tcp dhcps filtered
313852.1.174.10 67 udp dhcps unknown
313952.1.174.10 68 tcp dhcpc filtered
314052.1.174.10 68 udp dhcpc unknown
314152.1.174.10 69 tcp tftp filtered
314252.1.174.10 69 udp tftp unknown
314352.1.174.10 80 tcp http open nginx
314452.1.174.10 88 tcp kerberos-sec filtered
314552.1.174.10 88 udp kerberos-sec unknown
314652.1.174.10 123 tcp ntp filtered
314752.1.174.10 123 udp ntp unknown
314852.1.174.10 137 tcp netbios-ns filtered
314952.1.174.10 137 udp netbios-ns unknown
315052.1.174.10 138 tcp netbios-dgm filtered
315152.1.174.10 138 udp netbios-dgm unknown
315252.1.174.10 139 tcp netbios-ssn filtered
315352.1.174.10 139 udp netbios-ssn unknown
315452.1.174.10 161 tcp snmp filtered
315552.1.174.10 161 udp snmp unknown
315652.1.174.10 162 tcp snmptrap filtered
315752.1.174.10 162 udp snmptrap unknown
315852.1.174.10 389 tcp ldap filtered
315952.1.174.10 389 udp ldap unknown
316052.1.174.10 443 tcp ssl/http open nginx
316152.1.174.10 520 tcp efs filtered
316252.1.174.10 520 udp route unknown
316352.1.174.10 2049 tcp nfs filtered
316452.1.174.10 2049 udp nfs unknown
316552.30.54.73 53 tcp domain closed
316652.30.54.73 53 udp domain unknown
316752.30.54.73 67 tcp dhcps closed
316852.30.54.73 67 udp dhcps unknown
316952.30.54.73 68 tcp dhcpc closed
317052.30.54.73 68 udp dhcpc unknown
317152.30.54.73 69 tcp tftp closed
317252.30.54.73 69 udp tftp unknown
317352.30.54.73 80 tcp http open nginx
317452.30.54.73 88 tcp kerberos-sec closed
317552.30.54.73 88 udp kerberos-sec unknown
317652.30.54.73 123 tcp ntp closed
317752.30.54.73 123 udp ntp unknown
317852.30.54.73 137 tcp netbios-ns closed
317952.30.54.73 137 udp netbios-ns unknown
318052.30.54.73 138 tcp netbios-dgm closed
318152.30.54.73 138 udp netbios-dgm unknown
318252.30.54.73 139 tcp netbios-ssn closed
318352.30.54.73 139 udp netbios-ssn unknown
318452.30.54.73 161 tcp snmp closed
318552.30.54.73 161 udp snmp unknown
318652.30.54.73 162 tcp snmptrap closed
318752.30.54.73 162 udp snmptrap unknown
318852.30.54.73 389 tcp ldap closed
318952.30.54.73 389 udp ldap unknown
319052.30.54.73 443 tcp ssl/http open nginx
319152.30.54.73 520 tcp efs closed
319252.30.54.73 520 udp route unknown
319352.30.54.73 2049 tcp nfs closed
319452.30.54.73 2049 udp nfs unknown
319552.52.234.222 53 tcp domain filtered
319652.52.234.222 53 udp domain unknown
319752.52.234.222 67 tcp dhcps filtered
319852.52.234.222 67 udp dhcps unknown
319952.52.234.222 68 tcp dhcpc filtered
320052.52.234.222 68 udp dhcpc unknown
320152.52.234.222 69 tcp tftp filtered
320252.52.234.222 69 udp tftp unknown
320352.52.234.222 88 tcp kerberos-sec filtered
320452.52.234.222 88 udp kerberos-sec unknown
320552.52.234.222 123 tcp ntp filtered
320652.52.234.222 123 udp ntp unknown
320752.52.234.222 137 tcp netbios-ns filtered
320852.52.234.222 137 udp netbios-ns unknown
320952.52.234.222 138 tcp netbios-dgm filtered
321052.52.234.222 138 udp netbios-dgm unknown
321152.52.234.222 139 tcp netbios-ssn filtered
321252.52.234.222 139 udp netbios-ssn unknown
321352.52.234.222 161 tcp snmp filtered
321452.52.234.222 161 udp snmp unknown
321552.52.234.222 162 tcp snmptrap filtered
321652.52.234.222 162 udp snmptrap unknown
321752.52.234.222 389 tcp ldap filtered
321852.52.234.222 389 udp ldap unknown
321952.52.234.222 520 tcp efs filtered
322052.52.234.222 520 udp route unknown
322152.52.234.222 2049 tcp nfs filtered
322252.52.234.222 2049 udp nfs unknown
322354.72.57.25 53 tcp domain closed
322454.72.57.25 53 udp domain unknown
322554.72.57.25 67 tcp dhcps closed
322654.72.57.25 67 udp dhcps unknown
322754.72.57.25 68 tcp dhcpc closed
322854.72.57.25 68 udp dhcpc unknown
322954.72.57.25 69 tcp tftp closed
323054.72.57.25 69 udp tftp unknown
323154.72.57.25 80 tcp http open nginx
323254.72.57.25 88 tcp kerberos-sec closed
323354.72.57.25 88 udp kerberos-sec unknown
323454.72.57.25 123 tcp ntp closed
323554.72.57.25 123 udp ntp unknown
323654.72.57.25 137 tcp netbios-ns closed
323754.72.57.25 137 udp netbios-ns unknown
323854.72.57.25 138 tcp netbios-dgm closed
323954.72.57.25 138 udp netbios-dgm unknown
324054.72.57.25 139 tcp netbios-ssn closed
324154.72.57.25 139 udp netbios-ssn unknown
324254.72.57.25 161 tcp snmp closed
324354.72.57.25 161 udp snmp unknown
324454.72.57.25 162 tcp snmptrap closed
324554.72.57.25 162 udp snmptrap unknown
324654.72.57.25 389 tcp ldap closed
324754.72.57.25 389 udp ldap unknown
324854.72.57.25 443 tcp ssl/http open nginx
324954.72.57.25 520 tcp efs closed
325054.72.57.25 520 udp route unknown
325154.72.57.25 2049 tcp nfs closed
325254.72.57.25 2049 udp nfs unknown
325354.85.59.109 53 tcp domain filtered
325454.85.59.109 53 udp domain unknown
325554.85.59.109 67 tcp dhcps filtered
325654.85.59.109 67 udp dhcps unknown
325754.85.59.109 68 tcp dhcpc filtered
325854.85.59.109 68 udp dhcpc unknown
325954.85.59.109 69 tcp tftp filtered
326054.85.59.109 69 udp tftp unknown
326154.85.59.109 80 tcp http open nginx
326254.85.59.109 88 tcp kerberos-sec filtered
326354.85.59.109 88 udp kerberos-sec unknown
326454.85.59.109 123 tcp ntp filtered
326554.85.59.109 123 udp ntp unknown
326654.85.59.109 137 tcp netbios-ns filtered
326754.85.59.109 137 udp netbios-ns unknown
326854.85.59.109 138 tcp netbios-dgm filtered
326954.85.59.109 138 udp netbios-dgm unknown
327054.85.59.109 139 tcp netbios-ssn filtered
327154.85.59.109 139 udp netbios-ssn unknown
327254.85.59.109 161 tcp snmp filtered
327354.85.59.109 161 udp snmp unknown
327454.85.59.109 162 tcp snmptrap filtered
327554.85.59.109 162 udp snmptrap unknown
327654.85.59.109 389 tcp ldap filtered
327754.85.59.109 389 udp ldap unknown
327854.85.59.109 443 tcp ssl/http open nginx
327954.85.59.109 520 tcp efs filtered
328054.85.59.109 520 udp route unknown
328154.85.59.109 2049 tcp nfs filtered
328254.85.59.109 2049 udp nfs unknown
328354.194.134.190 53 tcp domain closed
328454.194.134.190 53 udp domain unknown
328554.194.134.190 67 tcp dhcps closed
328654.194.134.190 67 udp dhcps unknown
328754.194.134.190 68 tcp dhcpc closed
328854.194.134.190 68 udp dhcpc unknown
328954.194.134.190 69 tcp tftp closed
329054.194.134.190 69 udp tftp unknown
329154.194.134.190 80 tcp http open nginx
329254.194.134.190 88 tcp kerberos-sec closed
329354.194.134.190 88 udp kerberos-sec unknown
329454.194.134.190 123 tcp ntp closed
329554.194.134.190 123 udp ntp unknown
329654.194.134.190 137 tcp netbios-ns closed
329754.194.134.190 137 udp netbios-ns unknown
329854.194.134.190 138 tcp netbios-dgm closed
329954.194.134.190 138 udp netbios-dgm unknown
330054.194.134.190 139 tcp netbios-ssn closed
330154.194.134.190 139 udp netbios-ssn unknown
330254.194.134.190 161 tcp snmp closed
330354.194.134.190 161 udp snmp unknown
330454.194.134.190 162 tcp snmptrap closed
330554.194.134.190 162 udp snmptrap unknown
330654.194.134.190 389 tcp ldap closed
330754.194.134.190 389 udp ldap unknown
330854.194.134.190 443 tcp ssl/http open nginx
330954.194.134.190 520 tcp efs closed
331054.194.134.190 520 udp route unknown
331154.194.134.190 2049 tcp nfs closed
331254.194.134.190 2049 udp nfs unknown
331364.69.94.253 53 tcp domain filtered
331464.69.94.253 53 udp domain unknown
331564.69.94.253 67 tcp dhcps filtered
331664.69.94.253 67 udp dhcps unknown
331764.69.94.253 68 tcp dhcpc filtered
331864.69.94.253 68 udp dhcpc unknown
331964.69.94.253 69 tcp tftp filtered
332064.69.94.253 69 udp tftp unknown
332164.69.94.253 88 tcp kerberos-sec filtered
332264.69.94.253 88 udp kerberos-sec unknown
332364.69.94.253 123 tcp ntp filtered
332464.69.94.253 123 udp ntp unknown
332564.69.94.253 137 tcp netbios-ns filtered
332664.69.94.253 137 udp netbios-ns unknown
332764.69.94.253 138 tcp netbios-dgm filtered
332864.69.94.253 138 udp netbios-dgm unknown
332964.69.94.253 139 tcp netbios-ssn filtered
333064.69.94.253 139 udp netbios-ssn unknown
333164.69.94.253 161 tcp snmp filtered
333264.69.94.253 161 udp snmp unknown
333364.69.94.253 162 tcp snmptrap filtered
333464.69.94.253 162 udp snmptrap unknown
333564.69.94.253 389 tcp ldap filtered
333664.69.94.253 389 udp ldap unknown
333764.69.94.253 520 tcp efs filtered
333864.69.94.253 520 udp route unknown
333964.69.94.253 2049 tcp nfs filtered
334064.69.94.253 2049 udp nfs unknown
334169.163.233.4 21 tcp ftp open 220 DreamHost FTP Server\x0d\x0a
334269.163.233.4 22 tcp ssh open SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.13
334369.163.233.4 25 tcp open
334469.163.233.4 53 tcp domain closed
334569.163.233.4 53 udp domain unknown
334669.163.233.4 67 tcp dhcps closed
334769.163.233.4 67 udp dhcps closed
334869.163.233.4 68 tcp dhcpc closed
334969.163.233.4 68 udp dhcpc unknown
335069.163.233.4 69 tcp tftp closed
335169.163.233.4 69 udp tftp closed
335269.163.233.4 88 tcp kerberos-sec closed
335369.163.233.4 88 udp kerberos-sec unknown
335469.163.233.4 123 tcp ntp closed
335569.163.233.4 123 udp ntp unknown
335669.163.233.4 137 tcp netbios-ns closed
335769.163.233.4 137 udp netbios-ns closed
335869.163.233.4 138 tcp netbios-dgm closed
335969.163.233.4 138 udp netbios-dgm closed
336069.163.233.4 139 tcp netbios-ssn closed
336169.163.233.4 139 udp netbios-ssn unknown
336269.163.233.4 161 tcp snmp closed
336369.163.233.4 161 udp snmp closed
336469.163.233.4 162 tcp snmptrap closed
336569.163.233.4 162 udp snmptrap closed
336669.163.233.4 389 tcp ldap closed
336769.163.233.4 389 udp ldap unknown
336869.163.233.4 520 tcp efs closed
336969.163.233.4 520 udp route closed
337069.163.233.4 2049 tcp nfs closed
337169.163.233.4 2049 udp nfs unknown
337274.117.180.192 21 tcp ftp filtered 220 Hello.\x0d\x0a
337374.117.180.192 22 tcp ssh filtered
337474.117.180.192 25 tcp smtp filtered
337574.117.180.192 53 tcp domain closed
337674.117.180.192 53 udp domain unknown
337774.117.180.192 67 tcp dhcps closed
337874.117.180.192 67 udp dhcps unknown
337974.117.180.192 68 tcp dhcpc closed
338074.117.180.192 68 udp dhcpc closed
338174.117.180.192 69 tcp tftp closed
338274.117.180.192 69 udp tftp closed
338374.117.180.192 80 tcp http filtered
338474.117.180.192 88 tcp kerberos-sec closed
338574.117.180.192 88 udp kerberos-sec closed
338674.117.180.192 110 tcp pop3 filtered
338774.117.180.192 111 tcp rpcbind filtered
338874.117.180.192 123 tcp ntp closed
338974.117.180.192 123 udp ntp unknown
339074.117.180.192 137 tcp netbios-ns closed
339174.117.180.192 137 udp netbios-ns closed
339274.117.180.192 138 tcp netbios-dgm closed
339374.117.180.192 138 udp netbios-dgm unknown
339474.117.180.192 139 tcp netbios-ssn closed
339574.117.180.192 139 udp netbios-ssn unknown
339674.117.180.192 143 tcp imap filtered
339774.117.180.192 161 tcp snmp closed
339874.117.180.192 161 udp snmp closed
339974.117.180.192 162 tcp snmptrap closed
340074.117.180.192 162 udp snmptrap unknown
340174.117.180.192 323 tcp rpki-rtr filtered
340274.117.180.192 389 tcp ldap closed
340374.117.180.192 389 udp ldap closed
340474.117.180.192 443 tcp https filtered
340574.117.180.192 465 tcp ssl/smtp open Exim smtpd 4.92.3
340674.117.180.192 520 tcp efs closed
340774.117.180.192 520 udp route unknown
340874.117.180.192 587 tcp submission filtered
340974.117.180.192 873 tcp rsync filtered
341074.117.180.192 993 tcp imaps filtered
341174.117.180.192 995 tcp pop3s filtered
341274.117.180.192 2049 tcp nfs closed
341374.117.180.192 2049 udp nfs closed
341474.117.180.192 2525 tcp smtp open Exim smtpd
341574.117.180.192 3306 tcp mysql filtered
341674.117.180.192 4949 tcp tcpwrapped open
341774.117.180.192 5666 tcp tcpwrapped open
341874.117.180.192 6380 tcp filtered
341974.117.180.192 9306 tcp sphinx-search open Sphinx Search daemon 2.1.5-id64-release
342074.117.180.192 11211 tcp memcache filtered
342182.94.222.131 53 udp domain unknown
342282.94.222.131 67 udp dhcps unknown
342382.94.222.131 68 udp dhcpc unknown
342482.94.222.131 69 udp tftp unknown
342582.94.222.131 88 udp kerberos-sec unknown
342682.94.222.131 123 udp ntp unknown
342782.94.222.131 137 udp netbios-ns unknown
342882.94.222.131 138 udp netbios-dgm unknown
342982.94.222.131 139 udp netbios-ssn unknown
343082.94.222.131 161 udp snmp unknown
343182.94.222.131 162 udp snmptrap unknown
343282.94.222.131 389 udp ldap unknown
343382.94.222.131 520 udp route unknown
343482.94.222.131 2049 udp nfs unknown
343592.123.250.35 53 tcp domain closed
343692.123.250.35 53 udp domain closed
343792.123.250.35 67 tcp dhcps filtered
343892.123.250.35 67 udp dhcps unknown
343992.123.250.35 68 tcp dhcpc filtered
344092.123.250.35 68 udp dhcpc unknown
344192.123.250.35 69 tcp tftp filtered
344292.123.250.35 69 udp tftp unknown
344392.123.250.35 80 tcp http open AkamaiGHost Akamai's HTTP Acceleration/Mirror service
344492.123.250.35 88 tcp kerberos-sec filtered
344592.123.250.35 88 udp kerberos-sec unknown
344692.123.250.35 123 tcp ntp filtered
344792.123.250.35 123 udp ntp unknown
344892.123.250.35 137 tcp netbios-ns filtered
344992.123.250.35 137 udp netbios-ns unknown
345092.123.250.35 138 tcp netbios-dgm filtered
345192.123.250.35 138 udp netbios-dgm unknown
345292.123.250.35 139 tcp netbios-ssn filtered
345392.123.250.35 139 udp netbios-ssn unknown
345492.123.250.35 161 tcp snmp filtered
345592.123.250.35 161 udp snmp unknown
345692.123.250.35 162 tcp snmptrap filtered
345792.123.250.35 162 udp snmptrap unknown
345892.123.250.35 389 tcp ldap filtered
345992.123.250.35 389 udp ldap unknown
346092.123.250.35 443 tcp ssl/https open
346192.123.250.35 520 tcp efs filtered
346292.123.250.35 520 udp route unknown
346392.123.250.35 2049 tcp nfs filtered
346492.123.250.35 2049 udp nfs unknown
346592.123.250.35 8883 tcp secure-mqtt open
346692.123.250.65 53 tcp domain filtered
346792.123.250.65 53 udp domain unknown
346892.123.250.65 67 tcp dhcps filtered
346992.123.250.65 67 udp dhcps unknown
347092.123.250.65 68 tcp dhcpc filtered
347192.123.250.65 68 udp dhcpc unknown
347292.123.250.65 69 tcp tftp filtered
347392.123.250.65 69 udp tftp unknown
347492.123.250.65 80 tcp http open AkamaiGHost Akamai's HTTP Acceleration/Mirror service
347592.123.250.65 88 tcp kerberos-sec filtered
347692.123.250.65 88 udp kerberos-sec unknown
347792.123.250.65 123 tcp ntp filtered
347892.123.250.65 123 udp ntp unknown
347992.123.250.65 137 tcp netbios-ns filtered
348092.123.250.65 137 udp netbios-ns unknown
348192.123.250.65 138 tcp netbios-dgm filtered
348292.123.250.65 138 udp netbios-dgm unknown
348392.123.250.65 139 tcp netbios-ssn filtered
348492.123.250.65 139 udp netbios-ssn unknown
348592.123.250.65 161 tcp snmp filtered
348692.123.250.65 161 udp snmp unknown
348792.123.250.65 162 tcp snmptrap filtered
348892.123.250.65 162 udp snmptrap unknown
348992.123.250.65 389 tcp ldap filtered
349092.123.250.65 389 udp ldap unknown
349192.123.250.65 443 tcp ssl/https open
349292.123.250.65 520 tcp efs filtered
349392.123.250.65 520 udp route unknown
349492.123.250.65 2049 tcp nfs filtered
349592.123.250.65 2049 udp nfs unknown
349692.123.250.65 8883 tcp secure-mqtt open
349794.102.51.111 22 tcp ssh open
349894.102.51.111 25 tcp smtp open Exim smtpd 4.89
349994.102.51.111 53 tcp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
350094.102.51.111 53 udp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
350194.102.51.111 67 tcp dhcps filtered
350294.102.51.111 67 udp dhcps unknown
350394.102.51.111 68 tcp dhcpc filtered
350494.102.51.111 68 udp dhcpc unknown
350594.102.51.111 69 tcp tftp filtered
350694.102.51.111 69 udp tftp unknown
350794.102.51.111 80 tcp http open nginx
350894.102.51.111 88 tcp kerberos-sec filtered
350994.102.51.111 88 udp kerberos-sec unknown
351094.102.51.111 110 tcp pop3 open Dovecot pop3d
351194.102.51.111 123 tcp ntp filtered
351294.102.51.111 123 udp ntp unknown
351394.102.51.111 137 tcp netbios-ns filtered
351494.102.51.111 137 udp netbios-ns unknown
351594.102.51.111 138 tcp netbios-dgm filtered
351694.102.51.111 138 udp netbios-dgm unknown
351794.102.51.111 139 tcp netbios-ssn filtered
351894.102.51.111 139 udp netbios-ssn unknown
351994.102.51.111 143 tcp imap open Dovecot imapd
352094.102.51.111 161 tcp snmp filtered
352194.102.51.111 161 udp snmp unknown
352294.102.51.111 162 tcp snmptrap filtered
352394.102.51.111 162 udp snmptrap unknown
352494.102.51.111 389 tcp ldap filtered
352594.102.51.111 389 udp ldap unknown
352694.102.51.111 465 tcp ssl/smtp open Exim smtpd 4.89
352794.102.51.111 520 tcp efs filtered
352894.102.51.111 520 udp route unknown
352994.102.51.111 993 tcp ssl/imaps open
353094.102.51.111 995 tcp ssl/pop3s open
353194.102.51.111 2049 tcp nfs filtered
353294.102.51.111 2049 udp nfs unknown
353394.102.51.112 22 tcp ssh open
353494.102.51.112 25 tcp smtp open Exim smtpd 4.89
353594.102.51.112 53 tcp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
353694.102.51.112 53 udp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
353794.102.51.112 67 tcp dhcps filtered
353894.102.51.112 67 udp dhcps unknown
353994.102.51.112 68 tcp dhcpc filtered
354094.102.51.112 68 udp dhcpc unknown
354194.102.51.112 69 tcp tftp filtered
354294.102.51.112 69 udp tftp unknown
354394.102.51.112 80 tcp http open nginx
354494.102.51.112 88 tcp kerberos-sec filtered
354594.102.51.112 88 udp kerberos-sec unknown
354694.102.51.112 110 tcp pop3 open Dovecot pop3d
354794.102.51.112 123 tcp ntp filtered
354894.102.51.112 123 udp ntp unknown
354994.102.51.112 137 tcp netbios-ns filtered
355094.102.51.112 137 udp netbios-ns unknown
355194.102.51.112 138 tcp netbios-dgm filtered
355294.102.51.112 138 udp netbios-dgm unknown
355394.102.51.112 139 tcp netbios-ssn filtered
355494.102.51.112 139 udp netbios-ssn unknown
355594.102.51.112 143 tcp imap open Dovecot imapd
355694.102.51.112 161 tcp snmp filtered
355794.102.51.112 161 udp snmp unknown
355894.102.51.112 162 tcp snmptrap filtered
355994.102.51.112 162 udp snmptrap unknown
356094.102.51.112 389 tcp ldap filtered
356194.102.51.112 389 udp ldap unknown
356294.102.51.112 465 tcp ssl/smtp open Exim smtpd 4.89
356394.102.51.112 520 tcp efs filtered
356494.102.51.112 520 udp route unknown
356594.102.51.112 993 tcp ssl/imaps open
356694.102.51.112 995 tcp ssl/pop3s open
356794.102.51.112 2049 tcp nfs filtered
356894.102.51.112 2049 udp nfs unknown
3569104.244.73.40 53 udp domain unknown
3570104.244.73.40 67 udp dhcps unknown
3571104.244.73.40 68 udp dhcpc unknown
3572104.244.73.40 69 udp tftp unknown
3573104.244.73.40 88 udp kerberos-sec unknown
3574104.244.73.40 123 udp ntp unknown
3575104.244.73.40 137 udp netbios-ns unknown
3576104.244.73.40 138 udp netbios-dgm unknown
3577104.244.73.40 139 udp netbios-ssn unknown
3578104.244.73.40 161 udp snmp unknown
3579104.244.73.40 162 udp snmptrap unknown
3580104.244.73.40 389 udp ldap unknown
3581104.244.73.40 520 udp route unknown
3582104.244.73.40 2049 udp nfs unknown
3583104.244.76.231 53 tcp domain filtered
3584104.244.76.231 53 udp domain unknown
3585104.244.76.231 67 tcp dhcps filtered
3586104.244.76.231 67 udp dhcps unknown
3587104.244.76.231 68 tcp dhcpc filtered
3588104.244.76.231 68 udp dhcpc unknown
3589104.244.76.231 69 tcp tftp filtered
3590104.244.76.231 69 udp tftp unknown
3591104.244.76.231 80 tcp http open nginx
3592104.244.76.231 88 tcp kerberos-sec filtered
3593104.244.76.231 88 udp kerberos-sec unknown
3594104.244.76.231 123 tcp ntp filtered
3595104.244.76.231 123 udp ntp unknown
3596104.244.76.231 137 tcp netbios-ns filtered
3597104.244.76.231 137 udp netbios-ns unknown
3598104.244.76.231 138 tcp netbios-dgm filtered
3599104.244.76.231 138 udp netbios-dgm unknown
3600104.244.76.231 139 tcp netbios-ssn filtered
3601104.244.76.231 139 udp netbios-ssn unknown
3602104.244.76.231 161 tcp snmp filtered
3603104.244.76.231 161 udp snmp unknown
3604104.244.76.231 162 tcp snmptrap filtered
3605104.244.76.231 162 udp snmptrap unknown
3606104.244.76.231 389 tcp ldap filtered
3607104.244.76.231 389 udp ldap unknown
3608104.244.76.231 443 tcp ssl/http open nginx
3609104.244.76.231 520 tcp efs filtered
3610104.244.76.231 520 udp route unknown
3611104.244.76.231 2049 tcp nfs filtered
3612104.244.76.231 2049 udp nfs unknown
3613104.244.76.231 5040 tcp unknown closed
3614104.244.76.231 16001 tcp ssl/http open MiniServ 1.910 Webmin httpd
3615104.244.76.231 16221 tcp closed
3616104.244.76.231 23022 tcp closed
3617104.244.76.231 32022 tcp ssh open OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 Ubuntu Linux; protocol 2.0
3618104.244.77.188 53 tcp domain filtered
3619104.244.77.188 53 udp domain unknown
3620104.244.77.188 67 tcp dhcps filtered
3621104.244.77.188 67 udp dhcps unknown
3622104.244.77.188 68 tcp dhcpc filtered
3623104.244.77.188 68 udp dhcpc unknown
3624104.244.77.188 69 tcp tftp filtered
3625104.244.77.188 69 udp tftp unknown
3626104.244.77.188 80 tcp http open nginx
3627104.244.77.188 88 tcp kerberos-sec filtered
3628104.244.77.188 88 udp kerberos-sec unknown
3629104.244.77.188 123 tcp ntp filtered
3630104.244.77.188 123 udp ntp unknown
3631104.244.77.188 137 tcp netbios-ns filtered
3632104.244.77.188 137 udp netbios-ns unknown
3633104.244.77.188 138 tcp netbios-dgm filtered
3634104.244.77.188 138 udp netbios-dgm unknown
3635104.244.77.188 139 tcp netbios-ssn filtered
3636104.244.77.188 139 udp netbios-ssn unknown
3637104.244.77.188 161 tcp snmp filtered
3638104.244.77.188 161 udp snmp unknown
3639104.244.77.188 162 tcp snmptrap filtered
3640104.244.77.188 162 udp snmptrap unknown
3641104.244.77.188 389 tcp ldap filtered
3642104.244.77.188 389 udp ldap unknown
3643104.244.77.188 443 tcp ssl/http open nginx
3644104.244.77.188 520 tcp efs filtered
3645104.244.77.188 520 udp route unknown
3646104.244.77.188 2049 tcp nfs filtered
3647104.244.77.188 2049 udp nfs unknown
3648104.244.77.188 5040 tcp unknown closed
3649104.244.77.188 16001 tcp ssl/http open MiniServ 1.910 Webmin httpd
3650104.244.77.188 16221 tcp closed
3651104.244.77.188 23022 tcp closed
3652104.244.77.188 32022 tcp ssh open OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 Ubuntu Linux; protocol 2.0
3653104.244.79.89 53 tcp domain filtered
3654104.244.79.89 53 udp domain unknown
3655104.244.79.89 67 tcp dhcps filtered
3656104.244.79.89 67 udp dhcps unknown
3657104.244.79.89 68 tcp dhcpc filtered
3658104.244.79.89 68 udp dhcpc unknown
3659104.244.79.89 69 tcp tftp filtered
3660104.244.79.89 69 udp tftp unknown
3661104.244.79.89 80 tcp http open nginx
3662104.244.79.89 88 tcp kerberos-sec filtered
3663104.244.79.89 88 udp kerberos-sec unknown
3664104.244.79.89 123 tcp ntp filtered
3665104.244.79.89 123 udp ntp unknown
3666104.244.79.89 137 tcp netbios-ns filtered
3667104.244.79.89 137 udp netbios-ns unknown
3668104.244.79.89 138 tcp netbios-dgm filtered
3669104.244.79.89 138 udp netbios-dgm unknown
3670104.244.79.89 139 tcp netbios-ssn filtered
3671104.244.79.89 139 udp netbios-ssn unknown
3672104.244.79.89 161 tcp snmp filtered
3673104.244.79.89 161 udp snmp unknown
3674104.244.79.89 162 tcp snmptrap filtered
3675104.244.79.89 162 udp snmptrap unknown
3676104.244.79.89 389 tcp ldap filtered
3677104.244.79.89 389 udp ldap unknown
3678104.244.79.89 443 tcp ssl/http open nginx
3679104.244.79.89 520 tcp efs filtered
3680104.244.79.89 520 udp route unknown
3681104.244.79.89 2049 tcp nfs filtered
3682104.244.79.89 2049 udp nfs unknown
3683104.244.79.89 7910 tcp ssl/http open nginx
3684104.244.79.89 7920 tcp unknown closed
3685104.244.79.89 7930 tcp closed
3686104.244.79.89 16001 tcp http open MiniServ 1.930 Webmin httpd
3687104.244.79.89 16010 tcp ssl/http open nginx
3688104.244.79.89 16221 tcp ssh open OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 Ubuntu Linux; protocol 2.0
3689104.244.79.89 32022 tcp ssh open OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 Ubuntu Linux; protocol 2.0
3690107.180.28.114 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 3 of 500 allowed.\x0d\x0a220-Local time is now 05:54. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
3691107.180.28.114 22 tcp ssh open SSH-2.0-OpenSSH_5.3
3692107.180.28.114 53 tcp domain filtered
3693107.180.28.114 53 udp domain unknown
3694107.180.28.114 67 tcp dhcps filtered
3695107.180.28.114 67 udp dhcps unknown
3696107.180.28.114 68 tcp dhcpc filtered
3697107.180.28.114 68 udp dhcpc unknown
3698107.180.28.114 69 tcp tftp filtered
3699107.180.28.114 69 udp tftp unknown
3700107.180.28.114 88 tcp kerberos-sec filtered
3701107.180.28.114 88 udp kerberos-sec unknown
3702107.180.28.114 123 tcp ntp filtered
3703107.180.28.114 123 udp ntp unknown
3704107.180.28.114 137 tcp netbios-ns filtered
3705107.180.28.114 137 udp netbios-ns unknown
3706107.180.28.114 138 tcp netbios-dgm filtered
3707107.180.28.114 138 udp netbios-dgm unknown
3708107.180.28.114 139 tcp netbios-ssn filtered
3709107.180.28.114 139 udp netbios-ssn unknown
3710107.180.28.114 161 tcp snmp filtered
3711107.180.28.114 161 udp snmp unknown
3712107.180.28.114 162 tcp snmptrap filtered
3713107.180.28.114 162 udp snmptrap unknown
3714107.180.28.114 389 tcp ldap filtered
3715107.180.28.114 389 udp ldap unknown
3716107.180.28.114 520 tcp efs filtered
3717107.180.28.114 520 udp route unknown
3718107.180.28.114 2049 tcp nfs filtered
3719107.180.28.114 2049 udp nfs unknown
3720111.90.145.39 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 1 of 50 allowed.\x0d\x0a220-Local time is now 15:04. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
3721111.90.145.39 53 tcp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
3722111.90.145.39 53 udp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
3723111.90.145.39 67 tcp dhcps closed
3724111.90.145.39 67 udp dhcps closed
3725111.90.145.39 68 tcp dhcpc closed
3726111.90.145.39 68 udp dhcpc unknown
3727111.90.145.39 69 tcp tftp closed
3728111.90.145.39 69 udp tftp unknown
3729111.90.145.39 88 tcp kerberos-sec closed
3730111.90.145.39 88 udp kerberos-sec unknown
3731111.90.145.39 123 tcp ntp closed
3732111.90.145.39 123 udp ntp closed
3733111.90.145.39 137 tcp netbios-ns closed
3734111.90.145.39 137 udp netbios-ns unknown
3735111.90.145.39 138 tcp netbios-dgm closed
3736111.90.145.39 138 udp netbios-dgm unknown
3737111.90.145.39 139 tcp netbios-ssn filtered
3738111.90.145.39 139 udp netbios-ssn closed
3739111.90.145.39 161 tcp snmp closed
3740111.90.145.39 161 udp snmp unknown
3741111.90.145.39 162 tcp snmptrap closed
3742111.90.145.39 162 udp snmptrap closed
3743111.90.145.39 389 tcp ldap closed
3744111.90.145.39 389 udp ldap unknown
3745111.90.145.39 520 tcp efs closed
3746111.90.145.39 520 udp route closed
3747111.90.145.39 2049 tcp nfs closed
3748111.90.145.39 2049 udp nfs closed
3749143.95.110.248 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 1 of 150 allowed.\x0d\x0a220-Local time is now 05:55. Server port: 21.\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
3750143.95.110.248 53 tcp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
3751143.95.110.248 53 udp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
3752143.95.110.248 67 tcp dhcps closed
3753143.95.110.248 67 udp dhcps unknown
3754143.95.110.248 68 tcp dhcpc closed
3755143.95.110.248 68 udp dhcpc unknown
3756143.95.110.248 69 tcp tftp closed
3757143.95.110.248 69 udp tftp unknown
3758143.95.110.248 88 tcp kerberos-sec closed
3759143.95.110.248 88 udp kerberos-sec unknown
3760143.95.110.248 123 tcp ntp closed
3761143.95.110.248 123 udp ntp unknown
3762143.95.110.248 137 tcp netbios-ns closed
3763143.95.110.248 137 udp netbios-ns unknown
3764143.95.110.248 138 tcp netbios-dgm closed
3765143.95.110.248 138 udp netbios-dgm closed
3766143.95.110.248 139 tcp netbios-ssn closed
3767143.95.110.248 139 udp netbios-ssn unknown
3768143.95.110.248 161 tcp snmp closed
3769143.95.110.248 161 udp snmp closed
3770143.95.110.248 162 tcp snmptrap closed
3771143.95.110.248 162 udp snmptrap unknown
3772143.95.110.248 389 tcp ldap closed
3773143.95.110.248 389 udp ldap closed
3774143.95.110.248 520 tcp efs closed
3775143.95.110.248 520 udp route unknown
3776143.95.110.248 2049 tcp nfs closed
3777143.95.110.248 2049 udp nfs unknown
3778149.126.72.220 25 tcp smtp closed
3779149.126.72.220 51 tcp tcpwrapped open
3780149.126.72.220 53 tcp domain open
3781149.126.72.220 53 udp domain open
3782149.126.72.220 65 tcp tcpwrapped open
3783149.126.72.220 66 tcp tcpwrapped open
3784149.126.72.220 67 tcp dhcps filtered
3785149.126.72.220 67 udp dhcps unknown
3786149.126.72.220 68 tcp dhcpc filtered
3787149.126.72.220 68 udp dhcpc unknown
3788149.126.72.220 69 tcp tftp filtered
3789149.126.72.220 69 udp tftp unknown
3790149.126.72.220 80 tcp tcpwrapped open
3791149.126.72.220 81 tcp tcpwrapped open
3792149.126.72.220 82 tcp tcpwrapped open
3793149.126.72.220 83 tcp tcpwrapped open
3794149.126.72.220 84 tcp tcpwrapped open
3795149.126.72.220 85 tcp tcpwrapped open
3796149.126.72.220 86 tcp tcpwrapped open
3797149.126.72.220 88 tcp http open Incapsula CDN httpd
3798149.126.72.220 88 udp kerberos-sec unknown
3799149.126.72.220 89 tcp tcpwrapped open
3800149.126.72.220 90 tcp tcpwrapped open
3801149.126.72.220 91 tcp tcpwrapped open
3802149.126.72.220 92 tcp tcpwrapped open
3803149.126.72.220 98 tcp tcpwrapped open
3804149.126.72.220 99 tcp tcpwrapped open
3805149.126.72.220 123 tcp ntp filtered
3806149.126.72.220 123 udp ntp unknown
3807149.126.72.220 137 tcp netbios-ns filtered
3808149.126.72.220 137 udp netbios-ns filtered
3809149.126.72.220 138 tcp netbios-dgm filtered
3810149.126.72.220 138 udp netbios-dgm filtered
3811149.126.72.220 139 tcp netbios-ssn closed
3812149.126.72.220 139 udp netbios-ssn unknown
3813149.126.72.220 160 tcp sgmp-traps closed
3814149.126.72.220 161 tcp snmp filtered
3815149.126.72.220 161 udp snmp unknown
3816149.126.72.220 162 tcp snmptrap filtered
3817149.126.72.220 162 udp snmptrap unknown
3818149.126.72.220 189 tcp tcpwrapped open
3819149.126.72.220 190 tcp tcpwrapped open
3820149.126.72.220 192 tcp tcpwrapped open
3821149.126.72.220 243 tcp tcpwrapped open
3822149.126.72.220 285 tcp tcpwrapped open
3823149.126.72.220 314 tcp tcpwrapped open
3824149.126.72.220 343 tcp tcpwrapped open
3825149.126.72.220 347 tcp tcpwrapped open
3826149.126.72.220 385 tcp tcpwrapped open
3827149.126.72.220 389 tcp ssl/http open Incapsula CDN httpd
3828149.126.72.220 389 udp ldap unknown
3829149.126.72.220 400 tcp tcpwrapped open
3830149.126.72.220 440 tcp tcpwrapped open
3831149.126.72.220 441 tcp tcpwrapped open
3832149.126.72.220 442 tcp tcpwrapped open
3833149.126.72.220 443 tcp ssl/tcpwrapped open
3834149.126.72.220 444 tcp tcpwrapped open
3835149.126.72.220 445 tcp microsoft-ds closed
3836149.126.72.220 446 tcp tcpwrapped open
3837149.126.72.220 447 tcp tcpwrapped open
3838149.126.72.220 448 tcp tcpwrapped open
3839149.126.72.220 449 tcp tcpwrapped open
3840149.126.72.220 452 tcp tcpwrapped open
3841149.126.72.220 461 tcp tcpwrapped open
3842149.126.72.220 462 tcp tcpwrapped open
3843149.126.72.220 480 tcp tcpwrapped open
3844149.126.72.220 485 tcp tcpwrapped open
3845149.126.72.220 487 tcp tcpwrapped open
3846149.126.72.220 488 tcp tcpwrapped open
3847149.126.72.220 491 tcp tcpwrapped open
3848149.126.72.220 520 tcp efs filtered
3849149.126.72.220 520 udp route unknown
3850149.126.72.220 555 tcp tcpwrapped open
3851149.126.72.220 556 tcp tcpwrapped open
3852149.126.72.220 587 tcp tcpwrapped open
3853149.126.72.220 631 tcp tcpwrapped open
3854149.126.72.220 632 tcp tcpwrapped open
3855149.126.72.220 636 tcp tcpwrapped open
3856149.126.72.220 743 tcp tcpwrapped open
3857149.126.72.220 772 tcp tcpwrapped open
3858149.126.72.220 777 tcp tcpwrapped open
3859149.126.72.220 782 tcp tcpwrapped open
3860149.126.72.220 785 tcp tcpwrapped open
3861149.126.72.220 800 tcp tcpwrapped open
3862149.126.72.220 801 tcp tcpwrapped open
3863149.126.72.220 805 tcp tcpwrapped open
3864149.126.72.220 806 tcp tcpwrapped open
3865149.126.72.220 809 tcp tcpwrapped open
3866149.126.72.220 843 tcp tcpwrapped open
3867149.126.72.220 853 tcp tcpwrapped open
3868149.126.72.220 885 tcp tcpwrapped open
3869149.126.72.220 886 tcp tcpwrapped open
3870149.126.72.220 887 tcp tcpwrapped open
3871149.126.72.220 888 tcp tcpwrapped open
3872149.126.72.220 943 tcp tcpwrapped open
3873149.126.72.220 947 tcp tcpwrapped open
3874149.126.72.220 953 tcp tcpwrapped open
3875149.126.72.220 990 tcp tcpwrapped open
3876149.126.72.220 995 tcp tcpwrapped open
3877149.126.72.220 998 tcp tcpwrapped open
3878149.126.72.220 999 tcp tcpwrapped open
3879149.126.72.220 1000 tcp tcpwrapped open
3880149.126.72.220 1002 tcp tcpwrapped open
3881149.126.72.220 1024 tcp tcpwrapped open
3882149.126.72.220 1025 tcp tcpwrapped open
3883149.126.72.220 1028 tcp tcpwrapped open
3884149.126.72.220 1080 tcp tcpwrapped open
3885149.126.72.220 1103 tcp tcpwrapped open
3886149.126.72.220 1111 tcp tcpwrapped open
3887149.126.72.220 1180 tcp tcpwrapped open
3888149.126.72.220 1181 tcp tcpwrapped open
3889149.126.72.220 1207 tcp tcpwrapped open
3890149.126.72.220 1234 tcp tcpwrapped open
3891149.126.72.220 1250 tcp tcpwrapped open
3892149.126.72.220 1283 tcp tcpwrapped open
3893149.126.72.220 1291 tcp tcpwrapped open
3894149.126.72.220 1292 tcp tcpwrapped open
3895149.126.72.220 1293 tcp tcpwrapped open
3896149.126.72.220 1337 tcp tcpwrapped open
3897149.126.72.220 1344 tcp tcpwrapped open
3898149.126.72.220 1355 tcp tcpwrapped open
3899149.126.72.220 1364 tcp tcpwrapped open
3900149.126.72.220 1366 tcp tcpwrapped open
3901149.126.72.220 1377 tcp tcpwrapped open
3902149.126.72.220 1387 tcp tcpwrapped open
3903149.126.72.220 1388 tcp tcpwrapped open
3904149.126.72.220 1433 tcp tcpwrapped open
3905149.126.72.220 1443 tcp tcpwrapped open
3906149.126.72.220 1447 tcp tcpwrapped open
3907149.126.72.220 1450 tcp tcpwrapped open
3908149.126.72.220 1451 tcp tcpwrapped open
3909149.126.72.220 1452 tcp tcpwrapped open
3910149.126.72.220 1453 tcp tcpwrapped open
3911149.126.72.220 1454 tcp tcpwrapped open
3912149.126.72.220 1455 tcp tcpwrapped open
3913149.126.72.220 1456 tcp tcpwrapped open
3914149.126.72.220 1457 tcp tcpwrapped open
3915149.126.72.220 1458 tcp tcpwrapped open
3916149.126.72.220 1459 tcp tcpwrapped open
3917149.126.72.220 1460 tcp tcpwrapped open
3918149.126.72.220 1494 tcp tcpwrapped open
3919149.126.72.220 1935 tcp tcpwrapped open
3920149.126.72.220 1950 tcp tcpwrapped open
3921149.126.72.220 1951 tcp tcpwrapped open
3922149.126.72.220 1952 tcp tcpwrapped open
3923149.126.72.220 1953 tcp tcpwrapped open
3924149.126.72.220 1954 tcp tcpwrapped open
3925149.126.72.220 1955 tcp tcpwrapped open
3926149.126.72.220 1956 tcp tcpwrapped open
3927149.126.72.220 1957 tcp tcpwrapped open
3928149.126.72.220 1958 tcp tcpwrapped open
3929149.126.72.220 1959 tcp tcpwrapped open
3930149.126.72.220 1960 tcp tcpwrapped open
3931149.126.72.220 1964 tcp tcpwrapped open
3932149.126.72.220 1965 tcp tcpwrapped open
3933149.126.72.220 1966 tcp tcpwrapped open
3934149.126.72.220 1967 tcp tcpwrapped open
3935149.126.72.220 1968 tcp tcpwrapped open
3936149.126.72.220 1969 tcp tcpwrapped open
3937149.126.72.220 1970 tcp tcpwrapped open
3938149.126.72.220 1971 tcp tcpwrapped open
3939149.126.72.220 1972 tcp tcpwrapped open
3940149.126.72.220 1973 tcp tcpwrapped open
3941149.126.72.220 1974 tcp tcpwrapped open
3942149.126.72.220 1975 tcp tcpwrapped open
3943149.126.72.220 1976 tcp tcpwrapped open
3944149.126.72.220 1977 tcp tcpwrapped open
3945149.126.72.220 1978 tcp tcpwrapped open
3946149.126.72.220 1979 tcp tcpwrapped open
3947149.126.72.220 1980 tcp tcpwrapped open
3948149.126.72.220 1981 tcp tcpwrapped open
3949149.126.72.220 1982 tcp tcpwrapped open
3950149.126.72.220 1983 tcp tcpwrapped open
3951149.126.72.220 1984 tcp tcpwrapped open
3952149.126.72.220 1985 tcp tcpwrapped open
3953149.126.72.220 1986 tcp tcpwrapped open
3954149.126.72.220 1987 tcp tcpwrapped open
3955149.126.72.220 1988 tcp tcpwrapped open
3956149.126.72.220 1989 tcp tcpwrapped open
3957149.126.72.220 2000 tcp tcpwrapped open
3958149.126.72.220 2001 tcp tcpwrapped open
3959149.126.72.220 2006 tcp tcpwrapped open
3960149.126.72.220 2012 tcp tcpwrapped open
3961149.126.72.220 2020 tcp tcpwrapped open
3962149.126.72.220 2048 tcp tcpwrapped open
3963149.126.72.220 2049 tcp http open Incapsula CDN httpd
3964149.126.72.220 2049 udp nfs unknown
3965149.126.72.220 2050 tcp tcpwrapped open
3966149.126.72.220 2051 tcp tcpwrapped open
3967149.126.72.220 2052 tcp tcpwrapped open
3968149.126.72.220 2053 tcp tcpwrapped open
3969149.126.72.220 2054 tcp tcpwrapped open
3970149.126.72.220 2055 tcp tcpwrapped open
3971149.126.72.220 2056 tcp tcpwrapped open
3972149.126.72.220 2057 tcp tcpwrapped open
3973149.126.72.220 2058 tcp tcpwrapped open
3974149.126.72.220 2059 tcp tcpwrapped open
3975149.126.72.220 2060 tcp tcpwrapped open
3976149.126.72.220 2061 tcp tcpwrapped open
3977149.126.72.220 2062 tcp tcpwrapped open
3978149.126.72.220 2063 tcp tcpwrapped open
3979149.126.72.220 2064 tcp tcpwrapped open
3980149.126.72.220 2065 tcp tcpwrapped open
3981149.126.72.220 2066 tcp tcpwrapped open
3982149.126.72.220 2067 tcp tcpwrapped open
3983149.126.72.220 2068 tcp tcpwrapped open
3984149.126.72.220 2069 tcp tcpwrapped open
3985149.126.72.220 2070 tcp tcpwrapped open
3986149.126.72.220 2072 tcp tcpwrapped open
3987149.126.72.220 2082 tcp tcpwrapped open
3988149.126.72.220 2083 tcp tcpwrapped open
3989149.126.72.220 2087 tcp tcpwrapped open
3990149.126.72.220 2096 tcp tcpwrapped open
3991149.126.72.220 2100 tcp tcpwrapped open
3992149.126.72.220 2108 tcp tcpwrapped open
3993149.126.72.220 2200 tcp tcpwrapped open
3994149.126.72.220 2209 tcp tcpwrapped open
3995149.126.72.220 2222 tcp tcpwrapped open
3996149.126.72.220 2226 tcp tcpwrapped open
3997149.126.72.220 2248 tcp tcpwrapped open
3998149.126.72.220 2344 tcp tcpwrapped open
3999149.126.72.220 2345 tcp tcpwrapped open
4000149.126.72.220 2353 tcp tcpwrapped open
4001149.126.72.220 2363 tcp tcpwrapped open
4002149.126.72.220 2423 tcp tcpwrapped open
4003149.126.72.220 2433 tcp tcpwrapped open
4004149.126.72.220 2435 tcp tcpwrapped open
4005149.126.72.220 2443 tcp tcpwrapped open
4006149.126.72.220 2453 tcp tcpwrapped open
4007149.126.72.220 2480 tcp tcpwrapped open
4008149.126.72.220 2548 tcp tcpwrapped open
4009149.126.72.220 2549 tcp tcpwrapped open
4010149.126.72.220 2550 tcp tcpwrapped open
4011149.126.72.220 2551 tcp tcpwrapped open
4012149.126.72.220 2552 tcp tcpwrapped open
4013149.126.72.220 2553 tcp tcpwrapped open
4014149.126.72.220 2554 tcp tcpwrapped open
4015149.126.72.220 2555 tcp tcpwrapped open
4016149.126.72.220 2556 tcp tcpwrapped open
4017149.126.72.220 2557 tcp tcpwrapped open
4018149.126.72.220 2558 tcp tcpwrapped open
4019149.126.72.220 2559 tcp tcpwrapped open
4020149.126.72.220 2560 tcp tcpwrapped open
4021149.126.72.220 2561 tcp tcpwrapped open
4022149.126.72.220 2562 tcp tcpwrapped open
4023149.126.72.220 2563 tcp tcpwrapped open
4024149.126.72.220 2566 tcp tcpwrapped open
4025149.126.72.220 2567 tcp tcpwrapped open
4026149.126.72.220 2568 tcp tcpwrapped open
4027149.126.72.220 2569 tcp tcpwrapped open
4028149.126.72.220 2570 tcp tcpwrapped open
4029149.126.72.220 2572 tcp tcpwrapped open
4030149.126.72.220 2598 tcp tcpwrapped open
4031149.126.72.220 2599 tcp tcpwrapped open
4032149.126.72.220 2850 tcp tcpwrapped open
4033149.126.72.220 2985 tcp tcpwrapped open
4034149.126.72.220 2995 tcp tcpwrapped open
4035149.126.72.220 3000 tcp tcpwrapped open
4036149.126.72.220 3001 tcp tcpwrapped open
4037149.126.72.220 3002 tcp tcpwrapped open
4038149.126.72.220 3003 tcp tcpwrapped open
4039149.126.72.220 3004 tcp tcpwrapped open
4040149.126.72.220 3005 tcp tcpwrapped open
4041149.126.72.220 3006 tcp tcpwrapped open
4042149.126.72.220 3007 tcp tcpwrapped open
4043149.126.72.220 3008 tcp tcpwrapped open
4044149.126.72.220 3009 tcp tcpwrapped open
4045149.126.72.220 3010 tcp tcpwrapped open
4046149.126.72.220 3011 tcp tcpwrapped open
4047149.126.72.220 3012 tcp tcpwrapped open
4048149.126.72.220 3013 tcp tcpwrapped open
4049149.126.72.220 3014 tcp tcpwrapped open
4050149.126.72.220 3015 tcp tcpwrapped open
4051149.126.72.220 3016 tcp tcpwrapped open
4052149.126.72.220 3017 tcp tcpwrapped open
4053149.126.72.220 3018 tcp tcpwrapped open
4054149.126.72.220 3019 tcp tcpwrapped open
4055149.126.72.220 3020 tcp tcpwrapped open
4056149.126.72.220 3021 tcp tcpwrapped open
4057149.126.72.220 3022 tcp tcpwrapped open
4058149.126.72.220 3030 tcp tcpwrapped open
4059149.126.72.220 3047 tcp tcpwrapped open
4060149.126.72.220 3048 tcp tcpwrapped open
4061149.126.72.220 3049 tcp tcpwrapped open
4062149.126.72.220 3050 tcp tcpwrapped open
4063149.126.72.220 3051 tcp tcpwrapped open
4064149.126.72.220 3052 tcp tcpwrapped open
4065149.126.72.220 3053 tcp tcpwrapped open
4066149.126.72.220 3054 tcp tcpwrapped open
4067149.126.72.220 3055 tcp tcpwrapped open
4068149.126.72.220 3056 tcp tcpwrapped open
4069149.126.72.220 3057 tcp tcpwrapped open
4070149.126.72.220 3058 tcp tcpwrapped open
4071149.126.72.220 3059 tcp tcpwrapped open
4072149.126.72.220 3060 tcp tcpwrapped open
4073149.126.72.220 3061 tcp tcpwrapped open
4074149.126.72.220 3062 tcp tcpwrapped open
4075149.126.72.220 3063 tcp tcpwrapped open
4076149.126.72.220 3064 tcp tcpwrapped open
4077149.126.72.220 3065 tcp tcpwrapped open
4078149.126.72.220 3066 tcp tcpwrapped open
4079149.126.72.220 3067 tcp tcpwrapped open
4080149.126.72.220 3068 tcp tcpwrapped open
4081149.126.72.220 3069 tcp tcpwrapped open
4082149.126.72.220 3070 tcp tcpwrapped open
4083149.126.72.220 3071 tcp tcpwrapped open
4084149.126.72.220 3072 tcp tcpwrapped open
4085149.126.72.220 3073 tcp tcpwrapped open
4086149.126.72.220 3074 tcp tcpwrapped open
4087149.126.72.220 3075 tcp tcpwrapped open
4088149.126.72.220 3076 tcp tcpwrapped open
4089149.126.72.220 3077 tcp tcpwrapped open
4090149.126.72.220 3078 tcp tcpwrapped open
4091149.126.72.220 3079 tcp tcpwrapped open
4092149.126.72.220 3080 tcp tcpwrapped open
4093149.126.72.220 3081 tcp tcpwrapped open
4094149.126.72.220 3082 tcp tcpwrapped open
4095149.126.72.220 3083 tcp tcpwrapped open
4096149.126.72.220 3084 tcp tcpwrapped open
4097149.126.72.220 3085 tcp tcpwrapped open
4098149.126.72.220 3086 tcp tcpwrapped open
4099149.126.72.220 3087 tcp tcpwrapped open
4100149.126.72.220 3088 tcp tcpwrapped open
4101149.126.72.220 3089 tcp tcpwrapped open
4102149.126.72.220 3090 tcp tcpwrapped open
4103149.126.72.220 3091 tcp tcpwrapped open
4104149.126.72.220 3092 tcp tcpwrapped open
4105149.126.72.220 3093 tcp tcpwrapped open
4106149.126.72.220 3094 tcp tcpwrapped open
4107149.126.72.220 3095 tcp tcpwrapped open
4108149.126.72.220 3096 tcp tcpwrapped open
4109149.126.72.220 3097 tcp tcpwrapped open
4110149.126.72.220 3098 tcp tcpwrapped open
4111149.126.72.220 3099 tcp tcpwrapped open
4112149.126.72.220 3100 tcp tcpwrapped open
4113149.126.72.220 3101 tcp tcpwrapped open
4114149.126.72.220 3102 tcp tcpwrapped open
4115149.126.72.220 3103 tcp tcpwrapped open
4116149.126.72.220 3104 tcp tcpwrapped open
4117149.126.72.220 3105 tcp tcpwrapped open
4118149.126.72.220 3106 tcp tcpwrapped open
4119149.126.72.220 3107 tcp tcpwrapped open
4120149.126.72.220 3108 tcp tcpwrapped open
4121149.126.72.220 3109 tcp tcpwrapped open
4122149.126.72.220 3110 tcp tcpwrapped open
4123149.126.72.220 3111 tcp tcpwrapped open
4124149.126.72.220 3112 tcp tcpwrapped open
4125149.126.72.220 3113 tcp tcpwrapped open
4126149.126.72.220 3114 tcp tcpwrapped open
4127149.126.72.220 3115 tcp tcpwrapped open
4128149.126.72.220 3116 tcp tcpwrapped open
4129149.126.72.220 3117 tcp tcpwrapped open
4130149.126.72.220 3118 tcp tcpwrapped open
4131149.126.72.220 3119 tcp tcpwrapped open
4132149.126.72.220 3120 tcp tcpwrapped open
4133149.126.72.220 3121 tcp tcpwrapped open
4134149.126.72.220 3150 tcp tcpwrapped open
4135149.126.72.220 3155 tcp tcpwrapped open
4136149.126.72.220 3160 tcp tcpwrapped open
4137149.126.72.220 3165 tcp tcpwrapped open
4138149.126.72.220 3270 tcp tcpwrapped open
4139149.126.72.220 3299 tcp tcpwrapped open
4140149.126.72.220 3306 tcp tcpwrapped open
4141149.126.72.220 3333 tcp tcpwrapped open
4142149.126.72.220 3389 tcp tcpwrapped open
4143149.126.72.220 3391 tcp tcpwrapped open
4144149.126.72.220 3400 tcp tcpwrapped open
4145149.126.72.220 3401 tcp tcpwrapped open
4146149.126.72.220 3402 tcp tcpwrapped open
4147149.126.72.220 3403 tcp tcpwrapped open
4148149.126.72.220 3404 tcp tcpwrapped open
4149149.126.72.220 3405 tcp tcpwrapped open
4150149.126.72.220 3406 tcp tcpwrapped open
4151149.126.72.220 3407 tcp tcpwrapped open
4152149.126.72.220 3408 tcp tcpwrapped open
4153149.126.72.220 3409 tcp tcpwrapped open
4154149.126.72.220 3410 tcp tcpwrapped open
4155149.126.72.220 3412 tcp tcpwrapped open
4156149.126.72.220 3443 tcp tcpwrapped open
4157149.126.72.220 3500 tcp tcpwrapped open
4158149.126.72.220 3510 tcp tcpwrapped open
4159149.126.72.220 3521 tcp tcpwrapped open
4160149.126.72.220 3522 tcp tcpwrapped open
4161149.126.72.220 3523 tcp tcpwrapped open
4162149.126.72.220 3524 tcp tcpwrapped open
4163149.126.72.220 3530 tcp tcpwrapped open
4164149.126.72.220 3531 tcp tcpwrapped open
4165149.126.72.220 3540 tcp tcpwrapped open
4166149.126.72.220 3548 tcp tcpwrapped open
4167149.126.72.220 3549 tcp tcpwrapped open
4168149.126.72.220 3550 tcp tcpwrapped open
4169149.126.72.220 3551 tcp tcpwrapped open
4170149.126.72.220 3552 tcp tcpwrapped open
4171149.126.72.220 3553 tcp tcpwrapped open
4172149.126.72.220 3554 tcp tcpwrapped open
4173149.126.72.220 3555 tcp tcpwrapped open
4174149.126.72.220 3556 tcp tcpwrapped open
4175149.126.72.220 3557 tcp tcpwrapped open
4176149.126.72.220 3558 tcp tcpwrapped open
4177149.126.72.220 3559 tcp tcpwrapped open
4178149.126.72.220 3560 tcp tcpwrapped open
4179149.126.72.220 3561 tcp tcpwrapped open
4180149.126.72.220 3562 tcp tcpwrapped open
4181149.126.72.220 3563 tcp tcpwrapped open
4182149.126.72.220 3566 tcp tcpwrapped open
4183149.126.72.220 3567 tcp tcpwrapped open
4184149.126.72.220 3568 tcp tcpwrapped open
4185149.126.72.220 3569 tcp tcpwrapped open
4186149.126.72.220 3570 tcp tcpwrapped open
4187149.126.72.220 3572 tcp tcpwrapped open
4188149.126.72.220 3580 tcp tcpwrapped open
4189149.126.72.220 3590 tcp tcpwrapped open
4190149.126.72.220 3790 tcp tcpwrapped open
4191149.126.72.220 3791 tcp tcpwrapped open
4192149.126.72.220 3792 tcp tcpwrapped open
4193149.126.72.220 3793 tcp tcpwrapped open
4194149.126.72.220 3794 tcp tcpwrapped open
4195149.126.72.220 3838 tcp tcpwrapped open
4196149.126.72.220 3841 tcp tcpwrapped open
4197149.126.72.220 3842 tcp tcpwrapped open
4198149.126.72.220 3950 tcp tcpwrapped open
4199149.126.72.220 3951 tcp tcpwrapped open
4200149.126.72.220 3952 tcp tcpwrapped open
4201149.126.72.220 3953 tcp tcpwrapped open
4202149.126.72.220 3954 tcp adrep open
4203149.126.72.220 4000 tcp tcpwrapped open
4204149.126.72.220 4001 tcp newoak open
4205149.126.72.220 4002 tcp mlchat-proxy open
4206149.126.72.220 4021 tcp nexus-portal open
4207149.126.72.220 4022 tcp dnox open
4208149.126.72.220 4023 tcp esnm-zoning open
4209149.126.72.220 4043 tcp nirp open
4210149.126.72.220 4072 tcp zieto-sock open
4211149.126.72.220 4080 tcp lorica-in open
4212149.126.72.220 4085 tcp ezmessagesrv open
4213149.126.72.220 4120 tcp minirem open
4214149.126.72.220 4147 tcp vrxpservman open
4215149.126.72.220 4148 tcp hhb-handheld open
4216149.126.72.220 4150 tcp poweralert-nsa open
4217149.126.72.220 4155 tcp bzr open
4218149.126.72.220 4160 tcp jini-discovery open
4219149.126.72.220 4165 tcp altcp open
4220149.126.72.220 4172 tcp pcoip open
4221149.126.72.220 4243 tcp vrml-multi-use open
4222149.126.72.220 4244 tcp vrml-multi-use open
4223149.126.72.220 4250 tcp vrml-multi-use open
4224149.126.72.220 4300 tcp corelccam open
4225149.126.72.220 4333 tcp msql open
4226149.126.72.220 4343 tcp unicall open
4227149.126.72.220 4344 tcp vinainstall open
4228149.126.72.220 4400 tcp ds-srv open
4229149.126.72.220 4401 tcp tcpwrapped open
4230149.126.72.220 4402 tcp tcpwrapped open
4231149.126.72.220 4430 tcp tcpwrapped open
4232149.126.72.220 4431 tcp tcpwrapped open
4233149.126.72.220 4432 tcp tcpwrapped open
4234149.126.72.220 4434 tcp tcpwrapped open
4235149.126.72.220 4435 tcp tcpwrapped open
4236149.126.72.220 4436 tcp tcpwrapped open
4237149.126.72.220 4437 tcp tcpwrapped open
4238149.126.72.220 4439 tcp tcpwrapped open
4239149.126.72.220 4440 tcp tcpwrapped open
4240149.126.72.220 4443 tcp tcpwrapped open
4241149.126.72.220 4444 tcp tcpwrapped open
4242149.126.72.220 4445 tcp tcpwrapped open
4243149.126.72.220 4451 tcp tcpwrapped open
4244149.126.72.220 4455 tcp tcpwrapped open
4245149.126.72.220 4457 tcp tcpwrapped open
4246149.126.72.220 4459 tcp tcpwrapped open
4247149.126.72.220 4461 tcp tcpwrapped open
4248149.126.72.220 4463 tcp tcpwrapped open
4249149.126.72.220 4477 tcp tcpwrapped open
4250149.126.72.220 4482 tcp tcpwrapped open
4251149.126.72.220 4500 tcp tcpwrapped open
4252149.126.72.220 4502 tcp tcpwrapped open
4253149.126.72.220 4505 tcp tcpwrapped open
4254149.126.72.220 4572 tcp tcpwrapped open
4255149.126.72.220 4602 tcp tcpwrapped open
4256149.126.72.220 4620 tcp tcpwrapped open
4257149.126.72.220 4643 tcp tcpwrapped open
4258149.126.72.220 4848 tcp tcpwrapped open
4259149.126.72.220 4933 tcp tcpwrapped open
4260149.126.72.220 4993 tcp tcpwrapped open
4261149.126.72.220 5000 tcp tcpwrapped open
4262149.126.72.220 5001 tcp tcpwrapped open
4263149.126.72.220 5002 tcp tcpwrapped open
4264149.126.72.220 5003 tcp tcpwrapped open
4265149.126.72.220 5004 tcp tcpwrapped open
4266149.126.72.220 5005 tcp tcpwrapped open
4267149.126.72.220 5006 tcp tcpwrapped open
4268149.126.72.220 5007 tcp tcpwrapped open
4269149.126.72.220 5008 tcp tcpwrapped open
4270149.126.72.220 5009 tcp tcpwrapped open
4271149.126.72.220 5010 tcp tcpwrapped open
4272149.126.72.220 5011 tcp tcpwrapped open
4273149.126.72.220 5022 tcp tcpwrapped open
4274149.126.72.220 5050 tcp tcpwrapped open
4275149.126.72.220 5053 tcp tcpwrapped open
4276149.126.72.220 5060 tcp tcpwrapped open
4277149.126.72.220 5061 tcp tcpwrapped open
4278149.126.72.220 5080 tcp tcpwrapped open
4279149.126.72.220 5083 tcp tcpwrapped open
4280149.126.72.220 5089 tcp tcpwrapped open
4281149.126.72.220 5090 tcp tcpwrapped open
4282149.126.72.220 5100 tcp tcpwrapped open
4283149.126.72.220 5105 tcp tcpwrapped open
4284149.126.72.220 5119 tcp tcpwrapped open
4285149.126.72.220 5120 tcp tcpwrapped open
4286149.126.72.220 5130 tcp tcpwrapped open
4287149.126.72.220 5140 tcp tcpwrapped open
4288149.126.72.220 5150 tcp tcpwrapped open
4289149.126.72.220 5160 tcp tcpwrapped open
4290149.126.72.220 5180 tcp tcpwrapped open
4291149.126.72.220 5201 tcp tcpwrapped open
4292149.126.72.220 5222 tcp tcpwrapped open
4293149.126.72.220 5223 tcp tcpwrapped open
4294149.126.72.220 5224 tcp tcpwrapped open
4295149.126.72.220 5225 tcp tcpwrapped open
4296149.126.72.220 5226 tcp tcpwrapped open
4297149.126.72.220 5227 tcp tcpwrapped open
4298149.126.72.220 5228 tcp tcpwrapped open
4299149.126.72.220 5229 tcp tcpwrapped open
4300149.126.72.220 5230 tcp tcpwrapped open
4301149.126.72.220 5231 tcp tcpwrapped open
4302149.126.72.220 5232 tcp tcpwrapped open
4303149.126.72.220 5233 tcp tcpwrapped open
4304149.126.72.220 5234 tcp tcpwrapped open
4305149.126.72.220 5235 tcp tcpwrapped open
4306149.126.72.220 5236 tcp tcpwrapped open
4307149.126.72.220 5237 tcp tcpwrapped open
4308149.126.72.220 5238 tcp tcpwrapped open
4309149.126.72.220 5239 tcp tcpwrapped open
4310149.126.72.220 5240 tcp tcpwrapped open
4311149.126.72.220 5241 tcp tcpwrapped open
4312149.126.72.220 5242 tcp tcpwrapped open
4313149.126.72.220 5243 tcp tcpwrapped open
4314149.126.72.220 5244 tcp tcpwrapped open
4315149.126.72.220 5245 tcp tcpwrapped open
4316149.126.72.220 5246 tcp tcpwrapped open
4317149.126.72.220 5247 tcp tcpwrapped open
4318149.126.72.220 5248 tcp tcpwrapped open
4319149.126.72.220 5249 tcp tcpwrapped open
4320149.126.72.220 5250 tcp tcpwrapped open
4321149.126.72.220 5251 tcp tcpwrapped open
4322149.126.72.220 5252 tcp tcpwrapped open
4323149.126.72.220 5253 tcp tcpwrapped open
4324149.126.72.220 5254 tcp tcpwrapped open
4325149.126.72.220 5255 tcp tcpwrapped open
4326149.126.72.220 5256 tcp tcpwrapped open
4327149.126.72.220 5257 tcp tcpwrapped open
4328149.126.72.220 5258 tcp tcpwrapped open
4329149.126.72.220 5259 tcp tcpwrapped open
4330149.126.72.220 5260 tcp tcpwrapped open
4331149.126.72.220 5261 tcp tcpwrapped open
4332149.126.72.220 5262 tcp tcpwrapped open
4333149.126.72.220 5263 tcp tcpwrapped open
4334149.126.72.220 5264 tcp tcpwrapped open
4335149.126.72.220 5265 tcp tcpwrapped open
4336149.126.72.220 5266 tcp tcpwrapped open
4337149.126.72.220 5267 tcp tcpwrapped open
4338149.126.72.220 5268 tcp tcpwrapped open
4339149.126.72.220 5269 tcp tcpwrapped open
4340149.126.72.220 5270 tcp tcpwrapped open
4341149.126.72.220 5271 tcp tcpwrapped open
4342149.126.72.220 5272 tcp tcpwrapped open
4343149.126.72.220 5273 tcp tcpwrapped open
4344149.126.72.220 5274 tcp tcpwrapped open
4345149.126.72.220 5275 tcp tcpwrapped open
4346149.126.72.220 5276 tcp tcpwrapped open
4347149.126.72.220 5277 tcp tcpwrapped open
4348149.126.72.220 5278 tcp tcpwrapped open
4349149.126.72.220 5279 tcp tcpwrapped open
4350149.126.72.220 5280 tcp tcpwrapped open
4351149.126.72.220 5440 tcp tcpwrapped open
4352149.126.72.220 5443 tcp tcpwrapped open
4353149.126.72.220 5456 tcp tcpwrapped open
4354149.126.72.220 5494 tcp tcpwrapped open
4355149.126.72.220 5495 tcp tcpwrapped open
4356149.126.72.220 5500 tcp tcpwrapped open
4357149.126.72.220 5503 tcp tcpwrapped open
4358149.126.72.220 5552 tcp tcpwrapped open
4359149.126.72.220 5555 tcp tcpwrapped open
4360149.126.72.220 5556 tcp tcpwrapped open
4361149.126.72.220 5557 tcp tcpwrapped open
4362149.126.72.220 5567 tcp tcpwrapped open
4363149.126.72.220 5568 tcp tcpwrapped open
4364149.126.72.220 5569 tcp tcpwrapped open
4365149.126.72.220 5590 tcp tcpwrapped open
4366149.126.72.220 5591 tcp tcpwrapped open
4367149.126.72.220 5592 tcp tcpwrapped open
4368149.126.72.220 5593 tcp tcpwrapped open
4369149.126.72.220 5594 tcp tcpwrapped open
4370149.126.72.220 5595 tcp tcpwrapped open
4371149.126.72.220 5596 tcp tcpwrapped open
4372149.126.72.220 5597 tcp tcpwrapped open
4373149.126.72.220 5598 tcp tcpwrapped open
4374149.126.72.220 5599 tcp tcpwrapped open
4375149.126.72.220 5600 tcp tcpwrapped open
4376149.126.72.220 5601 tcp tcpwrapped open
4377149.126.72.220 5602 tcp tcpwrapped open
4378149.126.72.220 5603 tcp tcpwrapped open
4379149.126.72.220 5604 tcp tcpwrapped open
4380149.126.72.220 5605 tcp tcpwrapped open
4381149.126.72.220 5606 tcp tcpwrapped open
4382149.126.72.220 5607 tcp tcpwrapped open
4383149.126.72.220 5608 tcp tcpwrapped open
4384149.126.72.220 5609 tcp tcpwrapped open
4385149.126.72.220 5613 tcp tcpwrapped open
4386149.126.72.220 5614 tcp tcpwrapped open
4387149.126.72.220 5620 tcp tcpwrapped open
4388149.126.72.220 5630 tcp tcpwrapped open
4389149.126.72.220 5640 tcp tcpwrapped open
4390149.126.72.220 5650 tcp tcpwrapped open
4391149.126.72.220 5660 tcp tcpwrapped open
4392149.126.72.220 5671 tcp tcpwrapped open
4393149.126.72.220 5672 tcp tcpwrapped open
4394149.126.72.220 5673 tcp tcpwrapped open
4395149.126.72.220 5680 tcp tcpwrapped open
4396149.126.72.220 5696 tcp tcpwrapped open
4397149.126.72.220 5698 tcp tcpwrapped open
4398149.126.72.220 5701 tcp tcpwrapped open
4399149.126.72.220 5721 tcp tcpwrapped open
4400149.126.72.220 5900 tcp tcpwrapped open
4401149.126.72.220 5901 tcp tcpwrapped open
4402149.126.72.220 5902 tcp tcpwrapped open
4403149.126.72.220 5903 tcp tcpwrapped open
4404149.126.72.220 5904 tcp tcpwrapped open
4405149.126.72.220 5905 tcp tcpwrapped open
4406149.126.72.220 5906 tcp tcpwrapped open
4407149.126.72.220 5907 tcp tcpwrapped open
4408149.126.72.220 5908 tcp tcpwrapped open
4409149.126.72.220 5909 tcp tcpwrapped open
4410149.126.72.220 5910 tcp tcpwrapped open
4411149.126.72.220 5911 tcp tcpwrapped open
4412149.126.72.220 5912 tcp tcpwrapped open
4413149.126.72.220 5913 tcp tcpwrapped open
4414149.126.72.220 5914 tcp tcpwrapped open
4415149.126.72.220 5915 tcp tcpwrapped open
4416149.126.72.220 5916 tcp tcpwrapped open
4417149.126.72.220 5917 tcp tcpwrapped open
4418149.126.72.220 5918 tcp tcpwrapped open
4419149.126.72.220 5919 tcp tcpwrapped open
4420149.126.72.220 5920 tcp tcpwrapped open
4421149.126.72.220 5984 tcp tcpwrapped open
4422149.126.72.220 5985 tcp tcpwrapped open
4423149.126.72.220 5986 tcp tcpwrapped open
4424149.126.72.220 5987 tcp tcpwrapped open
4425149.126.72.220 5988 tcp tcpwrapped open
4426149.126.72.220 5989 tcp tcpwrapped open
4427149.126.72.220 5990 tcp tcpwrapped open
4428149.126.72.220 5991 tcp tcpwrapped open
4429149.126.72.220 5992 tcp tcpwrapped open
4430149.126.72.220 5993 tcp tcpwrapped open
4431149.126.72.220 5994 tcp tcpwrapped open
4432149.126.72.220 5995 tcp tcpwrapped open
4433149.126.72.220 5996 tcp tcpwrapped open
4434149.126.72.220 5997 tcp tcpwrapped open
4435149.126.72.220 5998 tcp tcpwrapped open
4436149.126.72.220 5999 tcp tcpwrapped open
4437149.126.72.220 6000 tcp tcpwrapped open
4438149.126.72.220 6001 tcp tcpwrapped open
4439149.126.72.220 6002 tcp tcpwrapped open
4440149.126.72.220 6003 tcp tcpwrapped open
4441149.126.72.220 6004 tcp tcpwrapped open
4442149.126.72.220 6005 tcp tcpwrapped open
4443149.126.72.220 6006 tcp tcpwrapped open
4444149.126.72.220 6007 tcp tcpwrapped open
4445149.126.72.220 6008 tcp tcpwrapped open
4446149.126.72.220 6009 tcp tcpwrapped open
4447149.126.72.220 6010 tcp tcpwrapped open
4448149.126.72.220 6011 tcp tcpwrapped open
4449149.126.72.220 6021 tcp tcpwrapped open
4450149.126.72.220 6060 tcp tcpwrapped open
4451149.126.72.220 6061 tcp tcpwrapped open
4452149.126.72.220 6081 tcp tcpwrapped open
4453149.126.72.220 6100 tcp tcpwrapped open
4454149.126.72.220 6102 tcp tcpwrapped open
4455149.126.72.220 6134 tcp tcpwrapped open
4456149.126.72.220 6161 tcp tcpwrapped open
4457149.126.72.220 6331 tcp tcpwrapped open
4458149.126.72.220 6348 tcp tcpwrapped open
4459149.126.72.220 6379 tcp tcpwrapped open
4460149.126.72.220 6380 tcp tcpwrapped open
4461149.126.72.220 6433 tcp tcpwrapped open
4462149.126.72.220 6440 tcp tcpwrapped open
4463149.126.72.220 6443 tcp tcpwrapped open
4464149.126.72.220 6488 tcp tcpwrapped open
4465149.126.72.220 6500 tcp tcpwrapped open
4466149.126.72.220 6505 tcp tcpwrapped open
4467149.126.72.220 6510 tcp tcpwrapped open
4468149.126.72.220 6511 tcp tcpwrapped open
4469149.126.72.220 6512 tcp tcpwrapped open
4470149.126.72.220 6514 tcp tcpwrapped open
4471149.126.72.220 6543 tcp tcpwrapped open
4472149.126.72.220 6544 tcp tcpwrapped open
4473149.126.72.220 6560 tcp tcpwrapped open
4474149.126.72.220 6561 tcp tcpwrapped open
4475149.126.72.220 6565 tcp tcpwrapped open
4476149.126.72.220 6580 tcp tcpwrapped open
4477149.126.72.220 6581 tcp tcpwrapped open
4478149.126.72.220 6590 tcp tcpwrapped open
4479149.126.72.220 6601 tcp tcpwrapped open
4480149.126.72.220 6603 tcp tcpwrapped open
4481149.126.72.220 6605 tcp tcpwrapped open
4482149.126.72.220 6661 tcp tcpwrapped open
4483149.126.72.220 6662 tcp tcpwrapped open
4484149.126.72.220 6666 tcp tcpwrapped open
4485149.126.72.220 6686 tcp tcpwrapped open
4486149.126.72.220 6688 tcp tcpwrapped open
4487149.126.72.220 6700 tcp tcpwrapped open
4488149.126.72.220 6755 tcp tcpwrapped open
4489149.126.72.220 6775 tcp tcpwrapped open
4490149.126.72.220 6779 tcp tcpwrapped open
4491149.126.72.220 6789 tcp tcpwrapped open
4492149.126.72.220 6799 tcp tcpwrapped open
4493149.126.72.220 7000 tcp tcpwrapped open
4494149.126.72.220 7001 tcp tcpwrapped open
4495149.126.72.220 7002 tcp tcpwrapped open
4496149.126.72.220 7003 tcp tcpwrapped open
4497149.126.72.220 7004 tcp tcpwrapped open
4498149.126.72.220 7005 tcp tcpwrapped open
4499149.126.72.220 7007 tcp tcpwrapped open
4500149.126.72.220 7010 tcp tcpwrapped open
4501149.126.72.220 7011 tcp tcpwrapped open
4502149.126.72.220 7021 tcp tcpwrapped open
4503149.126.72.220 7070 tcp tcpwrapped open
4504149.126.72.220 7071 tcp tcpwrapped open
4505149.126.72.220 7079 tcp tcpwrapped open
4506149.126.72.220 7080 tcp tcpwrapped open
4507149.126.72.220 7081 tcp tcpwrapped open
4508149.126.72.220 7082 tcp tcpwrapped open
4509149.126.72.220 7083 tcp tcpwrapped open
4510149.126.72.220 7084 tcp tcpwrapped open
4511149.126.72.220 7085 tcp tcpwrapped open
4512149.126.72.220 7086 tcp tcpwrapped open
4513149.126.72.220 7087 tcp tcpwrapped open
4514149.126.72.220 7088 tcp tcpwrapped open
4515149.126.72.220 7090 tcp tcpwrapped open
4516149.126.72.220 7171 tcp tcpwrapped open
4517149.126.72.220 7172 tcp tcpwrapped open
4518149.126.72.220 7272 tcp tcpwrapped open
4519149.126.72.220 7348 tcp tcpwrapped open
4520149.126.72.220 7403 tcp tcpwrapped open
4521149.126.72.220 7433 tcp tcpwrapped open
4522149.126.72.220 7441 tcp tcpwrapped open
4523149.126.72.220 7443 tcp tcpwrapped open
4524149.126.72.220 7444 tcp tcpwrapped open
4525149.126.72.220 7445 tcp tcpwrapped open
4526149.126.72.220 7473 tcp tcpwrapped open
4527149.126.72.220 7500 tcp tcpwrapped open
4528149.126.72.220 7537 tcp tcpwrapped open
4529149.126.72.220 7687 tcp tcpwrapped open
4530149.126.72.220 7700 tcp tcpwrapped open
4531149.126.72.220 7771 tcp tcpwrapped open
4532149.126.72.220 7773 tcp tcpwrapped open
4533149.126.72.220 7774 tcp tcpwrapped open
4534149.126.72.220 7775 tcp tcpwrapped open
4535149.126.72.220 7776 tcp tcpwrapped open
4536149.126.72.220 7777 tcp tcpwrapped open
4537149.126.72.220 7778 tcp tcpwrapped open
4538149.126.72.220 7779 tcp tcpwrapped open
4539149.126.72.220 7788 tcp tcpwrapped open
4540149.126.72.220 7799 tcp tcpwrapped open
4541149.126.72.220 7998 tcp tcpwrapped open
4542149.126.72.220 7999 tcp tcpwrapped open
4543149.126.72.220 8000 tcp tcpwrapped open
4544149.126.72.220 8001 tcp tcpwrapped open
4545149.126.72.220 8002 tcp tcpwrapped open
4546149.126.72.220 8003 tcp tcpwrapped open
4547149.126.72.220 8004 tcp tcpwrapped open
4548149.126.72.220 8005 tcp tcpwrapped open
4549149.126.72.220 8006 tcp tcpwrapped open
4550149.126.72.220 8007 tcp tcpwrapped open
4551149.126.72.220 8008 tcp tcpwrapped open
4552149.126.72.220 8009 tcp tcpwrapped open
4553149.126.72.220 8010 tcp tcpwrapped open
4554149.126.72.220 8011 tcp tcpwrapped open
4555149.126.72.220 8012 tcp tcpwrapped open
4556149.126.72.220 8013 tcp tcpwrapped open
4557149.126.72.220 8014 tcp tcpwrapped open
4558149.126.72.220 8015 tcp tcpwrapped open
4559149.126.72.220 8016 tcp tcpwrapped open
4560149.126.72.220 8017 tcp tcpwrapped open
4561149.126.72.220 8018 tcp tcpwrapped open
4562149.126.72.220 8019 tcp tcpwrapped open
4563149.126.72.220 8020 tcp tcpwrapped open
4564149.126.72.220 8021 tcp tcpwrapped open
4565149.126.72.220 8022 tcp tcpwrapped open
4566149.126.72.220 8023 tcp tcpwrapped open
4567149.126.72.220 8024 tcp tcpwrapped open
4568149.126.72.220 8025 tcp tcpwrapped open
4569149.126.72.220 8026 tcp tcpwrapped open
4570149.126.72.220 8027 tcp tcpwrapped open
4571149.126.72.220 8028 tcp tcpwrapped open
4572149.126.72.220 8029 tcp tcpwrapped open
4573149.126.72.220 8030 tcp tcpwrapped open
4574149.126.72.220 8031 tcp tcpwrapped open
4575149.126.72.220 8032 tcp tcpwrapped open
4576149.126.72.220 8033 tcp tcpwrapped open
4577149.126.72.220 8034 tcp tcpwrapped open
4578149.126.72.220 8035 tcp tcpwrapped open
4579149.126.72.220 8036 tcp tcpwrapped open
4580149.126.72.220 8037 tcp tcpwrapped open
4581149.126.72.220 8038 tcp tcpwrapped open
4582149.126.72.220 8039 tcp tcpwrapped open
4583149.126.72.220 8040 tcp tcpwrapped open
4584149.126.72.220 8041 tcp tcpwrapped open
4585149.126.72.220 8042 tcp tcpwrapped open
4586149.126.72.220 8043 tcp tcpwrapped open
4587149.126.72.220 8044 tcp tcpwrapped open
4588149.126.72.220 8045 tcp tcpwrapped open
4589149.126.72.220 8046 tcp tcpwrapped open
4590149.126.72.220 8047 tcp tcpwrapped open
4591149.126.72.220 8048 tcp tcpwrapped open
4592149.126.72.220 8049 tcp tcpwrapped open
4593149.126.72.220 8050 tcp tcpwrapped open
4594149.126.72.220 8051 tcp tcpwrapped open
4595149.126.72.220 8052 tcp tcpwrapped open
4596149.126.72.220 8053 tcp tcpwrapped open
4597149.126.72.220 8054 tcp tcpwrapped open
4598149.126.72.220 8055 tcp tcpwrapped open
4599149.126.72.220 8056 tcp tcpwrapped open
4600149.126.72.220 8057 tcp tcpwrapped open
4601149.126.72.220 8058 tcp tcpwrapped open
4602149.126.72.220 8060 tcp tcpwrapped open
4603149.126.72.220 8064 tcp tcpwrapped open
4604149.126.72.220 8065 tcp tcpwrapped open
4605149.126.72.220 8069 tcp tcpwrapped open
4606149.126.72.220 8070 tcp tcpwrapped open
4607149.126.72.220 8071 tcp tcpwrapped open
4608149.126.72.220 8072 tcp tcpwrapped open
4609149.126.72.220 8074 tcp tcpwrapped open
4610149.126.72.220 8079 tcp tcpwrapped open
4611149.126.72.220 8080 tcp tcpwrapped open
4612149.126.72.220 8081 tcp tcpwrapped open
4613149.126.72.220 8082 tcp tcpwrapped open
4614149.126.72.220 8083 tcp tcpwrapped open
4615149.126.72.220 8084 tcp tcpwrapped open
4616149.126.72.220 8085 tcp tcpwrapped open
4617149.126.72.220 8086 tcp tcpwrapped open
4618149.126.72.220 8087 tcp tcpwrapped open
4619149.126.72.220 8088 tcp tcpwrapped open
4620149.126.72.220 8089 tcp tcpwrapped open
4621149.126.72.220 8090 tcp tcpwrapped open
4622149.126.72.220 8091 tcp tcpwrapped open
4623149.126.72.220 8092 tcp tcpwrapped open
4624149.126.72.220 8093 tcp tcpwrapped open
4625149.126.72.220 8094 tcp tcpwrapped open
4626149.126.72.220 8095 tcp tcpwrapped open
4627149.126.72.220 8096 tcp tcpwrapped open
4628149.126.72.220 8097 tcp tcpwrapped open
4629149.126.72.220 8098 tcp tcpwrapped open
4630149.126.72.220 8099 tcp tcpwrapped open
4631149.126.72.220 8100 tcp tcpwrapped open
4632149.126.72.220 8101 tcp tcpwrapped open
4633149.126.72.220 8102 tcp tcpwrapped open
4634149.126.72.220 8103 tcp tcpwrapped open
4635149.126.72.220 8104 tcp tcpwrapped open
4636149.126.72.220 8105 tcp tcpwrapped open
4637149.126.72.220 8106 tcp tcpwrapped open
4638149.126.72.220 8107 tcp tcpwrapped open
4639149.126.72.220 8108 tcp tcpwrapped open
4640149.126.72.220 8109 tcp tcpwrapped open
4641149.126.72.220 8110 tcp tcpwrapped open
4642149.126.72.220 8113 tcp tcpwrapped open
4643149.126.72.220 8114 tcp tcpwrapped open
4644149.126.72.220 8115 tcp tcpwrapped open
4645149.126.72.220 8118 tcp tcpwrapped open
4646149.126.72.220 8119 tcp tcpwrapped open
4647149.126.72.220 8120 tcp tcpwrapped open
4648149.126.72.220 8121 tcp tcpwrapped open
4649149.126.72.220 8123 tcp tcpwrapped open
4650149.126.72.220 8125 tcp tcpwrapped open
4651149.126.72.220 8126 tcp tcpwrapped open
4652149.126.72.220 8128 tcp tcpwrapped open
4653149.126.72.220 8129 tcp tcpwrapped open
4654149.126.72.220 8130 tcp tcpwrapped open
4655149.126.72.220 8131 tcp tcpwrapped open
4656149.126.72.220 8132 tcp tcpwrapped open
4657149.126.72.220 8133 tcp tcpwrapped open
4658149.126.72.220 8136 tcp tcpwrapped open
4659149.126.72.220 8140 tcp tcpwrapped open
4660149.126.72.220 8142 tcp tcpwrapped open
4661149.126.72.220 8143 tcp tcpwrapped open
4662149.126.72.220 8144 tcp tcpwrapped open
4663149.126.72.220 8147 tcp tcpwrapped open
4664149.126.72.220 8148 tcp tcpwrapped open
4665149.126.72.220 8149 tcp tcpwrapped open
4666149.126.72.220 8150 tcp tcpwrapped open
4667149.126.72.220 8154 tcp tcpwrapped open
4668149.126.72.220 8156 tcp tcpwrapped open
4669149.126.72.220 8157 tcp tcpwrapped open
4670149.126.72.220 8158 tcp tcpwrapped open
4671149.126.72.220 8160 tcp tcpwrapped open
4672149.126.72.220 8161 tcp tcpwrapped open
4673149.126.72.220 8162 tcp tcpwrapped open
4674149.126.72.220 8163 tcp tcpwrapped open
4675149.126.72.220 8164 tcp tcpwrapped open
4676149.126.72.220 8165 tcp tcpwrapped open
4677149.126.72.220 8166 tcp tcpwrapped open
4678149.126.72.220 8167 tcp tcpwrapped open
4679149.126.72.220 8168 tcp tcpwrapped open
4680149.126.72.220 8169 tcp tcpwrapped open
4681149.126.72.220 8170 tcp tcpwrapped open
4682149.126.72.220 8171 tcp tcpwrapped open
4683149.126.72.220 8172 tcp tcpwrapped open
4684149.126.72.220 8173 tcp tcpwrapped open
4685149.126.72.220 8175 tcp tcpwrapped open
4686149.126.72.220 8176 tcp tcpwrapped open
4687149.126.72.220 8178 tcp tcpwrapped open
4688149.126.72.220 8179 tcp tcpwrapped open
4689149.126.72.220 8180 tcp tcpwrapped open
4690149.126.72.220 8181 tcp tcpwrapped open
4691149.126.72.220 8182 tcp tcpwrapped open
4692149.126.72.220 8183 tcp tcpwrapped open
4693149.126.72.220 8184 tcp tcpwrapped open
4694149.126.72.220 8185 tcp tcpwrapped open
4695149.126.72.220 8186 tcp tcpwrapped open
4696149.126.72.220 8187 tcp tcpwrapped open
4697149.126.72.220 8188 tcp tcpwrapped open
4698149.126.72.220 8189 tcp tcpwrapped open
4699149.126.72.220 8190 tcp tcpwrapped open
4700149.126.72.220 8191 tcp tcpwrapped open
4701149.126.72.220 8192 tcp tcpwrapped open
4702149.126.72.220 8193 tcp tcpwrapped open
4703149.126.72.220 8194 tcp tcpwrapped open
4704149.126.72.220 8195 tcp tcpwrapped open
4705149.126.72.220 8198 tcp tcpwrapped open
4706149.126.72.220 8199 tcp tcpwrapped open
4707149.126.72.220 8200 tcp tcpwrapped open
4708149.126.72.220 8203 tcp tcpwrapped open
4709149.126.72.220 8222 tcp tcpwrapped open
4710149.126.72.220 8230 tcp tcpwrapped open
4711149.126.72.220 8236 tcp tcpwrapped open
4712149.126.72.220 8237 tcp tcpwrapped open
4713149.126.72.220 8238 tcp tcpwrapped open
4714149.126.72.220 8239 tcp tcpwrapped open
4715149.126.72.220 8241 tcp tcpwrapped open
4716149.126.72.220 8243 tcp tcpwrapped open
4717149.126.72.220 8248 tcp tcpwrapped open
4718149.126.72.220 8249 tcp tcpwrapped open
4719149.126.72.220 8250 tcp tcpwrapped open
4720149.126.72.220 8251 tcp tcpwrapped open
4721149.126.72.220 8252 tcp tcpwrapped open
4722149.126.72.220 8280 tcp tcpwrapped open
4723149.126.72.220 8282 tcp tcpwrapped open
4724149.126.72.220 8333 tcp tcpwrapped open
4725149.126.72.220 8340 tcp tcpwrapped open
4726149.126.72.220 8343 tcp tcpwrapped open
4727149.126.72.220 8350 tcp tcpwrapped open
4728149.126.72.220 8381 tcp tcpwrapped open
4729149.126.72.220 8382 tcp tcpwrapped open
4730149.126.72.220 8383 tcp tcpwrapped open
4731149.126.72.220 8384 tcp tcpwrapped open
4732149.126.72.220 8385 tcp tcpwrapped open
4733149.126.72.220 8388 tcp tcpwrapped open
4734149.126.72.220 8393 tcp tcpwrapped open
4735149.126.72.220 8401 tcp tcpwrapped open
4736149.126.72.220 8402 tcp tcpwrapped open
4737149.126.72.220 8403 tcp tcpwrapped open
4738149.126.72.220 8404 tcp tcpwrapped open
4739149.126.72.220 8405 tcp tcpwrapped open
4740149.126.72.220 8406 tcp tcpwrapped open
4741149.126.72.220 8407 tcp tcpwrapped open
4742149.126.72.220 8408 tcp tcpwrapped open
4743149.126.72.220 8409 tcp tcpwrapped open
4744149.126.72.220 8410 tcp tcpwrapped open
4745149.126.72.220 8411 tcp tcpwrapped open
4746149.126.72.220 8412 tcp tcpwrapped open
4747149.126.72.220 8413 tcp tcpwrapped open
4748149.126.72.220 8414 tcp tcpwrapped open
4749149.126.72.220 8415 tcp tcpwrapped open
4750149.126.72.220 8416 tcp tcpwrapped open
4751149.126.72.220 8417 tcp tcpwrapped open
4752149.126.72.220 8418 tcp tcpwrapped open
4753149.126.72.220 8419 tcp tcpwrapped open
4754149.126.72.220 8420 tcp tcpwrapped open
4755149.126.72.220 8421 tcp tcpwrapped open
4756149.126.72.220 8422 tcp tcpwrapped open
4757149.126.72.220 8423 tcp tcpwrapped open
4758149.126.72.220 8424 tcp tcpwrapped open
4759149.126.72.220 8425 tcp tcpwrapped open
4760149.126.72.220 8426 tcp tcpwrapped open
4761149.126.72.220 8427 tcp tcpwrapped open
4762149.126.72.220 8428 tcp tcpwrapped open
4763149.126.72.220 8429 tcp tcpwrapped open
4764149.126.72.220 8430 tcp tcpwrapped open
4765149.126.72.220 8431 tcp tcpwrapped open
4766149.126.72.220 8432 tcp tcpwrapped open
4767149.126.72.220 8433 tcp tcpwrapped open
4768149.126.72.220 8435 tcp tcpwrapped open
4769149.126.72.220 8440 tcp tcpwrapped open
4770149.126.72.220 8441 tcp tcpwrapped open
4771149.126.72.220 8442 tcp tcpwrapped open
4772149.126.72.220 8443 tcp tcpwrapped open
4773149.126.72.220 8444 tcp tcpwrapped open
4774149.126.72.220 8445 tcp tcpwrapped open
4775149.126.72.220 8446 tcp tcpwrapped open
4776149.126.72.220 8447 tcp tcpwrapped open
4777149.126.72.220 8448 tcp tcpwrapped open
4778149.126.72.220 8449 tcp tcpwrapped open
4779149.126.72.220 8450 tcp tcpwrapped open
4780149.126.72.220 8451 tcp tcpwrapped open
4781149.126.72.220 8452 tcp tcpwrapped open
4782149.126.72.220 8453 tcp tcpwrapped open
4783149.126.72.220 8454 tcp tcpwrapped open
4784149.126.72.220 8455 tcp tcpwrapped open
4785149.126.72.220 8456 tcp tcpwrapped open
4786149.126.72.220 8457 tcp tcpwrapped open
4787149.126.72.220 8458 tcp tcpwrapped open
4788149.126.72.220 8459 tcp tcpwrapped open
4789149.126.72.220 8460 tcp tcpwrapped open
4790149.126.72.220 8461 tcp tcpwrapped open
4791149.126.72.220 8462 tcp tcpwrapped open
4792149.126.72.220 8463 tcp tcpwrapped open
4793149.126.72.220 8464 tcp tcpwrapped open
4794149.126.72.220 8465 tcp tcpwrapped open
4795149.126.72.220 8466 tcp tcpwrapped open
4796149.126.72.220 8467 tcp tcpwrapped open
4797149.126.72.220 8470 tcp tcpwrapped open
4798149.126.72.220 8472 tcp tcpwrapped open
4799149.126.72.220 8473 tcp tcpwrapped open
4800149.126.72.220 8475 tcp tcpwrapped open
4801149.126.72.220 8480 tcp tcpwrapped open
4802149.126.72.220 8481 tcp tcpwrapped open
4803149.126.72.220 8482 tcp tcpwrapped open
4804149.126.72.220 8484 tcp tcpwrapped open
4805149.126.72.220 8485 tcp tcpwrapped open
4806149.126.72.220 8488 tcp tcpwrapped open
4807149.126.72.220 8493 tcp tcpwrapped open
4808149.126.72.220 8494 tcp tcpwrapped open
4809149.126.72.220 8500 tcp tcpwrapped open
4810149.126.72.220 8502 tcp tcpwrapped open
4811149.126.72.220 8503 tcp tcpwrapped open
4812149.126.72.220 8504 tcp tcpwrapped open
4813149.126.72.220 8505 tcp tcpwrapped open
4814149.126.72.220 8506 tcp tcpwrapped open
4815149.126.72.220 8510 tcp tcpwrapped open
4816149.126.72.220 8513 tcp tcpwrapped open
4817149.126.72.220 8514 tcp tcpwrapped open
4818149.126.72.220 8515 tcp tcpwrapped open
4819149.126.72.220 8519 tcp tcpwrapped open
4820149.126.72.220 8520 tcp tcpwrapped open
4821149.126.72.220 8521 tcp tcpwrapped open
4822149.126.72.220 8523 tcp tcpwrapped open
4823149.126.72.220 8524 tcp tcpwrapped open
4824149.126.72.220 8525 tcp tcpwrapped open
4825149.126.72.220 8526 tcp tcpwrapped open
4826149.126.72.220 8528 tcp tcpwrapped open
4827149.126.72.220 8529 tcp tcpwrapped open
4828149.126.72.220 8530 tcp tcpwrapped open
4829149.126.72.220 8531 tcp tcpwrapped open
4830149.126.72.220 8532 tcp tcpwrapped open
4831149.126.72.220 8533 tcp tcpwrapped open
4832149.126.72.220 8536 tcp tcpwrapped open
4833149.126.72.220 8540 tcp tcpwrapped open
4834149.126.72.220 8543 tcp tcpwrapped open
4835149.126.72.220 8544 tcp tcpwrapped open
4836149.126.72.220 8548 tcp tcpwrapped open
4837149.126.72.220 8549 tcp tcpwrapped open
4838149.126.72.220 8550 tcp tcpwrapped open
4839149.126.72.220 8551 tcp tcpwrapped open
4840149.126.72.220 8553 tcp tcpwrapped open
4841149.126.72.220 8556 tcp tcpwrapped open
4842149.126.72.220 8557 tcp tcpwrapped open
4843149.126.72.220 8558 tcp tcpwrapped open
4844149.126.72.220 8560 tcp tcpwrapped open
4845149.126.72.220 8561 tcp tcpwrapped open
4846149.126.72.220 8562 tcp tcpwrapped open
4847149.126.72.220 8563 tcp tcpwrapped open
4848149.126.72.220 8564 tcp tcpwrapped open
4849149.126.72.220 8565 tcp tcpwrapped open
4850149.126.72.220 8566 tcp tcpwrapped open
4851149.126.72.220 8567 tcp tcpwrapped open
4852149.126.72.220 8568 tcp tcpwrapped open
4853149.126.72.220 8569 tcp tcpwrapped open
4854149.126.72.220 8570 tcp tcpwrapped open
4855149.126.72.220 8571 tcp tcpwrapped open
4856149.126.72.220 8573 tcp tcpwrapped open
4857149.126.72.220 8574 tcp tcpwrapped open
4858149.126.72.220 8575 tcp tcpwrapped open
4859149.126.72.220 8576 tcp tcpwrapped open
4860149.126.72.220 8577 tcp tcpwrapped open
4861149.126.72.220 8578 tcp tcpwrapped open
4862149.126.72.220 8579 tcp tcpwrapped open
4863149.126.72.220 8580 tcp tcpwrapped open
4864149.126.72.220 8581 tcp tcpwrapped open
4865149.126.72.220 8582 tcp tcpwrapped open
4866149.126.72.220 8583 tcp tcpwrapped open
4867149.126.72.220 8585 tcp tcpwrapped open
4868149.126.72.220 8586 tcp tcpwrapped open
4869149.126.72.220 8588 tcp tcpwrapped open
4870149.126.72.220 8589 tcp tcpwrapped open
4871149.126.72.220 8590 tcp tcpwrapped open
4872149.126.72.220 8591 tcp tcpwrapped open
4873149.126.72.220 8592 tcp tcpwrapped open
4874149.126.72.220 8593 tcp tcpwrapped open
4875149.126.72.220 8594 tcp tcpwrapped open
4876149.126.72.220 8595 tcp tcpwrapped open
4877149.126.72.220 8596 tcp tcpwrapped open
4878149.126.72.220 8597 tcp tcpwrapped open
4879149.126.72.220 8598 tcp tcpwrapped open
4880149.126.72.220 8599 tcp tcpwrapped open
4881149.126.72.220 8600 tcp tcpwrapped open
4882149.126.72.220 8601 tcp tcpwrapped open
4883149.126.72.220 8605 tcp tcpwrapped open
4884149.126.72.220 8606 tcp tcpwrapped open
4885149.126.72.220 8630 tcp tcpwrapped open
4886149.126.72.220 8640 tcp tcpwrapped open
4887149.126.72.220 8641 tcp tcpwrapped open
4888149.126.72.220 8643 tcp tcpwrapped open
4889149.126.72.220 8663 tcp tcpwrapped open
4890149.126.72.220 8666 tcp tcpwrapped open
4891149.126.72.220 8686 tcp tcpwrapped open
4892149.126.72.220 8688 tcp tcpwrapped open
4893149.126.72.220 8700 tcp tcpwrapped open
4894149.126.72.220 8701 tcp tcpwrapped open
4895149.126.72.220 8702 tcp tcpwrapped open
4896149.126.72.220 8703 tcp tcpwrapped open
4897149.126.72.220 8704 tcp tcpwrapped open
4898149.126.72.220 8705 tcp tcpwrapped open
4899149.126.72.220 8706 tcp tcpwrapped open
4900149.126.72.220 8707 tcp tcpwrapped open
4901149.126.72.220 8708 tcp tcpwrapped open
4902149.126.72.220 8709 tcp tcpwrapped open
4903149.126.72.220 8723 tcp tcpwrapped open
4904149.126.72.220 8724 tcp tcpwrapped open
4905149.126.72.220 8731 tcp tcpwrapped open
4906149.126.72.220 8732 tcp tcpwrapped open
4907149.126.72.220 8764 tcp tcpwrapped open
4908149.126.72.220 8765 tcp tcpwrapped open
4909149.126.72.220 8766 tcp tcpwrapped open
4910149.126.72.220 8767 tcp tcpwrapped open
4911149.126.72.220 8771 tcp tcpwrapped open
4912149.126.72.220 8787 tcp tcpwrapped open
4913149.126.72.220 8788 tcp tcpwrapped open
4914149.126.72.220 8789 tcp tcpwrapped open
4915149.126.72.220 8790 tcp tcpwrapped open
4916149.126.72.220 8791 tcp tcpwrapped open
4917149.126.72.220 8800 tcp tcpwrapped open
4918149.126.72.220 8801 tcp tcpwrapped open
4919149.126.72.220 8802 tcp tcpwrapped open
4920149.126.72.220 8803 tcp tcpwrapped open
4921149.126.72.220 8804 tcp tcpwrapped open
4922149.126.72.220 8805 tcp tcpwrapped open
4923149.126.72.220 8806 tcp tcpwrapped open
4924149.126.72.220 8807 tcp tcpwrapped open
4925149.126.72.220 8808 tcp tcpwrapped open
4926149.126.72.220 8809 tcp tcpwrapped open
4927149.126.72.220 8810 tcp tcpwrapped open
4928149.126.72.220 8811 tcp tcpwrapped open
4929149.126.72.220 8812 tcp tcpwrapped open
4930149.126.72.220 8813 tcp tcpwrapped open
4931149.126.72.220 8814 tcp tcpwrapped open
4932149.126.72.220 8815 tcp tcpwrapped open
4933149.126.72.220 8816 tcp tcpwrapped open
4934149.126.72.220 8817 tcp tcpwrapped open
4935149.126.72.220 8818 tcp tcpwrapped open
4936149.126.72.220 8819 tcp tcpwrapped open
4937149.126.72.220 8820 tcp tcpwrapped open
4938149.126.72.220 8821 tcp tcpwrapped open
4939149.126.72.220 8822 tcp tcpwrapped open
4940149.126.72.220 8823 tcp tcpwrapped open
4941149.126.72.220 8824 tcp tcpwrapped open
4942149.126.72.220 8825 tcp tcpwrapped open
4943149.126.72.220 8826 tcp tcpwrapped open
4944149.126.72.220 8827 tcp tcpwrapped open
4945149.126.72.220 8828 tcp tcpwrapped open
4946149.126.72.220 8829 tcp tcpwrapped open
4947149.126.72.220 8830 tcp tcpwrapped open
4948149.126.72.220 8831 tcp tcpwrapped open
4949149.126.72.220 8832 tcp tcpwrapped open
4950149.126.72.220 8833 tcp tcpwrapped open
4951149.126.72.220 8834 tcp tcpwrapped open
4952149.126.72.220 8835 tcp tcpwrapped open
4953149.126.72.220 8836 tcp tcpwrapped open
4954149.126.72.220 8837 tcp tcpwrapped open
4955149.126.72.220 8838 tcp tcpwrapped open
4956149.126.72.220 8839 tcp tcpwrapped open
4957149.126.72.220 8840 tcp tcpwrapped open
4958149.126.72.220 8841 tcp tcpwrapped open
4959149.126.72.220 8842 tcp tcpwrapped open
4960149.126.72.220 8843 tcp tcpwrapped open
4961149.126.72.220 8844 tcp tcpwrapped open
4962149.126.72.220 8845 tcp tcpwrapped open
4963149.126.72.220 8846 tcp tcpwrapped open
4964149.126.72.220 8847 tcp tcpwrapped open
4965149.126.72.220 8848 tcp tcpwrapped open
4966149.126.72.220 8849 tcp tcpwrapped open
4967149.126.72.220 8850 tcp tcpwrapped open
4968149.126.72.220 8851 tcp tcpwrapped open
4969149.126.72.220 8852 tcp tcpwrapped open
4970149.126.72.220 8853 tcp tcpwrapped open
4971149.126.72.220 8854 tcp tcpwrapped open
4972149.126.72.220 8855 tcp tcpwrapped open
4973149.126.72.220 8856 tcp tcpwrapped open
4974149.126.72.220 8857 tcp tcpwrapped open
4975149.126.72.220 8858 tcp tcpwrapped open
4976149.126.72.220 8859 tcp tcpwrapped open
4977149.126.72.220 8860 tcp tcpwrapped open
4978149.126.72.220 8861 tcp tcpwrapped open
4979149.126.72.220 8862 tcp tcpwrapped open
4980149.126.72.220 8863 tcp tcpwrapped open
4981149.126.72.220 8864 tcp tcpwrapped open
4982149.126.72.220 8865 tcp tcpwrapped open
4983149.126.72.220 8866 tcp tcpwrapped open
4984149.126.72.220 8867 tcp tcpwrapped open
4985149.126.72.220 8868 tcp tcpwrapped open
4986149.126.72.220 8869 tcp tcpwrapped open
4987149.126.72.220 8870 tcp tcpwrapped open
4988149.126.72.220 8871 tcp tcpwrapped open
4989149.126.72.220 8872 tcp tcpwrapped open
4990149.126.72.220 8873 tcp tcpwrapped open
4991149.126.72.220 8874 tcp tcpwrapped open
4992149.126.72.220 8875 tcp tcpwrapped open
4993149.126.72.220 8876 tcp tcpwrapped open
4994149.126.72.220 8877 tcp tcpwrapped open
4995149.126.72.220 8878 tcp tcpwrapped open
4996149.126.72.220 8879 tcp tcpwrapped open
4997149.126.72.220 8880 tcp tcpwrapped open
4998149.126.72.220 8881 tcp tcpwrapped open
4999149.126.72.220 8882 tcp tcpwrapped open
5000149.126.72.220 8883 tcp tcpwrapped open
5001149.126.72.220 8884 tcp tcpwrapped open
5002149.126.72.220 8885 tcp tcpwrapped open
5003149.126.72.220 8887 tcp tcpwrapped open
5004149.126.72.220 8888 tcp tcpwrapped open
5005149.126.72.220 8889 tcp tcpwrapped open
5006149.126.72.220 8890 tcp tcpwrapped open
5007149.126.72.220 8891 tcp tcpwrapped open
5008149.126.72.220 8899 tcp tcpwrapped open
5009149.126.72.220 8900 tcp tcpwrapped open
5010149.126.72.220 8901 tcp tcpwrapped open
5011149.126.72.220 8902 tcp tcpwrapped open
5012149.126.72.220 8905 tcp tcpwrapped open
5013149.126.72.220 8906 tcp tcpwrapped open
5014149.126.72.220 8907 tcp tcpwrapped open
5015149.126.72.220 8908 tcp tcpwrapped open
5016149.126.72.220 8910 tcp tcpwrapped open
5017149.126.72.220 8911 tcp tcpwrapped open
5018149.126.72.220 8912 tcp tcpwrapped open
5019149.126.72.220 8913 tcp tcpwrapped open
5020149.126.72.220 8915 tcp tcpwrapped open
5021149.126.72.220 8916 tcp tcpwrapped open
5022149.126.72.220 8935 tcp tcpwrapped open
5023149.126.72.220 8943 tcp tcpwrapped open
5024149.126.72.220 8969 tcp tcpwrapped open
5025149.126.72.220 8988 tcp tcpwrapped open
5026149.126.72.220 8989 tcp tcpwrapped open
5027149.126.72.220 8999 tcp tcpwrapped open
5028149.126.72.220 9000 tcp tcpwrapped open
5029149.126.72.220 9001 tcp tcpwrapped open
5030149.126.72.220 9002 tcp tcpwrapped open
5031149.126.72.220 9003 tcp tcpwrapped open
5032149.126.72.220 9004 tcp tcpwrapped open
5033149.126.72.220 9005 tcp tcpwrapped open
5034149.126.72.220 9006 tcp tcpwrapped open
5035149.126.72.220 9007 tcp tcpwrapped open
5036149.126.72.220 9008 tcp tcpwrapped open
5037149.126.72.220 9009 tcp tcpwrapped open
5038149.126.72.220 9010 tcp tcpwrapped open
5039149.126.72.220 9011 tcp tcpwrapped open
5040149.126.72.220 9012 tcp tcpwrapped open
5041149.126.72.220 9013 tcp tcpwrapped open
5042149.126.72.220 9014 tcp tcpwrapped open
5043149.126.72.220 9015 tcp tcpwrapped open
5044149.126.72.220 9016 tcp tcpwrapped open
5045149.126.72.220 9017 tcp tcpwrapped open
5046149.126.72.220 9018 tcp tcpwrapped open
5047149.126.72.220 9019 tcp tcpwrapped open
5048149.126.72.220 9020 tcp tcpwrapped open
5049149.126.72.220 9021 tcp tcpwrapped open
5050149.126.72.220 9022 tcp tcpwrapped open
5051149.126.72.220 9023 tcp tcpwrapped open
5052149.126.72.220 9024 tcp tcpwrapped open
5053149.126.72.220 9025 tcp tcpwrapped open
5054149.126.72.220 9026 tcp tcpwrapped open
5055149.126.72.220 9027 tcp tcpwrapped open
5056149.126.72.220 9028 tcp tcpwrapped open
5057149.126.72.220 9029 tcp tcpwrapped open
5058149.126.72.220 9030 tcp tcpwrapped open
5059149.126.72.220 9031 tcp tcpwrapped open
5060149.126.72.220 9032 tcp tcpwrapped open
5061149.126.72.220 9033 tcp tcpwrapped open
5062149.126.72.220 9034 tcp tcpwrapped open
5063149.126.72.220 9035 tcp tcpwrapped open
5064149.126.72.220 9036 tcp tcpwrapped open
5065149.126.72.220 9037 tcp tcpwrapped open
5066149.126.72.220 9038 tcp tcpwrapped open
5067149.126.72.220 9039 tcp tcpwrapped open
5068149.126.72.220 9040 tcp tcpwrapped open
5069149.126.72.220 9041 tcp tcpwrapped open
5070149.126.72.220 9042 tcp tcpwrapped open
5071149.126.72.220 9043 tcp tcpwrapped open
5072149.126.72.220 9044 tcp tcpwrapped open
5073149.126.72.220 9045 tcp tcpwrapped open
5074##################################################################################################################################
5075Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 22:29 EDT
5076Nmap scan report for 94.102.51.111
5077Host is up (0.22s latency).
5078Not shown: 989 filtered ports
5079PORT STATE SERVICE VERSION
508022/tcp open ssh OpenSSH 7.4 (protocol 2.0)
5081| vulscan: VulDB - https://vuldb.com:
5082| [130671] gsi-openssh-server 7.9p1 on Fedora /etc/gsissh/sshd_config weak authentication
5083| [130371] OpenSSH 7.9 scp Man-in-the-Middle directory traversal
5084| [130370] OpenSSH 7.9 Man-in-the-Middle spoofing
5085| [130369] OpenSSH 7.9 Encoding progressmeter.c refresh_progress_meter() spoofing
5086| [129007] OpenSSH 7.9 scp Client scp.c Filename privilege escalation
5087| [123343] OpenSSH up to 7.8 GSS2 auth-gss2.c information disclosure
5088| [123011] OpenSSH up to 7.7 auth2-gss.c Request information disclosure
5089| [112267] OpenSSH up to 7.3 sshd kex.c/packet.c NEWKEYS Message denial of service
5090| [108627] OpenSSH up to 7.5 Readonly Mode sftp-server.c process_open unknown vulnerability
5091| [94611] OpenSSH up to 7.3 Access Control privilege escalation
5092| [94610] OpenSSH up to 7.3 Shared Memory Manager privilege escalation
5093| [94608] OpenSSH up to 7.3 Unix-Domain Socket privilege escalation
5094| [94607] OpenSSH up to 7.3 Forwarded Agent Channel privilege escalation
5095| [90671] OpenSSH up to 7.2 auth-passwd.c auth_password denial of service
5096| [90405] OpenSSH up to 7.2p2 sshd information disclosure
5097| [90404] OpenSSH up to 7.2p2 sshd information disclosure
5098| [90403] OpenSSH up to 7.2p2 sshd CPU Exhaustion denial of service
5099| [89622] OpenSSH 7.2p2 Authentication Username information disclosure
5100| [81320] OpenSSH up to 7.2p1 X11 Authentication Credential xauth privilege escalation
5101| [80656] OpenBSD OpenSSH 7.1 X11 Forwarding privilege escalation
5102| [80330] OpenSSH up to 7.1p1 packet.c ssh_packet_read_poll2 memory corruption
5103|
5104| MITRE CVE - https://cve.mitre.org:
5105| [CVE-2010-4755] The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632.
5106| [CVE-1999-0661] A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP Wrappers 7.6, (2) util-linux 2.9g, (3) wuarchive ftpd (wuftpd) 2.2 and 2.1f, (4) IRC client (ircII) ircII 2.2.9, (5) OpenSSH 3.4p1, or (6) Sendmail 8.12.6.
5107|
5108| SecurityFocus - https://www.securityfocus.com/bid/:
5109| [102780] OpenSSH CVE-2016-10708 Multiple Denial of Service Vulnerabilities
5110| [101552] OpenSSH 'sftp-server.c' Remote Security Bypass Vulnerability
5111| [94977] OpenSSH CVE-2016-10011 Local Information Disclosure Vulnerability
5112| [94975] OpenSSH CVE-2016-10012 Security Bypass Vulnerability
5113| [94972] OpenSSH CVE-2016-10010 Privilege Escalation Vulnerability
5114| [94968] OpenSSH CVE-2016-10009 Remote Code Execution Vulnerability
5115| [93776] OpenSSH 'ssh/kex.c' Denial of Service Vulnerability
5116| [92212] OpenSSH CVE-2016-6515 Denial of Service Vulnerability
5117| [92210] OpenSSH CBC Padding Weak Encryption Security Weakness
5118| [92209] OpenSSH MAC Verification Security Bypass Vulnerability
5119| [91812] OpenSSH CVE-2016-6210 User Enumeration Vulnerability
5120| [90440] OpenSSH CVE-2004-1653 Remote Security Vulnerability
5121| [90340] OpenSSH CVE-2004-2760 Remote Security Vulnerability
5122| [89385] OpenSSH CVE-2005-2666 Local Security Vulnerability
5123| [88655] OpenSSH CVE-2001-1382 Remote Security Vulnerability
5124| [88513] OpenSSH CVE-2000-0999 Remote Security Vulnerability
5125| [88367] OpenSSH CVE-1999-1010 Local Security Vulnerability
5126| [87789] OpenSSH CVE-2003-0682 Remote Security Vulnerability
5127| [86187] OpenSSH 'session.c' Local Security Bypass Vulnerability
5128| [86144] OpenSSH CVE-2007-2768 Remote Security Vulnerability
5129| [84427] OpenSSH CVE-2016-1908 Security Bypass Vulnerability
5130| [84314] OpenSSH CVE-2016-3115 Remote Command Injection Vulnerability
5131| [84185] OpenSSH CVE-2006-4925 Denial-Of-Service Vulnerability
5132| [81293] OpenSSH CVE-2016-1907 Denial of Service Vulnerability
5133| [80698] OpenSSH CVE-2016-0778 Heap Based Buffer Overflow Vulnerability
5134| [80695] OpenSSH CVE-2016-0777 Information Disclosure Vulnerability
5135| [76497] OpenSSH CVE-2015-6565 Local Security Bypass Vulnerability
5136| [76317] OpenSSH PAM Support Multiple Remote Code Execution Vulnerabilities
5137| [75990] OpenSSH Login Handling Security Bypass Weakness
5138| [75525] OpenSSH 'x11_open_helper()' Function Security Bypass Vulnerability
5139| [71420] Portable OpenSSH 'gss-serv-krb5.c' Security Bypass Vulnerability
5140| [68757] OpenSSH Multiple Remote Denial of Service Vulnerabilities
5141| [66459] OpenSSH Certificate Validation Security Bypass Vulnerability
5142| [66355] OpenSSH 'child_set_env()' Function Security Bypass Vulnerability
5143| [65674] OpenSSH 'ssh-keysign.c' Local Information Disclosure Vulnerability
5144| [65230] OpenSSH 'schnorr.c' Remote Memory Corruption Vulnerability
5145| [63605] OpenSSH 'sshd' Process Remote Memory Corruption Vulnerability
5146| [61286] OpenSSH Remote Denial of Service Vulnerability
5147| [58894] GSI-OpenSSH PAM_USER Security Bypass Vulnerability
5148| [58162] OpenSSH CVE-2010-5107 Denial of Service Vulnerability
5149| [54114] OpenSSH 'ssh_gssapi_parse_ename()' Function Denial of Service Vulnerability
5150| [51702] Debian openssh-server Forced Command Handling Information Disclosure Vulnerability
5151| [50416] Linux Kernel 'kdump' and 'mkdumprd' OpenSSH Integration Remote Information Disclosure Vulnerability
5152| [49473] OpenSSH Ciphersuite Specification Information Disclosure Weakness
5153| [48507] OpenSSH 'pam_thread()' Remote Buffer Overflow Vulnerability
5154| [47691] Portable OpenSSH 'ssh-keysign' Local Unauthorized Access Vulnerability
5155| [46155] OpenSSH Legacy Certificate Signing Information Disclosure Vulnerability
5156| [45304] OpenSSH J-PAKE Security Bypass Vulnerability
5157| [36552] Red Hat Enterprise Linux OpenSSH 'ChrootDirectory' Option Local Privilege Escalation Vulnerability
5158| [32319] OpenSSH CBC Mode Information Disclosure Vulnerability
5159| [30794] Red Hat OpenSSH Backdoor Vulnerability
5160| [30339] OpenSSH 'X11UseLocalhost' X11 Forwarding Session Hijacking Vulnerability
5161| [30276] Debian OpenSSH SELinux Privilege Escalation Vulnerability
5162| [28531] OpenSSH ForceCommand Command Execution Weakness
5163| [28444] OpenSSH X Connections Session Hijacking Vulnerability
5164| [26097] OpenSSH LINUX_AUDIT_RECORD_EVENT Remote Log Injection Weakness
5165| [25628] OpenSSH X11 Cookie Local Authentication Bypass Vulnerability
5166| [23601] OpenSSH S/Key Remote Information Disclosure Vulnerability
5167| [20956] OpenSSH Privilege Separation Key Signature Weakness
5168| [20418] OpenSSH-Portable Existing Password Remote Information Disclosure Weakness
5169| [20245] OpenSSH-Portable GSSAPI Authentication Abort Information Disclosure Weakness
5170| [20241] Portable OpenSSH GSSAPI Remote Code Execution Vulnerability
5171| [20216] OpenSSH Duplicated Block Remote Denial of Service Vulnerability
5172| [16892] OpenSSH Remote PAM Denial Of Service Vulnerability
5173| [14963] OpenSSH LoginGraceTime Remote Denial Of Service Vulnerability
5174| [14729] OpenSSH GSSAPI Credential Disclosure Vulnerability
5175| [14727] OpenSSH DynamicForward Inadvertent GatewayPorts Activation Vulnerability
5176| [11781] OpenSSH-portable PAM Authentication Remote Information Disclosure Vulnerability
5177| [9986] RCP, OpenSSH SCP Client File Corruption Vulnerability
5178| [9040] OpenSSH PAM Conversation Memory Scrubbing Weakness
5179| [8677] Multiple Portable OpenSSH PAM Vulnerabilities
5180| [8628] OpenSSH Buffer Mismanagement Vulnerabilities
5181| [7831] OpenSSH Reverse DNS Lookup Access Control Bypass Vulnerability
5182| [7482] OpenSSH Remote Root Authentication Timing Side-Channel Weakness
5183| [7467] OpenSSH-portable Enabled PAM Delay Information Disclosure Vulnerability
5184| [7343] OpenSSH Authentication Execution Path Timing Information Leakage Weakness
5185| [6168] OpenSSH Visible Password Vulnerability
5186| [5374] OpenSSH Trojan Horse Vulnerability
5187| [5093] OpenSSH Challenge-Response Buffer Overflow Vulnerabilities
5188| [4560] OpenSSH Kerberos 4 TGT/AFS Token Buffer Overflow Vulnerability
5189| [4241] OpenSSH Channel Code Off-By-One Vulnerability
5190| [3614] OpenSSH UseLogin Environment Variable Passing Vulnerability
5191| [3560] OpenSSH Kerberos Arbitrary Privilege Elevation Vulnerability
5192| [3369] OpenSSH Key Based Source IP Access Control Bypass Vulnerability
5193| [3345] OpenSSH SFTP Command Restriction Bypassing Vulnerability
5194| [2917] OpenSSH PAM Session Evasion Vulnerability
5195| [2825] OpenSSH Client X11 Forwarding Cookie Removal File Symbolic Link Vulnerability
5196| [2356] OpenSSH Private Key Authentication Check Vulnerability
5197| [1949] OpenSSH Client Unauthorized Remote Forwarding Vulnerability
5198| [1334] OpenSSH UseLogin Vulnerability
5199|
5200| IBM X-Force - https://exchange.xforce.ibmcloud.com:
5201| [83258] GSI-OpenSSH auth-pam.c security bypass
5202| [82781] OpenSSH time limit denial of service
5203| [82231] OpenSSH pam_ssh_agent_auth PAM code execution
5204| [74809] OpenSSH ssh_gssapi_parse_ename denial of service
5205| [72756] Debian openssh-server commands information disclosure
5206| [68339] OpenSSH pam_thread buffer overflow
5207| [67264] OpenSSH ssh-keysign unauthorized access
5208| [65910] OpenSSH remote_glob function denial of service
5209| [65163] OpenSSH certificate information disclosure
5210| [64387] OpenSSH J-PAKE security bypass
5211| [63337] Cisco Unified Videoconferencing OpenSSH weak security
5212| [46620] OpenSSH and multiple SSH Tectia products CBC mode information disclosure
5213| [45202] OpenSSH signal handler denial of service
5214| [44747] RHEL OpenSSH backdoor
5215| [44280] OpenSSH PermitRootLogin information disclosure
5216| [44279] OpenSSH sshd weak security
5217| [44037] OpenSSH sshd SELinux role unauthorized access
5218| [43940] OpenSSH X11 forwarding information disclosure
5219| [41549] OpenSSH ForceCommand directive security bypass
5220| [41438] OpenSSH sshd session hijacking
5221| [40897] OpenSSH known_hosts weak security
5222| [40587] OpenSSH username weak security
5223| [37371] OpenSSH username data manipulation
5224| [37118] RHSA update for OpenSSH privilege separation monitor authentication verification weakness not installed
5225| [37112] RHSA update for OpenSSH signal handler race condition not installed
5226| [37107] RHSA update for OpenSSH identical block denial of service not installed
5227| [36637] OpenSSH X11 cookie privilege escalation
5228| [35167] OpenSSH packet.c newkeys[mode] denial of service
5229| [34490] OpenSSH OPIE information disclosure
5230| [33794] OpenSSH ChallengeResponseAuthentication information disclosure
5231| [32975] Apple Mac OS X OpenSSH denial of service
5232| [32387] RHSA-2006:0738 updates for openssh not installed
5233| [32359] RHSA-2006:0697 updates for openssh not installed
5234| [32230] RHSA-2006:0298 updates for openssh not installed
5235| [32132] RHSA-2006:0044 updates for openssh not installed
5236| [30120] OpenSSH privilege separation monitor authentication verification weakness
5237| [29255] OpenSSH GSSAPI user enumeration
5238| [29254] OpenSSH signal handler race condition
5239| [29158] OpenSSH identical block denial of service
5240| [28147] Apple Mac OS X OpenSSH nonexistent user login denial of service
5241| [25116] OpenSSH OpenPAM denial of service
5242| [24305] OpenSSH SCP shell expansion command execution
5243| [22665] RHSA-2005:106 updates for openssh not installed
5244| [22117] OpenSSH GSSAPI allows elevated privileges
5245| [22115] OpenSSH GatewayPorts security bypass
5246| [20930] OpenSSH sshd.c LoginGraceTime denial of service
5247| [19441] Sun Solaris OpenSSH LDAP (1) client authentication denial of service
5248| [17213] OpenSSH allows port bouncing attacks
5249| [16323] OpenSSH scp file overwrite
5250| [13797] OpenSSH PAM information leak
5251| [13271] OpenSSH could allow an attacker to corrupt the PAM conversion stack
5252| [13264] OpenSSH PAM code could allow an attacker to gain access
5253| [13215] OpenSSH buffer management errors could allow an attacker to execute code
5254| [13214] OpenSSH memory vulnerabilities
5255| [13191] OpenSSH large packet buffer overflow
5256| [12196] OpenSSH could allow an attacker to bypass login restrictions
5257| [11970] OpenSSH could allow an attacker to obtain valid administrative account
5258| [11902] OpenSSH PAM support enabled information leak
5259| [9803] OpenSSH "
5260| [9763] OpenSSH downloaded from the OpenBSD FTP site or OpenBSD FTP mirror sites could contain a Trojan Horse
5261| [9307] OpenSSH is running on the system
5262| [9169] OpenSSH "
5263| [8896] OpenSSH Kerberos 4 TGT/AFS buffer overflow
5264| [8697] FreeBSD libutil in OpenSSH fails to drop privileges prior to using the login class capability database
5265| [8383] OpenSSH off-by-one error in channel code
5266| [7647] OpenSSH UseLogin option arbitrary code execution
5267| [7634] OpenSSH using sftp and restricted keypairs could allow an attacker to bypass restrictions
5268| [7598] OpenSSH with Kerberos allows attacker to gain elevated privileges
5269| [7179] OpenSSH source IP access control bypass
5270| [6757] OpenSSH "
5271| [6676] OpenSSH X11 forwarding symlink attack could allow deletion of arbitrary files
5272| [6084] OpenSSH 2.3.1 allows remote users to bypass authentication
5273| [5517] OpenSSH allows unauthorized access to resources
5274| [4646] OpenSSH UseLogin option allows remote users to execute commands as root
5275|
5276| Exploit-DB - https://www.exploit-db.com:
5277| [21579] OpenSSH 3.x Challenge-Response Buffer Overflow Vulnerabilities (2)
5278| [21578] OpenSSH 3.x Challenge-Response Buffer Overflow Vulnerabilities (1)
5279| [21402] OpenSSH 2.x/3.x Kerberos 4 TGT/AFS Token Buffer Overflow Vulnerability
5280| [21314] OpenSSH 2.x/3.0.1/3.0.2 Channel Code Off-By-One Vulnerability
5281| [20253] OpenSSH 1.2 scp File Create/Overwrite Vulnerability
5282| [17462] FreeBSD OpenSSH 3.5p1 - Remote Root Exploit
5283| [14866] Novell Netware 6.5 - OpenSSH Remote Stack Overflow
5284| [6094] Debian OpenSSH Remote SELinux Privilege Elevation Exploit (auth)
5285| [3303] Portable OpenSSH <= 3.6.1p-PAM / 4.1-SUSE Timing Attack Exploit
5286| [2444] OpenSSH <= 4.3 p1 (Duplicated Block) Remote Denial of Service Exploit
5287| [1572] Dropbear / OpenSSH Server (MAX_UNAUTH_CLIENTS) Denial of Service
5288| [258] glibc-2.2 and openssh-2.3.0p1 exploits glibc => 2.1.9x
5289| [26] OpenSSH/PAM <= 3.6.1p1 Remote Users Ident (gossh.sh)
5290| [25] OpenSSH/PAM <= 3.6.1p1 Remote Users Discovery Tool
5291|
5292| OpenVAS (Nessus) - http://www.openvas.org:
5293| [902488] OpenSSH 'sshd' GSSAPI Credential Disclosure Vulnerability
5294| [900179] OpenSSH CBC Mode Information Disclosure Vulnerability
5295| [881183] CentOS Update for openssh CESA-2012:0884 centos6
5296| [880802] CentOS Update for openssh CESA-2009:1287 centos5 i386
5297| [880746] CentOS Update for openssh CESA-2009:1470 centos5 i386
5298| [870763] RedHat Update for openssh RHSA-2012:0884-04
5299| [870129] RedHat Update for openssh RHSA-2008:0855-01
5300| [861813] Fedora Update for openssh FEDORA-2010-5429
5301| [861319] Fedora Update for openssh FEDORA-2007-395
5302| [861170] Fedora Update for openssh FEDORA-2007-394
5303| [861012] Fedora Update for openssh FEDORA-2007-715
5304| [840345] Ubuntu Update for openssh vulnerability USN-597-1
5305| [840300] Ubuntu Update for openssh update USN-612-5
5306| [840271] Ubuntu Update for openssh vulnerability USN-612-2
5307| [840268] Ubuntu Update for openssh update USN-612-7
5308| [840259] Ubuntu Update for openssh vulnerabilities USN-649-1
5309| [840214] Ubuntu Update for openssh vulnerability USN-566-1
5310| [831074] Mandriva Update for openssh MDVA-2010:162 (openssh)
5311| [830929] Mandriva Update for openssh MDVA-2010:090 (openssh)
5312| [830807] Mandriva Update for openssh MDVA-2010:026 (openssh)
5313| [830603] Mandriva Update for openssh MDVSA-2008:098 (openssh)
5314| [830523] Mandriva Update for openssh MDVSA-2008:078 (openssh)
5315| [830317] Mandriva Update for openssh-askpass-qt MDKA-2007:127 (openssh-askpass-qt)
5316| [830191] Mandriva Update for openssh MDKSA-2007:236 (openssh)
5317| [802407] OpenSSH 'sshd' Challenge Response Authentication Buffer Overflow Vulnerability
5318| [103503] openssh-server Forced Command Handling Information Disclosure Vulnerability
5319| [103247] OpenSSH Ciphersuite Specification Information Disclosure Weakness
5320| [103064] OpenSSH Legacy Certificate Signing Information Disclosure Vulnerability
5321| [100584] OpenSSH X Connections Session Hijacking Vulnerability
5322| [100153] OpenSSH CBC Mode Information Disclosure Vulnerability
5323| [66170] CentOS Security Advisory CESA-2009:1470 (openssh)
5324| [65987] SLES10: Security update for OpenSSH
5325| [65819] SLES10: Security update for OpenSSH
5326| [65514] SLES9: Security update for OpenSSH
5327| [65513] SLES9: Security update for OpenSSH
5328| [65334] SLES9: Security update for OpenSSH
5329| [65248] SLES9: Security update for OpenSSH
5330| [65218] SLES9: Security update for OpenSSH
5331| [65169] SLES9: Security update for openssh,openssh-askpass
5332| [65126] SLES9: Security update for OpenSSH
5333| [65019] SLES9: Security update for OpenSSH
5334| [65015] SLES9: Security update for OpenSSH
5335| [64931] CentOS Security Advisory CESA-2009:1287 (openssh)
5336| [61639] Debian Security Advisory DSA 1638-1 (openssh)
5337| [61030] Debian Security Advisory DSA 1576-2 (openssh)
5338| [61029] Debian Security Advisory DSA 1576-1 (openssh)
5339| [60840] FreeBSD Security Advisory (FreeBSD-SA-08:05.openssh.asc)
5340| [60803] Gentoo Security Advisory GLSA 200804-03 (openssh)
5341| [60667] Slackware Advisory SSA:2008-095-01 openssh
5342| [59014] Slackware Advisory SSA:2007-255-01 openssh
5343| [58741] Gentoo Security Advisory GLSA 200711-02 (openssh)
5344| [57919] Gentoo Security Advisory GLSA 200611-06 (openssh)
5345| [57895] Gentoo Security Advisory GLSA 200609-17 (openssh)
5346| [57585] Debian Security Advisory DSA 1212-1 (openssh (1:3.8.1p1-8.sarge.6))
5347| [57492] Slackware Advisory SSA:2006-272-02 openssh
5348| [57483] Debian Security Advisory DSA 1189-1 (openssh-krb5)
5349| [57476] FreeBSD Security Advisory (FreeBSD-SA-06:22.openssh.asc)
5350| [57470] FreeBSD Ports: openssh
5351| [56352] FreeBSD Security Advisory (FreeBSD-SA-06:09.openssh.asc)
5352| [56330] Gentoo Security Advisory GLSA 200602-11 (OpenSSH)
5353| [56294] Slackware Advisory SSA:2006-045-06 openssh
5354| [53964] Slackware Advisory SSA:2003-266-01 New OpenSSH packages
5355| [53885] Slackware Advisory SSA:2003-259-01 OpenSSH Security Advisory
5356| [53884] Slackware Advisory SSA:2003-260-01 OpenSSH updated again
5357| [53788] Debian Security Advisory DSA 025-1 (openssh)
5358| [52638] FreeBSD Security Advisory (FreeBSD-SA-03:15.openssh.asc)
5359| [52635] FreeBSD Security Advisory (FreeBSD-SA-03:12.openssh.asc)
5360| [11343] OpenSSH Client Unauthorized Remote Forwarding
5361| [10954] OpenSSH AFS/Kerberos ticket/token passing
5362| [10883] OpenSSH Channel Code Off by 1
5363| [10823] OpenSSH UseLogin Environment Variables
5364|
5365| SecurityTracker - https://www.securitytracker.com:
5366| [1028187] OpenSSH pam_ssh_agent_auth Module on Red Hat Enterprise Linux Lets Remote Users Execute Arbitrary Code
5367| [1026593] OpenSSH Lets Remote Authenticated Users Obtain Potentially Sensitive Information
5368| [1025739] OpenSSH on FreeBSD Has Buffer Overflow in pam_thread() That Lets Remote Users Execute Arbitrary Code
5369| [1025482] OpenSSH ssh-keysign Utility Lets Local Users Gain Elevated Privileges
5370| [1025028] OpenSSH Legacy Certificates May Disclose Stack Contents to Remote Users
5371| [1022967] OpenSSH on Red Hat Enterprise Linux Lets Remote Authenticated Users Gain Elevated Privileges
5372| [1021235] OpenSSH CBC Mode Error Handling May Let Certain Remote Users Obtain Plain Text in Certain Cases
5373| [1020891] OpenSSH on Debian Lets Remote Users Prevent Logins
5374| [1020730] OpenSSH for Red Hat Enterprise Linux Packages May Have Been Compromised
5375| [1020537] OpenSSH on HP-UX Lets Local Users Hijack X11 Sessions
5376| [1019733] OpenSSH Unsafe Default Configuration May Let Local Users Execute Arbitrary Commands
5377| [1019707] OpenSSH Lets Local Users Hijack Forwarded X Sessions in Certain Cases
5378| [1017756] Apple OpenSSH Key Generation Process Lets Remote Users Deny Service
5379| [1017183] OpenSSH Privilege Separation Monitor Validation Error May Cause the Monitor to Fail to Properly Control the Unprivileged Process
5380| [1016940] OpenSSH Race Condition in Signal Handler Lets Remote Users Deny Service and May Potentially Permit Code Execution
5381| [1016939] OpenSSH GSSAPI Authentication Abort Error Lets Remote Users Determine Valid Usernames
5382| [1016931] OpenSSH SSH v1 CRC Attack Detection Implementation Lets Remote Users Deny Service
5383| [1016672] OpenSSH on Mac OS X Lets Remote Users Deny Service
5384| [1015706] OpenSSH Interaction With OpenPAM Lets Remote Users Deny Service
5385| [1015540] OpenSSH scp Double Shell Character Expansion During Local-to-Local Copying May Let Local Users Gain Elevated Privileges in Certain Cases
5386| [1014845] OpenSSH May Unexpectedly Activate GatewayPorts and Also May Disclose GSSAPI Credentials in Certain Cases
5387| [1011193] OpenSSH scp Directory Traversal Flaw Lets Remote SSH Servers Overwrite Files in Certain Cases
5388| [1011143] OpenSSH Default Configuration May Be Unsafe When Used With Anonymous SSH Services
5389| [1007791] Portable OpenSSH PAM free() Bug May Let Remote Users Execute Root Code
5390| [1007716] OpenSSH buffer_append_space() and Other Buffer Management Errors May Let Remote Users Execute Arbitrary Code
5391| [1006926] OpenSSH Host Access Restrictions Can Be Bypassed By Remote Users
5392| [1006688] OpenSSH Timing Flaw With Pluggable Authentication Modules Can Disclose Valid User Account Names to Remote Users
5393| [1004818] OpenSSH's Secure Shell (SSH) Implementation Weakness May Disclose User Passwords to Remote Users During Man-in-the-Middle Attacks
5394| [1004616] OpenSSH Integer Overflow and Buffer Overflow May Allow Remote Users to Gain Root Access to the System
5395| [1004391] OpenSSH 'BSD_AUTH' Access Control Bug May Allow Unauthorized Remote Users to Authenticated to the System
5396| [1004115] OpenSSH Buffer Overflow in Kerberos Ticket and AFS Token Processing Lets Local Users Execute Arbitrary Code With Root Level Permissions
5397| [1003758] OpenSSH Off-by-one 'Channels' Bug May Let Authorized Remote Users Execute Arbitrary Code with Root Privileges
5398| [1002895] OpenSSH UseLogin Environment Variable Bug Lets Local Users Execute Commands and Gain Root Access
5399| [1002748] OpenSSH 3.0 Denial of Service Condition May Allow Remote Users to Crash the sshd Daemon and KerberosV Configuration Error May Allow Remote Users to Partially Authenticate When Authentication Should Not Be Permitted
5400| [1002734] OpenSSH's S/Key Implementation Information Disclosure Flaw Provides Remote Users With Information About Valid User Accounts
5401| [1002455] OpenSSH May Fail to Properly Restrict IP Addresses in Certain Configurations
5402| [1002432] OpenSSH's Sftp-server Subsystem Lets Authorized Remote Users with Restricted Keypairs Obtain Additional Access on the Server
5403| [1001683] OpenSSH Allows Authorized Users to Delete Other User Files Named Cookies
5404|
5405| OSVDB - http://www.osvdb.org:
5406| [92034] GSI-OpenSSH auth-pam.c Memory Management Authentication Bypass
5407| [90474] Red Hat / Fedora PAM Module for OpenSSH Incorrect error() Function Calling Local Privilege Escalation
5408| [90007] OpenSSH logingracetime / maxstartup Threshold Connection Saturation Remote DoS
5409| [81500] OpenSSH gss-serv.c ssh_gssapi_parse_ename Function Field Length Value Parsing Remote DoS
5410| [78706] OpenSSH auth-options.c sshd auth_parse_options Function authorized_keys Command Option Debug Message Information Disclosure
5411| [75753] OpenSSH PAM Module Aborted Conversation Local Information Disclosure
5412| [75249] OpenSSH sftp-glob.c remote_glob Function Glob Expression Parsing Remote DoS
5413| [75248] OpenSSH sftp.c process_put Function Glob Expression Parsing Remote DoS
5414| [72183] Portable OpenSSH ssh-keysign ssh-rand-helper Utility File Descriptor Leak Local Information Disclosure
5415| [70873] OpenSSH Legacy Certificates Stack Memory Disclosure
5416| [69658] OpenSSH J-PAKE Public Parameter Validation Shared Secret Authentication Bypass
5417| [67743] Novell NetWare OpenSSH SSHD.NLM Absolute Path Handling Remote Overflow
5418| [59353] OpenSSH sshd Local TCP Redirection Connection Masking Weakness
5419| [58495] OpenSSH sshd ChrootDirectory Feature SetUID Hard Link Local Privilege Escalation
5420| [56921] OpenSSH Unspecified Remote Compromise
5421| [53021] OpenSSH on ftp.openbsd.org Trojaned Distribution
5422| [50036] OpenSSH CBC Mode Chosen Ciphertext 32-bit Chunk Plaintext Context Disclosure
5423| [49386] OpenSSH sshd TCP Connection State Remote Account Enumeration
5424| [48791] OpenSSH on Debian sshd Crafted Username Arbitrary Remote SELinux Role Access
5425| [47635] OpenSSH Packages on Red Hat Enterprise Linux Compromised Distribution
5426| [47227] OpenSSH X11UseLocalhost X11 Forwarding Port Hijacking
5427| [45873] Cisco WebNS SSHield w/ OpenSSH Crafted Large Packet Remote DoS
5428| [43911] OpenSSH ~/.ssh/rc ForceCommand Bypass Arbitrary Command Execution
5429| [43745] OpenSSH X11 Forwarding Local Session Hijacking
5430| [43371] OpenSSH Trusted X11 Cookie Connection Policy Bypass
5431| [39214] OpenSSH linux_audit_record_event Crafted Username Audit Log Injection
5432| [37315] pam_usb OpenSSH Authentication Unspecified Issue
5433| [34850] OpenSSH on Mac OS X Key Generation Remote Connection DoS
5434| [34601] OPIE w/ OpenSSH Account Enumeration
5435| [34600] OpenSSH S/KEY Authentication Account Enumeration
5436| [32721] OpenSSH Username Password Complexity Account Enumeration
5437| [30232] OpenSSH Privilege Separation Monitor Weakness
5438| [29494] OpenSSH packet.c Invalid Protocol Sequence Remote DoS
5439| [29266] OpenSSH GSSAPI Authentication Abort Username Enumeration
5440| [29264] OpenSSH Signal Handler Pre-authentication Race Condition Code Execution
5441| [29152] OpenSSH Identical Block Packet DoS
5442| [27745] Apple Mac OS X OpenSSH Nonexistent Account Login Enumeration DoS
5443| [23797] OpenSSH with OpenPAM Connection Saturation Forked Process Saturation DoS
5444| [22692] OpenSSH scp Command Line Filename Processing Command Injection
5445| [20216] OpenSSH with KerberosV Remote Authentication Bypass
5446| [19142] OpenSSH Multiple X11 Channel Forwarding Leaks
5447| [19141] OpenSSH GSSAPIAuthentication Credential Escalation
5448| [18236] OpenSSH no pty Command Execution Local PAM Restriction Bypass
5449| [16567] OpenSSH Privilege Separation LoginGraceTime DoS
5450| [16039] Solaris 108994 Series Patch OpenSSH LDAP Client Authentication DoS
5451| [9562] OpenSSH Default Configuration Anon SSH Service Port Bounce Weakness
5452| [9550] OpenSSH scp Traversal Arbitrary File Overwrite
5453| [6601] OpenSSH *realloc() Unspecified Memory Errors
5454| [6245] OpenSSH SKEY/BSD_AUTH Challenge-Response Remote Overflow
5455| [6073] OpenSSH on FreeBSD libutil Arbitrary File Read
5456| [6072] OpenSSH PAM Conversation Function Stack Modification
5457| [6071] OpenSSH SSHv1 PAM Challenge-Response Authentication Privilege Escalation
5458| [5536] OpenSSH sftp-server Restricted Keypair Restriction Bypass
5459| [5408] OpenSSH echo simulation Information Disclosure
5460| [5113] OpenSSH NIS YP Netgroups Authentication Bypass
5461| [4536] OpenSSH Portable AIX linker Privilege Escalation
5462| [3938] OpenSSL and OpenSSH /dev/random Check Failure
5463| [3456] OpenSSH buffer_append_space() Heap Corruption
5464| [2557] OpenSSH Multiple Buffer Management Multiple Overflows
5465| [2140] OpenSSH w/ PAM Username Validity Timing Attack
5466| [2112] OpenSSH Reverse DNS Lookup Bypass
5467| [2109] OpenSSH sshd Root Login Timing Side-Channel Weakness
5468| [1853] OpenSSH Symbolic Link 'cookies' File Removal
5469| [839] OpenSSH PAMAuthenticationViaKbdInt Challenge-Response Remote Overflow
5470| [781] OpenSSH Kerberos TGT/AFS Token Passing Remote Overflow
5471| [730] OpenSSH Channel Code Off by One Remote Privilege Escalation
5472| [688] OpenSSH UseLogin Environment Variable Local Command Execution
5473| [642] OpenSSH Multiple Key Type ACL Bypass
5474| [504] OpenSSH SSHv2 Public Key Authentication Bypass
5475| [341] OpenSSH UseLogin Local Privilege Escalation
5476|_
547725/tcp open smtp Exim smtpd 4.89
5478| vulscan: VulDB - https://vuldb.com:
5479| [109969] Exim 4.88/4.89 SMTP Daemon receive.c bdat_getc denial of service
5480| [109968] Exim 4.88/4.89 SMTP Daemon receive.c receive_msg memory corruption
5481| [94599] Exim up to 4.87 information disclosure
5482| [13422] Exim 4.82 Mail Header dmarc.c expand_string memory corruption
5483| [6817] Exim up to 4.80 src/dkim.c dkim_exim_query_dns_txt memory corruption
5484| [141327] Exim up to 4.92.1 Backslash privilege escalation
5485| [138827] Exim up to 4.92 Expansion Code Execution
5486| [135932] Exim up to 4.92 privilege escalation
5487| [113048] Exim up to 4.90 SMTP Listener Message memory corruption
5488| [58841] exim up to 4.69 dkim_exim_verify_finish memory corruption
5489| [57462] Exim up to 4.75 Filesystem memory corruption
5490| [4280] Exim Server 4.x open_log race condition
5491|
5492| MITRE CVE - https://cve.mitre.org:
5493| [CVE-2012-5671] Heap-based buffer overflow in the dkim_exim_query_dns_txt function in dkim.c in Exim 4.70 through 4.80, when DKIM support is enabled and acl_smtp_connect and acl_smtp_rcpt are not set to "warn control = dkim_disable_verify," allows remote attackers to execute arbitrary code via an email from a malicious DNS server.
5494| [CVE-2012-0478] The texImage2D implementation in the WebGL subsystem in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 does not properly restrict JSVAL_TO_OBJECT casts, which might allow remote attackers to execute arbitrary code via a crafted web page.
5495| [CVE-2011-1764] Format string vulnerability in the dkim_exim_verify_finish function in src/dkim.c in Exim before 4.76 might allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in data used in DKIM logging, as demonstrated by an identity field containing a % (percent) character.
5496| [CVE-2011-1407] The DKIM implementation in Exim 4.7x before 4.76 permits matching for DKIM identities to apply to lookup items, instead of only strings, which allows remote attackers to execute arbitrary code or access a filesystem via a crafted identity.
5497| [CVE-2011-0017] The open_log function in log.c in Exim 4.72 and earlier does not check the return value from (1) setuid or (2) setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack.
5498| [CVE-2010-4345] Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.
5499| [CVE-2010-4344] Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging.
5500| [CVE-2010-2024] transports/appendfile.c in Exim before 4.72, when MBX locking is enabled, allows local users to change permissions of arbitrary files or create arbitrary files, and cause a denial of service or possibly gain privileges, via a symlink attack on a lockfile in /tmp/.
5501| [CVE-2010-2023] transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the st_nlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user's file.
5502| [CVE-2006-1251] Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 allows remote attackers to delete arbitrary files via an email with a To field that contains a filename separated by whitespace, which is not quoted when greylistclean.cron provides the argument to the rm command.
5503| [CVE-2005-0022] Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow attackers to execute arbitrary code during SPA authentication.
5504| [CVE-2005-0021] Multiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via (1) an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the host_aton function, or (2) the -bh command line option or dnsdb PTR lookup, which triggers an overflow in the dns_build_reverse function.
5505| [CVE-2004-0400] Stack-based buffer overflow in Exim 4 before 4.33, when the headers_check_syntax option is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code during the header check.
5506| [CVE-2004-0399] Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code during sender verification.
5507| [CVE-2003-0743] Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 and Exim 4 (exim4) before 4.21 may allow remote attackers to execute arbitrary code via an invalid (1) HELO or (2) EHLO argument with a large number of spaces followed by a NULL character and a newline, which is not properly trimmed before the "(no argument given)" string is appended to the buffer.
5508| [CVE-2002-1381] Format string vulnerability in daemon.c for Exim 4.x through 4.10, and 3.x through 3.36, allows exim administrative users to execute arbitrary code by modifying the pid_file_path value.
5509|
5510| SecurityFocus - https://www.securityfocus.com/bid/:
5511| [103049] Exim 'base64d()' Function Buffer Overflow Vulnerability
5512| [99252] Exim CVE-2017-1000369 Local Privilege Escalation Vulnerability
5513| [94947] Exim CVE-2016-9963 Unspecified Information Disclosure Vulnerability
5514| [84132] Exim CVE-2016-1531 Local Privilege Escalation Vulnerability
5515| [68857] Exim CVE-2014-2972 Local Privilege Escalation Vulnerability
5516| [67695] Exim 'dmarc.c' Remote Code Execution Vulnerability
5517| [60465] Exim for Dovecot 'use_shell' Remote Command Execution Vulnerability
5518| [56285] Exim DKIM DNS Decoding CVE-2012-5671 Remote Buffer Overflow Vulnerability
5519| [47836] Exim DKIM CVE-2011-1407 Remote Code Execution Vulnerability
5520| [47736] Exim 'dkim_exim_verify_finish()' Remote Format String Vulnerability
5521| [46065] Exim 'log.c' Local Privilege Escalation Vulnerability
5522| [45341] Exim ALT_CONFIG_ROOT_ONLY 'exim' User Local Privilege Escalation Vulnerability
5523| [45308] Exim Crafted Header Remote Code Execution Vulnerability
5524| [40454] Exim MBX Locking Insecure Temporary File Creation Vulnerability
5525| [40451] Exim Sticky Mail Directory Local Privilege Escalation Vulnerability
5526| [36181] ikiwiki 'teximg' Plugin Insecure TeX Commands Information Disclosure Vulnerability
5527| [23977] Exim SpamAssassin Reply Remote Buffer Overflow Vulnerability
5528| [17110] sa-exim Unauthorized File Access Vulnerability
5529| [12268] Exim IP Address Command Line Argument Local Buffer Overflow Vulnerability
5530| [12188] Exim SPA Authentication Remote Buffer Overflow Vulnerability
5531| [12185] Exim Illegal IPv6 Address Buffer Overflow Vulnerability
5532| [10291] Exim Header Syntax Checking Remote Stack Buffer Overrun Vulnerability
5533| [10290] Exim Sender Verification Remote Stack Buffer Overrun Vulnerability
5534| [8518] Exim EHLO/HELO Remote Heap Corruption Vulnerability
5535| [6314] Exim Internet Mailer Format String Vulnerability
5536| [4096] Exim Configuration File Argument Command Line Buffer Overflow Vulnerability
5537| [3728] Exim Pipe Hostname Arbitrary Command Execution Vulnerability
5538| [2828] Exim Format String Vulnerability
5539| [1859] Exim Buffer Overflow Vulnerability
5540|
5541| IBM X-Force - https://exchange.xforce.ibmcloud.com:
5542| [84758] Exim sender_address parameter command execution
5543| [84015] Exim command execution
5544| [80186] Mozilla Firefox, Thunderbird, and SeaMonkey copyTexImage2D code execution
5545| [80184] Mozilla Firefox, Thunderbird, and SeaMonkey texImage2D calls code execution
5546| [79615] Exim dkim_exim_query_dns_txt() buffer overflow
5547| [75155] Mozilla Firefox, Thunderbird, and SeaMonkey texImage2D denial of service
5548| [67455] Exim DKIM processing code execution
5549| [67299] Exim dkim_exim_verify_finish() format string
5550| [65028] Exim open_log privilege escalation
5551| [63967] Exim config file privilege escalation
5552| [63960] Exim header buffer overflow
5553| [59043] Exim mail directory privilege escalation
5554| [59042] Exim MBX symlink
5555| [52922] ikiwiki teximg plugin information disclosure
5556| [34265] Exim spamd buffer overflow
5557| [25286] Sa-exim greylistclean.cron file deletion
5558| [22687] RHSA-2005:025 updates for exim not installed
5559| [18901] Exim dns_build_reverse buffer overflow
5560| [18764] Exim spa_base64_to_bits function buffer overflow
5561| [18763] Exim host_aton buffer overflow
5562| [16079] Exim require_verify buffer overflow
5563| [16077] Exim header_check_syntax buffer overflow
5564| [16075] Exim sender_verify buffer overflow
5565| [13067] Exim HELO or EHLO command heap overflow
5566| [10761] Exim daemon.c format string
5567| [8194] Exim configuration file -c command-line argument buffer overflow
5568| [7738] Exim allows attacker to hide commands in localhost names using pipes
5569| [6671] Exim "
5570| [1893] Exim MTA allows local users to gain root privileges
5571|
5572| Exploit-DB - https://www.exploit-db.com:
5573| [16925] Exim4 <= 4.69 - string_format Function Heap Buffer Overflow
5574| [15725] Exim 4.63 Remote Root Exploit
5575| [1009] Exim <= 4.41 dns_build_reverse Local Exploit
5576| [812] Exim <= 4.43 auth_spa_server() Remote PoC Exploit
5577| [796] Exim <= 4.42 Local Root Exploit
5578| [756] Exim <= 4.41 dns_build_reverse Local Exploit PoC
5579|
5580| OpenVAS (Nessus) - http://www.openvas.org:
5581| [100663] Exim < 4.72 RC2 Multiple Vulnerabilities
5582|
5583| SecurityTracker - https://www.securitytracker.com:
5584| [1025539] Exim DKIM Processing Flaw Lets Remote Users Execute Arbitrary Code
5585| [1025504] Exim DKIM Signature Format String Flaw Lets Remote Users Execute Arbitrary Code
5586| [1024859] Exim Configuration File Capability Lets Local Users Gain Elevated Privileges
5587| [1024858] Exim Buffer Overfow in string_format() Lets Remote Users Execute Arbitrary Code
5588| [1012904] Exim Buffer Overflow in dns_build_reverse() Lets Local Users Obtain Elevated Privileges
5589| [1012771] Exim Buffer Overflows in host_aton() and spa_base64_to_bits() May Let Local Users Gain Elevated Privileges
5590| [1010081] Exim Buffer Overflows in 'accept.c' and 'verify.c' Let Remote Users Execute Arbitrary Code
5591| [1007609] Exim Heap Overflow in 'smtp_in.c' May Allow Remote Arbitrary Code Execution
5592| [1005756] Exim Mail Server Format String Bug Lets Local Exim Administrators Execute Arbitrary Code With Root Privileges
5593| [1003547] Potential Bug in Exim Mail Server May Let Local Users Execute Code With Root Privileges
5594| [1003014] Exim Mail Server Pipe Address Validation Error May Let Remote Users Execute Arbitrary Code With Root Privileges in a Certain Configuration
5595| [1001694] Exim Mail Server May Allow Remote Users to Execute Arbitrary Code with Root-Level Privileges on the Server
5596|
5597| OSVDB - http://www.osvdb.org:
5598| [93004] Dovecot with Exim sender_address Parameter Remote Command Execution
5599| [87599] Mozilla Multiple Product copyTexImage2D Call Image Dimension Handling Memory Corruption
5600| [87581] Mozilla Multiple Product texImage2D Call Handling Memory Corruption
5601| [86616] Exim src/dkim.c dkim_exim_query_dns_txt() Function DNS Record Parsing Remote Overflow
5602| [81523] Mozilla Multiple Product WebGL texImage2D() Function JSVAL_TO_OBJECT Remote Code Execution
5603| [72642] Exim DKIM Identity Lookup Item Remote Code Execution
5604| [72156] Exim src/dkim.c dkim_exim_verify_finish() Function DKIM-Signature Header Format String
5605| [70696] Exim log.c open_log() Function Local Privilege Escalation
5606| [69860] Exim exim User Account Configuration File Directive Local Privilege Escalation
5607| [69685] Exim string_format Function Remote Overflow
5608| [65159] Exim transports/appendfile.c MBX Locking Race Condition Permission Modification
5609| [65158] Exim transports/appendfile.c Hardlink Handling Arbitrary File Overwrite
5610| [57575] teximg Plugin for ikiwiki TEX Command Arbitrary File Local Disclosure
5611| [23849] sa-exim greylistclean.cron Arbitrary File Deletion
5612| [13073] Oracle Database Server Advanced Queuing Component dbms_transform_eximp Unspecified Security Issue
5613| [12946] Exim -bh Command Line Option dns_build_reverse Function Local Overflow
5614| [12727] Exim SPA Authentication spa_base64_to_bits Function Remote Overflow
5615| [12726] Exim -be Command Line Option host_aton Function Local Overflow
5616| [10877] Exim smtp_in.c HELO/EHLO Remote Overflow
5617| [10360] Exim daemon.c pid_file_path Variable Manipulation Arbitrary Command Execution
5618| [10032] libXpm CreateXImage Function Integer Overflow
5619| [7160] Exim .forward :include: Option Privilege Escalation
5620| [6479] Vexim COOKIE Authentication Credential Disclosure
5621| [6478] Vexim Multiple Parameter SQL Injection
5622| [5930] Exim Parenthesis File Name Filter Bypass
5623| [5897] Exim header_syntax Function Remote Overflow
5624| [5896] Exim sender_verify Function Remote Overflow
5625| [5530] Exim Localhost Name Arbitrary Command Execution
5626| [5330] Exim Configuration File Variable Overflow
5627| [1855] Exim Batched SMTP Mail Header Format String
5628|_
562953/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
5630| vulscan: VulDB - https://vuldb.com:
5631| [11804] ISC BIND up to 9.9.4 DNS Query bin/named/query.c query_findclosestnsec3 denial of service
5632| [11104] ISC BIND up to 9.9.4 WSAloctl Winsock API Bypass privilege escalation
5633| [9764] ISC BIND up to 9.9.4 RDATA rdata.c denial of service
5634| [119548] ISC BIND 9.9.12/9.10.7/9.11.3/9.12.1-P2 Recursion information disclosure
5635| [95202] ISC BIND up to 9.9.9-P4/9.10.4-P4/9.11.0-P1 DNSSEC denial of service
5636| [95201] ISC BIND up to 9.9.9-P4/9.10.4-P4/9.11.0-P1 DS Record Response denial of service
5637| [95200] ISC BIND up to 9.9.9-P4/9.10.4-P4/9.11.0-P1 ANY Query Response denial of service
5638| [89850] ISC BIND up to 9.9.9-P1/9.10.4-P1/9.11.0b1 Lightweight Resolution named.conf denial of service
5639| [81312] ISC BIND up to 9.9.8-P3/9.10.3-P3 named db.c/resolver.c Signature Record denial of service
5640| [81311] ISC BIND up to 9.9.8-P3/9.10.3-P3 named alist.c/sexpr.c denial of service
5641| [80787] ISC BIND up to 9.9.8-S4 Query rdataset.c denial of service
5642| [79802] ISC BIND 9.9.0/9.10.0/9.10.1-P1 Socket Error resolver.c denial of service
5643| [79801] ISC BIND 9.9.0/9.10.0/9.10.1-P1 Response db.c denial of service
5644| [76834] ISC BIND up to 9.9.7-P1/9.10.2-P2 TKEY Query Packet Crash denial of service
5645| [8108] ISC BIND up to 9.9.3 on Unix/Linux Regular Expression denial of service
5646| [7079] ISC BIND up to 9.9.1 DNS64 IPv6 Transition Mechanism denial of service
5647| [6295] ISC BIND up to 9.9.1-P2 Assertion Error Resource Record Parser RDATA Query denial of service
5648| [5875] ISC BIND 9.9.0/9.9.1 denial of service
5649| [5874] ISC BIND up to 9.9.1-P1 denial of service
5650| [5483] ISC BIND up to 9.9.1 DNS Resource Record information disclosure
5651|
5652| MITRE CVE - https://cve.mitre.org:
5653| [CVE-2013-4854] The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.
5654| [CVE-2013-3919] resolver.c in ISC BIND 9.8.5 before 9.8.5-P1, 9.9.3 before 9.9.3-P1, and 9.6-ESV-R9 before 9.6-ESV-R9-P1, when a recursive resolver is configured, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a record in a malformed zone.
5655| [CVE-2013-2266] libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process.
5656| [CVE-2012-5689] ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record.
5657| [CVE-2012-5688] ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.
5658| [CVE-2012-5166] ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before 9.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows remote attackers to cause a denial of service (named daemon hang) via unspecified combinations of resource records.
5659| [CVE-2012-4244] ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P3 allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a long resource record.
5660| [CVE-2012-3868] Race condition in the ns_client structure management in ISC BIND 9.9.x before 9.9.1-P2 allows remote attackers to cause a denial of service (memory consumption or process exit) via a large volume of TCP queries.
5661| [CVE-2012-1667] ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service (daemon crash or data corruption) or obtain sensitive information from process memory via a crafted record.
5662| [CVE-2011-4313] query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver.
5663| [CVE-2011-2465] Unspecified vulnerability in ISC BIND 9 9.8.0, 9.8.0-P1, 9.8.0-P2, and 9.8.1b1, when recursion is enabled and the Response Policy Zone (RPZ) contains DNAME or certain CNAME records, allows remote attackers to cause a denial of service (named daemon crash) via an unspecified query.
5664| [CVE-2011-2464] Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service (named daemon crash) via a crafted UPDATE request.
5665|
5666| SecurityFocus - https://www.securityfocus.com/bid/:
5667| [61774] ISC BIND 9 SRTT Algorithm Authoritative Server Selection Security Vulnerability
5668| [61479] ISC BIND 9 DNS RDATA Handling CVE-2013-4854 Remote Denial of Service Vulnerability
5669| [58736] ISC BIND 9 'libdns' Remote Denial of Service Vulnerability
5670| [57556] ISC BIND 9 DNS64 CVE-2012-5689 Remote Denial of Service Vulnerability
5671| [56817] ISC BIND 9 DNS64 Remote Denial of Service Vulnerability
5672| [55852] ISC BIND 9 DNS RDATA Handling CVE-2012-5166 Remote Denial of Service Vulnerability
5673| [55522] ISC BIND 9 DNS Resource Records Handling CVE-2012-4244 Remote Denial of Service Vulnerability
5674| [54659] ISC BIND 9 TCP Query Remote Denial of Service Vulnerability
5675| [54658] ISC BIND 9 DNSSEC Validation CVE-2012-3817 Denial of Service Vulnerability
5676| [53772] ISC BIND 9 DNS Resource Records Handling Remote Denial of Service Vulnerability
5677| [50690] ISC BIND 9 Recursive Queries Remote Denial of Service Vulnerability
5678| [48566] ISC BIND 9 Unspecified Packet Processing Remote Denial of Service Vulnerability
5679| [48565] ISC BIND 9 RPZ Configurations Remote Denial of Service Vulnerabilities
5680| [48007] ISC BIND 9 Large RRSIG RRsets Remote Denial of Service Vulnerability
5681| [47734] ISC BIND 9 RRSIG Query Type Remote Denial of Service Vulnerability
5682| [46491] ISC BIND 9 IXFR Transfer/DDNS Update Remote Denial of Service Vulnerability
5683| [45385] ISC BIND 9 DNSSEC Validation Remote Denial of Service Vulnerability
5684| [45133] ISC BIND 9 'RRSIG' Record Type Negative Cache Remote Denial of Service Vulnerability
5685| [41730] ISC BIND 9 'RRSIG' Record Type Remote Denial of Service Vulnerability
5686| [37865] ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability
5687| [37118] ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
5688| [35848] ISC BIND 9 Remote Dynamic Update Message Denial of Service Vulnerability
5689| [25076] ISC BIND 9 Default ACL Settings Recursive Queries And Cached Content Security Bypass Vulnerability
5690| [25037] ISC BIND 9 Remote Cache Poisoning Vulnerability
5691| [4936] ISC BIND 9 Remote Denial Of Service Vulnerability
5692| [100656] Cisco ASR 920 Series Routers CVE-2017-6795 Local Arbitrary File Overwrite Vulnerability
5693| [97450] Cisco ASR 903 and ASR 920 Series CVE-2017-6603 Denial of Service Vulnerability
5694| [93415] Cisco Nexus 9000 Series Switches CVE-2016-1455 Remote Information Disclosure Vulnerability
5695| [82579] Cisco Nexus 9000 Series ACI Mode Switches CVE-2015-6398 Denial of Service Vulnerability
5696| [77686] Cisco Firepower 9000 Series CVE-2015-6380 Unspecified OS Command Injection Vulnerability
5697| [77635] Cisco Firepower 9000 Series CVE-2015-6371 Multiple Arbitrary File Read Vulnerabilities
5698| [77634] Cisco Firepower 9000 Series CVE-2015-6370 Local Command Injection Vulnerability
5699| [77633] Cisco Firepower 9000 Series Switches CVE-2015-6372 HTML Injection Vulnerability
5700| [77631] Cisco Firepower 9000 Series Switches CVE-2015-6374 Clickjacking Vulnerability
5701| [77629] Cisco Firepower 9000 Series CVE-2015-6369 Local Denial of Service Vulnerability
5702| [77628] Cisco Firepower 9000 CVE-2015-6373 Cross Site Request Forgery Vulnerability
5703| [77614] Cisco Firepower 9000 Series Switches CVE-2015-6368 Information Disclosure Vulnerability
5704| [76913] Cisco NX-OS Software for Nexus 9000 Series Switches CVE-2015-6308 Denial of Service Vulnerability
5705| [76791] Cisco ASR 9000 Series Aggregation Services Routers CVE-2015-6301 Denial of Service Vulnerability
5706| [76762] Cisco NX-OS Software for Nexus 9000 Series CVE-2015-6295 Denial of Service Vulnerability
5707| [76329] Cisco Nexus 9000 Series Software CVE-2015-4301 Remote Denial of Service Vulnerability
5708| [76057] Cisco Firepower 9000 Series Devices CVE-2015-4287 Information Disclosure Vulnerability
5709| [75471] Cisco Unified IP Phones 9900 Series CVE-2015-4226 Denial of Service Vulnerability
5710| [75378] Cisco NX-OS Software for Nexus 9000 Series CVE-2015-4213 Information Disclosure Vulnerability
5711| [74029] Cisco ASR 9000 Series Routers CVE-2015-0694 Remote Security Bypass Vulnerability
5712| [73895] Cisco NX-OS Software for Nexus 9000 Series CVE-2015-0686 Denial of Service Vulnerability
5713| [73470] Cisco ASR 9000 Series Routers CVE-2015-0685 Denial of Service Vulnerability
5714| [73318] Cisco ASR 9000 Series Aggregation Services Routers CVE-2015-0672 Denial of Service Vulnerability
5715| [72485] Cisco Unified IP Phones 9900 Series CVE-2015-0604 Arbitrary File Upload Vulnerability
5716| [72484] Cisco Unified IP Phones 9900 Series CVE-2015-0603 Local Denial of Service Vulnerability
5717| [72483] Cisco Unified IP Phones 9900 Series CVE-2015-0601 Local Denial of Service Vulnerability
5718| [72482] Cisco Unified IP Phones 9900 Series CVE-2015-0602 Information Disclosure Vulnerability
5719| [72481] Cisco Unified IP Phones 9900 Series CVE-2015-0600 Denial of Service Vulnerability
5720| [71979] Cisco MDS 9000 NX-OS Software CVE-2015-0582 Denial of Service Vulnerability
5721| [70744] Cisco ASR 901 Series Routers CVE-2014-3293 Denial of Service Vulnerability
5722| [70658] ZTE ZXDSL 931VII 'manager_dev_config_t.gch' Information Disclosure Vulnerability
5723| [69057] Cisco Nexus 9000 Series Switches CVE-2014-3330 Access List Security Bypass Vulnerability
5724| [64770] Cisco Unified IP Phones 9900 Series Crafted Header Unregister Denial of Service Vulnerability
5725| [63564] Cisco MDS 9000 NX-OS Software VRRP Frames Denial of Service Vulnerability
5726| [62944] Cisco Unified IP Phones 9900 Series CVE-2013-5532 Buffer Overflow Vulnerability
5727| [62943] Cisco Unified IP Phones 9900 Series CVE-2013-5533 Local Command Injection Vulnerability
5728| [62905] Cisco Unified IP Phones 9900 Series CVE-2013-5526 Denial of Service Vulnerability
5729| [61330] Cisco Unified IP Phones 9900 Series CVE-2013-3426 Arbitrary File Download Vulnerability
5730| [49633] Oracle Application Server 9i 'httpd.conf' Information Disclosure Vulnerability
5731| [48811] Cisco ASR 9000 Series Routers IP Version 4 Denial of Service Vulnerability
5732| [48264] Aastra 9480i CT Multiple Information Disclosure Vulnerabilities
5733| [15542] NetObjects Fusion 9 Information Disclosure Vulnerability
5734| [6556] Oracle 9i Application Server Sample Scripts Information Disclosure Vulnerability
5735| [6459] Oracle 9i Application Server Java Server Page Source Code Disclosure Vulnerability
5736| [5335] Multiple Lucent Router UDP Port 9 Information Disclosure Vulnerability
5737| [4290] Oracle 9i Default Configuration File Information Disclosure Vulnerability
5738| [4034] Oracle 9IAS OracleJSP Information Disclosure Vulnerability
5739| [3848] Mandrake Bind 9 Package Insecure File Permissions Vulnerability
5740| [2516] Microsoft Plus! 98 Windows ME Password Disclosure Vulnerability
5741|
5742| IBM X-Force - https://exchange.xforce.ibmcloud.com:
5743| [85799] Cisco Unified IP Phones 9900 Series directory traversal
5744| [75412] Cisco Unified IP Phones 9900 series RT privilege escalation
5745| [68733] Cisco 9000 Series Aggregation Service Router IPv4 packet denial of service
5746| [9704] Multiple Lucent router UDP port 9 could disclose sensitive information
5747| [9250] BIND 9 dns_message_findtype() denial of service
5748| [1852] BIND prior to 4.9.7 buffer overflow affects Digital Firewall 97 users
5749| [539] Microsoft Windows 95 and Internet Explorer password disclosure
5750| [86004] ISC BIND RDATA denial of service
5751| [84767] ISC BIND denial of service
5752| [83066] ISC BIND denial of service
5753| [81504] ISC BIND AAAA denial of service
5754| [80510] ISC BIND DNS64 denial of service
5755| [79121] ISC BIND queries denial of service
5756| [78479] ISC BIND RDATA denial of service
5757| [77185] ISC BIND TCP queries denial of service
5758| [77184] ISC BIND bad cache denial of service
5759| [76034] ISC BIND rdata denial of service
5760| [73053] ISC BIND cache update policy security bypass
5761| [71332] ISC BIND recursive queries denial of service
5762| [68375] ISC BIND UPDATE denial of service
5763| [68374] ISC BIND Response Policy Zones denial of service
5764| [67665] ISC BIND RRSIG Rrsets denial of service
5765| [67297] ISC BIND RRSIG denial of service
5766| [65554] ISC BIND IXFR transfer denial of service
5767| [63602] ISC BIND allow-query security bypass
5768| [63596] ISC BIND zone data security bypass
5769| [63595] ISC BIND RRSIG denial of service
5770| [62072] ISC BIND DNSSEC query denial of service
5771| [62071] ISC BIND ACL security bypass
5772| [61871] ISC BIND anchors denial of service
5773| [60421] ISC BIND RRSIG denial of service
5774| [56049] ISC BIND out-of-bailiwick weak security
5775| [55937] ISC Bind unspecified cache poisoning
5776| [55753] ISC BIND DNSSEC NSEC/NSEC3 cache poisoning
5777| [54416] ISC BIND DNSSEC cache poisoning
5778| [52073] ISC BIND dns_db_findrdataset() denial of service
5779| [47409] Multiple Mozilla products XBL loadBindingDocument information disclosure
5780| [45234] ISC BIND UDP denial of service
5781| [39670] ISC BIND inet_network buffer overflow
5782| [37233] libgssapi ISC BIND Novell SUSE Linux Enterprise Server GSS-TSIG request denial of service
5783| [37128] RHSA update for ISC BIND RRset denial of service not installed
5784| [37127] RHSA update for ISC BIND named service denial of service not installed
5785| [36275] ISC BIND DNS query spoofing
5786| [35575] ISC BIND query ID cache poisoning
5787| [35571] ISC BIND ACL security bypass
5788| [31838] ISC BIND RRset denial of service
5789| [31799] ISC BIND named service denial of service
5790| [29876] HP Tru64 ypbind core dump information disclosure
5791| [28745] ISC BIND DNSSEC RRset denial of service
5792| [28744] ISC BIND recursive INSIST denial of service
5793| [22041] BEA WebLogic Server and Express LDAP anonymous bind information disclosure
5794| [18836] BIND hostname disclosure
5795| [10624] ISC BIND DNS stub resolver library (libresolv.a) stack buffer overflows
5796| [10333] ISC BIND SIG null pointer dereference denial of service
5797| [10332] ISC BIND OPT resource record (RR) denial of service
5798| [10304] ISC BIND SIG cached resource records (RR) heap buffer overflow
5799| [7027] Cisco CBOS Web-based configuration utility binds to port 80 by default
5800| [5814] ISC BIND "
5801| [5540] ISC BIND can be remotely crashed by issuing ZXFR requests
5802| [5462] ISC BIND AXFR host command remote buffer overflow
5803|
5804| Exploit-DB - https://www.exploit-db.com:
5805| [24689] cPanel 9.9.1 -R3 Front Page Extension Installation Information Disclosure
5806| [23059] Netbula Anyboard 9.9.5 6 Information Disclosure Vulnerability
5807| [9300] ISC BIND 9 Remote Dynamic Update Message Denial of Service PoC
5808|
5809| OpenVAS (Nessus) - http://www.openvas.org:
5810| [103090] ISC BIND 9 IXFR Transfer/DDNS Update Remote Denial of Service Vulnerability
5811| [103031] ISC BIND 9 < 9.7.2-P2 Multiple Vulnerabilities
5812| [103030] ISC BIND 9 'RRSIG' Record Type Negative Cache Remote Denial of Service Vulnerability
5813| [100717] ISC BIND 9 'RRSIG' Record Type Remote Denial of Service Vulnerability
5814| [100458] ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability
5815| [100362] ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
5816| [100251] ISC BIND 9 Remote Dynamic Update Message Denial of Service Vulnerability
5817| [63208] Fedora Core 9 FEDORA-2009-0350 (bind)
5818| [11226] Oracle 9iAS default error information disclosure
5819|
5820| SecurityTracker - https://www.securitytracker.com:
5821| [1025811] Cisco ASR 9000 Series Router IPv4 Packet Processing Flaw Lets Remote Users Deny Service
5822| [1012995] BIND 9 Validator Assumption Error May Let Remote Users Deny Service
5823| [1005048] Oracle Enterprise Manager Web Service Component of Oracle 9i Application Server Discloses the Web Cache Administrator Password to Local Users
5824| [1003675] Oracle 9iAS Application Server Discloses CGI-BIN Script Source Code to Remote Users
5825| [1001186] Microsoft Windows Me Operating System and Windows 98 with the Plus! 98 Package Disclose Data Compression Passwords
5826| [1028901] (McAfee Issues Advisory for McAfee Email Gateway) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
5827| [1028900] (McAfee Issues Advisory for McAfee Email and Web Security Appliance) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
5828| [1028899] (McAfee Issues Fix for McAfee Web Gateway) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
5829| [1028866] (McAfee Issues Fix for McAfee Firewall Enterprise) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
5830| [1028854] (NetBSD Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
5831| [1028849] (Red Hat Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
5832| [1028848] (Red Hat Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
5833| [1028839] (FreeBSD Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
5834| [1028838] ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
5835| [1028632] ISC BIND RUNTIME_CHECK Error Lets Remote Users Deny Service Against Recursive Resolvers
5836| [1028046] ISC BIND DNS64 and Response Policy Zones (RPZ) Bug Lets Remote Users Deny Service
5837| [1027835] ISC BIND DNS64 Bug Lets Remote Users Deny Service
5838| [1027642] ISC BIND RDATA Processing Flaw Lets Remote Users Deny Service
5839| [1027529] ISC BIND RDATA Processing Flaw Lets Remote Users Deny Service
5840| [1026647] ISC BIND Cache Update Policy Can Be Bypassed to Allow Revoked Domain Names to Remain Resolvable
5841| [1026335] ISC BIND Invalid Record Caching Flaw Lets Remote Users Deny Service
5842| [1025743] ISC BIND Response Policy Zones DNAME/CNAME Processing Flaw Lets Remote Users Deny Service
5843| [1025742] ISC BIND Packet Processing Flaw Lets Remote Users Deny Service
5844| [1015850] Samba winbindd Daemon Discloses Server Password to Local Users
5845| [1003359] BindView NETinventory Discloses Password to Local Users During Auditing
5846| [1001721] BIND Domain Name System Software May Disclose DNS Transactional Signature (TSIG) Keys to Local Users
5847|
5848| OSVDB - http://www.osvdb.org:
5849| [86219] Cardiac Science G3 Plus 9390A-501 AED AEDUpdate Cleartext Password Local Disclosure
5850| [22517] MPN HP-180W Wireless IP Phone UDP Port 9090 Information Disclosure
5851| [22516] ZyXEL P-2000W_v2 VoIP Wi-Fi Phone UDP Port 9090 Information Disclosure
5852| [21292] ZyXEL P2000W UDP 9090 Remote Information Disclosure
5853|_
585480/tcp open http nginx
5855| vulscan: VulDB - https://vuldb.com:
5856| [133852] Sangfor Sundray WLAN Controller up to 3.7.4.2 Cookie Header nginx_webconsole.php Code Execution
5857| [132132] SoftNAS Cloud 4.2.0/4.2.1 Nginx privilege escalation
5858| [131858] Puppet Discovery up to 1.3.x Nginx Container weak authentication
5859| [130644] Nginx Unit up to 1.7.0 Router Process Request Heap-based memory corruption
5860| [127759] VeryNginx 0.3.3 Web Application Firewall privilege escalation
5861| [126525] nginx up to 1.14.0/1.15.5 ngx_http_mp4_module Loop denial of service
5862| [126524] nginx up to 1.14.0/1.15.5 HTTP2 CPU Exhaustion denial of service
5863| [126523] nginx up to 1.14.0/1.15.5 HTTP2 Memory Consumption denial of service
5864| [119845] Pivotal Operations Manager up to 2.0.13/2.1.5 Nginx privilege escalation
5865| [114368] SuSE Portus 2.3 Nginx Certificate weak authentication
5866| [103517] nginx up to 1.13.2 Range Filter Request Integer Overflow memory corruption
5867| [89849] nginx RFC 3875 Namespace Conflict Environment Variable Open Redirect
5868| [87719] nginx up to 1.11.0 ngx_files.c ngx_chain_to_iovec denial of service
5869| [80760] nginx 0.6.18/1.9.9 DNS CNAME Record Crash denial of service
5870| [80759] nginx 0.6.18/1.9.9 DNS CNAME Record Use-After-Free denial of service
5871| [80758] nginx 0.6.18/1.9.9 DNS UDP Packet Crash denial of service
5872| [67677] nginx up to 1.7.3 SSL weak authentication
5873| [67296] nginx up to 1.7.3 SMTP Proxy ngx_mail_smtp_starttls privilege escalation
5874| [12822] nginx up to 1.5.11 SPDY SPDY Request Heap-based memory corruption
5875| [12824] nginx 1.5.10 on 32-bit SPDY memory corruption
5876| [11237] nginx up to 1.5.6 URI String Bypass privilege escalation
5877| [65364] nginx up to 1.1.13 Default Configuration information disclosure
5878| [8671] nginx up to 1.4 proxy_pass denial of service
5879| [8618] nginx 1.3.9/1.4.0 http/ngx_http_parse.c ngx_http_parse_chunked() memory corruption
5880| [7247] nginx 1.2.6 Proxy Function spoofing
5881| [61434] nginx 1.2.0/1.3.0 on Windows Access Restriction privilege escalation
5882| [5293] nginx up to 1.1.18 ngx_http_mp4_module MP4 File memory corruption
5883| [4843] nginx up to 1.0.13/1.1.16 HTTP Header Response Parser ngx_http_parse.c information disclosure
5884| [59645] nginx up to 0.8.9 Heap-based memory corruption
5885| [53592] nginx 0.8.36 memory corruption
5886| [53590] nginx up to 0.8.9 unknown vulnerability
5887| [51533] nginx 0.7.64 Terminal privilege escalation
5888| [50905] nginx up to 0.8.9 directory traversal
5889| [50903] nginx up to 0.8.10 NULL Pointer Dereference denial of service
5890| [50043] nginx up to 0.8.10 memory corruption
5891|
5892| MITRE CVE - https://cve.mitre.org:
5893| [CVE-2013-2070] http/modules/ngx_http_proxy_module.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when proxy_pass is used with untrusted HTTP servers, allows remote attackers to cause a denial of service (crash) and obtain sensitive information from worker process memory via a crafted proxy response, a similar vulnerability to CVE-2013-2028.
5894| [CVE-2013-2028] The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based buffer overflow.
5895| [CVE-2012-3380] Directory traversal vulnerability in naxsi-ui/nx_extract.py in the Naxsi module before 0.46-1 for Nginx allows local users to read arbitrary files via unspecified vectors.
5896| [CVE-2012-2089] Buffer overflow in ngx_http_mp4_module.c in the ngx_http_mp4_module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted MP4 file.
5897| [CVE-2012-1180] Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1.1.17 allows remote HTTP servers to obtain sensitive information from process memory via a crafted backend response, in conjunction with a client request.
5898| [CVE-2011-4963] nginx/Windows 1.3.x before 1.3.1 and 1.2.x before 1.2.1 allows remote attackers to bypass intended access restrictions and access restricted files via (1) a trailing . (dot) or (2) certain "$index_allocation" sequences in a request.
5899| [CVE-2011-4315] Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response.
5900| [CVE-2010-2266] nginx 0.8.36 allows remote attackers to cause a denial of service (crash) via certain encoded directory traversal sequences that trigger memory corruption, as demonstrated using the "%c0.%c0." sequence.
5901| [CVE-2010-2263] nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to obtain source code or unparsed content of arbitrary files under the web document root by appending ::$DATA to the URI.
5902| [CVE-2009-4487] nginx 0.7.64 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.
5903| [CVE-2009-3898] Directory traversal vulnerability in src/http/modules/ngx_http_dav_module.c in nginx (aka Engine X) before 0.7.63, and 0.8.x before 0.8.17, allows remote authenticated users to create or overwrite arbitrary files via a .. (dot dot) in the Destination HTTP header for the WebDAV (1) COPY or (2) MOVE method.
5904| [CVE-2009-3896] src/http/ngx_http_parse.c in nginx (aka Engine X) 0.1.0 through 0.4.14, 0.5.x before 0.5.38, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.14 allows remote attackers to cause a denial of service (NULL pointer dereference and worker process crash) via a long URI.
5905| [CVE-2009-2629] Buffer underflow in src/http/ngx_http_parse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests.
5906|
5907| SecurityFocus - https://www.securityfocus.com/bid/:
5908| [99534] Nginx CVE-2017-7529 Remote Integer Overflow Vulnerability
5909| [93903] Nginx CVE-2016-1247 Remote Privilege Escalation Vulnerability
5910| [91819] Nginx CVE-2016-1000105 Security Bypass Vulnerability
5911| [90967] nginx CVE-2016-4450 Denial of Service Vulnerability
5912| [82230] nginx Multiple Denial of Service Vulnerabilities
5913| [78928] Nginx CVE-2010-2266 Denial-Of-Service Vulnerability
5914| [70025] nginx CVE-2014-3616 SSL Session Fixation Vulnerability
5915| [69111] nginx SMTP Proxy Remote Command Injection Vulnerability
5916| [67507] nginx SPDY Implementation CVE-2014-0088 Arbitrary Code Execution Vulnerability
5917| [66537] nginx SPDY Implementation Heap Based Buffer Overflow Vulnerability
5918| [63814] nginx CVE-2013-4547 URI Processing Security Bypass Vulnerability
5919| [59824] Nginx CVE-2013-2070 Remote Security Vulnerability
5920| [59699] nginx 'ngx_http_parse.c' Stack Buffer Overflow Vulnerability
5921| [59496] nginx 'ngx_http_close_connection()' Remote Integer Overflow Vulnerability
5922| [59323] nginx NULL-Byte Arbitrary Code Execution Vulnerability
5923| [58105] Nginx 'access.log' Insecure File Permissions Vulnerability
5924| [57139] nginx CVE-2011-4968 Man in The Middle Vulnerability
5925| [55920] nginx CVE-2011-4963 Security Bypass Vulnerability
5926| [54331] Nginx Naxsi Module 'nx_extract.py' Script Remote File Disclosure Vulnerability
5927| [52999] nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability
5928| [52578] nginx 'ngx_cpystrn()' Information Disclosure Vulnerability
5929| [50710] nginx DNS Resolver Remote Heap Buffer Overflow Vulnerability
5930| [40760] nginx Remote Source Code Disclosure and Denial of Service Vulnerabilities
5931| [40434] nginx Space String Remote Source Code Disclosure Vulnerability
5932| [40420] nginx Directory Traversal Vulnerability
5933| [37711] nginx Terminal Escape Sequence in Logs Command Injection Vulnerability
5934| [36839] nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability
5935| [36490] nginx WebDAV Multiple Directory Traversal Vulnerabilities
5936| [36438] nginx Proxy DNS Cache Domain Spoofing Vulnerability
5937| [36384] nginx HTTP Request Remote Buffer Overflow Vulnerability
5938|
5939| IBM X-Force - https://exchange.xforce.ibmcloud.com:
5940| [84623] Phusion Passenger gem for Ruby with nginx configuration insecure permissions
5941| [84172] nginx denial of service
5942| [84048] nginx buffer overflow
5943| [83923] nginx ngx_http_close_connection() integer overflow
5944| [83688] nginx null byte code execution
5945| [83103] Naxsi module for Nginx naxsi_unescape_uri() function security bypass
5946| [82319] nginx access.log information disclosure
5947| [80952] nginx SSL spoofing
5948| [77244] nginx and Microsoft Windows request security bypass
5949| [76778] Naxsi module for Nginx nx_extract.py directory traversal
5950| [74831] nginx ngx_http_mp4_module.c buffer overflow
5951| [74191] nginx ngx_cpystrn() information disclosure
5952| [74045] nginx header response information disclosure
5953| [71355] nginx ngx_resolver_copy() buffer overflow
5954| [59370] nginx characters denial of service
5955| [59369] nginx DATA source code disclosure
5956| [59047] nginx space source code disclosure
5957| [58966] nginx unspecified directory traversal
5958| [54025] nginx ngx_http_parse.c denial of service
5959| [53431] nginx WebDAV component directory traversal
5960| [53328] Nginx CRC-32 cached domain name spoofing
5961| [53250] Nginx ngx_http_parse_complex_uri() function code execution
5962|
5963| Exploit-DB - https://www.exploit-db.com:
5964| [26737] nginx 1.3.9/1.4.0 x86 Brute Force Remote Exploit
5965| [25775] Nginx HTTP Server 1.3.9-1.4.0 Chuncked Encoding Stack Buffer Overflow
5966| [25499] nginx 1.3.9-1.4.0 DoS PoC
5967| [24967] nginx 0.6.x Arbitrary Code Execution NullByte Injection
5968| [14830] nginx 0.6.38 - Heap Corruption Exploit
5969| [13822] Nginx <= 0.7.65 / 0.8.39 (dev) Source Disclosure / Download Vulnerability
5970| [13818] Nginx 0.8.36 Source Disclosure and DoS Vulnerabilities
5971| [12804] nginx [engine x] http server <= 0.6.36 Path Draversal
5972| [9901] nginx 0.7.0-0.7.61, 0.6.0-0.6.38, 0.5.0-0.5.37, 0.4.0-0.4.14 PoC
5973| [9829] nginx 0.7.61 WebDAV directory traversal
5974|
5975| OpenVAS (Nessus) - http://www.openvas.org:
5976| [864418] Fedora Update for nginx FEDORA-2012-3846
5977| [864310] Fedora Update for nginx FEDORA-2012-6238
5978| [864209] Fedora Update for nginx FEDORA-2012-6411
5979| [864204] Fedora Update for nginx FEDORA-2012-6371
5980| [864121] Fedora Update for nginx FEDORA-2012-4006
5981| [864115] Fedora Update for nginx FEDORA-2012-3991
5982| [864065] Fedora Update for nginx FEDORA-2011-16075
5983| [863654] Fedora Update for nginx FEDORA-2011-16110
5984| [861232] Fedora Update for nginx FEDORA-2007-1158
5985| [850180] SuSE Update for nginx openSUSE-SU-2012:0237-1 (nginx)
5986| [831680] Mandriva Update for nginx MDVSA-2012:043 (nginx)
5987| [802045] 64-bit Debian Linux Rootkit with nginx Doing iFrame Injection
5988| [801636] nginx HTTP Request Remote Buffer Overflow Vulnerability
5989| [103470] nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability
5990| [103469] nginx 'ngx_cpystrn()' Information Disclosure Vulnerability
5991| [103344] nginx DNS Resolver Remote Heap Buffer Overflow Vulnerability
5992| [100676] nginx Remote Source Code Disclosure and Denial of Service Vulnerabilities
5993| [100659] nginx Directory Traversal Vulnerability
5994| [100658] nginx Space String Remote Source Code Disclosure Vulnerability
5995| [100441] nginx Terminal Escape Sequence in Logs Command Injection Vulnerability
5996| [100321] nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability
5997| [100277] nginx Proxy DNS Cache Domain Spoofing Vulnerability
5998| [100276] nginx HTTP Request Remote Buffer Overflow Vulnerability
5999| [100275] nginx WebDAV Multiple Directory Traversal Vulnerabilities
6000| [71574] Gentoo Security Advisory GLSA 201206-07 (nginx)
6001| [71308] Gentoo Security Advisory GLSA 201203-22 (nginx)
6002| [71297] FreeBSD Ports: nginx
6003| [71276] FreeBSD Ports: nginx
6004| [71239] Debian Security Advisory DSA 2434-1 (nginx)
6005| [66451] Fedora Core 11 FEDORA-2009-12782 (nginx)
6006| [66450] Fedora Core 10 FEDORA-2009-12775 (nginx)
6007| [66449] Fedora Core 12 FEDORA-2009-12750 (nginx)
6008| [64924] Gentoo Security Advisory GLSA 200909-18 (nginx)
6009| [64912] Fedora Core 10 FEDORA-2009-9652 (nginx)
6010| [64911] Fedora Core 11 FEDORA-2009-9630 (nginx)
6011| [64894] FreeBSD Ports: nginx
6012| [64869] Debian Security Advisory DSA 1884-1 (nginx)
6013|
6014| SecurityTracker - https://www.securitytracker.com:
6015| [1028544] nginx Bug Lets Remote Users Deny Service or Obtain Potentially Sensitive Information
6016| [1028519] nginx Stack Overflow Lets Remote Users Execute Arbitrary Code
6017| [1026924] nginx Buffer Overflow in ngx_http_mp4_module Lets Remote Users Execute Arbitrary Code
6018| [1026827] nginx HTTP Response Processing Lets Remote Users Obtain Portions of Memory Contents
6019|
6020| OSVDB - http://www.osvdb.org:
6021| [94864] cPnginx Plugin for cPanel nginx Configuration Manipulation Arbitrary File Access
6022| [93282] nginx proxy_pass Crafted Upstream Proxied Server Response Handling Worker Process Memory Disclosure
6023| [93037] nginx /http/ngx_http_parse.c Worker Process Crafted Request Handling Remote Overflow
6024| [92796] nginx ngx_http_close_connection Function Crafted r->
6025| [92634] nginx ngx_http_request.h zero_in_uri URL Null Byte Handling Remote Code Execution
6026| [90518] nginx Log Directory Permission Weakness Local Information Disclosure
6027| [88910] nginx Proxy Functionality SSL Certificate Validation MitM Spoofing Weakness
6028| [84339] nginx/Windows Multiple Request Sequence Parsing Arbitrary File Access
6029| [83617] Naxsi Module for Nginx naxsi-ui/ nx_extract.py Traversal Arbitrary File Access
6030| [81339] nginx ngx_http_mp4_module Module Atom MP4 File Handling Remote Overflow
6031| [80124] nginx HTTP Header Response Parsing Freed Memory Information Disclosure
6032| [77184] nginx ngx_resolver.c ngx_resolver_copy() Function DNS Response Parsing Remote Overflow
6033| [65531] nginx on Windows URI ::$DATA Append Arbitrary File Access
6034| [65530] nginx Encoded Traversal Sequence Memory Corruption Remote DoS
6035| [65294] nginx on Windows Encoded Space Request Remote Source Disclosure
6036| [63136] nginx on Windows 8.3 Filename Alias Request Access Rules / Authentication Bypass
6037| [62617] nginx Internal DNS Cache Poisoning Weakness
6038| [61779] nginx HTTP Request Escape Sequence Terminal Command Injection
6039| [59278] nginx src/http/ngx_http_parse.c ngx_http_process_request_headers() Function URL Handling NULL Dereference DoS
6040| [58328] nginx WebDAV Multiple Method Traversal Arbitrary File Write
6041| [58128] nginx ngx_http_parse_complex_uri() Function Underflow
6042| [44447] nginx (engine x) msie_refresh Directive Unspecified XSS
6043| [44446] nginx (engine x) ssl_verify_client Directive HTTP/0.9 Protocol Bypass
6044| [44445] nginx (engine x) ngx_http_realip_module satisfy_any Directive Unspecified Access Bypass
6045| [44444] nginx (engine x) X-Accel-Redirect Header Unspecified Traversal
6046| [44443] nginx (engine x) rtsig Method Signal Queue Overflow
6047| [44442] nginx (engine x) Worker Process Millisecond Timers Unspecified Overflow
6048|_
6049110/tcp open pop3 Dovecot pop3d
6050| vulscan: VulDB - https://vuldb.com:
6051| [139289] cPanel up to 68.0.14 dovecot-xaps-plugin Format privilege escalation
6052| [134480] Dovecot up to 2.3.5.2 Submission-Login Crash denial of service
6053| [134479] Dovecot up to 2.3.5.2 IMAP Server Crash denial of service
6054| [134024] Dovecot up to 2.3.5.1 JSON Encoder Username Crash denial of service
6055| [132543] Dovecot up to 2.2.36.0/2.3.4.0 Certificate Impersonation weak authentication
6056| [119762] Dovecot up to 2.2.28 dict Authentication var_expand() denial of service
6057| [114012] Dovecot up to 2.2.33 TLS SNI Restart denial of service
6058| [114009] Dovecot SMTP Delivery Email Message Out-of-Bounds memory corruption
6059| [112447] Dovecot up to 2.2.33/2.3.0 SASL Auth Memory Leak denial of service
6060| [106837] Dovecot up to 2.2.16 ssl-proxy-openssl.c ssl-proxy-opensslc denial of service
6061| [97052] Dovecot up to 2.2.26 auth-policy Unset Crash denial of service
6062| [69835] Dovecot 2.2.0/2.2.1 denial of service
6063| [13348] Dovecot up to 1.2.15/2.1.15 IMAP4/POP3 SSL/TLS Handshake denial of service
6064| [65684] Dovecot up to 2.2.6 unknown vulnerability
6065| [9807] Dovecot up to 1.2.7 on Exim Input Sanitizer privilege escalation
6066| [63692] Dovecot up to 2.0.15 spoofing
6067| [7062] Dovecot 2.1.10 mail-search.c denial of service
6068| [57517] Dovecot up to 2.0.12 Login directory traversal
6069| [57516] Dovecot up to 2.0.12 Access Restriction directory traversal
6070| [57515] Dovecot up to 2.0.12 Crash denial of service
6071| [54944] Dovecot up to 1.2.14 denial of service
6072| [54943] Dovecot up to 1.2.14 Access Restriction Symlink privilege escalation
6073| [54942] Dovecot up to 2.0.4 Access Restriction denial of service
6074| [54941] Dovecot up to 2.0.4 Access Restriction unknown vulnerability
6075| [54840] Dovecot up to 1.2.12 AGate unknown vulnerability
6076| [53277] Dovecot up to 1.2.10 denial of service
6077| [50082] Dovecot up to 1.1.6 Stack-based memory corruption
6078| [45256] Dovecot up to 1.1.5 directory traversal
6079| [44846] Dovecot 1.1.4/1.1.5 IMAP Client Crash denial of service
6080| [44546] Dovecot up to 1.0.x Access Restriction unknown vulnerability
6081| [44545] Dovecot up to 1.0.x Access Restriction unknown vulnerability
6082| [41430] Dovecot 1.0.12/1.1 Locking unknown vulnerability
6083| [40356] Dovecot 1.0.9 Cache unknown vulnerability
6084| [38222] Dovecot 1.0.2 directory traversal
6085| [36376] Dovecot up to 1.0.x directory traversal
6086| [33332] Timo Sirainen Dovecot up to 1.0test53 Off-By-One memory corruption
6087|
6088| MITRE CVE - https://cve.mitre.org:
6089| [CVE-2011-4318] Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate for a different hostname.
6090| [CVE-2011-2167] script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script.
6091| [CVE-2011-2166] script-login in Dovecot 2.0.x before 2.0.13 does not follow the user and group configuration settings, which might allow remote authenticated users to bypass intended access restrictions by leveraging a script.
6092| [CVE-2011-1929] lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' characters in header names, which allows remote attackers to cause a denial of service (daemon crash or mailbox corruption) via a crafted e-mail message.
6093| [CVE-2010-4011] Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage memory for user names, which allows remote authenticated users to read the private e-mail of other persons in opportunistic circumstances via standard e-mail clients accessing a user's own mailbox, related to a "memory aliasing issue."
6094| [CVE-2010-3780] Dovecot 1.2.x before 1.2.15 allows remote authenticated users to cause a denial of service (master process outage) by simultaneously disconnecting many (1) IMAP or (2) POP3 sessions.
6095| [CVE-2010-3779] Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.beta2 grants the admin permission to the owner of each mailbox in a non-public namespace, which might allow remote authenticated users to bypass intended access restrictions by changing the ACL of a mailbox, as demonstrated by a symlinked shared mailbox.
6096| [CVE-2010-3707] plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving more specific entries that occur after less specific entries, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox.
6097| [CVE-2010-3706] plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving the private namespace of a user, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox.
6098| [CVE-2010-3304] The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly created mailboxes in certain configurations, which might allow remote attackers to read mailboxes that have unintended weak ACLs.
6099| [CVE-2010-0745] Unspecified vulnerability in Dovecot 1.2.x before 1.2.11 allows remote attackers to cause a denial of service (CPU consumption) via long headers in an e-mail message.
6100| [CVE-2010-0535] Dovecot in Apple Mac OS X 10.6 before 10.6.3, when Kerberos is enabled, does not properly enforce the service access control list (SACL) for sending and receiving e-mail, which allows remote authenticated users to bypass intended access restrictions via unspecified vectors.
6101| [CVE-2010-0433] The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before 0.9.8n, when Kerberos is enabled but Kerberos configuration files cannot be opened, does not check a certain return value, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via SSL cipher negotiation, as demonstrated by a chroot installation of Dovecot or stunnel without Kerberos configuration files inside the chroot.
6102| [CVE-2009-3897] Dovecot 1.2.x before 1.2.8 sets 0777 permissions during creation of certain directories at installation time, which allows local users to access arbitrary user accounts by replacing the auth socket, related to the parent directories of the base_dir directory, and possibly the base_dir directory itself.
6103| [CVE-2009-3235] Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632.
6104| [CVE-2009-2632] Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect use of the sizeof operator for determining buffer length, combined with an integer signedness error.
6105| [CVE-2008-5301] Directory traversal vulnerability in the ManageSieve implementation in Dovecot 1.0.15, 1.1, and 1.2 allows remote attackers to read and modify arbitrary .sieve files via a ".." (dot dot) in a script name.
6106| [CVE-2008-4907] The message parsing feature in Dovecot 1.1.4 and 1.1.5, when using the FETCH ENVELOPE command in the IMAP client, allows remote attackers to cause a denial of service (persistent crash) via an email with a malformed From address, which triggers an assertion error, aka "invalid message address parsing bug."
6107| [CVE-2008-4870] dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedora, uses world-readable permissions for dovecot.conf, which allows local users to obtain the ssl_key_password parameter value.
6108| [CVE-2008-4578] The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes.
6109| [CVE-2008-4577] The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions.
6110| [CVE-2008-1218] Argument injection vulnerability in Dovecot 1.0.x before 1.0.13, and 1.1.x before 1.1.rc3, when using blocking passdbs, allows remote attackers to bypass the password check via a password containing TAB characters, which are treated as argument delimiters that enable the skip_password_check field to be specified.
6111| [CVE-2008-1199] Dovecot before 1.0.11, when configured to use mail_extra_groups to allow Dovecot to create dotlocks in /var/mail, might allow local users to read sensitive mail files for other users, or modify files or directories that are writable by group, via a symlink attack.
6112| [CVE-2007-6598] Dovecot before 1.0.10, with certain configuration options including use of %variables, does not properly maintain the LDAP+auth cache, which might allow remote authenticated users to login as a different user who has the same password.
6113| [CVE-2007-5794] Race condition in nss_ldap, when used in applications that are linked against the pthread library and fork after a call to nss_ldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong mailboxes being returned, but other applications might also be affected.
6114| [CVE-2007-4211] The ACL plugin in Dovecot before 1.0.3 allows remote authenticated users with the insert right to save certain flags via a (1) COPY or (2) APPEND command.
6115| [CVE-2007-2231] Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot before 1.0.rc29, when using the zlib plugin, allows remote attackers to read arbitrary gzipped (.gz) mailboxes (mbox files) via a .. (dot dot) sequence in the mailbox name.
6116| [CVE-2007-2173] Eval injection vulnerability in (1) courier-imapd.indirect and (2) courier-pop3d.indirect in Courier-IMAP before 4.0.6-r2, and 4.1.x before 4.1.2-r1, on Gentoo Linux allows remote attackers to execute arbitrary commands via the XMAILDIR variable, related to the LOGINRUN variable.
6117| [CVE-2007-0618] Unspecified vulnerability in (1) pop3d, (2) pop3ds, (3) imapd, and (4) imapds in IBM AIX 5.3.0 has unspecified impact and attack vectors, involving an "authentication vulnerability."
6118| [CVE-2006-5973] Off-by-one buffer overflow in Dovecot 1.0test53 through 1.0.rc14, and possibly other versions, when index files are used and mmap_disable is set to "yes," allows remote authenticated IMAP or POP3 users to cause a denial of service (crash) via unspecified vectors involving the cache file.
6119| [CVE-2006-2502] Stack-based buffer overflow in pop3d in Cyrus IMAPD (cyrus-imapd) 2.3.2, when the popsubfolders option is enabled, allows remote attackers to execute arbitrary code via a long USER command.
6120| [CVE-2006-2414] Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command.
6121| [CVE-2006-0730] Multiple unspecified vulnerabilities in Dovecot before 1.0beta3 allow remote attackers to cause a denial of service (application crash or hang) via unspecified vectors involving (1) "potential hangs" in the APPEND command and "potential crashes" in (2) dovecot-auth and (3) imap/pop3-login. NOTE: vector 2 might be related to a double free vulnerability.
6122| [CVE-2002-0925] Format string vulnerability in mmsyslog function allows remote attackers to execute arbitrary code via (1) the USER command to mmpop3d for mmmail 0.0.13 and earlier, (2) the HELO command to mmsmtpd for mmmail 0.0.13 and earlier, or (3) the USER command to mmftpd 0.0.7 and earlier.
6123| [CVE-2001-0143] vpop3d program in linuxconf 1.23r and earlier allows local users to overwrite arbitrary files via a symlink attack.
6124| [CVE-2000-1197] POP2 or POP3 server (pop3d) in imap-uw IMAP package on FreeBSD and other operating systems creates lock files with predictable names, which allows local users to cause a denial of service (lack of mail access) for other users by creating lock files for other mail boxes.
6125| [CVE-1999-1445] Vulnerability in imapd and ipop3d in Slackware 3.4 and 3.3 with shadowing enabled, and possibly other operating systems, allows remote attackers to cause a core dump via a short sequence of USER and PASS commands that do not provide valid usernames or passwords.
6126|
6127| SecurityFocus - https://www.securityfocus.com/bid/:
6128| [103201] Dovecot CVE-2017-14461 Out-Of-Bounds Read Information Disclosure Vulnerability
6129| [97536] Dovecot CVE-2017-2669 Denial of Service Vulnerability
6130| [94639] Dovecot Auth Component CVE-2016-8652 Denial of Service Vulnerability
6131| [91175] Dovecot CVE-2016-4982 Local Information Disclosure Vulnerability
6132| [84736] Dovecot CVE-2008-4870 Local Security Vulnerability
6133| [74335] Dovecot 'ssl-proxy-openssl.c' Remote Denial of Service Vulnerability
6134| [67306] Dovecot Denial of Service Vulnerability
6135| [67219] akpop3d 'pszQuery' Remote Memory Corruption Vulnerability
6136| [63367] Dovecot Checkpassword Authentication Protocol Local Authentication Bypass Vulnerability
6137| [61763] RETIRED: Dovecot 'LIST' Command Denial of Service Vulnerability
6138| [60465] Exim for Dovecot 'use_shell' Remote Command Execution Vulnerability
6139| [60052] Dovecot 'APPEND' Parameter Denial of Service Vulnerability
6140| [56759] RETIRED: Dovecot 'mail-search.c' Denial of Service Vulnerability
6141| [50709] Dovecot SSL Certificate 'Common Name' Field Validation Security Bypass Vulnerability
6142| [48003] Dovecot 'script-login' Multiple Security Bypass Vulnerabilities
6143| [47930] Dovecot Header Name NULL Character Denial of Service Vulnerability
6144| [44874] Apple Mac OS X Dovecot (CVE-2010-4011) Memory Corruption Vulnerability
6145| [43690] Dovecot Access Control List (ACL) Multiple Remote Vulnerabilities
6146| [41964] Dovecot Access Control List (ACL) Plugin Security Bypass Weakness
6147| [39838] tpop3d Remote Denial of Service Vulnerability
6148| [39258] Dovecot Service Control Access List Security Bypass Vulnerability
6149| [37084] Dovecot Insecure 'base_dir' Permissions Local Privilege Escalation Vulnerability
6150| [36377] Dovecot Sieve Plugin Multiple Unspecified Buffer Overflow Vulnerabilities
6151| [32582] Dovecot ManageSieve Service '.sieve' Files Directory Traversal Vulnerability
6152| [31997] Dovecot Invalid Message Address Parsing Denial of Service Vulnerability
6153| [31587] Dovecot ACL Plugin Multiple Security Bypass Vulnerabilities
6154| [28181] Dovecot 'Tab' Character Password Check Security Bypass Vulnerability
6155| [28092] Dovecot 'mail_extra_groups' Insecure Settings Local Unauthorized Access Vulnerability
6156| [27093] Dovecot Authentication Cache Security Bypass Vulnerability
6157| [25182] Dovecot ACL Plugin Security Bypass Vulnerability
6158| [23552] Dovecot Zlib Plugin Remote Information Disclosure Vulnerability
6159| [22262] IBM AIX Pop3D/Pop3DS/IMapD/IMapDS Authentication Bypass Vulnerability
6160| [21183] Dovecot IMAP Server Mapped Pages Off-By-One Buffer Overflow Vulnerability
6161| [18056] Cyrus IMAPD POP3D Remote Buffer Overflow Vulnerability
6162| [17961] Dovecot Remote Information Disclosure Vulnerability
6163| [16672] Dovecot Double Free Denial of Service Vulnerability
6164| [8495] akpop3d User Name SQL Injection Vulnerability
6165| [8473] Vpop3d Remote Denial Of Service Vulnerability
6166| [3990] ZPop3D Bad Login Logging Failure Vulnerability
6167| [2781] DynFX MailServer POP3d Denial of Service Vulnerability
6168|
6169| IBM X-Force - https://exchange.xforce.ibmcloud.com:
6170| [86382] Dovecot POP3 Service denial of service
6171| [84396] Dovecot IMAP APPEND denial of service
6172| [80453] Dovecot mail-search.c denial of service
6173| [71354] Dovecot SSL Common Name (CN) weak security
6174| [67675] Dovecot script-login security bypass
6175| [67674] Dovecot script-login directory traversal
6176| [67589] Dovecot header name denial of service
6177| [63267] Apple Mac OS X Dovecot information disclosure
6178| [62340] Dovecot mailbox security bypass
6179| [62339] Dovecot IMAP or POP3 denial of service
6180| [62256] Dovecot mailbox security bypass
6181| [62255] Dovecot ACL entry security bypass
6182| [60639] Dovecot ACL plugin weak security
6183| [57267] Apple Mac OS X Dovecot Kerberos security bypass
6184| [56763] Dovecot header denial of service
6185| [54363] Dovecot base_dir privilege escalation
6186| [53248] CMU Sieve plugin for Dovecot unspecified buffer overflow
6187| [46323] Dovecot dovecot.conf information disclosure
6188| [46227] Dovecot message parsing denial of service
6189| [45669] Dovecot ACL mailbox security bypass
6190| [45667] Dovecot ACL plugin rights security bypass
6191| [41085] Dovecot TAB characters authentication bypass
6192| [41009] Dovecot mail_extra_groups option unauthorized access
6193| [39342] Dovecot LDAP auth cache configuration security bypass
6194| [35767] Dovecot ACL plugin security bypass
6195| [34082] Dovecot mbox-storage.c directory traversal
6196| [30433] Dovecot IMAP/POP3 server dovecot.index.cache buffer overflow
6197| [26578] Cyrus IMAP pop3d buffer overflow
6198| [26536] Dovecot IMAP LIST information disclosure
6199| [24710] Dovecot dovecot-auth and imap/pop3-login denial of service
6200| [24709] Dovecot APPEND command denial of service
6201| [13018] akpop3d authentication code SQL injection
6202| [7345] Slackware Linux imapd and ipop3d core dump
6203| [6269] imap, ipop2d and ipop3d buffer overflows
6204| [5923] Linuxconf vpop3d symbolic link
6205| [4918] IPOP3D, Buffer overflow attack
6206| [1560] IPOP3D, user login successful
6207| [1559] IPOP3D user login to remote host successful
6208| [1525] IPOP3D, user logout
6209| [1524] IPOP3D, user auto-logout
6210| [1523] IPOP3D, user login failure
6211| [1522] IPOP3D, brute force attack
6212| [1521] IPOP3D, user kiss of death logout
6213| [418] pop3d mktemp creates insecure temporary files
6214|
6215| Exploit-DB - https://www.exploit-db.com:
6216| [25297] Dovecot with Exim sender_address Parameter - Remote Command Execution
6217| [23053] Vpop3d Remote Denial of Service Vulnerability
6218| [16836] Cyrus IMAPD pop3d popsubfolders USER Buffer Overflow
6219| [11893] tPop3d 1.5.3 DoS
6220| [5257] Dovecot IMAP 1.0.10 <= 1.1rc2 - Remote Email Disclosure Exploit
6221| [2185] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (3)
6222| [2053] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (2)
6223| [1813] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit
6224|
6225| OpenVAS (Nessus) - http://www.openvas.org:
6226| [901026] Dovecot Sieve Plugin Multiple Buffer Overflow Vulnerabilities
6227| [901025] Dovecot Version Detection
6228| [881402] CentOS Update for dovecot CESA-2011:1187 centos5 x86_64
6229| [881358] CentOS Update for dovecot CESA-2011:1187 centos4 x86_64
6230| [880980] CentOS Update for dovecot CESA-2011:1187 centos5 i386
6231| [880967] CentOS Update for dovecot CESA-2011:1187 centos4 i386
6232| [870607] RedHat Update for dovecot RHSA-2011:0600-01
6233| [870471] RedHat Update for dovecot RHSA-2011:1187-01
6234| [870153] RedHat Update for dovecot RHSA-2008:0297-02
6235| [863272] Fedora Update for dovecot FEDORA-2011-7612
6236| [863115] Fedora Update for dovecot FEDORA-2011-7258
6237| [861525] Fedora Update for dovecot FEDORA-2007-664
6238| [861394] Fedora Update for dovecot FEDORA-2007-493
6239| [861333] Fedora Update for dovecot FEDORA-2007-1485
6240| [860845] Fedora Update for dovecot FEDORA-2008-9202
6241| [860663] Fedora Update for dovecot FEDORA-2008-2475
6242| [860169] Fedora Update for dovecot FEDORA-2008-2464
6243| [860089] Fedora Update for dovecot FEDORA-2008-9232
6244| [840950] Ubuntu Update for dovecot USN-1295-1
6245| [840668] Ubuntu Update for dovecot USN-1143-1
6246| [840583] Ubuntu Update for dovecot vulnerabilities USN-1059-1
6247| [840335] Ubuntu Update for dovecot vulnerabilities USN-593-1
6248| [840290] Ubuntu Update for dovecot vulnerability USN-567-1
6249| [840234] Ubuntu Update for dovecot vulnerability USN-666-1
6250| [840072] Ubuntu Update for dovecot vulnerability USN-487-1
6251| [831405] Mandriva Update for dovecot MDVSA-2011:101 (dovecot)
6252| [831230] Mandriva Update for dovecot MDVSA-2010:217 (dovecot)
6253| [831197] Mandriva Update for dovecot MDVSA-2010:196 (dovecot)
6254| [831054] Mandriva Update for dovecot MDVSA-2010:104 (dovecot)
6255| [830496] Mandriva Update for dovecot MDVSA-2008:232 (dovecot)
6256| [801055] Dovecot 'base_dir' Insecure Permissions Security Bypass Vulnerability
6257| [800030] Dovecot ACL Plugin Security Bypass Vulnerabilities
6258| [70767] Gentoo Security Advisory GLSA 201110-04 (Dovecot)
6259| [70259] FreeBSD Ports: dovecot
6260| [69959] Debian Security Advisory DSA 2252-1 (dovecot)
6261| [66522] FreeBSD Ports: dovecot
6262| [65010] Ubuntu USN-838-1 (dovecot)
6263| [64978] Debian Security Advisory DSA 1892-1 (dovecot)
6264| [64953] Mandrake Security Advisory MDVSA-2009:242-1 (dovecot)
6265| [64952] Mandrake Security Advisory MDVSA-2009:242 (dovecot)
6266| [64861] Fedora Core 10 FEDORA-2009-9559 (dovecot)
6267| [62965] Gentoo Security Advisory GLSA 200812-16 (dovecot)
6268| [62854] FreeBSD Ports: dovecot-managesieve
6269| [61916] FreeBSD Ports: dovecot
6270| [60588] Gentoo Security Advisory GLSA 200803-25 (dovecot)
6271| [60568] Debian Security Advisory DSA 1516-1 (dovecot)
6272| [60528] FreeBSD Ports: dovecot
6273| [60134] Debian Security Advisory DSA 1457-1 (dovecot)
6274| [60089] FreeBSD Ports: dovecot
6275| [58578] Debian Security Advisory DSA 1359-1 (dovecot)
6276| [56834] Debian Security Advisory DSA 1080-1 (dovecot)
6277|
6278| SecurityTracker - https://www.securitytracker.com:
6279| [1028585] Dovecot APPEND Parameter Processing Flaw Lets Remote Authenticated Users Deny Service
6280| [1024740] Mac OS X Server Dovecot Memory Aliasing Bug May Cause Mail to Be Delivered to the Wrong User
6281| [1017288] Dovecot POP3/IMAP Cache File Buffer Overflow May Let Remote Users Execute Arbitrary Code
6282|
6283| OSVDB - http://www.osvdb.org:
6284| [96172] Dovecot POP3 Service Terminated LIST Command Remote DoS
6285| [93525] Dovecot IMAP APPEND Command Malformed Parameter Parsing Remote DoS
6286| [93004] Dovecot with Exim sender_address Parameter Remote Command Execution
6287| [88058] Dovecot lib-storage/mail-search.c Multiple Keyword Search Handling Remote DoS
6288| [77185] Dovecot SSL Certificate Common Name Field MitM Spoofing Weakness
6289| [74515] Dovecot script-login chroot Configuration Setting Traversal Arbitrary File Access
6290| [74514] Dovecot script-login User / Group Configuration Settings Remote Access Restriction Bypass
6291| [72495] Dovecot lib-mail/message-header-parser.c Mail Header Name NULL Character Handling Remote DoS
6292| [69260] Apple Mac OS X Server Dovecot Memory Aliasing Mail Delivery Issue
6293| [68516] Dovecot plugins/acl/acl-backend-vfile.c ACL Permission Addition User Private Namespace Mailbox Access Restriction Remote Bypass
6294| [68515] Dovecot plugins/acl/acl-backend-vfile.c ACL Permission Addition Specific Entry Order Mailbox Access Restriction Remote Bypass
6295| [68513] Dovecot Non-public Namespace Mailbox ACL Manipulation Access Restriction Remote Bypass
6296| [68512] Dovecot IMAP / POP3 Session Disconnect Master Process Outage Remote DoS
6297| [66625] Dovecot ACL Plugin INBOX ACL Copying Weakness Restriction Bypass
6298| [66113] Dovecot Mail Root Directory Creation Permission Weakness
6299| [66112] Dovecot Installation base_dir Parent Directory Permission Weakness
6300| [66111] Dovecot SEARCH Functionality str_find_init() Function Overflow
6301| [66110] Dovecot Multiple Unspecified Buffer Overflows
6302| [66108] Dovecot Malformed Message Body Processing Unspecified Functions Remote DoS
6303| [64783] Dovecot E-mail Message Header Unspecified DoS
6304| [63372] Apple Mac OS X Dovecot Kerberos Authentication SACL Restriction Bypass
6305| [62796] Dovecot mbox Format Email Header Handling DoS
6306| [60316] Dovecot base_dir Directory Permission Weakness Local Privilege Escalation
6307| [58103] Dovecot CMU Sieve Plugin Script Handling Multiple Overflows
6308| [50253] Dovecot dovecot.conf Permission Weakness Local ssl_key_password Parameter Disclosure
6309| [49918] Dovecot ManageSieve Script Name Handling Traversal Arbitrary File Manipulation
6310| [49429] Dovecot Message Parsing Feature Crafted Email Header Handling Remote DoS
6311| [49099] Dovecot ACL Plugin k Right Mailbox Creation Restriction Bypass
6312| [49098] Dovecot ACL Plugin Negative Access Rights Bypass
6313| [43137] Dovecot mail_extra_groups Symlink File Manipulation
6314| [42979] Dovecot passdbs Argument Injection Authentication Bypass
6315| [39876] Dovecot LDAP Auth Cache Security Bypass
6316| [39386] Dovecot ACL Plugin Insert Right APPEND / COPY Command Unauthorized Flag Manipulation
6317| [35489] Dovecot index/mbox/mbox-storage.c Traversal Arbitrary Gzip File Access
6318| [30524] Dovecot IMAP/POP3 Server dovecot.index.cache Handling Overflow
6319| [25853] Cyrus IMAPD pop3d USER Command Remote Overflow
6320| [25727] Dovecot Multiple Command Traversal Arbitrary Directory Listing
6321| [23281] Dovecot imap/pop3-login dovecot-auth DoS
6322| [23280] Dovecot Malformed APPEND Command DoS
6323| [14459] mmmail mmpop3d USER Command mmsyslog Function Format String
6324| [12033] Slackware Linux imapd/ipop3d Malformed USER/PASS Sequence DoS
6325| [5857] Linux pop3d Arbitrary Mail File Access
6326| [2471] akpop3d username SQL Injection
6327|_
6328143/tcp open imap Dovecot imapd
6329| vulscan: VulDB - https://vuldb.com:
6330| [139289] cPanel up to 68.0.14 dovecot-xaps-plugin Format privilege escalation
6331| [134480] Dovecot up to 2.3.5.2 Submission-Login Crash denial of service
6332| [134479] Dovecot up to 2.3.5.2 IMAP Server Crash denial of service
6333| [134024] Dovecot up to 2.3.5.1 JSON Encoder Username Crash denial of service
6334| [132543] Dovecot up to 2.2.36.0/2.3.4.0 Certificate Impersonation weak authentication
6335| [119762] Dovecot up to 2.2.28 dict Authentication var_expand() denial of service
6336| [114012] Dovecot up to 2.2.33 TLS SNI Restart denial of service
6337| [114009] Dovecot SMTP Delivery Email Message Out-of-Bounds memory corruption
6338| [112447] Dovecot up to 2.2.33/2.3.0 SASL Auth Memory Leak denial of service
6339| [106837] Dovecot up to 2.2.16 ssl-proxy-openssl.c ssl-proxy-opensslc denial of service
6340| [97052] Dovecot up to 2.2.26 auth-policy Unset Crash denial of service
6341| [69835] Dovecot 2.2.0/2.2.1 denial of service
6342| [13348] Dovecot up to 1.2.15/2.1.15 IMAP4/POP3 SSL/TLS Handshake denial of service
6343| [65684] Dovecot up to 2.2.6 unknown vulnerability
6344| [9807] Dovecot up to 1.2.7 on Exim Input Sanitizer privilege escalation
6345| [63692] Dovecot up to 2.0.15 spoofing
6346| [7062] Dovecot 2.1.10 mail-search.c denial of service
6347| [59792] Cyrus IMAPd 2.4.11 weak authentication
6348| [57517] Dovecot up to 2.0.12 Login directory traversal
6349| [57516] Dovecot up to 2.0.12 Access Restriction directory traversal
6350| [57515] Dovecot up to 2.0.12 Crash denial of service
6351| [54944] Dovecot up to 1.2.14 denial of service
6352| [54943] Dovecot up to 1.2.14 Access Restriction Symlink privilege escalation
6353| [54942] Dovecot up to 2.0.4 Access Restriction denial of service
6354| [54941] Dovecot up to 2.0.4 Access Restriction unknown vulnerability
6355| [54840] Dovecot up to 1.2.12 AGate unknown vulnerability
6356| [53277] Dovecot up to 1.2.10 denial of service
6357| [50082] Dovecot up to 1.1.6 Stack-based memory corruption
6358| [45256] Dovecot up to 1.1.5 directory traversal
6359| [44846] Dovecot 1.1.4/1.1.5 IMAP Client Crash denial of service
6360| [44546] Dovecot up to 1.0.x Access Restriction unknown vulnerability
6361| [44545] Dovecot up to 1.0.x Access Restriction unknown vulnerability
6362| [41430] Dovecot 1.0.12/1.1 Locking unknown vulnerability
6363| [40356] Dovecot 1.0.9 Cache unknown vulnerability
6364| [38222] Dovecot 1.0.2 directory traversal
6365| [37927] Ipswitch Ipswitch Collaboration Suite up to 2006.1 IMAP Service imapd32.exe memory corruption
6366| [36376] Dovecot up to 1.0.x directory traversal
6367| [35759] Atrium MERCUR IMAPD IMAP4 mcrimap4.exe memory corruption
6368| [33332] Timo Sirainen Dovecot up to 1.0test53 Off-By-One memory corruption
6369|
6370| MITRE CVE - https://cve.mitre.org:
6371| [CVE-2009-2632] Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect use of the sizeof operator for determining buffer length, combined with an integer signedness error.
6372| [CVE-2011-4318] Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate for a different hostname.
6373| [CVE-2011-3481] The index_get_ids function in index.c in imapd in Cyrus IMAP Server before 2.4.11, when server-side threading is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted References header in an e-mail message.
6374| [CVE-2011-3372] imap/nntpd.c in the NNTP server (nntpd) for Cyrus IMAPd 2.4.x before 2.4.12 allows remote attackers to bypass authentication by sending an AUTHINFO USER command without sending an additional AUTHINFO PASS command.
6375| [CVE-2011-2167] script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script.
6376| [CVE-2011-2166] script-login in Dovecot 2.0.x before 2.0.13 does not follow the user and group configuration settings, which might allow remote authenticated users to bypass intended access restrictions by leveraging a script.
6377| [CVE-2011-1929] lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' characters in header names, which allows remote attackers to cause a denial of service (daemon crash or mailbox corruption) via a crafted e-mail message.
6378| [CVE-2010-4011] Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage memory for user names, which allows remote authenticated users to read the private e-mail of other persons in opportunistic circumstances via standard e-mail clients accessing a user's own mailbox, related to a "memory aliasing issue."
6379| [CVE-2010-3780] Dovecot 1.2.x before 1.2.15 allows remote authenticated users to cause a denial of service (master process outage) by simultaneously disconnecting many (1) IMAP or (2) POP3 sessions.
6380| [CVE-2010-3779] Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.beta2 grants the admin permission to the owner of each mailbox in a non-public namespace, which might allow remote authenticated users to bypass intended access restrictions by changing the ACL of a mailbox, as demonstrated by a symlinked shared mailbox.
6381| [CVE-2010-3707] plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving more specific entries that occur after less specific entries, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox.
6382| [CVE-2010-3706] plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving the private namespace of a user, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox.
6383| [CVE-2010-3304] The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly created mailboxes in certain configurations, which might allow remote attackers to read mailboxes that have unintended weak ACLs.
6384| [CVE-2010-0745] Unspecified vulnerability in Dovecot 1.2.x before 1.2.11 allows remote attackers to cause a denial of service (CPU consumption) via long headers in an e-mail message.
6385| [CVE-2010-0535] Dovecot in Apple Mac OS X 10.6 before 10.6.3, when Kerberos is enabled, does not properly enforce the service access control list (SACL) for sending and receiving e-mail, which allows remote authenticated users to bypass intended access restrictions via unspecified vectors.
6386| [CVE-2010-0433] The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before 0.9.8n, when Kerberos is enabled but Kerberos configuration files cannot be opened, does not check a certain return value, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via SSL cipher negotiation, as demonstrated by a chroot installation of Dovecot or stunnel without Kerberos configuration files inside the chroot.
6387| [CVE-2009-3897] Dovecot 1.2.x before 1.2.8 sets 0777 permissions during creation of certain directories at installation time, which allows local users to access arbitrary user accounts by replacing the auth socket, related to the parent directories of the base_dir directory, and possibly the base_dir directory itself.
6388| [CVE-2009-3235] Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632.
6389| [CVE-2008-5301] Directory traversal vulnerability in the ManageSieve implementation in Dovecot 1.0.15, 1.1, and 1.2 allows remote attackers to read and modify arbitrary .sieve files via a ".." (dot dot) in a script name.
6390| [CVE-2008-4907] The message parsing feature in Dovecot 1.1.4 and 1.1.5, when using the FETCH ENVELOPE command in the IMAP client, allows remote attackers to cause a denial of service (persistent crash) via an email with a malformed From address, which triggers an assertion error, aka "invalid message address parsing bug."
6391| [CVE-2008-4870] dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedora, uses world-readable permissions for dovecot.conf, which allows local users to obtain the ssl_key_password parameter value.
6392| [CVE-2008-4578] The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes.
6393| [CVE-2008-4577] The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions.
6394| [CVE-2008-1218] Argument injection vulnerability in Dovecot 1.0.x before 1.0.13, and 1.1.x before 1.1.rc3, when using blocking passdbs, allows remote attackers to bypass the password check via a password containing TAB characters, which are treated as argument delimiters that enable the skip_password_check field to be specified.
6395| [CVE-2008-1199] Dovecot before 1.0.11, when configured to use mail_extra_groups to allow Dovecot to create dotlocks in /var/mail, might allow local users to read sensitive mail files for other users, or modify files or directories that are writable by group, via a symlink attack.
6396| [CVE-2007-6598] Dovecot before 1.0.10, with certain configuration options including use of %variables, does not properly maintain the LDAP+auth cache, which might allow remote authenticated users to login as a different user who has the same password.
6397| [CVE-2007-5794] Race condition in nss_ldap, when used in applications that are linked against the pthread library and fork after a call to nss_ldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong mailboxes being returned, but other applications might also be affected.
6398| [CVE-2007-5740] The format string protection mechanism in IMAPD for Perdition Mail Retrieval Proxy 1.17 and earlier allows remote attackers to execute arbitrary code via an IMAP tag with a null byte followed by a format string specifier, which is not counted by the mechanism.
6399| [CVE-2007-5018] Stack-based buffer overflow in IMAPD in Mercury/32 4.52 allows remote authenticated users to execute arbitrary code via a long argument in a SEARCH ON command. NOTE: this issue might overlap with CVE-2004-1211.
6400| [CVE-2007-4211] The ACL plugin in Dovecot before 1.0.3 allows remote authenticated users with the insert right to save certain flags via a (1) COPY or (2) APPEND command.
6401| [CVE-2007-3925] Multiple buffer overflows in the IMAP service (imapd32.exe) in Ipswitch IMail Server 2006 before 2006.21 allow remote authenticated users to execute arbitrary code via the (1) Search or (2) Search Charset command.
6402| [CVE-2007-2231] Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot before 1.0.rc29, when using the zlib plugin, allows remote attackers to read arbitrary gzipped (.gz) mailboxes (mbox files) via a .. (dot dot) sequence in the mailbox name.
6403| [CVE-2007-2173] Eval injection vulnerability in (1) courier-imapd.indirect and (2) courier-pop3d.indirect in Courier-IMAP before 4.0.6-r2, and 4.1.x before 4.1.2-r1, on Gentoo Linux allows remote attackers to execute arbitrary commands via the XMAILDIR variable, related to the LOGINRUN variable.
6404| [CVE-2007-1579] Stack-based buffer overflow in Atrium MERCUR IMAPD allows remote attackers to have an unknown impact via a certain SUBSCRIBE command.
6405| [CVE-2007-1578] Multiple integer signedness errors in the NTLM implementation in Atrium MERCUR IMAPD (mcrimap4.exe) 5.00.14, with SP4, allow remote attackers to execute arbitrary code via a long NTLMSSP argument that triggers a stack-based buffer overflow.
6406| [CVE-2007-0618] Unspecified vulnerability in (1) pop3d, (2) pop3ds, (3) imapd, and (4) imapds in IBM AIX 5.3.0 has unspecified impact and attack vectors, involving an "authentication vulnerability."
6407| [CVE-2006-6762] The IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to cause a denial of service via an APPEND command with a single "(" (parenthesis) in the argument.
6408| [CVE-2006-6761] Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via a long argument to the SUBSCRIBE command.
6409| [CVE-2006-6425] Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via unspecified vectors involving the APPEND command.
6410| [CVE-2006-6424] Multiple buffer overflows in Novell NetMail before 3.52e FTF2 allow remote attackers to execute arbitrary code (1) by appending literals to certain IMAP verbs when specifying command continuation requests to IMAPD, resulting in a heap overflow
6411| [CVE-2006-5973] Off-by-one buffer overflow in Dovecot 1.0test53 through 1.0.rc14, and possibly other versions, when index files are used and mmap_disable is set to "yes," allows remote authenticated IMAP or POP3 users to cause a denial of service (crash) via unspecified vectors involving the cache file.
6412| [CVE-2006-2502] Stack-based buffer overflow in pop3d in Cyrus IMAPD (cyrus-imapd) 2.3.2, when the popsubfolders option is enabled, allows remote attackers to execute arbitrary code via a long USER command.
6413| [CVE-2006-2414] Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command.
6414| [CVE-2006-0730] Multiple unspecified vulnerabilities in Dovecot before 1.0beta3 allow remote attackers to cause a denial of service (application crash or hang) via unspecified vectors involving (1) "potential hangs" in the APPEND command and "potential crashes" in (2) dovecot-auth and (3) imap/pop3-login. NOTE: vector 2 might be related to a double free vulnerability.
6415| [CVE-2005-2278] Stack-based buffer overflow in the IMAP daemon (imapd) in MailEnable Professional 1.54 allows remote authenticated users to execute arbitrary code via the status command with a long mailbox name.
6416| [CVE-2005-1256] Stack-based buffer overflow in the IMAP daemon (IMAPD32.EXE) in IMail 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to execute arbitrary code via a STATUS command with a long mailbox name.
6417| [CVE-2005-1249] The IMAP daemon (IMAPD32.EXE) in Ipswitch Collaboration Suite (ICS) allows remote attackers to cause a denial of service (CPU consumption) via an LSUB command with a large number of null characters, which causes an infinite loop.
6418| [CVE-2005-1015] Buffer overflow in MailEnable Imapd (MEIMAP.exe) allows remote attackers to execute arbitrary code via a long LOGIN command.
6419| [CVE-2005-0546] Multiple buffer overflows in Cyrus IMAPd before 2.2.11 may allow attackers to execute arbitrary code via (1) an off-by-one error in the imapd annotate extension, (2) an off-by-one error in "cached header handling," (3) a stack-based buffer overflow in fetchnews, or (4) a stack-based buffer overflow in imapd.
6420| [CVE-2003-1322] Multiple stack-based buffer overflows in Atrium MERCUR IMAPD in MERCUR Mailserver before 4.2.15.0 allow remote attackers to execute arbitrary code via a long (1) EXAMINE, (2) DELETE, (3) SUBSCRIBE, (4) RENAME, (5) UNSUBSCRIBE, (6) LIST, (7) LSUB, (8) STATUS, (9) LOGIN, (10) CREATE, or (11) SELECT command.
6421| [CVE-2002-1782] The default configuration of University of Washington IMAP daemon (wu-imapd), when running on a system that does not allow shell access, allows a local user with a valid IMAP account to read arbitrary files as that user.
6422| [CVE-2002-1604] Multiple buffer overflows in HP Tru64 UNIX allow local and possibly remote attackers to execute arbitrary code via a long NLSPATH environment variable to (1) csh, (2) dtsession, (3) dxsysinfo, (4) imapd, (5) inc, (6) uucp, (7) uux, (8) rdist, or (9) deliver.
6423| [CVE-2002-0997] Buffer overflows in IMAP Agent (imapd) for Novell NetMail (NIMS) 3.0.3 before 3.0.3A allows remote attackers to cause a denial of service.
6424| [CVE-2002-0379] Buffer overflow in University of Washington imap server (uw-imapd) imap-2001 (imapd 2001.315) and imap-2001a (imapd 2001.315) with legacy RFC 1730 support, and imapd 2000.287 and earlier, allows remote authenticated users to execute arbitrary code via a long BODY request.
6425| [CVE-2001-0691] Buffer overflows in Washington University imapd 2000a through 2000c could allow local users without shell access to execute code as themselves in certain configurations.
6426| [CVE-2000-0284] Buffer overflow in University of Washington imapd version 4.7 allows users with a valid account to execute commands via LIST or other commands.
6427| [CVE-1999-1557] Buffer overflow in the login functions in IMAP server (imapd) in Ipswitch IMail 5.0 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long user name or (2) a long password.
6428| [CVE-1999-1445] Vulnerability in imapd and ipop3d in Slackware 3.4 and 3.3 with shadowing enabled, and possibly other operating systems, allows remote attackers to cause a core dump via a short sequence of USER and PASS commands that do not provide valid usernames or passwords.
6429| [CVE-1999-1224] IMAP 4.1 BETA, and possibly other versions, does not properly handle the SIGABRT (abort) signal, which allows local users to crash the server (imapd) via certain sequences of commands, which causes a core dump that may contain sensitive password information.
6430|
6431| SecurityFocus - https://www.securityfocus.com/bid/:
6432| [103201] Dovecot CVE-2017-14461 Out-Of-Bounds Read Information Disclosure Vulnerability
6433| [97536] Dovecot CVE-2017-2669 Denial of Service Vulnerability
6434| [94639] Dovecot Auth Component CVE-2016-8652 Denial of Service Vulnerability
6435| [91175] Dovecot CVE-2016-4982 Local Information Disclosure Vulnerability
6436| [84736] Dovecot CVE-2008-4870 Local Security Vulnerability
6437| [84478] imapd CVE-1999-1224 Denial-Of-Service Vulnerability
6438| [74335] Dovecot 'ssl-proxy-openssl.c' Remote Denial of Service Vulnerability
6439| [67306] Dovecot Denial of Service Vulnerability
6440| [65650] Eudora WorldMail imapd 'UID' Command Buffer Overflow Vulnerability
6441| [63367] Dovecot Checkpassword Authentication Protocol Local Authentication Bypass Vulnerability
6442| [61763] RETIRED: Dovecot 'LIST' Command Denial of Service Vulnerability
6443| [60465] Exim for Dovecot 'use_shell' Remote Command Execution Vulnerability
6444| [60052] Dovecot 'APPEND' Parameter Denial of Service Vulnerability
6445| [56759] RETIRED: Dovecot 'mail-search.c' Denial of Service Vulnerability
6446| [51403] Eudora WorldMail imapd 'LIST' Command Buffer Overflow Vulnerability
6447| [50709] Dovecot SSL Certificate 'Common Name' Field Validation Security Bypass Vulnerability
6448| [49949] Cyrus IMAPd NTTP Logic Error Authentication Bypass Vulnerability
6449| [48003] Dovecot 'script-login' Multiple Security Bypass Vulnerabilities
6450| [47930] Dovecot Header Name NULL Character Denial of Service Vulnerability
6451| [44874] Apple Mac OS X Dovecot (CVE-2010-4011) Memory Corruption Vulnerability
6452| [43690] Dovecot Access Control List (ACL) Multiple Remote Vulnerabilities
6453| [41964] Dovecot Access Control List (ACL) Plugin Security Bypass Weakness
6454| [39258] Dovecot Service Control Access List Security Bypass Vulnerability
6455| [37084] Dovecot Insecure 'base_dir' Permissions Local Privilege Escalation Vulnerability
6456| [36377] Dovecot Sieve Plugin Multiple Unspecified Buffer Overflow Vulnerabilities
6457| [32582] Dovecot ManageSieve Service '.sieve' Files Directory Traversal Vulnerability
6458| [31997] Dovecot Invalid Message Address Parsing Denial of Service Vulnerability
6459| [31587] Dovecot ACL Plugin Multiple Security Bypass Vulnerabilities
6460| [28181] Dovecot 'Tab' Character Password Check Security Bypass Vulnerability
6461| [28092] Dovecot 'mail_extra_groups' Insecure Settings Local Unauthorized Access Vulnerability
6462| [27093] Dovecot Authentication Cache Security Bypass Vulnerability
6463| [26270] Perdition IMAPD __STR_VWRITE Remote Format String Vulnerability
6464| [25733] Mercury/32 IMAPD SEARCH Command Remote Stack Buffer Overflow Vulnerability
6465| [25182] Dovecot ACL Plugin Security Bypass Vulnerability
6466| [23552] Dovecot Zlib Plugin Remote Information Disclosure Vulnerability
6467| [23058] Atrium Mercur IMapD NTLM Buffer Overflow Vulnerability
6468| [22262] IBM AIX Pop3D/Pop3DS/IMapD/IMapDS Authentication Bypass Vulnerability
6469| [21183] Dovecot IMAP Server Mapped Pages Off-By-One Buffer Overflow Vulnerability
6470| [18056] Cyrus IMAPD POP3D Remote Buffer Overflow Vulnerability
6471| [17961] Dovecot Remote Information Disclosure Vulnerability
6472| [16672] Dovecot Double Free Denial of Service Vulnerability
6473| [15980] Qualcomm WorldMail IMAPD Buffer Overflow Vulnerability
6474| [15753] Ipswitch Collaboration Suite and IMail Server IMAPD LIST Command Denial Of Service Vulnerability
6475| [12636] Cyrus IMAPD Multiple Remote Buffer Overflow Vulnerabilities
6476| [11738] Cyrus IMAPD Multiple Remote Unspecified Vulnerabilities
6477| [11729] Cyrus IMAPD Multiple Remote Vulnerabilities
6478| [6298] Cyrus IMAPD Pre-Login Heap Corruption Vulnerability
6479| [4713] Wu-imapd Partial Mailbox Attribute Remote Buffer Overflow Vulnerability
6480| [2856] Imapd 'Local' Buffer Overflow Vulnerabilities
6481| [1110] Univ. Of Washington imapd Buffer Overflow Vulnerabilities
6482| [502] NT IMail Imapd Buffer Overflow DoS Vulnerability
6483| [130] imapd Buffer Overflow Vulnerability
6484|
6485| IBM X-Force - https://exchange.xforce.ibmcloud.com:
6486| [86382] Dovecot POP3 Service denial of service
6487| [84396] Dovecot IMAP APPEND denial of service
6488| [80453] Dovecot mail-search.c denial of service
6489| [71354] Dovecot SSL Common Name (CN) weak security
6490| [70325] Cyrus IMAPd NNTP security bypass
6491| [67675] Dovecot script-login security bypass
6492| [67674] Dovecot script-login directory traversal
6493| [67589] Dovecot header name denial of service
6494| [63267] Apple Mac OS X Dovecot information disclosure
6495| [62340] Dovecot mailbox security bypass
6496| [62339] Dovecot IMAP or POP3 denial of service
6497| [62256] Dovecot mailbox security bypass
6498| [62255] Dovecot ACL entry security bypass
6499| [60639] Dovecot ACL plugin weak security
6500| [57267] Apple Mac OS X Dovecot Kerberos security bypass
6501| [56763] Dovecot header denial of service
6502| [54363] Dovecot base_dir privilege escalation
6503| [53248] CMU Sieve plugin for Dovecot unspecified buffer overflow
6504| [47526] UW-imapd rfc822_output_char() denial of service
6505| [46323] Dovecot dovecot.conf information disclosure
6506| [46227] Dovecot message parsing denial of service
6507| [45669] Dovecot ACL mailbox security bypass
6508| [45667] Dovecot ACL plugin rights security bypass
6509| [41085] Dovecot TAB characters authentication bypass
6510| [41009] Dovecot mail_extra_groups option unauthorized access
6511| [39342] Dovecot LDAP auth cache configuration security bypass
6512| [35767] Dovecot ACL plugin security bypass
6513| [34082] Dovecot mbox-storage.c directory traversal
6514| [30433] Dovecot IMAP/POP3 server dovecot.index.cache buffer overflow
6515| [26536] Dovecot IMAP LIST information disclosure
6516| [24710] Dovecot dovecot-auth and imap/pop3-login denial of service
6517| [24709] Dovecot APPEND command denial of service
6518| [22629] RHSA-2005:408 updates for cyrus-imapd not installed
6519| [19460] Cyrus IMAP imapd buffer overflow
6520| [19455] Cyrus IMAP imapd extension off-by-one buffer overflow
6521| [18492] Novell NetMail IMAPD 101_mEna buffer overflow
6522| [10803] UW IMAP (wu-imapd) authenticated user buffer overflow
6523| [9238] UW IMAP (wu-imapd) could allow a remote attacker to access arbitrary files
6524| [9055] UW IMAP (wu-imapd) partial mailbox attributes to request buffer overflow
6525| [7345] Slackware Linux imapd and ipop3d core dump
6526| [573] Imapd denial of service
6527|
6528| Exploit-DB - https://www.exploit-db.com:
6529| [30724] Perdition 1.17 IMAPD __STR_VWRITE Remote Format String Vulnerability
6530| [25297] Dovecot with Exim sender_address Parameter - Remote Command Execution
6531| [22061] Cyrus IMAPD 1.4/1.5.19/2.0.12/2.0.16/2.1.9/2.1.10 Pre-Login Heap Corruption Vulnerability
6532| [21443] Wu-imapd 2000/2001 Partial Mailbox Attribute Remote Buffer Overflow Vulnerability (2)
6533| [21442] Wu-imapd 2000/2001 Partial Mailbox Attribute Remote Buffer Overflow Vulnerability (1)
6534| [19849] UoW imapd 10.234/12.264 COPY Buffer Overflow (meta)
6535| [19848] UoW imapd 10.234/12.264 LSUB Buffer Overflow (meta)
6536| [19847] UoW imapd 10.234/12.264 Buffer Overflow Vulnerabilities
6537| [19377] Ipswitch IMail 5.0 Imapd Buffer Overflow DoS Vulnerability
6538| [19107] Netscape Messaging Server 3.55,University of Washington imapd 10.234 Buffer Overflow Vulnerability
6539| [18354] WorldMail imapd 3.0 SEH overflow (egg hunter)
6540| [16836] Cyrus IMAPD pop3d popsubfolders USER Buffer Overflow
6541| [16485] MailEnable IMAPD 1.54 - STATUS Request Buffer Overflow
6542| [16482] MDaemon 9.6.4 IMAPD FETCH Buffer Overflow
6543| [16480] MailEnable IMAPD W3C Logging Buffer Overflow
6544| [16477] Mdaemon 8.0.3 IMAPD CRAM-MD5 Authentication Overflow
6545| [16475] MailEnable IMAPD (2.35) Login Request Buffer Overflow
6546| [16474] Qualcomm WorldMail 3.0 IMAPD LIST Buffer Overflow
6547| [5257] Dovecot IMAP 1.0.10 <= 1.1rc2 - Remote Email Disclosure Exploit
6548| [4429] Mercury/32 4.52 IMAPD SEARCH command Post-Auth Overflow Exploit
6549| [3627] IPSwitch IMail Server <= 8.20 IMAPD Remote Buffer Overflow Exploit
6550| [3527] Mercur IMAPD 5.00.14 Remote Denial of Service Exploit (win32)
6551| [2185] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (3)
6552| [2053] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (2)
6553| [1813] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit
6554| [1380] Eudora Qualcomm WorldMail 3.0 (IMAPd) Remote Overflow Exploit
6555| [1332] MailEnable 1.54 Pro Universal IMAPD W3C Logging BoF Exploit
6556| [1327] FTGate4 Groupware Mail Server 4.1 (imapd) Remote Buffer Overflow PoC
6557| [1151] MDaemon 8.0.3 IMAPD CRAM-MD5 Authentication Overflow Exploit
6558| [1124] IPSwitch IMail Server <= 8.15 IMAPD Remote Root Exploit
6559| [915] MailEnable Enterprise 1.x Imapd Remote Exploit
6560| [903] Cyrus imapd 2.2.4 - 2.2.8 (imapmagicplus) Remote Exploit
6561| [340] Linux imapd Remote Overflow File Retrieve Exploit
6562|
6563| OpenVAS (Nessus) - http://www.openvas.org:
6564| [901026] Dovecot Sieve Plugin Multiple Buffer Overflow Vulnerabilities
6565| [901025] Dovecot Version Detection
6566| [881425] CentOS Update for cyrus-imapd CESA-2011:1508 centos5 x86_64
6567| [881403] CentOS Update for cyrus-imapd CESA-2011:0859 centos5 x86_64
6568| [881402] CentOS Update for dovecot CESA-2011:1187 centos5 x86_64
6569| [881397] CentOS Update for cyrus-imapd CESA-2011:1317 centos4 x86_64
6570| [881370] CentOS Update for cyrus-imapd CESA-2011:1508 centos4 x86_64
6571| [881358] CentOS Update for dovecot CESA-2011:1187 centos4 x86_64
6572| [881318] CentOS Update for cyrus-imapd CESA-2011:0859 centos4 x86_64
6573| [881255] CentOS Update for cyrus-imapd CESA-2011:1317 centos5 x86_64
6574| [881050] CentOS Update for cyrus-imapd CESA-2011:1508 centos5 i386
6575| [881049] CentOS Update for cyrus-imapd CESA-2011:1508 centos4 i386
6576| [881007] CentOS Update for cyrus-imapd CESA-2011:1317 centos5 i386
6577| [880980] CentOS Update for dovecot CESA-2011:1187 centos5 i386
6578| [880978] CentOS Update for cyrus-imapd CESA-2011:1317 centos4 i386
6579| [880967] CentOS Update for dovecot CESA-2011:1187 centos4 i386
6580| [880958] CentOS Update for cyrus-imapd CESA-2011:0859 centos4 i386
6581| [880905] CentOS Update for cyrus-imapd CESA-2009:1459 centos4 i386
6582| [880864] CentOS Update for cyrus-imapd CESA-2009:1459 centos5 i386
6583| [880826] CentOS Update for cyrus-imapd CESA-2009:1116 centos5 i386
6584| [880536] CentOS Update for cyrus-imapd CESA-2011:0859 centos5 i386
6585| [870607] RedHat Update for dovecot RHSA-2011:0600-01
6586| [870520] RedHat Update for cyrus-imapd RHSA-2011:1508-01
6587| [870489] RedHat Update for cyrus-imapd RHSA-2011:1317-01
6588| [870471] RedHat Update for dovecot RHSA-2011:1187-01
6589| [870443] RedHat Update for cyrus-imapd RHSA-2011:0859-01
6590| [870153] RedHat Update for dovecot RHSA-2008:0297-02
6591| [864075] Fedora Update for cyrus-imapd FEDORA-2011-13832
6592| [863585] Fedora Update for cyrus-imapd FEDORA-2011-13869
6593| [863579] Fedora Update for cyrus-imapd FEDORA-2011-13860
6594| [863281] Fedora Update for cyrus-imapd FEDORA-2011-7193
6595| [863273] Fedora Update for cyrus-imapd FEDORA-2011-7217
6596| [863272] Fedora Update for dovecot FEDORA-2011-7612
6597| [863115] Fedora Update for dovecot FEDORA-2011-7258
6598| [861525] Fedora Update for dovecot FEDORA-2007-664
6599| [861394] Fedora Update for dovecot FEDORA-2007-493
6600| [861333] Fedora Update for dovecot FEDORA-2007-1485
6601| [860845] Fedora Update for dovecot FEDORA-2008-9202
6602| [860663] Fedora Update for dovecot FEDORA-2008-2475
6603| [860169] Fedora Update for dovecot FEDORA-2008-2464
6604| [860089] Fedora Update for dovecot FEDORA-2008-9232
6605| [840950] Ubuntu Update for dovecot USN-1295-1
6606| [840668] Ubuntu Update for dovecot USN-1143-1
6607| [840583] Ubuntu Update for dovecot vulnerabilities USN-1059-1
6608| [840335] Ubuntu Update for dovecot vulnerabilities USN-593-1
6609| [840290] Ubuntu Update for dovecot vulnerability USN-567-1
6610| [840234] Ubuntu Update for dovecot vulnerability USN-666-1
6611| [840072] Ubuntu Update for dovecot vulnerability USN-487-1
6612| [831590] Mandriva Update for cyrus-imapd MDVSA-2012:037 (cyrus-imapd)
6613| [831468] Mandriva Update for cyrus-imapd MDVSA-2011:149 (cyrus-imapd)
6614| [831410] Mandriva Update for cyrus-imapd MDVSA-2011:100 (cyrus-imapd)
6615| [831405] Mandriva Update for dovecot MDVSA-2011:101 (dovecot)
6616| [831230] Mandriva Update for dovecot MDVSA-2010:217 (dovecot)
6617| [831207] Mandriva Update for cyrus-imapd MDVA-2010:208 (cyrus-imapd)
6618| [831197] Mandriva Update for dovecot MDVSA-2010:196 (dovecot)
6619| [831054] Mandriva Update for dovecot MDVSA-2010:104 (dovecot)
6620| [830496] Mandriva Update for dovecot MDVSA-2008:232 (dovecot)
6621| [801055] Dovecot 'base_dir' Insecure Permissions Security Bypass Vulnerability
6622| [800149] UW-imapd tmail and dmail BOF Vulnerabilities (Linux)
6623| [800030] Dovecot ACL Plugin Security Bypass Vulnerabilities
6624| [70767] Gentoo Security Advisory GLSA 201110-04 (Dovecot)
6625| [70696] Debian Security Advisory DSA 2377-1 (cyrus-imapd-2.2)
6626| [70407] Debian Security Advisory DSA 2318-1 (cyrus-imapd-2.2)
6627| [70259] FreeBSD Ports: dovecot
6628| [69965] Debian Security Advisory DSA 2258-1 (kolab-cyrus-imapd)
6629| [69959] Debian Security Advisory DSA 2252-1 (dovecot)
6630| [69740] Debian Security Advisory DSA 2242-1 (cyrus-imapd-2.2)
6631| [66522] FreeBSD Ports: dovecot
6632| [66416] Mandriva Security Advisory MDVSA-2009:229-1 (cyrus-imapd)
6633| [66233] SLES10: Security update for Cyrus IMAPD
6634| [66226] SLES11: Security update for Cyrus IMAPD
6635| [66222] SLES9: Security update for Cyrus IMAPD
6636| [65938] SLES10: Security update for Cyrus IMAPD
6637| [65723] SLES11: Security update for Cyrus IMAPD
6638| [65523] SLES9: Security update for Cyrus IMAPD
6639| [65479] SLES9: Security update for cyrus-imapd
6640| [65094] SLES9: Security update for cyrus-imapd
6641| [65010] Ubuntu USN-838-1 (dovecot)
6642| [64989] CentOS Security Advisory CESA-2009:1459 (cyrus-imapd)
6643| [64978] Debian Security Advisory DSA 1892-1 (dovecot)
6644| [64977] Debian Security Advisory DSA 1893-1 (cyrus-imapd-2.2 kolab-cyrus-imapd)
6645| [64965] Fedora Core 11 FEDORA-2009-9901 (cyrus-imapd)
6646| [64963] Fedora Core 10 FEDORA-2009-9869 (cyrus-imapd)
6647| [64953] Mandrake Security Advisory MDVSA-2009:242-1 (dovecot)
6648| [64952] Mandrake Security Advisory MDVSA-2009:242 (dovecot)
6649| [64898] FreeBSD Ports: cyrus-imapd
6650| [64864] Debian Security Advisory DSA 1881-1 (cyrus-imapd-2.2)
6651| [64861] Fedora Core 10 FEDORA-2009-9559 (dovecot)
6652| [64847] Fedora Core 10 FEDORA-2009-9428 (cyrus-imapd)
6653| [64846] Fedora Core 11 FEDORA-2009-9417 (cyrus-imapd)
6654| [64838] Mandrake Security Advisory MDVSA-2009:229 (cyrus-imapd)
6655| [64271] CentOS Security Advisory CESA-2009:1116 (cyrus-imapd)
6656| [62965] Gentoo Security Advisory GLSA 200812-16 (dovecot)
6657| [62854] FreeBSD Ports: dovecot-managesieve
6658| [61916] FreeBSD Ports: dovecot
6659| [60588] Gentoo Security Advisory GLSA 200803-25 (dovecot)
6660| [60568] Debian Security Advisory DSA 1516-1 (dovecot)
6661| [60528] FreeBSD Ports: dovecot
6662| [60134] Debian Security Advisory DSA 1457-1 (dovecot)
6663| [60089] FreeBSD Ports: dovecot
6664| [58578] Debian Security Advisory DSA 1359-1 (dovecot)
6665| [56834] Debian Security Advisory DSA 1080-1 (dovecot)
6666| [55807] Slackware Advisory SSA:2005-310-06 imapd
6667| [54861] Gentoo Security Advisory GLSA 200502-29 (cyrus-imapd)
6668| [54755] Gentoo Security Advisory GLSA 200411-34 (cyrus-imapd)
6669| [53739] Debian Security Advisory DSA 215-1 (cyrus-imapd)
6670| [53288] Debian Security Advisory DSA 597-1 (cyrus-imapd)
6671| [52297] FreeBSD Ports: cyrus-imapd
6672| [52296] FreeBSD Ports: cyrus-imapd
6673| [52295] FreeBSD Ports: cyrus-imapd
6674| [52294] FreeBSD Ports: cyrus-imapd
6675| [52172] FreeBSD Ports: cyrus-imapd
6676|
6677| SecurityTracker - https://www.securitytracker.com:
6678| [1028585] Dovecot APPEND Parameter Processing Flaw Lets Remote Authenticated Users Deny Service
6679| [1024740] Mac OS X Server Dovecot Memory Aliasing Bug May Cause Mail to Be Delivered to the Wrong User
6680| [1017288] Dovecot POP3/IMAP Cache File Buffer Overflow May Let Remote Users Execute Arbitrary Code
6681| [1013278] Cyrus IMAPd Buffer Overflows in Annotate Extension, Cached Header, and Fetchnews May Let Remote Users Execute Arbitrary Code
6682|
6683| OSVDB - http://www.osvdb.org:
6684| [96172] Dovecot POP3 Service Terminated LIST Command Remote DoS
6685| [93525] Dovecot IMAP APPEND Command Malformed Parameter Parsing Remote DoS
6686| [93004] Dovecot with Exim sender_address Parameter Remote Command Execution
6687| [88058] Dovecot lib-storage/mail-search.c Multiple Keyword Search Handling Remote DoS
6688| [78304] Eudora WorldMail imapd SEH LIST Command Parsing Remote Overflow
6689| [77185] Dovecot SSL Certificate Common Name Field MitM Spoofing Weakness
6690| [75445] Cyrus IMAP Server imapd index.c index_get_ids Function References Header NULL Dereference Remote DoS
6691| [74515] Dovecot script-login chroot Configuration Setting Traversal Arbitrary File Access
6692| [74514] Dovecot script-login User / Group Configuration Settings Remote Access Restriction Bypass
6693| [72495] Dovecot lib-mail/message-header-parser.c Mail Header Name NULL Character Handling Remote DoS
6694| [69260] Apple Mac OS X Server Dovecot Memory Aliasing Mail Delivery Issue
6695| [68516] Dovecot plugins/acl/acl-backend-vfile.c ACL Permission Addition User Private Namespace Mailbox Access Restriction Remote Bypass
6696| [68515] Dovecot plugins/acl/acl-backend-vfile.c ACL Permission Addition Specific Entry Order Mailbox Access Restriction Remote Bypass
6697| [68513] Dovecot Non-public Namespace Mailbox ACL Manipulation Access Restriction Remote Bypass
6698| [68512] Dovecot IMAP / POP3 Session Disconnect Master Process Outage Remote DoS
6699| [66625] Dovecot ACL Plugin INBOX ACL Copying Weakness Restriction Bypass
6700| [66113] Dovecot Mail Root Directory Creation Permission Weakness
6701| [66112] Dovecot Installation base_dir Parent Directory Permission Weakness
6702| [66111] Dovecot SEARCH Functionality str_find_init() Function Overflow
6703| [66110] Dovecot Multiple Unspecified Buffer Overflows
6704| [66108] Dovecot Malformed Message Body Processing Unspecified Functions Remote DoS
6705| [64783] Dovecot E-mail Message Header Unspecified DoS
6706| [63372] Apple Mac OS X Dovecot Kerberos Authentication SACL Restriction Bypass
6707| [62796] Dovecot mbox Format Email Header Handling DoS
6708| [60316] Dovecot base_dir Directory Permission Weakness Local Privilege Escalation
6709| [58103] Dovecot CMU Sieve Plugin Script Handling Multiple Overflows
6710| [57843] Cyrus IMAP Server (cyrus-imapd) SIEVE Script Component (sieve/script.c) Crafted Script Handling Overflow
6711| [57681] UoW imap Server (uw-imapd) Arbitrary Remote File Access
6712| [52906] UW-imapd c-client Initial Request Remote Format String
6713| [52905] UW-imapd c-client Library RFC822BUFFER Routines rfc822_output_char Function Off-by-one
6714| [52456] UW-imapd on Debian Linux LOGIN Command Remote DoS
6715| [50253] Dovecot dovecot.conf Permission Weakness Local ssl_key_password Parameter Disclosure
6716| [49918] Dovecot ManageSieve Script Name Handling Traversal Arbitrary File Manipulation
6717| [49485] UW-imapd dmail Utility Mailbox Name Handling Overflow
6718| [49484] UW-imapd tmail Utility Mailbox Name Handling Overflow
6719| [49429] Dovecot Message Parsing Feature Crafted Email Header Handling Remote DoS
6720| [49099] Dovecot ACL Plugin k Right Mailbox Creation Restriction Bypass
6721| [49098] Dovecot ACL Plugin Negative Access Rights Bypass
6722| [43137] Dovecot mail_extra_groups Symlink File Manipulation
6723| [42979] Dovecot passdbs Argument Injection Authentication Bypass
6724| [42004] Perdition Mail Retrieval Proxy IMAPD IMAP Tag Remote Format String Arbitrary Code Execution
6725| [39876] Dovecot LDAP Auth Cache Security Bypass
6726| [39670] Mercury Mail Transport System IMAPD SEARCH Command Remote Overflow
6727| [39386] Dovecot ACL Plugin Insert Right APPEND / COPY Command Unauthorized Flag Manipulation
6728| [35489] Dovecot index/mbox/mbox-storage.c Traversal Arbitrary Gzip File Access
6729| [31362] Novell NetMail IMAP Daemon (IMAPD) APPEND Command Remote Overflow
6730| [31361] Novell NetMail IMAP Daemon (IMAPD) APPEND Command DoS
6731| [31360] Novell NetMail IMAP Daemon (IMAPD) SUBSCRIBE Command Remote Overflow
6732| [30524] Dovecot IMAP/POP3 Server dovecot.index.cache Handling Overflow
6733| [25853] Cyrus IMAPD pop3d USER Command Remote Overflow
6734| [25727] Dovecot Multiple Command Traversal Arbitrary Directory Listing
6735| [23281] Dovecot imap/pop3-login dovecot-auth DoS
6736| [23280] Dovecot Malformed APPEND Command DoS
6737| [18179] HP Tru64 UNIX imapd NLSPATH Environment Variable Local Overflow
6738| [13242] UW-imapd CRAM-MD5 Authentication Bypass
6739| [12385] Novell NetMail IMAPD 101_mEna Script Remote Overflow
6740| [12042] UoW imapd Multiple Unspecified Overflows
6741| [12037] UoW imapd (UW-IMAP) Multiple Command Remote Overflows
6742| [12033] Slackware Linux imapd/ipop3d Malformed USER/PASS Sequence DoS
6743| [911] UoW imapd AUTHENTICATE Command Remote Overflow
6744| [790] UoW imap Server (uw-imapd) BODY Request Remote Overflow
6745| [519] UoW imapd SIGABRT Signal Forced Crash Information Disclosure
6746|_
6747443/tcp closed https
6748465/tcp open ssl/smtp Exim smtpd 4.89
6749| vulscan: VulDB - https://vuldb.com:
6750| [109969] Exim 4.88/4.89 SMTP Daemon receive.c bdat_getc denial of service
6751| [109968] Exim 4.88/4.89 SMTP Daemon receive.c receive_msg memory corruption
6752| [94599] Exim up to 4.87 information disclosure
6753| [13422] Exim 4.82 Mail Header dmarc.c expand_string memory corruption
6754| [6817] Exim up to 4.80 src/dkim.c dkim_exim_query_dns_txt memory corruption
6755| [141327] Exim up to 4.92.1 Backslash privilege escalation
6756| [138827] Exim up to 4.92 Expansion Code Execution
6757| [135932] Exim up to 4.92 privilege escalation
6758| [113048] Exim up to 4.90 SMTP Listener Message memory corruption
6759| [58841] exim up to 4.69 dkim_exim_verify_finish memory corruption
6760| [57462] Exim up to 4.75 Filesystem memory corruption
6761| [4280] Exim Server 4.x open_log race condition
6762|
6763| MITRE CVE - https://cve.mitre.org:
6764| [CVE-2012-5671] Heap-based buffer overflow in the dkim_exim_query_dns_txt function in dkim.c in Exim 4.70 through 4.80, when DKIM support is enabled and acl_smtp_connect and acl_smtp_rcpt are not set to "warn control = dkim_disable_verify," allows remote attackers to execute arbitrary code via an email from a malicious DNS server.
6765| [CVE-2012-0478] The texImage2D implementation in the WebGL subsystem in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 does not properly restrict JSVAL_TO_OBJECT casts, which might allow remote attackers to execute arbitrary code via a crafted web page.
6766| [CVE-2011-1764] Format string vulnerability in the dkim_exim_verify_finish function in src/dkim.c in Exim before 4.76 might allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in data used in DKIM logging, as demonstrated by an identity field containing a % (percent) character.
6767| [CVE-2011-1407] The DKIM implementation in Exim 4.7x before 4.76 permits matching for DKIM identities to apply to lookup items, instead of only strings, which allows remote attackers to execute arbitrary code or access a filesystem via a crafted identity.
6768| [CVE-2011-0017] The open_log function in log.c in Exim 4.72 and earlier does not check the return value from (1) setuid or (2) setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack.
6769| [CVE-2010-4345] Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.
6770| [CVE-2010-4344] Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging.
6771| [CVE-2010-2024] transports/appendfile.c in Exim before 4.72, when MBX locking is enabled, allows local users to change permissions of arbitrary files or create arbitrary files, and cause a denial of service or possibly gain privileges, via a symlink attack on a lockfile in /tmp/.
6772| [CVE-2010-2023] transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the st_nlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user's file.
6773| [CVE-2006-1251] Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 allows remote attackers to delete arbitrary files via an email with a To field that contains a filename separated by whitespace, which is not quoted when greylistclean.cron provides the argument to the rm command.
6774| [CVE-2005-0022] Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow attackers to execute arbitrary code during SPA authentication.
6775| [CVE-2005-0021] Multiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via (1) an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the host_aton function, or (2) the -bh command line option or dnsdb PTR lookup, which triggers an overflow in the dns_build_reverse function.
6776| [CVE-2004-0400] Stack-based buffer overflow in Exim 4 before 4.33, when the headers_check_syntax option is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code during the header check.
6777| [CVE-2004-0399] Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code during sender verification.
6778| [CVE-2003-0743] Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 and Exim 4 (exim4) before 4.21 may allow remote attackers to execute arbitrary code via an invalid (1) HELO or (2) EHLO argument with a large number of spaces followed by a NULL character and a newline, which is not properly trimmed before the "(no argument given)" string is appended to the buffer.
6779| [CVE-2002-1381] Format string vulnerability in daemon.c for Exim 4.x through 4.10, and 3.x through 3.36, allows exim administrative users to execute arbitrary code by modifying the pid_file_path value.
6780|
6781| SecurityFocus - https://www.securityfocus.com/bid/:
6782| [103049] Exim 'base64d()' Function Buffer Overflow Vulnerability
6783| [99252] Exim CVE-2017-1000369 Local Privilege Escalation Vulnerability
6784| [94947] Exim CVE-2016-9963 Unspecified Information Disclosure Vulnerability
6785| [84132] Exim CVE-2016-1531 Local Privilege Escalation Vulnerability
6786| [68857] Exim CVE-2014-2972 Local Privilege Escalation Vulnerability
6787| [67695] Exim 'dmarc.c' Remote Code Execution Vulnerability
6788| [60465] Exim for Dovecot 'use_shell' Remote Command Execution Vulnerability
6789| [56285] Exim DKIM DNS Decoding CVE-2012-5671 Remote Buffer Overflow Vulnerability
6790| [47836] Exim DKIM CVE-2011-1407 Remote Code Execution Vulnerability
6791| [47736] Exim 'dkim_exim_verify_finish()' Remote Format String Vulnerability
6792| [46065] Exim 'log.c' Local Privilege Escalation Vulnerability
6793| [45341] Exim ALT_CONFIG_ROOT_ONLY 'exim' User Local Privilege Escalation Vulnerability
6794| [45308] Exim Crafted Header Remote Code Execution Vulnerability
6795| [40454] Exim MBX Locking Insecure Temporary File Creation Vulnerability
6796| [40451] Exim Sticky Mail Directory Local Privilege Escalation Vulnerability
6797| [36181] ikiwiki 'teximg' Plugin Insecure TeX Commands Information Disclosure Vulnerability
6798| [23977] Exim SpamAssassin Reply Remote Buffer Overflow Vulnerability
6799| [17110] sa-exim Unauthorized File Access Vulnerability
6800| [12268] Exim IP Address Command Line Argument Local Buffer Overflow Vulnerability
6801| [12188] Exim SPA Authentication Remote Buffer Overflow Vulnerability
6802| [12185] Exim Illegal IPv6 Address Buffer Overflow Vulnerability
6803| [10291] Exim Header Syntax Checking Remote Stack Buffer Overrun Vulnerability
6804| [10290] Exim Sender Verification Remote Stack Buffer Overrun Vulnerability
6805| [8518] Exim EHLO/HELO Remote Heap Corruption Vulnerability
6806| [6314] Exim Internet Mailer Format String Vulnerability
6807| [4096] Exim Configuration File Argument Command Line Buffer Overflow Vulnerability
6808| [3728] Exim Pipe Hostname Arbitrary Command Execution Vulnerability
6809| [2828] Exim Format String Vulnerability
6810| [1859] Exim Buffer Overflow Vulnerability
6811|
6812| IBM X-Force - https://exchange.xforce.ibmcloud.com:
6813| [84758] Exim sender_address parameter command execution
6814| [84015] Exim command execution
6815| [80186] Mozilla Firefox, Thunderbird, and SeaMonkey copyTexImage2D code execution
6816| [80184] Mozilla Firefox, Thunderbird, and SeaMonkey texImage2D calls code execution
6817| [79615] Exim dkim_exim_query_dns_txt() buffer overflow
6818| [75155] Mozilla Firefox, Thunderbird, and SeaMonkey texImage2D denial of service
6819| [67455] Exim DKIM processing code execution
6820| [67299] Exim dkim_exim_verify_finish() format string
6821| [65028] Exim open_log privilege escalation
6822| [63967] Exim config file privilege escalation
6823| [63960] Exim header buffer overflow
6824| [59043] Exim mail directory privilege escalation
6825| [59042] Exim MBX symlink
6826| [52922] ikiwiki teximg plugin information disclosure
6827| [34265] Exim spamd buffer overflow
6828| [25286] Sa-exim greylistclean.cron file deletion
6829| [22687] RHSA-2005:025 updates for exim not installed
6830| [18901] Exim dns_build_reverse buffer overflow
6831| [18764] Exim spa_base64_to_bits function buffer overflow
6832| [18763] Exim host_aton buffer overflow
6833| [16079] Exim require_verify buffer overflow
6834| [16077] Exim header_check_syntax buffer overflow
6835| [16075] Exim sender_verify buffer overflow
6836| [13067] Exim HELO or EHLO command heap overflow
6837| [10761] Exim daemon.c format string
6838| [8194] Exim configuration file -c command-line argument buffer overflow
6839| [7738] Exim allows attacker to hide commands in localhost names using pipes
6840| [6671] Exim "
6841| [1893] Exim MTA allows local users to gain root privileges
6842|
6843| Exploit-DB - https://www.exploit-db.com:
6844| [16925] Exim4 <= 4.69 - string_format Function Heap Buffer Overflow
6845| [15725] Exim 4.63 Remote Root Exploit
6846| [1009] Exim <= 4.41 dns_build_reverse Local Exploit
6847| [812] Exim <= 4.43 auth_spa_server() Remote PoC Exploit
6848| [796] Exim <= 4.42 Local Root Exploit
6849| [756] Exim <= 4.41 dns_build_reverse Local Exploit PoC
6850|
6851| OpenVAS (Nessus) - http://www.openvas.org:
6852| [100663] Exim < 4.72 RC2 Multiple Vulnerabilities
6853|
6854| SecurityTracker - https://www.securitytracker.com:
6855| [1025539] Exim DKIM Processing Flaw Lets Remote Users Execute Arbitrary Code
6856| [1025504] Exim DKIM Signature Format String Flaw Lets Remote Users Execute Arbitrary Code
6857| [1024859] Exim Configuration File Capability Lets Local Users Gain Elevated Privileges
6858| [1024858] Exim Buffer Overfow in string_format() Lets Remote Users Execute Arbitrary Code
6859| [1012904] Exim Buffer Overflow in dns_build_reverse() Lets Local Users Obtain Elevated Privileges
6860| [1012771] Exim Buffer Overflows in host_aton() and spa_base64_to_bits() May Let Local Users Gain Elevated Privileges
6861| [1010081] Exim Buffer Overflows in 'accept.c' and 'verify.c' Let Remote Users Execute Arbitrary Code
6862| [1007609] Exim Heap Overflow in 'smtp_in.c' May Allow Remote Arbitrary Code Execution
6863| [1005756] Exim Mail Server Format String Bug Lets Local Exim Administrators Execute Arbitrary Code With Root Privileges
6864| [1003547] Potential Bug in Exim Mail Server May Let Local Users Execute Code With Root Privileges
6865| [1003014] Exim Mail Server Pipe Address Validation Error May Let Remote Users Execute Arbitrary Code With Root Privileges in a Certain Configuration
6866| [1001694] Exim Mail Server May Allow Remote Users to Execute Arbitrary Code with Root-Level Privileges on the Server
6867|
6868| OSVDB - http://www.osvdb.org:
6869| [93004] Dovecot with Exim sender_address Parameter Remote Command Execution
6870| [87599] Mozilla Multiple Product copyTexImage2D Call Image Dimension Handling Memory Corruption
6871| [87581] Mozilla Multiple Product texImage2D Call Handling Memory Corruption
6872| [86616] Exim src/dkim.c dkim_exim_query_dns_txt() Function DNS Record Parsing Remote Overflow
6873| [81523] Mozilla Multiple Product WebGL texImage2D() Function JSVAL_TO_OBJECT Remote Code Execution
6874| [72642] Exim DKIM Identity Lookup Item Remote Code Execution
6875| [72156] Exim src/dkim.c dkim_exim_verify_finish() Function DKIM-Signature Header Format String
6876| [70696] Exim log.c open_log() Function Local Privilege Escalation
6877| [69860] Exim exim User Account Configuration File Directive Local Privilege Escalation
6878| [69685] Exim string_format Function Remote Overflow
6879| [65159] Exim transports/appendfile.c MBX Locking Race Condition Permission Modification
6880| [65158] Exim transports/appendfile.c Hardlink Handling Arbitrary File Overwrite
6881| [57575] teximg Plugin for ikiwiki TEX Command Arbitrary File Local Disclosure
6882| [23849] sa-exim greylistclean.cron Arbitrary File Deletion
6883| [13073] Oracle Database Server Advanced Queuing Component dbms_transform_eximp Unspecified Security Issue
6884| [12946] Exim -bh Command Line Option dns_build_reverse Function Local Overflow
6885| [12727] Exim SPA Authentication spa_base64_to_bits Function Remote Overflow
6886| [12726] Exim -be Command Line Option host_aton Function Local Overflow
6887| [10877] Exim smtp_in.c HELO/EHLO Remote Overflow
6888| [10360] Exim daemon.c pid_file_path Variable Manipulation Arbitrary Command Execution
6889| [10032] libXpm CreateXImage Function Integer Overflow
6890| [7160] Exim .forward :include: Option Privilege Escalation
6891| [6479] Vexim COOKIE Authentication Credential Disclosure
6892| [6478] Vexim Multiple Parameter SQL Injection
6893| [5930] Exim Parenthesis File Name Filter Bypass
6894| [5897] Exim header_syntax Function Remote Overflow
6895| [5896] Exim sender_verify Function Remote Overflow
6896| [5530] Exim Localhost Name Arbitrary Command Execution
6897| [5330] Exim Configuration File Variable Overflow
6898| [1855] Exim Batched SMTP Mail Header Format String
6899|_
6900993/tcp open ssl/imaps?
6901995/tcp open ssl/pop3s?
690235500/tcp closed unknown
6903Service Info: Host: a13s08.host.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
6904#######################################################################################################################################
6905 Anonymous JTSEC #OpDeathEathers Full Recon #29