· 6 years ago · Nov 07, 2019, 03:27 AM
1#######################################################################################################################################
2=======================================================================================================================================
3Hostname two-elfs.com ISP IP Volume inc
4Continent Europe Flag
5NL
6Country Netherlands Country Code NL
7Region Unknown Local time 06 Nov 2019 23:53 CET
8City Unknown Postal Code Unknown
9IP Address 94.102.49.234 Latitude 52.382
10 Longitude 4.9
11======================================================================================================================================
12#######################################################################################################################################
13> two-elfs.com
14Server: 185.93.180.131
15Address: 185.93.180.131#53
16
17Non-authoritative answer:
18Name: two-elfs.com
19Address: 94.102.49.234
20>
21#######################################################################################################################################
22 Domain Name: TWO-ELFS.COM
23 Registry Domain ID: 2085209519_DOMAIN_COM-VRSN
24 Registrar WHOIS Server: whois.internet.bs
25 Registrar URL: http://www.internet.bs
26 Updated Date: 2018-10-10T04:20:58Z
27 Creation Date: 2016-12-27T12:00:50Z
28 Registry Expiry Date: 2019-12-27T12:00:50Z
29 Registrar: Internet Domain Service BS Corp
30 Registrar IANA ID: 2487
31 Registrar Abuse Contact Email:
32 Registrar Abuse Contact Phone:
33 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
34 Name Server: NS-CANADA.TOPDNS.COM
35 Name Server: NS-UK.TOPDNS.COM
36 Name Server: NS-USA.TOPDNS.COM
37 DNSSEC: unsigned
38#######################################################################################################################################
39Domain Name: TWO-ELFS.COM
40Registry Domain ID: 2085209519_DOMAIN_COM-VRSN
41Registrar WHOIS Server: whois.internet.bs
42Registrar URL: http://www.internetbs.net
43Updated Date: 2018-10-10T04:20:58Z
44Creation Date: 2016-12-27T12:00:50Z
45Registrar Registration Expiration Date: 2019-12-27T12:00:50Z
46Registrar: Internet Domain Service BS Corp.
47Registrar IANA ID: 2487
48Registrar Abuse Contact Email: abuse@internet.bs
49Registrar Abuse Contact Phone: +1.5167401179
50Reseller:
51Domain Status: clientTransferProhibited - http://www.icann.org/epp#clientTransferProhibited
52Registry Registrant ID:
53Registrant Name: Domain Admin
54Registrant Organization: Whois Privacy Corp.
55Registrant Street: Ocean Centre, Montagu Foreshore, East Bay Street
56Registrant City: Nassau
57Registrant State/Province: New Providence
58Registrant Postal Code:
59Registrant Country: BS
60Registrant Phone: +1.5163872248
61Registrant Phone Ext:
62Registrant Fax:
63Registrant Fax Ext:
64Registrant Email: two-elfs.com-owner-mwqe@customers.whoisprivacycorp.com
65Registry Admin ID:
66Admin Name: Domain Admin
67Admin Organization: Whois Privacy Corp.
68Admin Street: Ocean Centre, Montagu Foreshore, East Bay Street
69Admin City: Nassau
70Admin State/Province: New Providence
71Admin Postal Code:
72Admin Country: BS
73Admin Phone: +1.5163872248
74Admin Phone Ext:
75Admin Fax:
76Admin Fax Ext:
77Admin Email: two-elfs.com-admin-zb3z@customers.whoisprivacycorp.com
78Registry Tech ID:
79Tech Name: Domain Admin
80Tech Organization: Whois Privacy Corp.
81Tech Street: Ocean Centre, Montagu Foreshore, East Bay Street
82Tech City: Nassau
83Tech State/Province: New Providence
84Tech Postal Code:
85Tech Country: BS
86Tech Phone: +1.5163872248
87Tech Phone Ext:
88Tech Fax:
89Tech Fax Ext:
90Tech Email: two-elfs.com-tech-t4oz@customers.whoisprivacycorp.com
91Name Server: ns-canada.topdns.com
92Name Server: ns-uk.topdns.com
93Name Server: ns-usa.topdns.com
94DNSSEC: unsigned
95#######################################################################################################################################
96[+] Target : two-elfs.com
97
98[+] IP Address : 94.102.49.234
99
100[+] Headers :
101
102[+] Date : Wed, 06 Nov 2019 22:59:47 GMT
103[+] Server : Apache/2.2.3 (CentOS)
104[+] X-Powered-By : PHP/5.3.3
105[+] Keep-Alive : timeout=15, max=100
106[+] Connection : Keep-Alive
107[+] Transfer-Encoding : chunked
108[+] Content-Type : text/html; charset=UTF-8
109
110[+] SSL Certificate Information :
111
112[-] SSL is not Present on Target URL...Skipping...
113
114[+] Whois Lookup :
115
116[+] NIR : None
117[+] ASN Registry : ripencc
118[+] ASN : 202425
119[+] ASN CIDR : 94.102.49.0/24
120[+] ASN Country Code : NL
121[+] ASN Date : 2008-08-29
122[+] ASN Description : INT-NETWORK, SC
123[+] cidr : 94.102.49.0/24
124[+] name : NET-4-49
125[+] handle : IVI24-RIPE
126[+] range : 94.102.49.0 - 94.102.49.255
127[+] description : IPV NETBLOCK
128[+] country : NL
129[+] state : None
130[+] city : None
131[+] address : Suite 9
132Victoria, Mahe
133Seychelles
134[+] postal_code : None
135[+] emails : None
136[+] created : 2019-02-04T13:24:48Z
137[+] updated : 2019-02-04T13:24:48Z
138
139[+] Crawling Target...
140
141[+] Looking for robots.txt........[ Not Found ]
142[+] Looking for sitemap.xml.......[ Not Found ]
143[+] Extracting CSS Links..........[ 1 ]
144[+] Extracting Javascript Links...[ 4 ]
145[+] Extracting Internal Links.....[ 1 ]
146[+] Extracting External Links.....[ 2 ]
147[+] Extracting Images.............[ 12 ]
148
149[+] Total Links Extracted : 20
150
151[+] Dumping Links in /opt/FinalRecon/dumps/two-elfs.com.dump
152[+] Completed!
153######################################################################################################################################
154[+] Starting At 2019-11-06 18:00:23.002951
155[+] Collecting Information On: http://two-elfs.com/
156[#] Status: 200
157--------------------------------------------------
158[#] Web Server Detected: Apache/2.2.3 (CentOS)
159[#] X-Powered-By: PHP/5.3.3
160[!] X-Frame-Options Headers not detect! target might be vulnerable Click Jacking
161- Date: Wed, 06 Nov 2019 23:00:23 GMT
162- Server: Apache/2.2.3 (CentOS)
163- X-Powered-By: PHP/5.3.3
164- Keep-Alive: timeout=15, max=100
165- Connection: Keep-Alive
166- Transfer-Encoding: chunked
167- Content-Type: text/html; charset=UTF-8
168--------------------------------------------------
169[#] Finding Location..!
170[#] status: success
171[#] country: Netherlands
172[#] countryCode: NL
173[#] region: NH
174[#] regionName: North Holland
175[#] city: Amsterdam
176[#] zip: 1012
177[#] lat: 52.3704
178[#] lon: 4.89536
179[#] timezone: Europe/Amsterdam
180[#] isp: IP Volume inc
181[#] org: IP Volume inc
182[#] as: AS202425 IP Volume inc
183[#] query: 94.102.49.234
184--------------------------------------------------
185[x] Didn't Detect WAF Presence on: http://two-elfs.com/
186--------------------------------------------------
187[#] Starting Reverse DNS
188[!] Found 88 any Domain
189- 3m.heaven-portal.com
190- alina-balletstar.com
191- alisa-dreams.com
192- beauties.legal-models.info
193- best.world-collections.com
194- bikini-pics.us
195- cash.teensagency.com
196- cinderella-girl.com
197- cinderella-girl.info
198- collection.world-collections.com
199- cute-kitten.com
200- dolly-supermodel.info
201- dream-katia.com
202- dream-portal.com
203- dreamstudioportal.com
204- fashion-baby.info
205- flowermodels.com
206- flowermodels.info
207- foxy-world.com
208- heaven-portal.com
209- ice-pie.net
210- jessy-sunshine.com
211- juliet-summer.com
212- legal-models.info
213- little-panther.info
214- lodraw.ru
215- merryangels.info
216- models-me.com
217- models-portal.net
218- models.world-collections.com
219- modelsaround.info
220- mouse-trip.com
221- nastia-mouse.info
222- nikita-dance.com
223- nn-1.com
224- petal-stone.com
225- phone.intelius.com
226- pink-portal.com
227- play-angel.com
228- play-kitty.info
229- preteen.heaven-portal.com
230- pretty.heaven-portal.com
231- pro.world-collections.com
232- steppe-flower.com
233- teensagency.com
234- teensagency.info
235- top.cinderella-girl.com
236- top.flowermodels.com
237- top.merryangels.com
238- top.modelsaround.com
239- top.nastia-kitten.com
240- top.nastia-mouse.com
241- top.play-kitty.com
242- top.teensagency.com
243- two-elfs.com
244- world-collections.com
245- www.alina-balletstar.com
246- www.alisa-dreams.com
247- www.cinderella-girl.info
248- www.dolly-supermodel.info
249- www.dream-katia.com
250- www.dream-portal.com
251- www.dreamstudioportal.com
252- www.fashion-baby.info
253- www.flowermodels.info
254- www.foxy-world.com
255- www.jessy-sunshine.com
256- www.juliet-summer.com
257- www.legal-models.info
258- www.little-panther.info
259- www.merryangels.info
260- www.modelsaround.info
261- www.mouse-trip.com
262- www.nastia-kitten.info
263- www.nastia-mouse.info
264- www.nikita-dance.com
265- www.nn-1.com
266- www.petal-stone.com
267- www.play-angel.com
268- www.play-kitty.com
269- www.play-kitty.info
270- www.teensagency.info
271- www.wild-kitty.net
272- www.world-collections.com
273- www.young-photos.info
274- young-photos.info
275- young.world-collections.com
276- youngly16.com
277--------------------------------------------------
278[!] Scanning Open Port
279[#] 21/tcp open ftp
280[#] 22/tcp open ssh
281[#] 80/tcp open http
282[#] 111/tcp open rpcbind
283[#] 222/tcp open rsh-spx
284[#] 3306/tcp open mysql
285--------------------------------------------------
286[+] Collecting Information Disclosure!
287[#] Detecting sitemap.xml file
288[-] sitemap.xml file not Found!?
289[#] Detecting robots.txt file
290[-] robots.txt file not Found!?
291[#] Detecting GNU Mailman
292[-] GNU Mailman App Not Detected!?
293--------------------------------------------------
294[+] Crawling Url Parameter On: http://two-elfs.com/
295--------------------------------------------------
296[#] Searching Html Form !
297[-] No Html Form Found!?
298--------------------------------------------------
299[!] Found 87 dom parameter
300[#] http://two-elfs.com//#
301[#] http://two-elfs.com//#
302[#] http://two-elfs.com//#
303[#] http://two-elfs.com//#
304[#] http://two-elfs.com//#
305[#] http://two-elfs.com//#
306[#] http://two-elfs.com//#
307[#] http://two-elfs.com//#
308[#] http://two-elfs.com//#
309[#] http://two-elfs.com//#
310[#] http://two-elfs.com//#
311[#] http://two-elfs.com//#
312[#] http://two-elfs.com//#
313[#] http://two-elfs.com//#
314[#] http://two-elfs.com//#
315[#] http://two-elfs.com//#
316[#] http://two-elfs.com//#
317[#] http://two-elfs.com//#
318[#] http://two-elfs.com//#
319[#] http://two-elfs.com//#
320[#] http://two-elfs.com//#
321[#] http://two-elfs.com//#
322[#] http://two-elfs.com//#
323[#] http://two-elfs.com//#
324[#] http://two-elfs.com//#
325[#] http://two-elfs.com//#
326[#] http://two-elfs.com//#
327[#] http://two-elfs.com//#
328[#] http://two-elfs.com//#
329[#] http://two-elfs.com//#
330[#] http://two-elfs.com//#
331[#] http://two-elfs.com//#
332[#] http://two-elfs.com//#
333[#] http://two-elfs.com//#
334[#] http://two-elfs.com//#
335[#] http://two-elfs.com//#
336[#] http://two-elfs.com//#
337[#] http://two-elfs.com//#
338[#] http://two-elfs.com//#
339[#] http://two-elfs.com//#
340[#] http://two-elfs.com//#
341[#] http://two-elfs.com//#
342[#] http://two-elfs.com//#
343[#] http://two-elfs.com//#
344[#] http://two-elfs.com//#
345[#] http://two-elfs.com//#
346[#] http://two-elfs.com//#
347[#] http://two-elfs.com//#
348[#] http://two-elfs.com//#
349[#] http://two-elfs.com//#
350[#] http://two-elfs.com//#
351[#] http://two-elfs.com//#
352[#] http://two-elfs.com//#
353[#] http://two-elfs.com//#
354[#] http://two-elfs.com//#
355[#] http://two-elfs.com//#
356[#] http://two-elfs.com//#
357[#] http://two-elfs.com//#
358[#] http://two-elfs.com//#
359[#] http://two-elfs.com//#
360[#] http://two-elfs.com//#
361[#] http://two-elfs.com//#
362[#] http://two-elfs.com//#
363[#] http://two-elfs.com//#
364[#] http://two-elfs.com//#
365[#] http://two-elfs.com//#
366[#] http://two-elfs.com//#
367[#] http://two-elfs.com//#
368[#] http://two-elfs.com//#
369[#] http://two-elfs.com//#
370[#] http://two-elfs.com//#
371[#] http://two-elfs.com//#
372[#] http://two-elfs.com//#
373[#] http://two-elfs.com//#
374[#] http://two-elfs.com//#
375[#] http://two-elfs.com//#
376[#] http://two-elfs.com//#
377[#] http://two-elfs.com//#
378[#] http://two-elfs.com//#
379[#] http://two-elfs.com//#
380[#] http://two-elfs.com//#
381[#] http://two-elfs.com//#
382[#] http://two-elfs.com//#
383[#] http://two-elfs.com//#
384[#] http://two-elfs.com//#
385[#] http://two-elfs.com//#
386[#] http://two-elfs.com//#
387--------------------------------------------------
388[-] No internal Dynamic Parameter Found!?
389--------------------------------------------------
390[-] No external Dynamic Paramter Found!?
391--------------------------------------------------
392[!] 322 Internal links Discovered
393[+] http://two-elfs.com//style.css
394[+] http://two-elfs.com//javascript:window.external.AddFavorite('http://two-elfs.com')
395[+] http://two-elfs.com//members.html
396[+] http://two-elfs.com//support.html
397[+] http://two-elfs.com//videohtml/video158.html
398[+] http://two-elfs.com//videohtml/video158.html
399[+] http://two-elfs.com//videohtml/video157.html
400[+] http://two-elfs.com//videohtml/video157.html
401[+] http://two-elfs.com//videohtml/video156.html
402[+] http://two-elfs.com//videohtml/video156.html
403[+] http://two-elfs.com//videohtml/video155.html
404[+] http://two-elfs.com//videohtml/video155.html
405[+] http://two-elfs.com//videohtml/video154.html
406[+] http://two-elfs.com//videohtml/video154.html
407[+] http://two-elfs.com//videohtml/video153.html
408[+] http://two-elfs.com//videohtml/video153.html
409[+] http://two-elfs.com//videohtml/video152.html
410[+] http://two-elfs.com//videohtml/video152.html
411[+] http://two-elfs.com//videohtml/video151.html
412[+] http://two-elfs.com//videohtml/video151.html
413[+] http://two-elfs.com//videohtml/video150.html
414[+] http://two-elfs.com//videohtml/video150.html
415[+] http://two-elfs.com//videohtml/video149.html
416[+] http://two-elfs.com//videohtml/video149.html
417[+] http://two-elfs.com//videohtml/video148.html
418[+] http://two-elfs.com//videohtml/video148.html
419[+] http://two-elfs.com//videohtml/video147.html
420[+] http://two-elfs.com//videohtml/video147.html
421[+] http://two-elfs.com//videohtml/video146.html
422[+] http://two-elfs.com//videohtml/video146.html
423[+] http://two-elfs.com//videohtml/video145.html
424[+] http://two-elfs.com//videohtml/video145.html
425[+] http://two-elfs.com//videohtml/video144.html
426[+] http://two-elfs.com//videohtml/video144.html
427[+] http://two-elfs.com//videohtml/video143.html
428[+] http://two-elfs.com//videohtml/video143.html
429[+] http://two-elfs.com//videohtml/video142.html
430[+] http://two-elfs.com//videohtml/video142.html
431[+] http://two-elfs.com//videohtml/video141.html
432[+] http://two-elfs.com//videohtml/video141.html
433[+] http://two-elfs.com//videohtml/video140.html
434[+] http://two-elfs.com//videohtml/video140.html
435[+] http://two-elfs.com//videohtml/video139.html
436[+] http://two-elfs.com//videohtml/video139.html
437[+] http://two-elfs.com//videohtml/video138.html
438[+] http://two-elfs.com//videohtml/video138.html
439[+] http://two-elfs.com//videohtml/video137.html
440[+] http://two-elfs.com//videohtml/video137.html
441[+] http://two-elfs.com//videohtml/video136.html
442[+] http://two-elfs.com//videohtml/video136.html
443[+] http://two-elfs.com//videohtml/video135.html
444[+] http://two-elfs.com//videohtml/video135.html
445[+] http://two-elfs.com//videohtml/video134.html
446[+] http://two-elfs.com//videohtml/video134.html
447[+] http://two-elfs.com//videohtml/video133.html
448[+] http://two-elfs.com//videohtml/video133.html
449[+] http://two-elfs.com//videohtml/video132.html
450[+] http://two-elfs.com//videohtml/video132.html
451[+] http://two-elfs.com//videohtml/video131.html
452[+] http://two-elfs.com//videohtml/video131.html
453[+] http://two-elfs.com//videohtml/video130.html
454[+] http://two-elfs.com//videohtml/video130.html
455[+] http://two-elfs.com//videohtml/video129.html
456[+] http://two-elfs.com//videohtml/video129.html
457[+] http://two-elfs.com//videohtml/video128.html
458[+] http://two-elfs.com//videohtml/video128.html
459[+] http://two-elfs.com//videohtml/video127.html
460[+] http://two-elfs.com//videohtml/video127.html
461[+] http://two-elfs.com//videohtml/video126.html
462[+] http://two-elfs.com//videohtml/video126.html
463[+] http://two-elfs.com//videohtml/video125.html
464[+] http://two-elfs.com//videohtml/video125.html
465[+] http://two-elfs.com//videohtml/video124.html
466[+] http://two-elfs.com//videohtml/video124.html
467[+] http://two-elfs.com//videohtml/video123.html
468[+] http://two-elfs.com//videohtml/video123.html
469[+] http://two-elfs.com//videohtml/video122.html
470[+] http://two-elfs.com//videohtml/video122.html
471[+] http://two-elfs.com//videohtml/video121.html
472[+] http://two-elfs.com//videohtml/video121.html
473[+] http://two-elfs.com//videohtml/video120.html
474[+] http://two-elfs.com//videohtml/video120.html
475[+] http://two-elfs.com//videohtml/video119.html
476[+] http://two-elfs.com//videohtml/video119.html
477[+] http://two-elfs.com//videohtml/video118.html
478[+] http://two-elfs.com//videohtml/video118.html
479[+] http://two-elfs.com//videohtml/video117.html
480[+] http://two-elfs.com//videohtml/video117.html
481[+] http://two-elfs.com//videohtml/video116.html
482[+] http://two-elfs.com//videohtml/video116.html
483[+] http://two-elfs.com//videohtml/video115.html
484[+] http://two-elfs.com//videohtml/video115.html
485[+] http://two-elfs.com//videohtml/video114.html
486[+] http://two-elfs.com//videohtml/video114.html
487[+] http://two-elfs.com//videohtml/video113.html
488[+] http://two-elfs.com//videohtml/video113.html
489[+] http://two-elfs.com//videohtml/video112.html
490[+] http://two-elfs.com//videohtml/video112.html
491[+] http://two-elfs.com//videohtml/video111.html
492[+] http://two-elfs.com//videohtml/video111.html
493[+] http://two-elfs.com//videohtml/video110.html
494[+] http://two-elfs.com//videohtml/video110.html
495[+] http://two-elfs.com//videohtml/video109.html
496[+] http://two-elfs.com//videohtml/video109.html
497[+] http://two-elfs.com//videohtml/video108.html
498[+] http://two-elfs.com//videohtml/video108.html
499[+] http://two-elfs.com//videohtml/video107.html
500[+] http://two-elfs.com//videohtml/video107.html
501[+] http://two-elfs.com//videohtml/video106.html
502[+] http://two-elfs.com//videohtml/video106.html
503[+] http://two-elfs.com//videohtml/video105.html
504[+] http://two-elfs.com//videohtml/video105.html
505[+] http://two-elfs.com//videohtml/video104.html
506[+] http://two-elfs.com//videohtml/video104.html
507[+] http://two-elfs.com//videohtml/video103.html
508[+] http://two-elfs.com//videohtml/video103.html
509[+] http://two-elfs.com//videohtml/video102.html
510[+] http://two-elfs.com//videohtml/video102.html
511[+] http://two-elfs.com//videohtml/video101.html
512[+] http://two-elfs.com//videohtml/video101.html
513[+] http://two-elfs.com//videohtml/video100.html
514[+] http://two-elfs.com//videohtml/video100.html
515[+] http://two-elfs.com//videohtml/video099.html
516[+] http://two-elfs.com//videohtml/video099.html
517[+] http://two-elfs.com//videohtml/video098.html
518[+] http://two-elfs.com//videohtml/video098.html
519[+] http://two-elfs.com//videohtml/video097.html
520[+] http://two-elfs.com//videohtml/video097.html
521[+] http://two-elfs.com//videohtml/video096.html
522[+] http://two-elfs.com//videohtml/video096.html
523[+] http://two-elfs.com//videohtml/video095.html
524[+] http://two-elfs.com//videohtml/video095.html
525[+] http://two-elfs.com//videohtml/video094.html
526[+] http://two-elfs.com//videohtml/video094.html
527[+] http://two-elfs.com//videohtml/video093.html
528[+] http://two-elfs.com//videohtml/video093.html
529[+] http://two-elfs.com//videohtml/video092.html
530[+] http://two-elfs.com//videohtml/video092.html
531[+] http://two-elfs.com//videohtml/video091.html
532[+] http://two-elfs.com//videohtml/video091.html
533[+] http://two-elfs.com//videohtml/video090.html
534[+] http://two-elfs.com//videohtml/video090.html
535[+] http://two-elfs.com//videohtml/video089.html
536[+] http://two-elfs.com//videohtml/video089.html
537[+] http://two-elfs.com//videohtml/video088.html
538[+] http://two-elfs.com//videohtml/video088.html
539[+] http://two-elfs.com//videohtml/video087.html
540[+] http://two-elfs.com//videohtml/video087.html
541[+] http://two-elfs.com//videohtml/video086.html
542[+] http://two-elfs.com//videohtml/video086.html
543[+] http://two-elfs.com//videohtml/video085.html
544[+] http://two-elfs.com//videohtml/video085.html
545[+] http://two-elfs.com//videohtml/video084.html
546[+] http://two-elfs.com//videohtml/video084.html
547[+] http://two-elfs.com//videohtml/video083.html
548[+] http://two-elfs.com//videohtml/video083.html
549[+] http://two-elfs.com//videohtml/video082.html
550[+] http://two-elfs.com//videohtml/video082.html
551[+] http://two-elfs.com//videohtml/video081.html
552[+] http://two-elfs.com//videohtml/video081.html
553[+] http://two-elfs.com//videohtml/video080.html
554[+] http://two-elfs.com//videohtml/video080.html
555[+] http://two-elfs.com//videohtml/video079.html
556[+] http://two-elfs.com//videohtml/video079.html
557[+] http://two-elfs.com//videohtml/video078.html
558[+] http://two-elfs.com//videohtml/video078.html
559[+] http://two-elfs.com//videohtml/video077.html
560[+] http://two-elfs.com//videohtml/video077.html
561[+] http://two-elfs.com//videohtml/video076.html
562[+] http://two-elfs.com//videohtml/video076.html
563[+] http://two-elfs.com//videohtml/video075.html
564[+] http://two-elfs.com//videohtml/video075.html
565[+] http://two-elfs.com//videohtml/video074.html
566[+] http://two-elfs.com//videohtml/video074.html
567[+] http://two-elfs.com//videohtml/video073.html
568[+] http://two-elfs.com//videohtml/video073.html
569[+] http://two-elfs.com//videohtml/video072.html
570[+] http://two-elfs.com//videohtml/video072.html
571[+] http://two-elfs.com//videohtml/video071.html
572[+] http://two-elfs.com//videohtml/video071.html
573[+] http://two-elfs.com//videohtml/video070.html
574[+] http://two-elfs.com//videohtml/video070.html
575[+] http://two-elfs.com//videohtml/video069.html
576[+] http://two-elfs.com//videohtml/video069.html
577[+] http://two-elfs.com//videohtml/video068.html
578[+] http://two-elfs.com//videohtml/video068.html
579[+] http://two-elfs.com//videohtml/video067.html
580[+] http://two-elfs.com//videohtml/video067.html
581[+] http://two-elfs.com//videohtml/video066.html
582[+] http://two-elfs.com//videohtml/video066.html
583[+] http://two-elfs.com//videohtml/video065.html
584[+] http://two-elfs.com//videohtml/video065.html
585[+] http://two-elfs.com//videohtml/video064.html
586[+] http://two-elfs.com//videohtml/video064.html
587[+] http://two-elfs.com//videohtml/video063.html
588[+] http://two-elfs.com//videohtml/video063.html
589[+] http://two-elfs.com//videohtml/video062.html
590[+] http://two-elfs.com//videohtml/video062.html
591[+] http://two-elfs.com//videohtml/video061.html
592[+] http://two-elfs.com//videohtml/video061.html
593[+] http://two-elfs.com//videohtml/video060.html
594[+] http://two-elfs.com//videohtml/video060.html
595[+] http://two-elfs.com//videohtml/video059.html
596[+] http://two-elfs.com//videohtml/video059.html
597[+] http://two-elfs.com//videohtml/video058.html
598[+] http://two-elfs.com//videohtml/video058.html
599[+] http://two-elfs.com//videohtml/video057.html
600[+] http://two-elfs.com//videohtml/video057.html
601[+] http://two-elfs.com//videohtml/video056.html
602[+] http://two-elfs.com//videohtml/video056.html
603[+] http://two-elfs.com//videohtml/video055.html
604[+] http://two-elfs.com//videohtml/video055.html
605[+] http://two-elfs.com//videohtml/video054.html
606[+] http://two-elfs.com//videohtml/video054.html
607[+] http://two-elfs.com//videohtml/video053.html
608[+] http://two-elfs.com//videohtml/video053.html
609[+] http://two-elfs.com//videohtml/video052.html
610[+] http://two-elfs.com//videohtml/video052.html
611[+] http://two-elfs.com//videohtml/video051.html
612[+] http://two-elfs.com//videohtml/video051.html
613[+] http://two-elfs.com//videohtml/video050.html
614[+] http://two-elfs.com//videohtml/video050.html
615[+] http://two-elfs.com//videohtml/video049.html
616[+] http://two-elfs.com//videohtml/video049.html
617[+] http://two-elfs.com//videohtml/video048.html
618[+] http://two-elfs.com//videohtml/video048.html
619[+] http://two-elfs.com//videohtml/video047.html
620[+] http://two-elfs.com//videohtml/video047.html
621[+] http://two-elfs.com//videohtml/video046.html
622[+] http://two-elfs.com//videohtml/video046.html
623[+] http://two-elfs.com//videohtml/video045.html
624[+] http://two-elfs.com//videohtml/video045.html
625[+] http://two-elfs.com//videohtml/video044.html
626[+] http://two-elfs.com//videohtml/video044.html
627[+] http://two-elfs.com//videohtml/video043.html
628[+] http://two-elfs.com//videohtml/video043.html
629[+] http://two-elfs.com//videohtml/video042.html
630[+] http://two-elfs.com//videohtml/video042.html
631[+] http://two-elfs.com//videohtml/video041.html
632[+] http://two-elfs.com//videohtml/video041.html
633[+] http://two-elfs.com//videohtml/video040.html
634[+] http://two-elfs.com//videohtml/video040.html
635[+] http://two-elfs.com//videohtml/video039.html
636[+] http://two-elfs.com//videohtml/video039.html
637[+] http://two-elfs.com//videohtml/video038.html
638[+] http://two-elfs.com//videohtml/video038.html
639[+] http://two-elfs.com//videohtml/video037.html
640[+] http://two-elfs.com//videohtml/video037.html
641[+] http://two-elfs.com//videohtml/video036.html
642[+] http://two-elfs.com//videohtml/video036.html
643[+] http://two-elfs.com//videohtml/video035.html
644[+] http://two-elfs.com//videohtml/video035.html
645[+] http://two-elfs.com//videohtml/video034.html
646[+] http://two-elfs.com//videohtml/video034.html
647[+] http://two-elfs.com//videohtml/video033.html
648[+] http://two-elfs.com//videohtml/video033.html
649[+] http://two-elfs.com//videohtml/video032.html
650[+] http://two-elfs.com//videohtml/video032.html
651[+] http://two-elfs.com//videohtml/video031.html
652[+] http://two-elfs.com//videohtml/video031.html
653[+] http://two-elfs.com//videohtml/video030.html
654[+] http://two-elfs.com//videohtml/video030.html
655[+] http://two-elfs.com//videohtml/video029.html
656[+] http://two-elfs.com//videohtml/video029.html
657[+] http://two-elfs.com//videohtml/video028.html
658[+] http://two-elfs.com//videohtml/video028.html
659[+] http://two-elfs.com//videohtml/video027.html
660[+] http://two-elfs.com//videohtml/video027.html
661[+] http://two-elfs.com//videohtml/video026.html
662[+] http://two-elfs.com//videohtml/video026.html
663[+] http://two-elfs.com//videohtml/video025.html
664[+] http://two-elfs.com//videohtml/video025.html
665[+] http://two-elfs.com//videohtml/video024.html
666[+] http://two-elfs.com//videohtml/video024.html
667[+] http://two-elfs.com//videohtml/video023.html
668[+] http://two-elfs.com//videohtml/video023.html
669[+] http://two-elfs.com//videohtml/video022.html
670[+] http://two-elfs.com//videohtml/video022.html
671[+] http://two-elfs.com//videohtml/video021.html
672[+] http://two-elfs.com//videohtml/video021.html
673[+] http://two-elfs.com//videohtml/video020.html
674[+] http://two-elfs.com//videohtml/video020.html
675[+] http://two-elfs.com//videohtml/video019.html
676[+] http://two-elfs.com//videohtml/video019.html
677[+] http://two-elfs.com//videohtml/video018.html
678[+] http://two-elfs.com//videohtml/video018.html
679[+] http://two-elfs.com//videohtml/video017.html
680[+] http://two-elfs.com//videohtml/video017.html
681[+] http://two-elfs.com//videohtml/video016.html
682[+] http://two-elfs.com//videohtml/video016.html
683[+] http://two-elfs.com//videohtml/video015.html
684[+] http://two-elfs.com//videohtml/video015.html
685[+] http://two-elfs.com//videohtml/video014.html
686[+] http://two-elfs.com//videohtml/video014.html
687[+] http://two-elfs.com//videohtml/video013.html
688[+] http://two-elfs.com//videohtml/video013.html
689[+] http://two-elfs.com//videohtml/video012.html
690[+] http://two-elfs.com//videohtml/video012.html
691[+] http://two-elfs.com//videohtml/video011.html
692[+] http://two-elfs.com//videohtml/video011.html
693[+] http://two-elfs.com//videohtml/video010.html
694[+] http://two-elfs.com//videohtml/video010.html
695[+] http://two-elfs.com//videohtml/video009.html
696[+] http://two-elfs.com//videohtml/video009.html
697[+] http://two-elfs.com//videohtml/video008.html
698[+] http://two-elfs.com//videohtml/video008.html
699[+] http://two-elfs.com//videohtml/video007.html
700[+] http://two-elfs.com//videohtml/video007.html
701[+] http://two-elfs.com//videohtml/video006.html
702[+] http://two-elfs.com//videohtml/video006.html
703[+] http://two-elfs.com//videohtml/video005.html
704[+] http://two-elfs.com//videohtml/video005.html
705[+] http://two-elfs.com//videohtml/video004.html
706[+] http://two-elfs.com//videohtml/video004.html
707[+] http://two-elfs.com//videohtml/video003.html
708[+] http://two-elfs.com//videohtml/video003.html
709[+] http://two-elfs.com//videohtml/video002.html
710[+] http://two-elfs.com//videohtml/video002.html
711[+] http://two-elfs.com//videohtml/video001.html
712[+] http://two-elfs.com//videohtml/video001.html
713[+] http://two-elfs.com//members.html
714[+] http://two-elfs.com//support.html
715--------------------------------------------------
716[!] 3 External links Discovered
717[#] http://dreamstudioportal.com/
718[#] http://dreamstudioportal.com/
719[#] http://www4.law.cornell.edu/uscode/18/2256.html
720--------------------------------------------------
721[#] Mapping Subdomain..
722[-] No Any Subdomain Found
723[!] Found 0 Subdomain
724--------------------------------------------------
725[!] Done At 2019-11-06 18:01:33.455604
726######################################################################################################################################
727[i] Scanning Site: http://two-elfs.com
728
729
730
731B A S I C I N F O
732====================
733
734
735[+] Site Title: Two Elfs
736[+] IP address: 94.102.49.234
737[+] Web Server: Apache/2.2.3 (CentOS)
738[+] CMS: Could Not Detect
739[+] Cloudflare: Not Detected
740[+] Robots File: Could NOT Find robots.txt!
741
742
743
744
745W H O I S L O O K U P
746========================
747
748 Domain Name: TWO-ELFS.COM
749 Registry Domain ID: 2085209519_DOMAIN_COM-VRSN
750 Registrar WHOIS Server: whois.internet.bs
751 Registrar URL: http://www.internet.bs
752 Updated Date: 2018-10-10T04:20:58Z
753 Creation Date: 2016-12-27T12:00:50Z
754 Registry Expiry Date: 2019-12-27T12:00:50Z
755 Registrar: Internet Domain Service BS Corp
756 Registrar IANA ID: 2487
757 Registrar Abuse Contact Email:
758 Registrar Abuse Contact Phone:
759 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
760 Name Server: NS-CANADA.TOPDNS.COM
761 Name Server: NS-UK.TOPDNS.COM
762 Name Server: NS-USA.TOPDNS.COM
763 DNSSEC: unsigned
764 URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
765>>> Last update of whois database: 2019-11-06T22:59:51Z <<<
766
767For more information on Whois status codes, please visit https://icann.org/epp
768
769
770
771The Registry database contains ONLY .COM, .NET, .EDU domains and
772Registrars.
773
774
775
776
777G E O I P L O O K U P
778=========================
779
780[i] IP Address: 94.102.49.234
781[i] Country: Netherlands
782[i] State:
783[i] City:
784[i] Latitude: 52.3824
785[i] Longitude: 4.8995
786
787
788
789
790H T T P H E A D E R S
791=======================
792
793
794[i] HTTP/1.1 200 OK
795[i] Date: Wed, 06 Nov 2019 23:00:06 GMT
796[i] Server: Apache/2.2.3 (CentOS)
797[i] X-Powered-By: PHP/5.3.3
798[i] Connection: close
799[i] Content-Type: text/html; charset=UTF-8
800
801
802
803
804D N S L O O K U P
805===================
806
807two-elfs.com. 7199 IN SOA ns-canada.topdns.com. hostmaster.topdns.com. 2019110603 43200 900 1209600 3600
808two-elfs.com. 3599 IN NS ns-usa.topdns.com.
809two-elfs.com. 3599 IN NS ns-uk.topdns.com.
810two-elfs.com. 3599 IN NS ns-canada.topdns.com.
811two-elfs.com. 3599 IN A 94.102.49.234
812two-elfs.com. 3599 IN MX 0 mail.teensagency.info.
813
814
815
816
817S U B N E T C A L C U L A T I O N
818====================================
819
820Address = 94.102.49.234
821Network = 94.102.49.234 / 32
822Netmask = 255.255.255.255
823Broadcast = not needed on Point-to-Point links
824Wildcard Mask = 0.0.0.0
825Hosts Bits = 0
826Max. Hosts = 1 (2^0 - 0)
827Host Range = { 94.102.49.234 - 94.102.49.234 }
828
829
830
831N M A P P O R T S C A N
832============================
833
834Starting Nmap 7.70 ( https://nmap.org ) at 2019-11-06 23:00 UTC
835Nmap scan report for two-elfs.com (94.102.49.234)
836Host is up (0.084s latency).
837rDNS record for 94.102.49.234: no-reverse-dns-configured.com
838
839PORT STATE SERVICE
84021/tcp open ftp
84122/tcp open ssh
84223/tcp closed telnet
84380/tcp open http
844110/tcp closed pop3
845143/tcp closed imap
846443/tcp closed https
8473389/tcp closed ms-wbt-server
848
849Nmap done: 1 IP address (1 host up) scanned in 0.37 seconds
850
851
852
853S U B - D O M A I N F I N D E R
854==================================
855
856
857[i] Total Subdomains Found : 1
858
859[+] Subdomain: www.two-elfs.com
860[-] IP: 94.102.49.234
861######################################################################################################################################
862[INFO] ------TARGET info------
863[*] TARGET: http://two-elfs.com/
864[*] TARGET IP: 94.102.49.234
865[INFO] NO load balancer detected for two-elfs.com...
866[*] DNS servers: ns-canada.topdns.com.
867[*] TARGET server: Apache/2.2.3 (CentOS)
868[*] CC: NL
869[*] Country: Netherlands
870[*] RegionCode: NH
871[*] RegionName: North Holland
872[*] City: Amsterdam
873[*] ASN: AS202425
874[*] BGP_PREFIX: 94.102.49.0/24
875[*] ISP: INT-NETWORK IP Volume inc, SC
876[INFO] DNS enumeration:
877[INFO] Possible abuse mails are:
878[*] abuse@ecatel.net
879[*] abuse@gblx.net
880[*] abuse@two-elfs.com
881[*] noc@ecatel.net
882[*] postmaster@ecatel.net
883[INFO] NO PAC (Proxy Auto Configuration) file FOUND
884[INFO] Starting FUZZing in http://two-elfs.com/FUzZzZzZzZz...
885[INFO] Status code Folders
886[*] 200 http://two-elfs.com/images
887[ALERT] Look in the source code. It may contain passwords
888[INFO] Links found from http://two-elfs.com/ http://94.102.49.234/:
889[*] http://dreamstudioportal.com/
890[*] http://two-elfs.com/
891[*] http://two-elfs.com/members.html
892[*] http://two-elfs.com/support.html
893[*] http://two-elfs.com/videohtml/video001.html
894[*] http://two-elfs.com/videohtml/video002.html
895[*] http://two-elfs.com/videohtml/video003.html
896[*] http://two-elfs.com/videohtml/video004.html
897[*] http://two-elfs.com/videohtml/video005.html
898[*] http://two-elfs.com/videohtml/video006.html
899[*] http://two-elfs.com/videohtml/video007.html
900[*] http://two-elfs.com/videohtml/video008.html
901[*] http://two-elfs.com/videohtml/video009.html
902[*] http://two-elfs.com/videohtml/video010.html
903[*] http://two-elfs.com/videohtml/video011.html
904[*] http://two-elfs.com/videohtml/video012.html
905[*] http://two-elfs.com/videohtml/video013.html
906[*] http://two-elfs.com/videohtml/video014.html
907[*] http://two-elfs.com/videohtml/video015.html
908[*] http://two-elfs.com/videohtml/video016.html
909[*] http://two-elfs.com/videohtml/video017.html
910[*] http://two-elfs.com/videohtml/video018.html
911[*] http://two-elfs.com/videohtml/video019.html
912[*] http://two-elfs.com/videohtml/video020.html
913[*] http://two-elfs.com/videohtml/video021.html
914[*] http://two-elfs.com/videohtml/video022.html
915[*] http://two-elfs.com/videohtml/video023.html
916[*] http://two-elfs.com/videohtml/video024.html
917[*] http://two-elfs.com/videohtml/video025.html
918[*] http://two-elfs.com/videohtml/video026.html
919[*] http://two-elfs.com/videohtml/video027.html
920[*] http://two-elfs.com/videohtml/video028.html
921[*] http://two-elfs.com/videohtml/video029.html
922[*] http://two-elfs.com/videohtml/video030.html
923[*] http://two-elfs.com/videohtml/video031.html
924[*] http://two-elfs.com/videohtml/video032.html
925[*] http://two-elfs.com/videohtml/video033.html
926[*] http://two-elfs.com/videohtml/video034.html
927[*] http://two-elfs.com/videohtml/video035.html
928[*] http://two-elfs.com/videohtml/video036.html
929[*] http://two-elfs.com/videohtml/video037.html
930[*] http://two-elfs.com/videohtml/video038.html
931[*] http://two-elfs.com/videohtml/video039.html
932[*] http://two-elfs.com/videohtml/video040.html
933[*] http://two-elfs.com/videohtml/video041.html
934[*] http://two-elfs.com/videohtml/video042.html
935[*] http://two-elfs.com/videohtml/video043.html
936[*] http://two-elfs.com/videohtml/video044.html
937[*] http://two-elfs.com/videohtml/video045.html
938[*] http://two-elfs.com/videohtml/video046.html
939[*] http://two-elfs.com/videohtml/video047.html
940[*] http://two-elfs.com/videohtml/video048.html
941[*] http://two-elfs.com/videohtml/video049.html
942[*] http://two-elfs.com/videohtml/video050.html
943[*] http://two-elfs.com/videohtml/video051.html
944[*] http://two-elfs.com/videohtml/video052.html
945[*] http://two-elfs.com/videohtml/video053.html
946[*] http://two-elfs.com/videohtml/video054.html
947[*] http://two-elfs.com/videohtml/video055.html
948[*] http://two-elfs.com/videohtml/video056.html
949[*] http://two-elfs.com/videohtml/video057.html
950[*] http://two-elfs.com/videohtml/video058.html
951[*] http://two-elfs.com/videohtml/video059.html
952[*] http://two-elfs.com/videohtml/video060.html
953[*] http://two-elfs.com/videohtml/video061.html
954[*] http://two-elfs.com/videohtml/video062.html
955[*] http://two-elfs.com/videohtml/video063.html
956[*] http://two-elfs.com/videohtml/video064.html
957[*] http://two-elfs.com/videohtml/video065.html
958[*] http://two-elfs.com/videohtml/video066.html
959[*] http://two-elfs.com/videohtml/video067.html
960[*] http://two-elfs.com/videohtml/video068.html
961[*] http://two-elfs.com/videohtml/video069.html
962[*] http://two-elfs.com/videohtml/video070.html
963[*] http://two-elfs.com/videohtml/video071.html
964[*] http://two-elfs.com/videohtml/video072.html
965[*] http://two-elfs.com/videohtml/video073.html
966[*] http://two-elfs.com/videohtml/video074.html
967[*] http://two-elfs.com/videohtml/video075.html
968[*] http://two-elfs.com/videohtml/video076.html
969[*] http://two-elfs.com/videohtml/video077.html
970[*] http://two-elfs.com/videohtml/video078.html
971[*] http://two-elfs.com/videohtml/video079.html
972[*] http://two-elfs.com/videohtml/video080.html
973[*] http://two-elfs.com/videohtml/video081.html
974[*] http://two-elfs.com/videohtml/video082.html
975[*] http://two-elfs.com/videohtml/video083.html
976[*] http://two-elfs.com/videohtml/video084.html
977[*] http://two-elfs.com/videohtml/video085.html
978[*] http://two-elfs.com/videohtml/video086.html
979[*] http://two-elfs.com/videohtml/video087.html
980[*] http://two-elfs.com/videohtml/video088.html
981[*] http://two-elfs.com/videohtml/video089.html
982[*] http://two-elfs.com/videohtml/video090.html
983[*] http://two-elfs.com/videohtml/video091.html
984[*] http://two-elfs.com/videohtml/video092.html
985[*] http://two-elfs.com/videohtml/video093.html
986[*] http://two-elfs.com/videohtml/video094.html
987[*] http://two-elfs.com/videohtml/video095.html
988[*] http://two-elfs.com/videohtml/video096.html
989[*] http://two-elfs.com/videohtml/video097.html
990[*] http://two-elfs.com/videohtml/video098.html
991[*] http://two-elfs.com/videohtml/video099.html
992[*] http://two-elfs.com/videohtml/video100.html
993[*] http://two-elfs.com/videohtml/video101.html
994[*] http://two-elfs.com/videohtml/video102.html
995[*] http://two-elfs.com/videohtml/video103.html
996[*] http://two-elfs.com/videohtml/video104.html
997[*] http://two-elfs.com/videohtml/video105.html
998[*] http://two-elfs.com/videohtml/video106.html
999[*] http://two-elfs.com/videohtml/video107.html
1000[*] http://two-elfs.com/videohtml/video108.html
1001[*] http://two-elfs.com/videohtml/video109.html
1002[*] http://two-elfs.com/videohtml/video110.html
1003[*] http://two-elfs.com/videohtml/video111.html
1004[*] http://two-elfs.com/videohtml/video112.html
1005[*] http://two-elfs.com/videohtml/video113.html
1006[*] http://two-elfs.com/videohtml/video114.html
1007[*] http://two-elfs.com/videohtml/video115.html
1008[*] http://two-elfs.com/videohtml/video116.html
1009[*] http://two-elfs.com/videohtml/video117.html
1010[*] http://two-elfs.com/videohtml/video118.html
1011[*] http://two-elfs.com/videohtml/video119.html
1012[*] http://two-elfs.com/videohtml/video120.html
1013[*] http://two-elfs.com/videohtml/video121.html
1014[*] http://two-elfs.com/videohtml/video122.html
1015[*] http://two-elfs.com/videohtml/video123.html
1016[*] http://two-elfs.com/videohtml/video124.html
1017[*] http://two-elfs.com/videohtml/video125.html
1018[*] http://two-elfs.com/videohtml/video126.html
1019[*] http://two-elfs.com/videohtml/video127.html
1020[*] http://two-elfs.com/videohtml/video128.html
1021[*] http://two-elfs.com/videohtml/video129.html
1022[*] http://two-elfs.com/videohtml/video130.html
1023[*] http://two-elfs.com/videohtml/video131.html
1024[*] http://two-elfs.com/videohtml/video132.html
1025[*] http://two-elfs.com/videohtml/video133.html
1026[*] http://two-elfs.com/videohtml/video134.html
1027[*] http://two-elfs.com/videohtml/video135.html
1028[*] http://two-elfs.com/videohtml/video136.html
1029[*] http://two-elfs.com/videohtml/video137.html
1030[*] http://two-elfs.com/videohtml/video138.html
1031[*] http://two-elfs.com/videohtml/video139.html
1032[*] http://two-elfs.com/videohtml/video140.html
1033[*] http://two-elfs.com/videohtml/video141.html
1034[*] http://two-elfs.com/videohtml/video142.html
1035[*] http://two-elfs.com/videohtml/video143.html
1036[*] http://two-elfs.com/videohtml/video144.html
1037[*] http://two-elfs.com/videohtml/video145.html
1038[*] http://two-elfs.com/videohtml/video146.html
1039[*] http://two-elfs.com/videohtml/video147.html
1040[*] http://two-elfs.com/videohtml/video148.html
1041[*] http://two-elfs.com/videohtml/video149.html
1042[*] http://two-elfs.com/videohtml/video150.html
1043[*] http://two-elfs.com/videohtml/video151.html
1044[*] http://two-elfs.com/videohtml/video152.html
1045[*] http://two-elfs.com/videohtml/video153.html
1046[*] http://two-elfs.com/videohtml/video154.html
1047[*] http://two-elfs.com/videohtml/video155.html
1048[*] http://two-elfs.com/videohtml/video156.html
1049[*] http://two-elfs.com/videohtml/video157.html
1050[*] http://two-elfs.com/videohtml/video158.html
1051[*] http://www4.law.cornell.edu/uscode/18/2256.html
1052[INFO] GOOGLE has 1,670,000 results (0.18 seconds) about http://two-elfs.com/
1053[INFO] Shodan detected the following opened ports on 94.102.49.234:
1054[*] 111
1055[*] 123
1056[*] 2007
1057[*] 21
1058[*] 3306
1059[*] 6423
1060[*] 80
1061[INFO] ------VirusTotal SECTION------
1062[INFO] VirusTotal passive DNS only stores address records. The following domains resolved to the given IP address:
1063[INFO] Latest URLs hosted in this IP address detected by at least one URL scanner or malicious URL dataset:
1064[INFO] Latest files that are not detected by any antivirus solution and were downloaded by VirusTotal from the IP address provided:
1065[INFO] ------Alexa Rank SECTION------
1066[INFO] Percent of Visitors Rank in Country:
1067[INFO] Percent of Search Traffic:
1068[INFO] Percent of Unique Visits:
1069[INFO] Total Sites Linking In:
1070[*] Total Sites
1071[INFO] Useful links related to two-elfs.com - 94.102.49.234:
1072[*] https://www.virustotal.com/pt/ip-address/94.102.49.234/information/
1073[*] https://www.hybrid-analysis.com/search?host=94.102.49.234
1074[*] https://www.shodan.io/host/94.102.49.234
1075[*] https://www.senderbase.org/lookup/?search_string=94.102.49.234
1076[*] https://www.alienvault.com/open-threat-exchange/ip/94.102.49.234
1077[*] http://pastebin.com/search?q=94.102.49.234
1078[*] http://urlquery.net/search.php?q=94.102.49.234
1079[*] http://www.alexa.com/siteinfo/two-elfs.com
1080[*] http://www.google.com/safebrowsing/diagnostic?site=two-elfs.com
1081[*] https://censys.io/ipv4/94.102.49.234
1082[*] https://www.abuseipdb.com/check/94.102.49.234
1083[*] https://urlscan.io/search/#94.102.49.234
1084[*] https://github.com/search?q=94.102.49.234&type=Code
1085[INFO] Useful links related to AS202425 - 94.102.49.0/24:
1086[*] http://www.google.com/safebrowsing/diagnostic?site=AS:202425
1087[*] https://www.senderbase.org/lookup/?search_string=94.102.49.0/24
1088[*] http://bgp.he.net/AS202425
1089[*] https://stat.ripe.net/AS202425
1090[INFO] Date: 06/11/19 | Time: 18:01:27
1091[INFO] Total time: 1 minute(s) and 4 second(s)
1092#######################################################################################################################################
1093Trying "two-elfs.com"
1094;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17783
1095;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 3, ADDITIONAL: 6
1096
1097;; QUESTION SECTION:
1098;two-elfs.com. IN ANY
1099
1100;; ANSWER SECTION:
1101two-elfs.com. 3600 IN MX 0 mail.teensagency.info.
1102two-elfs.com. 3600 IN A 94.102.49.234
1103two-elfs.com. 7200 IN SOA ns-canada.topdns.com. hostmaster.topdns.com. 2019110603 43200 900 1209600 3600
1104two-elfs.com. 3600 IN NS ns-usa.topdns.com.
1105two-elfs.com. 3600 IN NS ns-canada.topdns.com.
1106two-elfs.com. 3600 IN NS ns-uk.topdns.com.
1107
1108;; AUTHORITY SECTION:
1109two-elfs.com. 3600 IN NS ns-uk.topdns.com.
1110two-elfs.com. 3600 IN NS ns-canada.topdns.com.
1111two-elfs.com. 3600 IN NS ns-usa.topdns.com.
1112
1113;; ADDITIONAL SECTION:
1114ns-usa.topdns.com. 29045 IN A 85.159.232.241
1115ns-usa.topdns.com. 29045 IN A 108.61.12.163
1116ns-usa.topdns.com. 29045 IN A 46.166.189.99
1117ns-uk.topdns.com. 29045 IN A 108.61.150.91
1118ns-uk.topdns.com. 29045 IN A 77.247.183.137
1119ns-canada.topdns.com. 35574 IN A 109.201.142.225
1120
1121Received 340 bytes from 2001:18c0:121:6900:724f:b8ff:fefd:5b6a#53 in 62 ms
1122#######################################################################################################################################
1123; <<>> DiG 9.11.5-P4-5.1+b1-Debian <<>> +trace two-elfs.com
1124;; global options: +cmd
1125. 83402 IN NS d.root-servers.net.
1126. 83402 IN NS j.root-servers.net.
1127. 83402 IN NS e.root-servers.net.
1128. 83402 IN NS h.root-servers.net.
1129. 83402 IN NS l.root-servers.net.
1130. 83402 IN NS a.root-servers.net.
1131. 83402 IN NS g.root-servers.net.
1132. 83402 IN NS f.root-servers.net.
1133. 83402 IN NS c.root-servers.net.
1134. 83402 IN NS m.root-servers.net.
1135. 83402 IN NS k.root-servers.net.
1136. 83402 IN NS b.root-servers.net.
1137. 83402 IN NS i.root-servers.net.
1138. 83402 IN RRSIG NS 8 0 518400 20191119210000 20191106200000 22545 . eCn13ozsFuoDWgFQmWan0OJhG1mS4F+IcWNeXRA+L9Hsi/C+h5CMZxIB E8BYdFxZBXcX8j+qj58cllNP1QYBh8BzQ8CAB4Fa+CgL7L0m7UpVd2sw WV8vu3Y7oLKGQkCFOjtpUZp30Z/M1USNVCX9C03PkrTdYDB1WXR6TLb3 mjbnc61RO/1X4CdZk6SfQ4U4zcCUOhWP4OKu3yyOfp74ns62BdeCnEbJ C7W0jCTAWwN4EM2IJ8hW/g8m+zGLm1u+E6ZCzGhfzBSV3FsmwREBMqvD prwbEF5OvyZ4m0xuUJhJ07JkjydTy7SLk93Mkks6PpmPU8pOzc+DpYc/ s53+oQ==
1139;; Received 525 bytes from 185.93.180.131#53(185.93.180.131) in 166 ms
1140
1141com. 172800 IN NS a.gtld-servers.net.
1142com. 172800 IN NS b.gtld-servers.net.
1143com. 172800 IN NS c.gtld-servers.net.
1144com. 172800 IN NS d.gtld-servers.net.
1145com. 172800 IN NS e.gtld-servers.net.
1146com. 172800 IN NS f.gtld-servers.net.
1147com. 172800 IN NS g.gtld-servers.net.
1148com. 172800 IN NS h.gtld-servers.net.
1149com. 172800 IN NS i.gtld-servers.net.
1150com. 172800 IN NS j.gtld-servers.net.
1151com. 172800 IN NS k.gtld-servers.net.
1152com. 172800 IN NS l.gtld-servers.net.
1153com. 172800 IN NS m.gtld-servers.net.
1154com. 86400 IN DS 30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766
1155com. 86400 IN RRSIG DS 8 1 86400 20191119210000 20191106200000 22545 . p/LPpuTvDvBKWRnj5Z6zKQZut8QMvUQ0UwthrB/l5gujAd1XjOS3k2dx j/NIBdOLWWrUq6EXPprcLgwtE0GycDg8QpRnmEDMMJGqrlry/5v3Jc4c qXWTux0eBjhOccBypchgwJMe2gcRkFhDWHAQpL+J5Kic5ZiFmAVgZoIe 9CMDsouaxw/rIsk9gLoHxbaw8mBZNSgqMC+bNlJpy+KYrhdZcCmAqNYR Gpphuf9YyPuFTDeQxiPJS5NKG2RQwwZp1vxBuCKAx/5fz0VcPw8GAc0Z JKfa0htejRakSMLZdBEw58wz0aTCMmteotNIv5UpvwalRtGuan40dvvl lmtAWA==
1156;; Received 1172 bytes from 2001:500:2d::d#53(d.root-servers.net) in 23 ms
1157
1158two-elfs.com. 172800 IN NS ns-canada.topdns.com.
1159two-elfs.com. 172800 IN NS ns-usa.topdns.com.
1160two-elfs.com. 172800 IN NS ns-uk.topdns.com.
1161CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0Q1GIN43N1ARRC9OSM6QPQR81H5M9A NS SOA RRSIG DNSKEY NSEC3PARAM
1162CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400 20191111054902 20191104043902 12163 com. IPljNLvJUQK32CDrTmP6SphTpn9Lry8DIh1AhVAH9OP1Vzzb4cNAt+lp 4VM/ryvT9uav9AQDi6h7csbN6duoBp4ErG2PmvN48C4SAyD8EvYyVJUy PAUmMrxdr6w/y7dctSvuQfbCy/ufFfzmufs9sTBvJr76AAcBgRlgFQXi korMyiVWJK5lRYT/2Cb6i3SJCJk5fMy3PDdEwYFrbeyEsA==
11631H97S982J4RI29PRI9RSP6R5CFFT2ST9.com. 86400 IN NSEC3 1 1 0 - 1H99PNK94FE4QAHATD04E1FJJM6IFN2K NS DS RRSIG
11641H97S982J4RI29PRI9RSP6R5CFFT2ST9.com. 86400 IN RRSIG NSEC3 8 2 86400 20191110065338 20191103044338 12163 com. ECtitNHuUBigSptBJHUj3USwkCAr7d15gtbvGrUs1/XCoxuw9vVbb1FQ EDaBXREHTi04WLnLns+IMb0eg3/c82mV7q1bxJ+9SLo9WZErwOxXeYRA TEKCbCpm4/SMVqdpWh/da9s076ukeyo1KFoaiE0mS8j9dyOpU/X54y+L BPfAlv4ggrb3xqSYrr0zc7ABIm5b/UZ5KHT4Cl/3T9Il2g==
1165;; Received 758 bytes from 2001:503:eea3::30#53(g.gtld-servers.net) in 103 ms
1166
1167two-elfs.com. 3600 IN A 94.102.49.234
1168two-elfs.com. 3600 IN NS ns-canada.topdns.com.
1169two-elfs.com. 3600 IN NS ns-usa.topdns.com.
1170two-elfs.com. 3600 IN NS ns-uk.topdns.com.
1171;; Received 129 bytes from 46.166.189.99#53(ns-usa.topdns.com) in 165 ms
1172#######################################################################################################################################
1173[*] Performing General Enumeration of Domain: two-elfs.com
1174[-] DNSSEC is not configured for two-elfs.com
1175[*] SOA ns-canada.topdns.com 109.201.142.225
1176[*] NS ns-uk.topdns.com 77.247.183.137
1177[*] NS ns-uk.topdns.com 108.61.150.91
1178[*] NS ns-canada.topdns.com 109.201.142.225
1179[*] NS ns-usa.topdns.com 85.159.232.241
1180[*] NS ns-usa.topdns.com 46.166.189.99
1181[*] NS ns-usa.topdns.com 108.61.12.163
1182[*] MX mail.teensagency.info 95.211.225.130
1183[*] A two-elfs.com 94.102.49.234
1184[*] Enumerating SRV Records
1185[-] No SRV Records Found for two-elfs.com
1186[+] 0 Records Found
1187#######################################################################################################################################
1188[*] Processing domain two-elfs.com
1189[*] Using system resolvers ['185.93.180.131', '194.187.251.67', '38.132.106.139', '192.168.0.1', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a']
1190[+] Getting nameservers
119177.247.183.137 - ns-uk.topdns.com
1192108.61.150.91 - ns-uk.topdns.com
1193109.201.142.225 - ns-canada.topdns.com
119485.159.232.241 - ns-usa.topdns.com
119546.166.189.99 - ns-usa.topdns.com
1196108.61.12.163 - ns-usa.topdns.com
1197[-] Zone transfer failed
1198
1199[+] MX records found, added to target list
12000 mail.teensagency.info.
1201
1202[*] Scanning two-elfs.com for A records
120394.102.49.234 - two-elfs.com
120494.102.49.234 - members.two-elfs.com
120594.102.49.234 - www.two-elfs.com
1206#######################################################################################################################################
1207
1208Domains still to check: 1
1209 Checking if the hostname two-elfs.com. given is in fact a domain...
1210
1211Analyzing domain: two-elfs.com.
1212 Checking NameServers using system default resolver...
1213 IP: 77.247.183.137 (Netherlands)
1214 HostName: ns-uk.topdns.com Type: NS
1215 HostName: ns-uk.topdns.com Type: PTR
1216 IP: 108.61.150.91 (United States)
1217 HostName: ns-uk.topdns.com Type: NS
1218 IP: 109.201.142.225 (Netherlands)
1219 HostName: ns-canada.topdns.com Type: NS
1220 HostName: ns-canada.topdns.com Type: PTR
1221 IP: 85.159.232.241 (Netherlands)
1222 HostName: ns-usa.topdns.com Type: NS
1223 HostName: ns-usa.topdns.com Type: PTR
1224 IP: 46.166.189.99 (Netherlands)
1225 HostName: ns-usa.topdns.com Type: NS
1226 HostName: ns-usa.topdns.com Type: PTR
1227 IP: 108.61.12.163 (United States)
1228 HostName: ns-usa.topdns.com Type: NS
1229 HostName: ns-usa.topdns.com Type: PTR
1230
1231 Checking MailServers using system default resolver...
1232 IP: 95.211.225.130 (Netherlands)
1233 HostName: mail.teensagency.info Type: MX
1234 HostName: hosted-by.codewavetech.com Type: PTR
1235
1236 Checking the zone transfer for each NS... (if this takes more than 10 seconds, just hit CTRL-C and it will continue. Bug in the libs)
1237 No zone transfer found on nameserver 46.166.189.99
1238 No zone transfer found on nameserver 77.247.183.137
1239 No zone transfer found on nameserver 108.61.150.91
1240 No zone transfer found on nameserver 85.159.232.241
1241 No zone transfer found on nameserver 108.61.12.163
1242 No zone transfer found on nameserver 109.201.142.225
1243
1244 Checking SPF record...
1245 No SPF record
1246
1247 Checking 192 most common hostnames using system default resolver...
1248 IP: 94.102.49.234 (Netherlands)
1249 HostName: www.two-elfs.com. Type: A
1250
1251 Checking with nmap the reverse DNS hostnames of every <ip>/24 netblock using system default resolver...
1252 Checking netblock 46.166.189.0
1253 Checking netblock 77.247.183.0
1254 Checking netblock 108.61.150.0
1255 Checking netblock 94.102.49.0
1256 Checking netblock 85.159.232.0
1257 Checking netblock 108.61.12.0
1258 Checking netblock 95.211.225.0
1259 Checking netblock 109.201.142.0
1260
1261 Searching for two-elfs.com. emails in Google
1262
1263 Checking 8 active hosts using nmap... (nmap -sn -n -v -PP -PM -PS80,25 -PA -PY -PU53,40125 -PE --reason <ip> -oA <output_directory>/nmap/<ip>.sn)
1264 Host 46.166.189.99 is up (reset ttl 64)
1265 Host 77.247.183.137 is up (reset ttl 64)
1266 Host 108.61.150.91 is up (reset ttl 64)
1267 Host 94.102.49.234 is up (reset ttl 64)
1268 Host 85.159.232.241 is up (reset ttl 64)
1269 Host 108.61.12.163 is up (reset ttl 64)
1270 Host 95.211.225.130 is up (reset ttl 64)
1271 Host 109.201.142.225 is up (reset ttl 64)
1272
1273 Checking ports on every active host using nmap... (nmap -O --reason --webxml --traceroute -sS -sV -sC -Pn -n -v -F <ip> -oA <output_directory>/nmap/<ip>)
1274 Scanning ip 46.166.189.99 (ns-usa.topdns.com (PTR)):
1275 22/tcp open ssh syn-ack ttl 55 OpenSSH 6.6.1 (protocol 2.0)
1276 | ssh-hostkey:
1277 | 2048 3e:9b:17:eb:0e:78:d7:87:fe:6d:0f:89:56:0a:0d:f2 (RSA)
1278 | 256 d5:92:e1:08:d8:a4:ad:ff:42:dd:36:18:7d:5d:a6:b7 (ECDSA)
1279 |_ 256 41:bf:fa:36:51:3f:5b:1d:45:7c:6a:a4:6a:39:c6:85 (ED25519)
1280 53/tcp open domain? syn-ack ttl 55
1281 | dns-nsid:
1282 | NSID: \xBB\xCC (bbcc)
1283 |_ id.server: srv502
1284 | fingerprint-strings:
1285 | DNSVersionBindReqTCP:
1286 | version
1287 |_ bind
1288 80/tcp open http syn-ack ttl 55 nginx
1289 | http-methods:
1290 |_ Supported Methods: GET POST
1291 |_http-title: Did not follow redirect to http://www.topdns.com
1292 3306/tcp open mysql syn-ack ttl 55 MariaDB (unauthorized)
1293 5666/tcp open tcpwrapped syn-ack ttl 55
1294 Scanning ip 77.247.183.137 (ns-uk.topdns.com (PTR)):
1295 22/tcp open ssh syn-ack ttl 55 OpenSSH 5.3 (protocol 2.0)
1296 | ssh-hostkey:
1297 | 1024 e1:b1:01:f1:e8:7a:11:7e:86:22:52:00:f9:31:ed:4b (DSA)
1298 |_ 2048 17:d7:fd:6c:9d:d7:e7:ee:92:46:67:6a:a8:95:12:93 (RSA)
1299 | vulners:
1300 | cpe:/a:openbsd:openssh:5.3:
1301 | CVE-2014-1692 7.5 https://vulners.com/cve/CVE-2014-1692
1302 | CVE-2010-4478 7.5 https://vulners.com/cve/CVE-2010-4478
1303 | CVE-2017-15906 5.0 https://vulners.com/cve/CVE-2017-15906
1304 | CVE-2016-10708 5.0 https://vulners.com/cve/CVE-2016-10708
1305 | CVE-2010-5107 5.0 https://vulners.com/cve/CVE-2010-5107
1306 | CVE-2016-0777 4.0 https://vulners.com/cve/CVE-2016-0777
1307 | CVE-2010-4755 4.0 https://vulners.com/cve/CVE-2010-4755
1308 | CVE-2012-0814 3.5 https://vulners.com/cve/CVE-2012-0814
1309 | CVE-2011-5000 3.5 https://vulners.com/cve/CVE-2011-5000
1310 |_ CVE-2011-4327 2.1 https://vulners.com/cve/CVE-2011-4327
1311 53/tcp open domain? syn-ack ttl 55
1312 | dns-nsid:
1313 |_ id.server: unidentified server
1314 | fingerprint-strings:
1315 | DNSVersionBindReqTCP:
1316 | version
1317 |_ bind
1318 111/tcp open rpcbind syn-ack ttl 55 2-4 (RPC #100000)
1319 | rpcinfo:
1320 | program version port/proto service
1321 | 100000 2,3,4 111/tcp rpcbind
1322 | 100000 2,3,4 111/udp rpcbind
1323 | 100000 3,4 111/tcp6 rpcbind
1324 | 100000 3,4 111/udp6 rpcbind
1325 | 100024 1 39924/udp status
1326 | 100024 1 42428/tcp6 status
1327 | 100024 1 50513/udp6 status
1328 |_ 100024 1 54369/tcp status
1329 3306/tcp open mysql syn-ack ttl 55 MariaDB (unauthorized)
1330 5666/tcp open tcpwrapped syn-ack ttl 55
1331 Scanning ip 108.61.150.91 (ns-uk.topdns.com):
1332 22/tcp open ssh syn-ack ttl 48 OpenSSH 5.3 (protocol 2.0)
1333 | ssh-hostkey:
1334 | 1024 fc:b2:4d:63:17:c6:24:d3:9e:16:5a:2e:d5:85:26:9a (DSA)
1335 |_ 2048 75:a8:59:a3:c9:c4:23:c7:43:e6:96:3f:db:d5:77:bc (RSA)
1336 | vulners:
1337 | cpe:/a:openbsd:openssh:5.3:
1338 | CVE-2014-1692 7.5 https://vulners.com/cve/CVE-2014-1692
1339 | CVE-2010-4478 7.5 https://vulners.com/cve/CVE-2010-4478
1340 | CVE-2017-15906 5.0 https://vulners.com/cve/CVE-2017-15906
1341 | CVE-2016-10708 5.0 https://vulners.com/cve/CVE-2016-10708
1342 | CVE-2010-5107 5.0 https://vulners.com/cve/CVE-2010-5107
1343 | CVE-2016-0777 4.0 https://vulners.com/cve/CVE-2016-0777
1344 | CVE-2010-4755 4.0 https://vulners.com/cve/CVE-2010-4755
1345 | CVE-2012-0814 3.5 https://vulners.com/cve/CVE-2012-0814
1346 | CVE-2011-5000 3.5 https://vulners.com/cve/CVE-2011-5000
1347 |_ CVE-2011-4327 2.1 https://vulners.com/cve/CVE-2011-4327
1348 53/tcp open domain? syn-ack ttl 48
1349 | dns-nsid:
1350 |_ id.server: unknown
1351 | fingerprint-strings:
1352 | DNSVersionBindReqTCP:
1353 | version
1354 |_ bind
1355 Scanning ip 94.102.49.234 (www.two-elfs.com.):
1356 21/tcp open ftp syn-ack ttl 52 vsftpd 2.0.5
1357 22/tcp open tcpwrapped syn-ack ttl 52
1358 |_ssh-hostkey: ERROR: Script execution failed (use -d to debug)
1359 80/tcp open http syn-ack ttl 52 Apache httpd 2.2.3
1360 | http-methods:
1361 | Supported Methods: GET HEAD POST OPTIONS TRACE
1362 |_ Potentially risky methods: TRACE
1363 |_http-server-header: Apache/2.2.3 (CentOS)
1364 |_http-title: 404 Not Found
1365 | vulners:
1366 | cpe:/a:apache:http_server:2.2.3:
1367 | CVE-2010-0425 10.0 https://vulners.com/cve/CVE-2010-0425
1368 | CVE-2011-3192 7.8 https://vulners.com/cve/CVE-2011-3192
1369 | CVE-2007-6423 7.8 https://vulners.com/cve/CVE-2007-6423
1370 | CVE-2017-7679 7.5 https://vulners.com/cve/CVE-2017-7679
1371 | CVE-2017-7668 7.5 https://vulners.com/cve/CVE-2017-7668
1372 | CVE-2017-3169 7.5 https://vulners.com/cve/CVE-2017-3169
1373 | CVE-2017-3167 7.5 https://vulners.com/cve/CVE-2017-3167
1374 | CVE-2013-2249 7.5 https://vulners.com/cve/CVE-2013-2249
1375 | CVE-2009-1891 7.1 https://vulners.com/cve/CVE-2009-1891
1376 | CVE-2009-1890 7.1 https://vulners.com/cve/CVE-2009-1890
1377 | CVE-2012-0883 6.9 https://vulners.com/cve/CVE-2012-0883
1378 | CVE-2018-1312 6.8 https://vulners.com/cve/CVE-2018-1312
1379 | CVE-2006-4154 6.8 https://vulners.com/cve/CVE-2006-4154
1380 | CVE-2007-1741 6.2 https://vulners.com/cve/CVE-2007-1741
1381 | CVE-2013-1862 5.1 https://vulners.com/cve/CVE-2013-1862
1382 | CVE-2014-0231 5.0 https://vulners.com/cve/CVE-2014-0231
1383 | CVE-2014-0098 5.0 https://vulners.com/cve/CVE-2014-0098
1384 | CVE-2013-6438 5.0 https://vulners.com/cve/CVE-2013-6438
1385 | CVE-2011-3368 5.0 https://vulners.com/cve/CVE-2011-3368
1386 | CVE-2010-1452 5.0 https://vulners.com/cve/CVE-2010-1452
1387 | CVE-2010-0408 5.0 https://vulners.com/cve/CVE-2010-0408
1388 | CVE-2009-2699 5.0 https://vulners.com/cve/CVE-2009-2699
1389 | CVE-2007-6750 5.0 https://vulners.com/cve/CVE-2007-6750
1390 | CVE-2009-1195 4.9 https://vulners.com/cve/CVE-2009-1195
1391 | CVE-2012-0031 4.6 https://vulners.com/cve/CVE-2012-0031
1392 | CVE-2011-3607 4.4 https://vulners.com/cve/CVE-2011-3607
1393 | CVE-2007-1743 4.4 https://vulners.com/cve/CVE-2007-1743
1394 | CVE-2016-4975 4.3 https://vulners.com/cve/CVE-2016-4975
1395 | CVE-2013-1896 4.3 https://vulners.com/cve/CVE-2013-1896
1396 | CVE-2012-4558 4.3 https://vulners.com/cve/CVE-2012-4558
1397 | CVE-2012-3499 4.3 https://vulners.com/cve/CVE-2012-3499
1398 | CVE-2012-0053 4.3 https://vulners.com/cve/CVE-2012-0053
1399 | CVE-2011-4317 4.3 https://vulners.com/cve/CVE-2011-4317
1400 | CVE-2011-3639 4.3 https://vulners.com/cve/CVE-2011-3639
1401 | CVE-2011-3348 4.3 https://vulners.com/cve/CVE-2011-3348
1402 | CVE-2011-0419 4.3 https://vulners.com/cve/CVE-2011-0419
1403 | CVE-2010-0434 4.3 https://vulners.com/cve/CVE-2010-0434
1404 | CVE-2008-2939 4.3 https://vulners.com/cve/CVE-2008-2939
1405 | CVE-2008-2168 4.3 https://vulners.com/cve/CVE-2008-2168
1406 | CVE-2008-0455 4.3 https://vulners.com/cve/CVE-2008-0455
1407 | CVE-2007-6420 4.3 https://vulners.com/cve/CVE-2007-6420
1408 | CVE-2007-6388 4.3 https://vulners.com/cve/CVE-2007-6388
1409 | CVE-2007-6203 4.3 https://vulners.com/cve/CVE-2007-6203
1410 | CVE-2007-5000 4.3 https://vulners.com/cve/CVE-2007-5000
1411 | CVE-2007-4465 4.3 https://vulners.com/cve/CVE-2007-4465
1412 | CVE-2006-5752 4.3 https://vulners.com/cve/CVE-2006-5752
1413 | CVE-2006-4110 4.3 https://vulners.com/cve/CVE-2006-4110
1414 | CVE-2007-6422 4.0 https://vulners.com/cve/CVE-2007-6422
1415 | CVE-2007-1742 3.7 https://vulners.com/cve/CVE-2007-1742
1416 | CVE-2007-6421 3.5 https://vulners.com/cve/CVE-2007-6421
1417 | CVE-2016-8612 3.3 https://vulners.com/cve/CVE-2016-8612
1418 | CVE-2012-2687 2.6 https://vulners.com/cve/CVE-2012-2687
1419 | CVE-2008-0456 2.6 https://vulners.com/cve/CVE-2008-0456
1420 |_ CVE-2011-4415 1.2 https://vulners.com/cve/CVE-2011-4415
1421 111/tcp open rpcbind syn-ack ttl 52 2 (RPC #100000)
1422 3306/tcp open mysql syn-ack ttl 52 MySQL 5.0.77
1423 | mysql-info:
1424 | Protocol: 10
1425 | Version: 5.0.77
1426 | Thread ID: 57101
1427 | Capabilities flags: 41516
1428 | Some Capabilities: Support41Auth, LongColumnFlag, SupportsCompression, SupportsTransactions, ConnectWithDatabase, Speaks41ProtocolNew
1429 | Status: Autocommit
1430 |_ Salt: &gSL`~zk+/Kl^p9k0JfA
1431 | vulners:
1432 | cpe:/a:mysql:mysql:5.0.77:
1433 | CVE-2009-2446 8.5 https://vulners.com/cve/CVE-2009-2446
1434 | CVE-2009-5026 6.8 https://vulners.com/cve/CVE-2009-5026
1435 | CVE-2009-4028 6.8 https://vulners.com/cve/CVE-2009-4028
1436 | CVE-2010-1848 6.5 https://vulners.com/cve/CVE-2010-1848
1437 | CVE-2010-1850 6.0 https://vulners.com/cve/CVE-2010-1850
1438 | CVE-2008-7247 6.0 https://vulners.com/cve/CVE-2008-7247
1439 | CVE-2010-3833 5.0 https://vulners.com/cve/CVE-2010-3833
1440 | CVE-2010-1849 5.0 https://vulners.com/cve/CVE-2010-1849
1441 | CVE-2012-0490 4.0 https://vulners.com/cve/CVE-2012-0490
1442 | CVE-2012-0484 4.0 https://vulners.com/cve/CVE-2012-0484
1443 | CVE-2012-0102 4.0 https://vulners.com/cve/CVE-2012-0102
1444 | CVE-2012-0101 4.0 https://vulners.com/cve/CVE-2012-0101
1445 | CVE-2012-0087 4.0 https://vulners.com/cve/CVE-2012-0087
1446 | CVE-2010-3838 4.0 https://vulners.com/cve/CVE-2010-3838
1447 | CVE-2010-3837 4.0 https://vulners.com/cve/CVE-2010-3837
1448 | CVE-2010-3836 4.0 https://vulners.com/cve/CVE-2010-3836
1449 | CVE-2010-3834 4.0 https://vulners.com/cve/CVE-2010-3834
1450 | CVE-2010-3682 4.0 https://vulners.com/cve/CVE-2010-3682
1451 | CVE-2010-3677 4.0 https://vulners.com/cve/CVE-2010-3677
1452 | CVE-2009-4019 4.0 https://vulners.com/cve/CVE-2009-4019
1453 | CVE-2010-1626 3.6 https://vulners.com/cve/CVE-2010-1626
1454 | CVE-2012-0114 3.0 https://vulners.com/cve/CVE-2012-0114
1455 |_ CVE-2012-0075 1.7 https://vulners.com/cve/CVE-2012-0075
1456 Device type: broadband router|WAP|remote management|general purpose
1457 Running (JUST GUESSING): Asus embedded (95%), Linux 2.6.X|2.4.X (95%), Cisco embedded (94%), Dell embedded (94%), D-Link embedded (94%), Raritan embedded (94%)
1458 OS Info: Service Info: Host: dummy-host.example.com; OS: Unix
1459 Scanning ip 85.159.232.241 (ns-usa.topdns.com (PTR)):
1460 22/tcp open ssh syn-ack ttl 55 OpenSSH 5.3 (protocol 2.0)
1461 | ssh-hostkey:
1462 | 1024 16:14:8f:4a:9c:48:05:d4:0d:60:02:63:07:a4:12:69 (DSA)
1463 |_ 2048 5a:45:d0:b1:54:94:8a:4b:ce:5c:8c:a0:53:81:13:dd (RSA)
1464 | vulners:
1465 | cpe:/a:openbsd:openssh:5.3:
1466 | CVE-2014-1692 7.5 https://vulners.com/cve/CVE-2014-1692
1467 | CVE-2010-4478 7.5 https://vulners.com/cve/CVE-2010-4478
1468 | CVE-2017-15906 5.0 https://vulners.com/cve/CVE-2017-15906
1469 | CVE-2016-10708 5.0 https://vulners.com/cve/CVE-2016-10708
1470 | CVE-2010-5107 5.0 https://vulners.com/cve/CVE-2010-5107
1471 | CVE-2016-0777 4.0 https://vulners.com/cve/CVE-2016-0777
1472 | CVE-2010-4755 4.0 https://vulners.com/cve/CVE-2010-4755
1473 | CVE-2012-0814 3.5 https://vulners.com/cve/CVE-2012-0814
1474 | CVE-2011-5000 3.5 https://vulners.com/cve/CVE-2011-5000
1475 |_ CVE-2011-4327 2.1 https://vulners.com/cve/CVE-2011-4327
1476 53/tcp open domain? syn-ack ttl 55
1477 | dns-nsid:
1478 |_ id.server: srv904
1479 | fingerprint-strings:
1480 | DNSVersionBindReqTCP:
1481 | version
1482 |_ bind
1483 111/tcp open rpcbind syn-ack ttl 55 2-4 (RPC #100000)
1484 | rpcinfo:
1485 | program version port/proto service
1486 | 100000 2,3,4 111/tcp rpcbind
1487 | 100000 2,3,4 111/udp rpcbind
1488 | 100000 3,4 111/tcp6 rpcbind
1489 | 100000 3,4 111/udp6 rpcbind
1490 | 100024 1 36274/udp6 status
1491 | 100024 1 36594/tcp status
1492 | 100024 1 46040/tcp6 status
1493 |_ 100024 1 51729/udp status
1494 3306/tcp open mysql syn-ack ttl 55 MariaDB (unauthorized)
1495 5666/tcp open tcpwrapped syn-ack ttl 55
1496 Scanning ip 108.61.12.163 (ns-usa.topdns.com (PTR)):
1497 22/tcp open ssh syn-ack ttl 48 OpenSSH 5.3 (protocol 2.0)
1498 | ssh-hostkey:
1499 | 1024 71:d0:0d:d6:a3:c1:26:32:64:b0:d5:7b:75:6c:97:b2 (DSA)
1500 |_ 2048 d3:03:ff:91:67:db:13:d9:7e:0d:62:35:ed:51:7c:90 (RSA)
1501 | vulners:
1502 | cpe:/a:openbsd:openssh:5.3:
1503 | CVE-2014-1692 7.5 https://vulners.com/cve/CVE-2014-1692
1504 | CVE-2010-4478 7.5 https://vulners.com/cve/CVE-2010-4478
1505 | CVE-2017-15906 5.0 https://vulners.com/cve/CVE-2017-15906
1506 | CVE-2016-10708 5.0 https://vulners.com/cve/CVE-2016-10708
1507 | CVE-2010-5107 5.0 https://vulners.com/cve/CVE-2010-5107
1508 | CVE-2016-0777 4.0 https://vulners.com/cve/CVE-2016-0777
1509 | CVE-2010-4755 4.0 https://vulners.com/cve/CVE-2010-4755
1510 | CVE-2012-0814 3.5 https://vulners.com/cve/CVE-2012-0814
1511 | CVE-2011-5000 3.5 https://vulners.com/cve/CVE-2011-5000
1512 |_ CVE-2011-4327 2.1 https://vulners.com/cve/CVE-2011-4327
1513 53/tcp open domain? syn-ack ttl 48
1514 | dns-nsid:
1515 |_ id.server: ID11888.constant.com
1516 | fingerprint-strings:
1517 | DNSVersionBindReqTCP:
1518 | version
1519 |_ bind
1520 5666/tcp open tcpwrapped syn-ack ttl 49
1521 Scanning ip 95.211.225.130 (hosted-by.codewavetech.com (PTR)):
1522 Scanning ip 109.201.142.225 (ns-canada.topdns.com (PTR)):
1523 22/tcp open ssh syn-ack ttl 55 OpenSSH 7.4 (protocol 2.0)
1524 | ssh-hostkey:
1525 | 2048 9a:54:a1:d2:06:6a:fa:a6:8f:3b:a3:63:52:3b:39:2a (RSA)
1526 | 256 22:3e:d3:39:cf:ab:59:a6:53:08:38:7b:a7:6f:f7:d6 (ECDSA)
1527 |_ 256 59:90:1a:b0:23:16:36:63:26:06:fc:7a:0c:cb:9a:18 (ED25519)
1528 | vulners:
1529 | cpe:/a:openbsd:openssh:7.4:
1530 | CVE-2018-15919 5.0 https://vulners.com/cve/CVE-2018-15919
1531 |_ CVE-2017-15906 5.0 https://vulners.com/cve/CVE-2017-15906
1532 53/tcp open tcpwrapped syn-ack ttl 55
1533 | dns-nsid:
1534 |_ id.server: unidentified server
1535 WebCrawling domain's web servers... up to 50 max links.
1536
1537 + URL to crawl: http://ns-usa.topdns.com
1538 + Date: 2019-11-06
1539
1540 + Crawling URL: http://ns-usa.topdns.com:
1541 + Links:
1542 + Crawling http://ns-usa.topdns.com
1543 + Searching for directories...
1544 + Searching open folders...
1545
1546
1547 + URL to crawl: http://www.two-elfs.com.
1548 + Date: 2019-11-06
1549
1550 + Crawling URL: http://www.two-elfs.com.:
1551 + Links:
1552 + Crawling http://www.two-elfs.com.
1553 + Crawling http://www.two-elfs.com./members.html
1554 + Crawling http://www.two-elfs.com./support.html
1555 + Crawling http://www.two-elfs.com./videohtml/video158.html
1556 + Crawling http://www.two-elfs.com./videohtml/video157.html
1557 + Crawling http://www.two-elfs.com./videohtml/video156.html
1558 + Crawling http://www.two-elfs.com./videohtml/video155.html
1559 + Crawling http://www.two-elfs.com./videohtml/video154.html
1560 + Crawling http://www.two-elfs.com./videohtml/video153.html
1561 + Crawling http://www.two-elfs.com./videohtml/video152.html
1562 + Crawling http://www.two-elfs.com./videohtml/video151.html
1563 + Crawling http://www.two-elfs.com./videohtml/video150.html
1564 + Crawling http://www.two-elfs.com./videohtml/video149.html
1565 + Crawling http://www.two-elfs.com./videohtml/video148.html
1566 + Crawling http://www.two-elfs.com./videohtml/video147.html
1567 + Crawling http://www.two-elfs.com./videohtml/video146.html
1568 + Crawling http://www.two-elfs.com./videohtml/video145.html
1569 + Crawling http://www.two-elfs.com./videohtml/video144.html
1570 + Crawling http://www.two-elfs.com./videohtml/video143.html
1571 + Crawling http://www.two-elfs.com./videohtml/video142.html
1572 + Crawling http://www.two-elfs.com./videohtml/video141.html
1573 + Crawling http://www.two-elfs.com./videohtml/video140.html
1574 + Crawling http://www.two-elfs.com./videohtml/video139.html
1575 + Crawling http://www.two-elfs.com./videohtml/video138.html
1576 + Crawling http://www.two-elfs.com./videohtml/video137.html
1577 + Crawling http://www.two-elfs.com./videohtml/video136.html
1578 + Crawling http://www.two-elfs.com./videohtml/video135.html
1579 + Crawling http://www.two-elfs.com./videohtml/video134.html
1580 + Crawling http://www.two-elfs.com./videohtml/video133.html
1581 + Crawling http://www.two-elfs.com./videohtml/video132.html
1582 + Crawling http://www.two-elfs.com./videohtml/video131.html
1583 + Crawling http://www.two-elfs.com./videohtml/video130.html
1584 + Crawling http://www.two-elfs.com./videohtml/video129.html
1585 + Crawling http://www.two-elfs.com./videohtml/video128.html
1586 + Crawling http://www.two-elfs.com./videohtml/video127.html
1587 + Crawling http://www.two-elfs.com./videohtml/video126.html
1588 + Crawling http://www.two-elfs.com./videohtml/video125.html
1589 + Crawling http://www.two-elfs.com./videohtml/video124.html
1590 + Crawling http://www.two-elfs.com./videohtml/video123.html
1591 + Crawling http://www.two-elfs.com./videohtml/video122.html
1592 + Crawling http://www.two-elfs.com./videohtml/video121.html
1593 + Crawling http://www.two-elfs.com./videohtml/video120.html
1594 + Crawling http://www.two-elfs.com./videohtml/video119.html
1595 + Crawling http://www.two-elfs.com./videohtml/video118.html
1596 + Crawling http://www.two-elfs.com./videohtml/video117.html
1597 + Crawling http://www.two-elfs.com./videohtml/video116.html
1598 + Crawling http://www.two-elfs.com./videohtml/video115.html
1599 + Crawling http://www.two-elfs.com./videohtml/video114.html
1600 + Crawling http://www.two-elfs.com./videohtml/video113.html
1601 + Crawling http://www.two-elfs.com./videohtml/video112.html
1602 + Searching for directories...
1603 - Found: http://www.two-elfs.com./videohtml/
1604 - Found: http://www.two-elfs.com./js/
1605 - Found: http://www.two-elfs.com./images/
1606 - Found: http://www.two-elfs.com./css/
1607 - Found: http://www.two-elfs.com./css/themes/
1608 - Found: http://www.two-elfs.com./css/themes/maccaco/
1609 + Searching open folders...
1610 - http://www.two-elfs.com./videohtml/
1611 >>> Directory indexing at: http://www.two-elfs.com./videohtml/
1612 - http://www.two-elfs.com./js/
1613 >>> Directory indexing at: http://www.two-elfs.com./js/
1614 - http://www.two-elfs.com./images/
1615 >>> Directory indexing at: http://www.two-elfs.com./images/
1616 - http://www.two-elfs.com./css/
1617 >>> Directory indexing at: http://www.two-elfs.com./css/
1618 - http://www.two-elfs.com./css/themes/
1619 >>> Directory indexing at: http://www.two-elfs.com./css/themes/
1620 - http://www.two-elfs.com./css/themes/maccaco/
1621 >>> Directory indexing at: http://www.two-elfs.com./css/themes/maccaco/
1622 + Crawling directories with indexing:
1623 + Crawling http://www.two-elfs.com./videohtml/
1624 + Crawling http://www.two-elfs.com./js/
1625 + Crawling http://www.two-elfs.com./images/
1626 + Crawling http://www.two-elfs.com./css/
1627 + Crawling http://www.two-elfs.com./css/themes/
1628 + Crawling http://www.two-elfs.com./css/themes/maccaco/
1629 + Crawling directories with indexing finished
1630 + Crawl finished successfully.
1631----------------------------------------------------------------------
1632Summary of http://http://www.two-elfs.com.
1633----------------------------------------------------------------------
1634+ Links crawled:
1635 - http://www.two-elfs.com.
1636 - http://www.two-elfs.com./css/
1637 - http://www.two-elfs.com./css/themes/
1638 - http://www.two-elfs.com./css/themes/maccaco/
1639 - http://www.two-elfs.com./images/
1640 - http://www.two-elfs.com./js/
1641 - http://www.two-elfs.com./members.html
1642 - http://www.two-elfs.com./support.html
1643 - http://www.two-elfs.com./videohtml/
1644 - http://www.two-elfs.com./videohtml/video112.html
1645 - http://www.two-elfs.com./videohtml/video113.html
1646 - http://www.two-elfs.com./videohtml/video114.html
1647 - http://www.two-elfs.com./videohtml/video115.html
1648 - http://www.two-elfs.com./videohtml/video116.html
1649 - http://www.two-elfs.com./videohtml/video117.html
1650 - http://www.two-elfs.com./videohtml/video118.html
1651 - http://www.two-elfs.com./videohtml/video119.html
1652 - http://www.two-elfs.com./videohtml/video120.html
1653 - http://www.two-elfs.com./videohtml/video121.html
1654 - http://www.two-elfs.com./videohtml/video122.html
1655 - http://www.two-elfs.com./videohtml/video123.html
1656 - http://www.two-elfs.com./videohtml/video124.html
1657 - http://www.two-elfs.com./videohtml/video125.html
1658 - http://www.two-elfs.com./videohtml/video126.html
1659 - http://www.two-elfs.com./videohtml/video127.html
1660 - http://www.two-elfs.com./videohtml/video128.html
1661 - http://www.two-elfs.com./videohtml/video129.html
1662 - http://www.two-elfs.com./videohtml/video130.html
1663 - http://www.two-elfs.com./videohtml/video131.html
1664 - http://www.two-elfs.com./videohtml/video132.html
1665 - http://www.two-elfs.com./videohtml/video133.html
1666 - http://www.two-elfs.com./videohtml/video134.html
1667 - http://www.two-elfs.com./videohtml/video135.html
1668 - http://www.two-elfs.com./videohtml/video136.html
1669 - http://www.two-elfs.com./videohtml/video137.html
1670 - http://www.two-elfs.com./videohtml/video138.html
1671 - http://www.two-elfs.com./videohtml/video139.html
1672 - http://www.two-elfs.com./videohtml/video140.html
1673 - http://www.two-elfs.com./videohtml/video141.html
1674 - http://www.two-elfs.com./videohtml/video142.html
1675 - http://www.two-elfs.com./videohtml/video143.html
1676 - http://www.two-elfs.com./videohtml/video144.html
1677 - http://www.two-elfs.com./videohtml/video145.html
1678 - http://www.two-elfs.com./videohtml/video146.html
1679 - http://www.two-elfs.com./videohtml/video147.html
1680 - http://www.two-elfs.com./videohtml/video148.html
1681 - http://www.two-elfs.com./videohtml/video149.html
1682 - http://www.two-elfs.com./videohtml/video150.html
1683 - http://www.two-elfs.com./videohtml/video151.html
1684 - http://www.two-elfs.com./videohtml/video152.html
1685 - http://www.two-elfs.com./videohtml/video153.html
1686 - http://www.two-elfs.com./videohtml/video154.html
1687 - http://www.two-elfs.com./videohtml/video155.html
1688 - http://www.two-elfs.com./videohtml/video156.html
1689 - http://www.two-elfs.com./videohtml/video157.html
1690 - http://www.two-elfs.com./videohtml/video158.html
1691 Total links crawled: 56
1692
1693+ Links to files found:
1694 - http://www.two-elfs.com./css/themes/layout-grid.gif
1695 - http://www.two-elfs.com./css/themes/maccaco/buffering.gif
1696 - http://www.two-elfs.com./css/themes/maccaco/maccaco-load-static.png
1697 - http://www.two-elfs.com./css/themes/maccaco/maccaco-load.gif
1698 - http://www.two-elfs.com./css/themes/maccaco/maccaco.png
1699 - http://www.two-elfs.com./css/themes/maccaco/noise.gif
1700 - http://www.two-elfs.com./css/themes/maccaco/projekktor.style.css
1701 - http://www.two-elfs.com./css/themes/maccaco/start.png
1702 - http://www.two-elfs.com./css/video-js.css
1703 - http://www.two-elfs.com./css/video-js.min.css
1704 - http://www.two-elfs.com./icons/back.gif
1705 - http://www.two-elfs.com./icons/blank.gif
1706 - http://www.two-elfs.com./icons/folder.gif
1707 - http://www.two-elfs.com./icons/image2.gif
1708 - http://www.two-elfs.com./icons/text.gif
1709 - http://www.two-elfs.com./icons/unknown.gif
1710 - http://www.two-elfs.com./images/banner.gif
1711 - http://www.two-elfs.com./images/banner.jpg
1712 - http://www.two-elfs.com./images/bg.gif
1713 - http://www.two-elfs.com./images/bg.jpg
1714 - http://www.two-elfs.com./images/c.png
1715 - http://www.two-elfs.com./images/corner1.png
1716 - http://www.two-elfs.com./images/corner2.png
1717 - http://www.two-elfs.com./images/enter.png
1718 - http://www.two-elfs.com./images/frame.png
1719 - http://www.two-elfs.com./images/ia.png
1720 - http://www.two-elfs.com./images/index_01.jpg
1721 - http://www.two-elfs.com./images/index_02.jpg
1722 - http://www.two-elfs.com./images/index_03.jpg
1723 - http://www.two-elfs.com./images/index_04.jpg
1724 - http://www.two-elfs.com./images/index_05.jpg
1725 - http://www.two-elfs.com./images/index_06.jpg
1726 - http://www.two-elfs.com./images/index_07.jpg
1727 - http://www.two-elfs.com./images/join_03.jpg
1728 - http://www.two-elfs.com./images/join_04.jpg
1729 - http://www.two-elfs.com./images/join_05.jpg
1730 - http://www.two-elfs.com./images/members_03.jpg
1731 - http://www.two-elfs.com./images/members_04.jpg
1732 - http://www.two-elfs.com./images/members_05.jpg
1733 - http://www.two-elfs.com./images/nav.gif
1734 - http://www.two-elfs.com./images/nav2_01.gif
1735 - http://www.two-elfs.com./images/nav2_01.png
1736 - http://www.two-elfs.com./images/nav2_02.png
1737 - http://www.two-elfs.com./images/nav2_03.png
1738 - http://www.two-elfs.com./images/nav2_04.png
1739 - http://www.two-elfs.com./images/nav3_01.png
1740 - http://www.two-elfs.com./images/nav4_01.png
1741 - http://www.two-elfs.com./images/nav_01.gif
1742 - http://www.two-elfs.com./images/nav_01.png
1743 - http://www.two-elfs.com./images/nav_02.gif
1744 - http://www.two-elfs.com./images/nav_02.png
1745 - http://www.two-elfs.com./images/nav_03.gif
1746 - http://www.two-elfs.com./images/nav_03.png
1747 - http://www.two-elfs.com./images/nav_04.gif
1748 - http://www.two-elfs.com./images/nav_04.png
1749 - http://www.two-elfs.com./images/next.png
1750 - http://www.two-elfs.com./images/nextp.png
1751 - http://www.two-elfs.com./images/prev.png
1752 - http://www.two-elfs.com./images/support_04.jpg
1753 - http://www.two-elfs.com./images/viewer.png
1754 - http://www.two-elfs.com./js/DD_belatedPNG.js
1755 - http://www.two-elfs.com./js/IE6opacity.js
1756 - http://www.two-elfs.com./js/jquery-1.11.3.min.js
1757 - http://www.two-elfs.com./js/jquery-1.9.1.min.js
1758 - http://www.two-elfs.com./js/jquery.cookie.js
1759 - http://www.two-elfs.com./js/jquery.lazyload.min.js
1760 - http://www.two-elfs.com./js/jquery.min.js
1761 - http://www.two-elfs.com./js/projekktor-1.3.09.min.js
1762 - http://www.two-elfs.com./style.css
1763 Total links to files: 69
1764
1765+ Externals links found:
1766 - http://areamem.two-elfs.com/
1767 - http://dreamstudioportal.com/
1768 - http://two-elfs.com/video/video112.mp4
1769 - http://two-elfs.com/video/video113.mp4
1770 - http://two-elfs.com/video/video114.mp4
1771 - http://two-elfs.com/video/video115.mp4
1772 - http://two-elfs.com/video/video116.mp4
1773 - http://two-elfs.com/video/video117.mp4
1774 - http://two-elfs.com/video/video118.mp4
1775 - http://two-elfs.com/video/video119.mp4
1776 - http://two-elfs.com/video/video120.mp4
1777 - http://two-elfs.com/video/video121.mp4
1778 - http://two-elfs.com/video/video122.mp4
1779 - http://two-elfs.com/video/video123.mp4
1780 - http://two-elfs.com/video/video124.mp4
1781 - http://two-elfs.com/video/video125.mp4
1782 - http://two-elfs.com/video/video126.mp4
1783 - http://two-elfs.com/video/video127.mp4
1784 - http://two-elfs.com/video/video128.mp4
1785 - http://two-elfs.com/video/video129.mp4
1786 - http://two-elfs.com/video/video130.mp4
1787 - http://two-elfs.com/video/video131.mp4
1788 - http://two-elfs.com/video/video132.mp4
1789 - http://two-elfs.com/video/video133.mp4
1790 - http://two-elfs.com/video/video134.mp4
1791 - http://two-elfs.com/video/video135.mp4
1792 - http://two-elfs.com/video/video136.mp4
1793 - http://two-elfs.com/video/video137.mp4
1794 - http://two-elfs.com/video/video138.mp4
1795 - http://two-elfs.com/video/video139.mp4
1796 - http://two-elfs.com/video/video140.mp4
1797 - http://two-elfs.com/video/video141.mp4
1798 - http://two-elfs.com/video/video142.mp4
1799 - http://two-elfs.com/video/video143.mp4
1800 - http://two-elfs.com/video/video144.mp4
1801 - http://two-elfs.com/video/video145.mp4
1802 - http://two-elfs.com/video/video146.mp4
1803 - http://two-elfs.com/video/video147.mp4
1804 - http://two-elfs.com/video/video148.mp4
1805 - http://two-elfs.com/video/video149.mp4
1806 - http://two-elfs.com/video/video150.mp4
1807 - http://two-elfs.com/video/video151.mp4
1808 - http://two-elfs.com/video/video152.mp4
1809 - http://two-elfs.com/video/video153.mp4
1810 - http://two-elfs.com/video/video154.mp4
1811 - http://two-elfs.com/video/video155.mp4
1812 - http://two-elfs.com/video/video156.mp4
1813 - http://two-elfs.com/video/video157.mp4
1814 - http://two-elfs.com/video/video158.mp4
1815 - http://www4.law.cornell.edu/uscode/18/2256.html
1816 Total external links: 50
1817
1818+ Email addresses found:
1819 Total email address found: 0
1820
1821+ Directories found:
1822 - http://www.two-elfs.com./css/
1823 - http://www.two-elfs.com./css/themes/
1824 - http://www.two-elfs.com./css/themes/maccaco/
1825 - http://www.two-elfs.com./images/
1826 - http://www.two-elfs.com./js/
1827 - http://www.two-elfs.com./videohtml/
1828 Total directories: 6
1829
1830+ Directory indexing found:
1831 - http://www.two-elfs.com./css/
1832 - http://www.two-elfs.com./css/themes/
1833 - http://www.two-elfs.com./css/themes/maccaco/
1834 - http://www.two-elfs.com./images/
1835 - http://www.two-elfs.com./js/
1836 - http://www.two-elfs.com./videohtml/
1837 Total directories with indexing: 6
1838
1839----------------------------------------------------------------------
1840
1841--Finished--
1842Summary information for domain two-elfs.com.
1843-----------------------------------------
1844
1845 Domain Ips Information:
1846 IP: 46.166.189.99
1847 HostName: ns-usa.topdns.com Type: NS
1848 HostName: ns-usa.topdns.com Type: PTR
1849 Country: Netherlands
1850 Is Active: True (reset ttl 64)
1851 Port: 22/tcp open ssh syn-ack ttl 55 OpenSSH 6.6.1 (protocol 2.0)
1852 Script Info: | ssh-hostkey:
1853 Script Info: | 2048 3e:9b:17:eb:0e:78:d7:87:fe:6d:0f:89:56:0a:0d:f2 (RSA)
1854 Script Info: | 256 d5:92:e1:08:d8:a4:ad:ff:42:dd:36:18:7d:5d:a6:b7 (ECDSA)
1855 Script Info: |_ 256 41:bf:fa:36:51:3f:5b:1d:45:7c:6a:a4:6a:39:c6:85 (ED25519)
1856 Port: 53/tcp open domain? syn-ack ttl 55
1857 Script Info: | dns-nsid:
1858 Script Info: | NSID: \xBB\xCC (bbcc)
1859 Script Info: |_ id.server: srv502
1860 Script Info: | fingerprint-strings:
1861 Script Info: | DNSVersionBindReqTCP:
1862 Script Info: | version
1863 Script Info: |_ bind
1864 Port: 80/tcp open http syn-ack ttl 55 nginx
1865 Script Info: | http-methods:
1866 Script Info: |_ Supported Methods: GET POST
1867 Script Info: |_http-title: Did not follow redirect to http://www.topdns.com
1868 Port: 3306/tcp open mysql syn-ack ttl 55 MariaDB (unauthorized)
1869 Port: 5666/tcp open tcpwrapped syn-ack ttl 55
1870 IP: 77.247.183.137
1871 HostName: ns-uk.topdns.com Type: NS
1872 HostName: ns-uk.topdns.com Type: PTR
1873 Country: Netherlands
1874 Is Active: True (reset ttl 64)
1875 Port: 22/tcp open ssh syn-ack ttl 55 OpenSSH 5.3 (protocol 2.0)
1876 Script Info: | ssh-hostkey:
1877 Script Info: | 1024 e1:b1:01:f1:e8:7a:11:7e:86:22:52:00:f9:31:ed:4b (DSA)
1878 Script Info: |_ 2048 17:d7:fd:6c:9d:d7:e7:ee:92:46:67:6a:a8:95:12:93 (RSA)
1879 Script Info: | vulners:
1880 Script Info: | cpe:/a:openbsd:openssh:5.3:
1881 Script Info: | CVE-2014-1692 7.5 https://vulners.com/cve/CVE-2014-1692
1882 Script Info: | CVE-2010-4478 7.5 https://vulners.com/cve/CVE-2010-4478
1883 Script Info: | CVE-2017-15906 5.0 https://vulners.com/cve/CVE-2017-15906
1884 Script Info: | CVE-2016-10708 5.0 https://vulners.com/cve/CVE-2016-10708
1885 Script Info: | CVE-2010-5107 5.0 https://vulners.com/cve/CVE-2010-5107
1886 Script Info: | CVE-2016-0777 4.0 https://vulners.com/cve/CVE-2016-0777
1887 Script Info: | CVE-2010-4755 4.0 https://vulners.com/cve/CVE-2010-4755
1888 Script Info: | CVE-2012-0814 3.5 https://vulners.com/cve/CVE-2012-0814
1889 Script Info: | CVE-2011-5000 3.5 https://vulners.com/cve/CVE-2011-5000
1890 Script Info: |_ CVE-2011-4327 2.1 https://vulners.com/cve/CVE-2011-4327
1891 Port: 53/tcp open domain? syn-ack ttl 55
1892 Script Info: | dns-nsid:
1893 Script Info: |_ id.server: unidentified server
1894 Script Info: | fingerprint-strings:
1895 Script Info: | DNSVersionBindReqTCP:
1896 Script Info: | version
1897 Script Info: |_ bind
1898 Port: 111/tcp open rpcbind syn-ack ttl 55 2-4 (RPC #100000)
1899 Script Info: | rpcinfo:
1900 Script Info: | program version port/proto service
1901 Script Info: | 100000 2,3,4 111/tcp rpcbind
1902 Script Info: | 100000 2,3,4 111/udp rpcbind
1903 Script Info: | 100000 3,4 111/tcp6 rpcbind
1904 Script Info: | 100000 3,4 111/udp6 rpcbind
1905 Script Info: | 100024 1 39924/udp status
1906 Script Info: | 100024 1 42428/tcp6 status
1907 Script Info: | 100024 1 50513/udp6 status
1908 Script Info: |_ 100024 1 54369/tcp status
1909 Port: 3306/tcp open mysql syn-ack ttl 55 MariaDB (unauthorized)
1910 Port: 5666/tcp open tcpwrapped syn-ack ttl 55
1911 IP: 108.61.150.91
1912 HostName: ns-uk.topdns.com Type: NS
1913 Country: United States
1914 Is Active: True (reset ttl 64)
1915 Port: 22/tcp open ssh syn-ack ttl 48 OpenSSH 5.3 (protocol 2.0)
1916 Script Info: | ssh-hostkey:
1917 Script Info: | 1024 fc:b2:4d:63:17:c6:24:d3:9e:16:5a:2e:d5:85:26:9a (DSA)
1918 Script Info: |_ 2048 75:a8:59:a3:c9:c4:23:c7:43:e6:96:3f:db:d5:77:bc (RSA)
1919 Script Info: | vulners:
1920 Script Info: | cpe:/a:openbsd:openssh:5.3:
1921 Script Info: | CVE-2014-1692 7.5 https://vulners.com/cve/CVE-2014-1692
1922 Script Info: | CVE-2010-4478 7.5 https://vulners.com/cve/CVE-2010-4478
1923 Script Info: | CVE-2017-15906 5.0 https://vulners.com/cve/CVE-2017-15906
1924 Script Info: | CVE-2016-10708 5.0 https://vulners.com/cve/CVE-2016-10708
1925 Script Info: | CVE-2010-5107 5.0 https://vulners.com/cve/CVE-2010-5107
1926 Script Info: | CVE-2016-0777 4.0 https://vulners.com/cve/CVE-2016-0777
1927 Script Info: | CVE-2010-4755 4.0 https://vulners.com/cve/CVE-2010-4755
1928 Script Info: | CVE-2012-0814 3.5 https://vulners.com/cve/CVE-2012-0814
1929 Script Info: | CVE-2011-5000 3.5 https://vulners.com/cve/CVE-2011-5000
1930 Script Info: |_ CVE-2011-4327 2.1 https://vulners.com/cve/CVE-2011-4327
1931 Port: 53/tcp open domain? syn-ack ttl 48
1932 Script Info: | dns-nsid:
1933 Script Info: |_ id.server: unknown
1934 Script Info: | fingerprint-strings:
1935 Script Info: | DNSVersionBindReqTCP:
1936 Script Info: | version
1937 Script Info: |_ bind
1938 IP: 94.102.49.234
1939 HostName: www.two-elfs.com. Type: A
1940 Country: Netherlands
1941 Is Active: True (reset ttl 64)
1942 Port: 21/tcp open ftp syn-ack ttl 52 vsftpd 2.0.5
1943 Port: 22/tcp open tcpwrapped syn-ack ttl 52
1944 Script Info: |_ssh-hostkey: ERROR: Script execution failed (use -d to debug)
1945 Port: 80/tcp open http syn-ack ttl 52 Apache httpd 2.2.3
1946 Script Info: | http-methods:
1947 Script Info: | Supported Methods: GET HEAD POST OPTIONS TRACE
1948 Script Info: |_ Potentially risky methods: TRACE
1949 Script Info: |_http-server-header: Apache/2.2.3 (CentOS)
1950 Script Info: |_http-title: 404 Not Found
1951 Script Info: | vulners:
1952 Script Info: | cpe:/a:apache:http_server:2.2.3:
1953 Script Info: | CVE-2010-0425 10.0 https://vulners.com/cve/CVE-2010-0425
1954 Script Info: | CVE-2011-3192 7.8 https://vulners.com/cve/CVE-2011-3192
1955 Script Info: | CVE-2007-6423 7.8 https://vulners.com/cve/CVE-2007-6423
1956 Script Info: | CVE-2017-7679 7.5 https://vulners.com/cve/CVE-2017-7679
1957 Script Info: | CVE-2017-7668 7.5 https://vulners.com/cve/CVE-2017-7668
1958 Script Info: | CVE-2017-3169 7.5 https://vulners.com/cve/CVE-2017-3169
1959 Script Info: | CVE-2017-3167 7.5 https://vulners.com/cve/CVE-2017-3167
1960 Script Info: | CVE-2013-2249 7.5 https://vulners.com/cve/CVE-2013-2249
1961 Script Info: | CVE-2009-1891 7.1 https://vulners.com/cve/CVE-2009-1891
1962 Script Info: | CVE-2009-1890 7.1 https://vulners.com/cve/CVE-2009-1890
1963 Script Info: | CVE-2012-0883 6.9 https://vulners.com/cve/CVE-2012-0883
1964 Script Info: | CVE-2018-1312 6.8 https://vulners.com/cve/CVE-2018-1312
1965 Script Info: | CVE-2006-4154 6.8 https://vulners.com/cve/CVE-2006-4154
1966 Script Info: | CVE-2007-1741 6.2 https://vulners.com/cve/CVE-2007-1741
1967 Script Info: | CVE-2013-1862 5.1 https://vulners.com/cve/CVE-2013-1862
1968 Script Info: | CVE-2014-0231 5.0 https://vulners.com/cve/CVE-2014-0231
1969 Script Info: | CVE-2014-0098 5.0 https://vulners.com/cve/CVE-2014-0098
1970 Script Info: | CVE-2013-6438 5.0 https://vulners.com/cve/CVE-2013-6438
1971 Script Info: | CVE-2011-3368 5.0 https://vulners.com/cve/CVE-2011-3368
1972 Script Info: | CVE-2010-1452 5.0 https://vulners.com/cve/CVE-2010-1452
1973 Script Info: | CVE-2010-0408 5.0 https://vulners.com/cve/CVE-2010-0408
1974 Script Info: | CVE-2009-2699 5.0 https://vulners.com/cve/CVE-2009-2699
1975 Script Info: | CVE-2007-6750 5.0 https://vulners.com/cve/CVE-2007-6750
1976 Script Info: | CVE-2009-1195 4.9 https://vulners.com/cve/CVE-2009-1195
1977 Script Info: | CVE-2012-0031 4.6 https://vulners.com/cve/CVE-2012-0031
1978 Script Info: | CVE-2011-3607 4.4 https://vulners.com/cve/CVE-2011-3607
1979 Script Info: | CVE-2007-1743 4.4 https://vulners.com/cve/CVE-2007-1743
1980 Script Info: | CVE-2016-4975 4.3 https://vulners.com/cve/CVE-2016-4975
1981 Script Info: | CVE-2013-1896 4.3 https://vulners.com/cve/CVE-2013-1896
1982 Script Info: | CVE-2012-4558 4.3 https://vulners.com/cve/CVE-2012-4558
1983 Script Info: | CVE-2012-3499 4.3 https://vulners.com/cve/CVE-2012-3499
1984 Script Info: | CVE-2012-0053 4.3 https://vulners.com/cve/CVE-2012-0053
1985 Script Info: | CVE-2011-4317 4.3 https://vulners.com/cve/CVE-2011-4317
1986 Script Info: | CVE-2011-3639 4.3 https://vulners.com/cve/CVE-2011-3639
1987 Script Info: | CVE-2011-3348 4.3 https://vulners.com/cve/CVE-2011-3348
1988 Script Info: | CVE-2011-0419 4.3 https://vulners.com/cve/CVE-2011-0419
1989 Script Info: | CVE-2010-0434 4.3 https://vulners.com/cve/CVE-2010-0434
1990 Script Info: | CVE-2008-2939 4.3 https://vulners.com/cve/CVE-2008-2939
1991 Script Info: | CVE-2008-2168 4.3 https://vulners.com/cve/CVE-2008-2168
1992 Script Info: | CVE-2008-0455 4.3 https://vulners.com/cve/CVE-2008-0455
1993 Script Info: | CVE-2007-6420 4.3 https://vulners.com/cve/CVE-2007-6420
1994 Script Info: | CVE-2007-6388 4.3 https://vulners.com/cve/CVE-2007-6388
1995 Script Info: | CVE-2007-6203 4.3 https://vulners.com/cve/CVE-2007-6203
1996 Script Info: | CVE-2007-5000 4.3 https://vulners.com/cve/CVE-2007-5000
1997 Script Info: | CVE-2007-4465 4.3 https://vulners.com/cve/CVE-2007-4465
1998 Script Info: | CVE-2006-5752 4.3 https://vulners.com/cve/CVE-2006-5752
1999 Script Info: | CVE-2006-4110 4.3 https://vulners.com/cve/CVE-2006-4110
2000 Script Info: | CVE-2007-6422 4.0 https://vulners.com/cve/CVE-2007-6422
2001 Script Info: | CVE-2007-1742 3.7 https://vulners.com/cve/CVE-2007-1742
2002 Script Info: | CVE-2007-6421 3.5 https://vulners.com/cve/CVE-2007-6421
2003 Script Info: | CVE-2016-8612 3.3 https://vulners.com/cve/CVE-2016-8612
2004 Script Info: | CVE-2012-2687 2.6 https://vulners.com/cve/CVE-2012-2687
2005 Script Info: | CVE-2008-0456 2.6 https://vulners.com/cve/CVE-2008-0456
2006 Script Info: |_ CVE-2011-4415 1.2 https://vulners.com/cve/CVE-2011-4415
2007 Port: 111/tcp open rpcbind syn-ack ttl 52 2 (RPC #100000)
2008 Port: 3306/tcp open mysql syn-ack ttl 52 MySQL 5.0.77
2009 Script Info: | mysql-info:
2010 Script Info: | Protocol: 10
2011 Script Info: | Version: 5.0.77
2012 Script Info: | Thread ID: 57101
2013 Script Info: | Capabilities flags: 41516
2014 Script Info: | Some Capabilities: Support41Auth, LongColumnFlag, SupportsCompression, SupportsTransactions, ConnectWithDatabase, Speaks41ProtocolNew
2015 Script Info: | Status: Autocommit
2016 Script Info: |_ Salt: &gSL`~zk+/Kl^p9k0JfA
2017 Script Info: | vulners:
2018 Script Info: | cpe:/a:mysql:mysql:5.0.77:
2019 Script Info: | CVE-2009-2446 8.5 https://vulners.com/cve/CVE-2009-2446
2020 Script Info: | CVE-2009-5026 6.8 https://vulners.com/cve/CVE-2009-5026
2021 Script Info: | CVE-2009-4028 6.8 https://vulners.com/cve/CVE-2009-4028
2022 Script Info: | CVE-2010-1848 6.5 https://vulners.com/cve/CVE-2010-1848
2023 Script Info: | CVE-2010-1850 6.0 https://vulners.com/cve/CVE-2010-1850
2024 Script Info: | CVE-2008-7247 6.0 https://vulners.com/cve/CVE-2008-7247
2025 Script Info: | CVE-2010-3833 5.0 https://vulners.com/cve/CVE-2010-3833
2026 Script Info: | CVE-2010-1849 5.0 https://vulners.com/cve/CVE-2010-1849
2027 Script Info: | CVE-2012-0490 4.0 https://vulners.com/cve/CVE-2012-0490
2028 Script Info: | CVE-2012-0484 4.0 https://vulners.com/cve/CVE-2012-0484
2029 Script Info: | CVE-2012-0102 4.0 https://vulners.com/cve/CVE-2012-0102
2030 Script Info: | CVE-2012-0101 4.0 https://vulners.com/cve/CVE-2012-0101
2031 Script Info: | CVE-2012-0087 4.0 https://vulners.com/cve/CVE-2012-0087
2032 Script Info: | CVE-2010-3838 4.0 https://vulners.com/cve/CVE-2010-3838
2033 Script Info: | CVE-2010-3837 4.0 https://vulners.com/cve/CVE-2010-3837
2034 Script Info: | CVE-2010-3836 4.0 https://vulners.com/cve/CVE-2010-3836
2035 Script Info: | CVE-2010-3834 4.0 https://vulners.com/cve/CVE-2010-3834
2036 Script Info: | CVE-2010-3682 4.0 https://vulners.com/cve/CVE-2010-3682
2037 Script Info: | CVE-2010-3677 4.0 https://vulners.com/cve/CVE-2010-3677
2038 Script Info: | CVE-2009-4019 4.0 https://vulners.com/cve/CVE-2009-4019
2039 Script Info: | CVE-2010-1626 3.6 https://vulners.com/cve/CVE-2010-1626
2040 Script Info: | CVE-2012-0114 3.0 https://vulners.com/cve/CVE-2012-0114
2041 Script Info: |_ CVE-2012-0075 1.7 https://vulners.com/cve/CVE-2012-0075
2042 Script Info: Device type: broadband router|WAP|remote management|general purpose
2043 Script Info: Running (JUST GUESSING): Asus embedded (95%), Linux 2.6.X|2.4.X (95%), Cisco embedded (94%), Dell embedded (94%), D-Link embedded (94%), Raritan embedded (94%)
2044 Os Info: Host: dummy-host.example.com; OS: Unix
2045 Open Folders: http://www.two-elfs.com./videohtml/
2046 Open Folders: http://www.two-elfs.com./js/
2047 Open Folders: http://www.two-elfs.com./images/
2048 Open Folders: http://www.two-elfs.com./css/
2049 Open Folders: http://www.two-elfs.com./css/themes/
2050 Open Folders: http://www.two-elfs.com./css/themes/maccaco/
2051 IP: 85.159.232.241
2052 HostName: ns-usa.topdns.com Type: NS
2053 HostName: ns-usa.topdns.com Type: PTR
2054 Country: Netherlands
2055 Is Active: True (reset ttl 64)
2056 Port: 22/tcp open ssh syn-ack ttl 55 OpenSSH 5.3 (protocol 2.0)
2057 Script Info: | ssh-hostkey:
2058 Script Info: | 1024 16:14:8f:4a:9c:48:05:d4:0d:60:02:63:07:a4:12:69 (DSA)
2059 Script Info: |_ 2048 5a:45:d0:b1:54:94:8a:4b:ce:5c:8c:a0:53:81:13:dd (RSA)
2060 Script Info: | vulners:
2061 Script Info: | cpe:/a:openbsd:openssh:5.3:
2062 Script Info: | CVE-2014-1692 7.5 https://vulners.com/cve/CVE-2014-1692
2063 Script Info: | CVE-2010-4478 7.5 https://vulners.com/cve/CVE-2010-4478
2064 Script Info: | CVE-2017-15906 5.0 https://vulners.com/cve/CVE-2017-15906
2065 Script Info: | CVE-2016-10708 5.0 https://vulners.com/cve/CVE-2016-10708
2066 Script Info: | CVE-2010-5107 5.0 https://vulners.com/cve/CVE-2010-5107
2067 Script Info: | CVE-2016-0777 4.0 https://vulners.com/cve/CVE-2016-0777
2068 Script Info: | CVE-2010-4755 4.0 https://vulners.com/cve/CVE-2010-4755
2069 Script Info: | CVE-2012-0814 3.5 https://vulners.com/cve/CVE-2012-0814
2070 Script Info: | CVE-2011-5000 3.5 https://vulners.com/cve/CVE-2011-5000
2071 Script Info: |_ CVE-2011-4327 2.1 https://vulners.com/cve/CVE-2011-4327
2072 Port: 53/tcp open domain? syn-ack ttl 55
2073 Script Info: | dns-nsid:
2074 Script Info: |_ id.server: srv904
2075 Script Info: | fingerprint-strings:
2076 Script Info: | DNSVersionBindReqTCP:
2077 Script Info: | version
2078 Script Info: |_ bind
2079 Port: 111/tcp open rpcbind syn-ack ttl 55 2-4 (RPC #100000)
2080 Script Info: | rpcinfo:
2081 Script Info: | program version port/proto service
2082 Script Info: | 100000 2,3,4 111/tcp rpcbind
2083 Script Info: | 100000 2,3,4 111/udp rpcbind
2084 Script Info: | 100000 3,4 111/tcp6 rpcbind
2085 Script Info: | 100000 3,4 111/udp6 rpcbind
2086 Script Info: | 100024 1 36274/udp6 status
2087 Script Info: | 100024 1 36594/tcp status
2088 Script Info: | 100024 1 46040/tcp6 status
2089 Script Info: |_ 100024 1 51729/udp status
2090 Port: 3306/tcp open mysql syn-ack ttl 55 MariaDB (unauthorized)
2091 Port: 5666/tcp open tcpwrapped syn-ack ttl 55
2092 IP: 108.61.12.163
2093 HostName: ns-usa.topdns.com Type: NS
2094 HostName: ns-usa.topdns.com Type: PTR
2095 Country: United States
2096 Is Active: True (reset ttl 64)
2097 Port: 22/tcp open ssh syn-ack ttl 48 OpenSSH 5.3 (protocol 2.0)
2098 Script Info: | ssh-hostkey:
2099 Script Info: | 1024 71:d0:0d:d6:a3:c1:26:32:64:b0:d5:7b:75:6c:97:b2 (DSA)
2100 Script Info: |_ 2048 d3:03:ff:91:67:db:13:d9:7e:0d:62:35:ed:51:7c:90 (RSA)
2101 Script Info: | vulners:
2102 Script Info: | cpe:/a:openbsd:openssh:5.3:
2103 Script Info: | CVE-2014-1692 7.5 https://vulners.com/cve/CVE-2014-1692
2104 Script Info: | CVE-2010-4478 7.5 https://vulners.com/cve/CVE-2010-4478
2105 Script Info: | CVE-2017-15906 5.0 https://vulners.com/cve/CVE-2017-15906
2106 Script Info: | CVE-2016-10708 5.0 https://vulners.com/cve/CVE-2016-10708
2107 Script Info: | CVE-2010-5107 5.0 https://vulners.com/cve/CVE-2010-5107
2108 Script Info: | CVE-2016-0777 4.0 https://vulners.com/cve/CVE-2016-0777
2109 Script Info: | CVE-2010-4755 4.0 https://vulners.com/cve/CVE-2010-4755
2110 Script Info: | CVE-2012-0814 3.5 https://vulners.com/cve/CVE-2012-0814
2111 Script Info: | CVE-2011-5000 3.5 https://vulners.com/cve/CVE-2011-5000
2112 Script Info: |_ CVE-2011-4327 2.1 https://vulners.com/cve/CVE-2011-4327
2113 Port: 53/tcp open domain? syn-ack ttl 48
2114 Script Info: | dns-nsid:
2115 Script Info: |_ id.server: ID11888.constant.com
2116 Script Info: | fingerprint-strings:
2117 Script Info: | DNSVersionBindReqTCP:
2118 Script Info: | version
2119 Script Info: |_ bind
2120 Port: 5666/tcp open tcpwrapped syn-ack ttl 49
2121 IP: 95.211.225.130
2122 HostName: mail.teensagency.info Type: MX
2123 HostName: hosted-by.codewavetech.com Type: PTR
2124 Country: Netherlands
2125 Is Active: True (reset ttl 64)
2126 IP: 109.201.142.225
2127 HostName: ns-canada.topdns.com Type: NS
2128 HostName: ns-canada.topdns.com Type: PTR
2129 Country: Netherlands
2130 Is Active: True (reset ttl 64)
2131 Port: 22/tcp open ssh syn-ack ttl 55 OpenSSH 7.4 (protocol 2.0)
2132 Script Info: | ssh-hostkey:
2133 Script Info: | 2048 9a:54:a1:d2:06:6a:fa:a6:8f:3b:a3:63:52:3b:39:2a (RSA)
2134 Script Info: | 256 22:3e:d3:39:cf:ab:59:a6:53:08:38:7b:a7:6f:f7:d6 (ECDSA)
2135 Script Info: |_ 256 59:90:1a:b0:23:16:36:63:26:06:fc:7a:0c:cb:9a:18 (ED25519)
2136 Script Info: | vulners:
2137 Script Info: | cpe:/a:openbsd:openssh:7.4:
2138 Script Info: | CVE-2018-15919 5.0 https://vulners.com/cve/CVE-2018-15919
2139 Script Info: |_ CVE-2017-15906 5.0 https://vulners.com/cve/CVE-2017-15906
2140 Port: 53/tcp open tcpwrapped syn-ack ttl 55
2141 Script Info: | dns-nsid:
2142 Script Info: |_ id.server: unidentified server
2143#######################################################################################################################################
2144dnsenum VERSION:1.2.6
2145
2146----- two-elfs.com -----
2147
2148
2149Host's addresses:
2150__________________
2151
2152two-elfs.com. 3599 IN A 94.102.49.234
2153
2154
2155Name Servers:
2156______________
2157
2158ns-canada.topdns.com. 926 IN A 109.201.142.225
2159ns-usa.topdns.com. 534 IN A 46.166.189.99
2160ns-usa.topdns.com. 534 IN A 108.61.12.163
2161ns-usa.topdns.com. 534 IN A 85.159.232.241
2162ns-uk.topdns.com. 534 IN A 77.247.183.137
2163ns-uk.topdns.com. 534 IN A 108.61.150.91
2164
2165
2166Mail (MX) Servers:
2167___________________
2168
2169mail.teensagency.info. 1766 IN A 95.211.225.130
2170
2171
2172Trying Zone Transfers and getting Bind Versions:
2173_________________________________________________
2174
2175
2176Trying Zone Transfer for two-elfs.com on ns-canada.topdns.com ...
2177
2178Trying Zone Transfer for two-elfs.com on ns-usa.topdns.com ...
2179
2180Trying Zone Transfer for two-elfs.com on ns-uk.topdns.com ...
2181
2182
2183Brute forcing with /usr/share/dnsenum/dns.txt:
2184_______________________________________________
2185
2186members.two-elfs.com. 1634 IN A 94.102.49.234
2187www.two-elfs.com. 1038 IN A 94.102.49.234
2188
2189
2190two-elfs.com class C netranges:
2191________________________________
2192
2193 94.102.49.0/24
2194
2195
2196Performing reverse lookup on 256 ip addresses:
2197_______________________________________________
2198
2199
22000 results out of 256 IP addresses.
2201
2202
2203two-elfs.com ip blocks:
2204________________________
2205
2206
2207done.
2208#######################################################################################################################################
2209[-] Enumerating subdomains now for two-elfs.com
2210[-] verbosity is enabled, will show the subdomains results in realtime
2211[-] Searching now in Baidu..
2212[-] Searching now in Yahoo..
2213[-] Searching now in Google..
2214[-] Searching now in Bing..
2215[-] Searching now in Ask..
2216[-] Searching now in Netcraft..
2217[-] Searching now in DNSdumpster..
2218[-] Searching now in Virustotal..
2219[-] Searching now in ThreatCrowd..
2220[-] Searching now in SSL Certificates..
2221[-] Searching now in PassiveDNS..
2222Virustotal: www.two-elfs.com
2223Netcraft: www.two-elfs.com
2224Yahoo: www.two-elfs.com
2225[-] Saving results to file: /usr/share/sniper/loot/workspace/two-elfs.com/domains/domains-two-elfs.com.txt
2226[-] Total Unique Subdomains Found: 1
2227www.two-elfs.com
2228#######################################################################################################################################
2229two-elfs.com 94.102.49.234
2230www.two-elfs.com 94.102.49.234
2231#######################################################################################################################################
2232
2233Running Source: Ask
2234Running Source: Archive.is
2235Running Source: Baidu
2236Running Source: Bing
2237Running Source: CertDB
2238Running Source: CertificateTransparency
2239Running Source: Certspotter
2240Running Source: Commoncrawl
2241Running Source: Crt.sh
2242Running Source: Dnsdb
2243Running Source: DNSDumpster
2244Running Source: DNSTable
2245Running Source: Dogpile
2246Running Source: Exalead
2247Running Source: Findsubdomains
2248Running Source: Googleter
2249Running Source: Hackertarget
2250Running Source: Ipv4Info
2251Running Source: PTRArchive
2252Running Source: Sitedossier
2253Running Source: Threatcrowd
2254Running Source: ThreatMiner
2255Running Source: WaybackArchive
2256Running Source: Yahoo
2257
2258Running enumeration on two-elfs.com
2259
2260dnsdb: Unexpected return status 404
2261
2262ipv4info: <nil>
2263
2264
2265Starting Bruteforcing of two-elfs.com with 9985 words
2266
2267Total 6 Unique subdomains found for two-elfs.com
2268
2269.two-elfs.com
2270areamem.two-elfs.com
2271members.two-elfs.com
2272special.two-elfs.com
2273www.two-elfs.com
2274www.two-elfs.com
2275#######################################################################################################################################
2276[*] Processing domain two-elfs.com
2277[*] Using system resolvers ['185.93.180.131', '194.187.251.67', '38.132.106.139', '192.168.0.1', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a']
2278[+] Getting nameservers
227946.166.189.99 - ns-usa.topdns.com
228085.159.232.241 - ns-usa.topdns.com
2281108.61.12.163 - ns-usa.topdns.com
228277.247.183.137 - ns-uk.topdns.com
2283108.61.150.91 - ns-uk.topdns.com
2284109.201.142.225 - ns-canada.topdns.com
2285[-] Zone transfer failed
2286
2287[+] MX records found, added to target list
22880 mail.teensagency.info.
2289
2290[*] Scanning two-elfs.com for A records
229194.102.49.234 - two-elfs.com
229294.102.49.234 - members.two-elfs.com
229394.102.49.234 - www.two-elfs.com
2294######################################################################################################################################
2295Privileges have been dropped to "nobody:nogroup" for security reasons.
2296
2297Processed queries: 0
2298Received packets: 0
2299Progress: 0.00% (00 h 00 min 00 sec / 00 h 00 min 00 sec)
2300Current incoming rate: 0 pps, average: 0 pps
2301Current success rate: 0 pps, average: 0 pps
2302Finished total: 0, success: 0 (0.00%)
2303Mismatched domains: 0 (0.00%), IDs: 0 (0.00%)
2304Failures: 0: 0.00%, 1: 0.00%, 2: 0.00%, 3: 0.00%, 4: 0.00%, 5: 0.00%, 6: 0.00%, 7: 0.00%, 8: 0.00%, 9: 0.00%, 10: 0.00%, 11: 0.00%, 12: 0.00%, 13: 0.00%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2305Response: | Success: | Total:
2306OK: | 0 ( 0.00%) | 0 ( 0.00%)
2307NXDOMAIN: | 0 ( 0.00%) | 0 ( 0.00%)
2308SERVFAIL: | 0 ( 0.00%) | 0 ( 0.00%)
2309REFUSED: | 0 ( 0.00%) | 0 ( 0.00%)
2310FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2311
2312
2313
2314Processed queries: 3895
2315Received packets: 2552
2316Progress: 100.00% (00 h 00 min 01 sec / 00 h 00 min 01 sec)
2317Current incoming rate: 2550 pps, average: 2550 pps
2318Current success rate: 1757 pps, average: 1757 pps
2319Finished total: 1759, success: 1759 (100.00%)
2320Mismatched domains: 99 (3.90%), IDs: 0 (0.00%)
2321Failures: 0: 38.89%, 1: 155.54%, 2: 24.28%, 3: 2.73%, 4: 0.00%, 5: 0.00%, 6: 0.00%, 7: 0.00%, 8: 0.00%, 9: 0.00%, 10: 0.00%, 11: 0.00%, 12: 0.00%, 13: 0.00%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2322Response: | Success: | Total:
2323OK: | 192 ( 10.92%) | 199 ( 7.84%)
2324NXDOMAIN: | 1524 ( 86.64%) | 1582 ( 62.31%)
2325SERVFAIL: | 43 ( 2.44%) | 44 ( 1.73%)
2326REFUSED: | 0 ( 0.00%) | 714 ( 28.12%)
2327FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2328
2329
2330
2331Processed queries: 3895
2332Received packets: 4846
2333Progress: 100.00% (00 h 00 min 02 sec / 00 h 00 min 02 sec)
2334Current incoming rate: 2289 pps, average: 2419 pps
2335Current success rate: 1525 pps, average: 1641 pps
2336Finished total: 3288, success: 3288 (100.00%)
2337Mismatched domains: 349 (7.25%), IDs: 0 (0.00%)
2338Failures: 0: 20.80%, 1: 30.41%, 2: 25.30%, 3: 29.74%, 4: 10.16%, 5: 1.86%, 6: 0.18%, 7: 0.00%, 8: 0.00%, 9: 0.00%, 10: 0.00%, 11: 0.00%, 12: 0.00%, 13: 0.00%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2339Response: | Success: | Total:
2340OK: | 311 ( 9.46%) | 328 ( 6.81%)
2341NXDOMAIN: | 2902 ( 88.26%) | 3148 ( 65.37%)
2342SERVFAIL: | 75 ( 2.28%) | 80 ( 1.66%)
2343REFUSED: | 0 ( 0.00%) | 1260 ( 26.16%)
2344FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2345
2346
2347
2348Processed queries: 3895
2349Received packets: 5600
2350Progress: 100.00% (00 h 00 min 03 sec / 00 h 00 min 03 sec)
2351Current incoming rate: 752 pps, average: 1863 pps
2352Current success rate: 471 pps, average: 1251 pps
2353Finished total: 3760, success: 3760 (100.00%)
2354Mismatched domains: 468 (8.41%), IDs: 0 (0.00%)
2355Failures: 0: 18.19%, 1: 26.60%, 2: 22.13%, 3: 16.81%, 4: 9.34%, 5: 6.09%, 6: 3.24%, 7: 1.04%, 8: 0.16%, 9: 0.00%, 10: 0.00%, 11: 0.00%, 12: 0.00%, 13: 0.00%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2356Response: | Success: | Total:
2357OK: | 353 ( 9.39%) | 373 ( 6.70%)
2358NXDOMAIN: | 3325 ( 88.43%) | 3669 ( 65.92%)
2359SERVFAIL: | 82 ( 2.18%) | 88 ( 1.58%)
2360REFUSED: | 0 ( 0.00%) | 1436 ( 25.80%)
2361FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2362
2363
2364
2365Processed queries: 3895
2366Received packets: 5776
2367Progress: 100.00% (00 h 00 min 04 sec / 00 h 00 min 04 sec)
2368Current incoming rate: 175 pps, average: 1441 pps
2369Current success rate: 104 pps, average: 964 pps
2370Finished total: 3865, success: 3865 (100.00%)
2371Mismatched domains: 503 (8.76%), IDs: 0 (0.00%)
2372Failures: 0: 17.70%, 1: 25.87%, 2: 21.53%, 3: 16.35%, 4: 9.08%, 5: 4.89%, 6: 2.69%, 7: 1.35%, 8: 0.78%, 9: 0.36%, 10: 0.16%, 11: 0.03%, 12: 0.00%, 13: 0.00%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2373Response: | Success: | Total:
2374OK: | 359 ( 9.29%) | 379 ( 6.60%)
2375NXDOMAIN: | 3424 ( 88.59%) | 3795 ( 66.10%)
2376SERVFAIL: | 82 ( 2.12%) | 89 ( 1.55%)
2377REFUSED: | 0 ( 0.00%) | 1478 ( 25.74%)
2378FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2379
2380
2381
2382Processed queries: 3895
2383Received packets: 5825
2384Progress: 100.00% (00 h 00 min 05 sec / 00 h 00 min 05 sec)
2385Current incoming rate: 48 pps, average: 1162 pps
2386Current success rate: 24 pps, average: 776 pps
2387Finished total: 3890, success: 3890 (100.00%)
2388Mismatched domains: 521 (9.00%), IDs: 0 (0.00%)
2389Failures: 0: 17.58%, 1: 25.71%, 2: 21.39%, 3: 16.25%, 4: 9.02%, 5: 4.86%, 6: 2.67%, 7: 1.18%, 8: 0.57%, 9: 0.46%, 10: 0.28%, 11: 0.10%, 12: 0.03%, 13: 0.03%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2390Response: | Success: | Total:
2391OK: | 360 ( 9.25%) | 380 ( 6.56%)
2392NXDOMAIN: | 3447 ( 88.61%) | 3828 ( 66.11%)
2393SERVFAIL: | 83 ( 2.13%) | 90 ( 1.55%)
2394REFUSED: | 0 ( 0.00%) | 1492 ( 25.77%)
2395FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2396
2397
2398
2399Processed queries: 3895
2400Received packets: 5835
2401Progress: 100.00% (00 h 00 min 06 sec / 00 h 00 min 06 sec)
2402Current incoming rate: 9 pps, average: 970 pps
2403Current success rate: 2 pps, average: 647 pps
2404Finished total: 3893, success: 3893 (100.00%)
2405Mismatched domains: 528 (9.10%), IDs: 0 (0.00%)
2406Failures: 0: 17.57%, 1: 25.69%, 2: 21.37%, 3: 16.23%, 4: 9.02%, 5: 4.85%, 6: 2.67%, 7: 1.18%, 8: 0.57%, 9: 0.44%, 10: 0.26%, 11: 0.08%, 12: 0.08%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2407Response: | Success: | Total:
2408OK: | 360 ( 9.25%) | 380 ( 6.55%)
2409NXDOMAIN: | 3450 ( 88.62%) | 3837 ( 66.16%)
2410SERVFAIL: | 83 ( 2.13%) | 90 ( 1.55%)
2411REFUSED: | 0 ( 0.00%) | 1493 ( 25.74%)
2412FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2413
2414
2415
2416Processed queries: 3895
2417Received packets: 5844
2418Progress: 100.00% (00 h 00 min 07 sec / 00 h 00 min 07 sec)
2419Current incoming rate: 8 pps, average: 833 pps
2420Current success rate: 0 pps, average: 555 pps
2421Finished total: 3894, success: 3894 (100.00%)
2422Mismatched domains: 536 (9.23%), IDs: 0 (0.00%)
2423Failures: 0: 17.57%, 1: 25.68%, 2: 21.37%, 3: 16.23%, 4: 9.01%, 5: 4.85%, 6: 2.67%, 7: 1.18%, 8: 0.56%, 9: 0.44%, 10: 0.26%, 11: 0.05%, 12: 0.08%, 13: 0.08%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2424Response: | Success: | Total:
2425OK: | 360 ( 9.24%) | 380 ( 6.54%)
2426NXDOMAIN: | 3451 ( 88.62%) | 3844 ( 66.17%)
2427SERVFAIL: | 83 ( 2.13%) | 90 ( 1.55%)
2428REFUSED: | 0 ( 0.00%) | 1494 ( 25.72%)
2429FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2430
2431
2432
2433Processed queries: 3895
2434Received packets: 5850
2435Progress: 100.00% (00 h 00 min 08 sec / 00 h 00 min 08 sec)
2436Current incoming rate: 5 pps, average: 729 pps
2437Current success rate: 0 pps, average: 485 pps
2438Finished total: 3894, success: 3894 (100.00%)
2439Mismatched domains: 542 (9.32%), IDs: 0 (0.00%)
2440Failures: 0: 17.57%, 1: 25.68%, 2: 21.37%, 3: 16.23%, 4: 9.01%, 5: 4.85%, 6: 2.67%, 7: 1.18%, 8: 0.56%, 9: 0.44%, 10: 0.26%, 11: 0.05%, 12: 0.08%, 13: 0.05%, 14: 0.00%, 15: 0.03%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2441Response: | Success: | Total:
2442OK: | 360 ( 9.24%) | 380 ( 6.53%)
2443NXDOMAIN: | 3451 ( 88.62%) | 3848 ( 66.17%)
2444SERVFAIL: | 83 ( 2.13%) | 90 ( 1.55%)
2445REFUSED: | 0 ( 0.00%) | 1496 ( 25.73%)
2446FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2447
2448
2449
2450Processed queries: 3895
2451Received packets: 5852
2452Progress: 100.00% (00 h 00 min 09 sec / 00 h 00 min 09 sec)
2453Current incoming rate: 1 pps, average: 649 pps
2454Current success rate: 0 pps, average: 431 pps
2455Finished total: 3894, success: 3894 (100.00%)
2456Mismatched domains: 544 (9.35%), IDs: 0 (0.00%)
2457Failures: 0: 17.57%, 1: 25.68%, 2: 21.37%, 3: 16.23%, 4: 9.01%, 5: 4.85%, 6: 2.67%, 7: 1.18%, 8: 0.56%, 9: 0.44%, 10: 0.26%, 11: 0.05%, 12: 0.08%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.03%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2458Response: | Success: | Total:
2459OK: | 360 ( 9.24%) | 380 ( 6.53%)
2460NXDOMAIN: | 3451 ( 88.62%) | 3848 ( 66.15%)
2461SERVFAIL: | 83 ( 2.13%) | 91 ( 1.56%)
2462REFUSED: | 0 ( 0.00%) | 1497 ( 25.73%)
2463FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2464
2465
2466
2467Processed queries: 3895
2468Received packets: 5854
2469Progress: 100.00% (00 h 00 min 10 sec / 00 h 00 min 10 sec)
2470Current incoming rate: 1 pps, average: 584 pps
2471Current success rate: 0 pps, average: 388 pps
2472Finished total: 3894, success: 3894 (100.00%)
2473Mismatched domains: 546 (9.38%), IDs: 0 (0.00%)
2474Failures: 0: 17.57%, 1: 25.68%, 2: 21.37%, 3: 16.23%, 4: 9.01%, 5: 4.85%, 6: 2.67%, 7: 1.18%, 8: 0.56%, 9: 0.44%, 10: 0.26%, 11: 0.05%, 12: 0.08%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.03%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2475Response: | Success: | Total:
2476OK: | 360 ( 9.24%) | 380 ( 6.53%)
2477NXDOMAIN: | 3451 ( 88.62%) | 3849 ( 66.15%)
2478SERVFAIL: | 83 ( 2.13%) | 91 ( 1.56%)
2479REFUSED: | 0 ( 0.00%) | 1498 ( 25.74%)
2480FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2481
2482
2483
2484Processed queries: 3895
2485Received packets: 5858
2486Progress: 100.00% (00 h 00 min 11 sec / 00 h 00 min 11 sec)
2487Current incoming rate: 3 pps, average: 531 pps
2488Current success rate: 0 pps, average: 353 pps
2489Finished total: 3894, success: 3894 (100.00%)
2490Mismatched domains: 550 (9.45%), IDs: 0 (0.00%)
2491Failures: 0: 17.57%, 1: 25.68%, 2: 21.37%, 3: 16.23%, 4: 9.01%, 5: 4.85%, 6: 2.67%, 7: 1.18%, 8: 0.56%, 9: 0.44%, 10: 0.26%, 11: 0.05%, 12: 0.08%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.03%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2492Response: | Success: | Total:
2493OK: | 360 ( 9.24%) | 381 ( 6.54%)
2494NXDOMAIN: | 3451 ( 88.62%) | 3849 ( 66.10%)
2495SERVFAIL: | 83 ( 2.13%) | 94 ( 1.61%)
2496REFUSED: | 0 ( 0.00%) | 1498 ( 25.73%)
2497FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2498
2499
2500
2501Processed queries: 3895
2502Received packets: 5863
2503Progress: 100.00% (00 h 00 min 12 sec / 00 h 00 min 12 sec)
2504Current incoming rate: 4 pps, average: 487 pps
2505Current success rate: 0 pps, average: 323 pps
2506Finished total: 3894, success: 3894 (100.00%)
2507Mismatched domains: 555 (9.52%), IDs: 0 (0.00%)
2508Failures: 0: 17.57%, 1: 25.68%, 2: 21.37%, 3: 16.23%, 4: 9.01%, 5: 4.85%, 6: 2.67%, 7: 1.18%, 8: 0.56%, 9: 0.44%, 10: 0.26%, 11: 0.05%, 12: 0.08%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.03%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2509Response: | Success: | Total:
2510OK: | 360 ( 9.24%) | 381 ( 6.54%)
2511NXDOMAIN: | 3451 ( 88.62%) | 3849 ( 66.04%)
2512SERVFAIL: | 83 ( 2.13%) | 98 ( 1.68%)
2513REFUSED: | 0 ( 0.00%) | 1499 ( 25.72%)
2514FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2515
2516
2517
2518Processed queries: 3895
2519Received packets: 5867
2520Progress: 100.00% (00 h 00 min 13 sec / 00 h 00 min 13 sec)
2521Current incoming rate: 3 pps, average: 450 pps
2522Current success rate: 0 pps, average: 298 pps
2523Finished total: 3894, success: 3894 (100.00%)
2524Mismatched domains: 559 (9.59%), IDs: 0 (0.00%)
2525Failures: 0: 17.57%, 1: 25.68%, 2: 21.37%, 3: 16.23%, 4: 9.01%, 5: 4.85%, 6: 2.67%, 7: 1.18%, 8: 0.56%, 9: 0.44%, 10: 0.26%, 11: 0.05%, 12: 0.08%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.03%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2526Response: | Success: | Total:
2527OK: | 360 ( 9.24%) | 381 ( 6.53%)
2528NXDOMAIN: | 3451 ( 88.62%) | 3849 ( 66.00%)
2529SERVFAIL: | 83 ( 2.13%) | 100 ( 1.71%)
2530REFUSED: | 0 ( 0.00%) | 1501 ( 25.74%)
2531FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2532
2533
2534
2535Processed queries: 3895
2536Received packets: 5868
2537Progress: 100.00% (00 h 00 min 14 sec / 00 h 00 min 14 sec)
2538Current incoming rate: 0 pps, average: 418 pps
2539Current success rate: 0 pps, average: 277 pps
2540Finished total: 3894, success: 3894 (100.00%)
2541Mismatched domains: 560 (9.60%), IDs: 0 (0.00%)
2542Failures: 0: 17.57%, 1: 25.68%, 2: 21.37%, 3: 16.23%, 4: 9.01%, 5: 4.85%, 6: 2.67%, 7: 1.18%, 8: 0.56%, 9: 0.44%, 10: 0.26%, 11: 0.05%, 12: 0.08%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.03%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2543Response: | Success: | Total:
2544OK: | 360 ( 9.24%) | 381 ( 6.53%)
2545NXDOMAIN: | 3451 ( 88.62%) | 3849 ( 65.99%)
2546SERVFAIL: | 83 ( 2.13%) | 100 ( 1.71%)
2547REFUSED: | 0 ( 0.00%) | 1502 ( 25.75%)
2548FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2549
2550
2551
2552Processed queries: 3895
2553Received packets: 5868
2554Progress: 100.00% (00 h 00 min 15 sec / 00 h 00 min 15 sec)
2555Current incoming rate: 0 pps, average: 390 pps
2556Current success rate: 0 pps, average: 259 pps
2557Finished total: 3894, success: 3894 (100.00%)
2558Mismatched domains: 560 (9.60%), IDs: 0 (0.00%)
2559Failures: 0: 17.57%, 1: 25.68%, 2: 21.37%, 3: 16.23%, 4: 9.01%, 5: 4.85%, 6: 2.67%, 7: 1.18%, 8: 0.56%, 9: 0.44%, 10: 0.26%, 11: 0.05%, 12: 0.08%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.03%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2560Response: | Success: | Total:
2561OK: | 360 ( 9.24%) | 381 ( 6.53%)
2562NXDOMAIN: | 3451 ( 88.62%) | 3849 ( 65.99%)
2563SERVFAIL: | 83 ( 2.13%) | 100 ( 1.71%)
2564REFUSED: | 0 ( 0.00%) | 1502 ( 25.75%)
2565FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2566
2567
2568
2569Processed queries: 3895
2570Received packets: 5869
2571Progress: 100.00% (00 h 00 min 16 sec / 00 h 00 min 16 sec)
2572Current incoming rate: 0 pps, average: 366 pps
2573Current success rate: 0 pps, average: 242 pps
2574Finished total: 3894, success: 3894 (100.00%)
2575Mismatched domains: 561 (9.62%), IDs: 0 (0.00%)
2576Failures: 0: 17.57%, 1: 25.68%, 2: 21.37%, 3: 16.23%, 4: 9.01%, 5: 4.85%, 6: 2.67%, 7: 1.18%, 8: 0.56%, 9: 0.44%, 10: 0.26%, 11: 0.05%, 12: 0.08%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.03%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2577Response: | Success: | Total:
2578OK: | 360 ( 9.24%) | 381 ( 6.53%)
2579NXDOMAIN: | 3451 ( 88.62%) | 3849 ( 65.98%)
2580SERVFAIL: | 83 ( 2.13%) | 100 ( 1.71%)
2581REFUSED: | 0 ( 0.00%) | 1503 ( 25.76%)
2582FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2583
2584
2585
2586Processed queries: 3895
2587Received packets: 5871
2588Progress: 100.00% (00 h 00 min 17 sec / 00 h 00 min 17 sec)
2589Current incoming rate: 1 pps, average: 344 pps
2590Current success rate: 0 pps, average: 228 pps
2591Finished total: 3894, success: 3894 (100.00%)
2592Mismatched domains: 563 (9.65%), IDs: 0 (0.00%)
2593Failures: 0: 17.57%, 1: 25.68%, 2: 21.37%, 3: 16.23%, 4: 9.01%, 5: 4.85%, 6: 2.67%, 7: 1.18%, 8: 0.56%, 9: 0.44%, 10: 0.26%, 11: 0.05%, 12: 0.08%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.03%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2594Response: | Success: | Total:
2595OK: | 360 ( 9.24%) | 381 ( 6.53%)
2596NXDOMAIN: | 3451 ( 88.62%) | 3849 ( 65.95%)
2597SERVFAIL: | 83 ( 2.13%) | 100 ( 1.71%)
2598REFUSED: | 0 ( 0.00%) | 1505 ( 25.79%)
2599FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2600
2601
2602
2603Processed queries: 3895
2604Received packets: 5873
2605Progress: 100.00% (00 h 00 min 18 sec / 00 h 00 min 18 sec)
2606Current incoming rate: 1 pps, average: 325 pps
2607Current success rate: 0 pps, average: 215 pps
2608Finished total: 3894, success: 3894 (100.00%)
2609Mismatched domains: 565 (9.68%), IDs: 0 (0.00%)
2610Failures: 0: 17.57%, 1: 25.68%, 2: 21.37%, 3: 16.23%, 4: 9.01%, 5: 4.85%, 6: 2.67%, 7: 1.18%, 8: 0.56%, 9: 0.44%, 10: 0.26%, 11: 0.05%, 12: 0.08%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.03%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2611Response: | Success: | Total:
2612OK: | 360 ( 9.24%) | 381 ( 6.53%)
2613NXDOMAIN: | 3451 ( 88.62%) | 3849 ( 65.93%)
2614SERVFAIL: | 83 ( 2.13%) | 100 ( 1.71%)
2615REFUSED: | 0 ( 0.00%) | 1507 ( 25.81%)
2616FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2617
2618
2619
2620Processed queries: 3895
2621Received packets: 5874
2622Progress: 100.00% (00 h 00 min 19 sec / 00 h 00 min 19 sec)
2623Current incoming rate: 0 pps, average: 308 pps
2624Current success rate: 0 pps, average: 204 pps
2625Finished total: 3894, success: 3894 (100.00%)
2626Mismatched domains: 566 (9.69%), IDs: 0 (0.00%)
2627Failures: 0: 17.57%, 1: 25.68%, 2: 21.37%, 3: 16.23%, 4: 9.01%, 5: 4.85%, 6: 2.67%, 7: 1.18%, 8: 0.56%, 9: 0.44%, 10: 0.26%, 11: 0.05%, 12: 0.08%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.03%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2628Response: | Success: | Total:
2629OK: | 360 ( 9.24%) | 381 ( 6.53%)
2630NXDOMAIN: | 3451 ( 88.62%) | 3849 ( 65.92%)
2631SERVFAIL: | 83 ( 2.13%) | 101 ( 1.73%)
2632REFUSED: | 0 ( 0.00%) | 1507 ( 25.81%)
2633FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2634
2635
2636
2637Processed queries: 3895
2638Received packets: 5878
2639Progress: 100.00% (00 h 00 min 20 sec / 00 h 00 min 20 sec)
2640Current incoming rate: 3 pps, average: 293 pps
2641Current success rate: 0 pps, average: 194 pps
2642Finished total: 3894, success: 3894 (100.00%)
2643Mismatched domains: 570 (9.76%), IDs: 0 (0.00%)
2644Failures: 0: 17.57%, 1: 25.68%, 2: 21.37%, 3: 16.23%, 4: 9.01%, 5: 4.85%, 6: 2.67%, 7: 1.18%, 8: 0.56%, 9: 0.44%, 10: 0.26%, 11: 0.05%, 12: 0.08%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.03%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2645Response: | Success: | Total:
2646OK: | 360 ( 9.24%) | 381 ( 6.52%)
2647NXDOMAIN: | 3451 ( 88.62%) | 3849 ( 65.87%)
2648SERVFAIL: | 83 ( 2.13%) | 103 ( 1.76%)
2649REFUSED: | 0 ( 0.00%) | 1509 ( 25.83%)
2650FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2651
2652
2653
2654Processed queries: 3895
2655Received packets: 5886
2656Progress: 100.00% (00 h 00 min 21 sec / 00 h 00 min 21 sec)
2657Current incoming rate: 7 pps, average: 279 pps
2658Current success rate: 0 pps, average: 185 pps
2659Finished total: 3894, success: 3894 (100.00%)
2660Mismatched domains: 578 (9.88%), IDs: 0 (0.00%)
2661Failures: 0: 17.57%, 1: 25.68%, 2: 21.37%, 3: 16.23%, 4: 9.01%, 5: 4.85%, 6: 2.67%, 7: 1.18%, 8: 0.56%, 9: 0.44%, 10: 0.26%, 11: 0.05%, 12: 0.08%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.03%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2662Response: | Success: | Total:
2663OK: | 360 ( 9.24%) | 381 ( 6.51%)
2664NXDOMAIN: | 3451 ( 88.62%) | 3849 ( 65.78%)
2665SERVFAIL: | 83 ( 2.13%) | 109 ( 1.86%)
2666REFUSED: | 0 ( 0.00%) | 1511 ( 25.82%)
2667FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2668
2669
2670
2671Processed queries: 3895
2672Received packets: 5889
2673Progress: 100.00% (00 h 00 min 22 sec / 00 h 00 min 22 sec)
2674Current incoming rate: 2 pps, average: 267 pps
2675Current success rate: 0 pps, average: 176 pps
2676Finished total: 3894, success: 3894 (100.00%)
2677Mismatched domains: 581 (9.92%), IDs: 0 (0.00%)
2678Failures: 0: 17.57%, 1: 25.68%, 2: 21.37%, 3: 16.23%, 4: 9.01%, 5: 4.85%, 6: 2.67%, 7: 1.18%, 8: 0.56%, 9: 0.44%, 10: 0.26%, 11: 0.05%, 12: 0.08%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.03%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2679Response: | Success: | Total:
2680OK: | 360 ( 9.24%) | 381 ( 6.51%)
2681NXDOMAIN: | 3451 ( 88.62%) | 3849 ( 65.75%)
2682SERVFAIL: | 83 ( 2.13%) | 111 ( 1.90%)
2683REFUSED: | 0 ( 0.00%) | 1512 ( 25.83%)
2684FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2685
2686
2687
2688Processed queries: 3895
2689Received packets: 5896
2690Progress: 100.00% (00 h 00 min 23 sec / 00 h 00 min 23 sec)
2691Current incoming rate: 6 pps, average: 255 pps
2692Current success rate: 0 pps, average: 168 pps
2693Finished total: 3894, success: 3894 (100.00%)
2694Mismatched domains: 588 (10.03%), IDs: 0 (0.00%)
2695Failures: 0: 17.57%, 1: 25.68%, 2: 21.37%, 3: 16.23%, 4: 9.01%, 5: 4.85%, 6: 2.67%, 7: 1.18%, 8: 0.56%, 9: 0.44%, 10: 0.26%, 11: 0.05%, 12: 0.08%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.03%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2696Response: | Success: | Total:
2697OK: | 360 ( 9.24%) | 381 ( 6.50%)
2698NXDOMAIN: | 3451 ( 88.62%) | 3849 ( 65.67%)
2699SERVFAIL: | 83 ( 2.13%) | 117 ( 2.00%)
2700REFUSED: | 0 ( 0.00%) | 1513 ( 25.81%)
2701FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2702
2703
2704
2705Processed queries: 3895
2706Received packets: 5896
2707Progress: 100.00% (00 h 00 min 24 sec / 00 h 00 min 24 sec)
2708Current incoming rate: 0 pps, average: 245 pps
2709Current success rate: 0 pps, average: 161 pps
2710Finished total: 3894, success: 3894 (100.00%)
2711Mismatched domains: 588 (10.03%), IDs: 0 (0.00%)
2712Failures: 0: 17.57%, 1: 25.68%, 2: 21.37%, 3: 16.23%, 4: 9.01%, 5: 4.85%, 6: 2.67%, 7: 1.18%, 8: 0.56%, 9: 0.44%, 10: 0.26%, 11: 0.05%, 12: 0.08%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.03%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2713Response: | Success: | Total:
2714OK: | 360 ( 9.24%) | 381 ( 6.50%)
2715NXDOMAIN: | 3451 ( 88.62%) | 3849 ( 65.67%)
2716SERVFAIL: | 83 ( 2.13%) | 117 ( 2.00%)
2717REFUSED: | 0 ( 0.00%) | 1513 ( 25.81%)
2718FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2719
2720
2721
2722Processed queries: 3895
2723Received packets: 5897
2724Progress: 100.00% (00 h 00 min 25 sec / 00 h 00 min 25 sec)
2725Current incoming rate: 0 pps, average: 235 pps
2726Current success rate: 0 pps, average: 155 pps
2727Finished total: 3894, success: 3894 (100.00%)
2728Mismatched domains: 589 (10.05%), IDs: 0 (0.00%)
2729Failures: 0: 17.57%, 1: 25.68%, 2: 21.37%, 3: 16.23%, 4: 9.01%, 5: 4.85%, 6: 2.67%, 7: 1.18%, 8: 0.56%, 9: 0.44%, 10: 0.26%, 11: 0.05%, 12: 0.08%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.03%, 50: 0.00%,
2730Response: | Success: | Total:
2731OK: | 360 ( 9.24%) | 381 ( 6.50%)
2732NXDOMAIN: | 3451 ( 88.62%) | 3849 ( 65.66%)
2733SERVFAIL: | 83 ( 2.13%) | 118 ( 2.01%)
2734REFUSED: | 0 ( 0.00%) | 1513 ( 25.81%)
2735FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2736
2737
2738
2739Processed queries: 3895
2740Received packets: 5897
2741Progress: 100.00% (00 h 00 min 25 sec / 00 h 00 min 25 sec)
2742Current incoming rate: 0 pps, average: 234 pps
2743Current success rate: 0 pps, average: 155 pps
2744Finished total: 3895, success: 3894 (99.97%)
2745Mismatched domains: 589 (10.05%), IDs: 0 (0.00%)
2746Failures: 0: 17.56%, 1: 25.67%, 2: 21.36%, 3: 16.23%, 4: 9.01%, 5: 4.85%, 6: 2.67%, 7: 1.18%, 8: 0.56%, 9: 0.44%, 10: 0.26%, 11: 0.05%, 12: 0.08%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.03%,
2747Response: | Success: | Total:
2748OK: | 360 ( 9.24%) | 381 ( 6.50%)
2749NXDOMAIN: | 3451 ( 88.62%) | 3849 ( 65.66%)
2750SERVFAIL: | 83 ( 2.13%) | 118 ( 2.01%)
2751REFUSED: | 0 ( 0.00%) | 1513 ( 25.81%)
2752FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2753areamem.two-elfs.com
2754members.two-elfs.com
2755special.two-elfs.com
2756two-elfs.com
2757www.two-elfs.com
2758185.222.66.68
275994.102.49.234
2760#######################################################################################################################################
2761[+] two-elfs.com has no SPF record!
2762[*] No DMARC record found. Looking for organizational record
2763[+] No organizational DMARC record
2764[+] Spoofing possible for two-elfs.com!
2765#######################################################################################################################################
2766Starting Nmap 7.80 ( https://nmap.org ) at 2019-11-06 18:55 EST
2767Nmap scan report for two-elfs.com (94.102.49.234)
2768Host is up (0.17s latency).
2769rDNS record for 94.102.49.234: no-reverse-dns-configured.com
2770Not shown: 994 closed ports
2771PORT STATE SERVICE
277221/tcp open ftp
277322/tcp open ssh
277480/tcp open http
2775111/tcp open rpcbind
2776222/tcp open rsh-spx
27773306/tcp open mysql
2778
2779Nmap done: 1 IP address (1 host up) scanned in 2.74 seconds
2780#######################################################################################################################################
2781Starting Nmap 7.80 ( https://nmap.org ) at 2019-11-06 18:55 EST
2782Nmap scan report for two-elfs.com (94.102.49.234)
2783Host is up (0.17s latency).
2784rDNS record for 94.102.49.234: no-reverse-dns-configured.com
2785Not shown: 12 closed ports, 2 filtered ports
2786PORT STATE SERVICE
2787123/udp open ntp
2788
2789Nmap done: 1 IP address (1 host up) scanned in 7.53 seconds
2790#######################################################################################################################################
2791Starting Nmap 7.80 ( https://nmap.org ) at 2019-11-06 18:55 EST
2792NSE: [ftp-brute] usernames: Time limit 10m00s exceeded.
2793NSE: [ftp-brute] usernames: Time limit 10m00s exceeded.
2794NSE: [ftp-brute] passwords: Time limit 10m00s exceeded.
2795Nmap scan report for two-elfs.com (94.102.49.234)
2796Host is up (0.17s latency).
2797rDNS record for 94.102.49.234: no-reverse-dns-configured.com
2798
2799PORT STATE SERVICE VERSION
280021/tcp open ftp vsftpd 2.0.5
2801| ftp-brute:
2802| Accounts: No valid accounts found
2803|_ Statistics: Performed 2145 guesses in 604 seconds, average tps: 3.4
2804| vulscan: VulDB - https://vuldb.com:
2805| [43110] vsftpd up to 2.0.4 Memory Leak denial of service
2806|
2807| MITRE CVE - https://cve.mitre.org:
2808| [CVE-2008-2375] Memory leak in a certain Red Hat deployment of vsftpd before 2.0.5 on Red Hat Enterprise Linux (RHEL) 3 and 4, when PAM is used, allows remote attackers to cause a denial of service (memory consumption) via a large number of invalid authentication attempts within the same session, a different vulnerability than CVE-2007-5962.
2809| [CVE-2007-5962] Memory leak in a certain Red Hat patch, applied to vsftpd 2.0.5 on Red Hat Enterprise Linux (RHEL) 5 and Fedora 6 through 8, and on Foresight Linux and rPath appliances, allows remote attackers to cause a denial of service (memory consumption) via a large number of CWD commands, as demonstrated by an attack on a daemon with the deny_file configuration option.
2810| [CVE-2008-4969] ltp-network-test 20060918 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/vsftpd.conf, (b) /tmp/udp/2/*, (c) /tmp/tcp/2/*, (d) /tmp/udp/3/*, (e) /tmp/tcp/3/*, (f) /tmp/nfs_fsstress.udp.2.log, (g) /tmp/nfs_fsstress.udp.3.log, (h) /tmp/nfs_fsstress.tcp.2.log, (i) /tmp/nfs_fsstress.tcp.3.log, and (j) /tmp/nfs_fsstress.sardata temporary files, related to the (1) ftp_setup_vsftp_conf and (2) nfs_fsstress.sh scripts.
2811| [CVE-2007-4322] BlockHosts before 2.0.4 does not properly parse (1) sshd and (2) vsftpd log files, which allows remote attackers to add arbitrary deny entries to the /etc/hosts.allow file and cause a denial of service by adding arbitrary IP addresses to a daemon log file, as demonstrated by connecting through ssh with a client protocol version identification containing an IP address string, or connecting through ftp with a username containing an IP address string, different vectors than CVE-2007-2765.
2812|
2813| SecurityFocus - https://www.securityfocus.com/bid/:
2814| [82285] Vsftpd CVE-2004-0042 Remote Security Vulnerability
2815| [72451] vsftpd CVE-2015-1419 Security Bypass Vulnerability
2816| [51013] vsftpd '__tzfile_read()' Function Heap Based Buffer Overflow Vulnerability
2817| [48539] vsftpd Compromised Source Packages Backdoor Vulnerability
2818| [46617] vsftpd FTP Server 'ls.c' Remote Denial of Service Vulnerability
2819| [41443] Vsftpd Webmin Module Multiple Unspecified Vulnerabilities
2820| [30364] vsftpd FTP Server Pluggable Authentication Module (PAM) Remote Denial of Service Vulnerability
2821| [29322] vsftpd FTP Server 'deny_file' Option Remote Denial of Service Vulnerability
2822| [10394] Vsftpd Listener Denial of Service Vulnerability
2823| [7253] Red Hat Linux 9 vsftpd Compiling Error Weakness
2824|
2825| IBM X-Force - https://exchange.xforce.ibmcloud.com:
2826| [68366] vsftpd package backdoor
2827| [65873] vsftpd vsf_filename_passes_filter denial of service
2828| [55148] VSFTPD-WEBMIN-MODULE unknown unspecified
2829| [43685] vsftpd authentication attempts denial of service
2830| [42593] vsftpd deny_file denial of service
2831| [16222] vsftpd connection denial of service
2832| [14844] vsftpd message allows attacker to obtain username
2833| [11729] Red Hat Linux vsftpd FTP daemon tcp_wrapper could allow an attacker to gain access to server
2834|
2835| Exploit-DB - https://www.exploit-db.com:
2836| [5814] vsftpd 2.0.5 (CWD) Remote Memory Consumption Exploit (post auth)
2837|
2838| OpenVAS (Nessus) - http://www.openvas.org:
2839| [70399] Debian Security Advisory DSA 2305-1 (vsftpd)
2840|
2841| SecurityTracker - https://www.securitytracker.com:
2842| [1025186] vsftpd vsf_filename_passes_filter() Bug Lets Remote Authenticated Users Deny Service
2843| [1020546] vsftpd Memory Leak When Invalid Authentication Attempts Occur Lets Remote Authenticated Users Deny Service
2844| [1020079] vsftpd Memory Leak in 'deny_file' Option Lets Remote Authenticated Users Deny Service
2845| [1008628] vsftpd Discloses Whether Usernames are Valid or Not
2846|
2847| OSVDB - http://www.osvdb.org:
2848| [73573] vsftpd on vsftpd.beasts.org Trojaned Distribution
2849| [73340] vsftpd ls.c vsf_filename_passes_filter STAT Command glob Expression Remote DoS
2850| [61362] Vsftpd Webmin Module Unspecified Issues
2851| [46930] Red Hat Linux vsftpd w/ PAM Memory Exhaustion Remote DoS
2852| [45626] vsftpd deny_file Option Crafted FTP Data Remote Memory Exhaustion DoS
2853| [36515] BlockHosts sshd/vsftpd hosts.allow Arbitrary Deny Entry Manipulation
2854| [28610] vsftpd SIGURG Handler Unspecified Issue
2855| [28609] vsftpd tunable_chroot_local_user Filesystem Root Access
2856| [6861] vsftpd Login Error Message Username Enumeration
2857| [6306] vsftpd Connection Handling DoS
2858| [4564] vsftpd on Red Hat Linux Restricted Access Failure
2859|_
2860Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2861Aggressive OS guesses: Linux 2.6.18 (95%), Asus RT-AC66U router (Linux 2.6) (95%), Asus RT-N10 router or AXIS 211A Network Camera (Linux 2.6) (95%), Asus RT-N16 WAP (Linux 2.6) (95%), Asus RT-N66U WAP (Linux 2.6) (95%), Tomato 1.28 (Linux 2.6.22) (95%), AXIS 211A Network Camera (Linux 2.6.20) (95%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (95%), Linux 2.6.16 (95%), Linux 2.6.32 (94%)
2862No exact OS matches for host (test conditions non-ideal).
2863Network Distance: 10 hops
2864Service Info: OS: Unix
2865
2866TRACEROUTE (using port 21/tcp)
2867HOP RTT ADDRESS
28681 131.35 ms 10.230.200.1
28692 ...
28703 131.76 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
28714 131.74 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
28725 137.43 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
28736 137.45 ms be3377.ccr21.sto01.atlas.cogentco.com (154.54.36.90)
28747 137.41 ms level3.sto01.atlas.cogentco.com (130.117.14.6)
28758 162.04 ms ae-1-3107.edge6.Amsterdam1.Level3.net (4.69.162.214)
28769 ...
287710 170.29 ms no-reverse-dns-configured.com (94.102.49.234)
2878#######################################################################################################################################
2879# general
2880(gen) banner: SSH-2.0-OpenSSH_5.1p1 Debian-5
2881(gen) software: OpenSSH 5.1p1
2882(gen) compatibility: OpenSSH 4.7-6.6, Dropbear SSH 0.53+ (some functionality from 0.52)
2883(gen) compression: enabled (zlib@openssh.com)
2884
2885# key exchange algorithms
2886(kex) diffie-hellman-group-exchange-sha256 -- [warn] using custom size modulus (possibly weak)
2887 `- [info] available since OpenSSH 4.4
2888(kex) diffie-hellman-group-exchange-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2889 `- [warn] using weak hashing algorithm
2890 `- [info] available since OpenSSH 2.3.0
2891(kex) diffie-hellman-group14-sha1 -- [warn] using weak hashing algorithm
2892 `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53
2893(kex) diffie-hellman-group1-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2894 `- [fail] disabled (in client) since OpenSSH 7.0, logjam attack
2895 `- [warn] using small 1024-bit modulus
2896 `- [warn] using weak hashing algorithm
2897 `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
2898
2899# host-key algorithms
2900(key) ssh-rsa -- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
2901(key) ssh-dss -- [fail] removed (in server) and disabled (in client) since OpenSSH 7.0, weak algorithm
2902 `- [warn] using small 1024-bit modulus
2903 `- [warn] using weak random number generator could reveal the key
2904 `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
2905
2906# encryption algorithms (ciphers)
2907(enc) aes128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2908 `- [warn] using weak cipher mode
2909 `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
2910(enc) 3des-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2911 `- [warn] using weak cipher
2912 `- [warn] using weak cipher mode
2913 `- [warn] using small 64-bit block size
2914 `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
2915(enc) blowfish-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2916 `- [fail] disabled since Dropbear SSH 0.53
2917 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2918 `- [warn] using weak cipher mode
2919 `- [warn] using small 64-bit block size
2920 `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
2921(enc) cast128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2922 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2923 `- [warn] using weak cipher mode
2924 `- [warn] using small 64-bit block size
2925 `- [info] available since OpenSSH 2.1.0
2926(enc) arcfour128 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2927 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2928 `- [warn] using weak cipher
2929 `- [info] available since OpenSSH 4.2
2930(enc) arcfour256 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2931 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2932 `- [warn] using weak cipher
2933 `- [info] available since OpenSSH 4.2
2934(enc) arcfour -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2935 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2936 `- [warn] using weak cipher
2937 `- [info] available since OpenSSH 2.1.0
2938(enc) aes192-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2939 `- [warn] using weak cipher mode
2940 `- [info] available since OpenSSH 2.3.0
2941(enc) aes256-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2942 `- [warn] using weak cipher mode
2943 `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.47
2944(enc) rijndael-cbc@lysator.liu.se -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2945 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2946 `- [warn] using weak cipher mode
2947 `- [info] available since OpenSSH 2.3.0
2948(enc) aes128-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
2949(enc) aes192-ctr -- [info] available since OpenSSH 3.7
2950(enc) aes256-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
2951
2952# message authentication code algorithms
2953(mac) hmac-md5 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2954 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2955 `- [warn] using encrypt-and-MAC mode
2956 `- [warn] using weak hashing algorithm
2957 `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
2958(mac) hmac-sha1 -- [warn] using encrypt-and-MAC mode
2959 `- [warn] using weak hashing algorithm
2960 `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
2961(mac) umac-64@openssh.com -- [warn] using encrypt-and-MAC mode
2962 `- [warn] using small 64-bit tag size
2963 `- [info] available since OpenSSH 4.7
2964(mac) hmac-ripemd160 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2965 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2966 `- [warn] using encrypt-and-MAC mode
2967 `- [info] available since OpenSSH 2.5.0
2968(mac) hmac-ripemd160@openssh.com -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2969 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2970 `- [warn] using encrypt-and-MAC mode
2971 `- [info] available since OpenSSH 2.1.0
2972(mac) hmac-sha1-96 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2973 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2974 `- [warn] using encrypt-and-MAC mode
2975 `- [warn] using weak hashing algorithm
2976 `- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.47
2977(mac) hmac-md5-96 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2978 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2979 `- [warn] using encrypt-and-MAC mode
2980 `- [warn] using weak hashing algorithm
2981 `- [info] available since OpenSSH 2.5.0
2982
2983# algorithm recommendations (for OpenSSH 5.1)
2984(rec) -diffie-hellman-group14-sha1 -- kex algorithm to remove
2985(rec) -diffie-hellman-group1-sha1 -- kex algorithm to remove
2986(rec) -diffie-hellman-group-exchange-sha1 -- kex algorithm to remove
2987(rec) -ssh-dss -- key algorithm to remove
2988(rec) -arcfour -- enc algorithm to remove
2989(rec) -rijndael-cbc@lysator.liu.se -- enc algorithm to remove
2990(rec) -blowfish-cbc -- enc algorithm to remove
2991(rec) -3des-cbc -- enc algorithm to remove
2992(rec) -aes256-cbc -- enc algorithm to remove
2993(rec) -arcfour256 -- enc algorithm to remove
2994(rec) -cast128-cbc -- enc algorithm to remove
2995(rec) -aes192-cbc -- enc algorithm to remove
2996(rec) -arcfour128 -- enc algorithm to remove
2997(rec) -aes128-cbc -- enc algorithm to remove
2998(rec) -hmac-ripemd160 -- mac algorithm to remove
2999(rec) -hmac-md5-96 -- mac algorithm to remove
3000(rec) -hmac-sha1-96 -- mac algorithm to remove
3001(rec) -hmac-md5 -- mac algorithm to remove
3002(rec) -hmac-ripemd160@openssh.com -- mac algorithm to remove
3003#######################################################################################################################################
3004Starting Nmap 7.80 ( https://nmap.org ) at 2019-11-06 19:06 EST
3005NSE: [ssh-run] Failed to specify credentials and command to run.
3006NSE: [ssh-brute] Trying username/password pair: root:root
3007NSE: [ssh-brute] Trying username/password pair: admin:admin
3008NSE: [ssh-brute] Trying username/password pair: administrator:administrator
3009NSE: [ssh-brute] Trying username/password pair: webadmin:webadmin
3010NSE: [ssh-brute] Trying username/password pair: sysadmin:sysadmin
3011NSE: [ssh-brute] Trying username/password pair: netadmin:netadmin
3012NSE: [ssh-brute] Trying username/password pair: guest:guest
3013NSE: [ssh-brute] Trying username/password pair: user:user
3014NSE: [ssh-brute] Trying username/password pair: web:web
3015NSE: [ssh-brute] Trying username/password pair: test:test
3016NSE: [ssh-brute] Trying username/password pair: root:
3017NSE: [ssh-brute] Trying username/password pair: admin:
3018NSE: [ssh-brute] Trying username/password pair: administrator:
3019NSE: [ssh-brute] Trying username/password pair: webadmin:
3020NSE: [ssh-brute] Trying username/password pair: sysadmin:
3021NSE: [ssh-brute] Trying username/password pair: netadmin:
3022NSE: [ssh-brute] Trying username/password pair: guest:
3023NSE: [ssh-brute] Trying username/password pair: user:
3024NSE: [ssh-brute] Trying username/password pair: web:
3025NSE: [ssh-brute] Trying username/password pair: test:
3026NSE: [ssh-brute] Trying username/password pair: root:123456
3027NSE: [ssh-brute] Trying username/password pair: admin:123456
3028NSE: [ssh-brute] Trying username/password pair: administrator:123456
3029NSE: [ssh-brute] Trying username/password pair: webadmin:123456
3030NSE: [ssh-brute] Trying username/password pair: sysadmin:123456
3031NSE: [ssh-brute] Trying username/password pair: netadmin:123456
3032NSE: [ssh-brute] Trying username/password pair: guest:123456
3033NSE: [ssh-brute] Trying username/password pair: user:123456
3034NSE: [ssh-brute] Trying username/password pair: web:123456
3035NSE: [ssh-brute] Trying username/password pair: test:123456
3036NSE: [ssh-brute] Trying username/password pair: root:12345
3037NSE: [ssh-brute] Trying username/password pair: admin:12345
3038NSE: [ssh-brute] Trying username/password pair: administrator:12345
3039NSE: [ssh-brute] Trying username/password pair: webadmin:12345
3040NSE: [ssh-brute] Trying username/password pair: sysadmin:12345
3041NSE: [ssh-brute] Trying username/password pair: netadmin:12345
3042NSE: [ssh-brute] Trying username/password pair: guest:12345
3043NSE: [ssh-brute] Trying username/password pair: user:12345
3044NSE: [ssh-brute] Trying username/password pair: web:12345
3045NSE: [ssh-brute] Trying username/password pair: test:12345
3046NSE: [ssh-brute] Trying username/password pair: root:123456789
3047NSE: [ssh-brute] Trying username/password pair: admin:123456789
3048NSE: [ssh-brute] Trying username/password pair: administrator:123456789
3049NSE: [ssh-brute] Trying username/password pair: webadmin:123456789
3050NSE: [ssh-brute] Trying username/password pair: sysadmin:123456789
3051NSE: [ssh-brute] Trying username/password pair: netadmin:123456789
3052NSE: [ssh-brute] Trying username/password pair: guest:123456789
3053NSE: [ssh-brute] Trying username/password pair: user:123456789
3054NSE: [ssh-brute] Trying username/password pair: web:123456789
3055NSE: [ssh-brute] Trying username/password pair: test:123456789
3056NSE: [ssh-brute] Trying username/password pair: root:password
3057NSE: [ssh-brute] Trying username/password pair: admin:password
3058NSE: [ssh-brute] Trying username/password pair: administrator:password
3059NSE: [ssh-brute] Trying username/password pair: webadmin:password
3060NSE: [ssh-brute] Trying username/password pair: sysadmin:password
3061NSE: [ssh-brute] Trying username/password pair: netadmin:password
3062NSE: [ssh-brute] Trying username/password pair: guest:password
3063NSE: [ssh-brute] Trying username/password pair: user:password
3064NSE: [ssh-brute] Trying username/password pair: web:password
3065NSE: [ssh-brute] Trying username/password pair: test:password
3066NSE: [ssh-brute] Trying username/password pair: root:iloveyou
3067NSE: [ssh-brute] Trying username/password pair: admin:iloveyou
3068NSE: [ssh-brute] Trying username/password pair: administrator:iloveyou
3069NSE: [ssh-brute] Trying username/password pair: webadmin:iloveyou
3070NSE: [ssh-brute] Trying username/password pair: sysadmin:iloveyou
3071NSE: [ssh-brute] Trying username/password pair: netadmin:iloveyou
3072NSE: [ssh-brute] Trying username/password pair: guest:iloveyou
3073NSE: [ssh-brute] Trying username/password pair: user:iloveyou
3074NSE: [ssh-brute] Trying username/password pair: web:iloveyou
3075NSE: [ssh-brute] Trying username/password pair: test:iloveyou
3076NSE: [ssh-brute] Trying username/password pair: root:princess
3077NSE: [ssh-brute] Trying username/password pair: admin:princess
3078NSE: [ssh-brute] Trying username/password pair: administrator:princess
3079NSE: [ssh-brute] Trying username/password pair: webadmin:princess
3080NSE: [ssh-brute] Trying username/password pair: sysadmin:princess
3081NSE: [ssh-brute] Trying username/password pair: netadmin:princess
3082NSE: [ssh-brute] Trying username/password pair: guest:princess
3083NSE: [ssh-brute] Trying username/password pair: user:princess
3084NSE: [ssh-brute] Trying username/password pair: web:princess
3085NSE: [ssh-brute] Trying username/password pair: test:princess
3086NSE: [ssh-brute] Trying username/password pair: root:12345678
3087NSE: [ssh-brute] Trying username/password pair: admin:12345678
3088NSE: [ssh-brute] Trying username/password pair: administrator:12345678
3089NSE: [ssh-brute] Trying username/password pair: webadmin:12345678
3090NSE: [ssh-brute] Trying username/password pair: sysadmin:12345678
3091NSE: [ssh-brute] Trying username/password pair: netadmin:12345678
3092NSE: [ssh-brute] Trying username/password pair: guest:12345678
3093NSE: [ssh-brute] Trying username/password pair: user:12345678
3094NSE: [ssh-brute] Trying username/password pair: web:12345678
3095NSE: [ssh-brute] Trying username/password pair: test:12345678
3096NSE: [ssh-brute] Trying username/password pair: root:1234567
3097NSE: [ssh-brute] Trying username/password pair: admin:1234567
3098NSE: [ssh-brute] Trying username/password pair: administrator:1234567
3099NSE: [ssh-brute] Trying username/password pair: webadmin:1234567
3100NSE: [ssh-brute] Trying username/password pair: sysadmin:1234567
3101NSE: [ssh-brute] Trying username/password pair: netadmin:1234567
3102NSE: [ssh-brute] Trying username/password pair: guest:1234567
3103NSE: [ssh-brute] Trying username/password pair: user:1234567
3104NSE: [ssh-brute] Trying username/password pair: web:1234567
3105NSE: [ssh-brute] Trying username/password pair: test:1234567
3106NSE: [ssh-brute] Trying username/password pair: root:abc123
3107NSE: [ssh-brute] Trying username/password pair: admin:abc123
3108NSE: [ssh-brute] Trying username/password pair: administrator:abc123
3109NSE: [ssh-brute] Trying username/password pair: webadmin:abc123
3110NSE: [ssh-brute] Trying username/password pair: sysadmin:abc123
3111NSE: [ssh-brute] Trying username/password pair: netadmin:abc123
3112NSE: [ssh-brute] Trying username/password pair: guest:abc123
3113NSE: [ssh-brute] Trying username/password pair: user:abc123
3114NSE: [ssh-brute] Trying username/password pair: web:abc123
3115NSE: [ssh-brute] Trying username/password pair: test:abc123
3116NSE: [ssh-brute] Trying username/password pair: root:nicole
3117NSE: [ssh-brute] Trying username/password pair: admin:nicole
3118NSE: [ssh-brute] Trying username/password pair: administrator:nicole
3119NSE: [ssh-brute] Trying username/password pair: webadmin:nicole
3120NSE: [ssh-brute] Trying username/password pair: sysadmin:nicole
3121NSE: [ssh-brute] Trying username/password pair: netadmin:nicole
3122NSE: [ssh-brute] Trying username/password pair: guest:nicole
3123NSE: [ssh-brute] Trying username/password pair: user:nicole
3124NSE: [ssh-brute] Trying username/password pair: web:nicole
3125NSE: [ssh-brute] Trying username/password pair: test:nicole
3126NSE: [ssh-brute] Trying username/password pair: root:daniel
3127NSE: [ssh-brute] Trying username/password pair: admin:daniel
3128NSE: [ssh-brute] Trying username/password pair: administrator:daniel
3129NSE: [ssh-brute] Trying username/password pair: webadmin:daniel
3130NSE: [ssh-brute] Trying username/password pair: sysadmin:daniel
3131NSE: [ssh-brute] Trying username/password pair: netadmin:daniel
3132NSE: [ssh-brute] Trying username/password pair: guest:daniel
3133NSE: [ssh-brute] Trying username/password pair: user:daniel
3134NSE: [ssh-brute] Trying username/password pair: web:daniel
3135NSE: [ssh-brute] Trying username/password pair: test:daniel
3136NSE: [ssh-brute] Trying username/password pair: root:monkey
3137NSE: [ssh-brute] Trying username/password pair: admin:monkey
3138NSE: [ssh-brute] Trying username/password pair: administrator:monkey
3139NSE: [ssh-brute] Trying username/password pair: webadmin:monkey
3140NSE: [ssh-brute] Trying username/password pair: sysadmin:monkey
3141NSE: [ssh-brute] Trying username/password pair: netadmin:monkey
3142NSE: [ssh-brute] Trying username/password pair: guest:monkey
3143NSE: [ssh-brute] Trying username/password pair: user:monkey
3144NSE: [ssh-brute] Trying username/password pair: web:monkey
3145NSE: [ssh-brute] Trying username/password pair: test:monkey
3146NSE: [ssh-brute] Trying username/password pair: root:babygirl
3147NSE: [ssh-brute] Trying username/password pair: admin:babygirl
3148NSE: [ssh-brute] Trying username/password pair: administrator:babygirl
3149NSE: [ssh-brute] Trying username/password pair: webadmin:babygirl
3150NSE: [ssh-brute] Trying username/password pair: sysadmin:babygirl
3151NSE: [ssh-brute] Trying username/password pair: netadmin:babygirl
3152NSE: [ssh-brute] Trying username/password pair: guest:babygirl
3153NSE: [ssh-brute] Trying username/password pair: user:babygirl
3154NSE: [ssh-brute] Trying username/password pair: web:babygirl
3155NSE: [ssh-brute] Trying username/password pair: test:babygirl
3156NSE: [ssh-brute] Trying username/password pair: root:qwerty
3157NSE: [ssh-brute] Trying username/password pair: admin:qwerty
3158NSE: [ssh-brute] Trying username/password pair: administrator:qwerty
3159NSE: [ssh-brute] Trying username/password pair: webadmin:qwerty
3160NSE: [ssh-brute] Trying username/password pair: sysadmin:qwerty
3161NSE: [ssh-brute] Trying username/password pair: netadmin:qwerty
3162NSE: [ssh-brute] Trying username/password pair: guest:qwerty
3163NSE: [ssh-brute] Trying username/password pair: user:qwerty
3164NSE: [ssh-brute] Trying username/password pair: web:qwerty
3165NSE: [ssh-brute] Trying username/password pair: test:qwerty
3166NSE: [ssh-brute] Trying username/password pair: root:lovely
3167NSE: [ssh-brute] Trying username/password pair: admin:lovely
3168NSE: [ssh-brute] Trying username/password pair: administrator:lovely
3169NSE: [ssh-brute] Trying username/password pair: webadmin:lovely
3170NSE: [ssh-brute] Trying username/password pair: sysadmin:lovely
3171NSE: [ssh-brute] Trying username/password pair: netadmin:lovely
3172NSE: [ssh-brute] Trying username/password pair: guest:lovely
3173NSE: [ssh-brute] Trying username/password pair: user:lovely
3174NSE: [ssh-brute] Trying username/password pair: web:lovely
3175NSE: [ssh-brute] Trying username/password pair: test:lovely
3176NSE: [ssh-brute] Trying username/password pair: root:654321
3177NSE: [ssh-brute] Trying username/password pair: admin:654321
3178NSE: [ssh-brute] Trying username/password pair: administrator:654321
3179NSE: [ssh-brute] Trying username/password pair: webadmin:654321
3180NSE: [ssh-brute] Trying username/password pair: sysadmin:654321
3181NSE: [ssh-brute] Trying username/password pair: netadmin:654321
3182NSE: [ssh-brute] Trying username/password pair: guest:654321
3183NSE: [ssh-brute] Trying username/password pair: user:654321
3184NSE: [ssh-brute] Trying username/password pair: web:654321
3185NSE: [ssh-brute] Trying username/password pair: test:654321
3186NSE: [ssh-brute] Trying username/password pair: root:michael
3187NSE: [ssh-brute] Trying username/password pair: admin:michael
3188NSE: [ssh-brute] Trying username/password pair: administrator:michael
3189NSE: [ssh-brute] Trying username/password pair: webadmin:michael
3190NSE: [ssh-brute] Trying username/password pair: sysadmin:michael
3191NSE: [ssh-brute] Trying username/password pair: netadmin:michael
3192NSE: [ssh-brute] Trying username/password pair: guest:michael
3193NSE: [ssh-brute] Trying username/password pair: user:michael
3194NSE: [ssh-brute] Trying username/password pair: web:michael
3195NSE: [ssh-brute] Trying username/password pair: test:michael
3196NSE: [ssh-brute] Trying username/password pair: root:jessica
3197NSE: [ssh-brute] Trying username/password pair: admin:jessica
3198NSE: [ssh-brute] Trying username/password pair: administrator:jessica
3199NSE: [ssh-brute] Trying username/password pair: webadmin:jessica
3200NSE: [ssh-brute] Trying username/password pair: sysadmin:jessica
3201NSE: [ssh-brute] Trying username/password pair: netadmin:jessica
3202NSE: [ssh-brute] Trying username/password pair: guest:jessica
3203NSE: [ssh-brute] Trying username/password pair: user:jessica
3204NSE: [ssh-brute] Trying username/password pair: web:jessica
3205NSE: [ssh-brute] Trying username/password pair: test:jessica
3206NSE: [ssh-brute] Trying username/password pair: root:111111
3207NSE: [ssh-brute] Trying username/password pair: admin:111111
3208NSE: [ssh-brute] Trying username/password pair: administrator:111111
3209NSE: [ssh-brute] Trying username/password pair: webadmin:111111
3210NSE: [ssh-brute] Trying username/password pair: sysadmin:111111
3211NSE: [ssh-brute] Trying username/password pair: netadmin:111111
3212NSE: [ssh-brute] Trying username/password pair: guest:111111
3213NSE: [ssh-brute] Trying username/password pair: user:111111
3214NSE: [ssh-brute] Trying username/password pair: web:111111
3215NSE: [ssh-brute] Trying username/password pair: test:111111
3216NSE: [ssh-brute] Trying username/password pair: root:ashley
3217NSE: [ssh-brute] Trying username/password pair: admin:ashley
3218NSE: [ssh-brute] Trying username/password pair: administrator:ashley
3219NSE: [ssh-brute] Trying username/password pair: webadmin:ashley
3220NSE: [ssh-brute] Trying username/password pair: sysadmin:ashley
3221NSE: [ssh-brute] Trying username/password pair: netadmin:ashley
3222NSE: [ssh-brute] Trying username/password pair: guest:ashley
3223NSE: [ssh-brute] Trying username/password pair: user:ashley
3224NSE: [ssh-brute] Trying username/password pair: web:ashley
3225NSE: [ssh-brute] Trying username/password pair: test:ashley
3226NSE: [ssh-brute] Trying username/password pair: root:000000
3227NSE: [ssh-brute] Trying username/password pair: admin:000000
3228NSE: [ssh-brute] Trying username/password pair: administrator:000000
3229NSE: [ssh-brute] Trying username/password pair: webadmin:000000
3230NSE: [ssh-brute] Trying username/password pair: sysadmin:000000
3231NSE: [ssh-brute] Trying username/password pair: netadmin:000000
3232NSE: [ssh-brute] Trying username/password pair: guest:000000
3233NSE: [ssh-brute] Trying username/password pair: user:000000
3234NSE: [ssh-brute] Trying username/password pair: web:000000
3235NSE: [ssh-brute] Trying username/password pair: test:000000
3236NSE: [ssh-brute] Trying username/password pair: root:iloveu
3237NSE: [ssh-brute] Trying username/password pair: admin:iloveu
3238NSE: [ssh-brute] Trying username/password pair: administrator:iloveu
3239NSE: [ssh-brute] Trying username/password pair: webadmin:iloveu
3240NSE: [ssh-brute] Trying username/password pair: sysadmin:iloveu
3241NSE: [ssh-brute] Trying username/password pair: netadmin:iloveu
3242NSE: [ssh-brute] Trying username/password pair: guest:iloveu
3243NSE: [ssh-brute] Trying username/password pair: user:iloveu
3244NSE: [ssh-brute] Trying username/password pair: web:iloveu
3245NSE: [ssh-brute] Trying username/password pair: test:iloveu
3246NSE: [ssh-brute] Trying username/password pair: root:michelle
3247NSE: [ssh-brute] Trying username/password pair: admin:michelle
3248NSE: [ssh-brute] Trying username/password pair: administrator:michelle
3249NSE: [ssh-brute] Trying username/password pair: webadmin:michelle
3250NSE: [ssh-brute] Trying username/password pair: sysadmin:michelle
3251NSE: [ssh-brute] Trying username/password pair: netadmin:michelle
3252NSE: [ssh-brute] Trying username/password pair: guest:michelle
3253NSE: [ssh-brute] Trying username/password pair: user:michelle
3254NSE: [ssh-brute] Trying username/password pair: web:michelle
3255NSE: [ssh-brute] Trying username/password pair: test:michelle
3256NSE: [ssh-brute] Trying username/password pair: root:tigger
3257NSE: [ssh-brute] Trying username/password pair: admin:tigger
3258NSE: [ssh-brute] Trying username/password pair: administrator:tigger
3259NSE: [ssh-brute] Trying username/password pair: webadmin:tigger
3260NSE: [ssh-brute] Trying username/password pair: sysadmin:tigger
3261NSE: [ssh-brute] Trying username/password pair: netadmin:tigger
3262NSE: [ssh-brute] Trying username/password pair: guest:tigger
3263NSE: [ssh-brute] Trying username/password pair: user:tigger
3264NSE: [ssh-brute] Trying username/password pair: web:tigger
3265NSE: [ssh-brute] Trying username/password pair: test:tigger
3266NSE: [ssh-brute] Trying username/password pair: root:sunshine
3267NSE: [ssh-brute] Trying username/password pair: admin:sunshine
3268NSE: [ssh-brute] Trying username/password pair: administrator:sunshine
3269NSE: [ssh-brute] Trying username/password pair: webadmin:sunshine
3270NSE: [ssh-brute] Trying username/password pair: sysadmin:sunshine
3271NSE: [ssh-brute] Trying username/password pair: netadmin:sunshine
3272NSE: [ssh-brute] Trying username/password pair: guest:sunshine
3273NSE: [ssh-brute] Trying username/password pair: user:sunshine
3274NSE: [ssh-brute] Trying username/password pair: web:sunshine
3275NSE: [ssh-brute] Trying username/password pair: test:sunshine
3276NSE: [ssh-brute] Trying username/password pair: root:chocolate
3277NSE: [ssh-brute] Trying username/password pair: admin:chocolate
3278NSE: [ssh-brute] Trying username/password pair: administrator:chocolate
3279NSE: [ssh-brute] Trying username/password pair: webadmin:chocolate
3280NSE: [ssh-brute] Trying username/password pair: sysadmin:chocolate
3281NSE: [ssh-brute] Trying username/password pair: netadmin:chocolate
3282NSE: [ssh-brute] Trying username/password pair: guest:chocolate
3283NSE: [ssh-brute] Trying username/password pair: user:chocolate
3284NSE: [ssh-brute] Trying username/password pair: web:chocolate
3285NSE: [ssh-brute] Trying username/password pair: test:chocolate
3286NSE: [ssh-brute] Trying username/password pair: root:password1
3287NSE: [ssh-brute] Trying username/password pair: admin:password1
3288NSE: [ssh-brute] Trying username/password pair: administrator:password1
3289NSE: [ssh-brute] Trying username/password pair: webadmin:password1
3290NSE: [ssh-brute] Trying username/password pair: sysadmin:password1
3291NSE: [ssh-brute] Trying username/password pair: netadmin:password1
3292NSE: [ssh-brute] Trying username/password pair: guest:password1
3293NSE: [ssh-brute] Trying username/password pair: user:password1
3294NSE: [ssh-brute] Trying username/password pair: web:password1
3295NSE: [ssh-brute] Trying username/password pair: test:password1
3296NSE: [ssh-brute] Trying username/password pair: root:soccer
3297NSE: [ssh-brute] Trying username/password pair: admin:soccer
3298NSE: [ssh-brute] Trying username/password pair: administrator:soccer
3299NSE: [ssh-brute] Trying username/password pair: webadmin:soccer
3300NSE: [ssh-brute] Trying username/password pair: sysadmin:soccer
3301NSE: [ssh-brute] Trying username/password pair: netadmin:soccer
3302NSE: [ssh-brute] Trying username/password pair: guest:soccer
3303NSE: [ssh-brute] Trying username/password pair: user:soccer
3304NSE: [ssh-brute] Trying username/password pair: web:soccer
3305NSE: [ssh-brute] Trying username/password pair: test:soccer
3306NSE: [ssh-brute] Trying username/password pair: root:anthony
3307NSE: [ssh-brute] Trying username/password pair: admin:anthony
3308NSE: [ssh-brute] Trying username/password pair: administrator:anthony
3309NSE: [ssh-brute] Trying username/password pair: webadmin:anthony
3310NSE: [ssh-brute] Trying username/password pair: sysadmin:anthony
3311NSE: [ssh-brute] Trying username/password pair: netadmin:anthony
3312NSE: [ssh-brute] Trying username/password pair: guest:anthony
3313NSE: [ssh-brute] Trying username/password pair: user:anthony
3314NSE: [ssh-brute] Trying username/password pair: web:anthony
3315NSE: [ssh-brute] Trying username/password pair: test:anthony
3316NSE: [ssh-brute] Trying username/password pair: root:friends
3317NSE: [ssh-brute] Trying username/password pair: admin:friends
3318NSE: [ssh-brute] Trying username/password pair: administrator:friends
3319NSE: [ssh-brute] Trying username/password pair: webadmin:friends
3320NSE: [ssh-brute] Trying username/password pair: sysadmin:friends
3321NSE: [ssh-brute] Trying username/password pair: netadmin:friends
3322NSE: [ssh-brute] Trying username/password pair: guest:friends
3323NSE: [ssh-brute] Trying username/password pair: user:friends
3324NSE: [ssh-brute] Trying username/password pair: web:friends
3325NSE: [ssh-brute] Trying username/password pair: test:friends
3326NSE: [ssh-brute] Trying username/password pair: root:purple
3327NSE: [ssh-brute] Trying username/password pair: admin:purple
3328NSE: [ssh-brute] Trying username/password pair: administrator:purple
3329NSE: [ssh-brute] Trying username/password pair: webadmin:purple
3330NSE: [ssh-brute] Trying username/password pair: sysadmin:purple
3331NSE: [ssh-brute] Trying username/password pair: netadmin:purple
3332NSE: [ssh-brute] Trying username/password pair: guest:purple
3333NSE: [ssh-brute] Trying username/password pair: user:purple
3334NSE: [ssh-brute] Trying username/password pair: web:purple
3335NSE: [ssh-brute] Trying username/password pair: test:purple
3336NSE: [ssh-brute] Trying username/password pair: root:angel
3337NSE: [ssh-brute] Trying username/password pair: admin:angel
3338NSE: [ssh-brute] Trying username/password pair: administrator:angel
3339NSE: [ssh-brute] Trying username/password pair: webadmin:angel
3340NSE: [ssh-brute] Trying username/password pair: sysadmin:angel
3341NSE: [ssh-brute] Trying username/password pair: netadmin:angel
3342NSE: [ssh-brute] Trying username/password pair: guest:angel
3343NSE: [ssh-brute] Trying username/password pair: user:angel
3344NSE: [ssh-brute] Trying username/password pair: web:angel
3345NSE: [ssh-brute] Trying username/password pair: test:angel
3346NSE: [ssh-brute] Trying username/password pair: root:butterfly
3347NSE: [ssh-brute] usernames: Time limit 10m00s exceeded.
3348NSE: [ssh-brute] usernames: Time limit 10m00s exceeded.
3349NSE: [ssh-brute] passwords: Time limit 10m00s exceeded.
3350Nmap scan report for two-elfs.com (94.102.49.234)
3351Host is up (0.16s latency).
3352rDNS record for 94.102.49.234: no-reverse-dns-configured.com
3353
3354PORT STATE SERVICE VERSION
335522/tcp open ssh OpenSSH 5.1p1 Debian 5 (protocol 2.0)
3356| ssh-auth-methods:
3357| Supported authentication methods:
3358| publickey
3359| gssapi-keyex
3360| gssapi-with-mic
3361|_ password
3362| ssh-brute:
3363| Accounts: No valid accounts found
3364|_ Statistics: Performed 341 guesses in 600 seconds, average tps: 0.6
3365| ssh-hostkey:
3366| 1024 e3:8d:c4:c5:fb:90:24:bd:e4:47:44:1d:8e:05:9e:66 (DSA)
3367|_ 2048 d8:43:eb:53:4f:5a:29:0d:22:e3:e3:a8:19:01:e1:54 (RSA)
3368|_ssh-publickey-acceptance: ERROR: Script execution failed (use -d to debug)
3369|_ssh-run: Failed to specify credentials and command to run.
3370| vulscan: VulDB - https://vuldb.com:
3371| [80267] OpenSSH up to 5.x/6.x/7.1p1 Forward Option roaming_common.c roaming_read/roaming_write memory corruption
3372| [80266] OpenSSH up to 5.x/6.x/7.1p1 roaming_common.c resend_bytes information disclosure
3373| [4584] OpenSSH up to 5.7 auth-options.c information disclosure
3374| [4282] OpenSSH 5.6/5.7 Legacy Certificate memory corruption
3375|
3376| MITRE CVE - https://cve.mitre.org:
3377| [CVE-2008-3259] OpenSSH before 5.1 sets the SO_REUSEADDR socket option when the X11UseLocalhost configuration setting is disabled, which allows local users on some platforms to hijack the X11 forwarding port via a bind to a single IP address, as demonstrated on the HP-UX platform.
3378| [CVE-2012-0814] The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory.
3379| [CVE-2011-5000] The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.
3380| [CVE-2011-0539] The key_certify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow remote attackers to obtain sensitive stack memory contents or make it easier to conduct hash collision attacks.
3381| [CVE-2010-4755] The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632.
3382| [CVE-2010-4478] OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252.
3383| [CVE-2009-2904] A certain Red Hat modification to the ChrootDirectory feature in OpenSSH 4.8, as used in sshd in OpenSSH 4.3 in Red Hat Enterprise Linux (RHEL) 5.4 and Fedora 11, allows local users to gain privileges via hard links to setuid programs that use configuration files within the chroot directory, related to requirements for directory ownership.
3384| [CVE-2008-3844] Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.
3385| [CVE-2006-0883] OpenSSH on FreeBSD 5.3 and 5.4, when used with OpenPAM, does not properly handle when a forked child process terminates during PAM authentication, which allows remote attackers to cause a denial of service (client connection refusal) by connecting multiple times to the SSH server, waiting for the password prompt, then disconnecting.
3386|
3387| SecurityFocus - https://www.securityfocus.com/bid/:
3388| [102780] OpenSSH CVE-2016-10708 Multiple Denial of Service Vulnerabilities
3389| [101552] OpenSSH 'sftp-server.c' Remote Security Bypass Vulnerability
3390| [94977] OpenSSH CVE-2016-10011 Local Information Disclosure Vulnerability
3391| [94975] OpenSSH CVE-2016-10012 Security Bypass Vulnerability
3392| [94972] OpenSSH CVE-2016-10010 Privilege Escalation Vulnerability
3393| [94968] OpenSSH CVE-2016-10009 Remote Code Execution Vulnerability
3394| [93776] OpenSSH 'ssh/kex.c' Denial of Service Vulnerability
3395| [92212] OpenSSH CVE-2016-6515 Denial of Service Vulnerability
3396| [92210] OpenSSH CBC Padding Weak Encryption Security Weakness
3397| [92209] OpenSSH MAC Verification Security Bypass Vulnerability
3398| [91812] OpenSSH CVE-2016-6210 User Enumeration Vulnerability
3399| [90440] OpenSSH CVE-2004-1653 Remote Security Vulnerability
3400| [90340] OpenSSH CVE-2004-2760 Remote Security Vulnerability
3401| [89385] OpenSSH CVE-2005-2666 Local Security Vulnerability
3402| [88655] OpenSSH CVE-2001-1382 Remote Security Vulnerability
3403| [88513] OpenSSH CVE-2000-0999 Remote Security Vulnerability
3404| [88367] OpenSSH CVE-1999-1010 Local Security Vulnerability
3405| [87789] OpenSSH CVE-2003-0682 Remote Security Vulnerability
3406| [86187] OpenSSH 'session.c' Local Security Bypass Vulnerability
3407| [86144] OpenSSH CVE-2007-2768 Remote Security Vulnerability
3408| [84427] OpenSSH CVE-2016-1908 Security Bypass Vulnerability
3409| [84314] OpenSSH CVE-2016-3115 Remote Command Injection Vulnerability
3410| [84185] OpenSSH CVE-2006-4925 Denial-Of-Service Vulnerability
3411| [81293] OpenSSH CVE-2016-1907 Denial of Service Vulnerability
3412| [80698] OpenSSH CVE-2016-0778 Heap Based Buffer Overflow Vulnerability
3413| [80695] OpenSSH CVE-2016-0777 Information Disclosure Vulnerability
3414| [76497] OpenSSH CVE-2015-6565 Local Security Bypass Vulnerability
3415| [76317] OpenSSH PAM Support Multiple Remote Code Execution Vulnerabilities
3416| [75990] OpenSSH Login Handling Security Bypass Weakness
3417| [75525] OpenSSH 'x11_open_helper()' Function Security Bypass Vulnerability
3418| [71420] Portable OpenSSH 'gss-serv-krb5.c' Security Bypass Vulnerability
3419| [68757] OpenSSH Multiple Remote Denial of Service Vulnerabilities
3420| [66459] OpenSSH Certificate Validation Security Bypass Vulnerability
3421| [66355] OpenSSH 'child_set_env()' Function Security Bypass Vulnerability
3422| [65674] OpenSSH 'ssh-keysign.c' Local Information Disclosure Vulnerability
3423| [65230] OpenSSH 'schnorr.c' Remote Memory Corruption Vulnerability
3424| [63605] OpenSSH 'sshd' Process Remote Memory Corruption Vulnerability
3425| [61286] OpenSSH Remote Denial of Service Vulnerability
3426| [58894] GSI-OpenSSH PAM_USER Security Bypass Vulnerability
3427| [58162] OpenSSH CVE-2010-5107 Denial of Service Vulnerability
3428| [54114] OpenSSH 'ssh_gssapi_parse_ename()' Function Denial of Service Vulnerability
3429| [51702] Debian openssh-server Forced Command Handling Information Disclosure Vulnerability
3430| [50416] Linux Kernel 'kdump' and 'mkdumprd' OpenSSH Integration Remote Information Disclosure Vulnerability
3431| [49473] OpenSSH Ciphersuite Specification Information Disclosure Weakness
3432| [48507] OpenSSH 'pam_thread()' Remote Buffer Overflow Vulnerability
3433| [47691] Portable OpenSSH 'ssh-keysign' Local Unauthorized Access Vulnerability
3434| [46155] OpenSSH Legacy Certificate Signing Information Disclosure Vulnerability
3435| [45304] OpenSSH J-PAKE Security Bypass Vulnerability
3436| [36552] Red Hat Enterprise Linux OpenSSH 'ChrootDirectory' Option Local Privilege Escalation Vulnerability
3437| [32319] OpenSSH CBC Mode Information Disclosure Vulnerability
3438| [30794] Red Hat OpenSSH Backdoor Vulnerability
3439| [30339] OpenSSH 'X11UseLocalhost' X11 Forwarding Session Hijacking Vulnerability
3440| [30276] Debian OpenSSH SELinux Privilege Escalation Vulnerability
3441| [28531] OpenSSH ForceCommand Command Execution Weakness
3442| [28444] OpenSSH X Connections Session Hijacking Vulnerability
3443| [26097] OpenSSH LINUX_AUDIT_RECORD_EVENT Remote Log Injection Weakness
3444| [25628] OpenSSH X11 Cookie Local Authentication Bypass Vulnerability
3445| [23601] OpenSSH S/Key Remote Information Disclosure Vulnerability
3446| [20956] OpenSSH Privilege Separation Key Signature Weakness
3447| [20418] OpenSSH-Portable Existing Password Remote Information Disclosure Weakness
3448| [20245] OpenSSH-Portable GSSAPI Authentication Abort Information Disclosure Weakness
3449| [20241] Portable OpenSSH GSSAPI Remote Code Execution Vulnerability
3450| [20216] OpenSSH Duplicated Block Remote Denial of Service Vulnerability
3451| [16892] OpenSSH Remote PAM Denial Of Service Vulnerability
3452| [14963] OpenSSH LoginGraceTime Remote Denial Of Service Vulnerability
3453| [14729] OpenSSH GSSAPI Credential Disclosure Vulnerability
3454| [14727] OpenSSH DynamicForward Inadvertent GatewayPorts Activation Vulnerability
3455| [11781] OpenSSH-portable PAM Authentication Remote Information Disclosure Vulnerability
3456| [9986] RCP, OpenSSH SCP Client File Corruption Vulnerability
3457| [9040] OpenSSH PAM Conversation Memory Scrubbing Weakness
3458| [8677] Multiple Portable OpenSSH PAM Vulnerabilities
3459| [8628] OpenSSH Buffer Mismanagement Vulnerabilities
3460| [7831] OpenSSH Reverse DNS Lookup Access Control Bypass Vulnerability
3461| [7482] OpenSSH Remote Root Authentication Timing Side-Channel Weakness
3462| [7467] OpenSSH-portable Enabled PAM Delay Information Disclosure Vulnerability
3463| [7343] OpenSSH Authentication Execution Path Timing Information Leakage Weakness
3464| [6168] OpenSSH Visible Password Vulnerability
3465| [5374] OpenSSH Trojan Horse Vulnerability
3466| [5093] OpenSSH Challenge-Response Buffer Overflow Vulnerabilities
3467| [4560] OpenSSH Kerberos 4 TGT/AFS Token Buffer Overflow Vulnerability
3468| [4241] OpenSSH Channel Code Off-By-One Vulnerability
3469| [3614] OpenSSH UseLogin Environment Variable Passing Vulnerability
3470| [3560] OpenSSH Kerberos Arbitrary Privilege Elevation Vulnerability
3471| [3369] OpenSSH Key Based Source IP Access Control Bypass Vulnerability
3472| [3345] OpenSSH SFTP Command Restriction Bypassing Vulnerability
3473| [2917] OpenSSH PAM Session Evasion Vulnerability
3474| [2825] OpenSSH Client X11 Forwarding Cookie Removal File Symbolic Link Vulnerability
3475| [2356] OpenSSH Private Key Authentication Check Vulnerability
3476| [1949] OpenSSH Client Unauthorized Remote Forwarding Vulnerability
3477| [1334] OpenSSH UseLogin Vulnerability
3478|
3479| IBM X-Force - https://exchange.xforce.ibmcloud.com:
3480| [83258] GSI-OpenSSH auth-pam.c security bypass
3481| [82781] OpenSSH time limit denial of service
3482| [82231] OpenSSH pam_ssh_agent_auth PAM code execution
3483| [74809] OpenSSH ssh_gssapi_parse_ename denial of service
3484| [72756] Debian openssh-server commands information disclosure
3485| [68339] OpenSSH pam_thread buffer overflow
3486| [67264] OpenSSH ssh-keysign unauthorized access
3487| [65910] OpenSSH remote_glob function denial of service
3488| [65163] OpenSSH certificate information disclosure
3489| [64387] OpenSSH J-PAKE security bypass
3490| [63337] Cisco Unified Videoconferencing OpenSSH weak security
3491| [46620] OpenSSH and multiple SSH Tectia products CBC mode information disclosure
3492| [45202] OpenSSH signal handler denial of service
3493| [44747] RHEL OpenSSH backdoor
3494| [44280] OpenSSH PermitRootLogin information disclosure
3495| [44279] OpenSSH sshd weak security
3496| [44037] OpenSSH sshd SELinux role unauthorized access
3497| [43940] OpenSSH X11 forwarding information disclosure
3498| [41549] OpenSSH ForceCommand directive security bypass
3499| [41438] OpenSSH sshd session hijacking
3500| [40897] OpenSSH known_hosts weak security
3501| [40587] OpenSSH username weak security
3502| [37371] OpenSSH username data manipulation
3503| [37118] RHSA update for OpenSSH privilege separation monitor authentication verification weakness not installed
3504| [37112] RHSA update for OpenSSH signal handler race condition not installed
3505| [37107] RHSA update for OpenSSH identical block denial of service not installed
3506| [36637] OpenSSH X11 cookie privilege escalation
3507| [35167] OpenSSH packet.c newkeys[mode] denial of service
3508| [34490] OpenSSH OPIE information disclosure
3509| [33794] OpenSSH ChallengeResponseAuthentication information disclosure
3510| [32975] Apple Mac OS X OpenSSH denial of service
3511| [32387] RHSA-2006:0738 updates for openssh not installed
3512| [32359] RHSA-2006:0697 updates for openssh not installed
3513| [32230] RHSA-2006:0298 updates for openssh not installed
3514| [32132] RHSA-2006:0044 updates for openssh not installed
3515| [30120] OpenSSH privilege separation monitor authentication verification weakness
3516| [29255] OpenSSH GSSAPI user enumeration
3517| [29254] OpenSSH signal handler race condition
3518| [29158] OpenSSH identical block denial of service
3519| [28147] Apple Mac OS X OpenSSH nonexistent user login denial of service
3520| [25116] OpenSSH OpenPAM denial of service
3521| [24305] OpenSSH SCP shell expansion command execution
3522| [22665] RHSA-2005:106 updates for openssh not installed
3523| [22117] OpenSSH GSSAPI allows elevated privileges
3524| [22115] OpenSSH GatewayPorts security bypass
3525| [20930] OpenSSH sshd.c LoginGraceTime denial of service
3526| [19441] Sun Solaris OpenSSH LDAP (1) client authentication denial of service
3527| [17213] OpenSSH allows port bouncing attacks
3528| [16323] OpenSSH scp file overwrite
3529| [13797] OpenSSH PAM information leak
3530| [13271] OpenSSH could allow an attacker to corrupt the PAM conversion stack
3531| [13264] OpenSSH PAM code could allow an attacker to gain access
3532| [13215] OpenSSH buffer management errors could allow an attacker to execute code
3533| [13214] OpenSSH memory vulnerabilities
3534| [13191] OpenSSH large packet buffer overflow
3535| [12196] OpenSSH could allow an attacker to bypass login restrictions
3536| [11970] OpenSSH could allow an attacker to obtain valid administrative account
3537| [11902] OpenSSH PAM support enabled information leak
3538| [9803] OpenSSH "
3539| [9763] OpenSSH downloaded from the OpenBSD FTP site or OpenBSD FTP mirror sites could contain a Trojan Horse
3540| [9307] OpenSSH is running on the system
3541| [9169] OpenSSH "
3542| [8896] OpenSSH Kerberos 4 TGT/AFS buffer overflow
3543| [8697] FreeBSD libutil in OpenSSH fails to drop privileges prior to using the login class capability database
3544| [8383] OpenSSH off-by-one error in channel code
3545| [7647] OpenSSH UseLogin option arbitrary code execution
3546| [7634] OpenSSH using sftp and restricted keypairs could allow an attacker to bypass restrictions
3547| [7598] OpenSSH with Kerberos allows attacker to gain elevated privileges
3548| [7179] OpenSSH source IP access control bypass
3549| [6757] OpenSSH "
3550| [6676] OpenSSH X11 forwarding symlink attack could allow deletion of arbitrary files
3551| [6084] OpenSSH 2.3.1 allows remote users to bypass authentication
3552| [5517] OpenSSH allows unauthorized access to resources
3553| [4646] OpenSSH UseLogin option allows remote users to execute commands as root
3554|
3555| Exploit-DB - https://www.exploit-db.com:
3556| [21579] OpenSSH 3.x Challenge-Response Buffer Overflow Vulnerabilities (2)
3557| [21578] OpenSSH 3.x Challenge-Response Buffer Overflow Vulnerabilities (1)
3558| [21402] OpenSSH 2.x/3.x Kerberos 4 TGT/AFS Token Buffer Overflow Vulnerability
3559| [21314] OpenSSH 2.x/3.0.1/3.0.2 Channel Code Off-By-One Vulnerability
3560| [20253] OpenSSH 1.2 scp File Create/Overwrite Vulnerability
3561| [17462] FreeBSD OpenSSH 3.5p1 - Remote Root Exploit
3562| [14866] Novell Netware 6.5 - OpenSSH Remote Stack Overflow
3563| [6094] Debian OpenSSH Remote SELinux Privilege Elevation Exploit (auth)
3564| [3303] Portable OpenSSH <= 3.6.1p-PAM / 4.1-SUSE Timing Attack Exploit
3565| [2444] OpenSSH <= 4.3 p1 (Duplicated Block) Remote Denial of Service Exploit
3566| [1572] Dropbear / OpenSSH Server (MAX_UNAUTH_CLIENTS) Denial of Service
3567| [258] glibc-2.2 and openssh-2.3.0p1 exploits glibc => 2.1.9x
3568| [26] OpenSSH/PAM <= 3.6.1p1 Remote Users Ident (gossh.sh)
3569| [25] OpenSSH/PAM <= 3.6.1p1 Remote Users Discovery Tool
3570|
3571| OpenVAS (Nessus) - http://www.openvas.org:
3572| [902488] OpenSSH 'sshd' GSSAPI Credential Disclosure Vulnerability
3573| [900179] OpenSSH CBC Mode Information Disclosure Vulnerability
3574| [881183] CentOS Update for openssh CESA-2012:0884 centos6
3575| [880802] CentOS Update for openssh CESA-2009:1287 centos5 i386
3576| [880746] CentOS Update for openssh CESA-2009:1470 centos5 i386
3577| [870763] RedHat Update for openssh RHSA-2012:0884-04
3578| [870129] RedHat Update for openssh RHSA-2008:0855-01
3579| [861813] Fedora Update for openssh FEDORA-2010-5429
3580| [861319] Fedora Update for openssh FEDORA-2007-395
3581| [861170] Fedora Update for openssh FEDORA-2007-394
3582| [861012] Fedora Update for openssh FEDORA-2007-715
3583| [840345] Ubuntu Update for openssh vulnerability USN-597-1
3584| [840300] Ubuntu Update for openssh update USN-612-5
3585| [840271] Ubuntu Update for openssh vulnerability USN-612-2
3586| [840268] Ubuntu Update for openssh update USN-612-7
3587| [840259] Ubuntu Update for openssh vulnerabilities USN-649-1
3588| [840214] Ubuntu Update for openssh vulnerability USN-566-1
3589| [831074] Mandriva Update for openssh MDVA-2010:162 (openssh)
3590| [830929] Mandriva Update for openssh MDVA-2010:090 (openssh)
3591| [830807] Mandriva Update for openssh MDVA-2010:026 (openssh)
3592| [830603] Mandriva Update for openssh MDVSA-2008:098 (openssh)
3593| [830523] Mandriva Update for openssh MDVSA-2008:078 (openssh)
3594| [830317] Mandriva Update for openssh-askpass-qt MDKA-2007:127 (openssh-askpass-qt)
3595| [830191] Mandriva Update for openssh MDKSA-2007:236 (openssh)
3596| [802407] OpenSSH 'sshd' Challenge Response Authentication Buffer Overflow Vulnerability
3597| [103503] openssh-server Forced Command Handling Information Disclosure Vulnerability
3598| [103247] OpenSSH Ciphersuite Specification Information Disclosure Weakness
3599| [103064] OpenSSH Legacy Certificate Signing Information Disclosure Vulnerability
3600| [100584] OpenSSH X Connections Session Hijacking Vulnerability
3601| [100153] OpenSSH CBC Mode Information Disclosure Vulnerability
3602| [66170] CentOS Security Advisory CESA-2009:1470 (openssh)
3603| [65987] SLES10: Security update for OpenSSH
3604| [65819] SLES10: Security update for OpenSSH
3605| [65514] SLES9: Security update for OpenSSH
3606| [65513] SLES9: Security update for OpenSSH
3607| [65334] SLES9: Security update for OpenSSH
3608| [65248] SLES9: Security update for OpenSSH
3609| [65218] SLES9: Security update for OpenSSH
3610| [65169] SLES9: Security update for openssh,openssh-askpass
3611| [65126] SLES9: Security update for OpenSSH
3612| [65019] SLES9: Security update for OpenSSH
3613| [65015] SLES9: Security update for OpenSSH
3614| [64931] CentOS Security Advisory CESA-2009:1287 (openssh)
3615| [61639] Debian Security Advisory DSA 1638-1 (openssh)
3616| [61030] Debian Security Advisory DSA 1576-2 (openssh)
3617| [61029] Debian Security Advisory DSA 1576-1 (openssh)
3618| [60840] FreeBSD Security Advisory (FreeBSD-SA-08:05.openssh.asc)
3619| [60803] Gentoo Security Advisory GLSA 200804-03 (openssh)
3620| [60667] Slackware Advisory SSA:2008-095-01 openssh
3621| [59014] Slackware Advisory SSA:2007-255-01 openssh
3622| [58741] Gentoo Security Advisory GLSA 200711-02 (openssh)
3623| [57919] Gentoo Security Advisory GLSA 200611-06 (openssh)
3624| [57895] Gentoo Security Advisory GLSA 200609-17 (openssh)
3625| [57585] Debian Security Advisory DSA 1212-1 (openssh (1:3.8.1p1-8.sarge.6))
3626| [57492] Slackware Advisory SSA:2006-272-02 openssh
3627| [57483] Debian Security Advisory DSA 1189-1 (openssh-krb5)
3628| [57476] FreeBSD Security Advisory (FreeBSD-SA-06:22.openssh.asc)
3629| [57470] FreeBSD Ports: openssh
3630| [56352] FreeBSD Security Advisory (FreeBSD-SA-06:09.openssh.asc)
3631| [56330] Gentoo Security Advisory GLSA 200602-11 (OpenSSH)
3632| [56294] Slackware Advisory SSA:2006-045-06 openssh
3633| [53964] Slackware Advisory SSA:2003-266-01 New OpenSSH packages
3634| [53885] Slackware Advisory SSA:2003-259-01 OpenSSH Security Advisory
3635| [53884] Slackware Advisory SSA:2003-260-01 OpenSSH updated again
3636| [53788] Debian Security Advisory DSA 025-1 (openssh)
3637| [52638] FreeBSD Security Advisory (FreeBSD-SA-03:15.openssh.asc)
3638| [52635] FreeBSD Security Advisory (FreeBSD-SA-03:12.openssh.asc)
3639| [11343] OpenSSH Client Unauthorized Remote Forwarding
3640| [10954] OpenSSH AFS/Kerberos ticket/token passing
3641| [10883] OpenSSH Channel Code Off by 1
3642| [10823] OpenSSH UseLogin Environment Variables
3643|
3644| SecurityTracker - https://www.securitytracker.com:
3645| [1028187] OpenSSH pam_ssh_agent_auth Module on Red Hat Enterprise Linux Lets Remote Users Execute Arbitrary Code
3646| [1026593] OpenSSH Lets Remote Authenticated Users Obtain Potentially Sensitive Information
3647| [1025739] OpenSSH on FreeBSD Has Buffer Overflow in pam_thread() That Lets Remote Users Execute Arbitrary Code
3648| [1025482] OpenSSH ssh-keysign Utility Lets Local Users Gain Elevated Privileges
3649| [1025028] OpenSSH Legacy Certificates May Disclose Stack Contents to Remote Users
3650| [1022967] OpenSSH on Red Hat Enterprise Linux Lets Remote Authenticated Users Gain Elevated Privileges
3651| [1021235] OpenSSH CBC Mode Error Handling May Let Certain Remote Users Obtain Plain Text in Certain Cases
3652| [1020891] OpenSSH on Debian Lets Remote Users Prevent Logins
3653| [1020730] OpenSSH for Red Hat Enterprise Linux Packages May Have Been Compromised
3654| [1020537] OpenSSH on HP-UX Lets Local Users Hijack X11 Sessions
3655| [1019733] OpenSSH Unsafe Default Configuration May Let Local Users Execute Arbitrary Commands
3656| [1019707] OpenSSH Lets Local Users Hijack Forwarded X Sessions in Certain Cases
3657| [1017756] Apple OpenSSH Key Generation Process Lets Remote Users Deny Service
3658| [1017183] OpenSSH Privilege Separation Monitor Validation Error May Cause the Monitor to Fail to Properly Control the Unprivileged Process
3659| [1016940] OpenSSH Race Condition in Signal Handler Lets Remote Users Deny Service and May Potentially Permit Code Execution
3660| [1016939] OpenSSH GSSAPI Authentication Abort Error Lets Remote Users Determine Valid Usernames
3661| [1016931] OpenSSH SSH v1 CRC Attack Detection Implementation Lets Remote Users Deny Service
3662| [1016672] OpenSSH on Mac OS X Lets Remote Users Deny Service
3663| [1015706] OpenSSH Interaction With OpenPAM Lets Remote Users Deny Service
3664| [1015540] OpenSSH scp Double Shell Character Expansion During Local-to-Local Copying May Let Local Users Gain Elevated Privileges in Certain Cases
3665| [1014845] OpenSSH May Unexpectedly Activate GatewayPorts and Also May Disclose GSSAPI Credentials in Certain Cases
3666| [1011193] OpenSSH scp Directory Traversal Flaw Lets Remote SSH Servers Overwrite Files in Certain Cases
3667| [1011143] OpenSSH Default Configuration May Be Unsafe When Used With Anonymous SSH Services
3668| [1007791] Portable OpenSSH PAM free() Bug May Let Remote Users Execute Root Code
3669| [1007716] OpenSSH buffer_append_space() and Other Buffer Management Errors May Let Remote Users Execute Arbitrary Code
3670| [1006926] OpenSSH Host Access Restrictions Can Be Bypassed By Remote Users
3671| [1006688] OpenSSH Timing Flaw With Pluggable Authentication Modules Can Disclose Valid User Account Names to Remote Users
3672| [1004818] OpenSSH's Secure Shell (SSH) Implementation Weakness May Disclose User Passwords to Remote Users During Man-in-the-Middle Attacks
3673| [1004616] OpenSSH Integer Overflow and Buffer Overflow May Allow Remote Users to Gain Root Access to the System
3674| [1004391] OpenSSH 'BSD_AUTH' Access Control Bug May Allow Unauthorized Remote Users to Authenticated to the System
3675| [1004115] OpenSSH Buffer Overflow in Kerberos Ticket and AFS Token Processing Lets Local Users Execute Arbitrary Code With Root Level Permissions
3676| [1003758] OpenSSH Off-by-one 'Channels' Bug May Let Authorized Remote Users Execute Arbitrary Code with Root Privileges
3677| [1002895] OpenSSH UseLogin Environment Variable Bug Lets Local Users Execute Commands and Gain Root Access
3678| [1002748] OpenSSH 3.0 Denial of Service Condition May Allow Remote Users to Crash the sshd Daemon and KerberosV Configuration Error May Allow Remote Users to Partially Authenticate When Authentication Should Not Be Permitted
3679| [1002734] OpenSSH's S/Key Implementation Information Disclosure Flaw Provides Remote Users With Information About Valid User Accounts
3680| [1002455] OpenSSH May Fail to Properly Restrict IP Addresses in Certain Configurations
3681| [1002432] OpenSSH's Sftp-server Subsystem Lets Authorized Remote Users with Restricted Keypairs Obtain Additional Access on the Server
3682| [1001683] OpenSSH Allows Authorized Users to Delete Other User Files Named Cookies
3683|
3684| OSVDB - http://www.osvdb.org:
3685| [92034] GSI-OpenSSH auth-pam.c Memory Management Authentication Bypass
3686| [90474] Red Hat / Fedora PAM Module for OpenSSH Incorrect error() Function Calling Local Privilege Escalation
3687| [90007] OpenSSH logingracetime / maxstartup Threshold Connection Saturation Remote DoS
3688| [81500] OpenSSH gss-serv.c ssh_gssapi_parse_ename Function Field Length Value Parsing Remote DoS
3689| [78706] OpenSSH auth-options.c sshd auth_parse_options Function authorized_keys Command Option Debug Message Information Disclosure
3690| [75753] OpenSSH PAM Module Aborted Conversation Local Information Disclosure
3691| [75249] OpenSSH sftp-glob.c remote_glob Function Glob Expression Parsing Remote DoS
3692| [75248] OpenSSH sftp.c process_put Function Glob Expression Parsing Remote DoS
3693| [72183] Portable OpenSSH ssh-keysign ssh-rand-helper Utility File Descriptor Leak Local Information Disclosure
3694| [70873] OpenSSH Legacy Certificates Stack Memory Disclosure
3695| [69658] OpenSSH J-PAKE Public Parameter Validation Shared Secret Authentication Bypass
3696| [67743] Novell NetWare OpenSSH SSHD.NLM Absolute Path Handling Remote Overflow
3697| [59353] OpenSSH sshd Local TCP Redirection Connection Masking Weakness
3698| [58495] OpenSSH sshd ChrootDirectory Feature SetUID Hard Link Local Privilege Escalation
3699| [56921] OpenSSH Unspecified Remote Compromise
3700| [53021] OpenSSH on ftp.openbsd.org Trojaned Distribution
3701| [50036] OpenSSH CBC Mode Chosen Ciphertext 32-bit Chunk Plaintext Context Disclosure
3702| [49386] OpenSSH sshd TCP Connection State Remote Account Enumeration
3703| [48791] OpenSSH on Debian sshd Crafted Username Arbitrary Remote SELinux Role Access
3704| [47635] OpenSSH Packages on Red Hat Enterprise Linux Compromised Distribution
3705| [47227] OpenSSH X11UseLocalhost X11 Forwarding Port Hijacking
3706| [45873] Cisco WebNS SSHield w/ OpenSSH Crafted Large Packet Remote DoS
3707| [43911] OpenSSH ~/.ssh/rc ForceCommand Bypass Arbitrary Command Execution
3708| [43745] OpenSSH X11 Forwarding Local Session Hijacking
3709| [43371] OpenSSH Trusted X11 Cookie Connection Policy Bypass
3710| [39214] OpenSSH linux_audit_record_event Crafted Username Audit Log Injection
3711| [37315] pam_usb OpenSSH Authentication Unspecified Issue
3712| [34850] OpenSSH on Mac OS X Key Generation Remote Connection DoS
3713| [34601] OPIE w/ OpenSSH Account Enumeration
3714| [34600] OpenSSH S/KEY Authentication Account Enumeration
3715| [32721] OpenSSH Username Password Complexity Account Enumeration
3716| [30232] OpenSSH Privilege Separation Monitor Weakness
3717| [29494] OpenSSH packet.c Invalid Protocol Sequence Remote DoS
3718| [29266] OpenSSH GSSAPI Authentication Abort Username Enumeration
3719| [29264] OpenSSH Signal Handler Pre-authentication Race Condition Code Execution
3720| [29152] OpenSSH Identical Block Packet DoS
3721| [27745] Apple Mac OS X OpenSSH Nonexistent Account Login Enumeration DoS
3722| [23797] OpenSSH with OpenPAM Connection Saturation Forked Process Saturation DoS
3723| [22692] OpenSSH scp Command Line Filename Processing Command Injection
3724| [20216] OpenSSH with KerberosV Remote Authentication Bypass
3725| [19142] OpenSSH Multiple X11 Channel Forwarding Leaks
3726| [19141] OpenSSH GSSAPIAuthentication Credential Escalation
3727| [18236] OpenSSH no pty Command Execution Local PAM Restriction Bypass
3728| [16567] OpenSSH Privilege Separation LoginGraceTime DoS
3729| [16039] Solaris 108994 Series Patch OpenSSH LDAP Client Authentication DoS
3730| [9562] OpenSSH Default Configuration Anon SSH Service Port Bounce Weakness
3731| [9550] OpenSSH scp Traversal Arbitrary File Overwrite
3732| [6601] OpenSSH *realloc() Unspecified Memory Errors
3733| [6245] OpenSSH SKEY/BSD_AUTH Challenge-Response Remote Overflow
3734| [6073] OpenSSH on FreeBSD libutil Arbitrary File Read
3735| [6072] OpenSSH PAM Conversation Function Stack Modification
3736| [6071] OpenSSH SSHv1 PAM Challenge-Response Authentication Privilege Escalation
3737| [5536] OpenSSH sftp-server Restricted Keypair Restriction Bypass
3738| [5408] OpenSSH echo simulation Information Disclosure
3739| [5113] OpenSSH NIS YP Netgroups Authentication Bypass
3740| [4536] OpenSSH Portable AIX linker Privilege Escalation
3741| [3938] OpenSSL and OpenSSH /dev/random Check Failure
3742| [3456] OpenSSH buffer_append_space() Heap Corruption
3743| [2557] OpenSSH Multiple Buffer Management Multiple Overflows
3744| [2140] OpenSSH w/ PAM Username Validity Timing Attack
3745| [2112] OpenSSH Reverse DNS Lookup Bypass
3746| [2109] OpenSSH sshd Root Login Timing Side-Channel Weakness
3747| [1853] OpenSSH Symbolic Link 'cookies' File Removal
3748| [839] OpenSSH PAMAuthenticationViaKbdInt Challenge-Response Remote Overflow
3749| [781] OpenSSH Kerberos TGT/AFS Token Passing Remote Overflow
3750| [730] OpenSSH Channel Code Off by One Remote Privilege Escalation
3751| [688] OpenSSH UseLogin Environment Variable Local Command Execution
3752| [642] OpenSSH Multiple Key Type ACL Bypass
3753| [504] OpenSSH SSHv2 Public Key Authentication Bypass
3754| [341] OpenSSH UseLogin Local Privilege Escalation
3755|_
3756Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
3757Device type: broadband router|general purpose|WAP|webcam|printer
3758Running (JUST GUESSING): Asus embedded (95%), Linux 2.6.X|2.4.X (95%), AXIS embedded (95%), Xerox embedded (94%), Cisco embedded (94%)
3759OS CPE: cpe:/h:asus:rt-ac66u cpe:/o:linux:linux_kernel:2.6 cpe:/h:asus:rt-n10 cpe:/h:axis:211_network_camera cpe:/o:linux:linux_kernel:2.6.20 cpe:/h:xerox:workcentre_7545 cpe:/h:cisco:srp_521w cpe:/o:linux:linux_kernel:2.4
3760Aggressive OS guesses: Asus RT-AC66U router (Linux 2.6) (95%), Asus RT-N10 router or AXIS 211A Network Camera (Linux 2.6) (95%), Asus RT-N16 WAP (Linux 2.6) (95%), Asus RT-N66U WAP (Linux 2.6) (95%), Tomato 1.28 (Linux 2.6.22) (95%), AXIS 211A Network Camera (Linux 2.6.20) (95%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (95%), Linux 2.6.16 (95%), Linux 2.6.32 (94%), Xerox WorkCentre 7545 printer (94%)
3761No exact OS matches for host (test conditions non-ideal).
3762Network Distance: 10 hops
3763Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
3764
3765TRACEROUTE (using port 22/tcp)
3766HOP RTT ADDRESS
37671 130.02 ms 10.230.200.1
37682 ...
37693 127.30 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
37704 127.26 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
37715 132.82 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
37726 132.89 ms be3376.ccr21.sto01.atlas.cogentco.com (130.117.50.226)
37737 132.88 ms level3.sto01.atlas.cogentco.com (130.117.14.6)
37748 161.86 ms ae-1-3107.edge6.Amsterdam1.Level3.net (4.69.162.214)
37759 ...
377610 168.31 ms no-reverse-dns-configured.com (94.102.49.234)
3777#######################################################################################################################################
3778USER_FILE => /usr/share/brutex/wordlists/simple-users.txt
3779RHOSTS => two-elfs.com
3780RHOST => two-elfs.com
3781[*] 94.102.49.234:22 - SSH - Using malformed packet technique
3782[*] 94.102.49.234:22 - SSH - Starting scan
3783[+] 94.102.49.234:22 - SSH - User 'admin' found
3784[-] 94.102.49.234:22 - SSH - User 'administrator' not found
3785[-] 94.102.49.234:22 - SSH - User 'anonymous' not found
3786[-] 94.102.49.234:22 - SSH - User 'backup' not found
3787[-] 94.102.49.234:22 - SSH - User 'bee' not found
3788[+] 94.102.49.234:22 - SSH - User 'ftp' found
3789[-] 94.102.49.234:22 - SSH - User 'guest' not found
3790[-] 94.102.49.234:22 - SSH - User 'GUEST' not found
3791[-] 94.102.49.234:22 - SSH - User 'info' not found
3792[+] 94.102.49.234:22 - SSH - User 'mail' found
3793[-] 94.102.49.234:22 - SSH - User 'mailadmin' not found
3794[-] 94.102.49.234:22 - SSH - User 'msfadmin' not found
3795[+] 94.102.49.234:22 - SSH - User 'mysql' found
3796[+] 94.102.49.234:22 - SSH - User 'nobody' found
3797[-] 94.102.49.234:22 - SSH - User 'oracle' not found
3798[-] 94.102.49.234:22 - SSH - User 'owaspbwa' not found
3799[+] 94.102.49.234:22 - SSH - User 'postfix' found
3800[-] 94.102.49.234:22 - SSH - User 'postgres' not found
3801[-] 94.102.49.234:22 - SSH - User 'private' not found
3802[-] 94.102.49.234:22 - SSH - User 'proftpd' not found
3803[-] 94.102.49.234:22 - SSH - User 'public' not found
3804[+] 94.102.49.234:22 - SSH - User 'root' found
3805[-] 94.102.49.234:22 - SSH - User 'superadmin' not found
3806[-] 94.102.49.234:22 - SSH - User 'support' not found
3807[-] 94.102.49.234:22 - SSH - User 'sys' not found
3808[-] 94.102.49.234:22 - SSH - User 'system' not found
3809[-] 94.102.49.234:22 - SSH - User 'systemadmin' not found
3810[-] 94.102.49.234:22 - SSH - User 'systemadministrator' not found
3811[-] 94.102.49.234:22 - SSH - User 'test' not found
3812[-] 94.102.49.234:22 - SSH - User 'tomcat' not found
3813[-] 94.102.49.234:22 - SSH - User 'user' not found
3814[-] 94.102.49.234:22 - SSH - User 'webmaster' not found
3815[-] 94.102.49.234:22 - SSH - User 'www-data' not found
3816[-] 94.102.49.234:22 - SSH - User 'Fortimanager_Access' not found
3817[*] Scanned 1 of 1 hosts (100% complete)
3818[*] Auxiliary module execution completed
3819#######################################################################################################################################
3820Starting Nmap 7.80 ( https://nmap.org ) at 2019-11-06 19:19 EST
3821NSE: Loaded 163 scripts for scanning.
3822NSE: Script Pre-scanning.
3823Initiating NSE at 19:19
3824Completed NSE at 19:19, 0.00s elapsed
3825Initiating NSE at 19:19
3826Completed NSE at 19:19, 0.00s elapsed
3827Initiating Parallel DNS resolution of 1 host. at 19:19
3828Completed Parallel DNS resolution of 1 host. at 19:19, 0.02s elapsed
3829Initiating SYN Stealth Scan at 19:19
3830Scanning two-elfs.com (94.102.49.234) [1 port]
3831Discovered open port 80/tcp on 94.102.49.234
3832Completed SYN Stealth Scan at 19:19, 0.20s elapsed (1 total ports)
3833Initiating Service scan at 19:19
3834Scanning 1 service on two-elfs.com (94.102.49.234)
3835Completed Service scan at 19:19, 6.35s elapsed (1 service on 1 host)
3836Initiating OS detection (try #1) against two-elfs.com (94.102.49.234)
3837Retrying OS detection (try #2) against two-elfs.com (94.102.49.234)
3838Initiating Traceroute at 19:19
3839Completed Traceroute at 19:19, 3.01s elapsed
3840Initiating Parallel DNS resolution of 8 hosts. at 19:19
3841Completed Parallel DNS resolution of 8 hosts. at 19:19, 0.24s elapsed
3842NSE: Script scanning 94.102.49.234.
3843Initiating NSE at 19:19
3844Completed NSE at 19:21, 116.07s elapsed
3845Initiating NSE at 19:21
3846Completed NSE at 19:21, 0.89s elapsed
3847Nmap scan report for two-elfs.com (94.102.49.234)
3848Host is up (0.16s latency).
3849rDNS record for 94.102.49.234: no-reverse-dns-configured.com
3850
3851PORT STATE SERVICE VERSION
385280/tcp open http Apache httpd 2.2.3
3853| http-apache-server-status:
3854| Heading: Apache Server Status for two-elfs.com
3855| Server Version: Apache/2.2.3 (CentOS)
3856| Server Built: Oct 16 2013 12:22:17
3857| Server Uptime: 15 hours 17 minutes 28 seconds
3858| VHosts:
3859| best.world-collections.com
3860| cash.teensagency.com
3861| cinderella-girl.com
3862| collection.world-collections.co
3863| dreamstudioportal.com
3864| dummy-host.example.com
3865| flowermodels.com
3866| legal-models.info
3867| lol.world-collections.com
3868| merryangels.com
3869| models.world-collections.com
3870| nn-1.com
3871| play-kitty.com
3872| pretty.heaven-portal.com
3873| pro.world-collections.com
3874| redirect
3875| top.cinderella-girl.com
3876| top.play-kitty.com
3877| www.alisa-dreams.com
3878| www.angels-story.net
3879| www.dolly-supermodel.com
3880| www.dream-portal.com
3881| www.juliet-summer.com
3882| www.models-me.com
3883| www.models-portal.net
3884| www.mouse-trip.com
3885| www.nikita-dance.com
3886| www.petal-stone.com
3887| www.steppe-flower.com
3888| www.two-elfs.com
3889| www.two-foxes.com
3890| www.wild-kitty.net
3891|_ young.world-collections.com
3892| http-brute:
3893|_ Path "/" does not require authentication
3894|_http-chrono: Request times for /; avg: 2460.06ms; min: 2228.93ms; max: 2855.71ms
3895|_http-csrf: Couldn't find any CSRF vulnerabilities.
3896|_http-date: Thu, 07 Nov 2019 00:19:46 GMT; -2s from local time.
3897|_http-devframework: Couldn't determine the underlying framework or CMS. Try increasing 'httpspider.maxpagecount' value to spider more pages.
3898|_http-dombased-xss: Couldn't find any DOM based XSS.
3899|_http-drupal-enum: Nothing found amongst the top 100 resources,use --script-args number=<number|all> for deeper analysis)
3900| http-errors:
3901| Spidering limited to: maxpagecount=40; withinhost=two-elfs.com
3902| Found the following error pages:
3903|
3904| Error Code: 404
3905| http://two-elfs.com:80/a%5bi+2%5d;}
3906|
3907| Error Code: 404
3908|_ http://two-elfs.com:80/a%5bi%5d;}}
3909|_http-feed: Couldn't find any feeds.
3910|_http-fetch: Please enter the complete path of the directory to save data in.
3911| http-grep:
3912| (1) http://two-elfs.com:80/members.html:
3913| (1) email:
3914|_ + support@two-elfs.com
3915| http-headers:
3916| Date: Thu, 07 Nov 2019 00:19:49 GMT
3917| Server: Apache/2.2.3 (CentOS)
3918| X-Powered-By: PHP/5.3.3
3919| Connection: close
3920| Content-Type: text/html; charset=UTF-8
3921|
3922|_ (Request type: HEAD)
3923|_http-jsonp-detection: Couldn't find any JSONP endpoints.
3924| http-methods:
3925|_ Supported Methods: GET HEAD POST OPTIONS
3926|_http-mobileversion-checker: No mobile version detected.
3927| http-php-version: Logo query returned unknown hash 398e7a9bdb67ff59328b5b4ce273a338
3928| Versions from credits query (more accurate): 5.3.3
3929|_Version from header x-powered-by: PHP/5.3.3
3930|_http-security-headers:
3931|_http-server-header: Apache/2.2.3 (CentOS)
3932| http-sitemap-generator:
3933| Directory structure:
3934| /
3935| Other: 1; html: 1
3936| /images/
3937| jpg: 4; png: 2
3938| /js/
3939| js: 2
3940| /videohtml/
3941| html: 9
3942| Longest directory structure:
3943| Depth: 1
3944| Dir: /videohtml/
3945| Total files found (by extension):
3946|_ Other: 1; html: 10; jpg: 4; js: 2; png: 2
3947|_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
3948|_http-title: Two Elfs
3949| http-trace: TRACE is enabled
3950| Headers:
3951| Date: Thu, 07 Nov 2019 00:19:44 GMT
3952| Server: Apache/2.2.3 (CentOS)
3953| Connection: close
3954| Transfer-Encoding: chunked
3955|_Content-Type: message/http
3956| http-vhosts:
3957|_127 names had status 404
3958|_http-wordpress-enum: Nothing found amongst the top 100 resources,use --script-args search-limit=<number|all> for deeper analysis)
3959|_http-wordpress-users: [Error] Wordpress installation was not found. We couldn't find wp-login.php
3960|_http-xssed: No previously reported XSS vuln.
3961| vulners:
3962| cpe:/a:apache:http_server:2.2.3:
3963| CVE-2010-0425 10.0 https://vulners.com/cve/CVE-2010-0425
3964| CVE-2011-3192 7.8 https://vulners.com/cve/CVE-2011-3192
3965| CVE-2007-6423 7.8 https://vulners.com/cve/CVE-2007-6423
3966| CVE-2017-7679 7.5 https://vulners.com/cve/CVE-2017-7679
3967| CVE-2017-7668 7.5 https://vulners.com/cve/CVE-2017-7668
3968| CVE-2017-3169 7.5 https://vulners.com/cve/CVE-2017-3169
3969| CVE-2017-3167 7.5 https://vulners.com/cve/CVE-2017-3167
3970| CVE-2013-2249 7.5 https://vulners.com/cve/CVE-2013-2249
3971| CVE-2009-1891 7.1 https://vulners.com/cve/CVE-2009-1891
3972| CVE-2009-1890 7.1 https://vulners.com/cve/CVE-2009-1890
3973| CVE-2012-0883 6.9 https://vulners.com/cve/CVE-2012-0883
3974| CVE-2018-1312 6.8 https://vulners.com/cve/CVE-2018-1312
3975| CVE-2006-4154 6.8 https://vulners.com/cve/CVE-2006-4154
3976| CVE-2007-1741 6.2 https://vulners.com/cve/CVE-2007-1741
3977| CVE-2013-1862 5.1 https://vulners.com/cve/CVE-2013-1862
3978| CVE-2014-0231 5.0 https://vulners.com/cve/CVE-2014-0231
3979| CVE-2014-0098 5.0 https://vulners.com/cve/CVE-2014-0098
3980| CVE-2013-6438 5.0 https://vulners.com/cve/CVE-2013-6438
3981| CVE-2011-3368 5.0 https://vulners.com/cve/CVE-2011-3368
3982| CVE-2010-1452 5.0 https://vulners.com/cve/CVE-2010-1452
3983| CVE-2010-0408 5.0 https://vulners.com/cve/CVE-2010-0408
3984| CVE-2009-2699 5.0 https://vulners.com/cve/CVE-2009-2699
3985| CVE-2007-6750 5.0 https://vulners.com/cve/CVE-2007-6750
3986| CVE-2009-1195 4.9 https://vulners.com/cve/CVE-2009-1195
3987| CVE-2012-0031 4.6 https://vulners.com/cve/CVE-2012-0031
3988| CVE-2011-3607 4.4 https://vulners.com/cve/CVE-2011-3607
3989| CVE-2007-1743 4.4 https://vulners.com/cve/CVE-2007-1743
3990| CVE-2016-4975 4.3 https://vulners.com/cve/CVE-2016-4975
3991| CVE-2013-1896 4.3 https://vulners.com/cve/CVE-2013-1896
3992| CVE-2012-4558 4.3 https://vulners.com/cve/CVE-2012-4558
3993| CVE-2012-3499 4.3 https://vulners.com/cve/CVE-2012-3499
3994| CVE-2012-0053 4.3 https://vulners.com/cve/CVE-2012-0053
3995| CVE-2011-4317 4.3 https://vulners.com/cve/CVE-2011-4317
3996| CVE-2011-3639 4.3 https://vulners.com/cve/CVE-2011-3639
3997| CVE-2011-3348 4.3 https://vulners.com/cve/CVE-2011-3348
3998| CVE-2011-0419 4.3 https://vulners.com/cve/CVE-2011-0419
3999| CVE-2010-0434 4.3 https://vulners.com/cve/CVE-2010-0434
4000| CVE-2008-2939 4.3 https://vulners.com/cve/CVE-2008-2939
4001| CVE-2008-2168 4.3 https://vulners.com/cve/CVE-2008-2168
4002| CVE-2008-0455 4.3 https://vulners.com/cve/CVE-2008-0455
4003| CVE-2007-6420 4.3 https://vulners.com/cve/CVE-2007-6420
4004| CVE-2007-6388 4.3 https://vulners.com/cve/CVE-2007-6388
4005| CVE-2007-6203 4.3 https://vulners.com/cve/CVE-2007-6203
4006| CVE-2007-5000 4.3 https://vulners.com/cve/CVE-2007-5000
4007| CVE-2007-4465 4.3 https://vulners.com/cve/CVE-2007-4465
4008| CVE-2006-5752 4.3 https://vulners.com/cve/CVE-2006-5752
4009| CVE-2006-4110 4.3 https://vulners.com/cve/CVE-2006-4110
4010| CVE-2007-6422 4.0 https://vulners.com/cve/CVE-2007-6422
4011| CVE-2007-1742 3.7 https://vulners.com/cve/CVE-2007-1742
4012| CVE-2007-6421 3.5 https://vulners.com/cve/CVE-2007-6421
4013| CVE-2016-8612 3.3 https://vulners.com/cve/CVE-2016-8612
4014| CVE-2012-2687 2.6 https://vulners.com/cve/CVE-2012-2687
4015| CVE-2008-0456 2.6 https://vulners.com/cve/CVE-2008-0456
4016|_ CVE-2011-4415 1.2 https://vulners.com/cve/CVE-2011-4415
4017| vulscan: VulDB - https://vuldb.com:
4018| [134248] Apache Archiva up to 2.2.3 Artifact Upload directory traversal
4019| [134247] Apache Archiva up to 2.2.3 Artifact Upload directory traversal
4020| [122889] Apache HTTP Server up to 2.2.31/2.4.23 mod_userdir HTTP Response Splitting privilege escalation
4021| [106777] Apache HTTP Server up to 2.2.34/2.4.27 Limit Directive ap_limit_section HTTP Request information disclosure
4022| [103520] Apache HTTP Server up to 2.2.33/2.4.26 mod_auth_digest Authorization Header memory corruption
4023| [102698] Apache HTTP Server up to 2.2.32/2.4.25 mod_mime Content-Type memory corruption
4024| [102690] Apache HTTP Server up to 2.2.32/2.4.25 mod_ssl ap_hook_process_connection() denial of service
4025| [102689] Apache HTTP Server up to 2.2.32/2.4.25 ap_get_basic_auth_pw weak authentication
4026| [12291] Apache Struts up to 2.2.3 DebuggingInterceptor privilege escalation
4027| [64485] Apache Struts up to 2.2.3.0 privilege escalation
4028| [64457] Apache Struts up to 2.2.3.0 cross site scripting
4029| [60352] Apache Struts up to 2.2.3 memory corruption
4030| [59902] Apache Struts up to 2.2.3 Interfaces unknown vulnerability
4031| [4528] Apache Struts up to 2.2.3 DebuggingInterceptor privilege escalation
4032| [4527] Apache Struts up to 2.2.3 ExceptionDelegator cross site scripting
4033| [4512] Apache Struts up to 2.2.3 CookieInterceptor privilege escalation
4034| [135663] Apache Camel up to 2.23.x JSON-lib Library XML Data XML External Entity
4035| [134290] Apache UIMA DUCC up to 2.2.2 cross site scripting
4036| [124152] Apache Camel Mail up to 2.22.0 Path directory traversal
4037| [122456] Apache Camel up to 2.20.3/2.21.0 XSD Validator XML External Entity
4038| [102697] Apache HTTP Server 2.2.24/2.2.32 HTTP Strict Parsing ap_find_token Request Header memory corruption
4039| [100162] Oracle StorageTek Tape Analytics SW Tool up to 2.2.0 Apache Commons Collections privilege escalation
4040| [100160] Oracle StorageTek Tape Analytics SW Tool up to 2.2.0 Apache Trinidad unknown vulnerability
4041| [87540] Apache Ambari up to 2.2.0 File Browser View information disclosure
4042| [75668] Apache Sling API/Sling Servlets Post up to 2.2.1 HtmlResponse cross site scripting
4043| [65386] Apache Solr up to 2.2.1 on TYPO3 cross site scripting
4044| [65385] Apache Solr up to 2.2.1 on TYPO3 unknown vulnerability
4045| [65313] Apache Sling 2.2.0/2.3.0 AbstractCreateOperation.java deepGetOrCreateNode denial of service
4046| [9891] Apache HTTP Server 2.2.22 suEXEC Feature .htaccess information disclosure
4047| [64466] Apache OpenJPA up to 2.2.1 Serialization memory corruption
4048| [63646] Apache HTTP Server up to 2.2.23/2.4.3 mod_proxy_balancer.c balancer_handler cross site scripting
4049| [63089] Apache HTTP Server up to 2.2.13 mod_proxy_ajp denial of service
4050| [4583] Apache HTTP Server up to 2.2.21 Threaded MPM denial of service
4051| [4582] Apache HTTP Server up to 2.2.21 protocol.c information disclosure
4052| [59850] Apache Geronimo up to 2.2.1 denial of service
4053| [57435] Apache Struts up to 2.2.1.1 FileHandler.java cross site scripting
4054| [57425] Apache Struts up to 2.2.1.1 cross site scripting
4055| [4352] Apache HTTP Server 2.2.x APR apr_fnmatch denial of service
4056| [54394] Apache CXF up to 2.2.8 Memory Consumption denial of service
4057| [54166] Apache HTTP Server up to 2.2.12 mod_cache Crash denial of service
4058| [49856] Apache HTTP Server 2.2.13 mod_proxy_ftp ap_proxy_ftp_handler denial of service
4059| [40502] Apache HTTP Server up to 2.2.5 mod_proxy_balancer memory corruption
4060| [40501] Apache HTTP Server 2.2.6 mod_proxy_balancer cross site request forgery
4061| [40398] Apache HTTP Server up to 2.2 mod_proxy_balancer cross site scripting
4062| [40397] Apache HTTP Server up to 2.2 mod_proxy_balancer balancer_handler denial of service
4063| [40221] Apache HTTP Server 2.2.6 information disclosure
4064| [3130] Apache OpenOffice 2.2.1 RTF Document Heap-based memory corruption
4065|
4066| MITRE CVE - https://cve.mitre.org:
4067| [CVE-2012-1006] Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.0.14 and 2.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) lastName parameter to struts2-showcase/person/editPerson.action, or the (3) clientName parameter to struts2-rest-showcase/orders.
4068| [CVE-2012-0838] Apache Struts 2 before 2.2.3.1 evaluates a string as an OGNL expression during the handling of a conversion error, which allows remote attackers to modify run-time data values, and consequently execute arbitrary code, via invalid input to a field.
4069| [CVE-2012-0391] The ExceptionDelegator component in Apache Struts before 2.2.3.1 interprets parameter values as OGNL expressions during certain exception handling for mismatched data types of properties, which allows remote attackers to execute arbitrary Java code via a crafted parameter.
4070| [CVE-2011-2087] Multiple cross-site scripting (XSS) vulnerabilities in component handlers in the javatemplates (aka Java Templates) plugin in Apache Struts 2.x before 2.2.3 allow remote attackers to inject arbitrary web script or HTML via an arbitrary parameter value to a .action URI, related to improper handling of value attributes in (1) FileHandler.java, (2) HiddenHandler.java, (3) PasswordHandler.java, (4) RadioHandler.java, (5) ResetHandler.java, (6) SelectHandler.java, (7) SubmitHandler.java, and (8) TextFieldHandler.java.
4071| [CVE-2011-1772] Multiple cross-site scripting (XSS) vulnerabilities in XWork in Apache Struts 2.x before 2.2.3, and OpenSymphony XWork in OpenSymphony WebWork, allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) an action name, (2) the action attribute of an s:submit element, or (3) the method attribute of an s:submit element.
4072| [CVE-2007-1743] suexec in Apache HTTP Server (httpd) 2.2.3 does not verify combinations of user and group IDs on the command line, which might allow local users to leverage other vulnerabilities to create arbitrary UID/GID owned files if /proc is mounted. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because "the attacks described rely on an insecure server configuration" in which the user "has write access to the document root." In addition, because this is dependent on other vulnerabilities, perhaps this is resultant and should not be included in CVE.
4073| [CVE-2007-1742] suexec in Apache HTTP Server (httpd) 2.2.3 uses a partial comparison for verifying whether the current directory is within the document root, which might allow local users to perform unauthorized operations on incorrect directories, as demonstrated using "html_backup" and "htmleditor" under an "html" directory. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because "the attacks described rely on an insecure server configuration" in which the user "has write access to the document root."
4074| [CVE-2007-1741] Multiple race conditions in suexec in Apache HTTP Server (httpd) 2.2.3 between directory and file validation, and their usage, allow local users to gain privileges and execute arbitrary code by renaming directories or performing symlink attacks. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because "the attacks described rely on an insecure server configuration" in which the user "has write access to the document root."
4075| [CVE-2013-1896] mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segmentation fault) via a MERGE request in which the URI is configured for handling by the mod_dav_svn module, but a certain href attribute in XML data refers to a non-DAV URI.
4076| [CVE-2013-1862] mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator.
4077| [CVE-2013-1768] The BrokerFactory functionality in Apache OpenJPA 1.x before 1.2.3 and 2.x before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects, which makes it easier for remote attackers to execute arbitrary code by creating a serialized object and leveraging improperly secured server programs.
4078| [CVE-2013-1048] The Debian apache2ctl script in the apache2 package squeeze before 2.2.16-6+squeeze11, wheezy before 2.2.22-13, and sid before 2.2.22-13 for the Apache HTTP Server on Debian GNU/Linux does not properly create the /var/lock/apache2 lock directory, which allows local users to gain privileges via an unspecified symlink attack.
4079| [CVE-2012-4558] Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via a crafted string.
4080| [CVE-2012-4557] The mod_proxy_ajp module in the Apache HTTP Server 2.2.12 through 2.2.21 places a worker node into an error state upon detection of a long request-processing time, which allows remote attackers to cause a denial of service (worker consumption) via an expensive request.
4081| [CVE-2012-3499] Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3) mod_ldap, (4) mod_proxy_ftp, and (5) mod_status modules.
4082| [CVE-2012-0216] The default configuration of the apache2 package in Debian GNU/Linux squeeze before 2.2.16-6+squeeze7, wheezy before 2.2.22-4, and sid before 2.2.22-4, when mod_php or mod_rivet is used, provides example scripts under the doc/ URI, which might allow local users to conduct cross-site scripting (XSS) attacks, gain privileges, or obtain sensitive information via vectors involving localhost HTTP requests to the Apache HTTP Server.
4083| [CVE-2012-0053] protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script.
4084| [CVE-2012-0031] scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading to an invalid call to the free function.
4085| [CVE-2012-0021] The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server 2.2.17 through 2.2.21, when a threaded MPM is used, does not properly handle a %{}C format string, which allows remote attackers to cause a denial of service (daemon crash) via a cookie that lacks both a name and a value.
4086| [CVE-2011-5034] Apache Geronimo 2.2.1 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. NOTE: this might overlap CVE-2011-4461.
4087| [CVE-2011-4668] IBM Tivoli Netcool/Reporter 2.2 before 2.2.0.8 allows remote attackers to execute arbitrary code via vectors related to an unspecified CGI program used with the Apache HTTP Server.
4088| [CVE-2011-4415] The ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, does not restrict the size of values of environment variables, which allows local users to cause a denial of service (memory consumption or NULL pointer dereference) via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, related to (1) the "len +=" statement and (2) the apr_pcalloc function call, a different vulnerability than CVE-2011-3607.
4089| [CVE-2011-4317] The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an @ (at sign) character and a : (colon) character in invalid positions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368.
4090| [CVE-2011-3639] The mod_proxy module in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x before 2.2.18, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers by using the HTTP/0.9 protocol with a malformed URI containing an initial @ (at sign) character. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368.
4091| [CVE-2011-3607] Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, allows local users to gain privileges via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, leading to a heap-based buffer overflow.
4092| [CVE-2011-3368] The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character.
4093| [CVE-2011-3348] The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service (temporary "error state" in the backend server) via a malformed HTTP request.
4094| [CVE-2011-3192] The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.
4095| [CVE-2011-2088] XWork 2.2.1 in Apache Struts 2.2.1, and OpenSymphony XWork in OpenSymphony WebWork, allows remote attackers to obtain potentially sensitive information about internal Java class paths via vectors involving an s:submit element and a nonexistent method, a different vulnerability than CVE-2011-1772.3.
4096| [CVE-2011-1928] The fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service (infinite loop) via a URI that does not match unspecified types of wildcard patterns, as demonstrated by attacks against mod_autoindex in httpd when a /*/WEB-INF/ configuration pattern is used. NOTE: this issue exists because of an incorrect fix for CVE-2011-0419.
4097| [CVE-2011-1176] The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module 2.2.11-01 and 2.2.11-02 for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which might allow remote attackers to gain privileges by leveraging the root uid and root gid of an mpm-itk process.
4098| [CVE-2011-0419] Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd.
4099| [CVE-2010-4476] The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.
4100| [CVE-2010-2791] mod_proxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend connection if a timeout occurs when reading a response from a persistent connection, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request. NOTE: this is the same issue as CVE-2010-2068, but for a different OS and set of affected versions.
4101| [CVE-2010-2076] Apache CXF 2.0.x before 2.0.13, 2.1.x before 2.1.10, and 2.2.x before 2.2.9, as used in Apache ServiceMix, Apache Camel, Apache Chemistry, Apache jUDDI, Apache Geronimo, and other products, does not properly reject DTDs in SOAP messages, which allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via a crafted DTD, as demonstrated by an entity declaration in a request to samples/wsdl_first_pure_xml, a similar issue to CVE-2010-1632.
4102| [CVE-2010-2068] mod_proxy_http.c in mod_proxy_http in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain configurations involving proxy worker pools, does not properly detect timeouts, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request.
4103| [CVE-2010-1452] The (1) mod_cache and (2) mod_dav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service (process crash) via a request that lacks a path.
4104| [CVE-2010-0434] The ap_read_request function in server/protocol.c in the Apache HTTP Server 2.2.x before 2.2.15, when a multithreaded MPM is used, does not properly handle headers in subrequests in certain circumstances involving a parent request that has a body, which might allow remote attackers to obtain sensitive information via a crafted request that triggers access to memory locations associated with an earlier request.
4105| [CVE-2010-0425] modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server 2.0.37 through 2.0.63, 2.2.0 through 2.2.14, and 2.3.x before 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapi_unload for an ISAPI .dll module, which allows remote attackers to execute arbitrary code via unspecified vectors related to a crafted request, a reset packet, and "orphaned callback pointers."
4106| [CVE-2010-0408] The ap_proxy_ajp_request function in mod_proxy_ajp.c in mod_proxy_ajp in the Apache HTTP Server 2.2.x before 2.2.15 does not properly handle certain situations in which a client sends no request body, which allows remote attackers to cause a denial of service (backend server outage) via a crafted request, related to use of a 500 error code instead of the appropriate 400 error code.
4107| [CVE-2009-3555] The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.
4108| [CVE-2009-3094] The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command.
4109| [CVE-2009-2699] The Solaris pollset feature in the Event Port backend in poll/unix/port.c in the Apache Portable Runtime (APR) library before 1.3.9, as used in the Apache HTTP Server before 2.2.14 and other products, does not properly handle errors, which allows remote attackers to cause a denial of service (daemon hang) via unspecified HTTP requests, related to the prefork and event MPMs.
4110| [CVE-2009-1891] The mod_deflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service (CPU consumption).
4111| [CVE-2009-1195] The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not properly handle Options=IncludesNOEXEC in the AllowOverride directive, which allows local users to gain privileges by configuring (1) Options Includes, (2) Options +Includes, or (3) Options +IncludesNOEXEC in a .htaccess file, and then inserting an exec element in a .shtml file.
4112| [CVE-2009-1191] mod_proxy_ajp.c in the mod_proxy_ajp module in the Apache HTTP Server 2.2.11 allows remote attackers to obtain sensitive response data, intended for a client that sent an earlier POST request with no request body, via an HTTP request.
4113| [CVE-2008-3666] Unspecified vulnerability in Sun Solaris 10 and OpenSolaris before snv_96 allows (1) context-dependent attackers to cause a denial of service (panic) via vectors involving creation of a crafted file and use of the sendfilev system call, as demonstrated by a file served by an Apache 2.2.x web server with EnableSendFile configured
4114| [CVE-2008-2939] Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web script or HTML via a wildcard in the last directory component in the pathname in an FTP URI.
4115| [CVE-2008-2364] The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service (memory consumption) via a large number of interim responses.
4116| [CVE-2008-2168] Cross-site scripting (XSS) vulnerability in Apache 2.2.6 and earlier allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded URLs that are not properly handled when displaying the 403 Forbidden error page.
4117| [CVE-2008-0456] CRLF injection vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks by uploading a file with a multi-line name containing HTTP header sequences and a file extension, which leads to injection within a (1) "406 Not Acceptable" or (2) "300 Multiple Choices" HTTP response when the extension is omitted in a request for the file.
4118| [CVE-2008-0455] Cross-site scripting (XSS) vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary web script or HTML by uploading a file with a name containing XSS sequences and a file extension, which leads to injection within a (1) "406 Not Acceptable" or (2) "300 Multiple Choices" HTTP response when the extension is omitted in a request for the file.
4119| [CVE-2008-0005] mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting (XSS) attacks using UTF-7 encoding.
4120| [CVE-2007-6750] The Apache HTTP Server 1.x and 2.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris, related to the lack of the mod_reqtimeout module in versions before 2.2.15.
4121| [CVE-2007-6423] ** DISPUTED ** Unspecified vulnerability in mod_proxy_balancer for Apache HTTP Server 2.2.x before 2.2.7-dev, when running on Windows, allows remote attackers to trigger memory corruption via a long URL. NOTE: the vendor could not reproduce this issue.
4122| [CVE-2007-6422] The balancer_handler function in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6, when a threaded Multi-Processing Module is used, allows remote authenticated users to cause a denial of service (child process crash) via an invalid bb variable.
4123| [CVE-2007-6421] Cross-site scripting (XSS) vulnerability in balancer-manager in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the (1) ss, (2) wr, or (3) rr parameters, or (4) the URL.
4124| [CVE-2007-6420] Cross-site request forgery (CSRF) vulnerability in the balancer-manager in mod_proxy_balancer for Apache HTTP Server 2.2.x allows remote attackers to gain privileges via unspecified vectors.
4125| [CVE-2007-6388] Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
4126| [CVE-2007-6203] Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated via an HTTP request containing an invalid Content-length value, a similar issue to CVE-2006-3918.
4127| [CVE-2007-5000] Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
4128| [CVE-2007-4465] Cross-site scripting (XSS) vulnerability in mod_autoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that this issue is due to a design limitation of browsers that attempt to perform automatic content type detection.
4129| [CVE-2007-3304] Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka "SIGUSR1 killer."
4130| [CVE-2007-3303] Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows local users to cause a denial of service via certain code sequences executed in a worker process that (1) stop request processing by killing all worker processes and preventing creation of replacements or (2) hang the system by forcing the master process to fork an arbitrarily large number of worker processes. NOTE: This might be an inherent design limitation of Apache with respect to worker processes in hosted environments.
4131| [CVE-2007-1862] The recall_headers function in mod_mem_cache in Apache 2.2.4 does not properly copy all levels of header data, which can cause Apache to return HTTP headers containing previously used data, which could be used by remote attackers to obtain potentially sensitive information.
4132| [CVE-2007-0792] The mod_perl initialization script in Bugzilla 2.23.3 does not set the Bugzilla Apache configuration to allow .htaccess permissions to override file permissions, which allows remote attackers to obtain the database username and password via a direct request for the localconfig file.
4133| [CVE-2006-4110] Apache 2.2.2, when running on Windows, allows remote attackers to read source code of CGI programs via a request that contains uppercase (or alternate case) characters that bypass the case-sensitive ScriptAlias directive, but allow access to the file on case-insensitive file systems.
4134| [CVE-2006-3918] http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated using a Flash SWF file.
4135| [CVE-2006-3747] Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules.
4136| [CVE-2006-2806] The SMTP server in Apache Java Mail Enterprise Server (aka Apache James) 2.2.0 allows remote attackers to cause a denial of service (CPU consumption) via a long argument to the MAIL command.
4137| [CVE-2006-1292] Directory traversal vulnerability in Jim Hu and Chad Little PHP iCalendar 2.21 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences and a NUL (%00) character in the phpicalendar[cookie_language] and phpicalendar[cookie_style] cookies, as demonstrated by injecting PHP sequences into an Apache access_log file, which is then included by day.php.
4138| [CVE-2006-1079] htpasswd, as used in Acme thttpd 2.25b and possibly other products such as Apache, might allow local users to gain privileges via shell metacharacters in a command line argument, which is used in a call to the system function. NOTE: since htpasswd is normally installed as a non-setuid program, and the exploit is through command line options, perhaps this issue should not be included in CVE. However, if there are some typical or recommended configurations that use htpasswd with sudo privileges, or common products that access htpasswd remotely, then perhaps it should be included.
4139| [CVE-2006-1078] Multiple buffer overflows in htpasswd, as used in Acme thttpd 2.25b, and possibly other products such as Apache, might allow local users to gain privileges via (1) a long command line argument and (2) a long line in a file. NOTE: since htpasswd is normally installed as a non-setuid program, and the exploit is through command line options, perhaps this issue should not be included in CVE. However, if there are some typical or recommended configurations that use htpasswd with sudo privileges, or common products that access htpasswd remotely, then perhaps it should be included.
4140| [CVE-2004-2650] Spooler in Apache Foundation James 2.2.0 allows local users to cause a denial of service (memory consumption) by triggering various error conditions in the retrieve function, which prevents a lock from being released and causes a memory leak.
4141| [CVE-2003-1172] Directory traversal vulnerability in the view-source sample file in Apache Software Foundation Cocoon 2.1 and 2.2 allows remote attackers to access arbitrary files via a .. (dot dot) in the filename parameter.
4142| [CVE-2002-1233] A regression error in the Debian distributions of the apache-ssl package (before 1.3.9 on Debian 2.2, and before 1.3.26 on Debian 3.0), for Apache 1.3.27 and earlier, allows local users to read or modify the Apache password file via a symlink attack on temporary files when the administrator runs (1) htpasswd or (2) htdigest, a re-introduction of a vulnerability that was originally identified and addressed by CVE-2001-0131.
4143|
4144| SecurityFocus - https://www.securityfocus.com/bid/:
4145| [42102] Apache 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosure Vulnerability
4146| [27237] Apache HTTP Server 2.2.6, 2.0.61 and 1.3.39 'mod_status' Cross-Site Scripting Vulnerability
4147|
4148| IBM X-Force - https://exchange.xforce.ibmcloud.com:
4149| [75211] Debian GNU/Linux apache 2 cross-site scripting
4150|
4151| Exploit-DB - https://www.exploit-db.com:
4152| [2237] Apache < 1.3.37, 2.0.59, 2.2.3 (mod_rewrite) Remote Overflow PoC
4153| [31052] Apache <= 2.2.6 'mod_negotiation' HTML Injection and HTTP Response Splitting Vulnerability
4154| [30901] Apache HTTP Server 2.2.6 Windows Share PHP File Extension Mapping Information Disclosure Vulnerability
4155| [30835] Apache HTTP Server <= 2.2.4 413 Error HTTP Request Method Cross-Site Scripting Weakness
4156| [28365] Apache 2.2.2 CGI Script Source Code Information Disclosure Vulnerability
4157| [27915] Apache James 2.2 SMTP Denial of Service Vulnerability
4158| [18984] Apache Struts <= 2.2.1.1 - Remote Command Execution
4159| [17691] Apache Struts < 2.2.0 - Remote Command Execution
4160| [15319] Apache 2.2 (Windows) Local Denial of Service
4161| [11650] Apache 2.2.14 mod_isapi Dangling Pointer Remote SYSTEM Exploit
4162|
4163| OpenVAS (Nessus) - http://www.openvas.org:
4164| [100858] Apache 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosure Vulnerability
4165|
4166| SecurityTracker - https://www.securitytracker.com:
4167| [1008196] Apache 2.x on Windows May Return Unexpected Files For URLs Ending With Certain Characters
4168| [1007143] Apache 2.0 Web Server May Use a Weaker Encryption Implementation Than Specified in Some Cases
4169| [1006444] Apache 2.0 Web Server Line Feed Buffer Allocation Flaw Lets Remote Users Deny Service
4170| [1005963] Apache Web Server 2.x Windows Device Access Flaw Lets Remote Users Crash the Server or Possibly Execute Arbitrary Code
4171| [1004770] Apache 2.x Web Server ap_log_rerror() Function May Disclose Full Installation Path to Remote Users
4172|
4173| OSVDB - http://www.osvdb.org:
4174| [20897] PHP w/ Apache 2 SAPI virtual() Function Unspecified INI Setting Disclosure
4175|_
4176Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
4177Aggressive OS guesses: Linux 2.6.18 (95%), Asus RT-AC66U router (Linux 2.6) (95%), Asus RT-N10 router or AXIS 211A Network Camera (Linux 2.6) (95%), Asus RT-N16 WAP (Linux 2.6) (95%), Asus RT-N66U WAP (Linux 2.6) (95%), Tomato 1.28 (Linux 2.6.22) (95%), AXIS 211A Network Camera (Linux 2.6.20) (95%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (95%), Linux 2.6.16 (95%), Linux 2.6.32 (94%)
4178No exact OS matches for host (test conditions non-ideal).
4179Uptime guess: 11.621 days (since Sat Oct 26 05:27:57 2019)
4180Network Distance: 10 hops
4181TCP Sequence Prediction: Difficulty=260 (Good luck!)
4182IP ID Sequence Generation: All zeros
4183Service Info: Host: dummy-host.example.com
4184
4185TRACEROUTE (using port 80/tcp)
4186HOP RTT ADDRESS
41871 129.69 ms 10.230.200.1
41882 ...
41893 127.11 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
41904 126.89 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
41915 132.32 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
41926 132.51 ms be3377.ccr21.sto01.atlas.cogentco.com (154.54.36.90)
41937 133.34 ms level3.sto01.atlas.cogentco.com (130.117.14.6)
41948 161.93 ms ae-1-3107.edge6.Amsterdam1.Level3.net (4.69.162.214)
41959 ...
419610 162.03 ms no-reverse-dns-configured.com (94.102.49.234)
4197
4198NSE: Script Post-scanning.
4199Initiating NSE at 19:21
4200Completed NSE at 19:21, 0.00s elapsed
4201Initiating NSE at 19:21
4202Completed NSE at 19:21, 0.00s elapsed
4203#######################################################################################################################################
4204------------------------------------------------------------------------------------------------------------------------
4205
4206[ ! ] Starting SCANNER INURLBR 2.1 at [06-11-2019 19:21:56]
4207[ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
4208It is the end user's responsibility to obey all applicable local, state and federal laws.
4209Developers assume no liability and are not responsible for any misuse or damage caused by this program
4210
4211[ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/loot/workspace/two-elfs.com/output/inurlbr-two-elfs.com ]
4212[ INFO ][ DORK ]::[ site:two-elfs.com ]
4213[ INFO ][ SEARCHING ]:: {
4214[ INFO ][ ENGINE ]::[ GOOGLE - www.google.com ]
4215
4216[ INFO ][ SEARCHING ]::
4217-[:::]
4218[ INFO ][ ENGINE ]::[ GOOGLE API ]
4219
4220[ INFO ][ SEARCHING ]::
4221-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
4222[ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.td ID: 003917828085772992913:gmoeray5sa8 ]
4223
4224[ INFO ][ SEARCHING ]::
4225-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
4226
4227[ INFO ][ TOTAL FOUND VALUES ]:: [ 100 ]
4228
4229
4230 _[ - ]::--------------------------------------------------------------------------------------------------------------
4231|_[ + ] [ 0 / 100 ]-[19:22:17] [ - ]
4232|_[ + ] Target:: [ http://two-elfs.com/ ]
4233|_[ + ] Exploit::
4234|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4235|_[ + ] More details:: / - / , ISP:
4236|_[ + ] Found:: UNIDENTIFIED
4237
4238 _[ - ]::--------------------------------------------------------------------------------------------------------------
4239|_[ + ] [ 1 / 100 ]-[19:22:18] [ - ]
4240|_[ + ] Target:: [ http://two-elfs.com/join30days.html ]
4241|_[ + ] Exploit::
4242|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4243|_[ + ] More details:: / - / , ISP:
4244|_[ + ] Found:: UNIDENTIFIED
4245
4246 _[ - ]::--------------------------------------------------------------------------------------------------------------
4247|_[ + ] [ 2 / 100 ]-[19:22:20] [ - ]
4248|_[ + ] Target:: [ http://two-elfs.com/joinnow.html ]
4249|_[ + ] Exploit::
4250|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4251|_[ + ] More details:: / - / , ISP:
4252|_[ + ] Found:: UNIDENTIFIED
4253
4254 _[ - ]::--------------------------------------------------------------------------------------------------------------
4255|_[ + ] [ 3 / 100 ]-[19:22:21] [ - ]
4256|_[ + ] Target:: [ http://two-elfs.com/support.html ]
4257|_[ + ] Exploit::
4258|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4259|_[ + ] More details:: / - / , ISP:
4260|_[ + ] Found:: UNIDENTIFIED
4261
4262 _[ - ]::--------------------------------------------------------------------------------------------------------------
4263|_[ + ] [ 4 / 100 ]-[19:22:23] [ - ]
4264|_[ + ] Target:: [ http://www.two-elfs.com/join.html ]
4265|_[ + ] Exploit::
4266|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4267|_[ + ] More details:: / - / , ISP:
4268|_[ + ] Found:: UNIDENTIFIED
4269
4270 _[ - ]::--------------------------------------------------------------------------------------------------------------
4271|_[ + ] [ 5 / 100 ]-[19:22:28] [ - ]
4272|_[ + ] Target:: [ http://two-elfs.com/members.html ]
4273|_[ + ] Exploit::
4274|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4275|_[ + ] More details:: / - / , ISP:
4276|_[ + ] Found:: UNIDENTIFIED
4277
4278 _[ - ]::--------------------------------------------------------------------------------------------------------------
4279|_[ + ] [ 6 / 100 ]-[19:22:30] [ - ]
4280|_[ + ] Target:: [ http://two-elfs.com/joincc.html ]
4281|_[ + ] Exploit::
4282|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4283|_[ + ] More details:: / - / , ISP:
4284|_[ + ] Found:: UNIDENTIFIED
4285
4286 _[ - ]::--------------------------------------------------------------------------------------------------------------
4287|_[ + ] [ 7 / 100 ]-[19:22:31] [ - ]
4288|_[ + ] Target:: [ http://two-elfs.com/videohtml/video012.html ]
4289|_[ + ] Exploit::
4290|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4291|_[ + ] More details:: / - / , ISP:
4292|_[ + ] Found:: UNIDENTIFIED
4293
4294 _[ - ]::--------------------------------------------------------------------------------------------------------------
4295|_[ + ] [ 8 / 100 ]-[19:22:32] [ - ]
4296|_[ + ] Target:: [ http://two-elfs.com/videohtml/video100.html ]
4297|_[ + ] Exploit::
4298|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4299|_[ + ] More details:: / - / , ISP:
4300|_[ + ] Found:: UNIDENTIFIED
4301
4302 _[ - ]::--------------------------------------------------------------------------------------------------------------
4303|_[ + ] [ 9 / 100 ]-[19:22:34] [ - ]
4304|_[ + ] Target:: [ http://two-elfs.com/videohtml/video011.html ]
4305|_[ + ] Exploit::
4306|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4307|_[ + ] More details:: / - / , ISP:
4308|_[ + ] Found:: UNIDENTIFIED
4309
4310 _[ - ]::--------------------------------------------------------------------------------------------------------------
4311|_[ + ] [ 10 / 100 ]-[19:22:35] [ - ]
4312|_[ + ] Target:: [ http://two-elfs.com/videohtml/video043.html ]
4313|_[ + ] Exploit::
4314|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4315|_[ + ] More details:: / - / , ISP:
4316|_[ + ] Found:: UNIDENTIFIED
4317
4318 _[ - ]::--------------------------------------------------------------------------------------------------------------
4319|_[ + ] [ 11 / 100 ]-[19:22:36] [ - ]
4320|_[ + ] Target:: [ http://www.two-elfs.com/videohtml/video013.html ]
4321|_[ + ] Exploit::
4322|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4323|_[ + ] More details:: / - / , ISP:
4324|_[ + ] Found:: UNIDENTIFIED
4325
4326 _[ - ]::--------------------------------------------------------------------------------------------------------------
4327|_[ + ] [ 12 / 100 ]-[19:22:38] [ - ]
4328|_[ + ] Target:: [ http://www.two-elfs.com/videohtml/video115.html ]
4329|_[ + ] Exploit::
4330|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4331|_[ + ] More details:: / - / , ISP:
4332|_[ + ] Found:: UNIDENTIFIED
4333
4334 _[ - ]::--------------------------------------------------------------------------------------------------------------
4335|_[ + ] [ 13 / 100 ]-[19:22:39] [ - ]
4336|_[ + ] Target:: [ http://www.two-elfs.com/videohtml/video105.html ]
4337|_[ + ] Exploit::
4338|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4339|_[ + ] More details:: / - / , ISP:
4340|_[ + ] Found:: UNIDENTIFIED
4341
4342 _[ - ]::--------------------------------------------------------------------------------------------------------------
4343|_[ + ] [ 14 / 100 ]-[19:22:40] [ - ]
4344|_[ + ] Target:: [ http://two-elfs.com/videohtml/video146.html ]
4345|_[ + ] Exploit::
4346|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4347|_[ + ] More details:: / - / , ISP:
4348|_[ + ] Found:: UNIDENTIFIED
4349
4350 _[ - ]::--------------------------------------------------------------------------------------------------------------
4351|_[ + ] [ 15 / 100 ]-[19:22:42] [ - ]
4352|_[ + ] Target:: [ http://two-elfs.com/videohtml/video065.html ]
4353|_[ + ] Exploit::
4354|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4355|_[ + ] More details:: / - / , ISP:
4356|_[ + ] Found:: UNIDENTIFIED
4357
4358 _[ - ]::--------------------------------------------------------------------------------------------------------------
4359|_[ + ] [ 16 / 100 ]-[19:22:43] [ - ]
4360|_[ + ] Target:: [ http://two-elfs.com/videohtml/video127.html ]
4361|_[ + ] Exploit::
4362|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4363|_[ + ] More details:: / - / , ISP:
4364|_[ + ] Found:: UNIDENTIFIED
4365
4366 _[ - ]::--------------------------------------------------------------------------------------------------------------
4367|_[ + ] [ 17 / 100 ]-[19:22:45] [ - ]
4368|_[ + ] Target:: [ http://two-elfs.com/videohtml/video067.html ]
4369|_[ + ] Exploit::
4370|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4371|_[ + ] More details:: / - / , ISP:
4372|_[ + ] Found:: UNIDENTIFIED
4373
4374 _[ - ]::--------------------------------------------------------------------------------------------------------------
4375|_[ + ] [ 18 / 100 ]-[19:22:46] [ - ]
4376|_[ + ] Target:: [ http://www.two-elfs.com/videohtml/video027.html ]
4377|_[ + ] Exploit::
4378|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4379|_[ + ] More details:: / - / , ISP:
4380|_[ + ] Found:: UNIDENTIFIED
4381
4382 _[ - ]::--------------------------------------------------------------------------------------------------------------
4383|_[ + ] [ 19 / 100 ]-[19:22:47] [ - ]
4384|_[ + ] Target:: [ http://www.two-elfs.com/videohtml/video066.html ]
4385|_[ + ] Exploit::
4386|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4387|_[ + ] More details:: / - / , ISP:
4388|_[ + ] Found:: UNIDENTIFIED
4389
4390 _[ - ]::--------------------------------------------------------------------------------------------------------------
4391|_[ + ] [ 20 / 100 ]-[19:22:52] [ - ]
4392|_[ + ] Target:: [ http://www.two-elfs.com/videohtml/video096.html ]
4393|_[ + ] Exploit::
4394|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4395|_[ + ] More details:: / - / , ISP:
4396|_[ + ] Found:: UNIDENTIFIED
4397
4398 _[ - ]::--------------------------------------------------------------------------------------------------------------
4399|_[ + ] [ 21 / 100 ]-[19:22:54] [ - ]
4400|_[ + ] Target:: [ http://two-elfs.com/videohtml/video090.html ]
4401|_[ + ] Exploit::
4402|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4403|_[ + ] More details:: / - / , ISP:
4404|_[ + ] Found:: UNIDENTIFIED
4405
4406 _[ - ]::--------------------------------------------------------------------------------------------------------------
4407|_[ + ] [ 22 / 100 ]-[19:22:55] [ - ]
4408|_[ + ] Target:: [ http://two-elfs.com/videohtml/video125.html ]
4409|_[ + ] Exploit::
4410|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4411|_[ + ] More details:: / - / , ISP:
4412|_[ + ] Found:: UNIDENTIFIED
4413
4414 _[ - ]::--------------------------------------------------------------------------------------------------------------
4415|_[ + ] [ 23 / 100 ]-[19:22:57] [ - ]
4416|_[ + ] Target:: [ http://two-elfs.com/videohtml/video155.html ]
4417|_[ + ] Exploit::
4418|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4419|_[ + ] More details:: / - / , ISP:
4420|_[ + ] Found:: UNIDENTIFIED
4421
4422 _[ - ]::--------------------------------------------------------------------------------------------------------------
4423|_[ + ] [ 24 / 100 ]-[19:22:59] [ - ]
4424|_[ + ] Target:: [ http://www.two-elfs.com/videohtml/video047.html ]
4425|_[ + ] Exploit::
4426|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4427|_[ + ] More details:: / - / , ISP:
4428|_[ + ] Found:: UNIDENTIFIED
4429
4430 _[ - ]::--------------------------------------------------------------------------------------------------------------
4431|_[ + ] [ 25 / 100 ]-[19:23:00] [ - ]
4432|_[ + ] Target:: [ http://two-elfs.com/videohtml/video116.html ]
4433|_[ + ] Exploit::
4434|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4435|_[ + ] More details:: / - / , ISP:
4436|_[ + ] Found:: UNIDENTIFIED
4437
4438 _[ - ]::--------------------------------------------------------------------------------------------------------------
4439|_[ + ] [ 26 / 100 ]-[19:23:02] [ - ]
4440|_[ + ] Target:: [ http://www.two-elfs.com/videohtml/video085.html ]
4441|_[ + ] Exploit::
4442|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4443|_[ + ] More details:: / - / , ISP:
4444|_[ + ] Found:: UNIDENTIFIED
4445
4446 _[ - ]::--------------------------------------------------------------------------------------------------------------
4447|_[ + ] [ 27 / 100 ]-[19:23:03] [ - ]
4448|_[ + ] Target:: [ http://two-elfs.com/videohtml/video056.html ]
4449|_[ + ] Exploit::
4450|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4451|_[ + ] More details:: / - / , ISP:
4452|_[ + ] Found:: UNIDENTIFIED
4453
4454 _[ - ]::--------------------------------------------------------------------------------------------------------------
4455|_[ + ] [ 28 / 100 ]-[19:23:05] [ - ]
4456|_[ + ] Target:: [ http://www.two-elfs.com/videohtml/video004.html ]
4457|_[ + ] Exploit::
4458|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4459|_[ + ] More details:: / - / , ISP:
4460|_[ + ] Found:: UNIDENTIFIED
4461
4462 _[ - ]::--------------------------------------------------------------------------------------------------------------
4463|_[ + ] [ 29 / 100 ]-[19:23:06] [ - ]
4464|_[ + ] Target:: [ http://two-elfs.com/videohtml/video040.html ]
4465|_[ + ] Exploit::
4466|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4467|_[ + ] More details:: / - / , ISP:
4468|_[ + ] Found:: UNIDENTIFIED
4469
4470 _[ - ]::--------------------------------------------------------------------------------------------------------------
4471|_[ + ] [ 30 / 100 ]-[19:23:08] [ - ]
4472|_[ + ] Target:: [ http://two-elfs.com/videohtml/video084.html ]
4473|_[ + ] Exploit::
4474|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4475|_[ + ] More details:: / - / , ISP:
4476|_[ + ] Found:: UNIDENTIFIED
4477
4478 _[ - ]::--------------------------------------------------------------------------------------------------------------
4479|_[ + ] [ 31 / 100 ]-[19:23:09] [ - ]
4480|_[ + ] Target:: [ http://two-elfs.com/videohtml/video016.html ]
4481|_[ + ] Exploit::
4482|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4483|_[ + ] More details:: / - / , ISP:
4484|_[ + ] Found:: UNIDENTIFIED
4485
4486 _[ - ]::--------------------------------------------------------------------------------------------------------------
4487|_[ + ] [ 32 / 100 ]-[19:23:11] [ - ]
4488|_[ + ] Target:: [ http://two-elfs.com/videohtml/video025.html ]
4489|_[ + ] Exploit::
4490|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4491|_[ + ] More details:: / - / , ISP:
4492|_[ + ] Found:: UNIDENTIFIED
4493
4494 _[ - ]::--------------------------------------------------------------------------------------------------------------
4495|_[ + ] [ 33 / 100 ]-[19:23:13] [ - ]
4496|_[ + ] Target:: [ http://two-elfs.com/videohtml/video082.html ]
4497|_[ + ] Exploit::
4498|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4499|_[ + ] More details:: / - / , ISP:
4500|_[ + ] Found:: UNIDENTIFIED
4501
4502 _[ - ]::--------------------------------------------------------------------------------------------------------------
4503|_[ + ] [ 34 / 100 ]-[19:23:14] [ - ]
4504|_[ + ] Target:: [ http://two-elfs.com/videohtml/video108.html ]
4505|_[ + ] Exploit::
4506|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4507|_[ + ] More details:: / - / , ISP:
4508|_[ + ] Found:: UNIDENTIFIED
4509
4510 _[ - ]::--------------------------------------------------------------------------------------------------------------
4511|_[ + ] [ 35 / 100 ]-[19:23:16] [ - ]
4512|_[ + ] Target:: [ http://www.two-elfs.com/videohtml/video124.html ]
4513|_[ + ] Exploit::
4514|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4515|_[ + ] More details:: / - / , ISP:
4516|_[ + ] Found:: UNIDENTIFIED
4517
4518 _[ - ]::--------------------------------------------------------------------------------------------------------------
4519|_[ + ] [ 36 / 100 ]-[19:23:17] [ - ]
4520|_[ + ] Target:: [ http://two-elfs.com/videohtml/video044.html ]
4521|_[ + ] Exploit::
4522|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4523|_[ + ] More details:: / - / , ISP:
4524|_[ + ] Found:: UNIDENTIFIED
4525
4526 _[ - ]::--------------------------------------------------------------------------------------------------------------
4527|_[ + ] [ 37 / 100 ]-[19:23:19] [ - ]
4528|_[ + ] Target:: [ http://www.two-elfs.com/videohtml/video136.html ]
4529|_[ + ] Exploit::
4530|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4531|_[ + ] More details:: / - / , ISP:
4532|_[ + ] Found:: UNIDENTIFIED
4533
4534 _[ - ]::--------------------------------------------------------------------------------------------------------------
4535|_[ + ] [ 38 / 100 ]-[19:23:20] [ - ]
4536|_[ + ] Target:: [ http://www.two-elfs.com/videohtml/video102.html ]
4537|_[ + ] Exploit::
4538|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4539|_[ + ] More details:: / - / , ISP:
4540|_[ + ] Found:: UNIDENTIFIED
4541
4542 _[ - ]::--------------------------------------------------------------------------------------------------------------
4543|_[ + ] [ 39 / 100 ]-[19:23:22] [ - ]
4544|_[ + ] Target:: [ http://two-elfs.com/videohtml/video099.html ]
4545|_[ + ] Exploit::
4546|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4547|_[ + ] More details:: / - / , ISP:
4548|_[ + ] Found:: UNIDENTIFIED
4549
4550 _[ - ]::--------------------------------------------------------------------------------------------------------------
4551|_[ + ] [ 40 / 100 ]-[19:23:24] [ - ]
4552|_[ + ] Target:: [ http://two-elfs.com/videohtml/video118.html ]
4553|_[ + ] Exploit::
4554|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4555|_[ + ] More details:: / - / , ISP:
4556|_[ + ] Found:: UNIDENTIFIED
4557
4558 _[ - ]::--------------------------------------------------------------------------------------------------------------
4559|_[ + ] [ 41 / 100 ]-[19:23:25] [ - ]
4560|_[ + ] Target:: [ http://two-elfs.com/videohtml/video098.html ]
4561|_[ + ] Exploit::
4562|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4563|_[ + ] More details:: / - / , ISP:
4564|_[ + ] Found:: UNIDENTIFIED
4565
4566 _[ - ]::--------------------------------------------------------------------------------------------------------------
4567|_[ + ] [ 42 / 100 ]-[19:23:27] [ - ]
4568|_[ + ] Target:: [ http://www.two-elfs.com/videohtml/video009.html ]
4569|_[ + ] Exploit::
4570|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4571|_[ + ] More details:: / - / , ISP:
4572|_[ + ] Found:: UNIDENTIFIED
4573
4574 _[ - ]::--------------------------------------------------------------------------------------------------------------
4575|_[ + ] [ 43 / 100 ]-[19:23:28] [ - ]
4576|_[ + ] Target:: [ http://two-elfs.com/videohtml/video026.html ]
4577|_[ + ] Exploit::
4578|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4579|_[ + ] More details:: / - / , ISP:
4580|_[ + ] Found:: UNIDENTIFIED
4581
4582 _[ - ]::--------------------------------------------------------------------------------------------------------------
4583|_[ + ] [ 44 / 100 ]-[19:23:30] [ - ]
4584|_[ + ] Target:: [ http://two-elfs.com/videohtml/video101.html ]
4585|_[ + ] Exploit::
4586|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4587|_[ + ] More details:: / - / , ISP:
4588|_[ + ] Found:: UNIDENTIFIED
4589
4590 _[ - ]::--------------------------------------------------------------------------------------------------------------
4591|_[ + ] [ 45 / 100 ]-[19:23:31] [ - ]
4592|_[ + ] Target:: [ http://two-elfs.com/videohtml/video112.html ]
4593|_[ + ] Exploit::
4594|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4595|_[ + ] More details:: / - / , ISP:
4596|_[ + ] Found:: UNIDENTIFIED
4597
4598 _[ - ]::--------------------------------------------------------------------------------------------------------------
4599|_[ + ] [ 46 / 100 ]-[19:23:33] [ - ]
4600|_[ + ] Target:: [ http://two-elfs.com/videohtml/video152.html ]
4601|_[ + ] Exploit::
4602|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4603|_[ + ] More details:: / - / , ISP:
4604|_[ + ] Found:: UNIDENTIFIED
4605
4606 _[ - ]::--------------------------------------------------------------------------------------------------------------
4607|_[ + ] [ 47 / 100 ]-[19:23:34] [ - ]
4608|_[ + ] Target:: [ http://two-elfs.com/videohtml/video014.html ]
4609|_[ + ] Exploit::
4610|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4611|_[ + ] More details:: / - / , ISP:
4612|_[ + ] Found:: UNIDENTIFIED
4613
4614 _[ - ]::--------------------------------------------------------------------------------------------------------------
4615|_[ + ] [ 48 / 100 ]-[19:23:36] [ - ]
4616|_[ + ] Target:: [ http://two-elfs.com/videohtml/video109.html ]
4617|_[ + ] Exploit::
4618|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4619|_[ + ] More details:: / - / , ISP:
4620|_[ + ] Found:: UNIDENTIFIED
4621
4622 _[ - ]::--------------------------------------------------------------------------------------------------------------
4623|_[ + ] [ 49 / 100 ]-[19:23:38] [ - ]
4624|_[ + ] Target:: [ http://two-elfs.com/videohtml/video080.html ]
4625|_[ + ] Exploit::
4626|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4627|_[ + ] More details:: / - / , ISP:
4628|_[ + ] Found:: UNIDENTIFIED
4629
4630 _[ - ]::--------------------------------------------------------------------------------------------------------------
4631|_[ + ] [ 50 / 100 ]-[19:23:39] [ - ]
4632|_[ + ] Target:: [ http://two-elfs.com/videohtml/video055.html ]
4633|_[ + ] Exploit::
4634|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4635|_[ + ] More details:: / - / , ISP:
4636|_[ + ] Found:: UNIDENTIFIED
4637
4638 _[ - ]::--------------------------------------------------------------------------------------------------------------
4639|_[ + ] [ 51 / 100 ]-[19:23:41] [ - ]
4640|_[ + ] Target:: [ http://www.two-elfs.com/videohtml/video154.html ]
4641|_[ + ] Exploit::
4642|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4643|_[ + ] More details:: / - / , ISP:
4644|_[ + ] Found:: UNIDENTIFIED
4645
4646 _[ - ]::--------------------------------------------------------------------------------------------------------------
4647|_[ + ] [ 52 / 100 ]-[19:23:42] [ - ]
4648|_[ + ] Target:: [ http://two-elfs.com/videohtml/video114.html ]
4649|_[ + ] Exploit::
4650|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4651|_[ + ] More details:: / - / , ISP:
4652|_[ + ] Found:: UNIDENTIFIED
4653
4654 _[ - ]::--------------------------------------------------------------------------------------------------------------
4655|_[ + ] [ 53 / 100 ]-[19:23:44] [ - ]
4656|_[ + ] Target:: [ http://two-elfs.com/videohtml/video054.html ]
4657|_[ + ] Exploit::
4658|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4659|_[ + ] More details:: / - / , ISP:
4660|_[ + ] Found:: UNIDENTIFIED
4661
4662 _[ - ]::--------------------------------------------------------------------------------------------------------------
4663|_[ + ] [ 54 / 100 ]-[19:23:45] [ - ]
4664|_[ + ] Target:: [ http://two-elfs.com/videohtml/video021.html ]
4665|_[ + ] Exploit::
4666|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4667|_[ + ] More details:: / - / , ISP:
4668|_[ + ] Found:: UNIDENTIFIED
4669
4670 _[ - ]::--------------------------------------------------------------------------------------------------------------
4671|_[ + ] [ 55 / 100 ]-[19:23:47] [ - ]
4672|_[ + ] Target:: [ http://www.two-elfs.com/videohtml/video079.html ]
4673|_[ + ] Exploit::
4674|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4675|_[ + ] More details:: / - / , ISP:
4676|_[ + ] Found:: UNIDENTIFIED
4677
4678 _[ - ]::--------------------------------------------------------------------------------------------------------------
4679|_[ + ] [ 56 / 100 ]-[19:23:48] [ - ]
4680|_[ + ] Target:: [ http://www.two-elfs.com/videohtml/video049.html ]
4681|_[ + ] Exploit::
4682|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4683|_[ + ] More details:: / - / , ISP:
4684|_[ + ] Found:: UNIDENTIFIED
4685
4686 _[ - ]::--------------------------------------------------------------------------------------------------------------
4687|_[ + ] [ 57 / 100 ]-[19:23:50] [ - ]
4688|_[ + ] Target:: [ http://two-elfs.com/videohtml/video142.html ]
4689|_[ + ] Exploit::
4690|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4691|_[ + ] More details:: / - / , ISP:
4692|_[ + ] Found:: UNIDENTIFIED
4693
4694 _[ - ]::--------------------------------------------------------------------------------------------------------------
4695|_[ + ] [ 58 / 100 ]-[19:23:51] [ - ]
4696|_[ + ] Target:: [ http://two-elfs.com/videohtml/video157.html ]
4697|_[ + ] Exploit::
4698|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4699|_[ + ] More details:: / - / , ISP:
4700|_[ + ] Found:: UNIDENTIFIED
4701
4702 _[ - ]::--------------------------------------------------------------------------------------------------------------
4703|_[ + ] [ 59 / 100 ]-[19:23:53] [ - ]
4704|_[ + ] Target:: [ http://two-elfs.com/videohtml/video039.html ]
4705|_[ + ] Exploit::
4706|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4707|_[ + ] More details:: / - / , ISP:
4708|_[ + ] Found:: UNIDENTIFIED
4709
4710 _[ - ]::--------------------------------------------------------------------------------------------------------------
4711|_[ + ] [ 60 / 100 ]-[19:23:55] [ - ]
4712|_[ + ] Target:: [ http://www.two-elfs.com/videohtml/video050.html ]
4713|_[ + ] Exploit::
4714|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4715|_[ + ] More details:: / - / , ISP:
4716|_[ + ] Found:: UNIDENTIFIED
4717
4718 _[ - ]::--------------------------------------------------------------------------------------------------------------
4719|_[ + ] [ 61 / 100 ]-[19:23:56] [ - ]
4720|_[ + ] Target:: [ http://two-elfs.com/videohtml/video103.html ]
4721|_[ + ] Exploit::
4722|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4723|_[ + ] More details:: / - / , ISP:
4724|_[ + ] Found:: UNIDENTIFIED
4725
4726 _[ - ]::--------------------------------------------------------------------------------------------------------------
4727|_[ + ] [ 62 / 100 ]-[19:23:58] [ - ]
4728|_[ + ] Target:: [ http://two-elfs.com/videohtml/video153.html ]
4729|_[ + ] Exploit::
4730|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4731|_[ + ] More details:: / - / , ISP:
4732|_[ + ] Found:: UNIDENTIFIED
4733
4734 _[ - ]::--------------------------------------------------------------------------------------------------------------
4735|_[ + ] [ 63 / 100 ]-[19:23:59] [ - ]
4736|_[ + ] Target:: [ http://two-elfs.com/videohtml/video028.html ]
4737|_[ + ] Exploit::
4738|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4739|_[ + ] More details:: / - / , ISP:
4740|_[ + ] Found:: UNIDENTIFIED
4741
4742 _[ - ]::--------------------------------------------------------------------------------------------------------------
4743|_[ + ] [ 64 / 100 ]-[19:24:01] [ - ]
4744|_[ + ] Target:: [ http://two-elfs.com/videohtml/video008.html ]
4745|_[ + ] Exploit::
4746|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4747|_[ + ] More details:: / - / , ISP:
4748|_[ + ] Found:: UNIDENTIFIED
4749
4750 _[ - ]::--------------------------------------------------------------------------------------------------------------
4751|_[ + ] [ 65 / 100 ]-[19:24:03] [ - ]
4752|_[ + ] Target:: [ http://www.two-elfs.com/videohtml/video035.html ]
4753|_[ + ] Exploit::
4754|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4755|_[ + ] More details:: / - / , ISP:
4756|_[ + ] Found:: UNIDENTIFIED
4757
4758 _[ - ]::--------------------------------------------------------------------------------------------------------------
4759|_[ + ] [ 66 / 100 ]-[19:24:04] [ - ]
4760|_[ + ] Target:: [ http://two-elfs.com/videohtml/video020.html ]
4761|_[ + ] Exploit::
4762|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4763|_[ + ] More details:: / - / , ISP:
4764|_[ + ] Found:: UNIDENTIFIED
4765
4766 _[ - ]::--------------------------------------------------------------------------------------------------------------
4767|_[ + ] [ 67 / 100 ]-[19:24:06] [ - ]
4768|_[ + ] Target:: [ http://www.two-elfs.com/videohtml/video010.html ]
4769|_[ + ] Exploit::
4770|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4771|_[ + ] More details:: / - / , ISP:
4772|_[ + ] Found:: UNIDENTIFIED
4773
4774 _[ - ]::--------------------------------------------------------------------------------------------------------------
4775|_[ + ] [ 68 / 100 ]-[19:24:07] [ - ]
4776|_[ + ] Target:: [ http://www.two-elfs.com/videohtml/video135.html ]
4777|_[ + ] Exploit::
4778|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4779|_[ + ] More details:: / - / , ISP:
4780|_[ + ] Found:: UNIDENTIFIED
4781
4782 _[ - ]::--------------------------------------------------------------------------------------------------------------
4783|_[ + ] [ 69 / 100 ]-[19:24:08] [ - ]
4784|_[ + ] Target:: [ http://www.two-elfs.com/videohtml/video129.html ]
4785|_[ + ] Exploit::
4786|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4787|_[ + ] More details:: / - / , ISP:
4788|_[ + ] Found:: UNIDENTIFIED
4789
4790 _[ - ]::--------------------------------------------------------------------------------------------------------------
4791|_[ + ] [ 70 / 100 ]-[19:24:10] [ - ]
4792|_[ + ] Target:: [ http://two-elfs.com/videohtml/video138.html ]
4793|_[ + ] Exploit::
4794|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4795|_[ + ] More details:: / - / , ISP:
4796|_[ + ] Found:: UNIDENTIFIED
4797
4798 _[ - ]::--------------------------------------------------------------------------------------------------------------
4799|_[ + ] [ 71 / 100 ]-[19:24:11] [ - ]
4800|_[ + ] Target:: [ http://two-elfs.com/videohtml/video032.html ]
4801|_[ + ] Exploit::
4802|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4803|_[ + ] More details:: / - / , ISP:
4804|_[ + ] Found:: UNIDENTIFIED
4805
4806 _[ - ]::--------------------------------------------------------------------------------------------------------------
4807|_[ + ] [ 72 / 100 ]-[19:24:13] [ - ]
4808|_[ + ] Target:: [ http://two-elfs.com/videohtml/video113.html ]
4809|_[ + ] Exploit::
4810|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4811|_[ + ] More details:: / - / , ISP:
4812|_[ + ] Found:: UNIDENTIFIED
4813
4814 _[ - ]::--------------------------------------------------------------------------------------------------------------
4815|_[ + ] [ 73 / 100 ]-[19:24:14] [ - ]
4816|_[ + ] Target:: [ http://www.two-elfs.com/videohtml/video059.html ]
4817|_[ + ] Exploit::
4818|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4819|_[ + ] More details:: / - / , ISP:
4820|_[ + ] Found:: UNIDENTIFIED
4821
4822 _[ - ]::--------------------------------------------------------------------------------------------------------------
4823|_[ + ] [ 74 / 100 ]-[19:24:16] [ - ]
4824|_[ + ] Target:: [ http://two-elfs.com/videohtml/video037.html ]
4825|_[ + ] Exploit::
4826|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4827|_[ + ] More details:: / - / , ISP:
4828|_[ + ] Found:: UNIDENTIFIED
4829
4830 _[ - ]::--------------------------------------------------------------------------------------------------------------
4831|_[ + ] [ 75 / 100 ]-[19:24:18] [ - ]
4832|_[ + ] Target:: [ http://two-elfs.com/videohtml/video019.html ]
4833|_[ + ] Exploit::
4834|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4835|_[ + ] More details:: / - / , ISP:
4836|_[ + ] Found:: UNIDENTIFIED
4837
4838 _[ - ]::--------------------------------------------------------------------------------------------------------------
4839|_[ + ] [ 76 / 100 ]-[19:24:19] [ - ]
4840|_[ + ] Target:: [ http://two-elfs.com/videohtml/video087.html ]
4841|_[ + ] Exploit::
4842|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4843|_[ + ] More details:: / - / , ISP:
4844|_[ + ] Found:: UNIDENTIFIED
4845
4846 _[ - ]::--------------------------------------------------------------------------------------------------------------
4847|_[ + ] [ 77 / 100 ]-[19:24:21] [ - ]
4848|_[ + ] Target:: [ http://two-elfs.com/videohtml/video007.html ]
4849|_[ + ] Exploit::
4850|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4851|_[ + ] More details:: / - / , ISP:
4852|_[ + ] Found:: UNIDENTIFIED
4853
4854 _[ - ]::--------------------------------------------------------------------------------------------------------------
4855|_[ + ] [ 78 / 100 ]-[19:24:22] [ - ]
4856|_[ + ] Target:: [ http://two-elfs.com/videohtml/video045.html ]
4857|_[ + ] Exploit::
4858|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4859|_[ + ] More details:: / - / , ISP:
4860|_[ + ] Found:: UNIDENTIFIED
4861
4862 _[ - ]::--------------------------------------------------------------------------------------------------------------
4863|_[ + ] [ 79 / 100 ]-[19:24:24] [ - ]
4864|_[ + ] Target:: [ http://two-elfs.com/videohtml/video110.html ]
4865|_[ + ] Exploit::
4866|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4867|_[ + ] More details:: / - / , ISP:
4868|_[ + ] Found:: UNIDENTIFIED
4869
4870 _[ - ]::--------------------------------------------------------------------------------------------------------------
4871|_[ + ] [ 80 / 100 ]-[19:24:25] [ - ]
4872|_[ + ] Target:: [ http://www.two-elfs.com/videohtml/video121.html ]
4873|_[ + ] Exploit::
4874|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4875|_[ + ] More details:: / - / , ISP:
4876|_[ + ] Found:: UNIDENTIFIED
4877
4878 _[ - ]::--------------------------------------------------------------------------------------------------------------
4879|_[ + ] [ 81 / 100 ]-[19:24:27] [ - ]
4880|_[ + ] Target:: [ http://www.two-elfs.com/videohtml/video018.html ]
4881|_[ + ] Exploit::
4882|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4883|_[ + ] More details:: / - / , ISP:
4884|_[ + ] Found:: UNIDENTIFIED
4885
4886 _[ - ]::--------------------------------------------------------------------------------------------------------------
4887|_[ + ] [ 82 / 100 ]-[19:24:28] [ - ]
4888|_[ + ] Target:: [ http://www.two-elfs.com/videohtml/video068.html ]
4889|_[ + ] Exploit::
4890|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4891|_[ + ] More details:: / - / , ISP:
4892|_[ + ] Found:: UNIDENTIFIED
4893
4894 _[ - ]::--------------------------------------------------------------------------------------------------------------
4895|_[ + ] [ 83 / 100 ]-[19:24:30] [ - ]
4896|_[ + ] Target:: [ http://two-elfs.com/videohtml/video141.html ]
4897|_[ + ] Exploit::
4898|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4899|_[ + ] More details:: / - / , ISP:
4900|_[ + ] Found:: UNIDENTIFIED
4901
4902 _[ - ]::--------------------------------------------------------------------------------------------------------------
4903|_[ + ] [ 84 / 100 ]-[19:24:31] [ - ]
4904|_[ + ] Target:: [ http://two-elfs.com/videohtml/video033.html ]
4905|_[ + ] Exploit::
4906|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4907|_[ + ] More details:: / - / , ISP:
4908|_[ + ] Found:: UNIDENTIFIED
4909
4910 _[ - ]::--------------------------------------------------------------------------------------------------------------
4911|_[ + ] [ 85 / 100 ]-[19:24:33] [ - ]
4912|_[ + ] Target:: [ http://two-elfs.com/videohtml/video094.html ]
4913|_[ + ] Exploit::
4914|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4915|_[ + ] More details:: / - / , ISP:
4916|_[ + ] Found:: UNIDENTIFIED
4917
4918 _[ - ]::--------------------------------------------------------------------------------------------------------------
4919|_[ + ] [ 86 / 100 ]-[19:24:35] [ - ]
4920|_[ + ] Target:: [ http://two-elfs.com/videohtml/video060.html ]
4921|_[ + ] Exploit::
4922|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4923|_[ + ] More details:: / - / , ISP:
4924|_[ + ] Found:: UNIDENTIFIED
4925
4926 _[ - ]::--------------------------------------------------------------------------------------------------------------
4927|_[ + ] [ 87 / 100 ]-[19:24:36] [ - ]
4928|_[ + ] Target:: [ http://two-elfs.com/videohtml/video143.html ]
4929|_[ + ] Exploit::
4930|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4931|_[ + ] More details:: / - / , ISP:
4932|_[ + ] Found:: UNIDENTIFIED
4933
4934 _[ - ]::--------------------------------------------------------------------------------------------------------------
4935|_[ + ] [ 88 / 100 ]-[19:24:38] [ - ]
4936|_[ + ] Target:: [ http://two-elfs.com/videohtml/video071.html ]
4937|_[ + ] Exploit::
4938|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4939|_[ + ] More details:: / - / , ISP:
4940|_[ + ] Found:: UNIDENTIFIED
4941
4942 _[ - ]::--------------------------------------------------------------------------------------------------------------
4943|_[ + ] [ 89 / 100 ]-[19:24:39] [ - ]
4944|_[ + ] Target:: [ http://two-elfs.com/videohtml/video148.html ]
4945|_[ + ] Exploit::
4946|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4947|_[ + ] More details:: / - / , ISP:
4948|_[ + ] Found:: UNIDENTIFIED
4949
4950 _[ - ]::--------------------------------------------------------------------------------------------------------------
4951|_[ + ] [ 90 / 100 ]-[19:24:41] [ - ]
4952|_[ + ] Target:: [ http://two-elfs.com/videohtml/video104.html ]
4953|_[ + ] Exploit::
4954|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4955|_[ + ] More details:: / - / , ISP:
4956|_[ + ] Found:: UNIDENTIFIED
4957
4958 _[ - ]::--------------------------------------------------------------------------------------------------------------
4959|_[ + ] [ 91 / 100 ]-[19:24:42] [ - ]
4960|_[ + ] Target:: [ http://two-elfs.com/videohtml/video089.html ]
4961|_[ + ] Exploit::
4962|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4963|_[ + ] More details:: / - / , ISP:
4964|_[ + ] Found:: UNIDENTIFIED
4965
4966 _[ - ]::--------------------------------------------------------------------------------------------------------------
4967|_[ + ] [ 92 / 100 ]-[19:24:44] [ - ]
4968|_[ + ] Target:: [ http://two-elfs.com/videohtml/video061.html ]
4969|_[ + ] Exploit::
4970|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4971|_[ + ] More details:: / - / , ISP:
4972|_[ + ] Found:: UNIDENTIFIED
4973
4974 _[ - ]::--------------------------------------------------------------------------------------------------------------
4975|_[ + ] [ 93 / 100 ]-[19:24:45] [ - ]
4976|_[ + ] Target:: [ http://www.two-elfs.com/videohtml/video134.html ]
4977|_[ + ] Exploit::
4978|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4979|_[ + ] More details:: / - / , ISP:
4980|_[ + ] Found:: UNIDENTIFIED
4981
4982 _[ - ]::--------------------------------------------------------------------------------------------------------------
4983|_[ + ] [ 94 / 100 ]-[19:24:47] [ - ]
4984|_[ + ] Target:: [ http://two-elfs.com/videohtml/video128.html ]
4985|_[ + ] Exploit::
4986|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4987|_[ + ] More details:: / - / , ISP:
4988|_[ + ] Found:: UNIDENTIFIED
4989
4990 _[ - ]::--------------------------------------------------------------------------------------------------------------
4991|_[ + ] [ 95 / 100 ]-[19:24:48] [ - ]
4992|_[ + ] Target:: [ http://two-elfs.com/videohtml/video151.html ]
4993|_[ + ] Exploit::
4994|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
4995|_[ + ] More details:: / - / , ISP:
4996|_[ + ] Found:: UNIDENTIFIED
4997
4998 _[ - ]::--------------------------------------------------------------------------------------------------------------
4999|_[ + ] [ 96 / 100 ]-[19:24:49] [ - ]
5000|_[ + ] Target:: [ http://two-elfs.com/videohtml/video069.html ]
5001|_[ + ] Exploit::
5002|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
5003|_[ + ] More details:: / - / , ISP:
5004|_[ + ] Found:: UNIDENTIFIED
5005
5006 _[ - ]::--------------------------------------------------------------------------------------------------------------
5007|_[ + ] [ 97 / 100 ]-[19:24:51] [ - ]
5008|_[ + ] Target:: [ http://two-elfs.com/videohtml/video097.html ]
5009|_[ + ] Exploit::
5010|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
5011|_[ + ] More details:: / - / , ISP:
5012|_[ + ] Found:: UNIDENTIFIED
5013
5014 _[ - ]::--------------------------------------------------------------------------------------------------------------
5015|_[ + ] [ 98 / 100 ]-[19:24:53] [ - ]
5016|_[ + ] Target:: [ http://two-elfs.com/videohtml/video006.html ]
5017|_[ + ] Exploit::
5018|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
5019|_[ + ] More details:: / - / , ISP:
5020|_[ + ] Found:: UNIDENTIFIED
5021
5022 _[ - ]::--------------------------------------------------------------------------------------------------------------
5023|_[ + ] [ 99 / 100 ]-[19:24:54] [ - ]
5024|_[ + ] Target:: [ http://www.two-elfs.com/videohtml/video034.html ]
5025|_[ + ] Exploit::
5026|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3, IP:94.102.49.234:80
5027|_[ + ] More details:: / - / , ISP:
5028|_[ + ] Found:: UNIDENTIFIED
5029
5030[ INFO ] [ Shutting down ]
5031[ INFO ] [ End of process INURLBR at [06-11-2019 19:24:54]
5032[ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
5033[ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/loot/workspace/two-elfs.com/output/inurlbr-two-elfs.com ]
5034|_________________________________________________________________________________________
5035
5036\_________________________________________________________________________________________/
5037#######################################################################################################################################
5038tee: /usr/share/sniper/loot/workspace/two-elfs.com/output/nmap-two-elfs.com-port123.txt: Aucun fichier ou dossier de ce type
5039Starting Nmap 7.80 ( https://nmap.org ) at 2019-11-06 19:25 EST
5040Nmap scan report for two-elfs.com (94.102.49.234)
5041Host is up (0.17s latency).
5042rDNS record for 94.102.49.234: no-reverse-dns-configured.com
5043
5044PORT STATE SERVICE VERSION
5045123/udp open ntp NTP v4 (secondary server)
5046| ntp-info:
5047|_ receive time stamp: 2019-11-07T00:25:32
5048| vulscan: VulDB - https://vuldb.com:
5049| [133843] ntp Port unknown vulnerability
5050| [128043] InfoVista VistaPortal SE 5.1 EditCurrentPresentSpace.jsp Parameter cross site scripting
5051| [128042] InfoVista VistaPortal SE 5.1 EditCurrentPool.jsp Parameter cross site scripting
5052| [128036] InfoVista VistaPortal SE 5.1 EditCurrentPresentSpace.jsp Parameter cross site scripting
5053| [105145] ntp up to 4.2.8p2-RC1/4.3.11 on Big Endian MD5 Key Generator ntp-keygen.c Variable weak encryption
5054| [96331] OpenNTPD up to 6.0 CN Validator weak authentication
5055| [95322] ntpd up to 4.2.8p8 Initial Sync Calculation unknown vulnerability
5056| [89036] Microsoft Windows up to Vista SP2 Print Spooler ntprint.dll PSetupDownloadAndInstallLegacyDriver privilege escalation
5057| [89035] Microsoft Windows up to Vista SP2 Print Spooler ntprint.dll PSetupDownloadAndInstallLegacyDriver memory corruption
5058| [87754] ntpd up to 4.2.8p7 Crypto-NAK Packet valid_NAK denial of service
5059| [87751] ntpd up to 4.2.8p7 Validation ntp_proto.c receive privilege escalation
5060| [60308] UTC Fire & Security GE-MC100-NTP/GPS-ZB Hardcoded Credentials unknown vulnerability
5061| [91177] WebTitan Appliance v3.50.x NTP Server Persistent cross site scripting
5062| [3368] Microsoft Windows up to Vista NNTP Response Heap-based memory corruption
5063| [141110] Cisco NX-OS ntp Packet Flooding denial of service
5064| [139263] Polycom Obihai Obi1022 5.1.11 NTP POST Request command injection
5065| [138862] Terracotta Quartz Scheduler up to 2.3.0 XML Data XMLSchedulingDataProcessor.java initDocumentParser XML External Entity
5066| [136554] Foxit Reader SDK Professsional 5.4.0.1031 Textbox IReader_ContentProvider PDF File memory corruption
5067| [136165] Foxit Reader SDK Professsional 5.4.0.1031 TextBox IReader_ContentProvider PDF File memory corruption
5068| [135088] ntp up to 4.2.8p12 NULL Pointer Dereference denial of service
5069| [131170] D-Link DIR-825 Rev.B 2.10 ntp_sync.cgi POST Request privilege escalation
5070| [129795] NTPsec up to 1.1.2 ntpd ntp_control.c denial of service
5071| [129794] NTPsec up to 1.1.2 ntp_control.c process_control() memory corruption
5072| [129793] NTPsec up to 1.1.2 ntp_control.c read_sysvars memory corruption
5073| [129792] NTPsec up to 1.1.2 ntpd ntp_config.c Request memory corruption
5074| [128241] jco.ir Karma 6.0.0 ContentPlaceHolder1_uxTitle ArchiveNews.aspx Parameter sql injection
5075| [124080] D-Link DIR-816 A2 1.10 B05 /goform/NTPSyncWithHost handler Shell Metacharacter command injection
5076| [122955] btrfsmaintenance up to 0.4.1 evaluate_auto_mountpoint Code Execution
5077| [121557] NeoMutt Message Data nntp.c memory corruption
5078| [121556] NeoMutt newsrc.c nntp_add_group memory corruption
5079| [119727] ntp 4.2.8p11 ntpq/ntpdc Long String Stack-based memory corruption
5080| [118765] Apple iOS up to 11.3.1 FontParser memory corruption
5081| [118715] Apple watchOS up to 4.3.0 FontParser memory corruption
5082| [117884] Foxit Reader 9.0.0.29935 PrintParams memory corruption
5083| [117883] Foxit Reader 9.0.0.29935 PrintParams memory corruption
5084| [114231] ntp 4.2.8p6/4.2.8p7/4.2.8p8/4.2.8p9/4.2.8p10 Symmetric Mode decodearr memory corruption
5085| [114140] ntp up to 4.2.8p11 Protocol Engine Source IP Address denial of service
5086| [114139] ntp up to 4.2.8p11 ntpd Timestamp denial of service
5087| [114138] ntp up to 4.2.8p11 ntpd ctl_getitem Packet denial of service
5088| [114137] ntp up to 4.2.8p6/4.3.91 ntpd Sybil privilege escalation
5089| [111779] Wireshark up to 2.4.3 JSON/XML/NTP/XMPP/GDB epan/tvbparse.c denial of service
5090| [104358] ntp up to 4.2.7 ntpd ntpd/ntp_config.c denial of service
5091| [98857] Apple tvOS up to 10.1 FontParser information disclosure
5092| [98856] Apple tvOS up to 10.1 FontParser memory corruption
5093| [98855] Apple tvOS up to 10.1 FontParser memory corruption
5094| [98854] Apple tvOS up to 10.1 FontParser memory corruption
5095| [98823] Apple watchOS up to 3.1 FontParser Out-of-Bounds information disclosure
5096| [98822] Apple watchOS up to 3.1 FontParser memory corruption
5097| [98821] Apple watchOS up to 3.1 FontParser memory corruption
5098| [98820] Apple watchOS up to 3.1 FontParser memory corruption
5099| [98741] Apple iOS up to 10.2 FontParser Out-of-Bounds information disclosure
5100| [98740] Apple iOS up to 10.2 FontParser memory corruption
5101| [98739] Apple iOS up to 10.2 FontParser memory corruption
5102| [98738] Apple iOS up to 10.2 FontParser memory corruption
5103| [98630] Apple macOS up to 10.12.3 FontParser Out-of-Bounds memory corruption
5104| [98629] Apple macOS up to 10.12.3 FontParser memory corruption
5105| [98628] Apple macOS up to 10.12.3 FontParser memory corruption
5106| [98627] Apple macOS up to 10.12.3 FontParser memory corruption
5107| [98552] ntp up to 4.2.8p9 Timestamp Origin Check spoofing
5108| [98551] ntp up to 4.2.8p9 ntpq Stack-based memory corruption
5109| [98550] ntp up to 4.2.8p9 Legacy MX4200 refclock mx4200_send memory corruption
5110| [98549] ntp up to 4.2.8p9 ctl_put memory corruption
5111| [98548] ntp up to 4.2.8p9 on Windows Data Structure denial of service
5112| [98545] ntp up to 4.2.8p9 Config Directive Segmentation Fault denial of service
5113| [98543] ntp up to 4.2.8p9 Configuration Directive denial of service
5114| [97826] Joomla CMS com_frontpage sql injection
5115| [95890] Apple watchOS up to 3.1.2 FontParser memory corruption
5116| [95889] Apple watchOS up to 3.1.2 FontParser memory corruption
5117| [95334] ntpd up to 4.2.8p8 on Windows UDP Packet denial of service
5118| [95333] ntpd up to 4.2.8p8 NULL Pointer Dereference denial of service
5119| [95332] ntpd up to 4.2.8p8 Control Mode privilege escalation
5120| [95321] ntpd up to 4.2.8p8 Origin Timestamp Protection Bypass privilege escalation
5121| [95320] ntpd up to 4.2.8p8 Source denial of service
5122| [95319] ntpd up to 4.2.8p8 Broadcast Packet denial of service
5123| [95318] ntpd up to 4.2.8p8 Broadcast Mode Replay Prevention denial of service
5124| [95317] ntpd up to 4.2.8p8 Rate Limit spoofing denial of service
5125| [94382] Apple macOS up to 10.12.1 FontParser memory corruption
5126| [94381] Apple macOS up to 10.12.1 FontParser memory corruption
5127| [94255] Apple tvOS up to 10.0 FontParser memory corruption
5128| [94254] Apple tvOS up to 10.0 FontParser memory corruption
5129| [94180] Apple iOS up to 10.1.1 FontParser memory corruption
5130| [94179] Apple iOS up to 10.1.1 FontParser memory corruption
5131| [93993] BusyBox NTP Packet networking/ntpd.c recv_and_process_client_pkt denial of service
5132| [93745] ntpd up to 4.2.8p8/4.3.93 UDP Packet NULL Pointer Dereference denial of service
5133| [93087] Apple watchOS up to 3.0 FontParser User information disclosure
5134| [93076] Apple tvOS up to 10.0 FontParser Out-of-Bounds information disclosure
5135| [93064] Apple macOS 10.12.0 FontParser Out-of-Bounds information disclosure
5136| [93044] Apple iOS up to 10.0.3 FontParser Out-of-Bounds information disclosure
5137| [92853] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 NTP denial of service
5138| [92127] Apple tvOS up to 9.x FontParser Memory information disclosure
5139| [92108] Apple watchOS up to 2.x FontParser Memory information disclosure
5140| [92076] Apple macOS up to 10.11 FontParser memory corruption
5141| [91998] Apple iOS up to 10 FontParser memory corruption
5142| [91519] Microsoft Internet Explorer 9/10/11 MSHTML HandleStyleComponentProperty memory corruption
5143| [90452] Cisco IOS 15.5(3)S3/15.6(1)S2/15.6(2)S1/15.6(2)T1 NTP Interface Queue denial of service
5144| [88542] Meinberg IMS-LANTIME up to 6.20 NTP Time Server privilege escalation
5145| [88541] Meinberg IMS-LANTIME up to 6.20 NTP Time Server POST Request Stack-Based memory corruption
5146| [88540] Meinberg IMS-LANTIME up to 6.20 NTP Time Server POST Request Stack-Based memory corruption
5147| [87753] ntpd up to 4.2.8p7 Synchronization denial of service
5148| [87752] ntpd up to 4.2.8p7 Autokey denial of service
5149| [87750] ntpd up to 4.2.8p7 MAC denial of service
5150| [82989] ntp 4.2.8 ctl_getitem denial of service
5151| [82988] ntp 4.2.8 MATCH_ASSOC denial of service
5152| [82987] ntp 4.2.8 Trusted Key denial of service
5153| [82986] ntp 4.2.8 unconfig Directive denial of service
5154| [82985] ntp 4.2.8 IPv4 Bogon Packet privilege escalation
5155| [82983] ntp 4.2.8 Ephemeral Association privilege escalation
5156| [82982] ntp 4.2.8 ntpd Client privilege escalation
5157| [82981] ntp 4.2.8 Crypto NAK denial of service
5158| [82723] Cisco IOS/IOS XE ntp Time privilege escalation
5159| [81486] Apple iOS up to 9.2 FontParser memory corruption
5160| [81435] Apple Mac OS X up to 10.11.3 FontParser memory corruption
5161| [80654] ntp 4.2.8p5 ntpq Replay privilege escalation
5162| [80653] ntp 4.2.8p5 ntpq/ntpdc information disclosure
5163| [80652] ntp 4.2.8p5 ntpq Infinite Loop denial of service
5164| [80651] ntp 4.2.8p5 Origin Timestamp privilege escalation
5165| [80650] ntp 4.2.8p5 Authenticated Broadcast Mode privilege escalation
5166| [80649] ntp 4.2.8p5 reslist Command Stack-Based denial of service
5167| [80648] ntp 4.2.8p5 ntpdc NULL Pointer Dereference denial of service
5168| [80647] ntp 4.2.8p5 ntpq privilege escalation
5169| [80645] ntp 4.2.8p5 Key Checker spoofing
5170| [80644] ntp 4.2.8p5 Broadcast privilege escalation
5171| [78936] ntpd up to 4.2.8p5/4.3.78 ntp_crypto.c privilege escalation
5172| [78938] ntpd 4.2.8 sntp denial of service
5173| [78937] ntpd 4.2.8 logconfig Command Crash denial of service
5174| [78859] ntpd 4.2.8 autokey ntp_crypto.c denial of service
5175| [78858] ntpd 4.2.8 autokey ntp_crypto.c denial of service
5176| [78857] ntpd 4.2.8 ntp_crypto.c Extension Field denial of service
5177| [78856] ntpd 4.2.8 decodenetnum denial of service
5178| [78855] ntpd 4.2.8 KoD Packet denial of service
5179| [78854] ntpd 4.2.8 Rate Limit denial of service
5180| [78853] ntpd 4.2.8 Configuration Directive directory traversal
5181| [78852] ntpd 4.2.8 CRYPTO_ASSOC information disclosure
5182| [78851] ntpd 4.2.8 Private Mode Integer denial of service
5183| [78850] ntpd 4.2.8 Password Management Key File Use-After-Free memory corruption
5184| [78849] ntpd 4.2.8 Remote Configuration denial of service
5185| [78848] ntpd 4.2.8 URL Request save_config directory traversal
5186| [78847] ntpd 4.2.8 cookedprint memory corruption
5187| [78846] ntpd 4.2.8 refclock memory corruption
5188| [78845] ntpd 4.2.8 Password Management Heap-based memory corruption
5189| [78844] ntpd 4.2.8 Crypto-NAK Packet Logic privilege escalation
5190| [78808] Apple Mac OS X up to 10.11.0 FontParser Font File memory corruption
5191| [78807] Apple Mac OS X up to 10.11.0 FontParser Font File memory corruption
5192| [78806] Apple Mac OS X up to 10.11.0 FontParser Font File memory corruption
5193| [78805] Apple Mac OS X up to 10.11.0 FontParser Font File memory corruption
5194| [78804] Apple Mac OS X up to 10.11.0 FontParser Font File memory corruption
5195| [78803] Apple Mac OS X up to 10.11.0 FontParser Font File memory corruption
5196| [78802] Apple Mac OS X up to 10.11.0 FontParser Font File memory corruption
5197| [78801] Apple Mac OS X up to 10.11.0 FontParser Font File memory corruption
5198| [78800] Apple Mac OS X up to 10.11.0 FontParser Font File memory corruption
5199| [78799] Apple Mac OS X up to 10.11.0 FontParser Font File memory corruption
5200| [78798] Apple Mac OS X up to 10.11.0 FontParser Font File memory corruption
5201| [78797] Apple Mac OS X up to 10.11.0 FontParser Font File memory corruption
5202| [78745] Apple iOS up to 9.0 FontParser Font File memory corruption
5203| [78744] Apple iOS up to 9.0 FontParser Font File memory corruption
5204| [78743] Apple iOS up to 9.0 FontParser Font File memory corruption
5205| [78742] Apple iOS up to 9.0 FontParser Font File memory corruption
5206| [78741] Apple iOS up to 9.0 FontParser Font File memory corruption
5207| [78740] Apple iOS up to 9.0 FontParser Font File memory corruption
5208| [78739] Apple iOS up to 9.0 FontParser Font File memory corruption
5209| [78738] Apple iOS up to 9.0 FontParser Font File memory corruption
5210| [78737] Apple iOS up to 9.0 FontParser Font File memory corruption
5211| [78736] Apple iOS up to 9.0 FontParser Font File memory corruption
5212| [78735] Apple iOS up to 9.0 FontParser Font File memory corruption
5213| [78734] Apple iOS up to 9.0 FontParser Font File memory corruption
5214| [78200] ntp up to 4.2.7 on Linux/OS X ntpd ntp_io.c spoofing
5215| [78199] ntp up to 4.2.7 ntpd ntp_crypto.c memory corruption
5216| [77314] pfSense up to 2.2.2 services_ntpd.php cross site scripting
5217| [77193] Apple Mac OS X up to 10.10.4 FontParser memory corruption
5218| [77192] Apple Mac OS X up to 10.10.4 FontParser memory corruption
5219| [77191] Apple Mac OS X up to 10.10.4 FontParser memory corruption
5220| [77147] Apple iOS up to 8.4.0 FontParser memory corruption
5221| [77146] Apple iOS up to 8.4.0 FontParser memory corruption
5222| [77145] Apple iOS up to 8.4.0 FontParser memory corruption
5223| [76265] Apple Mac OS X up to 10.10.3 FontParser TrueTypeScaler Font File memory corruption
5224| [75452] Apple Watch OS 1.0 FontParser memory corruption
5225| [74740] Apple MacOS X up to 10.10.2 ntp weak authentication
5226| [74718] Apple MacOS X up to 10.10.2 FontParser memory corruption
5227| [74665] ntpd up to 4.2.8 Symmetric Mode denial of service
5228| [74664] ntpd up to 4.2.8 MAC Checker weak authentication
5229| [74290] Dell Asset Manager GetClientPackage.aspx sql injection
5230| [69165] Red Hat JBoss Enterprise Application Platform 6.3.3 RESTEasy DocumentProvider XML External Entity
5231| [68927] Apple iOS up to 8.1.2 FontParser memory corruption
5232| [68926] Apple iOS up to 8.1.2 FontParser memory corruption
5233| [68879] Apple Mac OS X 10.8.5/10.9.5/10.10/10.10.1 FontParser memory corruption
5234| [68878] Apple Mac OS X 10.8.5/10.9.5/10.10/10.10.1 FontParser memory corruption
5235| [68456] NTP Daemon up to 4.2.7 Random Generator ntp_config.c config_auth weak authentication
5236| [68641] NTP Daemon 4.2.7 PRNG Crash information disclosure
5237| [68640] NTP Daemon 4.2.7 PRNG spoofing
5238| [68457] NTP Daemon up to 4.2.7 Random Generator weak authentication
5239| [68455] NTP Daemon up to 4.2.7 ntp_proto.c receive denial of service
5240| [68454] NTP Daemon up to 4.2.7 configure memory corruption
5241| [68453] NTP Daemon up to 4.2.7 ctl_putdata memory corruption
5242| [68452] NTP Daemon up to 4.2.7 crypto_recv memory corruption
5243| [71475] wEPISDParentPortal 1.0 X.509 Certificate spoofing
5244| [67032] Cisco IOS/IOS XE 15.2/15.4 NTP Service privilege escalation
5245| [11702] NTP Project ntpd 4.2.6 monlist Functionality ntp_request.c query denial of service
5246| [65493] Dlink DSL-2760U sntpcfg.cgi cross site scripting
5247| [10540] Google Chrome 29.0.1547.76 XML Document xmldocumentparser.cpp append memory corruption
5248| [10494] Cisco IOS/IOS XE NTP denial of service
5249| [9806] TRENDnet TEW-812DRU Input Sanitizer setNTP.cgi cross site scripting
5250| [11630] Python 2.6.8/2.7.5/3.3.2 nntplib readline denial of service
5251| [60183] Instantphp lknSupport Search Module cross site scripting
5252| [59298] Instantphp Jobs Pro 1.6.4 search_jobs.html sql injection
5253| [58483] CMU Cyrus IMAP Server up to 2.4.4 nntpd.c split_wildmats memory corruption
5254| [56769] IBM WebSphere Application Server up to 6.1.0.10 getACRWorkElementPtr denial of service
5255| [5339] WebMaster Solutions WmsCms 2.0 printpage.asp Eingabe sql injection
5256| [52232] PaymentProcessorScript PPScript shop.htm sql injection
5257| [51585] TYPO3 mjseventpro 0.2.1 sql injection
5258| [4078] Sun Solaris NTP Mode 7 Request denial of service
5259| [48235] ntp up to 4.2.x ntp_crypto.c crypto_recv memory corruption
5260| [47706] ntp up to 4.2.4p7 ntpq/ntpq.c cookedprint memory corruption
5261| [45910] Goople CMS 1.8.2 frontpage.php sql injection
5262| [45837] Goople CMS up to 1.8.2 frontpage.php sql injection
5263| [45794] NTP up to 4.2.4p4 EVP_VerifyFinal memory corruption
5264| [43343] Alain Barbet Filesys Smbclientparser up to 2.6 SMB Server filesys::smbclientparser memory corruption
5265| [41522] XOOPS Tutoriais Module up to 2.1b printpage.php sql injection
5266| [40320] Agares Media phpAutoVideo 2.21 frontpage_right.php privilege escalation
5267| [40250] Agares Media Arcadem 2.04 frontpage_right.php privilege escalation
5268| [36948] Johntp adsense-deluxe 0.x on WordPress adsense-deluxe.php cross site request forgery
5269| [35867] Free Php Scripts Free Image Hosting up to 2.0 Login frontpage.php privilege escalation
5270| [34928] HP Mercury Performance Center Agent 8.0 magentproc.exe memory corruption
5271| [34504] Uberghey CMS 0.3.1 frontpage.php privilege escalation
5272| [32641] Dan Jensen Travelsized CMS up to 0.4 frontpage.php privilege escalation
5273|
5274| MITRE CVE - https://cve.mitre.org:
5275| [CVE-2013-1997] Multiple buffer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XAllocColorCells, (2) _XkbReadGetDeviceInfoReply, (3) _XkbReadGeomShapes, (4) _XkbReadGetGeometryReply, (5) _XkbReadKeySyms, (6) _XkbReadKeyActions, (7) _XkbReadKeyBehaviors, (8) _XkbReadModifierMap, (9) _XkbReadExplicitComponents, (10) _XkbReadVirtualModMap, (11) _XkbReadGetNamesReply, (12) _XkbReadGetMapReply, (13) _XimXGetReadData, (14) XListFonts, (15) XListExtensions, and (16) XGetFontPath functions.
5276| [CVE-2013-1984] Multiple integer overflows in X.org libXi 1.7.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XGetDeviceControl, (2) XGetFeedbackControl, (3) XGetDeviceDontPropagateList, (4) XGetDeviceMotionEvents, (5) XIGetProperty, (6) XIGetSelectedEvents, (7) XGetDeviceProperties, and (8) XListInputDevices functions.
5277| [CVE-2012-4258] Multiple SQL injection vulnerabilities in MYRE Real Estate Software (2012 Q2) allow remote attackers to execute arbitrary SQL commands via the (1) link_idd parameter to 1_mobile/listings.php or (2) userid parameter to 1_mobile/agentprofile.php.
5278| [CVE-2012-3375] The epoll_ctl system call in fs/eventpoll.c in the Linux kernel before 3.2.24 does not properly handle ELOOP errors in EPOLL_CTL_ADD operations, which allows local users to cause a denial of service (file-descriptor consumption and system crash) via a crafted application that attempts to create a circular epoll dependency. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-1083.
5279| [CVE-2012-1288] The UTC Fire & Security GE-MC100-NTP/GPS-ZB Master Clock device uses hardcoded credentials for an administrative account, which makes it easier for remote attackers to obtain access via an HTTP session.
5280| [CVE-2011-4859] The Schneider Electric Quantum Ethernet Module, as used in the Quantum 140NOE771* and 140CPU65* modules, the Premium TSXETY* and TSXP57* modules, the M340 BMXNOE01* and BMXP3420* modules, and the STB DIO STBNIC2212 and STBNIP2* modules, uses hardcoded passwords for the (1) AUTCSE, (2) AUT_CSE, (3) fdrusers, (4) ftpuser, (5) loader, (6) nic2212, (7) nimrohs2212, (8) nip2212, (9) noe77111_v500, (10) ntpupdate, (11) pcfactory, (12) sysdiag, (13) target, (14) test, (15) USER, and (16) webserver accounts, which makes it easier for remote attackers to obtain access via the (a) TELNET, (b) Windriver Debug, or (c) FTP port.
5281| [CVE-2011-3208] Stack-based buffer overflow in the split_wildmats function in nntpd.c in nntpd in Cyrus IMAP Server before 2.3.17 and 2.4.x before 2.4.11 allows remote attackers to execute arbitrary code via a crafted NNTP command.
5282| [CVE-2011-2724] The check_mtab function in client/mount.cifs.c in mount.cifs in smbfs in Samba 3.5.10 and earlier does not properly verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-0547.
5283| [CVE-2011-1313] Double free vulnerability in IBM WebSphere Application Server (WAS) 6.1.0.x before 6.1.0.35 and 7.x before 7.0.0.15 allows remote backend IIOP servers to cause a denial of service (S0C4 ABEND and storage corruption) by rejecting IIOP requests at opportunistic time instants, as demonstrated by requests associated with an ORB_Request::getACRWorkElementPtr function call.
5284| [CVE-2011-1082] fs/eventpoll.c in the Linux kernel before 2.6.38 places epoll file descriptors within other epoll data structures without properly checking for (1) closed loops or (2) deep chains, which allows local users to cause a denial of service (deadlock or stack memory consumption) via a crafted application that makes epoll_create and epoll_ctl system calls.
5285| [CVE-2010-4539] The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger the walking of SVNParentPath collections.
5286| [CVE-2010-3879] FUSE, possibly 2.8.5 and earlier, allows local users to create mtab entries with arbitrary pathnames, and consequently unmount any filesystem, via a symlink attack on the parent directory of the mountpoint of a FUSE filesystem, a different vulnerability than CVE-2010-0789.
5287| [CVE-2010-2896] IBM FileNet Content Manager (CM) 4.0.0, 4.0.1, 4.5.0, and 4.5.1 before FP4 does not properly manage the InheritParentPermissions setting during an upgrade from 3.x, which might allow attackers to bypass intended folder permissions via unspecified vectors.
5288| [CVE-2010-2121] Opera 9.52 allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid (1) news:// or (2) nntp:// URIs.
5289| [CVE-2010-2119] Microsoft Internet Explorer 6.0.2900.2180 allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid nntp:// URIs.
5290| [CVE-2010-2117] Mozilla Firefox 3.0.19, 3.5.x, and 3.6.x allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid (1) news:// or (2) nntp:// URIs.
5291| [CVE-2010-1721] SQL injection vulnerability in the Intellectual Property (aka IProperty or com_iproperty) component 1.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an agentproperties action to index.php.
5292| [CVE-2010-1708] Multiple SQL injection vulnerabilities in agentadmin.php in Free Realty allow remote attackers to execute arbitrary SQL commands via the (1) login field (aka agentname parameter) or (2) password field (aka agentpassword parameter).
5293| [CVE-2010-1078] SQL injection vulnerability in archive.php in XlentProjects SphereCMS 1.1 alpha allows remote attackers to execute arbitrary SQL commands via encoded null bytes ("%00") in the view parameter, which bypasses a protection mechanism.
5294| [CVE-2010-0790] sutil/ncpumount.c in ncpumount in ncpfs 2.2.6 produces certain detailed error messages about the results of privileged file-access attempts, which allows local users to determine the existence of arbitrary files via the mountpoint name.
5295| [CVE-2010-0789] fusermount in FUSE before 2.7.5, and 2.8.x before 2.8.2, allows local users to unmount an arbitrary FUSE filesystem share via a symlink attack on a mountpoint.
5296| [CVE-2010-0787] client/mount.cifs.c in mount.cifs in smbfs in Samba 3.0.22, 3.0.28a, 3.2.3, 3.3.2, 3.4.0, and 3.4.5 allows local users to mount a CIFS share on an arbitrary mountpoint, and gain privileges, via a symlink attack on the mountpoint directory file.
5297| [CVE-2010-0547] client/mount.cifs.c in mount.cifs in smbfs in Samba 3.4.5 and earlier does not verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string.
5298| [CVE-2010-0340] SQL injection vulnerability in the MJS Event Pro (mjseventpro) extension 0.2.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
5299| [CVE-2010-0296] The encode_name macro in misc/mntent_r.c in the GNU C Library (aka glibc or libc6) 2.11.1 and earlier, as used by ncpmount and mount.cifs, does not properly handle newline characters in mountpoint names, which allows local users to cause a denial of service (mtab corruption), or possibly modify mount options and gain privileges, via a crafted mount request.
5300| [CVE-2010-0293] The client logging functionality in chronyd in Chrony before 1.23.1 does not restrict the amount of memory used for storage of client information, which allows remote attackers to cause a denial of service (memory consumption) via spoofed (1) NTP or (2) cmdmon packets.
5301| [CVE-2010-0182] The XMLDocument::load function in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 does not perform the expected nsIContentPolicy checks during loading of content by XML documents, which allows attackers to bypass intended access restrictions via crafted content.
5302| [CVE-2009-4724] SQL injection vulnerability in shop.htm in PaymentProcessorScript.net PPScript allows remote attackers to execute arbitrary SQL commands via the cid parameter.
5303| [CVE-2009-3562] Cross-site scripting (XSS) vulnerability in Xerver HTTP Server 4.32 allows remote attackers to inject arbitrary web script or HTML via the currentPath parameter in a chooseDirectory action.
5304| [CVE-2009-3561] Directory traversal vulnerability in Xerver HTTP Server 4.32 allows remote attackers to read arbitrary files via a full pathname with a drive letter in the currentPath parameter in a chooseDirectory action.
5305| [CVE-2009-2869] Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to cause a denial of service (device reload) via a crafted NTPv4 packet, aka Bug IDs CSCsu24505 and CSCsv75948.
5306| [CVE-2009-1252] Stack-based buffer overflow in the crypto_recv function in ntp_crypto.c in ntpd in NTP before 4.2.4p7 and 4.2.5 before 4.2.5p74, when OpenSSL and autokey are enabled, allows remote attackers to execute arbitrary code via a crafted packet containing an extension field.
5307| [CVE-2009-0159] Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows remote NTP servers to execute arbitrary code via a crafted response.
5308| [CVE-2009-0121] SQL injection vulnerability in frontpage.php in Goople CMS 1.8.2 allows remote attackers to execute arbitrary SQL commands via the password parameter. NOTE: the provenance of this information is unknown
5309| [CVE-2009-0111] SQL injection vulnerability in frontpage.php in Goople CMS 1.8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter.
5310| [CVE-2009-0021] NTP 4.2.4 before 4.2.4p5 and 4.2.5 before 4.2.5p150 does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to CVE-2008-5077.
5311| [CVE-2008-6982] Cross-site scripting (XSS) vulnerability in index.php in devalcms 1.4a allows remote attackers to inject arbitrary web script or HTML via the currentpath parameter.
5312| [CVE-2008-6865] SQL injection vulnerability in modules.php in the Sectionsnew module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action.
5313| [CVE-2008-6728] SQL injection vulnerability in the Sections module in PHP-Nuke, probably before 8.0, allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action to modules.php.
5314| [CVE-2008-6255] Multiple SQL injection vulnerabilities in vBulletin 3.7.4 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) answer parameter to admincp/verify.php, (2) extension parameter in an edit action to admincp/attachmentpermission.php, and the (3) iperm parameter to admincp/image.php.
5315| [CVE-2008-5362] The DefineConstantPool action in the ActionScript 2 virtual machine in Adobe Flash Player 10.x before 10.0.12.36 and 9.x before 9.0.151.0, and Adobe AIR before 1.5, accepts an untrusted input value for a "constant count," which allows remote attackers to read sensitive data from process memory via a crafted PDF file.
5316| [CVE-2008-5361] The ActionScript 2 virtual machine in Adobe Flash Player 10.x before 10.0.12.36 and 9.x before 9.0.151.0, and Adobe AIR before 1.5, does not verify a member element's size when performing (1) DefineConstantPool, (2) ActionJump, (3) ActionPush, (4) ActionTry, and unspecified other actions, which allows remote attackers to read sensitive data from process memory via a crafted PDF file.
5317| [CVE-2008-5066] PHP remote file inclusion vulnerability in upload/admin/frontpage_right.php in Agares Media ThemeSiteScript 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the loadadminpage parameter.
5318| [CVE-2008-4253] The FlexGrid ActiveX control in Microsoft Visual Basic 6.0, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, Office FrontPage 2002 SP3, and Office Project 2003 SP3 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to corruption of the "system state," aka "FlexGrid Control Memory Corruption Vulnerability."
5319| [CVE-2008-4174] Multiple cross-site scripting (XSS) vulnerabilities in index.php in Dynamic MP3 Lister 2.0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) currentpath, (2) invert, (3) search, and (4) sort parameters.
5320| [CVE-2008-3970] pam_mount 0.10 through 0.45, when luserconf is enabled, does not verify mountpoint and source ownership before mounting a user-defined volume, which allows local users to bypass intended access restrictions via a local mount.
5321| [CVE-2008-3285] The Filesys::SmbClientParser module 2.7 and earlier for Perl allows remote SMB servers to execute arbitrary code via a folder name containing shell metacharacters.
5322| [CVE-2008-2931] The do_change_type function in fs/namespace.c in the Linux kernel before 2.6.22 does not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of a mountpoint.
5323| [CVE-2008-2913] Directory traversal vulnerability in func.php in Devalcms 1.4a, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the currentpath parameter, in conjunction with certain ... (triple dot) and ..... sequences in the currentfile parameter, to index.php.
5324| [CVE-2008-2751] Multiple cross-site scripting (XSS) vulnerabilities in the Glassfish webadmin interface in Sun Java System Application Server 9.1_01 allow remote attackers to inject arbitrary web script or HTML via the (1) propertyForm:propertyContentPage:propertySheet:propertSectionTextField:jndiProp:JndiNew, (2) propertyForm:propertyContentPage:propertySheet:propertSectionTextField:resTypeProp:resType, (3) propertyForm:propertyContentPage:propertySheet:propertSectionTextField:factoryClassProp:factoryClass, or (4) propertyForm:propertyContentPage:propertySheet:propertSectionTextField:descProp:desc parameter to (a) resourceNode/customResourceNew.jsf
5325| [CVE-2008-2649] Multiple PHP remote file inclusion vulnerabilities in DesktopOnNet 3 Beta allow remote attackers to execute arbitrary PHP code via a URL in the app_path parameter to (1) don3_requiem.don3app/don3_requiem.php and (2) frontpage.don3app/frontpage.php.
5326| [CVE-2008-1351] SQL injection vulnerability in the Tutorials 2.1b module for XOOPS allows remote attackers to execute arbitrary SQL commands via the tid parameter to printpage.php, which is accessible directly or through a printpage action to index.php.
5327| [CVE-2008-1053] Multiple SQL injection vulnerabilities in the Kose_Yazilari module for PHP-Nuke allow remote attackers to execute arbitrary SQL commands via the artid parameter in a (1) viewarticle or (2) printpage action to modules.php.
5328| [CVE-2008-0435] Directory traversal vulnerability in index.php in OZJournals 2.1.1 allows remote attackers to read portions of arbitrary files via a .. (dot dot) in the id parameter in a printpreview action.
5329| [CVE-2008-0074] Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.0 through 7.0 allows local users to gain privileges via unknown vectors related to file change notifications in the TPRoot, NNTPFile\Root, or WWWRoot folders.
5330| [CVE-2007-6614] PHP remote file inclusion vulnerability in admin/frontpage_right.php in Agares Media phpAutoVideo 2.21 allows remote attackers to execute arbitrary PHP code via a URL in the loadadminpage parameter, a related issue to CVE-2007-6542.
5331| [CVE-2007-6542] PHP remote file inclusion vulnerability in admin/frontpage_right.php in Arcadem LE 2.04 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the loadadminpage parameter.
5332| [CVE-2007-6499] Unspecified vulnerability in Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to uninstall the FrontPage extensions of an arbitrary account via a request to fp2002/UNINSTAL.asp with a "host id (IIS) value."
5333| [CVE-2007-6455] Multiple cross-site scripting (XSS) vulnerabilities in index.php in Mambo 4.6.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Itemid parameter in a com_frontpage option and the (2) option parameter.
5334| [CVE-2007-4841] Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to execute arbitrary commands via a (1) mailto, (2) nntp, (3) news, or (4) snews URI with invalid "%" encoding, related to improper file type handling on Windows XP with Internet Explorer 7 installed, a variant of CVE-2007-3845.
5335| [CVE-2007-4042] Multiple argument injection vulnerabilities in Netscape Navigator 9 allow remote attackers to execute arbitrary commands via a NULL byte (%00) and shell metacharacters in a (1) mailto, (2) nntp, (3) news, (4) snews, or (5) telnet URI, a similar issue to CVE-2007-3670.
5336| [CVE-2007-4041] Multiple argument injection vulnerabilities in Mozilla Firefox 2.0.0.5 and 3.0alpha allow remote attackers to execute arbitrary commands via a NULL byte (%00) and shell metacharacters in a (1) mailto, (2) nntp, (3) news, (4) snews, or (5) telnet URI, a similar issue to CVE-2007-3670.
5337| [CVE-2007-3897] Heap-based buffer overflow in Microsoft Outlook Express 6 and earlier, and Windows Mail for Vista, allows remote Network News Transfer Protocol (NNTP) servers to execute arbitrary code via long NNTP responses that trigger memory corruption.
5338| [CVE-2007-3109] The CERN Image Map Dispatcher (htimage.exe) in Microsoft FrontPage allows remote attackers to determine the existence, and possibly partial contents, of arbitrary files under the web root via a relative pathname in the PATH_INFO.
5339| [CVE-2007-1715] PHP remote file inclusion vulnerability in frontpage.php in Free Image Hosting 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the AD_BODY_TEMP parameter. NOTE: the forgot_pass.php vector is already covered by CVE-2006-5670, and the login.php vector overlaps CVE-2006-5763.
5340| [CVE-2007-1560] The clientProcessRequest() function in src/client_side.c in Squid 2.6 before 2.6.STABLE12 allows remote attackers to cause a denial of service (daemon crash) via crafted TRACE requests that trigger an assertion error.
5341| [CVE-2007-0604] Cross-site scripting (XSS) vulnerability in Movable Type (MT) before 3.34 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the MTCommentPreviewIsStatic tag, which can open the "comment entry screen," a different vulnerability than CVE-2007-0231.
5342| [CVE-2007-0446] Stack-based buffer overflow in magentproc.exe for Hewlett-Packard Mercury LoadRunner Agent 8.0 and 8.1, Performance Center Agent 8.0 and 8.1, and Monitor over Firewall 8.1 allows remote attackers to execute arbitrary code via a packet with a long server_ip_name field to TCP port 54345, which triggers the overflow in mchan.dll.
5343| [CVE-2007-0359] PHP remote file inclusion vulnerability in frontpage.php in Uberghey CMS 0.3.1 allows remote attackers to execute arbitrary PHP code via a URL in the setup_folder parameter.
5344| [CVE-2006-7160] The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly earlier versions, does not validate arguments to hooked SSDT functions, which allows local users to cause a denial of service (crash) via invalid arguments to the (1) NtAssignProcessToJobObject,, (2) NtCreateKey, (3) NtCreateThread, (4) NtDeleteFile, (5) NtLoadDriver, (6) NtOpenProcess, (7) NtProtectVirtualMemory, (8) NtReplaceKey, (9) NtTerminateProcess, (10) NtTerminateThread, (11) NtUnloadDriver, and (12) NtWriteVirtualMemory functions.
5345| [CVE-2006-6187] Multiple SQL injection vulnerabilities in ClickTech Click Gallery allow remote attackers to execute arbitrary SQL commands via the (1) currentpage or (2) gallery_id parameter to (a) view_gallery.asp, the (3) image_id parameter to (b) download_image.asp, the currentpage or (5) orderby parameter to (c) gallery.asp, or the currentpage parameter to (d) view_recent.asp.
5346| [CVE-2006-5864] Stack-based buffer overflow in the ps_gettext function in ps.c for GNU gv 3.6.2, and possibly earlier versions, allows user-assisted attackers to execute arbitrary code via a PostScript (PS) file with certain headers that contain long comments, as demonstrated using the (1) DocumentMedia, (2) DocumentPaperSizes, and possibly (3) PageMedia and (4) PaperSize headers. NOTE: this issue can be exploited through other products that use gv such as evince.
5347| [CVE-2006-5182] PHP remote file inclusion vulnerability in frontpage.php in Dan Jensen Travelsized CMS 0.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the setup_folder parameter.
5348| [CVE-2006-5020] Multiple PHP remote file inclusion vulnerabilities in SolidState 0.4 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the base_path parameter in manager/pages/ scripts including (1) AccountsPage.class.php, (2) AddInvoicePage.class.php, (3) AddIPAddressPage.class.php, (4) AddPaymentPage.class.php, (5) AddTaxRulePage.class.php, (6) AssignDomainPage.class.php, (7) AssignHostingPage.class.php, (8) AssignProductPage.class.php, (9) BillingPage.class.php, (10) BillingPaymentPage.class.php, (11) BrowseAccountsPage.class.php, (12) BrowseInvoicesPage.class.php, (13) ConfigureEditUserPage.class.php, (14) ConfigureNewUserPage.class.php, (15) ConfigureNewUserReceiptPage.class.php, (16) ConfigureUsersPage.class.php, (17) DeleteAccountPage.class.php, (18) DeleteDomainServicePage.class.php, (19) DeleteHostingServicePage.class.php, (20) DeleteInvoicePage.class.php, (21) DeleteProductPage.class.php, (22) DeleteServerPage.class.php, (23) DomainServicesPage.class.php, (24) DomainsPage.class.php, (25) EditAccountPage.class.php, (26) EditDomainPage.class.php, (27) EditDomainServicePage.class.php, (28) EditHostingServicePage.class.php, (29) EditPaymentPage.class.php, (30) EditProductPage.class.php, (31) EditServerPage.class.php, (32) EmailInvoicePage.class.php, (33) ExecuteOrderPage.class.php, (34) ExpiredDomainsPage.class.php, (35) FulfilledOrdersPage.class.php, (36) GenerateInvoicesPage.class.php, (37) HomePage.class.php, (38) InactiveAccountsPage.class.php, (39) IPManagerPage.class.php, (40) LoginPage.class.php, (41) LogPage.class.php, (42) ModulesPage.class.php, (43) NewAccountPage.class.php, (44) NewDomainServicePage.class.php, (45) NewProductPage.class.php, (46) OutstandingInvoicesPage.class.php, (47) PendingAccountsPage.class.php, (48) PendingOrdersPage.class.php, (49) PrintInvoicePage.class.php, (50) ProductsPage.class.php, (51) RegisterDomainPage.class.php, (52) RegisteredDomainsPage.class.php, (53) ServersPage.class.php, (54) ServicesHostingServicesPage.class.php, (55) ServicesNewHostingPage.class.php, (56) ServicesPage.class.php, (57) ServicesWebHostingPage.class.php, (58) SettingsPage.class.php, (59) TaxesPage.class.php, (60) TransferDomainPage.class.php, (61) ViewAccountPage.class.php, (62) ViewDomainServicePage.class.php, (63) ViewHostingServicePage.class.php, (64) ViewInvoicePage.class.php, (65) ViewLogMessagePage.class.php, (66) ViewOrderPage.class.php, (67) ViewProductPage.class.php, (68) ViewServerPage.class.php, (69) WelcomeEmailPage.class.php
5349| [CVE-2006-4286] ** DISPUTED ** PHP remote file inclusion vulnerability in contentpublisher.php in the contentpublisher component (com_contentpublisher) for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. NOTE: this issue has been disputed by third parties who state that contentpublisher.php protects against direct request in the most recent version. The original researcher is known to be frequently inaccurate.
5350| [CVE-2006-4103] PHP remote file inclusion vulnerability in article-raw.php in Jason Alexander phNNTP 1.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the file_newsportal parameter.
5351| [CVE-2006-4055] Multiple PHP remote file inclusion vulnerabilities in Olaf Noehring The Search Engine Project (TSEP) 0.942 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the tsep_config[absPath] parameter to (1) include/colorswitch.php, (2) contentimages.class.php, (3) ipfunctions.php, (4) configfunctions.php, (5) printpagedetails.php, or (6) log.class.php. NOTE: the copyright.php vector is already covered by CVE-2006-3993.
5352| [CVE-2006-3628] Multiple format string vulnerabilities in Wireshark (aka Ethereal) 0.10.x to 0.99.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) ANSI MAP, (2) Checkpoint FW-1, (3) MQ, (4) XML, and (5) NTP dissectors.
5353| [CVE-2006-3026] Multiple cross-site scripting (XSS) vulnerabilities in ClickGallery 5.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) gallery_id parameter in gallery.asp and (2) parentcurrentpage parameter in view_gallery.asp.
5354| [CVE-2006-2490] Multiple cross-site scripting (XSS) vulnerabilities in Mobotix IP Network Cameras M1 1.9.4.7 and M10 2.0.5.2, and other versions before 2.2.3.18 for M10/D10 and 3.0.3.31 for M22, allow remote attackers to inject arbitrary web script or HTML via URL-encoded values in (1) the query string to help/help, (2) the get_image_info_abspath parameter to control/eventplayer, and (3) the source_ip parameter to events.tar.
5355| [CVE-2006-1662] The frontpage option in Limbo CMS 1.0.4.2 and 1.0.4.1 allows remote attackers to execute arbitrary PHP commands via the Itemid parameter in index.php.
5356| [CVE-2006-1437] UPOINT @1 Event Publisher stores sensitive information under the web document root with insufifcient access control, which allows remote attackers to read private comments via a direct request to eventpublisher.txt.
5357| [CVE-2006-1436] Multiple cross-site scripting (XSS) vulnerabilities in UPOINT @1 Event Publisher allow remote attackers to inject arbitrary web script or HTML via the (1) Event, (2) Description, (3) Time, (4) Website, and (5) Public Remarks fields to (a) eventpublisher_admin.htm and (b) eventpublisher_usersubmit.htm.
5358| [CVE-2006-0375] Advantage Century Telecommunication (ACT) P202S IP Phone 1.01.21 running firmware 1.1.21 on VxWorks uses a hardcoded Network Time Protocol (NTP) server in Taiwan, which could allow remote attackers to provide false time information, block access to time information, or conduct other attacks.
5359| [CVE-2006-0015] Cross-site scripting (XSS) vulnerability in _vti_bin/_vti_adm/fpadmdll.dll in Microsoft FrontPage Server Extensions 2002 and SharePoint Team Services allows remote attackers to inject arbitrary web script or HTML, then leverage the attack to execute arbitrary programs or create new accounts, via the (1) operation, (2) command, and (3) name parameters.
5360| [CVE-2005-4716] Hitachi TP1/Server Base and TP1/NET/Library 2 on IBM AIX allow remote attackers to (1) cause a denial of service (OpenTP1 system outage) via invalid data to a port used by a system-server process, and (2) cause a denial of service (process failure) via invalid data to a port used by any of certain other processes.
5361| [CVE-2005-3356] The mq_open system call in Linux kernel 2.6.9, in certain situations, can decrement a counter twice ("double decrement") as a result of multiple calls to the mntput function when the dentry_open function call fails, which allows local users to cause a denial of service (panic) via unspecified attack vectors.
5362| [CVE-2005-3120] Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.
5363| [CVE-2005-2658] Buffer overflow in utility.cpp in Turquoise SuperStat (turqstat) 2.2.4 and earlier might allow remote NNTP servers to execute arbitrary code via a date with a long month.
5364| [CVE-2005-2428] Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, stores sensitive data from names.nsf in hidden form fields, which allows remote attackers to read the HTML source to obtain sensitive information such as (1) the password hash in the HTTPPassword field, (2) the password change date in the HTTPPasswordChangeDate field, (3) the client platform in the ClntPltfrm field, (4) the client machine name in the ClntMachine field, and (5) the client Lotus Domino release in the ClntBld field, a different vulnerability than CVE-2005-2696.
5365| [CVE-2005-1363] Multiple SQL injection vulnerabilities in MetaCart 2.0 for PayFlow allow remote attackers to execute arbitrary commands via (1) intCatalogID, (2) strSubCatalogID, or (3) strSubCatalog_NAME parameter to productsByCategory.asp, (4) curCatalogID, (5) strSubCatalog_NAME, (6) intCatalogID, or (7) page parameter to productsByCategory.asp or (8) intProdID parameter to product.asp.
5366| [CVE-2005-1362] Multiple SQL injection vulnerabilities in MetaCart 2.0 for Paypal allow remote attackers to execute arbitrary SQL commands via the (1) intProdID parameter to product.asp, (2) intCatalogID or (3) strSubCatalogID parameters to productsByCategory.asp, (4) chkText, (5) strText, (6) chkPrice, (7) intPrice, (8) chkCat, or (9) strCat parameters to searchAction.asp.
5367| [CVE-2005-1361] Multiple SQL injection vulnerabilities in MetaCart e-Shop 8.0 allow remote attackers to execute arbitrary SQL commands via the (1) intProdID parameter in product.asp or (2) strCatalog_NAME parameter to productsByCategory.asp.
5368| [CVE-2005-1213] Stack-based buffer overflow in the news reader for Microsoft Outlook Express (MSOE.DLL) 5.5 SP2, 6, and 6 SP1 allows remote malicious NNTP servers to execute arbitrary code via a LIST response with a long second field.
5369| [CVE-2005-0807] Multiple buffer overflows in Cain & Abel before 2.67 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via (1) an IKE packet with a large ID field that is not properly handled by the PSK sniffer filter, (2) the HTTP sniffer filter, or the (3) POP3, (4) SMTP, (5) IMAP, (6) NNTP, or (7) TDS sniffer filters.
5370| [CVE-2005-0785] Cross-site scripting (XSS) vulnerability in usersrecentposts in YaBB 2.0 rc1 allows remote attackers to inject arbitrary web script or HTML via the username parameter.
5371| [CVE-2005-0741] Cross-site scripting (XSS) vulnerability in YaBB.pl for YaBB 2.0 RC1 allows remote attackers to inject arbitrary web script or HTML via the username parameter in a usersrecentposts action.
5372| [CVE-2005-0736] Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events.
5373| [CVE-2005-0719] Unknown vulnerability in the systems message queue in HP Tru64 Unix 4.0F PK8 through 5.1B-2/PK4 allows local users to cause a denial of service (process crash) for processes such as nfsstat, pfstat, arp, ogated, rarpd, route, sendmail, srconfig, strsetup, trpt, netstat, and xntpd.
5374| [CVE-2005-0101] Buffer overflow in the socket_getline function in Newspost 2.1.1 and earlier allows remote malicious NNTP servers to execute arbitrary code via a long string without a newline character.
5375| [CVE-2004-2068] fetchnews in leafnode 1.9.47 and earlier allows remote attackers to cause a denial of service (process hang) via an emptry NNTP news article with missing mandatory headers.
5376| [CVE-2004-1719] Multiple cross-site scripting (XSS) vulnerabilities in Merak Webmail Server 5.2.7 allow remote attackers to inject arbitrary web script or HTML via the (1) category, (2) cserver, (3) ext, (4) global, (5) showgroups, (6) or showlite parameters to address.html, or the (7) spage or (8) autoresponder parameters to settings.html, the (9) folder parameter to readmail.html, or the (10) attachmentpage_text_error parameter to attachment.html, (11) folder, (12) ct, or (13) cv parameters to calendar.html, (14) an <img> tag, or (15) the subject of an e-mail message.
5377| [CVE-2004-1610] SalesLogix 6.1 uses client-specified pathnames for writing certain files, which might allow remote authenticated users to create arbitrary files and execute code via the (1) vMME.AttachmentPath or (2) vMME.LibraryPath variables.
5378| [CVE-2004-1316] Heap-based buffer overflow in MSG_UnEscapeSearchUrl in nsNNTPProtocol.cpp for Mozilla 1.7.3 and earlier allows remote attackers to cause a denial of service (application crash) via an NNTP URL (news:) with a trailing '\' (backslash) character, which prevents a string from being NULL terminated.
5379| [CVE-2004-0574] The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper length validation and an "unchecked buffer," leading to off-by-one and heap-based buffer overflows.
5380| [CVE-2003-1266] The (1) FTP, (2) POP3, (3) SMTP, and (4) NNTP servers in EServer 2.92 through 2.97, and possibly 2.98, allow remote attackers to cause a denial of service (crash) via a large amount of data.
5381| [CVE-2003-0824] Unknown vulnerability in the SmartHTML interpreter (shtml.dll) in Microsoft FrontPage Server Extensions 2000 and 2002, and Microsoft SharePoint Team Services 2002, allows remote attackers to cause a denial of service (response failure) via a certain request.
5382| [CVE-2003-0822] Buffer overflow in the debug functionality in fp30reg.dll of Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to execute arbitrary code via a crafted chunked encoded request.
5383| [CVE-2003-0744] The fetchnews NNTP client in leafnode 1.9.3 to 1.9.41 allows remote attackers to cause a denial of service (process hang and termination) via certain malformed Usenet news articles that cause fetchnews to hang while waiting for input.
5384| [CVE-2002-2317] Memory leak in the (1) httpd, (2) nntpd, and (3) vpn driver in VelociRaptor 1.0 allows remote attackers to cause a denial of service (memory consumption) via an unknown method.
5385| [CVE-2002-2305] SQL injection vulnerability in agentadmin.php in Immobilier allows remote attackers to execute arbitrary SQL commands via the (1) agentname or (2) agentpassword parameter.
5386| [CVE-2002-2262] Unspecified vulnerability in xntpd of HP-UX 10.20 through 11.11 allows remote attackers to cause a denial of service (hang) via unknown attack vectors.
5387| [CVE-2002-1789] Format string vulnerability in newsx NNTP client before 1.4.8 allows local users to execute arbitrary code via format string specifiers that are not properly handled in a call to the syslog function.
5388| [CVE-2002-1788] Format string vulnerability in the nn_exitmsg function in nn 6.6.0 through 6.6.3 allows remote NNTP servers to execute arbitrary code via format strings in server responses.
5389| [CVE-2002-1718] Microsoft Internet Information Server (IIS) 5.1 may allow remote attackers to view the contents of a Frontpage Server Extension (FPSE) file, as claimed using an HTTP request for colegal.htm that contains .. (dot dot) sequences.
5390| [CVE-2002-0913] Format string vulnerability in log_doit function of Slurp NNTP client 1.1.0 allows a malicious news server to execute arbitrary code on the client via format strings in a server response.
5391| [CVE-2002-0909] Multiple buffer overflows in mnews 1.22 and earlier allow (1) a remote NNTP server to execute arbitrary code via long responses, or local users can gain privileges via long command line arguments (2) -f, (3) -n, (4) -D, (5) -M, or (6) -P, or via long environment variables (7) JNAMES or (8) MAILSERVER.
5392| [CVE-2002-0692] Buffer overflow in SmartHTML Interpreter (shtml.dll) in Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to cause a denial of service (CPU consumption) or run arbitrary code, respectively, via a certain type of web file request.
5393| [CVE-2002-0525] Format string vulnerabilities in (1) inews or (2) rnews for INN 2.2.3 and earlier allow local users and remote malicious NNTP servers to gain privileges via format string specifiers in NTTP responses.
5394| [CVE-2002-0002] Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code.
5395| [CVE-2001-1204] Directory traversal vulnerability in phprocketaddin in Total PC Solutions PHP Rocket Add-in for FrontPage 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter.
5396| [CVE-2001-0764] Buffer overflow in ntping in scotty 2.1.0 allows local users to execute arbitrary code via a long hostname as a command line argument.
5397| [CVE-2001-0543] Memory leak in NNTP service in Windows NT 4.0 and Windows 2000 allows remote attackers to cause a denial of service (memory exhaustion) via a large number of malformed posts.
5398| [CVE-2001-0414] Buffer overflow in ntpd ntp daemon 4.0.99k and earlier (aka xntpd and xntp3) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long readvar argument.
5399| [CVE-2001-0341] Buffer overflow in Microsoft Visual Studio RAD Support sub-component of FrontPage Server Extensions allows remote attackers to execute arbitrary commands via a long registration request (URL) to fp30reg.dll.
5400| [CVE-2001-0096] FrontPage Server Extensions (FPSE) in IIS 4.0 and 5.0 allows remote attackers to cause a denial of service via a malformed form, aka the "Malformed Web Form Submission" vulnerability.
5401| [CVE-2000-0438] Buffer overflow in fdmount on Linux systems allows local users in the "floppy" group to execute arbitrary commands via a long mountpoint parameter.
5402| [CVE-2000-0431] Cobalt RaQ2 and RaQ3 does not properly set the access permissions and ownership for files that are uploaded via FrontPage, which allows attackers to bypass cgiwrap and modify files.
5403| [CVE-2000-0341] ATRIUM Cassandra NNTP Server 1.10 allows remote attackers to cause a denial of service via a long login name.
5404| [CVE-2000-0256] Buffer overflows in htimage.exe and Imagemap.exe in FrontPage 97 and 98 Server Extensions allow a user to conduct activities that are not otherwise available through the web site, aka the "Server-Side Image Map Components" vulnerability.
5405| [CVE-2000-0153] FrontPage Personal Web Server (PWS) allows remote attackers to read files via a .... (dot dot) attack.
5406| [CVE-2000-0122] Frontpage Server Extensions allows remote attackers to determine the physical path of a virtual directory via a GET request to the htimage.exe CGI program.
5407| [CVE-2000-0114] Frontpage Server Extensions allows remote attackers to determine the name of the anonymous account via an RPC POST request to shtml.dll in the /_vti_bin/ virtual directory.
5408| [CVE-1999-1016] Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly others, allows remote malicious web site or HTML emails to cause a denial of service (100% CPU consumption) via large HTML form fields such as text inputs in a table cell.
5409| [CVE-1999-0681] Buffer overflow in Microsoft FrontPage Server Extensions (PWS) 3.0.2.926 on Windows 95, and possibly other versions, allows remote attackers to cause a denial of service via a long URL.
5410| [CVE-2011-3372] imap/nntpd.c in the NNTP server (nntpd) for Cyrus IMAPd 2.4.x before 2.4.12 allows remote attackers to bypass authentication by sending an AUTHINFO USER command without sending an additional AUTHINFO PASS command.
5411| [CVE-2009-3563] ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons.
5412| [CVE-2006-2334] The RtlDosPathNameToNtPathName_U API function in NTDLL.DLL in Microsoft Windows 2000 SP4 and XP SP2 does not properly convert DOS style paths with trailing spaces into NT style paths, which allows context-dependent attackers to create files that cannot be accessed through the expected DOS path or prevent access to other similarly named files in the same directory, which prevents those files from being detected or disinfected by certain anti-virus and anti-spyware software.
5413| [CVE-2006-1711] Plone 2.0.5, 2.1.2, and 2.5-beta1 does not restrict access to the (1) changeMemberPortrait, (2) deletePersonalPortrait, and (3) testCurrentPassword methods, which allows remote attackers to modify portraits.
5414| [CVE-2005-2496] The xntpd ntp (ntpd) daemon before 4.2.0b, when run with the -u option and using a string to specify the group, uses the group ID of the user instead of the group, which causes xntpd to run with different privileges than intended.
5415| [CVE-2005-1911] The fetchnews NNTP client in leafnode 1.11.2 and earlier can hang while waiting for input that never arrives, which allows remote NNTP servers to cause a denial of service (news loss).
5416| [CVE-2005-1453] fetchnews in leafnode 1.9.48 to 1.11.1 allows remote NNTP servers to cause a denial of service (crash) by closing the connection while fetchnews is reading (1) an article header or (2) an article body, which also prevents fetchnews from querying other servers.
5417| [CVE-2004-0657] Integer overflow in the NTP daemon (NTPd) before 4.0 causes the NTP server to return the wrong date/time offset when a client requests a date/time that is more than 34 years away from the server's time.
5418| [CVE-2002-0427] Buffer overflows in fpexec in mod_frontpage before 1.6.1 may allow attackers to gain root privileges.
5419| [CVE-2000-0710] The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers determine the physical path of the server components by requesting an invalid URL whose name includes a standard DOS device name.
5420| [CVE-2000-0709] The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to cause a denial of service in some components by requesting a URL whose name includes a standard DOS device name.
5421| [CVE-2000-0413] The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote attackers to determine the physical path of HTML, HTM, ASP, and SHTML files by requesting a file that does not exist, which generates an error message that reveals the path.
5422| [CVE-1999-1376] Buffer overflow in fpcount.exe in IIS 4.0 with FrontPage Server Extensions allows remote attackers to execute arbitrary commands.
5423| [CVE-1999-1052] Microsoft FrontPage stores form results in a default location in /_private/form_results.txt, which is world-readable and accessible in the document root, which allows remote attackers to read possibly sensitive information submitted by other users.
5424| [CVE-1999-1043] Microsoft Exchange Server 5.5 and 5.0 does not properly handle (1) malformed NNTP data, or (2) malformed SMTP data, which allows remote attackers to cause a denial of service (application error).
5425| [CVE-1999-0386] Microsoft Personal Web Server and FrontPage Personal Web Server in some Windows systems allows a remote attacker to read files on the server by using a nonstandard URL.
5426|
5427| SecurityFocus - https://www.securityfocus.com/bid/:
5428| [104517] NTP CVE-2018-12327 Stack Buffer Overflow Vulnerability
5429| [103351] NTP CVE-2018-7183 Buffer Overflow Vulnerability
5430| [103339] NTP CVE-2018-7185 Denial of Service Vulnerability
5431| [103194] NTP CVE-2018-7170 Incomplete Fix Remote Security Vulnerability
5432| [103192] NTP CVE-2018-7184 Denial of Service Vulnerability
5433| [103191] NTP CVE-2018-7182 Information Disclosure Vulnerability
5434| [97078] NTP CVE-2017-6452 Local Stack Based Buffer Overflow Vulnerability
5435| [97076] NTP CVE-2017-6459 Local Denial of Service Vulnerability
5436| [97074] NTP CVE-2017-6455 Local Denial of Service Vulnerability
5437| [97058] NTP CVE-2017-6451 Local Denial of Service Vulnerability
5438| [97052] NTP CVE-2017-6460 Stack Buffer Overflow Vulnerability
5439| [97051] NTP CVE-2017-6458 Buffer Overflow Vulnerability
5440| [97050] NTP CVE-2017-6464 Denial of Service Vulnerability
5441| [97049] NTP CVE-2017-6463 Denial of Service Vulnerability
5442| [97046] NTP CVE-2016-9042 Denial of Service Vulnerability
5443| [97045] NTP CVE-2017-6462 Local Buffer Overflow Vulnerability
5444| [94455] NTP CVE-2016-7433 Local Denial of Service Vulnerability
5445| [94454] NTP CVE-2016-7431 Denial of Service Vulnerability
5446| [94453] NTP CVE-2016-7429 Local Denial of Service Vulnerability
5447| [94452] NTP CVE-2016-9310 Denial of Service Vulnerability
5448| [94451] NTP CVE-2016-7426 Local Denial of Service Vulnerability
5449| [94450] NTP CVE-2016-9312 Denial of Service Vulnerability
5450| [94448] NTP CVE-2016-7434 Local Denial of Service Vulnerability
5451| [94447] NTP CVE-2016-7427 Denial of Service Vulnerability
5452| [94446] NTP CVE-2016-7428 Denial of Service Vulnerability
5453| [94444] NTP CVE-2016-9311 NULL Pointer Dereference Denial of Service Vulnerability
5454| [92277] BusyBox 'networking/ntpd.c' Remote Denial of Service Vulnerability
5455| [91400] Meinberg NTP Time Server Multiple Privilege Escalation and Buffer Overflow Vulnerabilities
5456| [91180] Foxit Reader 'CPDF_StreamContentParser::~CPDF_StreamContentParser' Memory Corruption Vulnerability
5457| [91010] NTP CVE-2016-4953 Denial of Service Vulnerability
5458| [91009] NTP CVE-2016-4956 Incomplete Fix Denial of Service Vulnerability
5459| [91007] NTP CVE-2016-4955 Denial of Service Vulnerability
5460| [90818] OpenNTPD 'ntpd/constraint.c' Certificate Validation Security Bypass Vulnerability
5461| [88276] NTP CVE-2016-1547 Denial of Service Vulnerability
5462| [88264] NTP CVE-2016-1548 Security Bypass Vulnerability
5463| [88261] NTP CVE-2016-1550 Local Security Bypass Vulnerability
5464| [88226] NTP CVE-2016-2518 Denial of Service Vulnerability
5465| [88219] NTP CVE-2016-1551 Remote Security Vulnerability
5466| [88204] NTP CVE-2016-2519 Denial of Service Vulnerability
5467| [88200] NTP CVE-2016-1549 Remote Security Vulnerability
5468| [88189] NTP CVE-2016-2517 Denial of Service Vulnerability
5469| [88180] NTP CVE-2016-2516 Denial of Service Vulnerability
5470| [88081] Microsoft FrontPage CVE-1999-1052 Information Disclosure Vulnerability
5471| [86089] Microsoft FrontPage CVE-2007-3109 Remote Security Vulnerability
5472| [83193] NTP CVE-2004-0657 Remote Security Vulnerability
5473| [82105] NTP CVE-2015-8139 Security Bypass Vulnerability
5474| [82102] NTP CVE-2015-8140 Security Bypass Vulnerability
5475| [81963] NTP CVE-2015-7973 Security Bypass Vulnerability
5476| [81962] NTP CVE-2015-7978 Denial of Service Vulnerability
5477| [81960] NTP CVE-2015-7974 Symmetric Key Encryption Authentication Security Bypass Vulnerability
5478| [81959] NTP CVE-2015-7975 Local Denial of Service Vulnerability
5479| [81816] NTP CVE-2015-7979 Denial of Service Vulnerability
5480| [81815] NTP CVE-2015-7977 NULL Pointer Dereference Denial of Service Vulnerability
5481| [81814] NTP CVE-2015-8158 Denial of Service Vulnerability
5482| [81811] NTP CVE-2015-8138 Denial of Service Vulnerability
5483| [81552] NTP Cronjob Script CVE-2016-0727 Local Privilege Escalation Vulnerability
5484| [77288] Network Time Protocol 'ntpq.c' Memory Corruption Vulnerability
5485| [77286] NTP CVE-2015-7702 Incomplete Fix Denial of Service Vulnerability
5486| [77285] NTP CVE-2015-7692 Incomplete Fix Denial of Service Vulnerability
5487| [77282] Network Time Protocol 'ntp_control.c' Directory Traversal Vulnerability
5488| [77281] NTP CVE-2015-7701 Denial of Service Vulnerability
5489| [77278] NTP Multiple Arbitrary File Overwrite Vulnerabilities
5490| [77274] NTP CVE-2015-7691 Incomplete Fix Denial of Service Vulnerability
5491| [76476] RETIRED: NTP CVE-2015-5196 Multiple Arbitrary File Overwrite Vulnerabilities
5492| [76475] NTP CVE-2015-5194 Denial of Service Vulnerability
5493| [76474] NTP 'ntpd/ntp_config.c' Remote Denial of Service Vulnerability
5494| [76473] NTP CVE-2015-5219 Denial of Service Vulnerability
5495| [75589] NTP CVE-2015-5146 Denial of Service Vulnerability
5496| [73951] NTP CVE-2015-1798 Man in the Middle Security Bypass Vulnerability
5497| [73950] NTP CVE-2015-1799 Denial of Service Vulnerability
5498| [73713] Mjseventpro CVE-2010-0340 SQL-Injection Vulnerability
5499| [72584] NTP 'ntp_io.c' Authentication Security Bypass Vulnerability
5500| [72583] NTP 'ntp_crypto.c' Information Disclosure Vulnerability
5501| [71969] Network Time Protocol ntpdc Local Buffer Overflow Vulnerability
5502| [65434] Apache Subversion 'mod_dav_svn' Module SVNListParentPath Denial of Service Vulnerability
5503| [64692] NTP 'ntp_request.c' Remote Denial of Service Vulnerability
5504| [62185] Microsoft FrontPage CVE-2013-3137 Information Disclosure Vulnerability
5505| [55561] IFOBS 'regclientprint.jsp' Multiple HTML Injection Vulnerabilities
5506| [54283] Linux Kernel 'fs/eventpoll.c' Local Denial of Service Vulnerability
5507| [52083] UTC Fire & Security GE-MC100-NTP/GPS-ZB Default Credentials Authentication Bypass Vulnerability
5508| [46630] Linux Kernel epoll Subsystem 'eventpoll.c' Multiple Local Denial of Service Vulnerabilities
5509| [45792] HP LoadRunner 'magentproc.exe' Remote Code Execution Vulnerability
5510| [41798] IBM FileNet Content Manager 'InheritParentPermissions' Flag Security Bypass Vulnerability
5511| [39479] Mozilla Firefox/Thunderbird/SeaMonkey 'nsIContentPolicy' Security Bypass Vulnerability
5512| [38309] XlentProjects SphereCMS 'archive.php' SQL Injection Vulnerability
5513| [37781] TYPO3 MJS Event Pro (mjseventpro) Unspecified SQL Injection Vulnerability
5514| [37255] NTP mode 7 MODE_PRIVATE Packet Remote Denial of Service Vulnerability
5515| [36502] Cisco IOS NTPv4 Reply Packet Remote Denial of Service Vulnerability
5516| [36457] Xerver Administration Interface 'currentPath' Parameter Cross Site Scripting Vulnerability
5517| [35017] NTP 'ntpd' Autokey Stack Buffer Overflow Vulnerability
5518| [34481] NTP 'ntpq' Stack Buffer Overflow Vulnerability
5519| [33290] TimeTools NTP Time Server Syslog Monitor Remote Denial of Service Vulnerability
5520| [33135] Goople CMS 'frontpage.php' SQL Injection Vulnerability
5521| [32352] vBulletin 'admincp/attachmentpermission.php' SQL Injection Vulnerability
5522| [31959] Agares Media ThemeSiteScript 'frontpage_right.php' Remote File Include Vulnerability
5523| [30290] SmbClientParser Perl Module Remote Command Execution Vulnerability
5524| [28297] Travelsized CMS 'frontpage.php' and 'index.php' Multiple Input Validation Vulnerabilities
5525| [28230] XOOPS MyTutorials Module 'printpage.php' SQL Injection Vulnerability
5526| [27375] OZ Journals 'printpreview' Local File Disclosure Vulnerability
5527| [26986] Arcadem LE 'frontpage_right.php' Remote File Include Vulnerability
5528| [25908] Microsoft Outlook Express And Windows Mail NNTP Protocol Heap Buffer Overflow Vulnerability
5529| [22223] Hitachi OpenTP1 Unspecified Remote Denial of Service Vulnerability
5530| [22098] Uberghey Frontpage.PHP Remote File Include Vulnerability
5531| [20321] Travelsized CMS Frontpage.PHP Remote File Include Vulnerability
5532| [20044] Limbo CMS Frontpage Arbitrary File Upload Vulnerability
5533| [19423] phNNTP File_newsportal Remote File Include Vulnerability
5534| [17452] Microsoft FrontPage Server Extensions Cross-Site Scripting Vulnerability
5535| [16902] Limbo CMS Frontpage Arbitrary PHP Command Execution Vulnerability
5536| [15117] Lynx NNTP Article Header Buffer Overflow Vulnerability
5537| [15093] Hitachi OpenTP1 Denial Of Service Vulnerability
5538| [14673] NTPD Insecure Privileges Vulnerability
5539| [13951] Microsoft Outlook Express NNTP Response Parsing Buffer Overflow Vulnerability
5540| [13376] MetaCart E-Shop V-8 IntProdID Parameter Remote SQL Injection Vulnerability
5541| [12756] YaBB Remote UsersRecentPosts Cross-Site Scripting Vulnerability
5542| [12141] Microsoft FrontPage 2000 Internet Publishing Service Provider DAV File Upload Vulnerability
5543| [11412] Microsoft Frontpage Asycpict.DLL JPEG Handling Remote Denial of Service Vulnerabilities
5544| [11379] Microsoft NNTP Component Heap Overflow Vulnerability
5545| [9008] Microsoft FrontPage Server Extensions SmartHTML Interpreter Denial Of Service Vulnerability
5546| [9007] Microsoft FrontPage Server Extensions Remote Debug Buffer Overrun Vulnerability
5547| [6522] EType EServ NNTP Remote Denial Of Service Vulnerability
5548| [6356] HP-UX xntpd Unspecified Denial Of Service Vulnerability
5549| [5804] Microsoft FrontPage Server Extensions SmartHTML Buffer Overflow Vulnerability
5550| [5240] NewsX NNTP SysLog Format String Vulnerability
5551| [5160] Kim Storm NN NNTP Error Message Format String Vulnerability
5552| [4251] Improved mod_frontpage Buffer Overflow Vulnerability
5553| [4084] Microsoft IIS 5.1 Frontpage Server Extensions File Source Disclosure Vulnerability
5554| [4078] Microsoft IIS 5.1 Frontpage Extensions Path Disclosure Information Vulnerability
5555| [3751] Total PC Solutions PHP Rocket Add-in for FrontPage Directory Traversal Vulnerability
5556| [3183] Microsoft Windows NNTP Denial of Service Vulnerability
5557| [2911] Juergen Schoenwaelder scotty ntping Buffer Overflow Vulnerability
5558| [2540] Ntpd Remote Buffer Overflow Vulnerability
5559| [1608] Microsoft FrontPage Server Extensions MS-DOS Device Name Denial Of Service Vulnerability
5560| [1594] Microsoft FrontPage/IIS Cross Site Scripting shtml.dll Vulnerability
5561| [1435] Microsoft FrontPage 2000 Server Extensions Denial Of Service Vulnerability
5562| [1205] Microsoft FrontPage Extensions .pwd File Permissions Vulnerability
5563| [1174] Microsoft Frontpage Server Extensions Path Disclosure Vulnerability
5564| [1156] Cassandra NNTPServer v1.10 Buffer Overflow Vulnerability
5565| [1141] MS Frontpage htimage.exe File Existence Disclosure Vulnerability
5566| [1117] MS Frontpage Image Mapper Buffer Overflow Vulnerability
5567| [1109] MS IIS FrontPage 98 Extensions Buffer Overflow Vulnerability
5568| [1108] MS IIS FrontPage 98 Extensions Filename Obfuscation Vulnerability
5569| [989] Microsoft FrontPage PWS Directory Traversal Vulnerability
5570| [964] MS Frontpage htimage.exe Path Leak Vulnerability
5571| [568] Microsoft FrontPage PWS DoS Vulnerability
5572| [74045] NTP 'ntp-keygen.c' Predictable Random Number Generator Weakness
5573| [71762] NTP 'ntp-keygen.c' Predictable Random Number Generator Weakness
5574| [71757] NTP 'ntp_config.c' Insufficient Entropy Security Weakness
5575| [10980] Microsoft NTP Time Synchronization Spoof Weakness
5576|
5577| IBM X-Force - https://exchange.xforce.ibmcloud.com:
5578| [82317] ownCloud viewer.php and addMountPoint.php cross-site scripting
5579| [52238] Microsoft FrontPage Server Extensions Vital Information Leakage
5580| [36554] Wireshark NTP dissector format string vulnerable Windows version detected
5581| [6730] Microsoft FrontPage Server Extensions Visual Studio RAD Support sub-component buffer overflow
5582| [86041] TRENDnet TEW-812DRU uapply.cgi and setNTP.cgi cross-site request forgery
5583| [82084] IB-NAS5220 and IB-NAS4220-B ntp_name parameter cross-site scripting
5584| [78636] IFOBS regclientprint.jsp cross-site scripting
5585| [76340] MYRE Real Estate Mobile listings.php and agentprofile.php SQL injection
5586| [75403] MYRE Real Estate Mobile listings.php and agentprofile.php SQL injection
5587| [73583] Moodle frontpage security bypass
5588| [70325] Cyrus IMAPd NNTP security bypass
5589| [66589] Linux Kernel eventpoll.c denial of service
5590| [66034] Linux NTP buffer overflow
5591| [65872] Linux Kernel eventpoll.c denial of service
5592| [62765] Plesk Small Business Manager currentPageId SQL injection
5593| [60481] IBM FileNet Content Manager InheritParentPermissions security bypass
5594| [59090] Opera news:// and nntp:// URI denial of service
5595| [59088] Microsoft Internet Explorer nntp:// URIs denial of service
5596| [59086] Mozilla Firefox news:// and nntp:// URI denial of service
5597| [58364] HP LoadRunner Agent magentproc.exe code execution
5598| [57822] Magneto Software SntpGetReply buffer overflow
5599| [54650] NTP mode7 (MODE_PRIVATE) denial of service
5600| [53675] XLink Omni-NFS Enterprise ntpd.exe buffer overflow
5601| [53663] Xerver currentPath directory traversal
5602| [53662] Xerver currentPath cross-site scripting
5603| [53455] Cisco IOS NTPv4 denial of service
5604| [52468] TGS Content Management index.php and frontpage_ception.php SQL injection
5605| [52237] Microsoft FrontPage Server Extensions To Do List Found
5606| [52236] Microsoft FrontPage Server Extensions Machine Name Disclosure
5607| [52235] Microsoft FrontPage Configuration Information Leakage
5608| [52234] Microsoft FrontPage '_vti_cnf' Information Leakage
5609| [50617] NTP ntpd buffer overflow
5610| [50258] Drupal frontpage forms information disclosure
5611| [49838] NTP cookedprint() buffer overflow
5612| [48023] Windows NTP Time Server Syslog Monitor syslog message denial of service
5613| [47773] Goople CMS frontpage.php SQL injection
5614| [47244] Adobe AIR and Adobe Flash Player DefineConstantPool information disclosure
5615| [46174] ThemeSiteScript frontpage_right.php file include
5616| [44940] devalcms currentpath parameter cross-site scripting
5617| [43910] Filesys::SmbClientParser directory command execution
5618| [43418] Avaya Messaging Storage Server date, time and NTP server command execution
5619| [41538] Perlbal ClientProxy.pm denial of service
5620| [41181] tutorials module for XOOPS printpage.php and index.php SQL injection
5621| [40129] Leafnode fetchnews NNTP client denial of service
5622| [39414] WordPress XMLRPC metaWeblog.getRecentPosts function informaiton disclosure
5623| [39266] phpAutoVideo frontpage_right.php file include
5624| [39228] Arcadem LE frontpage_right.php file include
5625| [36811] Microsoft Outlook Express and Windows Mail NNTP response code execution
5626| [34720] Microsoft FrontPage Personal Web Server CERN Image Map Dispatcher buffer overflow
5627| [34719] Microsoft FrontPage CERN Image Map Dispatcher information disclosure
5628| [33124] Squid clientProcessRequest() function denial of service
5629| [32247] RHSA-2006:0393 updates for ntp not installed
5630| [32076] Microsoft Frontpage Extensions directory /_vti_pvt/ present
5631| [31553] Uberghey CMS frontpage.php file include
5632| [29337] Travelsized CMS frontpage.php file include
5633| [28271] phNNTP article-raw.php file include
5634| [27828] Wireshark (Ethereal) NTP dissector format string
5635| [25965] @1 Event Publisher eventpublisher.txt information disclosure
5636| [25537] Microsoft FrontPage Server Extensions HTML cross-site scripting
5637| [22748] Hitachi OpenTP1 denial of service
5638| [22035] NTP incorrect group permissions
5639| [21537] Microsoft FrontPage style tag denial of service
5640| [20830] Microsoft Outlook Express NNTP Response Parsing buffer overflow
5641| [20283] MetaCart e-Shop intProdID and intCatalogID parameters SQL injection
5642| [19186] newsfetch NNTP responses buffer overflow
5643| [18711] Mozilla NNTP buffer overflow
5644| [17739] Microsoft FrontPage and Internet Explorer asycpict.dll JPEG denial of service
5645| [17641] Microsoft Windows NNTP buffer overflow
5646| [15406] NTP integer buffer overflow
5647| [13680] Microsoft FrontPage Server Extensions SmartHTML Interpreter denial of service
5648| [13674] Microsoft FrontPage Server Extensions debug buffer overflow
5649| [11873] Microsoft Internet Explorer, Outlook, and FrontPage shlwapi.dll library denial of service
5650| [10942] Leafnode NNTP server denial of service
5651| [10836] HP-UX xntpd denial of service
5652| [10195] Microsoft FrontPage Server Extensions (FPSE) 2002 SmartHTML Interpreter buffer overflow
5653| [10194] Microsoft FrontPage Server Extensions (FPSE) 2000 SmartHTML Interpreter denial of service
5654| [9583] newsx NNTP client syslog() local format string
5655| [9491] nn NNTP error message format string
5656| [9270] slurp NNTP client syslog() format string
5657| [9226] mnews NNTP response remote buffer overflow
5658| [8800] Microsoft IIS FrontPage Server Extensions and ASP.NET ISAPI filter error handling denial of service
5659| [8733] SNTP time broadcast audit
5660| [8517] NNTP port probe
5661| [8513] SNTP malformed packet
5662| [8411] NTP servers from which the router obtains time are set
5663| [8410] NTP server is enabled on the router
5664| [8400] Apache HTTP Server mod_frontpage buffer overflows
5665| [8362] Microsoft FrontPage form_results.txt is world readable
5666| [7951] Shell metacharacters in NNTP fields
5667| [7795] Microsoft FrontPage Server Extensions (FPSE) "
5668| [7788] Microsoft FrontPage Server Extensions (FPSE) "
5669| [7749] PHP Rocket Add-in for FrontPage "
5670| [7710] NNTP Subject
5671| [6977] Microsoft Windows NT and 2000 NNTP memory leak denial of service
5672| [6735] Scotty ntping buffer overflow could allow the execution of arbitrary code
5673| [6321] Ntpd server readvar control message buffer overflow
5674| [5494] Microsoft FrontPage 98 Server Extensions fpcount.exe CGI can be remotely crashed
5675| [5124] Microsoft FrontPage Server Extensions device name denial of service
5676| [4899] Microsoft FrontPage Extensions shtml.dll multiple access denial of service
5677| [4484] Microsoft FrontPage Server Extensions image mapping components allow remote code execution
5678| [4439] Microsoft FrontPage Server Extensions"
5679| [4410] CASSANDRA NNTP server buffer overflow
5680| [4333] Microsoft FrontPage 98 Server Extensions DVWSSR.DLL file buffer overflow
5681| [4268] Microsoft FrontPage 98 Server Extensions DVWSSR.DLL file could allow remote ASP source retrieval
5682| [3393] Microsoft FrontPage Extensions authors.pwd file could reveal encrypted passwords
5683| [3391] Microsoft FrontPage Extensions service.pwd file could reveal encrypted passwords
5684| [3178] Exchange NNTP server unauthenticated command
5685| [3174] Exchange NNTP server dropped connection
5686| [3117] Microsoft FrontPage long URL buffer overflow
5687| [1223] Microsoft Exchange Server SMTP and NNTP denial of service
5688| [908] Microsoft FrontPage extensions under Unix create world readable password files
5689| [670] NNTP username
5690| [669] NNTP password
5691| [668] NNTP group
5692| [561] Microsoft FrontPage 1.1 allows users to write to executable directories
5693| [438] NNTP daemon
5694| [89] NNTP reading
5695| [88] NNTP posting
5696|
5697| Exploit-DB - https://www.exploit-db.com:
5698| [27620] Microsoft FrontPage Server Extensions Cross-Site Scripting Vulnerability
5699| [25536] MetaCart E-Shop V-8 IntProdID Parameter Remote SQL Injection Vulnerability
5700| [25199] YaBB 2.0 - Remote UsersRecentPosts Cross-Site Scripting Vulnerability
5701| [22124] EType EServ 1.9x NNTP Remote Denial of Service Vulnerability
5702| [20960] Juergen Schoenwaelder scotty 2.1.x ntping Buffer Overflow Vulnerability
5703| [20727] Ntpd Remote Buffer Overflow Vulnerability
5704| [19897] FrontPage 2000,IIS 4.0/5.0 Server Extensions Path Disclosure Vulnerability
5705| [19884] Atrium Software Cassandra NNTP Server 1.10 Buffer Overflow Vulnerability
5706| [19846] MS FrontPage 98 Server Extensions for IIS,MS InterDev 1.0 - Buffer Overflow Vulnerability
5707| [19445] Microsoft FrontPage Personal WebServer 1.0 PWS DoS Vulnerability
5708| [16960] Linux NTP query client 4.2.6p1 - Heap Overflow Vulnerability
5709| [5245] XOOPS Module tutorials (printpage.php) SQL Injection Vulnerability
5710| [3147] Uberghey 0.3.1 (frontpage.php) Remote File Include Vulnerability
5711| [2148] phNNTP <= 1.3 (article-raw.php) Remote File Include Vulnerability
5712| [28809] HP LoadRunner magentproc.exe Overflow
5713| [27894] obotix IP Camera M1 1.9.4 .7/M10 2.0.5 .2 eventplayer get_image_info_abspath Parameter XSS
5714| [24379] Merak Mail Server 7.4.5 attachment.html attachmentpage_text_error Parameter XSS
5715| [19877] FrontPage 98/Personal WebServer 1.0,Personal Web Server 2.0 htimage.exe File Existence Disclosure
5716| [19853] FrontPage 97/98 Server Image Mapper Buffer Overflow
5717| [19845] MS FrontPage 98 Server Extensions for IIS,MS InterDev 1.0 Filename Obfuscation
5718| [19753] ms frontpage personal webserver 1.0/personal web server 4.0 - Directory Traversal
5719| [19605] Linux Kernel fs/eventpoll.c Local Denial of Service
5720| [16379] Microsoft Outlook Express NNTP Response Parsing Buffer Overflow
5721| [16356] Microsoft IIS ISAPI FrontPage fp30reg.dll Chunked Overflow
5722| [16285] NTP daemon readvar Buffer Overflow
5723| [15838] OpenClassifieds 1.7.0.3 Chained: Captcha Bypass->SQLi->Persistent XSS on Frontpage
5724| [12204] MagnetoSoft SNTP 4.0.0.7 - ActiveX SntpSendRequest Crash PoC
5725| [12203] MagnetoSoft SNTP 4.0.0.7 - ActiveX SntpGetReply BOF
5726| [9940] ntpd 4.0.99j-k readvar Buffer Overflow
5727| [7683] Goople <= 1.8.2 (frontpage.php) Blind SQL Injection Exploit
5728| [2471] Travelsized CMS <= 0.4 (frontpage.php) Remote File Include Exploit
5729| [1066] MS Outlook Express NNTP Buffer Overflow Exploit (MS05-030)
5730| [578] MS Windows NNTP Service (XPAT) Denial of Service Exploit (MS04-036)
5731| [121] MS Frontpage Server Extensions fp30reg.dll Exploit (MS03-051)
5732|
5733| OpenVAS (Nessus) - http://www.openvas.org:
5734| [902839] Microsoft FrontPage Server Extensions MS-DOS Device Name DoS Vulnerability
5735| [900652] NTP 'ntpd' Autokey Stack Overflow Vulnerability
5736| [900623] NTP Stack Buffer Overflow Vulnerability
5737| [801713] Microsoft Outlook Express And Windows Mail NNTP Protocol Heap Buffer Overflow Vulnerability (941202)
5738| [800408] NTP EVP_VerifyFinal() Security Bypass Vulnerability
5739| [800407] NTP Version Detection (Linux)
5740| [100399] NTP mode 7 MODE_PRIVATE Packet Remote Denial of Service Vulnerability
5741| [56769] FreeBSD Ports: frontpage -- cross site scripting vulnerability
5742| [10884] NTP read variables
5743| [880846] CentOS Update for ntp CESA-2009:1648 centos4 i386
5744| [880814] CentOS Update for ntp CESA-2009:0046 centos5 i386
5745| [880810] CentOS Update for ntp CESA-2009:1648 centos5 i386
5746| [880762] CentOS Update for ntp CESA-2009:1039 centos5 i386
5747| [880690] CentOS Update for ntp CESA-2009:1651 centos3 i386
5748| [855775] Solaris Update for usr/sbin/ntpq 141396-01
5749| [855676] Solaris Update for ntpq 141911-01
5750| [855649] Solaris Update for ntpq 141910-01
5751| [855628] Solaris Update for usr/sbin/ntpq 141397-01
5752| [855247] Solaris Update for /usr/lib/inet/xntpd and /usr/sbin/ntpdate 109668-07
5753| [855010] Solaris Update for /usr/lib/inet/xntpd and /usr/sbin/ntpdate 109667-07
5754| [835252] HP-UX Update for XNTP HPSBUX02639
5755| [835204] HP-UX Update for XNTP HPSBUX02437
5756| [835161] HP-UX Update for xntpd HPSBUX00232
5757| [835070] HP-UX Update for xntpd(1M) HPSBUX00148
5758| [100608] Windows NT NNTP Component Buffer Overflow
5759| [66662] FreeBSD Security Advisory (FreeBSD-SA-10:02.ntpd.asc)
5760| [66639] Gentoo Security Advisory GLSA 201001-01 (ntp)
5761| [66527] CentOS Security Advisory CESA-2009:1648 (ntp)
5762| [66526] CentOS Security Advisory CESA-2009:1651 (ntp)
5763| [66519] Slackware Advisory SSA:2009-343-01 ntp
5764| [66515] Debian Security Advisory DSA 1948-1 (ntp)
5765| [66511] Fedora Core 10 FEDORA-2009-13121 (ntp)
5766| [66507] Fedora Core 11 FEDORA-2009-13090 (ntp)
5767| [66501] Fedora Core 12 FEDORA-2009-13046 (ntp)
5768| [66368] Mandriva Security Advisory MDVSA-2009:309 (ntp)
5769| [65948] SLES10: Security update for xntp
5770| [65773] SLES10: Security update for xntp
5771| [65666] SLES11: Security update for ntp
5772| [65606] SLES9: Security update for xntp
5773| [65578] SLES9: Security update for xntp
5774| [65238] SLES9: Security update for xntp, xntp-doc
5775| [64225] Fedora Core 11 FEDORA-2009-5674 (ntp)
5776| [64207] FreeBSD Security Advisory (FreeBSD-SA-09:11.ntpd.asc)
5777| [64146] Ubuntu USN-777-1 (ntp)
5778| [64128] Mandrake Security Advisory MDVSA-2009:117 (ntp)
5779| [64116] Slackware Advisory SSA:2009-154-01 ntp
5780| [64114] Gentoo Security Advisory GLSA 200905-08 (ntp)
5781| [64098] Fedora Core 9 FEDORA-2009-5275 (ntp)
5782| [64095] Fedora Core 10 FEDORA-2009-5273 (ntp)
5783| [64050] CentOS Security Advisory CESA-2009:1039 (ntp)
5784| [64046] FreeBSD Ports: ntp
5785| [64032] Debian Security Advisory DSA 1801-1 (ntp)
5786| [63770] Mandrake Security Advisory MDVSA-2009:092 (ntp)
5787| [63743] Gentoo Security Advisory GLSA 200904-05 (ntp)
5788| [63343] CentOS Security Advisory CESA-2009:0046 (ntp)
5789| [63267] Fedora Core 10 FEDORA-2009-0544 (ntp)
5790| [63266] Fedora Core 9 FEDORA-2009-0547 (ntp)
5791| [63242] FreeBSD Security Advisory (FreeBSD-SA-09:03.ntpd.asc)
5792| [63230] Slackware Advisory SSA:2009-014-03 ntp
5793| [63194] Mandrake Security Advisory MDVSA-2009:007 (ntp)
5794| [63163] Ubuntu USN-705-1 (ntp)
5795| [63149] Debian Security Advisory DSA 1702-1 (ntp)
5796| [55233] Debian Security Advisory DSA 801-1 (ntp)
5797| [53863] Debian Security Advisory DSA 045-1 (ntp)
5798| [52235] mozilla -- heap overflow in NNTP handler
5799| [17229] NNTP password overflow
5800| [17228] NNTP message headers overflow
5801| [14773] Identifies services like FTP, SMTP, NNTP...
5802| [10699] IIS FrontPage DoS II
5803| [10585] IIS FrontPage DoS
5804|
5805| SecurityTracker - https://www.securitytracker.com:
5806| [1021533] NTP Signature Validation Flaw Lets Remote Users Bypass Validation Checks
5807| [1015896] Microsoft FrontPage Server Extensions Input Validation Holes Permit Cross-Site Scripting Attacks
5808| [1013420] YaBB Input Validation Error in 'usersrecentposts' Lets Remote Users Conduct Cross-Site Scripting Attacks
5809| [1011762] cPanel Backup and FrontPage Management Bugs Let Remote Authenticated Users View, Edit, and Own Arbitrary Files
5810| [1001816] Microsoft Visual Studio RAD Support Component of FrontPage Lets Remote Users Execute Arbitrary Code on the FrontPage Server
5811| [1026143] Cyrus IMAP Server NNTP Service Lets Remote Users Bypass Authentication
5812| [1026031] Cyrus IMAP Server Buffer Overflow in NNTP Daemon Lets Remote Users Execute Arbitrary Code
5813| [1024934] Subversion SVNParentPath Collection Processing Error Lets Remote Users Execute Arbitrary Code
5814| [1023298] NTP Mode 7 Packet Processing Flaw Lets Remote Users Deny Service
5815| [1022930] Cisco IOS H.323, SIP, NTP, Tunneling, and Encrypted Packet Processing Flaws Let Remote Users Deny Service
5816| [1022243] ntp crypto_recv() Autokey Stack Overflow Lets Remote Users Execute Arbitrary Code
5817| [1022033] ntp Buffer Overflow in ntpq cookedprint() Lets Remote Users Execute Arbitrary Code
5818| [1018786] Microsoft Outlook Express Bug in Processing NNTP Responses Lets Remote Users Execute Arbitrary Code
5819| [1018785] Windows Mail Bug in Parsing NNTP Responses Lets Remote Users Execute Arbitrary Code
5820| [1016679] xntpd '-u' Switch May Cause the Daemon to Run With Incorrect Group Privileges
5821| [1016668] phNNTP Include File Flaw in 'file_newsportal' Parameter Lets Remote Users Execute Arbitrary Code
5822| [1015065] Lynx Buffer Overflow in HTrjis() in Processing NNTP Headers Lets Remote Users Execute Arbitrary Code
5823| [1014200] Microsoft Outlook Express Buffer Overflow in NNTP Response Parser Lets Remote Users Execute Arbitrary Code
5824| [1012726] Mozilla Buffer Overflow in Processing NNTP URLs Lets Remote Users Execute Arbitrary Code
5825| [1011631] Microsoft NNTP Buffer Overflow Lets Remote Users Execute Arbitrary Code With SYSTEM Privileges
5826| [1011250] Microsoft FrontPage Buffer Overflow in WordPerfect Converter Lets Remote Users Execute Arbitrary Code
5827| [1009336] Network Time Protocol (NTP) Server Integer Overflow May Return the Incorrect Time
5828| [1008147] Microsoft FrontPage Server Extensions Buffer Overflow May Let Remote Users Execute Arbitrary Code
5829| [1005865] Leafnode NNTP News Server Lets Remote Users Deny Service
5830| [1005786] Xntpd Time Daemon on HP-UX May Crash or Degrade
5831| [1005287] Microsoft FrontPage Server Extensions SmartHTML Interpreter Bugs May Let Remote Users Execute Arbitrary Code with System Privileges
5832| [1004266] Cisco BTS 10200 Softswitch Underlying Operating System Contains Network Time Daemon (NTP) Buffer Overflow That May Allow a Remote User to Crash the Device or Execute Arbitrary Code
5833| [1004265] Cisco IP Manager Underlying Operating System Contains Network Time Daemon (NTP) Buffer Overflow That May Allow a Remote User to Crash the Device or Execute Arbitrary Code
5834| [1004264] Cisco Media Gateway Controller (MGC) Product Line Underlying Operating System Contains Network Time Daemon (NTP) Buffer Overflow That May Allow a Remote User to Crash the Device
5835| [1004244] Cisco IOS Systems Contain Network Time Daemon (NTP) Buffer Overflow That May Allow a Remote User to Crash the Device
5836| [1003767] 'mod_frontpage' Module for Apache Web Server Has Buffer Overlow in 'fpexec.c' That Allows Remote Users to Execute Arbitrary Code on the System with Root Privileges
5837| [1003071] PHP Rocket Add-in for FrontPage Discloses Files on the Server to Remote Users
5838| [1002197] Microsoft Windows NNTP Network News Service Has a Memory Leak That Allows Remote Users to Cause the Server to Crash
5839| [1001770] Scotty Tcl Interpreter's ntping Utility Lets Local Users Obtain Root Privileges
5840| [1001237] The Network Time Protocol Daemon (ntpd) Allows Remote Users to Execute Arbitrary Code on the Server - Typically to Gain Root Privileges on the Server
5841|
5842| OSVDB - http://www.osvdb.org:
5843| [52917] Adobe Flash Player ActionScript 2 VM DefineConstantPool Action Crafted PDF File Handling Memory Disclosure
5844| [37179] Free Image Hosting frontpage.php AD_BODY_TEMP Variable Remote
5845| [31138] SolidState ViewAccountPage.class.php base_path Parameter Remote File Inclusion
5846| [30764] ClickGallery view_recent.asp currentpage Parameter SQL Injection
5847| [26417] ClickGallery view_gallery.asp parentcurrentpage Parameter XSS
5848| [3383] Microsoft FrontPage Server Extensions imagemap.exe File Verification
5849| [805] NTP ntpd readvar Variable Remote Overflow
5850| [577] FrontPage Server Extensions Visual Studio RAD Support Overflow
5851| [95804] TRENDnet TEW-812DRU setNTP.cgi Multiple Field Command Injection
5852| [93712] Zavio IP Cameras /opt/cgi/view/param sub_C8C8 Function General.Time.NTP.Server Parameter Remote Command Execution
5853| [92877] Vivotek PT7135 IP Camera farseer.out system.ntp Parameter Remote Command Execution
5854| [91972] GNOME Evolution-Data-Server NNTP Encryption Option Failure Remote Credential Disclosure
5855| [91630] Rosewill RSVA11001 NTP Host Manipulation Remote Command Execution
5856| [91145] Microsoft IE removeChild CHtmlComponentProperty Object Handling Use-after-free Arbitrary Code Execution
5857| [90495] ownCloud /apps/files_external/addMountPoint.php mountpoint Parameter XSS
5858| [90267] Evolution NNTP STARTTLS Encryption Regression Remote Cleartext Credential Disclosure
5859| [90219] Raidsonic Multiple Product /cgi/time/time.cgi ntp_name Parameter XSS
5860| [85705] iFOBS ifobsClient/regclientprint.jsp Multiple Parameter XSS
5861| [83687] Linux Kernel fs/eventpoll.c Local DoS
5862| [83643] Knews Multilingual Newsletters Plugin for WordPress wp-content/plugins/knews/wysiwyg/fontpicker/index.php ff Parameter XSS
5863| [81824] MYRE Real Estate Mobile 1_mobile/agentprofile.php userid Parameter SQL Injection
5864| [81644] WebKit XMLDocumentParser::exitText Function XML Parsing Use-after-free Issue
5865| [78467] WebTitan NTP Server (Display) Module Unspecified XSS
5866| [77996] Contentpapst admin.php Multiple Parameter XSS
5867| [77872] Parallels Plesk Small Business Panel Site Editor (SiteBuilder) Feature /Wizard/Edit/Html currentPageId Parameter SQL Injection
5868| [76829] Calibre calibre-mount-helper Utility Arbitrary Directory / Mountpoint Manipulation
5869| [76338] WebKit XMLDocumentParser::insertErrorMessageBlock Use-after-free Issue
5870| [76336] WebKit XMLDocumentParser::endElementNs / XMLDocumentParser::parseEndElement Use-after-free Issue
5871| [76057] Cyrus IMAP Server NNTP AUTHINFO USER Command Parsing Authentication Bypass Arbitrary Command Execution
5872| [75307] Cyrus IMAP Server map/nntpd.c split_wildmats() Function NNTP Command Parsing Remote Overflow
5873| [73053] Linux Kernel fs/eventpoll.c epoll Data Structure File Descriptor Local DoS
5874| [70332] Apache Subversion Apache HTTP Server mod_dav_svn repos.c walk FunctionSVNParentPath Collection Remote DoS
5875| [69870] Lantern CMS 11-login.asp intPassedLocationID Parameter XSS
5876| [66859] Adobe Reader / Acrobat CoolType.dll maxp Table maxComponentPoints Field Font Handling Overflow
5877| [66448] IBM FileNet Content Manager InheritParentPermissions Security Inheritance Weakness
5878| [66268] InstantPhp Jobs Component for Joomla! index.php detailed_results Parameter SQL Injection
5879| [65465] WMS-CMS printpage.asp Multiple Parameter SQL Injection
5880| [65111] Opera Invalid news / nntp URI IFRAME Element Handling Remote DoS
5881| [65110] Microsoft IE Invalid news / nntp URI IFRAME Element Handling Remote DoS
5882| [65109] Mozilla Firefox Invalid news / nntp URI IFRAME Element Handling Remote DoS
5883| [64437] HP Mercury LoadRunner Agent magentproc.exe Remote Arbitrary Code Execution
5884| [63620] Mozilla Multiple Products XMLDocument::load Function nsIContentPolicy Check Restriction Bypass
5885| [63472] Apple Safari on Mac OS X libFontParser.dylib TType1ParsingContext::SpecialEncoding() Function Arbitrary Code Execution (PWN2OWN)
5886| [62909] ncpfs ncpumount sutil/ncpumount.c Mountpoint Name Local File Disclosure
5887| [60847] NTP ntpd Mode 7 Request Crafted Packet Reply Loop Remote DoS
5888| [60827] e107 e107_admin/frontpage.php Unspecified Parameter XSS
5889| [60349] Etype EServ NNTP Service Large Request Remote DoS
5890| [60142] HP-UX xntpd Unspecified Remote DoS
5891| [58758] Apache River GrantPermission Policy Manipulation Privilege Escalation
5892| [58645] Xerver HTTP Server chooseDirectory Action currentPath Parameter XSS
5893| [58644] Xerver HTTP Server chooseDirectory Action currentPath Parameter Traversal Arbitrary File Access
5894| [58342] Cisco IOS Network Time Protocol (NTP) Crafted Packet Remote DoS
5895| [57478] TGS Content Management cms/frontpage_ception.ph Multiple Parameter SQL Injection
5896| [56015] NTP on Windows SO_EXCLUSIVEADDRUSE Unspecified Issue
5897| [56014] NTP EVP_VerifyFinal() Check Unspecified Issue
5898| [54576] NTP ntpd/ntp_crypto.c crypto_recv() Function Remote Overflow
5899| [54294] eFront studentpage.php / professorpage.php File Upload Arbitrary Code Execution
5900| [53593] NTP ntpq/ntpq.c cookedprint() Function Remote Overflow
5901| [51244] Goople CMS frontpage.php Multiple Parameter SQL Injection
5902| [50015] Easyedit CMS news.php intPageID Parameter SQL Injection
5903| [50014] Easyedit CMS page.php intPageID Parameter SQL Injection
5904| [49921] vBulletin admincp/attachmentpermission.php extension Parameter SQL Injection
5905| [49856] ThemeSiteScript upload/admin/frontpage_right.php loadadminpage Parameter Remote File Inclusion
5906| [47971] DevalCMS index.php currentpath Parameter XSS
5907| [47502] Perl Filesys::SmbClientParser Folder Name Arbitrary Shell Command Injection
5908| [47001] Linux Kernel fs/namespace.c do_change_type Function Mountpoint Manipulation Local Privilege Escalation
5909| [46124] DesktopOnNet frontpage.don3app/frontpage.php app_path Parameter Remote File Inclusion
5910| [45449] ACT P202S IP Phone Hardcoded NTP Server IP Time Subversion
5911| [43913] Perlbal lib/Perlbal/ClientProxy.pm Chunked Upload File Upload Handling Overflow DoS
5912| [42913] Hosting Controller UNINSTAL.asp Crafted Host Header Arbitrary Site Frontpage Extension Manipulation
5913| [42876] Tutorials Module for XOOPS printpage.php tid Parameter SQL Injection
5914| [42058] Microsoft FrontPage CERN Image Map Dispatcher (htimage.exe) Arbitrary File Information Disclosure
5915| [39802] Arcadem LE frontpage_right.php loadadminpage Parameter Remote File Inclusion
5916| [39617] phpAutoVideo admin/frontpage_right.php loadadminpage Parameter Remote File Inclusion
5917| [37631] Microsoft Windows Malformed NNTP Response Remote Memory Corruption
5918| [34367] Squid src/client_side.c clientProcessRequest() function TRACE Request DoS
5919| [33553] Uberghey CMS frontpage.php setup_folder Parameter Remote File Inclusion
5920| [32987] Movable Type MTCommentPreviewIsStatic Tag XSS
5921| [32962] Hitachi OpenTP1 Invalid Data DoS
5922| [31200] SolidState DeleteAccountPage.class.php base_path Parameter Remote File Inclusion
5923| [31193] SolidState BillingPaymentPage.class.php base_path Parameter Remote File Inclusion
5924| [31187] SolidState AddPaymentPage.class.php base_path Parameter Remote File Inclusion
5925| [31119] SolidState NewAccountPage.class.php base_path Parameter Remote File Inclusion
5926| [31104] SolidState EditAccountPage.class.php base_path Parameter Remote File Inclusion
5927| [31103] SolidState EditPaymentPage.class.php base_path Parameter Remote File Inclusion
5928| [30763] ClickGallery gallery.asp currentpage Parameter SQL Injection
5929| [29490] Travelsized CMS frontpage.php setup_folder Parameter Remote File Inclusion
5930| [29098] TSEP printpagedetails.php tsep_config[absPath] Parameter Remote File Inclusion
5931| [28355] Joomla! Frontpage Content Submission Unspecified Injection
5932| [28260] Microsoft IIS FrontPage Server Extensions (FPSE) shtml.exe Path Disclosure
5933| [28093] contentpublisher for Mambo contentpublisher.php mosConfig_absolute_path Parameter Remote File Inclusion
5934| [27856] phNNTP article-raw.php file_newsportal Parameter Remote File Inclusion
5935| [27369] Wireshark NTP Dissector Format String Flaw
5936| [25761] Microsoft Windows NTDLL.DLL RtlDosPathNameToNtPathName_U API Path Conversion Weakness
5937| [25623] Mobotix IP Network Camera eventplayer get_image_info_abspath Parameter XSS
5938| [24674] Mozilla Multiple Products XPCWrappedNativeScope::SystemIsBeingShutDown compareDocumentPosition Handling Memory Corruption
5939| [24518] Microsoft FrontPage Server Extensions fpadmdll.dll Multiple Parameter XSS
5940| [24237] @1 Event Publisher eventpublisher.txt Direct Request Private Comment Disclosure
5941| [24236] @1 Event Publisher eventpublisher_usersubmit.htm Multiple Parameter XSS
5942| [24235] @1 Event Publisher eventpublisher_admin.htm Multiple Parameter XSS
5943| [22822] Linux Kernel mq_open System Call mntput Function Local DoS
5944| [21038] FUSE fusermount Crafted Mountpoint mtab Corruption DoS
5945| [20143] lmtp2nntp l2_spec() Function Format String
5946| [20142] lmtp2nntp lib_cfg Function Unspecified Issue
5947| [20019] Lynx NNTP HTrjis() Function Remote Overflow
5948| [19428] IBM Lotus Domino CitiPayPro.nsf SubPaymentProcessingFS Src Parameter XSS
5949| [19419] Turquoise SuperStat Date Parser Crafted NNTP Server Response Overflow
5950| [19055] NTP ntpd -u Group Permission Weakness
5951| [17306] Microsoft Outlook Express NNTP LIST Command Remote Overflow
5952| [15975] NTP ntpd Date/Time Request Remote Overflow
5953| [15870] MetaCart product.asp intProdID Parameter SQL Injection
5954| [15596] Oracle Collaboration Suite Email Server Unspecified NNTP DoS
5955| [14827] YaBB2 YaBB.pl usersrecentposts Action username Parameter XSS
5956| [14456] Slurp NNTP Client log_doit Function Format String
5957| [14410] mod_frontpage for Apache HTTP Server fpexec Remote Overflow
5958| [13353] newsfetch NNTP Response Handling Overflow DoS
5959| [12637] Mozilla nsNNTPProtocol.cpp NNTP news:// URI Handling Overflow DoS
5960| [10962] cPanel Frontpage _private Symlink Arbitrary File Permission Modification
5961| [10961] cPanel Frontpage .htaccess Hardlink Arbitrary File Owernship Modification
5962| [10895] Microsoft FrontPage asycpict.dll JPEG Processing DoS
5963| [10697] Microsoft Windows/Exchange NNTP Component Remote Overflow
5964| [10246] Microsoft Exchange Server Malformed NNTP AUTHINFO DoS
5965| [9040] IceWarp WebMail attachment.html attachmentpage_text_error Parameter XSS
5966| [4345] Mnews NNTP Response Remote Overflow
5967| [3968] Microsoft FrontPage Personal Web Server Arbitrary File Access
5968| [3501] Microsoft FrontPage form_results Information Disclosure
5969| [3386] Microsoft FrontPage Server Extensions htimage.exe File Existence Enumeration
5970| [3385] Microsoft FrontPage Server Extensions htimage.exe Remote Path Disclosure
5971| [3384] Microsoft FrontPage htimage.exe Overflow
5972| [3382] Microsoft FrontPage Server Extensions imagemap.exe Remote Path Disclosure
5973| [3381] Microsoft FrontPage imagemap.exe Overflow
5974| [3300] Microsoft FrontPage shtml MS-DOS Device Name DoS
5975| [2952] Microsoft FrontPage Server Extensions (fp30reg.dll) Debug Function Chunked Encoded Request Remote Overflow
5976| [2800] Microsoft FrontPage Server Extensions SmartHTML DoS
5977| [2306] Microsoft FrontPage Server Extensions SmartHTML Interpreter shtml.dll DoS
5978| [1928] Microsoft Windows NNTP Malformed Post DoS
5979| [1879] scotty ntping Hostname Handling Local Overflow
5980| [1304] ATRIUM Cassandra NNTP Server Login Name Remote Overflow
5981| [1135] Microsoft Windows NT Print Spooler Service (spoolss.exe) AddPrintProvider() Function Alternate Print Provider Arbitrary Command Execution
5982| [1032] Microsoft FrontPage PWS GET Request Handling Remote DoS
5983| [694] PHP Rocket for FrontPage phprocketaddin page Parameter Traversal Arbitrary File Access
5984| [482] Microsoft IIS FrontPage Server Extensions (FPSE) Malformed Form DoS
5985| [396] Microsoft FrontPage shtml.exe MS-DOS Device Name Request DoS
5986| [307] Microsoft FrontPage 2000 Server Extensions shtml.exe Path Disclosure
5987| [282] Microsoft FrontPage dvwssr.dll Backdoor and Overflow
5988| [68] Microsoft FrontPage Extensions .pwd File Permissions
5989| [67] Microsoft FrontPage Extension shtml.dll Anonymous Account Information Disclosure
5990|_
5991Too many fingerprints match this host to give specific OS details
5992Network Distance: 10 hops
5993
5994TRACEROUTE (using port 123/udp)
5995HOP RTT ADDRESS
59961 130.07 ms 10.230.200.1
59972 ...
59983 131.27 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
59994 130.98 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
60005 136.06 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
60016 132.48 ms be3376.ccr21.sto01.atlas.cogentco.com (130.117.50.226)
60027 132.28 ms level3.sto01.atlas.cogentco.com (130.117.14.6)
60038 161.08 ms ae-1-3107.edge6.Amsterdam1.Level3.net (4.69.162.214)
60049 ...
600510 167.16 ms no-reverse-dns-configured.com (94.102.49.234)
6006######################################################################################################################################
6007Starting Nmap 7.80 ( https://nmap.org ) at 2019-11-06 19:25 EST
6008NSE: [mysql-brute] usernames: Time limit 10m00s exceeded.
6009NSE: [mysql-brute] usernames: Time limit 10m00s exceeded.
6010NSE: [mysql-brute] passwords: Time limit 10m00s exceeded.
6011Nmap scan report for two-elfs.com (94.102.49.234)
6012Host is up (0.16s latency).
6013rDNS record for 94.102.49.234: no-reverse-dns-configured.com
6014
6015PORT STATE SERVICE VERSION
60163306/tcp open mysql MySQL 5.0.77
6017| mysql-brute:
6018| Accounts: No valid accounts found
6019|_ Statistics: Performed 20676 guesses in 600 seconds, average tps: 34.2
6020| mysql-enum:
6021| Accounts: No valid accounts found
6022|_ Statistics: Performed 10 guesses in 3 seconds, average tps: 3.3
6023| mysql-info:
6024| Protocol: 10
6025| Version: 5.0.77
6026| Thread ID: 58707
6027| Capabilities flags: 41516
6028| Some Capabilities: Support41Auth, LongColumnFlag, SupportsTransactions, Speaks41ProtocolNew, ConnectWithDatabase, SupportsCompression
6029| Status: Autocommit
6030|_ Salt: ,gEb@Th/Nz?hpz3,#jni
6031| vulners:
6032| cpe:/a:mysql:mysql:5.0.77:
6033| CVE-2009-2446 8.5 https://vulners.com/cve/CVE-2009-2446
6034| CVE-2009-5026 6.8 https://vulners.com/cve/CVE-2009-5026
6035| CVE-2009-4028 6.8 https://vulners.com/cve/CVE-2009-4028
6036| CVE-2010-1848 6.5 https://vulners.com/cve/CVE-2010-1848
6037| CVE-2010-1850 6.0 https://vulners.com/cve/CVE-2010-1850
6038| CVE-2008-7247 6.0 https://vulners.com/cve/CVE-2008-7247
6039| CVE-2010-3833 5.0 https://vulners.com/cve/CVE-2010-3833
6040| CVE-2010-1849 5.0 https://vulners.com/cve/CVE-2010-1849
6041| CVE-2012-0490 4.0 https://vulners.com/cve/CVE-2012-0490
6042| CVE-2012-0484 4.0 https://vulners.com/cve/CVE-2012-0484
6043| CVE-2012-0102 4.0 https://vulners.com/cve/CVE-2012-0102
6044| CVE-2012-0101 4.0 https://vulners.com/cve/CVE-2012-0101
6045| CVE-2012-0087 4.0 https://vulners.com/cve/CVE-2012-0087
6046| CVE-2010-3838 4.0 https://vulners.com/cve/CVE-2010-3838
6047| CVE-2010-3837 4.0 https://vulners.com/cve/CVE-2010-3837
6048| CVE-2010-3836 4.0 https://vulners.com/cve/CVE-2010-3836
6049| CVE-2010-3834 4.0 https://vulners.com/cve/CVE-2010-3834
6050| CVE-2010-3682 4.0 https://vulners.com/cve/CVE-2010-3682
6051| CVE-2010-3677 4.0 https://vulners.com/cve/CVE-2010-3677
6052| CVE-2009-4019 4.0 https://vulners.com/cve/CVE-2009-4019
6053| CVE-2010-1626 3.6 https://vulners.com/cve/CVE-2010-1626
6054| CVE-2012-0114 3.0 https://vulners.com/cve/CVE-2012-0114
6055|_ CVE-2012-0075 1.7 https://vulners.com/cve/CVE-2012-0075
6056| vulscan: VulDB - https://vuldb.com:
6057| [5216] Oracle MySQL Server 5.0.x/5.1.x/5.5.x denial of service
6058| [5215] Oracle MySQL Server 5.0.x/5.1.x/5.5.x information disclosure
6059| [5213] Oracle MySQL Server 5.0.x/5.1.x/5.5.x unknown vulnerability
6060| [5212] Oracle MySQL Server 5.0.x/5.1.x denial of service
6061| [5211] Oracle MySQL Server 5.0.x/5.1.x denial of service
6062| [5210] Oracle MySQL Server 5.0.x/5.1.x denial of service
6063| [53483] MySQL up to 5.0.0.0 memory corruption
6064| [53482] MySQL up to 5.0.0.0 my_net_skip_rest denial of service
6065| [53481] MySQL up to 5.0.0.0 directory traversal
6066| [51369] mysql 5.0.51a CertDecoder::GetName memory corruption
6067| [50960] MySQL up to 5.0.0.0 Access Restriction Symlink privilege escalation
6068| [44358] MySQL up to 5.0.67 cross site scripting
6069| [44075] MySQL 5.0.51a Create Table Symlink privilege escalation
6070| [37818] MySQL Community Server up to 5.0.40 denial of service
6071| [37816] MySQL Community Server up to 5.0.40 Crash denial of service
6072| [36700] MySQL up to 5.0.39 item_cmpfunc.cc in_decimal::set denial of service
6073| [37817] MySQL Community Server up to 5.0.40 Create Table information disclosure
6074| [34223] MySQL 5.0.30/5.1.13 sql_select.cc denial of service
6075|
6076| MITRE CVE - https://cve.mitre.org:
6077| [CVE-2011-1906] Trustwave WebDefend Enterprise before 5.0 7.01.903-1.4 stores specific user-account credentials in a MySQL database, which makes it easier for remote attackers to read the event collection table via requests to the management port, a different vulnerability than CVE-2011-0756.
6078| [CVE-2005-2573] The mysql_create_function function in sql_udf.cc for MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta, when running on Windows, uses an incomplete blacklist in a directory traversal check, which allows attackers to include arbitrary files via the backslash (\) character.
6079| [CVE-2005-2558] Stack-based buffer overflow in the init_syms function in MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta allows remote authenticated users who can create user-defined functions to execute arbitrary code via a long function_name field.
6080| [CVE-2012-4452] MySQL 5.0.88, and possibly other versions and platforms, allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of a CVE-2009-4030 regression, which was not omitted in other packages and versions such as MySQL 5.0.95 in Red Hat Enterprise Linux 6.
6081| [CVE-2012-0490] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect availability via unknown vectors.
6082| [CVE-2012-0484] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect confidentiality via unknown vectors.
6083| [CVE-2012-0114] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows local users to affect confidentiality and integrity via unknown vectors.
6084| [CVE-2012-0102] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0087 and CVE-2012-0101.
6085| [CVE-2012-0101] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0087 and CVE-2012-0102.
6086| [CVE-2012-0087] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0101 and CVE-2012-0102.
6087| [CVE-2012-0075] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect integrity via unknown vectors.
6088| [CVE-2010-3838] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments, which is not properly handled when the function's result is "processed using an intermediate temporary table."
6089| [CVE-2010-3837] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier, probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.
6090| [CVE-2010-3836] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view preparation, pre-evaluation of LIKE predicates, and IN Optimizers.
6091| [CVE-2010-3834] Unspecified vulnerability in MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via vectors related to "materializing a derived table that required a temporary table for grouping" and "user variable assignments."
6092| [CVE-2010-3833] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not properly propagate type errors, which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST, related to KILL_BAD_DATA and a "CREATE TABLE ... SELECT."
6093| [CVE-2010-3682] Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using EXPLAIN with crafted "SELECT ... UNION ... ORDER BY (SELECT ... WHERE ...)" statements, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store function.
6094| [CVE-2010-3677] Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a join query that uses a table with a unique SET column.
6095| [CVE-2010-1850] Buffer overflow in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to execute arbitrary code via a COM_FIELD_LIST command with a long table name.
6096| [CVE-2010-1849] The my_net_skip_rest function in sql/net_serv.cc in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by sending a large number of packets that exceed the maximum length.
6097| [CVE-2010-1848] Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tables, via a .. (dot dot) in a table name.
6098| [CVE-2009-5026] The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50, when running in certain slave configurations in which the slave is running a newer version than the master, allows remote attackers to execute arbitrary SQL commands via custom comments.
6099| [CVE-2009-4484] Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9, as used in mysqld in MySQL 5.0.x before 5.0.90, MySQL 5.1.x before 5.1.43, MySQL 5.5.x through 5.5.0-m2, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field, as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.
6100| [CVE-2009-4028] The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used, accepts a value of zero for the depth of X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate, as demonstrated by a certificate presented by a server linked against the yaSSL library.
6101| [CVE-2009-4019] mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1) properly handle errors during execution of certain SELECT statements with subqueries, and does not (2) preserve certain null_value flags during execution of statements that use the GeomFromWKB function, which allows remote authenticated users to cause a denial of service (daemon crash) via a crafted statement.
6102| [CVE-2009-2446] Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. NOTE: some of these details are obtained from third party information.
6103| [CVE-2008-7247] sql/sql_table.cc in MySQL 5.0.x through 5.0.88, 5.1.x through 5.1.41, and 6.0 before 6.0.9-alpha, when the data home directory contains a symlink to a different filesystem, allows remote authenticated users to bypass intended access restrictions by calling CREATE TABLE with a (1) DATA DIRECTORY or (2) INDEX DIRECTORY argument referring to a subdirectory that requires following this symlink.
6104| [CVE-2008-4456] Cross-site scripting (XSS) vulnerability in the command-line client in MySQL 5.0.26 through 5.0.45, and other versions including versions later than 5.0.45, when the --html option is enabled, allows attackers to inject arbitrary web script or HTML by placing it in a database cell, which might be accessed by this client when composing an HTML document. NOTE: as of 20081031, the issue has not been fixed in MySQL 5.0.67.
6105| [CVE-2008-4098] MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL home data directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4097.
6106| [CVE-2008-4097] MySQL 5.0.51a allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are associated with symlinks within pathnames for subdirectories of the MySQL home data directory, which are followed when tables are created in the future. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-2079.
6107| [CVE-2008-3963] MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token, aka an empty bit-string literal, which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement.
6108| [CVE-2008-2079] MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future.
6109| [CVE-2007-6304] The federated engine in MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4, when performing a certain SHOW TABLE STATUS query, allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns.
6110| [CVE-2007-6303] MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered, which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement.
6111| [CVE-2007-5969] MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.
6112| [CVE-2007-3782] MySQL Community Server before 5.0.45 allows remote authenticated users to gain update privileges for a table in another database via a view that refers to this external table.
6113| [CVE-2007-3781] MySQL Community Server before 5.0.45 does not require privileges such as SELECT for the source table in a CREATE TABLE LIKE statement, which allows remote authenticated users to obtain sensitive information such as the table structure.
6114| [CVE-2007-3780] MySQL Community Server before 5.0.45 allows remote attackers to cause a denial of service (daemon crash) via a malformed password packet in the connection protocol.
6115| [CVE-2007-2692] The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines, which allows remote authenticated users to gain privileges.
6116| [CVE-2007-2691] MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables.
6117| [CVE-2007-2583] The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5.1 before 5.1.18-beta, allows context-dependent attackers to cause a denial of service (crash) via a crafted IF clause that results in a divide-by-zero error and a NULL pointer dereference.
6118| [CVE-2007-1420] MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performing information_schema table subselects and using ORDER BY to sort a single-row result, which prevents certain structure elements from being initialized and triggers a NULL dereference in the filesort function.
6119| [CVE-2006-7232] sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 allows remote authenticated users to cause a denial of service (crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table, as originally demonstrated using ORDER BY.
6120| [CVE-2006-4227] MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine's definer instead of the routine's caller, which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE.
6121| [CVE-2006-4226] MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions.
6122| [CVE-2006-4031] MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy.
6123| [CVE-2006-3486] ** DISPUTED ** Off-by-one buffer overflow in the Instance_options::complete_initialization function in instance_options.cc in the Instance Manager in MySQL before 5.0.23 and 5.1 before 5.1.12 might allow local users to cause a denial of service (application crash) via unspecified vectors, which triggers the overflow when the convert_dirname function is called. NOTE: the vendor has disputed this issue via e-mail to CVE, saying that it is only exploitable when the user has access to the configuration file or the Instance Manager daemon. Due to intended functionality, this level of access would already allow the user to disrupt program operation, so this does not cross security boundaries and is not a vulnerability.
6124| [CVE-2006-3469] Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April 2006 allows remote authenticated users to cause a denial of service (crash) via a format string instead of a date as the first parameter to the date_format function, which is later used in a formatted print call to display the error message.
6125| [CVE-2006-3081] mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5.1.6 allows remote authorized users to cause a denial of service (crash) via a NULL second argument to the str_to_date function.
6126| [CVE-2006-2753] SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysql_real_escape function is used to escape the input.
6127| [CVE-2006-1518] Buffer overflow in the open_table function in sql_base.cc in MySQL 5.0.x up to 5.0.20 might allow remote attackers to execute arbitrary code via crafted COM_TABLE_DUMP packets with invalid length values.
6128| [CVE-2006-1517] sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an error message.
6129| [CVE-2006-1516] The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read.
6130| [CVE-2006-0903] MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysql_real_query function. NOTE: this issue was originally reported for the mysql_query function, but the vendor states that since mysql_query expects a null character, this is not an issue for mysql_query.
6131| [CVE-2006-0369] ** DISPUTED ** MySQL 5.0.18 allows local users with access to a VIEW to obtain sensitive information via the "SELECT * FROM information_schema.views
6132| [CVE-2005-1636] mysql_install_db in MySQL 4.1.x before 4.1.12 and 5.x up to 5.0.4 creates the mysql_install_db.X file with a predictable filename and insecure permissions, which allows local users to execute arbitrary SQL commands by modifying the file's contents.
6133| [CVE-2005-0004] The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files.
6134| [CVE-2004-0835] MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow attackers to conduct unauthorized activities.
6135| [CVE-2004-0628] Stack-based buffer overflow in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long scramble string.
6136| [CVE-2004-0627] The check_scramble_323 function in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to bypass authentication via a zero-length scrambled string.
6137|
6138| SecurityFocus - https://www.securityfocus.com/bid/:
6139| [37640] MySQL 5.0.51a Unspecified Remote Code Execution Vulnerability
6140|
6141| IBM X-Force - https://exchange.xforce.ibmcloud.com:
6142| [85724] Oracle MySQL Server XA Transactions denial of service
6143| [85723] Oracle MySQL Server Server Replication denial of service
6144| [85722] Oracle MySQL Server InnoDB denial of service
6145| [85721] Oracle MySQL Server Server Privileges unspecified
6146| [85720] Oracle MySQL Server Server Partition denial of service
6147| [85719] Oracle MySQL Server Server Parser denial of service
6148| [85718] Oracle MySQL Server Server Options denial of service
6149| [85717] Oracle MySQL Server Server Options denial of service
6150| [85716] Oracle MySQL Server Server Optimizer denial of service
6151| [85715] Oracle MySQL Server Server Optimizer denial of service
6152| [85714] Oracle MySQL Server Prepared Statements denial of service
6153| [85713] Oracle MySQL Server InnoDB denial of service
6154| [85712] Oracle MySQL Server Full Text Search denial of service
6155| [85711] Oracle MySQL Server Data Manipulation Language denial of service
6156| [85710] Oracle MySQL Server Data Manipulation Language denial of service
6157| [85709] Oracle MySQL Server Audit Log unspecified
6158| [85708] Oracle MySQL Server MemCached unspecified
6159| [84846] Debian mysql-server package information disclosure
6160| [84375] Wireshark MySQL dissector denial of service
6161| [83554] Oracle MySQL Server Server Partition denial of service
6162| [83553] Oracle MySQL Server Server Locking denial of service
6163| [83552] Oracle MySQL Server Server Install unspecified
6164| [83551] Oracle MySQL Server Server Types denial of service
6165| [83550] Oracle MySQL Server Server Privileges unspecified
6166| [83549] Oracle MySQL Server InnoDB denial of service
6167| [83548] Oracle MySQL Server InnoDB denial of service
6168| [83547] Oracle MySQL Server Data Manipulation Language denial of service
6169| [83546] Oracle MySQL Server Stored Procedure denial of service
6170| [83545] Oracle MySQL Server Server Replication denial of service
6171| [83544] Oracle MySQL Server Server Partition denial of service
6172| [83543] Oracle MySQL Server Server Optimizer denial of service
6173| [83542] Oracle MySQL Server InnoDB denial of service
6174| [83541] Oracle MySQL Server Information Schema denial of service
6175| [83540] Oracle MySQL Server Data Manipulation Language denial of service
6176| [83539] Oracle MySQL Server Data Manipulation Language denial of service
6177| [83538] Oracle MySQL Server Server Optimizer unspecified
6178| [83537] Oracle MySQL Server MemCached denial of service
6179| [83536] Oracle MySQL Server Server Privileges unspecified
6180| [83535] Oracle MySQL Server Server Privileges unspecified
6181| [83534] Oracle MySQL Server Server unspecified
6182| [83533] Oracle MySQL Server Information Schema unspecified
6183| [83532] Oracle MySQL Server Server Locking unspecified
6184| [83531] Oracle MySQL Server Data Manipulation Language denial of service
6185| [83388] MySQL administrative login attempt detected
6186| [82963] Mambo MySQL database information disclosure
6187| [82946] Oracle MySQL buffer overflow
6188| [82945] Oracle MySQL buffer overflow
6189| [82895] Oracle MySQL and MariaDB geometry queries denial of service
6190| [81577] MySQL2JSON extension for TYPO3 unspecified SQL injection
6191| [81325] Oracle MySQL Server Server Privileges denial of service
6192| [81324] Oracle MySQL Server Server Partition denial of service
6193| [81323] Oracle MySQL Server Server Optimizer denial of service
6194| [81322] Oracle MySQL Server Server Optimizer denial of service
6195| [81321] Oracle MySQL Server Server denial of service
6196| [81320] Oracle MySQL Server MyISAM denial of service
6197| [81319] Oracle MySQL Server InnoDB denial of service
6198| [81318] Oracle MySQL Server InnoDB denial of service
6199| [81317] Oracle MySQL Server Server Locking denial of service
6200| [81316] Oracle MySQL Server Server denial of service
6201| [81315] Oracle MySQL Server Server Replication unspecified
6202| [81314] Oracle MySQL Server Server Replication unspecified
6203| [81313] Oracle MySQL Server Stored Procedure denial of service
6204| [81312] Oracle MySQL Server Server Optimizer denial of service
6205| [81311] Oracle MySQL Server Information Schema denial of service
6206| [81310] Oracle MySQL Server GIS Extension denial of service
6207| [80790] Oracle MySQL yaSSL buffer overflow
6208| [80553] Oracle MySQL and MariaDB salt security bypass
6209| [80443] Oracle MySQL Server unspecified code execution
6210| [80442] Oracle MySQL Server acl_get() buffer overflow
6211| [80440] Oracle MySQL Server table buffer overflow
6212| [80435] Oracle MySQL Server database privilege escalation
6213| [80434] Oracle MySQL Server COM_BINLOG_DUMP denial of service
6214| [80433] Oracle MySQL Server Stuxnet privilege escalation
6215| [80432] Oracle MySQL Server authentication information disclosure
6216| [79394] Oracle MySQL Server Server Installation information disclosure
6217| [79393] Oracle MySQL Server Server Replication denial of service
6218| [79392] Oracle MySQL Server Server Full Text Search denial of service
6219| [79391] Oracle MySQL Server Server denial of service
6220| [79390] Oracle MySQL Server Client information disclosure
6221| [79389] Oracle MySQL Server Server Optimizer denial of service
6222| [79388] Oracle MySQL Server Server Optimizer denial of service
6223| [79387] Oracle MySQL Server Server denial of service
6224| [79386] Oracle MySQL Server InnoDB Plugin denial of service
6225| [79385] Oracle MySQL Server InnoDB denial of service
6226| [79384] Oracle MySQL Server Client unspecified
6227| [79383] Oracle MySQL Server Server denial of service
6228| [79382] Oracle MySQL Server Protocol unspecified
6229| [79381] Oracle MySQL Server Information Schema unspecified
6230| [78954] SilverStripe MySQLDatabase.php information disclosure
6231| [78948] MySQL MyISAM table symlink
6232| [77865] MySQL unknown vuln
6233| [77864] MySQL sort order denial of service
6234| [77768] MySQLDumper refresh_dblist.php information disclosure
6235| [77177] MySQL Squid Access Report unspecified cross-site scripting
6236| [77065] Oracle MySQL Server Optimizer denial of service
6237| [77064] Oracle MySQL Server Optimizer denial of service
6238| [77063] Oracle MySQL Server denial of service
6239| [77062] Oracle MySQL InnoDB denial of service
6240| [77061] Oracle MySQL GIS Extension denial of service
6241| [77060] Oracle MySQL Server Optimizer denial of service
6242| [76189] MySQL unspecified error
6243| [76188] MySQL attempts security bypass
6244| [75287] MySQLDumper restore.php information disclosure
6245| [75286] MySQLDumper filemanagement.php directory traversal
6246| [75285] MySQLDumper main.php cross-site request forgery
6247| [75284] MySQLDumper install.php cross-site scripting
6248| [75283] MySQLDumper install.php file include
6249| [75282] MySQLDumper menu.php code execution
6250| [75022] Oracle MySQL Server Server Optimizer denial of service
6251| [75021] Oracle MySQL Server Server Optimizer denial of service
6252| [75020] Oracle MySQL Server Server DML denial of service
6253| [75019] Oracle MySQL Server Partition denial of service
6254| [75018] Oracle MySQL Server MyISAM denial of service
6255| [75017] Oracle MySQL Server Server Optimizer denial of service
6256| [74672] Oracle MySQL Server multiple unspecified
6257| [73092] MySQL unspecified code execution
6258| [72540] Oracle MySQL Server denial of service
6259| [72539] Oracle MySQL Server unspecified
6260| [72538] Oracle MySQL Server denial of service
6261| [72537] Oracle MySQL Server denial of service
6262| [72536] Oracle MySQL Server unspecified
6263| [72535] Oracle MySQL Server denial of service
6264| [72534] Oracle MySQL Server denial of service
6265| [72533] Oracle MySQL Server denial of service
6266| [72532] Oracle MySQL Server denial of service
6267| [72531] Oracle MySQL Server denial of service
6268| [72530] Oracle MySQL Server denial of service
6269| [72529] Oracle MySQL Server denial of service
6270| [72528] Oracle MySQL Server denial of service
6271| [72527] Oracle MySQL Server denial of service
6272| [72526] Oracle MySQL Server denial of service
6273| [72525] Oracle MySQL Server information disclosure
6274| [72524] Oracle MySQL Server denial of service
6275| [72523] Oracle MySQL Server denial of service
6276| [72522] Oracle MySQL Server denial of service
6277| [72521] Oracle MySQL Server denial of service
6278| [72520] Oracle MySQL Server denial of service
6279| [72519] Oracle MySQL Server denial of service
6280| [72518] Oracle MySQL Server unspecified
6281| [72517] Oracle MySQL Server unspecified
6282| [72516] Oracle MySQL Server unspecified
6283| [72515] Oracle MySQL Server denial of service
6284| [72514] Oracle MySQL Server unspecified
6285| [71965] MySQL port denial of service
6286| [70680] DBD::mysqlPP unspecified SQL injection
6287| [70370] TaskFreak! multi-mysql unspecified path disclosure
6288| [68799] mod_authnz_external module for Apache mysql-auth.pl SQL injection
6289| [68294] MySQLDriverCS statement.cs sql injection
6290| [68175] Prosody MySQL denial of service
6291| [67539] Zend Framework MySQL PDO security bypass
6292| [67254] DirectAdmin MySQL information disclosure
6293| [66567] Xoops mysql.sql information disclosure
6294| [65871] PyWebDAV MySQLAuthHandler class SQL injection
6295| [65543] MySQL Select Arbitrary data into a File
6296| [65529] MySQL Eventum full_name field cross-site scripting
6297| [65380] Oracle MySQL Eventum forgot_password.php cross-site scripting
6298| [65379] Oracle MySQL Eventum list.php cross-site scripting
6299| [65266] Accellion File Transfer Appliance MySQL default password
6300| [64878] MySQL Geometry denial of service
6301| [64877] MySQL EXPLAIN EXTENDED denial of service
6302| [64876] MySQL prepared statement denial of service
6303| [64845] MySQL extreme-value denial of service
6304| [64844] MySQL Gis_line_string::init_from_wkb denial of service
6305| [64843] MySQL user-variable denial of service
6306| [64842] MySQL view preparation denial of service
6307| [64841] MySQL prepared statement denial of service
6308| [64840] MySQL LONGBLOB denial of service
6309| [64839] MySQL invocations denial of service
6310| [64838] MySQL Gis_line_string::init_from_wkb denial of service
6311| [64689] MySQL dict0crea.c denial of service
6312| [64688] MySQL SET column denial of service
6313| [64687] MySQL BINLOG command denial of service
6314| [64686] MySQL InnoDB denial of service
6315| [64685] MySQL HANDLER interface denial of service
6316| [64684] MySQL Item_singlerow_subselect::store denial of service
6317| [64683] MySQL OK packet denial of service
6318| [63518] MySQL Query Browser GUI Tools information disclosure
6319| [63517] MySQL Administrator GUI Tools information disclosure
6320| [62272] MySQL PolyFromWKB() denial of service
6321| [62269] MySQL LIKE predicates denial of service
6322| [62268] MySQL joins denial of service
6323| [62267] MySQL GREATEST() or LEAST() denial of service
6324| [62266] MySQL GROUP_CONCAT() denial of service
6325| [62265] MySQL expression values denial of service
6326| [62264] MySQL temporary table denial of service
6327| [62263] MySQL LEAST() or GREATEST() denial of service
6328| [62262] MySQL replication privilege escalation
6329| [61739] MySQL WITH ROLLUP denial of service
6330| [61343] MySQL LOAD DATA INFILE denial of service
6331| [61342] MySQL EXPLAIN denial of service
6332| [61341] MySQL HANDLER denial of service
6333| [61340] MySQL BINLOG denial of service
6334| [61339] MySQL IN() or CASE denial of service
6335| [61338] MySQL SET denial of service
6336| [61337] MySQL DDL denial of service
6337| [61318] PHP mysqlnd_wireprotocol.c buffer overflow
6338| [61317] PHP php_mysqlnd_read_error_from_line buffer overflow
6339| [61316] PHP php_mysqlnd_auth_write buffer overflow
6340| [61274] MySQL TEMPORARY InnoDB denial of service
6341| [59905] MySQL ALTER DATABASE denial of service
6342| [59841] CMySQLite updateUser.php cross-site request forgery
6343| [59112] MySQL Enterprise Monitor unspecified cross-site request forgery
6344| [59075] PHP php_mysqlnd_auth_write() buffer overflow
6345| [59074] PHP php_mysqlnd_read_error_from_line() buffer overflow
6346| [59073] PHP php_mysqlnd_rset_header_read() buffer overflow
6347| [59072] PHP php_mysqlnd_ok_read() information disclosure
6348| [58842] MySQL DROP TABLE file deletion
6349| [58676] Template Shares MySQL information disclosure
6350| [58531] MySQL COM_FIELD_LIST buffer overflow
6351| [58530] MySQL packet denial of service
6352| [58529] MySQL COM_FIELD_LIST security bypass
6353| [58311] ClanSphere the captcha generator and MySQL driver SQL injection
6354| [57925] MySQL UNINSTALL PLUGIN security bypass
6355| [57006] Quicksilver Forums mysqldump information disclosure
6356| [56800] Employee Timeclock Software mysqldump information disclosure
6357| [56200] Flex MySQL Connector ActionScript SQL injection
6358| [55877] MySQL yaSSL buffer overflow
6359| [55622] kiddog_mysqldumper extension for TYPO3 information disclosure
6360| [55416] MySQL unspecified buffer overflow
6361| [55382] Ublog UblogMySQL.sql information disclosure
6362| [55251] PHP-MySQL-Quiz editquiz.php SQL injection
6363| [54597] MySQL sql_table.cc security bypass
6364| [54596] MySQL mysqld denial of service
6365| [54365] MySQL OpenSSL security bypass
6366| [54364] MySQL MyISAM table symlink
6367| [53950] The mysql-ocaml mysql_real_escape_string weak security
6368| [52978] Zmanda Recovery Manager for MySQL mysqlhotcopy privilege escalation
6369| [52977] Zmanda Recovery Manager for MySQL socket-server.pl command execution
6370| [52660] iScouter PHP Web Portal MySQL Password Retrieval
6371| [52220] aa33code mysql.inc information disclosure
6372| [52122] MySQL Connector/J unicode SQL injection
6373| [51614] MySQL dispatch_command() denial of service
6374| [51406] MySQL Connector/NET SSL spoofing
6375| [49202] MySQL UDF command execution
6376| [49050] MySQL XPath denial of service
6377| [48919] Cisco Application Networking Manager MySQL default account password
6378| [48163] libapache2-mod-auth-mysql module for Debian multibyte encoding SQL injection
6379| [47544] MySQL Calendar index.php SQL injection
6380| [47476] MySQL Calendar index.php nodstrumCalendarV2 security bypass
6381| [45649] MySQL MyISAM symlink security bypass
6382| [45648] MySQL MyISAM symlinks security bypass
6383| [45607] MySQL Quick Admin actions.php file include
6384| [45606] MySQL Quick Admin index.php file include
6385| [45590] MySQL command-line client cross-site scripting
6386| [45436] PromoteWeb MySQL go.php SQL injection
6387| [45042] MySQL empty bit-string literal denial of service
6388| [44662] mysql-lists unspecified cross-site scripting
6389| [42267] MySQL MyISAM security bypass
6390| [42211] GEDCOM_to_MySQL2 index.php, info.php and prenom.php cross-site scripting
6391| [42014] miniBB setup_mysql.php and setup_options.php SQL injection
6392| [40920] MySQL sql_select.cc denial of service
6393| [40734] MySQL Server BINLOG privilege escalation
6394| [40350] MySQL password information disclosure
6395| [39415] Debian GNU/Linux libdspam7-drv-mysql cron job password disclosure
6396| [39402] PHP LOCAL INFILE and MySQL extension security bypass
6397| [38999] aurora framework db_mysql.lib SQL injection
6398| [38990] MySQL federated engine denial of service
6399| [38989] MySQL DEFINER value privilege escalation
6400| [38988] MySQL DATA DIRECTORY and INDEX DIRECTORY privilege escalation
6401| [38964] MySQL RENAME TABLE symlink
6402| [38733] ManageEngine EventLog Analyzer MySQL default password
6403| [38284] MySQL ha_innodb.cc convert_search_mode_to_innobase() denial of service
6404| [38189] MySQL default root password
6405| [37235] Asterisk-Addons cdr_addon_mysql module SQL injection
6406| [37099] RHSA update for MySQL case sensistive database name privilege escalation not installed
6407| [36555] PHP MySQL extension multiple functions security bypass
6408| [35960] MySQL view privilege escalation
6409| [35959] MySQL CREATE TABLE LIKE information disclosure
6410| [35958] MySQL connection protocol denial of service
6411| [35291] MySQLDumper main.php security bypass
6412| [34811] MySQL udf_init and mysql_create_function command execution
6413| [34809] MySQL mysql_update privilege escalation
6414| [34349] MySQL ALTER information disclosure
6415| [34348] MySQL mysql_change_db privilege escalation
6416| [34347] MySQL RENAME TABLE weak security
6417| [34232] MySQL IF clause denial of service
6418| [33388] Advanced Website Creator (AWC) mysql_escape_string SQL injection
6419| [33285] Eve-Nuke mysql.php file include
6420| [32957] MySQL Commander dbopen.php file include
6421| [32933] cPanel load_language.php and mysqlconfig.php file include
6422| [32911] MySQL filesort function denial of service
6423| [32462] cPanel passwdmysql cross-site scripting
6424| [32288] RHSA-2006:0544 updates for mysql not installed
6425| [32266] MySQLNewsEngine affichearticles.php3 file include
6426| [31244] The Address Book MySQL export.php password information disclosure
6427| [31037] Php/Mysql Site Builder (PHPBuilder) htm2php.php directory traversal
6428| [30760] BTSaveMySql URL file disclosure
6429| [30191] StoryStream mysql.php and mysqli.php file include
6430| [30085] MySQL MS-DOS device name denial of service
6431| [30031] Agora MysqlfinderAdmin.php file include
6432| [29438] MySQLDumper mysqldumper_path/sql.php cross-site scripting
6433| [29179] paBugs class.mysql.php file include
6434| [29120] ZoomStats MySQL file include
6435| [28448] MySQL case sensitive database name privilege escalation
6436| [28442] MySQL GRANT EXECUTE privilege escalation
6437| [28387] FunkBoard admin/mysql_install.php and admin/pg_install.php unauthorized access
6438| [28202] MySQL multiupdate subselect query denial of service
6439| [28180] MySQL MERGE table security bypass
6440| [28176] PHP MySQL Banner Exchange lib.inc information disclosure
6441| [27995] Opsware Network Automation System MySQL plaintext password
6442| [27904] MySQL date_format() format string
6443| [27635] MySQL Instance Manager denial of service
6444| [27212] MySQL SELECT str_to_date denial of service
6445| [26875] MySQL ASCII escaping SQL injection
6446| [26420] Apple Mac OS X MySQL Manager blank password
6447| [26236] MySQL login packet information disclosure
6448| [26232] MySQL COM_TABLE_DUMP buffer overflow
6449| [26228] MySQL sql_parce.cc information disclosure
6450| [26042] MySQL running
6451| [25313] WoltLab Burning Board class_db_mysql.php cross-site scripting
6452| [24966] MySQL mysql_real_query logging bypass
6453| [24653] PAM-MySQL logging function denial of service
6454| [24652] PAM-MySQL authentication double free code execution
6455| [24567] PHP/MYSQL Timesheet index.php and changehrs.php SQL injection
6456| [24095] PHP ext/mysqli exception handling format string
6457| [23990] PHP mysql_connect() buffer overflow
6458| [23596] MySQL Auction search module could allow cross-site scripting
6459| [22642] RHSA-2005:334 updates for mysql not installed
6460| [21757] MySQL UDF library functions command execution
6461| [21756] MySQL LoadLibraryEx function denial of service
6462| [21738] MySQL UDF mysql_create_function function directory traversal
6463| [21737] MySQL user defined function buffer overflow
6464| [21640] MySQL Eventum multiple class SQL injection
6465| [21638] MySQL Eventum multiple scripts cross-site scripting
6466| [20984] xmysqladmin temporary file symlink
6467| [20656] MySQL mysql_install_db script symlink
6468| [20333] Plans MySQL password information disclosure
6469| [19659] MySQL CREATE TEMPORARY TABLE command creates insecure files
6470| [19658] MySQL udf_init function gain access
6471| [19576] auraCMS mysql_fetch_row function path disclosure
6472| [18922] MySQL mysqlaccess script symlink attack
6473| [18824] MySQL UDF root privileges
6474| [18464] mysql_auth unspecified vulnerability
6475| [18449] Sugar Sales plaintext MySQL password
6476| [17783] MySQL underscore allows elevated privileges
6477| [17768] MySQL MATCH ... AGAINST SQL statement denial of service
6478| [17667] MySQL UNION change denial of service
6479| [17666] MySQL ALTER TABLE RENAME bypass restriction
6480| [17493] MySQL libmysqlclient bulk inserts buffer overflow
6481| [17462] MySQLGuest AWSguest.php script cross-site scripting
6482| [17047] MySQL mysql_real_connect buffer overflow
6483| [17030] MySQL mysqlhotcopy insecure temporary file
6484| [16612] MySQL my_rnd buffer overflow
6485| [16604] MySQL check_scramble_323 function allows unauthorized access
6486| [15883] MySQL mysqld_multi script symlink attack
6487| [15617] MySQL mysqlbug script symlink attack
6488| [15417] Confixx db_mysql_loeschen2.php SQL injection
6489| [15280] Proofpoint Protection Server MySQL allows unauthorized access
6490| [13404] HP Servicecontrol Manager multiple vulnerabilities in MySQL could allow execution of code
6491| [13153] MySQL long password buffer overflow
6492| [12689] MySQL AB ODBC Driver stores ODBC passwords and usernames in plain text
6493| [12540] Teapop PostSQL and MySQL modules SQL injection
6494| [12337] MySQL mysql_real_connect function buffer overflow
6495| [11510] MySQL datadir/my.cnf modification could allow root privileges
6496| [11493] mysqlcc configuration and connection files are world writable
6497| [11340] SuckBot mod_mysql_logger denial of service
6498| [11199] MySQL mysql_change_user() double-free memory pointer denial of service
6499| [10850] MySQL libmysql client read_one_row buffer overflow
6500| [10849] MySQL libmysql client read_rows buffer overflow
6501| [10848] MySQL COM_CHANGE_USER password buffer overflow
6502| [10847] MySQL COM_CHANGE_USER command password authentication bypass
6503| [10846] MySQL COM_TABLE_DUMP unsigned integer denial of service
6504| [10483] Bugzilla stores passwords in plain text in the MySQL database
6505| [10455] gBook MySQL could allow administrative access
6506| [10243] MySQL my.ini "
6507| [9996] MySQL SHOW GRANTS command discloses adminstrator`s encrypted password
6508| [9909] MySQL logging disabled by default on Windows
6509| [9908] MySQL binding to the loopback adapter is disabled
6510| [9902] MySQL default root password could allow unauthorized access
6511| [8748] Cyrus SASL LDAP+MySQL patch allows user unauthorized POP access
6512| [8105] PHP MySQL client library allows an attacker to bypass safe_mode restrictions
6513| [7923] Conectiva Linux MySQL /var/log/mysql file has insecure permissions
6514| [7206] WinMySQLadmin stores MySQL password in plain text
6515| [6617] MySQL "
6516| [6419] MySQL drop database command buffer overflow
6517| [6418] MySQL libmysqlclient.so buffer overflow
6518| [5969] MySQL select buffer overflow
6519| [5447] pam_mysql authentication input
6520| [5409] MySQL authentication algorithm obtain password hash
6521| [5057] PCCS MySQL Database Admin Tool could reveal username and password
6522| [4228] MySQL unauthenticated remote access
6523| [3849] MySQL default test account could allow any user to connect to the database
6524| [1568] MySQL creates readable log files
6525|
6526| Exploit-DB - https://www.exploit-db.com:
6527| [30020] MySQL 5.0.x - IF Query Handling Remote Denial of Service Vulnerability
6528| [29724] MySQL 5.0.x Single Row SubSelect Remote Denial of Service Vulnerability
6529| [27326] MySQL 5.0.18 Query Logging Bypass Vulnerability
6530| [20044] Symantec Web Gateway 5.0.3.18 Blind SQLi Backdoor via MySQL Triggers
6531| [9085] MySQL <= 5.0.45 COM_CREATE_DB Format String PoC (auth)
6532| [4615] MySQL <= 5.0.45 (Alter) Denial of Service Vulnerability
6533| [1742] MySQL (<= 4.1.18, 5.0.20) Local/Remote Information Leakage Exploit
6534| [1741] MySQL <= 5.0.20 COM_TABLE_DUMP Memory Leak/Remote BoF Exploit
6535|
6536| OpenVAS (Nessus) - http://www.openvas.org:
6537| [53230] Debian Security Advisory DSA 540-1 (mysql)
6538|
6539| SecurityTracker - https://www.securitytracker.com:
6540| [1028790] MySQL Multiple Bugs Let Remote Users Deny Service and Partially Access and Modify Data
6541| [1028449] MySQL Multiple Bugs Let Remote Authenticated Users Deny Service and Partially Access and Modify Data
6542| [1028004] MySQL Multiple Bugs Let Remote Authenticated Users Take Full Control or Deny Service and Let Local Users Access and Modify Data
6543| [1027829] MySQL Bug in UpdateXML() Lets Remote Authenticated Users Deny Service
6544| [1027828] MySQL Heap Overflow May Let Remote Authenticated Users Execute Arbitrary Code
6545| [1027827] MySQL Stack Overflow May Let Remote Authenticated Users Execute Arbitrary Code
6546| [1027665] MySQL Multiple Bugs Let Remote Authenticated Users Access and Modify Data and Deny Service and Local Users Access Data
6547| [1027263] MySQL Multiple Bugs Let Remote Authenticated Users Deny Service
6548| [1027143] MySQL memcmp() Comparison Error Lets Remote Users Bypass Authentication
6549| [1026934] MySQL Multiple Bugs Let Remote Users Deny Service
6550| [1026896] MySQL Unspecified Flaws Have Unspecified Impact
6551| [1026659] MySQL Unspecified Flaw Lets Remote Users Execute Arbitrary Code
6552| [1026530] MySQL Multiple Bugs Let Local and Remote Users Partially Access and Modifiy Data and Partially Deny Service
6553| [1024508] MySQL Replication Flaw Lets Remote Authenticated Users Gain Elevated Privileges
6554| [1024507] MySQL Multiple Flaws Let Remote Authenticated Users Deny Service
6555| [1024360] MySQL Multiple Flaws Let Remote Authenticated Users Deny Service
6556| [1024160] MySQL ALTER DATABASE Processing Error Lets Remote Authenticated Users Deny Service
6557| [1024033] MySQL COM_FIELD_LIST Packet Buffer Overflow Lets Remote Authenticated Users Execute Arbitrary Code
6558| [1024032] MySQL Large Packet Processing Flaw in my_net_skip_rest() Lets Remote Users Deny Service
6559| [1024031] MySQL COM_FIELD_LIST Validation Flaw Lets Remote Authenticated Users Gain Elevated Privileges
6560| [1024004] MySQL mi_delete_table() Symlink Flaw Lets Remote Authenticated Users Delete Data and Index Files
6561| [1023402] MySQL Unspecified Flaw Lets Remote Users Execute Arbitrary Code
6562| [1023220] MySQL Client Fails to Check Server Certificates in Certain Cases
6563| [1022812] MySQL Unspecified Buffer Overflow Lets Remote Users Execute Arbitrary Code
6564| [1022533] MySQL Format String Bug in dispatch_command() Lets Remote Users Deny Service
6565| [1022482] MySQL Connector/Net is Missing SSL Certificate Validation
6566| [1021786] MySQL Bug in ExtractValue()/UpdateXML() in Processing XPath Expressions Lets Remote Authenticated Users Deny Service
6567| [1021714] (Red Hat Issues Fix) mod_auth_mysql Input Validation Flaw Lets Remote Users Inject SQL Commands
6568| [1020858] MySQL Item_bin_string::Item_bin_string() Binary Value Processing Bug Lets Remote Authenticated Users Deny Service
6569| [1019995] MySQL MyISAM Options Let Local Users Overwrite Table Files
6570| [1019085] MySQL Bugs Let Remote Authenticated Users Gain Elevated Privileges and Deny Service
6571| [1019084] MySQL DATA DIRECTORY and INDEX DIRECTORY Options May Let Remote Authenticated Users Gain Elevated Privileges
6572| [1019083] MySQL BINLOG Filename Path Bug May Let Remote Authenticated Users Gain Elevated Privileges
6573| [1019060] MySQL Rename Table Bug Lets Remote Authenticated Users Modify System Table Information
6574| [1018978] MySQL convert_search_mode_to_innobase() Bug Lets Remote Authenticated Users Deny Service
6575| [1018824] Asterisk-Addons Input Validation Flaw in cdr_addon_mysql Lets Remote Users Inject SQL Commands
6576| [1018663] MySQL Table View Access Bug Lets Remote Authenticated Users Gain Elevated Privileges
6577| [1018629] MySQL Authentication Protocol Bug Lets Remote Users Deny Service
6578| [1018071] MySQL ALTER TABLE Function Lets Remote Authenticated Users Obtain Potentially Sensitive Information
6579| [1018070] MySQL SQL SECURITY INVOKER Routines Let Remote Authenticated Users Gain Elevated Privileges
6580| [1018069] MySQL Lets Remote Authenticated Users Issue the RENAME TABLE Command
6581| [1017746] MySQL Single Row Subselect Statements Let Remote Users Deny Service
6582| [1016790] MySQL Replication Error Lets Local Users Deny Service
6583| [1016710] MySQL Case-Sensitive Database Names May Let Users Access Restricted Databases
6584| [1016709] MySQL Error in Checking suid Routine Arguments May Let Users Gain Elevated Privileges
6585| [1016617] MySQL MERGE Access Control Error May Let Users Access a Restricted Table
6586| [1016566] Opsware Network Automation System Discloses MySQL Password to Local Users
6587| [1016216] MySQL Error in Parsing Multibyte Encoded Data in mysql_real_escape() Lets Remote Users Inject SQL Commands
6588| [1016077] Apple MySQL Manager Database Initialization Bug May Let Local Users Access the Database
6589| [1016017] MySQL Anonymous Login Processing May Disclose Some Memory Contents to Remote Users
6590| [1016016] MySQL COM_TABLE_DUMP Processing Lets Remote Authenticated Users Execute Arbitrary Code or Obtain Information
6591| [1015789] Woltlab Burning Board Input Validation Hole in 'class_db_mysql.php' Permits Cross-Site Scripting Attacks
6592| [1015693] MySQL Query Bug Lets Remote Users Bypass Query Logging
6593| [1015603] PAM-MySQL pam_get_item() Double Free May Let Remote Users Execute Arbitrary Code
6594| [1015485] PHP mysqli Extension Error Mode Format String Flaw May Let Users Execute Arbitrary Code
6595| [1014603] MySQL Eventum Input Validation Hole in 'class.auth.php' Permits SQL Injection and Other Input Validation Bugs Permit Cross-Site Scripting Attacks
6596| [1014172] xMySQLadmin Lets Local Users Delete Files
6597| [1013995] MySQL 'mysql_install_db' Uses Unsafe Temporary Files and May Let Local Users Gain Elevated Privilege
6598| [1013994] MySQL Non-existent '--user' Error May Allow the Database to Run With Incorrect Privileges
6599| [1013415] MySQL CREATE FUNCTION Lets Authenticated Users Invoke libc Functions to Execute Arbitrary Code
6600| [1013414] MySQL udf_init() Path Validation Flaw Lets Authenticated Users Execute Arbitrary Libraries
6601| [1013413] MySQL CREATE TEMPORARY TABLE Uses Predictable Temporary Files That May Let Users Gain Elevated Privileges
6602| [1012914] MySQL 'mysqlaccess.sh' Unsafe Temporary Files May Let Local Users Gain Elevated Privileges
6603| [1012893] MySQL MaxDB Buffer Overflow in websql Password Parameter Lets Remote Users Execute Arbitrary Code
6604| [1012500] mysql_auth Memory Leak Has Unspecified Impact
6605| [1011741] MySQL Access Control Error in Databases With Underscore Wildcard Character May Grant Unauthorized Access
6606| [1011606] MySQL May Let Remote Authenticated Users Access Restricted Tables or Crash the System
6607| [1011408] MySQL libmysqlclient Buffer Overflow in Executing Prepared Statements Has Unspecified Impact
6608| [1011376] MySQLGuest Lack of Input Validation Lets Remote Users Conduct Cross-Site Scripting Attacks
6609| [1011008] MySQL Buffer Overflow in mysql_real_connect() May Let Remote Users Execute Arbitrary Code
6610| [1010979] MySQL 'mysqlhotcopy' Unsafe Temporary Files May Let Local Users Gain Elevated Privileges
6611| [1010645] MySQL check_scramble_323() Zero-Length Comparison Lets Remote Users Bypass Authentication
6612| [1009784] MySQL 'mysqld_multi' Temporary File Flaw Lets Local Users Overwrite Files
6613| [1009554] MySQL 'mysqlbug' Temporary File Flaw Lets Local Users Overwrite Files
6614| [1007979] MySQL mysql_change_user() Double Free Error Lets Remote Authenticated Users Crash mysqld
6615| [1007673] MySQL acl_init() Buffer Overflow Permits Remote Authenticated Administrators to Execute Arbitrary Code
6616| [1007518] DWebPro Discloses MySQL Database Password to Local Users
6617| [1007312] MySQL World-Writable Configuration File May Let Local Users Gain Root Privileges
6618| [1006976] MySQL Buffer Overflow in 'mysql_real_connect()' Client Function May Let Remote or Local Users Execute Arbitrary Code
6619| [1005800] MySQL Overflow and Authentication Bugs May Let Remote Users Execute Code or Access Database Accounts
6620| [1005345] MySQL Buffer Overflow Lets Local Users Gain System Privileges on Windows NT
6621| [1004506] vBulletin PHP-based Forum Software Has Unspecified Security Flaw in the 'db_mysql.php' Module
6622| [1004172] PHP-Survey Script Discloses Underlying MySQL Database Username and Password to Remote Users
6623| [1003955] 3rd Party Patch for Cyrus SASL ('auxprop for mysql and ldap') Lets Remote Users Access Protected POP Mail Accounts Without Authentication
6624| [1003290] Conectiva Linux MySQL Distribution May Allow Local Users to Obtain Sensitive Information
6625| [1002993] PurePostPro Script Add-on for PureFTPd and MySQL Allows Remote Users to Execute SQL Commands on the Server
6626| [1002485] WinMySQLadmin Database Administration Tool Discloses MySQL Password to Local Users
6627| [1002324] Vpopmail Mail Server Discloses Database Password to Local Users When Installed with MySQL
6628| [1001411] phpMyAdmin Administration Tool for MySQL Allows Remote Users to Execute Commands on the Server
6629| [1001118] MySQL Database Allows Authorized Users to Modify Server Files to Deny Service or Obtain Additional Access
6630|
6631| OSVDB - http://www.osvdb.org:
6632| [95337] Oracle MySQL Server XA Transactions Subcomponent Unspecified Remote DoS
6633| [95336] Oracle MySQL Server Replication Subcomponent Unspecified Remote DoS
6634| [95335] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
6635| [95334] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue
6636| [95333] Oracle MySQL Server Partition Subcomponent Unspecified Remote DoS
6637| [95332] Oracle MySQL Server Parser Subcomponent Unspecified Remote DoS
6638| [95331] Oracle MySQL Server Options Subcomponent Unspecified Remote DoS (2013-3801)
6639| [95330] Oracle MySQL Server Options Subcomponent Unspecified Remote DoS (2013-3808)
6640| [95329] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2013-3796)
6641| [95328] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2013-3804)
6642| [95327] Oracle MySQL Server Prepared Statements Subcomponent Unspecified Remote DoS
6643| [95326] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
6644| [95325] Oracle MySQL Server Full Text Search Subcomponent Unspecified Remote DoS
6645| [95324] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-3795)
6646| [95323] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-3793)
6647| [95322] Oracle MySQL Server Audit Log Subcomponent Unspecified Remote Issue
6648| [95321] Oracle MySQL Server MemCached Subcomponent Unspecified Remote Issue
6649| [95131] AutoMySQLBackup /usr/sbin/automysqlbackup Database Name Arbitrary Code Injection
6650| [94076] Debian Linux MySQL Server mysql-server-5.5.postinst Race Condition debian.cnf Plaintext Credential Local Disclosure
6651| [93505] Wireshark MySQL Dissector (packet-mysql.c) Malformed Packet Handling Infinite Loop Remote DoS
6652| [93174] MySQL Crafted Derived Table Handling DoS
6653| [92967] MySQL2JSON (mn_mysql2json) Extension for TYPO3 Unspecified SQL Injection
6654| [92950] MySQL Running START SLAVE Statement Process Listing Plaintext Local Password Disclosure
6655| [92485] Oracle MySQL Server Partition Subcomponent Unspecified Local DoS
6656| [92484] Oracle MySQL Server Locking Subcomponent Unspecified Remote DoS (2013-1506)
6657| [92483] Oracle MySQL Server Install Subcomponent Unspecified Local Issue
6658| [92482] Oracle MySQL Server Types Subcomponent Unspecified Remote DoS
6659| [92481] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue (2013-2381)
6660| [92480] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-1566)
6661| [92479] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-1511)
6662| [92478] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-1567)
6663| [92477] Oracle MySQL Server Stored Procedure Subcomponent Unspecified Remote DoS
6664| [92476] Oracle MySQL Server Replication Subcomponent Unspecified Remote DoS
6665| [92475] Oracle MySQL Server Partition Subcomponent Unspecified Remote DoS
6666| [92474] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS
6667| [92473] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-2389)
6668| [92472] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote DoS
6669| [92471] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-1512)
6670| [92470] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-1544)
6671| [92469] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote Issue
6672| [92468] Oracle MySQL Server MemCached Subcomponent Unspecified Remote DoS
6673| [92467] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue (2013-2375)
6674| [92466] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue (2013-1531)
6675| [92465] Oracle MySQL Server Server Subcomponent Unspecified Remote Issue
6676| [92464] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote Issue
6677| [92463] Oracle MySQL Server Locking Subcomponent Unspecified Remote Issue (2013-1521)
6678| [92462] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-2395)
6679| [91536] Oracle MySQL yaSSL Unspecified Overflow (2012-0553)
6680| [91534] Oracle MySQL yaSSL Unspecified Overflow (2013-1492)
6681| [91415] MySQL Raw Geometry Object String Conversion Remote DoS
6682| [91108] Juju mysql Charm Install Script mysql.passwd MySQL Password Plaintext Local Disclosure
6683| [89970] Site Go /site-go/admin/extra/mysql/index.php idm Parameter Traversal Arbitrary File Access
6684| [89265] Oracle MySQL Server Server Privileges Subcomponent Unspecified Remote DoS
6685| [89264] Oracle MySQL Server Server Partition Subcomponent Unspecified Remote DoS
6686| [89263] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-0578)
6687| [89262] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-1705)
6688| [89261] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-0574)
6689| [89260] Oracle MySQL Server MyISAM Subcomponent Unspecified Remote DoS
6690| [89259] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2012-0572)
6691| [89258] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-0368)
6692| [89257] Oracle MySQL Server Server Locking Subcomponent Unspecified Remote DoS
6693| [89256] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-1702)
6694| [89255] Oracle MySQL Server Server Replication Subcomponent Unspecified Remote Issue
6695| [89254] Oracle MySQL Server Server Replication Subcomponent Unspecified Local Issue
6696| [89253] Oracle MySQL Server Stored Procedure Subcomponent Unspecified Remote DoS
6697| [89252] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS
6698| [89251] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote DoS
6699| [89250] Oracle MySQL Server GIS Extension Subcomponent Unspecified Remote DoS
6700| [89042] ViciBox Server MySQL cron Service Default Credentials
6701| [88415] Oracle MySQL Server COM_CHANGE_USER Account Password Brute-Force Weakness
6702| [88118] Oracle MySQL Server FILE Privilege Database Privilege Escalation
6703| [88067] Oracle MySQL Server Authentication Error Message User Enumeration
6704| [88066] Oracle MySQL Server for Linux Access Rights Checking Routine Database Name Handling Stack Buffer Overflow
6705| [88065] Oracle MySQL Server COM_BINLOG_DUMP Invalid Data Handling DoS
6706| [88064] Oracle MySQL Server Multiple-Table DELETE Heap Buffer Overflow
6707| [87704] CodeIgniter MySQL / MySQLi Driver Database Client Multi-byte Character Set Unspecified SQL Injection
6708| [87507] Oracle MySQL Statement Logging Multiple Log Plaintext Local Password Disclosure
6709| [87501] Oracle MySQL optimizer_switch Malformed Value Processing Local DoS
6710| [87494] Oracle MySQL on Windows Field_new_decimal::store_value dbug_buff Variable Overflow DoS
6711| [87480] MySQL Malformed XML Comment Handling DoS
6712| [87466] MySQL SSL Certificate Revocation Weakness
6713| [87356] Oracle MySQL do_div_mod DIV Expression Handling Remote DoS
6714| [87355] Oracle MySQL handler::pushed_cond Table Cache Handling mysqld DoS
6715| [87354] Oracle MySQL Polygon Union / Intersection Spatial Operations DoS
6716| [86273] Oracle MySQL Server Server Installation Subcomponent Unspecified Local Information Disclosure
6717| [86272] Oracle MySQL Server Server Replication Subcomponent Unspecified Remote DoS
6718| [86271] Oracle MySQL Server Server Full Text Search Subcomponent Unspecified Remote DoS
6719| [86270] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-3156)
6720| [86269] Oracle MySQL Server MySQL Client Subcomponent Unspecified Remote Information Disclosure
6721| [86268] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-3180)
6722| [86267] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-3150)
6723| [86266] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-3144)
6724| [86265] Oracle MySQL Server InnoDB Plugin Subcomponent Unspecified Remote DoS
6725| [86264] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
6726| [86263] Oracle MySQL Server MySQL Client Subcomponent Unspecified Remote Issue
6727| [86262] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-3177)
6728| [86261] Oracle MySQL Server Protocol Subcomponent Unspecified Remote Issue
6729| [86260] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote Code Execution
6730| [86175] Oracle MySQL on Windows Path Subversion Arbitrary DLL Injection Code Execution
6731| [85155] Icinga module/idoutils/db/scripts/create_mysqldb.sh Icinga User Database Access Restriction Bypass
6732| [84755] Oracle MySQL Sort Order Index Calculation Remote DoS
6733| [84719] MySQLDumper index.php page Parameter XSS
6734| [84680] MySQL Squid Access Report access.log File Path XSS
6735| [83980] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2012-1689)
6736| [83979] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2012-1734)
6737| [83978] Oracle MySQL Server Subcomponent Unspecified Remote DoS
6738| [83977] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
6739| [83976] Oracle MySQL Server GIS Extension Subcomponent Unspecified Remote DoS
6740| [83975] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2012-1735)
6741| [83661] Oracle MySQL Unspecified Issue (59533)
6742| [82804] Oracle MySQL Authentication Protocol Token Comparison Casting Failure Password Bypass
6743| [82803] Oracle MySQL Unspecified Issue (59387)
6744| [82120] Oracle MySQL Version Specific Comment Handling Arbitrary SQL Command Execution
6745| [81897] Viscacha classes/database/mysql.inc.php Multiple Parameter SQL Injection
6746| [81616] MySQLDumper Multiple Script Direct Request Information Disclosure
6747| [81615] MySQLDumper filemanagement.php f Parameter Traversal Arbitrary File Access
6748| [81614] MySQLDumper File Upload PHP Code Execution
6749| [81613] MySQLDumper main.php Multiple Function CSRF
6750| [81612] MySQLDumper restore.php filename Parameter XSS
6751| [81611] MySQLDumper sql.php Multiple Parameter XSS
6752| [81610] MySQLDumper install.php Multiple Parameter XSS
6753| [81609] MySQLDumper install.php language Parameter Traversal Arbitrary File Access
6754| [81378] Oracle MySQL Server Server Optimizer Component Unspecified Remote DoS (2012-1690)
6755| [81377] Oracle MySQL Server Server Optimizer Component Unspecified Remote DoS (2012-1696)
6756| [81376] Oracle MySQL Server Server DML Component Unspecified Remote DoS
6757| [81375] Oracle MySQL Server Partition Component Unspecified Remote DoS
6758| [81374] Oracle MySQL Server MyISAM Component Unspecified Remote DoS
6759| [81373] Oracle MySQL Server Server Optimizer Component Unspecified Remote DoS (2012-1703)
6760| [81059] Oracle MySQL Server Multiple Unspecified Issues
6761| [79038] Webmin Process Listing MySQL Password Local Disclosure
6762| [78919] Oracle MySQL Unspecified Pre-authentication Remote Code Execution
6763| [78710] WordPress wp-admin/setup-config.php MySQL Query Saturation Brute-Force Proxy Weakness
6764| [78708] WordPress wp-admin/setup-config.php MySQL Database Verification Code Injection Weakness
6765| [78707] WordPress wp-admin/setup-config.php MySQL Credentials Error Message Brute-Force Weakness
6766| [78394] Oracle MySQL Server Unspecified Remote DoS (2012-0493)
6767| [78393] Oracle MySQL Server Unspecified Remote DoS (2012-0492)
6768| [78392] Oracle MySQL Server Unspecified Remote DoS (2012-0117)
6769| [78391] Oracle MySQL Server Unspecified Remote DoS (2012-0112)
6770| [78390] Oracle MySQL Server Unspecified Remote DoS (2012-0495)
6771| [78389] Oracle MySQL Server Unspecified Remote DoS (2012-0491)
6772| [78388] Oracle MySQL Server Unspecified Remote DoS (2012-0490)
6773| [78387] Oracle MySQL Server Unspecified Remote DoS (2012-0489)
6774| [78386] Oracle MySQL Server Unspecified Remote DoS (2012-0488)
6775| [78385] Oracle MySQL Server Unspecified Remote DoS (2012-0487)
6776| [78384] Oracle MySQL Server Unspecified Remote DoS (2012-0486)
6777| [78383] Oracle MySQL Server Unspecified Remote DoS (2012-0485)
6778| [78382] Oracle MySQL Server Unspecified Remote DoS (2012-0120)
6779| [78381] Oracle MySQL Server Unspecified Remote DoS (2012-0119)
6780| [78380] Oracle MySQL Server Unspecified Remote DoS (2012-0115)
6781| [78379] Oracle MySQL Server Unspecified Remote DoS (2012-0102)
6782| [78378] Oracle MySQL Server Unspecified Remote DoS (2012-0101)
6783| [78377] Oracle MySQL Server Unspecified Remote DoS (2012-0087)
6784| [78376] Oracle MySQL Server Unspecified Remote DoS (2011-2262)
6785| [78375] Oracle MySQL Server Unspecified Local DoS
6786| [78374] Oracle MySQL Server Unspecified Remote Issue (2012-0075)
6787| [78373] Oracle MySQL Server Unspecified Local Issue
6788| [78372] Oracle MySQL Server Unspecified Remote Information Disclosure
6789| [78371] Oracle MySQL Server Unspecified Remote Issue (2012-0496)
6790| [78370] Oracle MySQL Server Unspecified Remote Issue (2012-0118)
6791| [78369] Oracle MySQL Server Unspecified Remote Issue (2012-0116)
6792| [78368] Oracle MySQL Server Unspecified Remote Issue (2012-0113)
6793| [78283] Oracle MySQL NULL Pointer Dereference Packet Parsing Remote DoS
6794| [77042] e107 CMS install_.php MySQL Server Name Parsing Remote PHP Code Execution
6795| [77040] DBD::mysqlPP Unspecified SQL Injection
6796| [75888] TaskFreak! multi-mysql Multiple Script Direct Request Path Disclosure
6797| [74120] Apache HTTP Server mod_authnz_external mysql/mysql-auth.pl user Field SQL Injection
6798| [73555] Prosody MySQL Value Column Invalid Data Type Handling DoS
6799| [73387] Zend Framework PDO_MySql Character Set Security Bypass
6800| [72836] Arctic Fox CMS Multiple Script Direct Request MySQL Settings Disclosure
6801| [72660] MySQL GUI Tools Administrator / Query Browser Command Line Credentials Local Disclosure
6802| [72120] DirectAdmin mysql_backups Folder MySQL Database Backup Local Disclosure
6803| [71368] Accellion File Transfer Appliance Weak MySQL root Password
6804| [70967] MySQL Eventum Admin User Creation CSRF
6805| [70966] MySQL Eventum preferences.php full_name Parameter XSS
6806| [70961] MySQL Eventum list.php Multiple Parameter XSS
6807| [70960] MySQL Eventum forgot_password.php URI XSS
6808| [70947] PyWebDAV DAVServer/mysqlauth.py get_userinfo() Multiple Parameter SQL Injection
6809| [70610] PHP MySQLi Extension set_magic_quotes_runtime Function mysqli_fetch_assoc Function Interaction Weakness
6810| [69885] SilverStripe modules/sapphire/trunk/core/model/MySQLDatabase.php showqueries Parameter SQL Command Disclosure
6811| [69395] MySQL Derived Table Grouping DoS
6812| [69394] MySQL Temporary Table Expression Re-Evaluation DoS
6813| [69393] MySQL GROUP_CONCAT() WITH ROLLUP Modifier DoS
6814| [69392] MySQL Extreme-Value Functions Mixed Arguments DoS
6815| [69391] MySQL Stored Procedures / Prepared Statements Nested Joins DoS
6816| [69390] MySQL Extreme-Value Functions Argument Parsing Type Error DoS
6817| [69389] MySQL CONVERT_TZ() Function Empty SET Column DoS
6818| [69388] MySQL InnoDB Storage Engine Table Handling Overflow
6819| [69387] MySQL LIKE Predicates Pre-Evaluation DoS
6820| [69001] MySQL PolyFromWKB() Function WKB Data Remote DoS
6821| [69000] MySQL HANDLER Interface Unspecified READ Request DoS
6822| [68997] MySQL Prepared-Statement Mode EXPLAIN DoS
6823| [68996] MySQL EXPLAIN EXTENDED Statement DoS
6824| [68995] MySQL GeometryCollection non-Geometry Value Assignment DoS
6825| [67488] phpMyAdmin libraries/dbi/mysqli.dbi.lib.php Unspecified Parameter XSS
6826| [67487] phpMyAdmin libraries/dbi/mysql.dbi.lib.php Unspecified Parameter XSS
6827| [67421] PHP Mysqlnd Extension mysqlnd_wireprotocol.c php_mysqlnd_rset_header_read Function Overflow
6828| [67420] PHP Mysqlnd Extension mysqlnd_wireprotocol.c php_mysqlnd_ok_read Function Arbitrary Memory Content Disclosure
6829| [67419] PHP Mysqlnd Extension php_mysqlnd_read_error_from_line Function Negative Buffer Length Value Overflow
6830| [67418] PHP Mysqlnd Extension php_mysqlnd_auth_write Function Multiple Overflows
6831| [67384] MySQL LOAD DATA INFILE Statement Incorrect OK Packet DoS
6832| [67383] MySQL EXPLAIN Statement Item_singlerow_subselect::store Function NULL Dereference DoS
6833| [67381] MySQL InnoDB Temporary Table Handling DoS
6834| [67380] MySQL BINLOG Statement Unspecified Argument DoS
6835| [67379] MySQL Multiple Operation NULL Argument Handling DoS
6836| [67378] MySQL Unique SET Column Join Statement Remote DoS
6837| [67377] MySQL DDL Statement Multiple Configuration Parameter DoS
6838| [66800] PHP Multiple mysqlnd_* Function Unspecified Overflow
6839| [66799] PHP mysqlnd Error Packet Handling Multiple Overflows
6840| [66731] PHP Bundled MySQL Library Unspecified Issue
6841| [66665] PHP MySQL LOAD DATA LOCAL open_basedir Bypass
6842| [65851] MySQL ALTER DATABASE #mysql50# Prefix Handling DoS
6843| [65450] phpGraphy mysql_cleanup.php include_path Parameter Remote File Inclusion
6844| [65085] MySQL Enterprise Monitor Unspecified CSRF
6845| [64843] MySQL DROP TABLE Command Symlink MyISAM Table Local Data Deletion
6846| [64588] MySQL sql/net_serv.cc my_net_skip_rest Function Large Packet Handling Remote DoS
6847| [64587] MySQL COM_FIELD_LIST Command Packet Table Name Argument Overflow
6848| [64586] MySQL COM_FIELD_LIST Command Packet Authentication Bypass
6849| [64524] Advanced Poll misc/get_admin.php mysql_host Parameter XSS
6850| [64447] Tirzen Framework (TZN) tzn_mysql.php Username Parameter SQL Injection Authentication Bypass
6851| [64320] ClanSphere MySQL Driver s_email Parameter SQL Injection
6852| [63903] MySQL sql/sql_plugin.cc mysql_uninstall_plugin Function UNINSTALL PLUGIN Command Privilege Check Weakness
6853| [63115] Quicksilver Forums mysqldump Process List Database Password Disclosure
6854| [62830] Employee Timeclock Software mysqldump Command-line Database Password Disclosure
6855| [62640] PHP mysqli_real_escape_string() Function Error Message Path Disclosure
6856| [62216] Flex MySQL Connector ActionScript SQL Query Arbitrary Code Execution
6857| [61752] kiddog_mysqldumper Extension for TYPO3 Unspecified Information Disclosure
6858| [61497] microTopic admin/mysql.php rating Parameter SQL Injection
6859| [60665] MySQL CREATE TABLE MyISAM Table mysql_unpacked_real_data_home Local Restriction Bypass
6860| [60664] MySQL sql/sql_table.cc Data Home Directory Symlink CREATE TABLE Access Restriction Bypass
6861| [60516] RADIO istek scripti estafresgaftesantusyan.inc Direct Request MySQL Database Credentials Disclosure
6862| [60489] MySQL GeomFromWKB() Function First Argument Geometry Value Handling DoS
6863| [60488] MySQL SELECT Statement WHERE Clause Sub-query DoS
6864| [60487] MySQL vio_verify_callback() Function Crafted Certificate MiTM Weakness
6865| [60356] MySql Client Library (libmysqlclient) mysql_real_connect Function Local Overflow
6866| [59907] MySQL on Windows bind-address Remote Connection Weakness
6867| [59906] MySQL on Windows Default Configuration Logging Weakness
6868| [59616] MySQL Hashed Password Weakness
6869| [59609] Suckbot mod_mysql_logger Shared Object Unspecified Remote DoS
6870| [59495] Cyrus SASL LDAP / MySQL Authentication Patch password Field SQL Injection Authentication Bypass
6871| [59062] phpMyAdmin Extension for TYPO3 MySQL Table Name Unspecified XSS
6872| [59045] phpMyAdmin Crafted MYSQL Table Name XSS
6873| [59030] mysql-ocaml for MySQL mysql_real_escape_string() Function Character Escaping Weakness
6874| [57587] Zmanda Recovery Manager for MySQL socket-server.pl system() Function Local Privilege Escalation
6875| [57586] Zmanda Recovery Manager for MySQL socket-server.pl system() Function Remote Shell Command Execution
6876| [56741] MySQL Connector/J Unicode w/ SJIS/Windows-31J Charset SQL Injection
6877| [56134] Virtualmin MySQL Module Execute SQL Feature Arbitrary File Access
6878| [55734] MySQL sql_parse.cc dispatch_command() Function Format String DoS
6879| [55566] MySQL Connector/NET SSL Certificate Verification Weakness
6880| [53525] MyBlog /config/mysqlconnection.inc Direct Request Information Disclosure
6881| [53524] blog+ includes/window_top.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
6882| [53523] blog+ includes/block_center_down.php row_mysql_blocks_center_down[file] Parameter Traversal Local File Inclusion
6883| [53522] blog+ includes/block_center_top.php row_mysql_blocks_center_top[file] Parameter Traversal Local File Inclusion
6884| [53521] blog+ includes/block_left.php row_mysql_blocks_left[file] Parameter Traversal Local File Inclusion
6885| [53520] blog+ includes/block_right.php row_mysql_blocks_right[file] Parameter Traversal Local File Inclusion
6886| [53519] blog+ includes/window_down.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
6887| [53366] GEDCOM_TO_MYSQL php/info.php Multiple Parameter XSS
6888| [53365] GEDCOM_TO_MYSQL php/index.php nom_branche Parameter XSS
6889| [53364] GEDCOM_TO_MYSQL php/prenom.php Multiple Parameter XSS
6890| [53360] Blogplus includes/window_top.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
6891| [53359] Blogplus includes/window_down.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
6892| [53358] Blogplus includes/block_right.php row_mysql_blocks_right[file] Parameter Traversal Local File Inclusion
6893| [53357] Blogplus includes/block_left.php row_mysql_blocks_left[file] Parameter Traversal Local File Inclusion
6894| [53356] Blogplus block_center_top.php row_mysql_blocks_center_top[file] Parameter Traversal Local File Inclusion
6895| [53355] Blogplus includes/block_center_down.php row_mysql_blocks_center_down[file] Parameter Traversal Local File Inclusion
6896| [53110] XOOPS Cube Legacy ErrorHandler::show() Function MySQL Error Message XSS
6897| [52729] Asterisk-addon cdr_addon_mysql.c Call Detail Record SQL Injection
6898| [52728] Tribox cdr_addon_mysql.c Call Detail Record XSS
6899| [52727] FreePBX cdr_addon_mysql.c Call Detail Record XSS
6900| [52726] Areski cdr_addon_mysql.c Call Detail Record XSS
6901| [52464] MySQL charset Column Truncation Weakness
6902| [52453] MySQL sql/item_xmlfunc.cc ExtractValue() / UpdateXML() Functions Scalar XPath DoS
6903| [52378] Cisco ANM MySQL root Account Default Password
6904| [52264] Broadcast Machine MySQLController.php controllers/baseDir Parameter Remote File Inclusion
6905| [51923] Apache HTTP Server mod-auth-mysql Module mod_auth_mysql.c Multibyte Character Encoding SQL Injection
6906| [51171] MySQL InnoDB convert_search_mode_to_innobase Function DoS
6907| [50892] MySQL Calendar index.php username Parameter SQL Injection
6908| [50827] Nodstrum MySQL Calendar nodstrumCalendarV2 Cookie Manipulation Admin Authentication Bypass
6909| [49875] PromoteWeb MySQL go.php id Parameter SQL Injection
6910| [48710] MySQL Command Line Client HTML Output XSS
6911| [48709] MySQL Quick Admin actions.php lang Parameter Traversal Local File Inclusion
6912| [48708] MySQL Quick Admin index.php language Cookie Traversal Local File Inclusion
6913| [48021] MySQL Empty Bit-String Literal Token SQL Statement DoS
6914| [47789] mysql-lists Unspecified XSS
6915| [47394] Keld PHP-MySQL News Script login.php username Parameter SQL Injection
6916| [45073] MySQLDumper Extension for TYPO3 Unspecified Authentication Bypass
6917| [44937] MySQL MyISAM Table CREATE TABLE Privilege Check Bypass
6918| [44138] Debian GNU/Linux libdspam7-drv-mysql Cron MySQL dspam Database Password Local Disclosure
6919| [44071] Phorum /include/db/mysql.php Unspecified Search SQL Injection
6920| [43180] MySQL sql_select.cc INFORMATION_SCHEMA Table Crafted Query Remote DoS
6921| [43179] MySQL Server BINLOG Statement Rights Checking Failure
6922| [42610] MySQL DEFINER View Value Crafted Statements Remote Privilege Escalation
6923| [42609] MySQL Federated Engine SHOW TABLE STATUS Query Remote DoS
6924| [42608] MySQL RENAME TABLE Symlink System Table Overwrite
6925| [42607] MySQL Multiple table-level DIRECTORY Remote Privilege Escalation
6926| [42460] MySQLDumper HTTP POST Request Remote Authentication Bypass
6927| [42423] AdventNet EventLog Analyzer MySQL Installation Default root Account
6928| [41861] Bacula make_catalog_backup Function MySQL Director Password Cleartext Disclosure
6929| [40232] PHP MySQL Banner Exchange inc/lib.inc Direct Request Database Disclosure
6930| [40188] Password Manager Pro (PMP) mysql Unspecified Remote Command Injection
6931| [39279] PHP mysql_error() Function XSS
6932| [39145] aurora framework db_mysql.lib pack_var() value Parameter SQL Injection
6933| [38567] NetClassifieds Mysql_db.php Halt_On_Error Setting Error Message Path Disclosure
6934| [38112] Excel Parser Pro sample/xls2mysql parser_path Parameter Remote File Inclusion
6935| [37880] Asterisk-Addons source/destination Numbers cdr_addon_mysql Module SQL Injection
6936| [37784] PHP MySQL Extension Multiple Function Security Restriction Bypass
6937| [37783] MySQL Community Server CREATE TABLE LIKE Table Structure Disclosure
6938| [37782] MySQL Community Server External Table View Privilege Escalation
6939| [37781] MySQL ALTER TABLE Information Disclosure
6940| [37539] GPL PHP Board db.mysql.inc.php root_path Parameter Remote File Inclusion
6941| [37195] Eve-Nuke Module for PHP-Nuke db/mysql.php phpbb_root_path
6942| [37015] paBugs class.mysql.php path_to_bt_dir Parameter Remote File Inclusion
6943| [36868] PHP MySQLi Extension LOCAL INFILE Operation Security Restriction Bypass
6944| [36867] PHP MySQL Extension LOCAL INFILE Operation Security Restriction Bypass
6945| [36771] InterWorx-CP SiteWorx mysql.php PATH_INFO Parameter XSS
6946| [36757] InterWorx-CP NodeWorx mysql.php PATH_INFO Parameter XSS
6947| [36732] MySQL Community Server Connection Protocol Malformed Password Packet Remote DoS
6948| [36251] Associated Press (AP) Newspower Default MySQL root Password
6949| [35168] Study Planner (Studiewijzer) db/mysql/db.inc.php SPL_CFG[dirroot] Parameter Remote File Inclusion
6950| [35037] Fantastico for cPanel includes/mysqlconfig.php fantasticopath Parameter Traversal Local File Inclusion
6951| [34780] Backup Manager Command Line Cleartext MySQL Password Disclosure
6952| [34766] MySQL RENAME TABLE Statement Arbitrary Table Name Modification
6953| [34765] MySQL mysql_change_db Function THD::db_access Privilege Escalation
6954| [34734] MySQL Crafted IF Clause Divide-by-zero NULL Dereference DoS
6955| [34038] MySQL Commander ressourcen/dbopen.php home Parameter Remote File Inclusion
6956| [33974] MySQL information_schema Table Subselect Single-Row DoS
6957| [33678] MySQLNewsEngine affichearticles.php3 newsenginedir Parameter Remote File Inclusion
6958| [33447] WGS-PPC (PPC Search Engine) config/mysql_config.php INC Parameter Remote File Inclusion
6959| [33372] deV!L'z Clanportal inc/filebrowser/browser.php MySQL Data Disclosure
6960| [33147] ActiveCalendar data/mysqlevents.php css Parameter XSS
6961| [32784] Storystream mysqli.php baseDir Parameter Remote File Inclusion
6962| [32783] Storystream mysql.php baseDir Parameter Remote File Inclusion
6963| [32421] Contenido CMS conlib/db_mysqli.inc Direct Request Path Disclosure
6964| [32272] JevonCMS /phplib/db_mysql.inc Direct Request Path Disclosure
6965| [32171] Blue Magic Board db_mysql_error.php Direct Request Path Disclosure
6966| [32056] BTSaveMySql Direct Request Config File Disclosure
6967| [32044] cPanel WebHost Manager (WHM) scripts/passwdmysql password Parameter XSS
6968| [32024] TikiWiki tiki-wiki_rss.php ver MySQL Credential Disclosure
6969| [31963] Agora MysqlfinderAdmin.php _SESSION[PATH_COMPOSANT] Parameter Remote File Inclusion
6970| [31431] ZoomStats libs/dbmax/mysql.php GLOBALS[lib][db][path] Parameter Remote File Inclusion
6971| [30172] TikiWiki Multiple Script Empty sort_mode Parameter MySQL Authentication Credential Disclosure
6972| [29696] MySQLDumper sql.php db Parameter XSS
6973| [29453] ConPresso CMS db_mysql.inc.php msg Parameter XSS
6974| [29122] cPanel mysqladmin/hooksadmin Unspecified Privilege Escalation
6975| [28296] MySQL Crafted multiupdate / subselects Query Local DoS
6976| [28288] MySQL Instance_options::complete_initialization Function Overflow
6977| [28030] Tutti Nova class.novaRead.mysql.php TNLIB_DIR Parameter Remote File Inclusion
6978| [28029] Tutti Nova class.novaAdmin.mysql.php TNLIB_DIR Parameter Remote File Inclusion
6979| [28028] Tutti Nova class.novaEdit.mysql.php TNLIB_DIR Parameter Remote File Inclusion
6980| [28013] MySQL SUID Routine Miscalculation Arbitrary DML Statement Execution
6981| [28012] MySQL Case Sensitivity Unauthorized Database Creation
6982| [27919] MySQL VIEW Access information_schema.views Information Disclosure
6983| [27703] MySQL MERGE Table Privilege Persistence
6984| [27593] Drupal database.mysqli.inc Multiple Parameter SQL Injection
6985| [27549] Opsware NAS /etc/init.d/mysqll MySQL root Cleartext Password Local Disclosure
6986| [27416] MySQL Server time.cc date_format Function Format String
6987| [27054] MySQL mysqld str_to_date Function NULL Argument DoS
6988| [26923] PHP/MySQL Classifieds (PHP Classifieds) search.php rate Parameter SQL Injection
6989| [26922] PHP/MySQL Classifieds (PHP Classifieds) AddAsset1.php Multiple Field XSS
6990| [26822] Bee-hive Lite include/listall.inc.php mysqlcall Parameter Remote File Inclusion
6991| [26821] Bee-hive Lite conad/include/mysqlCall.inc.php config Parameter Remote File Inclusion
6992| [26820] Bee-hive Lite conad/logout.inc.php mysqlCall Parameter Remote File Inclusion
6993| [26819] Bee-hive Lite conad/login.inc.php mysqlCall Parameter Remote File Inclusion
6994| [26818] Bee-hive Lite conad/checkPasswd.inc.php mysqlCall Parameter Remote File Inclusion
6995| [26817] Bee-hive Lite conad/changeUserDetails.inc.php mysqlCall Parameter Remote File Inclusion
6996| [26816] Bee-hive Lite conad/changeEmail.inc.php mysqlCall Parameter Remote File Inclusion
6997| [26125] Open Searchable Image Catalogue core.php do_mysql_query Function Error Message XSS
6998| [26123] Open Searchable Image Catalogue core.php do_mysql_query Function SQL Injection
6999| [25987] MySQL Multibyte Encoding SQL Injection Filter Bypass
7000| [25908] Drupal database.mysql.inc Multiple Parameter SQL Injection
7001| [25595] Apple Mac OS X MySQL Manager Blank root Password
7002| [25228] MySQL Crafted COM_TABLE_DUMP Request Arbitrary Memory Disclosure
7003| [25227] MySQL COM_TABLE_DUMP Packet Overflow
7004| [25226] MySQL Malformed Login Packet Remote Memory Disclosure
7005| [24245] Cholod Mysql Based Message Board Unspecified XSS
7006| [24244] Cholod Mysql Based Message Board mb.cgi showmessage Action SQL Injection
7007| [23963] WoltLab Burning Board class_db_mysql.php SQL Error Message XSS
7008| [23915] Netcool/NeuSecure MySQL Database Connection Restriction Bypass
7009| [23611] Aztek Forum index.php msg Variable Forced MySQL Error Information Disclosure
7010| [23526] MySQL Query NULL Charcter Logging Bypass
7011| [23157] PHP/MYSQL Timesheet changehrs.php Multiple Parameter SQL Injection
7012| [23156] PHP/MYSQL Timesheet index.php Multiple Parameter SQL Injection
7013| [22995] PAM-MySQL Authentication pam_get_item() Function Unspecified Privilege Escalation
7014| [22994] PAM-MySQL SQL Logging Facility Segfault DoS
7015| [22485] Recruitment Software admin/site.xml MySQL Authentication Credential Disclosure
7016| [22479] PHP mysqli Extension Error Message Format String
7017| [22232] PHP Pipe Variable mysql_connect() Function Overflow
7018| [21685] MySQL Auction Search Module keyword XSS
7019| [20698] Campsite notifyendsubs Cron MySQL Password Cleartext Remote Disclosure
7020| [20145] Proofpoint Protection Server Embedded MySQL Server Unpassworded root Account
7021| [19457] aMember Pro mysql.inc.php Remote File Inclusion
7022| [19377] MAXdev MD-Pro /MySQL_Tools/admin.php Path Disclosure
7023| [18899] MySQL UDF Library Arbitrary Function Load Privilege Escalation
7024| [18898] MySQL UDF LoadLibraryEx Function Nonexistent Library Load DoS
7025| [18897] MySQL on Windows UDF Create Function Traversal Privilege Escalation
7026| [18896] MySQL User-Defined Function init_syms() Function Overflow
7027| [18895] MySQL libmysqlclient.so host Parameter Remote Overflow
7028| [18894] MySQL drop database Request Remote Overflow
7029| [18622] FunkBoard mysql_install.php Email Field Arbitrary PHP Code Injection
7030| [18620] FunkBoard mysql_install.php Admin/Database Password Manipulation
7031| [18406] MySQL Eventum releases.php SQL Injection
7032| [18405] MySQL Eventum custom_fields_graph.php SQL Injection
7033| [18404] MySQL Eventum custom_fields.php SQL Injection
7034| [18403] MySQL Eventum login.php email Parameter SQL Injection Authentication Bypass
7035| [18402] MySQL Eventum get_jsrs_data.php F Parameter XSS
7036| [18401] MySQL Eventum list.php release Parameter XSS
7037| [18400] MySQL Eventum view.php id Parameter XSS
7038| [18173] MySQL on Windows USE Command MS-DOS Device Name DoS
7039| [17801] Bugzilla MySQL Replication Race Condition Information Disclosure
7040| [17223] xMySQLadmin Symlink Arbitrary File Deletion
7041| [16727] MySQL Nonexistent '--user' Error Incorrect Privilege Database Invocation
7042| [16689] MySQL mysql_install_db Symlink Arbitrary File Overwrite
7043| [16056] Plans Unspecified mySQL Remote Password Disclosure
7044| [15993] MySQL MaxDB Webtool Remote getIfHeader() WebDAV Function Remote Overflow
7045| [15817] MySQL MaxDB Web Tool getLockTokenHeader() Function Remote Overflow
7046| [15816] MySQL MaxDB Web Administration Service Malformed GET Request Overflow
7047| [15451] paNews auth.php mysql_prefix Parameter SQL Injection
7048| [14748] MySQL MS-DOS Device Names Request DoS
7049| [14678] MySQL CREATE FUNCTION Arbitrary libc Code Execution
7050| [14677] MySQL CREATE FUNCTION mysql.func Table Arbitrary Library Injection
7051| [14676] MySQL CREATE TEMPORARY TABLE Symlink Privilege Escalation
7052| [14386] phpMyAdmin mysqli.dbi.lib.php Path Disclosure
7053| [14052] Symantec Brightmail AntiSpam Multiple Default MySQL Accounts
7054| [13086] MySQL MaxDB Web Agent Malformed HTTP Header DoS
7055| [13085] MySQL MaxDB Web Agent WebDAV sapdbwa_GetUserData() Function Remote DoS
7056| [13013] MySQL mysqlaccess.sh Symlink Arbitrary File Manipulation
7057| [12919] MySQL MaxDB WebAgent websql Remote Overflow
7058| [12779] MySQL User Defined Function Privilege Escalation
7059| [12609] MySQL Eventum projects.php Multiple Parameter XSS
7060| [12608] MySQL Eventum preferences.php Multiple Parameter XSS
7061| [12607] MySQL Eventum forgot_password.php email Parameter XSS
7062| [12606] MySQL Eventum index.php email Parameter XSS
7063| [12605] MySQL Eventum Default Vendor Account
7064| [12275] MySQL MaxDB Web Tools wahttp Nonexistent File Request DoS
7065| [12274] MySQL MaxDB Web Tools WebDAV Handler Remote Overflow
7066| [11689] Roxen Web Server MySQL Socket Permission Weakness
7067| [10985] MySQL MATCH..AGAINST Query DoS
7068| [10959] MySQL GRANT ALL ON Privilege Escalation
7069| [10660] MySQL ALTER TABLE/RENAME Forces Old Permission Checks
7070| [10659] MySQL ALTER MERGE Tables to Change the UNION DoS
7071| [10658] MySQL mysql_real_connect() Function Remote Overflow
7072| [10532] MySQL MaxDB webdbm Server Field DoS
7073| [10491] AWS MySQLguest AWSguest.php Script Insertion
7074| [10244] MySQL libmysqlclient Prepared Statements API Overflow
7075| [10226] MySQLGuest AWSguest.php Multiple Field XSS
7076| [9912] PHP safe_mode MySQL Database Access Restriction Bypass
7077| [9911] Inter7 vpopmail MySQL Module Authentication Credential Disclosure
7078| [9910] MySQL mysql_change_user() Double-free Memory Pointer DoS
7079| [9909] MySQL datadir/my.cnf Modification Privilege Escalation
7080| [9908] MySQL my.ini Initialization File datadir Parameter Overflow
7081| [9907] MySQL SELECT Statement String Handling Overflow
7082| [9906] MySQL GRANT Privilege Arbitrary Password Modification
7083| [9509] teapop MySQL Authentication Module SQL Injection
7084| [9018] MySQL Backup Pro getbackup() Method Unspecified Issue
7085| [9015] MySQL mysqlhotcopy Insecure Temporary File Creation
7086| [8997] Cacti config.php MySQL Authentication Credential Cleartext Disclosure
7087| [8979] MySQL SHOW GRANTS Encrypted Password Disclosure
7088| [8889] MySQL COM_TABLE_DUMP Package Negative Integer DoS
7089| [8888] MySQL COM_CHANGE_USER Command Long Repsonse Overflow
7090| [8887] MySQL COM_CHANGE_USER Command One Character Password Brute Force
7091| [8886] MySQL libmysqlclient Library read_one_row Overflow
7092| [8885] MySQL libmysqlclient Library read_rows Overflow
7093| [7476] MySQL Protocol 4.1 Authentication Scramble String Overflow
7094| [7475] MySQL Zero-length Scrambled String Crafted Packet Authentication Bypass
7095| [7245] MySQL Pluggable Authentication Module (pam_mysql) Password Disclosure
7096| [7128] MySQL show database Database Name Exposure
7097| [6716] MySQL Database Engine Weak Authentication Information Disclosure
7098| [6605] MySQL mysqld Readable Log File Information Disclosure
7099| [6443] PowerPhlogger db_dump.php View Arbitrary mySQL Dump
7100| [6421] MySQL mysqld_multi Symlink Arbitrary File Overwrite
7101| [6420] MySQL mysqlbug Symlink Arbitrary File Overwrite
7102| [2537] MySQL sql_acl.cc get_salt_from_password Function Password Handling Remote Overflow
7103| [2144] WinMySQLadmin my.ini Cleartext Password Disclosure
7104| [653] PCCS-Linux MySQL Database Admin Tool Authentication Credential Disclosure
7105| [520] MySQL Database Name Traversal Arbitrary File Modification
7106| [380] MySQL Server on Windows Default Null Root Password
7107| [261] MySQL Short Check String Authentication Bypass
7108|_
7109Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
7110Aggressive OS guesses: Linux 2.6.18 (95%), Asus RT-AC66U router (Linux 2.6) (95%), Asus RT-N10 router or AXIS 211A Network Camera (Linux 2.6) (95%), Asus RT-N16 WAP (Linux 2.6) (95%), Asus RT-N66U WAP (Linux 2.6) (95%), Tomato 1.28 (Linux 2.6.22) (95%), AXIS 211A Network Camera (Linux 2.6.20) (95%), Linux 2.6.16 (95%), Linux 2.6.32 (94%), Xerox WorkCentre 7545 printer (94%)
7111No exact OS matches for host (test conditions non-ideal).
7112Network Distance: 10 hops
7113
7114TRACEROUTE (using port 3306/tcp)
7115HOP RTT ADDRESS
71161 132.29 ms 10.230.200.1
71172 ...
71183 132.97 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
71194 132.94 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
71205 138.29 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
71216 134.32 ms be3377.ccr21.sto01.atlas.cogentco.com (154.54.36.90)
71227 134.70 ms level3.sto01.atlas.cogentco.com (130.117.14.6)
71238 163.40 ms ae-1-3107.edge6.Amsterdam1.Level3.net (4.69.162.214)
71249 ...
712510 163.38 ms no-reverse-dns-configured.com (94.102.49.234)
7126#######################################################################################################################################
7127Hosts
7128=====
7129
7130address mac name os_name os_flavor os_sp purpose info comments
7131------- --- ---- ------- --------- ----- ------- ---- --------
713294.102.49.234 no-reverse-dns-configured.com Unknown device
7133
7134Services
7135========
7136
7137host port proto name state info
7138---- ---- ----- ---- ----- ----
713994.102.49.234 21 tcp ftp open
714094.102.49.234 22 tcp ssh open
714194.102.49.234 80 tcp http open
714294.102.49.234 111 tcp rpcbind open
714394.102.49.234 123 udp ntp open
714494.102.49.234 222 tcp rsh-spx open
714594.102.49.234 3306 tcp mysql open
7146#######################################################################################################################################
7147Starting Nmap 7.80 ( https://nmap.org ) at 2019-11-06 18:03 EST
7148Nmap scan report for no-reverse-dns-configured.com (94.102.49.234)
7149Host is up (0.17s latency).
7150Not shown: 994 closed ports
7151PORT STATE SERVICE
715221/tcp open ftp
715322/tcp open ssh
715480/tcp open http
7155111/tcp open rpcbind
7156222/tcp open rsh-spx
71573306/tcp open mysql
7158
7159Nmap done: 1 IP address (1 host up) scanned in 2.05 seconds
7160#######################################################################################################################################
7161Starting Nmap 7.80 ( https://nmap.org ) at 2019-11-06 18:04 EST
7162Stats: 0:00:22 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
7163NSE Timing: About 71.23% done; ETC: 18:04 (0:00:04 remaining)
7164Stats: 0:00:39 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
7165NSE Timing: About 71.62% done; ETC: 18:04 (0:00:11 remaining)
7166Stats: 0:03:26 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
7167NSE Timing: About 79.61% done; ETC: 18:08 (0:00:50 remaining)
7168Stats: 0:07:47 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
7169NSE Timing: About 87.43% done; ETC: 18:12 (0:01:06 remaining)
7170NSE: [ftp-brute] usernames: Time limit 10m00s exceeded.
7171NSE: [ftp-brute] usernames: Time limit 10m00s exceeded.
7172NSE: [ftp-brute] passwords: Time limit 10m00s exceeded.
7173Nmap scan report for no-reverse-dns-configured.com (94.102.49.234)
7174Host is up (0.19s latency).
7175
7176PORT STATE SERVICE VERSION
717721/tcp open ftp vsftpd 2.0.5
7178| ftp-brute:
7179| Accounts: No valid accounts found
7180|_ Statistics: Performed 2362 guesses in 604 seconds, average tps: 3.9
7181| vulscan: VulDB - https://vuldb.com:
7182| [43110] vsftpd up to 2.0.4 Memory Leak denial of service
7183|
7184| MITRE CVE - https://cve.mitre.org:
7185| [CVE-2008-2375] Memory leak in a certain Red Hat deployment of vsftpd before 2.0.5 on Red Hat Enterprise Linux (RHEL) 3 and 4, when PAM is used, allows remote attackers to cause a denial of service (memory consumption) via a large number of invalid authentication attempts within the same session, a different vulnerability than CVE-2007-5962.
7186| [CVE-2007-5962] Memory leak in a certain Red Hat patch, applied to vsftpd 2.0.5 on Red Hat Enterprise Linux (RHEL) 5 and Fedora 6 through 8, and on Foresight Linux and rPath appliances, allows remote attackers to cause a denial of service (memory consumption) via a large number of CWD commands, as demonstrated by an attack on a daemon with the deny_file configuration option.
7187| [CVE-2008-4969] ltp-network-test 20060918 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/vsftpd.conf, (b) /tmp/udp/2/*, (c) /tmp/tcp/2/*, (d) /tmp/udp/3/*, (e) /tmp/tcp/3/*, (f) /tmp/nfs_fsstress.udp.2.log, (g) /tmp/nfs_fsstress.udp.3.log, (h) /tmp/nfs_fsstress.tcp.2.log, (i) /tmp/nfs_fsstress.tcp.3.log, and (j) /tmp/nfs_fsstress.sardata temporary files, related to the (1) ftp_setup_vsftp_conf and (2) nfs_fsstress.sh scripts.
7188| [CVE-2007-4322] BlockHosts before 2.0.4 does not properly parse (1) sshd and (2) vsftpd log files, which allows remote attackers to add arbitrary deny entries to the /etc/hosts.allow file and cause a denial of service by adding arbitrary IP addresses to a daemon log file, as demonstrated by connecting through ssh with a client protocol version identification containing an IP address string, or connecting through ftp with a username containing an IP address string, different vectors than CVE-2007-2765.
7189|
7190| SecurityFocus - https://www.securityfocus.com/bid/:
7191| [82285] Vsftpd CVE-2004-0042 Remote Security Vulnerability
7192| [72451] vsftpd CVE-2015-1419 Security Bypass Vulnerability
7193| [51013] vsftpd '__tzfile_read()' Function Heap Based Buffer Overflow Vulnerability
7194| [48539] vsftpd Compromised Source Packages Backdoor Vulnerability
7195| [46617] vsftpd FTP Server 'ls.c' Remote Denial of Service Vulnerability
7196| [41443] Vsftpd Webmin Module Multiple Unspecified Vulnerabilities
7197| [30364] vsftpd FTP Server Pluggable Authentication Module (PAM) Remote Denial of Service Vulnerability
7198| [29322] vsftpd FTP Server 'deny_file' Option Remote Denial of Service Vulnerability
7199| [10394] Vsftpd Listener Denial of Service Vulnerability
7200| [7253] Red Hat Linux 9 vsftpd Compiling Error Weakness
7201|
7202| IBM X-Force - https://exchange.xforce.ibmcloud.com:
7203| [68366] vsftpd package backdoor
7204| [65873] vsftpd vsf_filename_passes_filter denial of service
7205| [55148] VSFTPD-WEBMIN-MODULE unknown unspecified
7206| [43685] vsftpd authentication attempts denial of service
7207| [42593] vsftpd deny_file denial of service
7208| [16222] vsftpd connection denial of service
7209| [14844] vsftpd message allows attacker to obtain username
7210| [11729] Red Hat Linux vsftpd FTP daemon tcp_wrapper could allow an attacker to gain access to server
7211|
7212| Exploit-DB - https://www.exploit-db.com:
7213| [5814] vsftpd 2.0.5 (CWD) Remote Memory Consumption Exploit (post auth)
7214|
7215| OpenVAS (Nessus) - http://www.openvas.org:
7216| [70399] Debian Security Advisory DSA 2305-1 (vsftpd)
7217|
7218| SecurityTracker - https://www.securitytracker.com:
7219| [1025186] vsftpd vsf_filename_passes_filter() Bug Lets Remote Authenticated Users Deny Service
7220| [1020546] vsftpd Memory Leak When Invalid Authentication Attempts Occur Lets Remote Authenticated Users Deny Service
7221| [1020079] vsftpd Memory Leak in 'deny_file' Option Lets Remote Authenticated Users Deny Service
7222| [1008628] vsftpd Discloses Whether Usernames are Valid or Not
7223|
7224| OSVDB - http://www.osvdb.org:
7225| [73573] vsftpd on vsftpd.beasts.org Trojaned Distribution
7226| [73340] vsftpd ls.c vsf_filename_passes_filter STAT Command glob Expression Remote DoS
7227| [61362] Vsftpd Webmin Module Unspecified Issues
7228| [46930] Red Hat Linux vsftpd w/ PAM Memory Exhaustion Remote DoS
7229| [45626] vsftpd deny_file Option Crafted FTP Data Remote Memory Exhaustion DoS
7230| [36515] BlockHosts sshd/vsftpd hosts.allow Arbitrary Deny Entry Manipulation
7231| [28610] vsftpd SIGURG Handler Unspecified Issue
7232| [28609] vsftpd tunable_chroot_local_user Filesystem Root Access
7233| [6861] vsftpd Login Error Message Username Enumeration
7234| [6306] vsftpd Connection Handling DoS
7235| [4564] vsftpd on Red Hat Linux Restricted Access Failure
7236|_
7237Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
7238Device type: broadband router|general purpose|WAP|webcam|printer|router
7239Running (JUST GUESSING): Asus embedded (95%), Linux 2.6.X|2.4.X (95%), AXIS embedded (95%), Xerox embedded (94%), Peplink embedded (94%)
7240OS CPE: cpe:/h:asus:rt-ac66u cpe:/o:linux:linux_kernel:2.6 cpe:/h:asus:rt-n10 cpe:/h:axis:211_network_camera cpe:/o:linux:linux_kernel:2.6.20 cpe:/h:xerox:workcentre_7545 cpe:/o:linux:linux_kernel:2.4 cpe:/h:peplink:balance_380
7241Aggressive OS guesses: Asus RT-AC66U router (Linux 2.6) (95%), Asus RT-N10 router or AXIS 211A Network Camera (Linux 2.6) (95%), Asus RT-N16 WAP (Linux 2.6) (95%), Asus RT-N66U WAP (Linux 2.6) (95%), Tomato 1.28 (Linux 2.6.22) (95%), AXIS 211A Network Camera (Linux 2.6.20) (95%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (95%), Linux 2.6.16 (95%), Linux 2.6.32 (94%), Xerox WorkCentre 7545 printer (94%)
7242No exact OS matches for host (test conditions non-ideal).
7243Network Distance: 10 hops
7244Service Info: OS: Unix
7245
7246TRACEROUTE (using port 21/tcp)
7247HOP RTT ADDRESS
72481 131.38 ms 10.230.200.1
72492 ...
72503 132.24 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
72514 132.22 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
72525 137.02 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
72536 132.86 ms be3377.ccr21.sto01.atlas.cogentco.com (154.54.36.90)
72547 132.61 ms level3.sto01.atlas.cogentco.com (130.117.14.6)
72558 164.83 ms ae-1-3107.edge6.Amsterdam1.Level3.net (4.69.162.214)
72569 ...
725710 167.67 ms no-reverse-dns-configured.com (94.102.49.234)
7258#######################################################################################################################################
7259# general
7260(gen) banner: SSH-2.0-OpenSSH_5.1p1 Debian-5
7261(gen) software: OpenSSH 5.1p1
7262(gen) compatibility: OpenSSH 4.7-6.6, Dropbear SSH 0.53+ (some functionality from 0.52)
7263(gen) compression: enabled (zlib@openssh.com)
7264
7265# key exchange algorithms
7266(kex) diffie-hellman-group-exchange-sha256 -- [warn] using custom size modulus (possibly weak)
7267 `- [info] available since OpenSSH 4.4
7268(kex) diffie-hellman-group-exchange-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
7269 `- [warn] using weak hashing algorithm
7270 `- [info] available since OpenSSH 2.3.0
7271(kex) diffie-hellman-group14-sha1 -- [warn] using weak hashing algorithm
7272 `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53
7273(kex) diffie-hellman-group1-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
7274 `- [fail] disabled (in client) since OpenSSH 7.0, logjam attack
7275 `- [warn] using small 1024-bit modulus
7276 `- [warn] using weak hashing algorithm
7277 `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
7278
7279# host-key algorithms
7280(key) ssh-rsa -- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
7281(key) ssh-dss -- [fail] removed (in server) and disabled (in client) since OpenSSH 7.0, weak algorithm
7282 `- [warn] using small 1024-bit modulus
7283 `- [warn] using weak random number generator could reveal the key
7284 `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
7285
7286# encryption algorithms (ciphers)
7287(enc) aes128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
7288 `- [warn] using weak cipher mode
7289 `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
7290(enc) 3des-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
7291 `- [warn] using weak cipher
7292 `- [warn] using weak cipher mode
7293 `- [warn] using small 64-bit block size
7294 `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
7295(enc) blowfish-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
7296 `- [fail] disabled since Dropbear SSH 0.53
7297 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
7298 `- [warn] using weak cipher mode
7299 `- [warn] using small 64-bit block size
7300 `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
7301(enc) cast128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
7302 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
7303 `- [warn] using weak cipher mode
7304 `- [warn] using small 64-bit block size
7305 `- [info] available since OpenSSH 2.1.0
7306(enc) arcfour128 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
7307 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
7308 `- [warn] using weak cipher
7309 `- [info] available since OpenSSH 4.2
7310(enc) arcfour256 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
7311 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
7312 `- [warn] using weak cipher
7313 `- [info] available since OpenSSH 4.2
7314(enc) arcfour -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
7315 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
7316 `- [warn] using weak cipher
7317 `- [info] available since OpenSSH 2.1.0
7318(enc) aes192-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
7319 `- [warn] using weak cipher mode
7320 `- [info] available since OpenSSH 2.3.0
7321(enc) aes256-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
7322 `- [warn] using weak cipher mode
7323 `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.47
7324(enc) rijndael-cbc@lysator.liu.se -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
7325 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
7326 `- [warn] using weak cipher mode
7327 `- [info] available since OpenSSH 2.3.0
7328(enc) aes128-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
7329(enc) aes192-ctr -- [info] available since OpenSSH 3.7
7330(enc) aes256-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
7331
7332# message authentication code algorithms
7333(mac) hmac-md5 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
7334 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
7335 `- [warn] using encrypt-and-MAC mode
7336 `- [warn] using weak hashing algorithm
7337 `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
7338(mac) hmac-sha1 -- [warn] using encrypt-and-MAC mode
7339 `- [warn] using weak hashing algorithm
7340 `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
7341(mac) umac-64@openssh.com -- [warn] using encrypt-and-MAC mode
7342 `- [warn] using small 64-bit tag size
7343 `- [info] available since OpenSSH 4.7
7344(mac) hmac-ripemd160 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
7345 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
7346 `- [warn] using encrypt-and-MAC mode
7347 `- [info] available since OpenSSH 2.5.0
7348(mac) hmac-ripemd160@openssh.com -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
7349 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
7350 `- [warn] using encrypt-and-MAC mode
7351 `- [info] available since OpenSSH 2.1.0
7352(mac) hmac-sha1-96 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
7353 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
7354 `- [warn] using encrypt-and-MAC mode
7355 `- [warn] using weak hashing algorithm
7356 `- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.47
7357(mac) hmac-md5-96 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
7358 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
7359 `- [warn] using encrypt-and-MAC mode
7360 `- [warn] using weak hashing algorithm
7361 `- [info] available since OpenSSH 2.5.0
7362
7363# algorithm recommendations (for OpenSSH 5.1)
7364(rec) -diffie-hellman-group14-sha1 -- kex algorithm to remove
7365(rec) -diffie-hellman-group1-sha1 -- kex algorithm to remove
7366(rec) -diffie-hellman-group-exchange-sha1 -- kex algorithm to remove
7367(rec) -ssh-dss -- key algorithm to remove
7368(rec) -arcfour -- enc algorithm to remove
7369(rec) -rijndael-cbc@lysator.liu.se -- enc algorithm to remove
7370(rec) -blowfish-cbc -- enc algorithm to remove
7371(rec) -3des-cbc -- enc algorithm to remove
7372(rec) -aes256-cbc -- enc algorithm to remove
7373(rec) -arcfour256 -- enc algorithm to remove
7374(rec) -cast128-cbc -- enc algorithm to remove
7375(rec) -aes192-cbc -- enc algorithm to remove
7376(rec) -arcfour128 -- enc algorithm to remove
7377(rec) -aes128-cbc -- enc algorithm to remove
7378(rec) -hmac-ripemd160 -- mac algorithm to remove
7379(rec) -hmac-md5-96 -- mac algorithm to remove
7380(rec) -hmac-sha1-96 -- mac algorithm to remove
7381(rec) -hmac-md5 -- mac algorithm to remove
7382(rec) -hmac-ripemd160@openssh.com -- mac algorithm to remove
7383#######################################################################################################################################
7384USER_FILE => /usr/share/brutex/wordlists/simple-users.txt
7385RHOSTS => 94.102.49.234
7386RHOST => 94.102.49.234
7387[*] 94.102.49.234:22 - SSH - Using malformed packet technique
7388[*] 94.102.49.234:22 - SSH - Starting scan
7389[+] 94.102.49.234:22 - SSH - User 'admin' found
7390[-] 94.102.49.234:22 - SSH - User 'administrator' not found
7391[-] 94.102.49.234:22 - SSH - User 'anonymous' not found
7392[-] 94.102.49.234:22 - SSH - User 'backup' not found
7393[-] 94.102.49.234:22 - SSH - User 'bee' not found
7394[+] 94.102.49.234:22 - SSH - User 'ftp' found
7395[-] 94.102.49.234:22 - SSH - User 'guest' not found
7396[-] 94.102.49.234:22 - SSH - User 'GUEST' not found
7397[-] 94.102.49.234:22 - SSH - User 'info' not found
7398[+] 94.102.49.234:22 - SSH - User 'mail' found
7399[-] 94.102.49.234:22 - SSH - User 'mailadmin' not found
7400[-] 94.102.49.234:22 - SSH - User 'msfadmin' not found
7401[+] 94.102.49.234:22 - SSH - User 'mysql' found
7402[+] 94.102.49.234:22 - SSH - User 'nobody' found
7403[-] 94.102.49.234:22 - SSH - User 'oracle' not found
7404[-] 94.102.49.234:22 - SSH - User 'owaspbwa' not found
7405[+] 94.102.49.234:22 - SSH - User 'postfix' found
7406[-] 94.102.49.234:22 - SSH - User 'postgres' not found
7407[-] 94.102.49.234:22 - SSH - User 'private' not found
7408[-] 94.102.49.234:22 - SSH - User 'proftpd' not found
7409[-] 94.102.49.234:22 - SSH - User 'public' not found
7410[-] 94.102.49.234:22 - SSH - User 'root' not found
7411[-] 94.102.49.234:22 - SSH - User 'superadmin' not found
7412[-] 94.102.49.234:22 - SSH - User 'support' not found
7413[-] 94.102.49.234:22 - SSH - User 'sys' not found
7414[-] 94.102.49.234:22 - SSH - User 'system' not found
7415[-] 94.102.49.234:22 - SSH - User 'systemadmin' not found
7416[-] 94.102.49.234:22 - SSH - User 'systemadministrator' not found
7417[-] 94.102.49.234:22 - SSH - User 'test' not found
7418[-] 94.102.49.234:22 - SSH - User 'tomcat' not found
7419[-] 94.102.49.234:22 - SSH - User 'user' not found
7420[-] 94.102.49.234:22 - SSH - User 'webmaster' not found
7421[-] 94.102.49.234:22 - SSH - User 'www-data' not found
7422[-] 94.102.49.234:22 - SSH - User 'Fortimanager_Access' not found
7423[*] Scanned 1 of 1 hosts (100% complete)
7424[*] Auxiliary module execution completed
7425#######################################################################################################################################
7426Starting Nmap 7.80 ( https://nmap.org ) at 2019-11-06 18:19 EST
7427Nmap scan report for no-reverse-dns-configured.com (94.102.49.234)
7428Host is up (0.17s latency).
7429
7430PORT STATE SERVICE VERSION
7431123/udp open ntp NTP v4 (secondary server)
7432| ntp-info:
7433|_ receive time stamp: 2019-11-06T23:19:17
7434| vulscan: VulDB - https://vuldb.com:
7435| [133843] ntp Port unknown vulnerability
7436| [128043] InfoVista VistaPortal SE 5.1 EditCurrentPresentSpace.jsp Parameter cross site scripting
7437| [128042] InfoVista VistaPortal SE 5.1 EditCurrentPool.jsp Parameter cross site scripting
7438| [128036] InfoVista VistaPortal SE 5.1 EditCurrentPresentSpace.jsp Parameter cross site scripting
7439| [105145] ntp up to 4.2.8p2-RC1/4.3.11 on Big Endian MD5 Key Generator ntp-keygen.c Variable weak encryption
7440| [96331] OpenNTPD up to 6.0 CN Validator weak authentication
7441| [95322] ntpd up to 4.2.8p8 Initial Sync Calculation unknown vulnerability
7442| [89036] Microsoft Windows up to Vista SP2 Print Spooler ntprint.dll PSetupDownloadAndInstallLegacyDriver privilege escalation
7443| [89035] Microsoft Windows up to Vista SP2 Print Spooler ntprint.dll PSetupDownloadAndInstallLegacyDriver memory corruption
7444| [87754] ntpd up to 4.2.8p7 Crypto-NAK Packet valid_NAK denial of service
7445| [87751] ntpd up to 4.2.8p7 Validation ntp_proto.c receive privilege escalation
7446| [60308] UTC Fire & Security GE-MC100-NTP/GPS-ZB Hardcoded Credentials unknown vulnerability
7447| [91177] WebTitan Appliance v3.50.x NTP Server Persistent cross site scripting
7448| [3368] Microsoft Windows up to Vista NNTP Response Heap-based memory corruption
7449| [141110] Cisco NX-OS ntp Packet Flooding denial of service
7450| [139263] Polycom Obihai Obi1022 5.1.11 NTP POST Request command injection
7451| [138862] Terracotta Quartz Scheduler up to 2.3.0 XML Data XMLSchedulingDataProcessor.java initDocumentParser XML External Entity
7452| [136554] Foxit Reader SDK Professsional 5.4.0.1031 Textbox IReader_ContentProvider PDF File memory corruption
7453| [136165] Foxit Reader SDK Professsional 5.4.0.1031 TextBox IReader_ContentProvider PDF File memory corruption
7454| [135088] ntp up to 4.2.8p12 NULL Pointer Dereference denial of service
7455| [131170] D-Link DIR-825 Rev.B 2.10 ntp_sync.cgi POST Request privilege escalation
7456| [129795] NTPsec up to 1.1.2 ntpd ntp_control.c denial of service
7457| [129794] NTPsec up to 1.1.2 ntp_control.c process_control() memory corruption
7458| [129793] NTPsec up to 1.1.2 ntp_control.c read_sysvars memory corruption
7459| [129792] NTPsec up to 1.1.2 ntpd ntp_config.c Request memory corruption
7460| [128241] jco.ir Karma 6.0.0 ContentPlaceHolder1_uxTitle ArchiveNews.aspx Parameter sql injection
7461| [124080] D-Link DIR-816 A2 1.10 B05 /goform/NTPSyncWithHost handler Shell Metacharacter command injection
7462| [122955] btrfsmaintenance up to 0.4.1 evaluate_auto_mountpoint Code Execution
7463| [121557] NeoMutt Message Data nntp.c memory corruption
7464| [121556] NeoMutt newsrc.c nntp_add_group memory corruption
7465| [119727] ntp 4.2.8p11 ntpq/ntpdc Long String Stack-based memory corruption
7466| [118765] Apple iOS up to 11.3.1 FontParser memory corruption
7467| [118715] Apple watchOS up to 4.3.0 FontParser memory corruption
7468| [117884] Foxit Reader 9.0.0.29935 PrintParams memory corruption
7469| [117883] Foxit Reader 9.0.0.29935 PrintParams memory corruption
7470| [114231] ntp 4.2.8p6/4.2.8p7/4.2.8p8/4.2.8p9/4.2.8p10 Symmetric Mode decodearr memory corruption
7471| [114140] ntp up to 4.2.8p11 Protocol Engine Source IP Address denial of service
7472| [114139] ntp up to 4.2.8p11 ntpd Timestamp denial of service
7473| [114138] ntp up to 4.2.8p11 ntpd ctl_getitem Packet denial of service
7474| [114137] ntp up to 4.2.8p6/4.3.91 ntpd Sybil privilege escalation
7475| [111779] Wireshark up to 2.4.3 JSON/XML/NTP/XMPP/GDB epan/tvbparse.c denial of service
7476| [104358] ntp up to 4.2.7 ntpd ntpd/ntp_config.c denial of service
7477| [98857] Apple tvOS up to 10.1 FontParser information disclosure
7478| [98856] Apple tvOS up to 10.1 FontParser memory corruption
7479| [98855] Apple tvOS up to 10.1 FontParser memory corruption
7480| [98854] Apple tvOS up to 10.1 FontParser memory corruption
7481| [98823] Apple watchOS up to 3.1 FontParser Out-of-Bounds information disclosure
7482| [98822] Apple watchOS up to 3.1 FontParser memory corruption
7483| [98821] Apple watchOS up to 3.1 FontParser memory corruption
7484| [98820] Apple watchOS up to 3.1 FontParser memory corruption
7485| [98741] Apple iOS up to 10.2 FontParser Out-of-Bounds information disclosure
7486| [98740] Apple iOS up to 10.2 FontParser memory corruption
7487| [98739] Apple iOS up to 10.2 FontParser memory corruption
7488| [98738] Apple iOS up to 10.2 FontParser memory corruption
7489| [98630] Apple macOS up to 10.12.3 FontParser Out-of-Bounds memory corruption
7490| [98629] Apple macOS up to 10.12.3 FontParser memory corruption
7491| [98628] Apple macOS up to 10.12.3 FontParser memory corruption
7492| [98627] Apple macOS up to 10.12.3 FontParser memory corruption
7493| [98552] ntp up to 4.2.8p9 Timestamp Origin Check spoofing
7494| [98551] ntp up to 4.2.8p9 ntpq Stack-based memory corruption
7495| [98550] ntp up to 4.2.8p9 Legacy MX4200 refclock mx4200_send memory corruption
7496| [98549] ntp up to 4.2.8p9 ctl_put memory corruption
7497| [98548] ntp up to 4.2.8p9 on Windows Data Structure denial of service
7498| [98545] ntp up to 4.2.8p9 Config Directive Segmentation Fault denial of service
7499| [98543] ntp up to 4.2.8p9 Configuration Directive denial of service
7500| [97826] Joomla CMS com_frontpage sql injection
7501| [95890] Apple watchOS up to 3.1.2 FontParser memory corruption
7502| [95889] Apple watchOS up to 3.1.2 FontParser memory corruption
7503| [95334] ntpd up to 4.2.8p8 on Windows UDP Packet denial of service
7504| [95333] ntpd up to 4.2.8p8 NULL Pointer Dereference denial of service
7505| [95332] ntpd up to 4.2.8p8 Control Mode privilege escalation
7506| [95321] ntpd up to 4.2.8p8 Origin Timestamp Protection Bypass privilege escalation
7507| [95320] ntpd up to 4.2.8p8 Source denial of service
7508| [95319] ntpd up to 4.2.8p8 Broadcast Packet denial of service
7509| [95318] ntpd up to 4.2.8p8 Broadcast Mode Replay Prevention denial of service
7510| [95317] ntpd up to 4.2.8p8 Rate Limit spoofing denial of service
7511| [94382] Apple macOS up to 10.12.1 FontParser memory corruption
7512| [94381] Apple macOS up to 10.12.1 FontParser memory corruption
7513| [94255] Apple tvOS up to 10.0 FontParser memory corruption
7514| [94254] Apple tvOS up to 10.0 FontParser memory corruption
7515| [94180] Apple iOS up to 10.1.1 FontParser memory corruption
7516| [94179] Apple iOS up to 10.1.1 FontParser memory corruption
7517| [93993] BusyBox NTP Packet networking/ntpd.c recv_and_process_client_pkt denial of service
7518| [93745] ntpd up to 4.2.8p8/4.3.93 UDP Packet NULL Pointer Dereference denial of service
7519| [93087] Apple watchOS up to 3.0 FontParser User information disclosure
7520| [93076] Apple tvOS up to 10.0 FontParser Out-of-Bounds information disclosure
7521| [93064] Apple macOS 10.12.0 FontParser Out-of-Bounds information disclosure
7522| [93044] Apple iOS up to 10.0.3 FontParser Out-of-Bounds information disclosure
7523| [92853] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 NTP denial of service
7524| [92127] Apple tvOS up to 9.x FontParser Memory information disclosure
7525| [92108] Apple watchOS up to 2.x FontParser Memory information disclosure
7526| [92076] Apple macOS up to 10.11 FontParser memory corruption
7527| [91998] Apple iOS up to 10 FontParser memory corruption
7528| [91519] Microsoft Internet Explorer 9/10/11 MSHTML HandleStyleComponentProperty memory corruption
7529| [90452] Cisco IOS 15.5(3)S3/15.6(1)S2/15.6(2)S1/15.6(2)T1 NTP Interface Queue denial of service
7530| [88542] Meinberg IMS-LANTIME up to 6.20 NTP Time Server privilege escalation
7531| [88541] Meinberg IMS-LANTIME up to 6.20 NTP Time Server POST Request Stack-Based memory corruption
7532| [88540] Meinberg IMS-LANTIME up to 6.20 NTP Time Server POST Request Stack-Based memory corruption
7533| [87753] ntpd up to 4.2.8p7 Synchronization denial of service
7534| [87752] ntpd up to 4.2.8p7 Autokey denial of service
7535| [87750] ntpd up to 4.2.8p7 MAC denial of service
7536| [82989] ntp 4.2.8 ctl_getitem denial of service
7537| [82988] ntp 4.2.8 MATCH_ASSOC denial of service
7538| [82987] ntp 4.2.8 Trusted Key denial of service
7539| [82986] ntp 4.2.8 unconfig Directive denial of service
7540| [82985] ntp 4.2.8 IPv4 Bogon Packet privilege escalation
7541| [82983] ntp 4.2.8 Ephemeral Association privilege escalation
7542| [82982] ntp 4.2.8 ntpd Client privilege escalation
7543| [82981] ntp 4.2.8 Crypto NAK denial of service
7544| [82723] Cisco IOS/IOS XE ntp Time privilege escalation
7545| [81486] Apple iOS up to 9.2 FontParser memory corruption
7546| [81435] Apple Mac OS X up to 10.11.3 FontParser memory corruption
7547| [80654] ntp 4.2.8p5 ntpq Replay privilege escalation
7548| [80653] ntp 4.2.8p5 ntpq/ntpdc information disclosure
7549| [80652] ntp 4.2.8p5 ntpq Infinite Loop denial of service
7550| [80651] ntp 4.2.8p5 Origin Timestamp privilege escalation
7551| [80650] ntp 4.2.8p5 Authenticated Broadcast Mode privilege escalation
7552| [80649] ntp 4.2.8p5 reslist Command Stack-Based denial of service
7553| [80648] ntp 4.2.8p5 ntpdc NULL Pointer Dereference denial of service
7554| [80647] ntp 4.2.8p5 ntpq privilege escalation
7555| [80645] ntp 4.2.8p5 Key Checker spoofing
7556| [80644] ntp 4.2.8p5 Broadcast privilege escalation
7557| [78936] ntpd up to 4.2.8p5/4.3.78 ntp_crypto.c privilege escalation
7558| [78938] ntpd 4.2.8 sntp denial of service
7559| [78937] ntpd 4.2.8 logconfig Command Crash denial of service
7560| [78859] ntpd 4.2.8 autokey ntp_crypto.c denial of service
7561| [78858] ntpd 4.2.8 autokey ntp_crypto.c denial of service
7562| [78857] ntpd 4.2.8 ntp_crypto.c Extension Field denial of service
7563| [78856] ntpd 4.2.8 decodenetnum denial of service
7564| [78855] ntpd 4.2.8 KoD Packet denial of service
7565| [78854] ntpd 4.2.8 Rate Limit denial of service
7566| [78853] ntpd 4.2.8 Configuration Directive directory traversal
7567| [78852] ntpd 4.2.8 CRYPTO_ASSOC information disclosure
7568| [78851] ntpd 4.2.8 Private Mode Integer denial of service
7569| [78850] ntpd 4.2.8 Password Management Key File Use-After-Free memory corruption
7570| [78849] ntpd 4.2.8 Remote Configuration denial of service
7571| [78848] ntpd 4.2.8 URL Request save_config directory traversal
7572| [78847] ntpd 4.2.8 cookedprint memory corruption
7573| [78846] ntpd 4.2.8 refclock memory corruption
7574| [78845] ntpd 4.2.8 Password Management Heap-based memory corruption
7575| [78844] ntpd 4.2.8 Crypto-NAK Packet Logic privilege escalation
7576| [78808] Apple Mac OS X up to 10.11.0 FontParser Font File memory corruption
7577| [78807] Apple Mac OS X up to 10.11.0 FontParser Font File memory corruption
7578| [78806] Apple Mac OS X up to 10.11.0 FontParser Font File memory corruption
7579| [78805] Apple Mac OS X up to 10.11.0 FontParser Font File memory corruption
7580| [78804] Apple Mac OS X up to 10.11.0 FontParser Font File memory corruption
7581| [78803] Apple Mac OS X up to 10.11.0 FontParser Font File memory corruption
7582| [78802] Apple Mac OS X up to 10.11.0 FontParser Font File memory corruption
7583| [78801] Apple Mac OS X up to 10.11.0 FontParser Font File memory corruption
7584| [78800] Apple Mac OS X up to 10.11.0 FontParser Font File memory corruption
7585| [78799] Apple Mac OS X up to 10.11.0 FontParser Font File memory corruption
7586| [78798] Apple Mac OS X up to 10.11.0 FontParser Font File memory corruption
7587| [78797] Apple Mac OS X up to 10.11.0 FontParser Font File memory corruption
7588| [78745] Apple iOS up to 9.0 FontParser Font File memory corruption
7589| [78744] Apple iOS up to 9.0 FontParser Font File memory corruption
7590| [78743] Apple iOS up to 9.0 FontParser Font File memory corruption
7591| [78742] Apple iOS up to 9.0 FontParser Font File memory corruption
7592| [78741] Apple iOS up to 9.0 FontParser Font File memory corruption
7593| [78740] Apple iOS up to 9.0 FontParser Font File memory corruption
7594| [78739] Apple iOS up to 9.0 FontParser Font File memory corruption
7595| [78738] Apple iOS up to 9.0 FontParser Font File memory corruption
7596| [78737] Apple iOS up to 9.0 FontParser Font File memory corruption
7597| [78736] Apple iOS up to 9.0 FontParser Font File memory corruption
7598| [78735] Apple iOS up to 9.0 FontParser Font File memory corruption
7599| [78734] Apple iOS up to 9.0 FontParser Font File memory corruption
7600| [78200] ntp up to 4.2.7 on Linux/OS X ntpd ntp_io.c spoofing
7601| [78199] ntp up to 4.2.7 ntpd ntp_crypto.c memory corruption
7602| [77314] pfSense up to 2.2.2 services_ntpd.php cross site scripting
7603| [77193] Apple Mac OS X up to 10.10.4 FontParser memory corruption
7604| [77192] Apple Mac OS X up to 10.10.4 FontParser memory corruption
7605| [77191] Apple Mac OS X up to 10.10.4 FontParser memory corruption
7606| [77147] Apple iOS up to 8.4.0 FontParser memory corruption
7607| [77146] Apple iOS up to 8.4.0 FontParser memory corruption
7608| [77145] Apple iOS up to 8.4.0 FontParser memory corruption
7609| [76265] Apple Mac OS X up to 10.10.3 FontParser TrueTypeScaler Font File memory corruption
7610| [75452] Apple Watch OS 1.0 FontParser memory corruption
7611| [74740] Apple MacOS X up to 10.10.2 ntp weak authentication
7612| [74718] Apple MacOS X up to 10.10.2 FontParser memory corruption
7613| [74665] ntpd up to 4.2.8 Symmetric Mode denial of service
7614| [74664] ntpd up to 4.2.8 MAC Checker weak authentication
7615| [74290] Dell Asset Manager GetClientPackage.aspx sql injection
7616| [69165] Red Hat JBoss Enterprise Application Platform 6.3.3 RESTEasy DocumentProvider XML External Entity
7617| [68927] Apple iOS up to 8.1.2 FontParser memory corruption
7618| [68926] Apple iOS up to 8.1.2 FontParser memory corruption
7619| [68879] Apple Mac OS X 10.8.5/10.9.5/10.10/10.10.1 FontParser memory corruption
7620| [68878] Apple Mac OS X 10.8.5/10.9.5/10.10/10.10.1 FontParser memory corruption
7621| [68456] NTP Daemon up to 4.2.7 Random Generator ntp_config.c config_auth weak authentication
7622| [68641] NTP Daemon 4.2.7 PRNG Crash information disclosure
7623| [68640] NTP Daemon 4.2.7 PRNG spoofing
7624| [68457] NTP Daemon up to 4.2.7 Random Generator weak authentication
7625| [68455] NTP Daemon up to 4.2.7 ntp_proto.c receive denial of service
7626| [68454] NTP Daemon up to 4.2.7 configure memory corruption
7627| [68453] NTP Daemon up to 4.2.7 ctl_putdata memory corruption
7628| [68452] NTP Daemon up to 4.2.7 crypto_recv memory corruption
7629| [71475] wEPISDParentPortal 1.0 X.509 Certificate spoofing
7630| [67032] Cisco IOS/IOS XE 15.2/15.4 NTP Service privilege escalation
7631| [11702] NTP Project ntpd 4.2.6 monlist Functionality ntp_request.c query denial of service
7632| [65493] Dlink DSL-2760U sntpcfg.cgi cross site scripting
7633| [10540] Google Chrome 29.0.1547.76 XML Document xmldocumentparser.cpp append memory corruption
7634| [10494] Cisco IOS/IOS XE NTP denial of service
7635| [9806] TRENDnet TEW-812DRU Input Sanitizer setNTP.cgi cross site scripting
7636| [11630] Python 2.6.8/2.7.5/3.3.2 nntplib readline denial of service
7637| [60183] Instantphp lknSupport Search Module cross site scripting
7638| [59298] Instantphp Jobs Pro 1.6.4 search_jobs.html sql injection
7639| [58483] CMU Cyrus IMAP Server up to 2.4.4 nntpd.c split_wildmats memory corruption
7640| [56769] IBM WebSphere Application Server up to 6.1.0.10 getACRWorkElementPtr denial of service
7641| [5339] WebMaster Solutions WmsCms 2.0 printpage.asp Eingabe sql injection
7642| [52232] PaymentProcessorScript PPScript shop.htm sql injection
7643| [51585] TYPO3 mjseventpro 0.2.1 sql injection
7644| [4078] Sun Solaris NTP Mode 7 Request denial of service
7645| [48235] ntp up to 4.2.x ntp_crypto.c crypto_recv memory corruption
7646| [47706] ntp up to 4.2.4p7 ntpq/ntpq.c cookedprint memory corruption
7647| [45910] Goople CMS 1.8.2 frontpage.php sql injection
7648| [45837] Goople CMS up to 1.8.2 frontpage.php sql injection
7649| [45794] NTP up to 4.2.4p4 EVP_VerifyFinal memory corruption
7650| [43343] Alain Barbet Filesys Smbclientparser up to 2.6 SMB Server filesys::smbclientparser memory corruption
7651| [41522] XOOPS Tutoriais Module up to 2.1b printpage.php sql injection
7652| [40320] Agares Media phpAutoVideo 2.21 frontpage_right.php privilege escalation
7653| [40250] Agares Media Arcadem 2.04 frontpage_right.php privilege escalation
7654| [36948] Johntp adsense-deluxe 0.x on WordPress adsense-deluxe.php cross site request forgery
7655| [35867] Free Php Scripts Free Image Hosting up to 2.0 Login frontpage.php privilege escalation
7656| [34928] HP Mercury Performance Center Agent 8.0 magentproc.exe memory corruption
7657| [34504] Uberghey CMS 0.3.1 frontpage.php privilege escalation
7658| [32641] Dan Jensen Travelsized CMS up to 0.4 frontpage.php privilege escalation
7659|
7660| MITRE CVE - https://cve.mitre.org:
7661| [CVE-2013-1997] Multiple buffer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XAllocColorCells, (2) _XkbReadGetDeviceInfoReply, (3) _XkbReadGeomShapes, (4) _XkbReadGetGeometryReply, (5) _XkbReadKeySyms, (6) _XkbReadKeyActions, (7) _XkbReadKeyBehaviors, (8) _XkbReadModifierMap, (9) _XkbReadExplicitComponents, (10) _XkbReadVirtualModMap, (11) _XkbReadGetNamesReply, (12) _XkbReadGetMapReply, (13) _XimXGetReadData, (14) XListFonts, (15) XListExtensions, and (16) XGetFontPath functions.
7662| [CVE-2013-1984] Multiple integer overflows in X.org libXi 1.7.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XGetDeviceControl, (2) XGetFeedbackControl, (3) XGetDeviceDontPropagateList, (4) XGetDeviceMotionEvents, (5) XIGetProperty, (6) XIGetSelectedEvents, (7) XGetDeviceProperties, and (8) XListInputDevices functions.
7663| [CVE-2012-4258] Multiple SQL injection vulnerabilities in MYRE Real Estate Software (2012 Q2) allow remote attackers to execute arbitrary SQL commands via the (1) link_idd parameter to 1_mobile/listings.php or (2) userid parameter to 1_mobile/agentprofile.php.
7664| [CVE-2012-3375] The epoll_ctl system call in fs/eventpoll.c in the Linux kernel before 3.2.24 does not properly handle ELOOP errors in EPOLL_CTL_ADD operations, which allows local users to cause a denial of service (file-descriptor consumption and system crash) via a crafted application that attempts to create a circular epoll dependency. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-1083.
7665| [CVE-2012-1288] The UTC Fire & Security GE-MC100-NTP/GPS-ZB Master Clock device uses hardcoded credentials for an administrative account, which makes it easier for remote attackers to obtain access via an HTTP session.
7666| [CVE-2011-4859] The Schneider Electric Quantum Ethernet Module, as used in the Quantum 140NOE771* and 140CPU65* modules, the Premium TSXETY* and TSXP57* modules, the M340 BMXNOE01* and BMXP3420* modules, and the STB DIO STBNIC2212 and STBNIP2* modules, uses hardcoded passwords for the (1) AUTCSE, (2) AUT_CSE, (3) fdrusers, (4) ftpuser, (5) loader, (6) nic2212, (7) nimrohs2212, (8) nip2212, (9) noe77111_v500, (10) ntpupdate, (11) pcfactory, (12) sysdiag, (13) target, (14) test, (15) USER, and (16) webserver accounts, which makes it easier for remote attackers to obtain access via the (a) TELNET, (b) Windriver Debug, or (c) FTP port.
7667| [CVE-2011-3208] Stack-based buffer overflow in the split_wildmats function in nntpd.c in nntpd in Cyrus IMAP Server before 2.3.17 and 2.4.x before 2.4.11 allows remote attackers to execute arbitrary code via a crafted NNTP command.
7668| [CVE-2011-2724] The check_mtab function in client/mount.cifs.c in mount.cifs in smbfs in Samba 3.5.10 and earlier does not properly verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-0547.
7669| [CVE-2011-1313] Double free vulnerability in IBM WebSphere Application Server (WAS) 6.1.0.x before 6.1.0.35 and 7.x before 7.0.0.15 allows remote backend IIOP servers to cause a denial of service (S0C4 ABEND and storage corruption) by rejecting IIOP requests at opportunistic time instants, as demonstrated by requests associated with an ORB_Request::getACRWorkElementPtr function call.
7670| [CVE-2011-1082] fs/eventpoll.c in the Linux kernel before 2.6.38 places epoll file descriptors within other epoll data structures without properly checking for (1) closed loops or (2) deep chains, which allows local users to cause a denial of service (deadlock or stack memory consumption) via a crafted application that makes epoll_create and epoll_ctl system calls.
7671| [CVE-2010-4539] The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger the walking of SVNParentPath collections.
7672| [CVE-2010-3879] FUSE, possibly 2.8.5 and earlier, allows local users to create mtab entries with arbitrary pathnames, and consequently unmount any filesystem, via a symlink attack on the parent directory of the mountpoint of a FUSE filesystem, a different vulnerability than CVE-2010-0789.
7673| [CVE-2010-2896] IBM FileNet Content Manager (CM) 4.0.0, 4.0.1, 4.5.0, and 4.5.1 before FP4 does not properly manage the InheritParentPermissions setting during an upgrade from 3.x, which might allow attackers to bypass intended folder permissions via unspecified vectors.
7674| [CVE-2010-2121] Opera 9.52 allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid (1) news:// or (2) nntp:// URIs.
7675| [CVE-2010-2119] Microsoft Internet Explorer 6.0.2900.2180 allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid nntp:// URIs.
7676| [CVE-2010-2117] Mozilla Firefox 3.0.19, 3.5.x, and 3.6.x allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid (1) news:// or (2) nntp:// URIs.
7677| [CVE-2010-1721] SQL injection vulnerability in the Intellectual Property (aka IProperty or com_iproperty) component 1.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an agentproperties action to index.php.
7678| [CVE-2010-1708] Multiple SQL injection vulnerabilities in agentadmin.php in Free Realty allow remote attackers to execute arbitrary SQL commands via the (1) login field (aka agentname parameter) or (2) password field (aka agentpassword parameter).
7679| [CVE-2010-1078] SQL injection vulnerability in archive.php in XlentProjects SphereCMS 1.1 alpha allows remote attackers to execute arbitrary SQL commands via encoded null bytes ("%00") in the view parameter, which bypasses a protection mechanism.
7680| [CVE-2010-0790] sutil/ncpumount.c in ncpumount in ncpfs 2.2.6 produces certain detailed error messages about the results of privileged file-access attempts, which allows local users to determine the existence of arbitrary files via the mountpoint name.
7681| [CVE-2010-0789] fusermount in FUSE before 2.7.5, and 2.8.x before 2.8.2, allows local users to unmount an arbitrary FUSE filesystem share via a symlink attack on a mountpoint.
7682| [CVE-2010-0787] client/mount.cifs.c in mount.cifs in smbfs in Samba 3.0.22, 3.0.28a, 3.2.3, 3.3.2, 3.4.0, and 3.4.5 allows local users to mount a CIFS share on an arbitrary mountpoint, and gain privileges, via a symlink attack on the mountpoint directory file.
7683| [CVE-2010-0547] client/mount.cifs.c in mount.cifs in smbfs in Samba 3.4.5 and earlier does not verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string.
7684| [CVE-2010-0340] SQL injection vulnerability in the MJS Event Pro (mjseventpro) extension 0.2.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
7685| [CVE-2010-0296] The encode_name macro in misc/mntent_r.c in the GNU C Library (aka glibc or libc6) 2.11.1 and earlier, as used by ncpmount and mount.cifs, does not properly handle newline characters in mountpoint names, which allows local users to cause a denial of service (mtab corruption), or possibly modify mount options and gain privileges, via a crafted mount request.
7686| [CVE-2010-0293] The client logging functionality in chronyd in Chrony before 1.23.1 does not restrict the amount of memory used for storage of client information, which allows remote attackers to cause a denial of service (memory consumption) via spoofed (1) NTP or (2) cmdmon packets.
7687| [CVE-2010-0182] The XMLDocument::load function in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 does not perform the expected nsIContentPolicy checks during loading of content by XML documents, which allows attackers to bypass intended access restrictions via crafted content.
7688| [CVE-2009-4724] SQL injection vulnerability in shop.htm in PaymentProcessorScript.net PPScript allows remote attackers to execute arbitrary SQL commands via the cid parameter.
7689| [CVE-2009-3562] Cross-site scripting (XSS) vulnerability in Xerver HTTP Server 4.32 allows remote attackers to inject arbitrary web script or HTML via the currentPath parameter in a chooseDirectory action.
7690| [CVE-2009-3561] Directory traversal vulnerability in Xerver HTTP Server 4.32 allows remote attackers to read arbitrary files via a full pathname with a drive letter in the currentPath parameter in a chooseDirectory action.
7691| [CVE-2009-2869] Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to cause a denial of service (device reload) via a crafted NTPv4 packet, aka Bug IDs CSCsu24505 and CSCsv75948.
7692| [CVE-2009-1252] Stack-based buffer overflow in the crypto_recv function in ntp_crypto.c in ntpd in NTP before 4.2.4p7 and 4.2.5 before 4.2.5p74, when OpenSSL and autokey are enabled, allows remote attackers to execute arbitrary code via a crafted packet containing an extension field.
7693| [CVE-2009-0159] Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows remote NTP servers to execute arbitrary code via a crafted response.
7694| [CVE-2009-0121] SQL injection vulnerability in frontpage.php in Goople CMS 1.8.2 allows remote attackers to execute arbitrary SQL commands via the password parameter. NOTE: the provenance of this information is unknown
7695| [CVE-2009-0111] SQL injection vulnerability in frontpage.php in Goople CMS 1.8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter.
7696| [CVE-2009-0021] NTP 4.2.4 before 4.2.4p5 and 4.2.5 before 4.2.5p150 does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to CVE-2008-5077.
7697| [CVE-2008-6982] Cross-site scripting (XSS) vulnerability in index.php in devalcms 1.4a allows remote attackers to inject arbitrary web script or HTML via the currentpath parameter.
7698| [CVE-2008-6865] SQL injection vulnerability in modules.php in the Sectionsnew module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action.
7699| [CVE-2008-6728] SQL injection vulnerability in the Sections module in PHP-Nuke, probably before 8.0, allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action to modules.php.
7700| [CVE-2008-6255] Multiple SQL injection vulnerabilities in vBulletin 3.7.4 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) answer parameter to admincp/verify.php, (2) extension parameter in an edit action to admincp/attachmentpermission.php, and the (3) iperm parameter to admincp/image.php.
7701| [CVE-2008-5362] The DefineConstantPool action in the ActionScript 2 virtual machine in Adobe Flash Player 10.x before 10.0.12.36 and 9.x before 9.0.151.0, and Adobe AIR before 1.5, accepts an untrusted input value for a "constant count," which allows remote attackers to read sensitive data from process memory via a crafted PDF file.
7702| [CVE-2008-5361] The ActionScript 2 virtual machine in Adobe Flash Player 10.x before 10.0.12.36 and 9.x before 9.0.151.0, and Adobe AIR before 1.5, does not verify a member element's size when performing (1) DefineConstantPool, (2) ActionJump, (3) ActionPush, (4) ActionTry, and unspecified other actions, which allows remote attackers to read sensitive data from process memory via a crafted PDF file.
7703| [CVE-2008-5066] PHP remote file inclusion vulnerability in upload/admin/frontpage_right.php in Agares Media ThemeSiteScript 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the loadadminpage parameter.
7704| [CVE-2008-4253] The FlexGrid ActiveX control in Microsoft Visual Basic 6.0, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, Office FrontPage 2002 SP3, and Office Project 2003 SP3 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to corruption of the "system state," aka "FlexGrid Control Memory Corruption Vulnerability."
7705| [CVE-2008-4174] Multiple cross-site scripting (XSS) vulnerabilities in index.php in Dynamic MP3 Lister 2.0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) currentpath, (2) invert, (3) search, and (4) sort parameters.
7706| [CVE-2008-3970] pam_mount 0.10 through 0.45, when luserconf is enabled, does not verify mountpoint and source ownership before mounting a user-defined volume, which allows local users to bypass intended access restrictions via a local mount.
7707| [CVE-2008-3285] The Filesys::SmbClientParser module 2.7 and earlier for Perl allows remote SMB servers to execute arbitrary code via a folder name containing shell metacharacters.
7708| [CVE-2008-2931] The do_change_type function in fs/namespace.c in the Linux kernel before 2.6.22 does not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of a mountpoint.
7709| [CVE-2008-2913] Directory traversal vulnerability in func.php in Devalcms 1.4a, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the currentpath parameter, in conjunction with certain ... (triple dot) and ..... sequences in the currentfile parameter, to index.php.
7710| [CVE-2008-2751] Multiple cross-site scripting (XSS) vulnerabilities in the Glassfish webadmin interface in Sun Java System Application Server 9.1_01 allow remote attackers to inject arbitrary web script or HTML via the (1) propertyForm:propertyContentPage:propertySheet:propertSectionTextField:jndiProp:JndiNew, (2) propertyForm:propertyContentPage:propertySheet:propertSectionTextField:resTypeProp:resType, (3) propertyForm:propertyContentPage:propertySheet:propertSectionTextField:factoryClassProp:factoryClass, or (4) propertyForm:propertyContentPage:propertySheet:propertSectionTextField:descProp:desc parameter to (a) resourceNode/customResourceNew.jsf
7711| [CVE-2008-2649] Multiple PHP remote file inclusion vulnerabilities in DesktopOnNet 3 Beta allow remote attackers to execute arbitrary PHP code via a URL in the app_path parameter to (1) don3_requiem.don3app/don3_requiem.php and (2) frontpage.don3app/frontpage.php.
7712| [CVE-2008-1351] SQL injection vulnerability in the Tutorials 2.1b module for XOOPS allows remote attackers to execute arbitrary SQL commands via the tid parameter to printpage.php, which is accessible directly or through a printpage action to index.php.
7713| [CVE-2008-1053] Multiple SQL injection vulnerabilities in the Kose_Yazilari module for PHP-Nuke allow remote attackers to execute arbitrary SQL commands via the artid parameter in a (1) viewarticle or (2) printpage action to modules.php.
7714| [CVE-2008-0435] Directory traversal vulnerability in index.php in OZJournals 2.1.1 allows remote attackers to read portions of arbitrary files via a .. (dot dot) in the id parameter in a printpreview action.
7715| [CVE-2008-0074] Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.0 through 7.0 allows local users to gain privileges via unknown vectors related to file change notifications in the TPRoot, NNTPFile\Root, or WWWRoot folders.
7716| [CVE-2007-6614] PHP remote file inclusion vulnerability in admin/frontpage_right.php in Agares Media phpAutoVideo 2.21 allows remote attackers to execute arbitrary PHP code via a URL in the loadadminpage parameter, a related issue to CVE-2007-6542.
7717| [CVE-2007-6542] PHP remote file inclusion vulnerability in admin/frontpage_right.php in Arcadem LE 2.04 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the loadadminpage parameter.
7718| [CVE-2007-6499] Unspecified vulnerability in Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to uninstall the FrontPage extensions of an arbitrary account via a request to fp2002/UNINSTAL.asp with a "host id (IIS) value."
7719| [CVE-2007-6455] Multiple cross-site scripting (XSS) vulnerabilities in index.php in Mambo 4.6.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Itemid parameter in a com_frontpage option and the (2) option parameter.
7720| [CVE-2007-4841] Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to execute arbitrary commands via a (1) mailto, (2) nntp, (3) news, or (4) snews URI with invalid "%" encoding, related to improper file type handling on Windows XP with Internet Explorer 7 installed, a variant of CVE-2007-3845.
7721| [CVE-2007-4042] Multiple argument injection vulnerabilities in Netscape Navigator 9 allow remote attackers to execute arbitrary commands via a NULL byte (%00) and shell metacharacters in a (1) mailto, (2) nntp, (3) news, (4) snews, or (5) telnet URI, a similar issue to CVE-2007-3670.
7722| [CVE-2007-4041] Multiple argument injection vulnerabilities in Mozilla Firefox 2.0.0.5 and 3.0alpha allow remote attackers to execute arbitrary commands via a NULL byte (%00) and shell metacharacters in a (1) mailto, (2) nntp, (3) news, (4) snews, or (5) telnet URI, a similar issue to CVE-2007-3670.
7723| [CVE-2007-3897] Heap-based buffer overflow in Microsoft Outlook Express 6 and earlier, and Windows Mail for Vista, allows remote Network News Transfer Protocol (NNTP) servers to execute arbitrary code via long NNTP responses that trigger memory corruption.
7724| [CVE-2007-3109] The CERN Image Map Dispatcher (htimage.exe) in Microsoft FrontPage allows remote attackers to determine the existence, and possibly partial contents, of arbitrary files under the web root via a relative pathname in the PATH_INFO.
7725| [CVE-2007-1715] PHP remote file inclusion vulnerability in frontpage.php in Free Image Hosting 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the AD_BODY_TEMP parameter. NOTE: the forgot_pass.php vector is already covered by CVE-2006-5670, and the login.php vector overlaps CVE-2006-5763.
7726| [CVE-2007-1560] The clientProcessRequest() function in src/client_side.c in Squid 2.6 before 2.6.STABLE12 allows remote attackers to cause a denial of service (daemon crash) via crafted TRACE requests that trigger an assertion error.
7727| [CVE-2007-0604] Cross-site scripting (XSS) vulnerability in Movable Type (MT) before 3.34 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the MTCommentPreviewIsStatic tag, which can open the "comment entry screen," a different vulnerability than CVE-2007-0231.
7728| [CVE-2007-0446] Stack-based buffer overflow in magentproc.exe for Hewlett-Packard Mercury LoadRunner Agent 8.0 and 8.1, Performance Center Agent 8.0 and 8.1, and Monitor over Firewall 8.1 allows remote attackers to execute arbitrary code via a packet with a long server_ip_name field to TCP port 54345, which triggers the overflow in mchan.dll.
7729| [CVE-2007-0359] PHP remote file inclusion vulnerability in frontpage.php in Uberghey CMS 0.3.1 allows remote attackers to execute arbitrary PHP code via a URL in the setup_folder parameter.
7730| [CVE-2006-7160] The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly earlier versions, does not validate arguments to hooked SSDT functions, which allows local users to cause a denial of service (crash) via invalid arguments to the (1) NtAssignProcessToJobObject,, (2) NtCreateKey, (3) NtCreateThread, (4) NtDeleteFile, (5) NtLoadDriver, (6) NtOpenProcess, (7) NtProtectVirtualMemory, (8) NtReplaceKey, (9) NtTerminateProcess, (10) NtTerminateThread, (11) NtUnloadDriver, and (12) NtWriteVirtualMemory functions.
7731| [CVE-2006-6187] Multiple SQL injection vulnerabilities in ClickTech Click Gallery allow remote attackers to execute arbitrary SQL commands via the (1) currentpage or (2) gallery_id parameter to (a) view_gallery.asp, the (3) image_id parameter to (b) download_image.asp, the currentpage or (5) orderby parameter to (c) gallery.asp, or the currentpage parameter to (d) view_recent.asp.
7732| [CVE-2006-5864] Stack-based buffer overflow in the ps_gettext function in ps.c for GNU gv 3.6.2, and possibly earlier versions, allows user-assisted attackers to execute arbitrary code via a PostScript (PS) file with certain headers that contain long comments, as demonstrated using the (1) DocumentMedia, (2) DocumentPaperSizes, and possibly (3) PageMedia and (4) PaperSize headers. NOTE: this issue can be exploited through other products that use gv such as evince.
7733| [CVE-2006-5182] PHP remote file inclusion vulnerability in frontpage.php in Dan Jensen Travelsized CMS 0.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the setup_folder parameter.
7734| [CVE-2006-5020] Multiple PHP remote file inclusion vulnerabilities in SolidState 0.4 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the base_path parameter in manager/pages/ scripts including (1) AccountsPage.class.php, (2) AddInvoicePage.class.php, (3) AddIPAddressPage.class.php, (4) AddPaymentPage.class.php, (5) AddTaxRulePage.class.php, (6) AssignDomainPage.class.php, (7) AssignHostingPage.class.php, (8) AssignProductPage.class.php, (9) BillingPage.class.php, (10) BillingPaymentPage.class.php, (11) BrowseAccountsPage.class.php, (12) BrowseInvoicesPage.class.php, (13) ConfigureEditUserPage.class.php, (14) ConfigureNewUserPage.class.php, (15) ConfigureNewUserReceiptPage.class.php, (16) ConfigureUsersPage.class.php, (17) DeleteAccountPage.class.php, (18) DeleteDomainServicePage.class.php, (19) DeleteHostingServicePage.class.php, (20) DeleteInvoicePage.class.php, (21) DeleteProductPage.class.php, (22) DeleteServerPage.class.php, (23) DomainServicesPage.class.php, (24) DomainsPage.class.php, (25) EditAccountPage.class.php, (26) EditDomainPage.class.php, (27) EditDomainServicePage.class.php, (28) EditHostingServicePage.class.php, (29) EditPaymentPage.class.php, (30) EditProductPage.class.php, (31) EditServerPage.class.php, (32) EmailInvoicePage.class.php, (33) ExecuteOrderPage.class.php, (34) ExpiredDomainsPage.class.php, (35) FulfilledOrdersPage.class.php, (36) GenerateInvoicesPage.class.php, (37) HomePage.class.php, (38) InactiveAccountsPage.class.php, (39) IPManagerPage.class.php, (40) LoginPage.class.php, (41) LogPage.class.php, (42) ModulesPage.class.php, (43) NewAccountPage.class.php, (44) NewDomainServicePage.class.php, (45) NewProductPage.class.php, (46) OutstandingInvoicesPage.class.php, (47) PendingAccountsPage.class.php, (48) PendingOrdersPage.class.php, (49) PrintInvoicePage.class.php, (50) ProductsPage.class.php, (51) RegisterDomainPage.class.php, (52) RegisteredDomainsPage.class.php, (53) ServersPage.class.php, (54) ServicesHostingServicesPage.class.php, (55) ServicesNewHostingPage.class.php, (56) ServicesPage.class.php, (57) ServicesWebHostingPage.class.php, (58) SettingsPage.class.php, (59) TaxesPage.class.php, (60) TransferDomainPage.class.php, (61) ViewAccountPage.class.php, (62) ViewDomainServicePage.class.php, (63) ViewHostingServicePage.class.php, (64) ViewInvoicePage.class.php, (65) ViewLogMessagePage.class.php, (66) ViewOrderPage.class.php, (67) ViewProductPage.class.php, (68) ViewServerPage.class.php, (69) WelcomeEmailPage.class.php
7735| [CVE-2006-4286] ** DISPUTED ** PHP remote file inclusion vulnerability in contentpublisher.php in the contentpublisher component (com_contentpublisher) for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. NOTE: this issue has been disputed by third parties who state that contentpublisher.php protects against direct request in the most recent version. The original researcher is known to be frequently inaccurate.
7736| [CVE-2006-4103] PHP remote file inclusion vulnerability in article-raw.php in Jason Alexander phNNTP 1.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the file_newsportal parameter.
7737| [CVE-2006-4055] Multiple PHP remote file inclusion vulnerabilities in Olaf Noehring The Search Engine Project (TSEP) 0.942 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the tsep_config[absPath] parameter to (1) include/colorswitch.php, (2) contentimages.class.php, (3) ipfunctions.php, (4) configfunctions.php, (5) printpagedetails.php, or (6) log.class.php. NOTE: the copyright.php vector is already covered by CVE-2006-3993.
7738| [CVE-2006-3628] Multiple format string vulnerabilities in Wireshark (aka Ethereal) 0.10.x to 0.99.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) ANSI MAP, (2) Checkpoint FW-1, (3) MQ, (4) XML, and (5) NTP dissectors.
7739| [CVE-2006-3026] Multiple cross-site scripting (XSS) vulnerabilities in ClickGallery 5.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) gallery_id parameter in gallery.asp and (2) parentcurrentpage parameter in view_gallery.asp.
7740| [CVE-2006-2490] Multiple cross-site scripting (XSS) vulnerabilities in Mobotix IP Network Cameras M1 1.9.4.7 and M10 2.0.5.2, and other versions before 2.2.3.18 for M10/D10 and 3.0.3.31 for M22, allow remote attackers to inject arbitrary web script or HTML via URL-encoded values in (1) the query string to help/help, (2) the get_image_info_abspath parameter to control/eventplayer, and (3) the source_ip parameter to events.tar.
7741| [CVE-2006-1662] The frontpage option in Limbo CMS 1.0.4.2 and 1.0.4.1 allows remote attackers to execute arbitrary PHP commands via the Itemid parameter in index.php.
7742| [CVE-2006-1437] UPOINT @1 Event Publisher stores sensitive information under the web document root with insufifcient access control, which allows remote attackers to read private comments via a direct request to eventpublisher.txt.
7743| [CVE-2006-1436] Multiple cross-site scripting (XSS) vulnerabilities in UPOINT @1 Event Publisher allow remote attackers to inject arbitrary web script or HTML via the (1) Event, (2) Description, (3) Time, (4) Website, and (5) Public Remarks fields to (a) eventpublisher_admin.htm and (b) eventpublisher_usersubmit.htm.
7744| [CVE-2006-0375] Advantage Century Telecommunication (ACT) P202S IP Phone 1.01.21 running firmware 1.1.21 on VxWorks uses a hardcoded Network Time Protocol (NTP) server in Taiwan, which could allow remote attackers to provide false time information, block access to time information, or conduct other attacks.
7745| [CVE-2006-0015] Cross-site scripting (XSS) vulnerability in _vti_bin/_vti_adm/fpadmdll.dll in Microsoft FrontPage Server Extensions 2002 and SharePoint Team Services allows remote attackers to inject arbitrary web script or HTML, then leverage the attack to execute arbitrary programs or create new accounts, via the (1) operation, (2) command, and (3) name parameters.
7746| [CVE-2005-4716] Hitachi TP1/Server Base and TP1/NET/Library 2 on IBM AIX allow remote attackers to (1) cause a denial of service (OpenTP1 system outage) via invalid data to a port used by a system-server process, and (2) cause a denial of service (process failure) via invalid data to a port used by any of certain other processes.
7747| [CVE-2005-3356] The mq_open system call in Linux kernel 2.6.9, in certain situations, can decrement a counter twice ("double decrement") as a result of multiple calls to the mntput function when the dentry_open function call fails, which allows local users to cause a denial of service (panic) via unspecified attack vectors.
7748| [CVE-2005-3120] Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.
7749| [CVE-2005-2658] Buffer overflow in utility.cpp in Turquoise SuperStat (turqstat) 2.2.4 and earlier might allow remote NNTP servers to execute arbitrary code via a date with a long month.
7750| [CVE-2005-2428] Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, stores sensitive data from names.nsf in hidden form fields, which allows remote attackers to read the HTML source to obtain sensitive information such as (1) the password hash in the HTTPPassword field, (2) the password change date in the HTTPPasswordChangeDate field, (3) the client platform in the ClntPltfrm field, (4) the client machine name in the ClntMachine field, and (5) the client Lotus Domino release in the ClntBld field, a different vulnerability than CVE-2005-2696.
7751| [CVE-2005-1363] Multiple SQL injection vulnerabilities in MetaCart 2.0 for PayFlow allow remote attackers to execute arbitrary commands via (1) intCatalogID, (2) strSubCatalogID, or (3) strSubCatalog_NAME parameter to productsByCategory.asp, (4) curCatalogID, (5) strSubCatalog_NAME, (6) intCatalogID, or (7) page parameter to productsByCategory.asp or (8) intProdID parameter to product.asp.
7752| [CVE-2005-1362] Multiple SQL injection vulnerabilities in MetaCart 2.0 for Paypal allow remote attackers to execute arbitrary SQL commands via the (1) intProdID parameter to product.asp, (2) intCatalogID or (3) strSubCatalogID parameters to productsByCategory.asp, (4) chkText, (5) strText, (6) chkPrice, (7) intPrice, (8) chkCat, or (9) strCat parameters to searchAction.asp.
7753| [CVE-2005-1361] Multiple SQL injection vulnerabilities in MetaCart e-Shop 8.0 allow remote attackers to execute arbitrary SQL commands via the (1) intProdID parameter in product.asp or (2) strCatalog_NAME parameter to productsByCategory.asp.
7754| [CVE-2005-1213] Stack-based buffer overflow in the news reader for Microsoft Outlook Express (MSOE.DLL) 5.5 SP2, 6, and 6 SP1 allows remote malicious NNTP servers to execute arbitrary code via a LIST response with a long second field.
7755| [CVE-2005-0807] Multiple buffer overflows in Cain & Abel before 2.67 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via (1) an IKE packet with a large ID field that is not properly handled by the PSK sniffer filter, (2) the HTTP sniffer filter, or the (3) POP3, (4) SMTP, (5) IMAP, (6) NNTP, or (7) TDS sniffer filters.
7756| [CVE-2005-0785] Cross-site scripting (XSS) vulnerability in usersrecentposts in YaBB 2.0 rc1 allows remote attackers to inject arbitrary web script or HTML via the username parameter.
7757| [CVE-2005-0741] Cross-site scripting (XSS) vulnerability in YaBB.pl for YaBB 2.0 RC1 allows remote attackers to inject arbitrary web script or HTML via the username parameter in a usersrecentposts action.
7758| [CVE-2005-0736] Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events.
7759| [CVE-2005-0719] Unknown vulnerability in the systems message queue in HP Tru64 Unix 4.0F PK8 through 5.1B-2/PK4 allows local users to cause a denial of service (process crash) for processes such as nfsstat, pfstat, arp, ogated, rarpd, route, sendmail, srconfig, strsetup, trpt, netstat, and xntpd.
7760| [CVE-2005-0101] Buffer overflow in the socket_getline function in Newspost 2.1.1 and earlier allows remote malicious NNTP servers to execute arbitrary code via a long string without a newline character.
7761| [CVE-2004-2068] fetchnews in leafnode 1.9.47 and earlier allows remote attackers to cause a denial of service (process hang) via an emptry NNTP news article with missing mandatory headers.
7762| [CVE-2004-1719] Multiple cross-site scripting (XSS) vulnerabilities in Merak Webmail Server 5.2.7 allow remote attackers to inject arbitrary web script or HTML via the (1) category, (2) cserver, (3) ext, (4) global, (5) showgroups, (6) or showlite parameters to address.html, or the (7) spage or (8) autoresponder parameters to settings.html, the (9) folder parameter to readmail.html, or the (10) attachmentpage_text_error parameter to attachment.html, (11) folder, (12) ct, or (13) cv parameters to calendar.html, (14) an <img> tag, or (15) the subject of an e-mail message.
7763| [CVE-2004-1610] SalesLogix 6.1 uses client-specified pathnames for writing certain files, which might allow remote authenticated users to create arbitrary files and execute code via the (1) vMME.AttachmentPath or (2) vMME.LibraryPath variables.
7764| [CVE-2004-1316] Heap-based buffer overflow in MSG_UnEscapeSearchUrl in nsNNTPProtocol.cpp for Mozilla 1.7.3 and earlier allows remote attackers to cause a denial of service (application crash) via an NNTP URL (news:) with a trailing '\' (backslash) character, which prevents a string from being NULL terminated.
7765| [CVE-2004-0574] The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper length validation and an "unchecked buffer," leading to off-by-one and heap-based buffer overflows.
7766| [CVE-2003-1266] The (1) FTP, (2) POP3, (3) SMTP, and (4) NNTP servers in EServer 2.92 through 2.97, and possibly 2.98, allow remote attackers to cause a denial of service (crash) via a large amount of data.
7767| [CVE-2003-0824] Unknown vulnerability in the SmartHTML interpreter (shtml.dll) in Microsoft FrontPage Server Extensions 2000 and 2002, and Microsoft SharePoint Team Services 2002, allows remote attackers to cause a denial of service (response failure) via a certain request.
7768| [CVE-2003-0822] Buffer overflow in the debug functionality in fp30reg.dll of Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to execute arbitrary code via a crafted chunked encoded request.
7769| [CVE-2003-0744] The fetchnews NNTP client in leafnode 1.9.3 to 1.9.41 allows remote attackers to cause a denial of service (process hang and termination) via certain malformed Usenet news articles that cause fetchnews to hang while waiting for input.
7770| [CVE-2002-2317] Memory leak in the (1) httpd, (2) nntpd, and (3) vpn driver in VelociRaptor 1.0 allows remote attackers to cause a denial of service (memory consumption) via an unknown method.
7771| [CVE-2002-2305] SQL injection vulnerability in agentadmin.php in Immobilier allows remote attackers to execute arbitrary SQL commands via the (1) agentname or (2) agentpassword parameter.
7772| [CVE-2002-2262] Unspecified vulnerability in xntpd of HP-UX 10.20 through 11.11 allows remote attackers to cause a denial of service (hang) via unknown attack vectors.
7773| [CVE-2002-1789] Format string vulnerability in newsx NNTP client before 1.4.8 allows local users to execute arbitrary code via format string specifiers that are not properly handled in a call to the syslog function.
7774| [CVE-2002-1788] Format string vulnerability in the nn_exitmsg function in nn 6.6.0 through 6.6.3 allows remote NNTP servers to execute arbitrary code via format strings in server responses.
7775| [CVE-2002-1718] Microsoft Internet Information Server (IIS) 5.1 may allow remote attackers to view the contents of a Frontpage Server Extension (FPSE) file, as claimed using an HTTP request for colegal.htm that contains .. (dot dot) sequences.
7776| [CVE-2002-0913] Format string vulnerability in log_doit function of Slurp NNTP client 1.1.0 allows a malicious news server to execute arbitrary code on the client via format strings in a server response.
7777| [CVE-2002-0909] Multiple buffer overflows in mnews 1.22 and earlier allow (1) a remote NNTP server to execute arbitrary code via long responses, or local users can gain privileges via long command line arguments (2) -f, (3) -n, (4) -D, (5) -M, or (6) -P, or via long environment variables (7) JNAMES or (8) MAILSERVER.
7778| [CVE-2002-0692] Buffer overflow in SmartHTML Interpreter (shtml.dll) in Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to cause a denial of service (CPU consumption) or run arbitrary code, respectively, via a certain type of web file request.
7779| [CVE-2002-0525] Format string vulnerabilities in (1) inews or (2) rnews for INN 2.2.3 and earlier allow local users and remote malicious NNTP servers to gain privileges via format string specifiers in NTTP responses.
7780| [CVE-2002-0002] Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code.
7781| [CVE-2001-1204] Directory traversal vulnerability in phprocketaddin in Total PC Solutions PHP Rocket Add-in for FrontPage 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter.
7782| [CVE-2001-0764] Buffer overflow in ntping in scotty 2.1.0 allows local users to execute arbitrary code via a long hostname as a command line argument.
7783| [CVE-2001-0543] Memory leak in NNTP service in Windows NT 4.0 and Windows 2000 allows remote attackers to cause a denial of service (memory exhaustion) via a large number of malformed posts.
7784| [CVE-2001-0414] Buffer overflow in ntpd ntp daemon 4.0.99k and earlier (aka xntpd and xntp3) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long readvar argument.
7785| [CVE-2001-0341] Buffer overflow in Microsoft Visual Studio RAD Support sub-component of FrontPage Server Extensions allows remote attackers to execute arbitrary commands via a long registration request (URL) to fp30reg.dll.
7786| [CVE-2001-0096] FrontPage Server Extensions (FPSE) in IIS 4.0 and 5.0 allows remote attackers to cause a denial of service via a malformed form, aka the "Malformed Web Form Submission" vulnerability.
7787| [CVE-2000-0438] Buffer overflow in fdmount on Linux systems allows local users in the "floppy" group to execute arbitrary commands via a long mountpoint parameter.
7788| [CVE-2000-0431] Cobalt RaQ2 and RaQ3 does not properly set the access permissions and ownership for files that are uploaded via FrontPage, which allows attackers to bypass cgiwrap and modify files.
7789| [CVE-2000-0341] ATRIUM Cassandra NNTP Server 1.10 allows remote attackers to cause a denial of service via a long login name.
7790| [CVE-2000-0256] Buffer overflows in htimage.exe and Imagemap.exe in FrontPage 97 and 98 Server Extensions allow a user to conduct activities that are not otherwise available through the web site, aka the "Server-Side Image Map Components" vulnerability.
7791| [CVE-2000-0153] FrontPage Personal Web Server (PWS) allows remote attackers to read files via a .... (dot dot) attack.
7792| [CVE-2000-0122] Frontpage Server Extensions allows remote attackers to determine the physical path of a virtual directory via a GET request to the htimage.exe CGI program.
7793| [CVE-2000-0114] Frontpage Server Extensions allows remote attackers to determine the name of the anonymous account via an RPC POST request to shtml.dll in the /_vti_bin/ virtual directory.
7794| [CVE-1999-1016] Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly others, allows remote malicious web site or HTML emails to cause a denial of service (100% CPU consumption) via large HTML form fields such as text inputs in a table cell.
7795| [CVE-1999-0681] Buffer overflow in Microsoft FrontPage Server Extensions (PWS) 3.0.2.926 on Windows 95, and possibly other versions, allows remote attackers to cause a denial of service via a long URL.
7796| [CVE-2011-3372] imap/nntpd.c in the NNTP server (nntpd) for Cyrus IMAPd 2.4.x before 2.4.12 allows remote attackers to bypass authentication by sending an AUTHINFO USER command without sending an additional AUTHINFO PASS command.
7797| [CVE-2009-3563] ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons.
7798| [CVE-2006-2334] The RtlDosPathNameToNtPathName_U API function in NTDLL.DLL in Microsoft Windows 2000 SP4 and XP SP2 does not properly convert DOS style paths with trailing spaces into NT style paths, which allows context-dependent attackers to create files that cannot be accessed through the expected DOS path or prevent access to other similarly named files in the same directory, which prevents those files from being detected or disinfected by certain anti-virus and anti-spyware software.
7799| [CVE-2006-1711] Plone 2.0.5, 2.1.2, and 2.5-beta1 does not restrict access to the (1) changeMemberPortrait, (2) deletePersonalPortrait, and (3) testCurrentPassword methods, which allows remote attackers to modify portraits.
7800| [CVE-2005-2496] The xntpd ntp (ntpd) daemon before 4.2.0b, when run with the -u option and using a string to specify the group, uses the group ID of the user instead of the group, which causes xntpd to run with different privileges than intended.
7801| [CVE-2005-1911] The fetchnews NNTP client in leafnode 1.11.2 and earlier can hang while waiting for input that never arrives, which allows remote NNTP servers to cause a denial of service (news loss).
7802| [CVE-2005-1453] fetchnews in leafnode 1.9.48 to 1.11.1 allows remote NNTP servers to cause a denial of service (crash) by closing the connection while fetchnews is reading (1) an article header or (2) an article body, which also prevents fetchnews from querying other servers.
7803| [CVE-2004-0657] Integer overflow in the NTP daemon (NTPd) before 4.0 causes the NTP server to return the wrong date/time offset when a client requests a date/time that is more than 34 years away from the server's time.
7804| [CVE-2002-0427] Buffer overflows in fpexec in mod_frontpage before 1.6.1 may allow attackers to gain root privileges.
7805| [CVE-2000-0710] The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers determine the physical path of the server components by requesting an invalid URL whose name includes a standard DOS device name.
7806| [CVE-2000-0709] The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to cause a denial of service in some components by requesting a URL whose name includes a standard DOS device name.
7807| [CVE-2000-0413] The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote attackers to determine the physical path of HTML, HTM, ASP, and SHTML files by requesting a file that does not exist, which generates an error message that reveals the path.
7808| [CVE-1999-1376] Buffer overflow in fpcount.exe in IIS 4.0 with FrontPage Server Extensions allows remote attackers to execute arbitrary commands.
7809| [CVE-1999-1052] Microsoft FrontPage stores form results in a default location in /_private/form_results.txt, which is world-readable and accessible in the document root, which allows remote attackers to read possibly sensitive information submitted by other users.
7810| [CVE-1999-1043] Microsoft Exchange Server 5.5 and 5.0 does not properly handle (1) malformed NNTP data, or (2) malformed SMTP data, which allows remote attackers to cause a denial of service (application error).
7811| [CVE-1999-0386] Microsoft Personal Web Server and FrontPage Personal Web Server in some Windows systems allows a remote attacker to read files on the server by using a nonstandard URL.
7812|
7813| SecurityFocus - https://www.securityfocus.com/bid/:
7814| [104517] NTP CVE-2018-12327 Stack Buffer Overflow Vulnerability
7815| [103351] NTP CVE-2018-7183 Buffer Overflow Vulnerability
7816| [103339] NTP CVE-2018-7185 Denial of Service Vulnerability
7817| [103194] NTP CVE-2018-7170 Incomplete Fix Remote Security Vulnerability
7818| [103192] NTP CVE-2018-7184 Denial of Service Vulnerability
7819| [103191] NTP CVE-2018-7182 Information Disclosure Vulnerability
7820| [97078] NTP CVE-2017-6452 Local Stack Based Buffer Overflow Vulnerability
7821| [97076] NTP CVE-2017-6459 Local Denial of Service Vulnerability
7822| [97074] NTP CVE-2017-6455 Local Denial of Service Vulnerability
7823| [97058] NTP CVE-2017-6451 Local Denial of Service Vulnerability
7824| [97052] NTP CVE-2017-6460 Stack Buffer Overflow Vulnerability
7825| [97051] NTP CVE-2017-6458 Buffer Overflow Vulnerability
7826| [97050] NTP CVE-2017-6464 Denial of Service Vulnerability
7827| [97049] NTP CVE-2017-6463 Denial of Service Vulnerability
7828| [97046] NTP CVE-2016-9042 Denial of Service Vulnerability
7829| [97045] NTP CVE-2017-6462 Local Buffer Overflow Vulnerability
7830| [94455] NTP CVE-2016-7433 Local Denial of Service Vulnerability
7831| [94454] NTP CVE-2016-7431 Denial of Service Vulnerability
7832| [94453] NTP CVE-2016-7429 Local Denial of Service Vulnerability
7833| [94452] NTP CVE-2016-9310 Denial of Service Vulnerability
7834| [94451] NTP CVE-2016-7426 Local Denial of Service Vulnerability
7835| [94450] NTP CVE-2016-9312 Denial of Service Vulnerability
7836| [94448] NTP CVE-2016-7434 Local Denial of Service Vulnerability
7837| [94447] NTP CVE-2016-7427 Denial of Service Vulnerability
7838| [94446] NTP CVE-2016-7428 Denial of Service Vulnerability
7839| [94444] NTP CVE-2016-9311 NULL Pointer Dereference Denial of Service Vulnerability
7840| [92277] BusyBox 'networking/ntpd.c' Remote Denial of Service Vulnerability
7841| [91400] Meinberg NTP Time Server Multiple Privilege Escalation and Buffer Overflow Vulnerabilities
7842| [91180] Foxit Reader 'CPDF_StreamContentParser::~CPDF_StreamContentParser' Memory Corruption Vulnerability
7843| [91010] NTP CVE-2016-4953 Denial of Service Vulnerability
7844| [91009] NTP CVE-2016-4956 Incomplete Fix Denial of Service Vulnerability
7845| [91007] NTP CVE-2016-4955 Denial of Service Vulnerability
7846| [90818] OpenNTPD 'ntpd/constraint.c' Certificate Validation Security Bypass Vulnerability
7847| [88276] NTP CVE-2016-1547 Denial of Service Vulnerability
7848| [88264] NTP CVE-2016-1548 Security Bypass Vulnerability
7849| [88261] NTP CVE-2016-1550 Local Security Bypass Vulnerability
7850| [88226] NTP CVE-2016-2518 Denial of Service Vulnerability
7851| [88219] NTP CVE-2016-1551 Remote Security Vulnerability
7852| [88204] NTP CVE-2016-2519 Denial of Service Vulnerability
7853| [88200] NTP CVE-2016-1549 Remote Security Vulnerability
7854| [88189] NTP CVE-2016-2517 Denial of Service Vulnerability
7855| [88180] NTP CVE-2016-2516 Denial of Service Vulnerability
7856| [88081] Microsoft FrontPage CVE-1999-1052 Information Disclosure Vulnerability
7857| [86089] Microsoft FrontPage CVE-2007-3109 Remote Security Vulnerability
7858| [83193] NTP CVE-2004-0657 Remote Security Vulnerability
7859| [82105] NTP CVE-2015-8139 Security Bypass Vulnerability
7860| [82102] NTP CVE-2015-8140 Security Bypass Vulnerability
7861| [81963] NTP CVE-2015-7973 Security Bypass Vulnerability
7862| [81962] NTP CVE-2015-7978 Denial of Service Vulnerability
7863| [81960] NTP CVE-2015-7974 Symmetric Key Encryption Authentication Security Bypass Vulnerability
7864| [81959] NTP CVE-2015-7975 Local Denial of Service Vulnerability
7865| [81816] NTP CVE-2015-7979 Denial of Service Vulnerability
7866| [81815] NTP CVE-2015-7977 NULL Pointer Dereference Denial of Service Vulnerability
7867| [81814] NTP CVE-2015-8158 Denial of Service Vulnerability
7868| [81811] NTP CVE-2015-8138 Denial of Service Vulnerability
7869| [81552] NTP Cronjob Script CVE-2016-0727 Local Privilege Escalation Vulnerability
7870| [77288] Network Time Protocol 'ntpq.c' Memory Corruption Vulnerability
7871| [77286] NTP CVE-2015-7702 Incomplete Fix Denial of Service Vulnerability
7872| [77285] NTP CVE-2015-7692 Incomplete Fix Denial of Service Vulnerability
7873| [77282] Network Time Protocol 'ntp_control.c' Directory Traversal Vulnerability
7874| [77281] NTP CVE-2015-7701 Denial of Service Vulnerability
7875| [77278] NTP Multiple Arbitrary File Overwrite Vulnerabilities
7876| [77274] NTP CVE-2015-7691 Incomplete Fix Denial of Service Vulnerability
7877| [76476] RETIRED: NTP CVE-2015-5196 Multiple Arbitrary File Overwrite Vulnerabilities
7878| [76475] NTP CVE-2015-5194 Denial of Service Vulnerability
7879| [76474] NTP 'ntpd/ntp_config.c' Remote Denial of Service Vulnerability
7880| [76473] NTP CVE-2015-5219 Denial of Service Vulnerability
7881| [75589] NTP CVE-2015-5146 Denial of Service Vulnerability
7882| [73951] NTP CVE-2015-1798 Man in the Middle Security Bypass Vulnerability
7883| [73950] NTP CVE-2015-1799 Denial of Service Vulnerability
7884| [73713] Mjseventpro CVE-2010-0340 SQL-Injection Vulnerability
7885| [72584] NTP 'ntp_io.c' Authentication Security Bypass Vulnerability
7886| [72583] NTP 'ntp_crypto.c' Information Disclosure Vulnerability
7887| [71969] Network Time Protocol ntpdc Local Buffer Overflow Vulnerability
7888| [65434] Apache Subversion 'mod_dav_svn' Module SVNListParentPath Denial of Service Vulnerability
7889| [64692] NTP 'ntp_request.c' Remote Denial of Service Vulnerability
7890| [62185] Microsoft FrontPage CVE-2013-3137 Information Disclosure Vulnerability
7891| [55561] IFOBS 'regclientprint.jsp' Multiple HTML Injection Vulnerabilities
7892| [54283] Linux Kernel 'fs/eventpoll.c' Local Denial of Service Vulnerability
7893| [52083] UTC Fire & Security GE-MC100-NTP/GPS-ZB Default Credentials Authentication Bypass Vulnerability
7894| [46630] Linux Kernel epoll Subsystem 'eventpoll.c' Multiple Local Denial of Service Vulnerabilities
7895| [45792] HP LoadRunner 'magentproc.exe' Remote Code Execution Vulnerability
7896| [41798] IBM FileNet Content Manager 'InheritParentPermissions' Flag Security Bypass Vulnerability
7897| [39479] Mozilla Firefox/Thunderbird/SeaMonkey 'nsIContentPolicy' Security Bypass Vulnerability
7898| [38309] XlentProjects SphereCMS 'archive.php' SQL Injection Vulnerability
7899| [37781] TYPO3 MJS Event Pro (mjseventpro) Unspecified SQL Injection Vulnerability
7900| [37255] NTP mode 7 MODE_PRIVATE Packet Remote Denial of Service Vulnerability
7901| [36502] Cisco IOS NTPv4 Reply Packet Remote Denial of Service Vulnerability
7902| [36457] Xerver Administration Interface 'currentPath' Parameter Cross Site Scripting Vulnerability
7903| [35017] NTP 'ntpd' Autokey Stack Buffer Overflow Vulnerability
7904| [34481] NTP 'ntpq' Stack Buffer Overflow Vulnerability
7905| [33290] TimeTools NTP Time Server Syslog Monitor Remote Denial of Service Vulnerability
7906| [33135] Goople CMS 'frontpage.php' SQL Injection Vulnerability
7907| [32352] vBulletin 'admincp/attachmentpermission.php' SQL Injection Vulnerability
7908| [31959] Agares Media ThemeSiteScript 'frontpage_right.php' Remote File Include Vulnerability
7909| [30290] SmbClientParser Perl Module Remote Command Execution Vulnerability
7910| [28297] Travelsized CMS 'frontpage.php' and 'index.php' Multiple Input Validation Vulnerabilities
7911| [28230] XOOPS MyTutorials Module 'printpage.php' SQL Injection Vulnerability
7912| [27375] OZ Journals 'printpreview' Local File Disclosure Vulnerability
7913| [26986] Arcadem LE 'frontpage_right.php' Remote File Include Vulnerability
7914| [25908] Microsoft Outlook Express And Windows Mail NNTP Protocol Heap Buffer Overflow Vulnerability
7915| [22223] Hitachi OpenTP1 Unspecified Remote Denial of Service Vulnerability
7916| [22098] Uberghey Frontpage.PHP Remote File Include Vulnerability
7917| [20321] Travelsized CMS Frontpage.PHP Remote File Include Vulnerability
7918| [20044] Limbo CMS Frontpage Arbitrary File Upload Vulnerability
7919| [19423] phNNTP File_newsportal Remote File Include Vulnerability
7920| [17452] Microsoft FrontPage Server Extensions Cross-Site Scripting Vulnerability
7921| [16902] Limbo CMS Frontpage Arbitrary PHP Command Execution Vulnerability
7922| [15117] Lynx NNTP Article Header Buffer Overflow Vulnerability
7923| [15093] Hitachi OpenTP1 Denial Of Service Vulnerability
7924| [14673] NTPD Insecure Privileges Vulnerability
7925| [13951] Microsoft Outlook Express NNTP Response Parsing Buffer Overflow Vulnerability
7926| [13376] MetaCart E-Shop V-8 IntProdID Parameter Remote SQL Injection Vulnerability
7927| [12756] YaBB Remote UsersRecentPosts Cross-Site Scripting Vulnerability
7928| [12141] Microsoft FrontPage 2000 Internet Publishing Service Provider DAV File Upload Vulnerability
7929| [11412] Microsoft Frontpage Asycpict.DLL JPEG Handling Remote Denial of Service Vulnerabilities
7930| [11379] Microsoft NNTP Component Heap Overflow Vulnerability
7931| [9008] Microsoft FrontPage Server Extensions SmartHTML Interpreter Denial Of Service Vulnerability
7932| [9007] Microsoft FrontPage Server Extensions Remote Debug Buffer Overrun Vulnerability
7933| [6522] EType EServ NNTP Remote Denial Of Service Vulnerability
7934| [6356] HP-UX xntpd Unspecified Denial Of Service Vulnerability
7935| [5804] Microsoft FrontPage Server Extensions SmartHTML Buffer Overflow Vulnerability
7936| [5240] NewsX NNTP SysLog Format String Vulnerability
7937| [5160] Kim Storm NN NNTP Error Message Format String Vulnerability
7938| [4251] Improved mod_frontpage Buffer Overflow Vulnerability
7939| [4084] Microsoft IIS 5.1 Frontpage Server Extensions File Source Disclosure Vulnerability
7940| [4078] Microsoft IIS 5.1 Frontpage Extensions Path Disclosure Information Vulnerability
7941| [3751] Total PC Solutions PHP Rocket Add-in for FrontPage Directory Traversal Vulnerability
7942| [3183] Microsoft Windows NNTP Denial of Service Vulnerability
7943| [2911] Juergen Schoenwaelder scotty ntping Buffer Overflow Vulnerability
7944| [2540] Ntpd Remote Buffer Overflow Vulnerability
7945| [1608] Microsoft FrontPage Server Extensions MS-DOS Device Name Denial Of Service Vulnerability
7946| [1594] Microsoft FrontPage/IIS Cross Site Scripting shtml.dll Vulnerability
7947| [1435] Microsoft FrontPage 2000 Server Extensions Denial Of Service Vulnerability
7948| [1205] Microsoft FrontPage Extensions .pwd File Permissions Vulnerability
7949| [1174] Microsoft Frontpage Server Extensions Path Disclosure Vulnerability
7950| [1156] Cassandra NNTPServer v1.10 Buffer Overflow Vulnerability
7951| [1141] MS Frontpage htimage.exe File Existence Disclosure Vulnerability
7952| [1117] MS Frontpage Image Mapper Buffer Overflow Vulnerability
7953| [1109] MS IIS FrontPage 98 Extensions Buffer Overflow Vulnerability
7954| [1108] MS IIS FrontPage 98 Extensions Filename Obfuscation Vulnerability
7955| [989] Microsoft FrontPage PWS Directory Traversal Vulnerability
7956| [964] MS Frontpage htimage.exe Path Leak Vulnerability
7957| [568] Microsoft FrontPage PWS DoS Vulnerability
7958| [74045] NTP 'ntp-keygen.c' Predictable Random Number Generator Weakness
7959| [71762] NTP 'ntp-keygen.c' Predictable Random Number Generator Weakness
7960| [71757] NTP 'ntp_config.c' Insufficient Entropy Security Weakness
7961| [10980] Microsoft NTP Time Synchronization Spoof Weakness
7962|
7963| IBM X-Force - https://exchange.xforce.ibmcloud.com:
7964| [82317] ownCloud viewer.php and addMountPoint.php cross-site scripting
7965| [52238] Microsoft FrontPage Server Extensions Vital Information Leakage
7966| [36554] Wireshark NTP dissector format string vulnerable Windows version detected
7967| [6730] Microsoft FrontPage Server Extensions Visual Studio RAD Support sub-component buffer overflow
7968| [86041] TRENDnet TEW-812DRU uapply.cgi and setNTP.cgi cross-site request forgery
7969| [82084] IB-NAS5220 and IB-NAS4220-B ntp_name parameter cross-site scripting
7970| [78636] IFOBS regclientprint.jsp cross-site scripting
7971| [76340] MYRE Real Estate Mobile listings.php and agentprofile.php SQL injection
7972| [75403] MYRE Real Estate Mobile listings.php and agentprofile.php SQL injection
7973| [73583] Moodle frontpage security bypass
7974| [70325] Cyrus IMAPd NNTP security bypass
7975| [66589] Linux Kernel eventpoll.c denial of service
7976| [66034] Linux NTP buffer overflow
7977| [65872] Linux Kernel eventpoll.c denial of service
7978| [62765] Plesk Small Business Manager currentPageId SQL injection
7979| [60481] IBM FileNet Content Manager InheritParentPermissions security bypass
7980| [59090] Opera news:// and nntp:// URI denial of service
7981| [59088] Microsoft Internet Explorer nntp:// URIs denial of service
7982| [59086] Mozilla Firefox news:// and nntp:// URI denial of service
7983| [58364] HP LoadRunner Agent magentproc.exe code execution
7984| [57822] Magneto Software SntpGetReply buffer overflow
7985| [54650] NTP mode7 (MODE_PRIVATE) denial of service
7986| [53675] XLink Omni-NFS Enterprise ntpd.exe buffer overflow
7987| [53663] Xerver currentPath directory traversal
7988| [53662] Xerver currentPath cross-site scripting
7989| [53455] Cisco IOS NTPv4 denial of service
7990| [52468] TGS Content Management index.php and frontpage_ception.php SQL injection
7991| [52237] Microsoft FrontPage Server Extensions To Do List Found
7992| [52236] Microsoft FrontPage Server Extensions Machine Name Disclosure
7993| [52235] Microsoft FrontPage Configuration Information Leakage
7994| [52234] Microsoft FrontPage '_vti_cnf' Information Leakage
7995| [50617] NTP ntpd buffer overflow
7996| [50258] Drupal frontpage forms information disclosure
7997| [49838] NTP cookedprint() buffer overflow
7998| [48023] Windows NTP Time Server Syslog Monitor syslog message denial of service
7999| [47773] Goople CMS frontpage.php SQL injection
8000| [47244] Adobe AIR and Adobe Flash Player DefineConstantPool information disclosure
8001| [46174] ThemeSiteScript frontpage_right.php file include
8002| [44940] devalcms currentpath parameter cross-site scripting
8003| [43910] Filesys::SmbClientParser directory command execution
8004| [43418] Avaya Messaging Storage Server date, time and NTP server command execution
8005| [41538] Perlbal ClientProxy.pm denial of service
8006| [41181] tutorials module for XOOPS printpage.php and index.php SQL injection
8007| [40129] Leafnode fetchnews NNTP client denial of service
8008| [39414] WordPress XMLRPC metaWeblog.getRecentPosts function informaiton disclosure
8009| [39266] phpAutoVideo frontpage_right.php file include
8010| [39228] Arcadem LE frontpage_right.php file include
8011| [36811] Microsoft Outlook Express and Windows Mail NNTP response code execution
8012| [34720] Microsoft FrontPage Personal Web Server CERN Image Map Dispatcher buffer overflow
8013| [34719] Microsoft FrontPage CERN Image Map Dispatcher information disclosure
8014| [33124] Squid clientProcessRequest() function denial of service
8015| [32247] RHSA-2006:0393 updates for ntp not installed
8016| [32076] Microsoft Frontpage Extensions directory /_vti_pvt/ present
8017| [31553] Uberghey CMS frontpage.php file include
8018| [29337] Travelsized CMS frontpage.php file include
8019| [28271] phNNTP article-raw.php file include
8020| [27828] Wireshark (Ethereal) NTP dissector format string
8021| [25965] @1 Event Publisher eventpublisher.txt information disclosure
8022| [25537] Microsoft FrontPage Server Extensions HTML cross-site scripting
8023| [22748] Hitachi OpenTP1 denial of service
8024| [22035] NTP incorrect group permissions
8025| [21537] Microsoft FrontPage style tag denial of service
8026| [20830] Microsoft Outlook Express NNTP Response Parsing buffer overflow
8027| [20283] MetaCart e-Shop intProdID and intCatalogID parameters SQL injection
8028| [19186] newsfetch NNTP responses buffer overflow
8029| [18711] Mozilla NNTP buffer overflow
8030| [17739] Microsoft FrontPage and Internet Explorer asycpict.dll JPEG denial of service
8031| [17641] Microsoft Windows NNTP buffer overflow
8032| [15406] NTP integer buffer overflow
8033| [13680] Microsoft FrontPage Server Extensions SmartHTML Interpreter denial of service
8034| [13674] Microsoft FrontPage Server Extensions debug buffer overflow
8035| [11873] Microsoft Internet Explorer, Outlook, and FrontPage shlwapi.dll library denial of service
8036| [10942] Leafnode NNTP server denial of service
8037| [10836] HP-UX xntpd denial of service
8038| [10195] Microsoft FrontPage Server Extensions (FPSE) 2002 SmartHTML Interpreter buffer overflow
8039| [10194] Microsoft FrontPage Server Extensions (FPSE) 2000 SmartHTML Interpreter denial of service
8040| [9583] newsx NNTP client syslog() local format string
8041| [9491] nn NNTP error message format string
8042| [9270] slurp NNTP client syslog() format string
8043| [9226] mnews NNTP response remote buffer overflow
8044| [8800] Microsoft IIS FrontPage Server Extensions and ASP.NET ISAPI filter error handling denial of service
8045| [8733] SNTP time broadcast audit
8046| [8517] NNTP port probe
8047| [8513] SNTP malformed packet
8048| [8411] NTP servers from which the router obtains time are set
8049| [8410] NTP server is enabled on the router
8050| [8400] Apache HTTP Server mod_frontpage buffer overflows
8051| [8362] Microsoft FrontPage form_results.txt is world readable
8052| [7951] Shell metacharacters in NNTP fields
8053| [7795] Microsoft FrontPage Server Extensions (FPSE) "
8054| [7788] Microsoft FrontPage Server Extensions (FPSE) "
8055| [7749] PHP Rocket Add-in for FrontPage "
8056| [7710] NNTP Subject
8057| [6977] Microsoft Windows NT and 2000 NNTP memory leak denial of service
8058| [6735] Scotty ntping buffer overflow could allow the execution of arbitrary code
8059| [6321] Ntpd server readvar control message buffer overflow
8060| [5494] Microsoft FrontPage 98 Server Extensions fpcount.exe CGI can be remotely crashed
8061| [5124] Microsoft FrontPage Server Extensions device name denial of service
8062| [4899] Microsoft FrontPage Extensions shtml.dll multiple access denial of service
8063| [4484] Microsoft FrontPage Server Extensions image mapping components allow remote code execution
8064| [4439] Microsoft FrontPage Server Extensions"
8065| [4410] CASSANDRA NNTP server buffer overflow
8066| [4333] Microsoft FrontPage 98 Server Extensions DVWSSR.DLL file buffer overflow
8067| [4268] Microsoft FrontPage 98 Server Extensions DVWSSR.DLL file could allow remote ASP source retrieval
8068| [3393] Microsoft FrontPage Extensions authors.pwd file could reveal encrypted passwords
8069| [3391] Microsoft FrontPage Extensions service.pwd file could reveal encrypted passwords
8070| [3178] Exchange NNTP server unauthenticated command
8071| [3174] Exchange NNTP server dropped connection
8072| [3117] Microsoft FrontPage long URL buffer overflow
8073| [1223] Microsoft Exchange Server SMTP and NNTP denial of service
8074| [908] Microsoft FrontPage extensions under Unix create world readable password files
8075| [670] NNTP username
8076| [669] NNTP password
8077| [668] NNTP group
8078| [561] Microsoft FrontPage 1.1 allows users to write to executable directories
8079| [438] NNTP daemon
8080| [89] NNTP reading
8081| [88] NNTP posting
8082|
8083| Exploit-DB - https://www.exploit-db.com:
8084| [27620] Microsoft FrontPage Server Extensions Cross-Site Scripting Vulnerability
8085| [25536] MetaCart E-Shop V-8 IntProdID Parameter Remote SQL Injection Vulnerability
8086| [25199] YaBB 2.0 - Remote UsersRecentPosts Cross-Site Scripting Vulnerability
8087| [22124] EType EServ 1.9x NNTP Remote Denial of Service Vulnerability
8088| [20960] Juergen Schoenwaelder scotty 2.1.x ntping Buffer Overflow Vulnerability
8089| [20727] Ntpd Remote Buffer Overflow Vulnerability
8090| [19897] FrontPage 2000,IIS 4.0/5.0 Server Extensions Path Disclosure Vulnerability
8091| [19884] Atrium Software Cassandra NNTP Server 1.10 Buffer Overflow Vulnerability
8092| [19846] MS FrontPage 98 Server Extensions for IIS,MS InterDev 1.0 - Buffer Overflow Vulnerability
8093| [19445] Microsoft FrontPage Personal WebServer 1.0 PWS DoS Vulnerability
8094| [16960] Linux NTP query client 4.2.6p1 - Heap Overflow Vulnerability
8095| [5245] XOOPS Module tutorials (printpage.php) SQL Injection Vulnerability
8096| [3147] Uberghey 0.3.1 (frontpage.php) Remote File Include Vulnerability
8097| [2148] phNNTP <= 1.3 (article-raw.php) Remote File Include Vulnerability
8098| [28809] HP LoadRunner magentproc.exe Overflow
8099| [27894] obotix IP Camera M1 1.9.4 .7/M10 2.0.5 .2 eventplayer get_image_info_abspath Parameter XSS
8100| [24379] Merak Mail Server 7.4.5 attachment.html attachmentpage_text_error Parameter XSS
8101| [19877] FrontPage 98/Personal WebServer 1.0,Personal Web Server 2.0 htimage.exe File Existence Disclosure
8102| [19853] FrontPage 97/98 Server Image Mapper Buffer Overflow
8103| [19845] MS FrontPage 98 Server Extensions for IIS,MS InterDev 1.0 Filename Obfuscation
8104| [19753] ms frontpage personal webserver 1.0/personal web server 4.0 - Directory Traversal
8105| [19605] Linux Kernel fs/eventpoll.c Local Denial of Service
8106| [16379] Microsoft Outlook Express NNTP Response Parsing Buffer Overflow
8107| [16356] Microsoft IIS ISAPI FrontPage fp30reg.dll Chunked Overflow
8108| [16285] NTP daemon readvar Buffer Overflow
8109| [15838] OpenClassifieds 1.7.0.3 Chained: Captcha Bypass->SQLi->Persistent XSS on Frontpage
8110| [12204] MagnetoSoft SNTP 4.0.0.7 - ActiveX SntpSendRequest Crash PoC
8111| [12203] MagnetoSoft SNTP 4.0.0.7 - ActiveX SntpGetReply BOF
8112| [9940] ntpd 4.0.99j-k readvar Buffer Overflow
8113| [7683] Goople <= 1.8.2 (frontpage.php) Blind SQL Injection Exploit
8114| [2471] Travelsized CMS <= 0.4 (frontpage.php) Remote File Include Exploit
8115| [1066] MS Outlook Express NNTP Buffer Overflow Exploit (MS05-030)
8116| [578] MS Windows NNTP Service (XPAT) Denial of Service Exploit (MS04-036)
8117| [121] MS Frontpage Server Extensions fp30reg.dll Exploit (MS03-051)
8118|
8119| OpenVAS (Nessus) - http://www.openvas.org:
8120| [902839] Microsoft FrontPage Server Extensions MS-DOS Device Name DoS Vulnerability
8121| [900652] NTP 'ntpd' Autokey Stack Overflow Vulnerability
8122| [900623] NTP Stack Buffer Overflow Vulnerability
8123| [801713] Microsoft Outlook Express And Windows Mail NNTP Protocol Heap Buffer Overflow Vulnerability (941202)
8124| [800408] NTP EVP_VerifyFinal() Security Bypass Vulnerability
8125| [800407] NTP Version Detection (Linux)
8126| [100399] NTP mode 7 MODE_PRIVATE Packet Remote Denial of Service Vulnerability
8127| [56769] FreeBSD Ports: frontpage -- cross site scripting vulnerability
8128| [10884] NTP read variables
8129| [880846] CentOS Update for ntp CESA-2009:1648 centos4 i386
8130| [880814] CentOS Update for ntp CESA-2009:0046 centos5 i386
8131| [880810] CentOS Update for ntp CESA-2009:1648 centos5 i386
8132| [880762] CentOS Update for ntp CESA-2009:1039 centos5 i386
8133| [880690] CentOS Update for ntp CESA-2009:1651 centos3 i386
8134| [855775] Solaris Update for usr/sbin/ntpq 141396-01
8135| [855676] Solaris Update for ntpq 141911-01
8136| [855649] Solaris Update for ntpq 141910-01
8137| [855628] Solaris Update for usr/sbin/ntpq 141397-01
8138| [855247] Solaris Update for /usr/lib/inet/xntpd and /usr/sbin/ntpdate 109668-07
8139| [855010] Solaris Update for /usr/lib/inet/xntpd and /usr/sbin/ntpdate 109667-07
8140| [835252] HP-UX Update for XNTP HPSBUX02639
8141| [835204] HP-UX Update for XNTP HPSBUX02437
8142| [835161] HP-UX Update for xntpd HPSBUX00232
8143| [835070] HP-UX Update for xntpd(1M) HPSBUX00148
8144| [100608] Windows NT NNTP Component Buffer Overflow
8145| [66662] FreeBSD Security Advisory (FreeBSD-SA-10:02.ntpd.asc)
8146| [66639] Gentoo Security Advisory GLSA 201001-01 (ntp)
8147| [66527] CentOS Security Advisory CESA-2009:1648 (ntp)
8148| [66526] CentOS Security Advisory CESA-2009:1651 (ntp)
8149| [66519] Slackware Advisory SSA:2009-343-01 ntp
8150| [66515] Debian Security Advisory DSA 1948-1 (ntp)
8151| [66511] Fedora Core 10 FEDORA-2009-13121 (ntp)
8152| [66507] Fedora Core 11 FEDORA-2009-13090 (ntp)
8153| [66501] Fedora Core 12 FEDORA-2009-13046 (ntp)
8154| [66368] Mandriva Security Advisory MDVSA-2009:309 (ntp)
8155| [65948] SLES10: Security update for xntp
8156| [65773] SLES10: Security update for xntp
8157| [65666] SLES11: Security update for ntp
8158| [65606] SLES9: Security update for xntp
8159| [65578] SLES9: Security update for xntp
8160| [65238] SLES9: Security update for xntp, xntp-doc
8161| [64225] Fedora Core 11 FEDORA-2009-5674 (ntp)
8162| [64207] FreeBSD Security Advisory (FreeBSD-SA-09:11.ntpd.asc)
8163| [64146] Ubuntu USN-777-1 (ntp)
8164| [64128] Mandrake Security Advisory MDVSA-2009:117 (ntp)
8165| [64116] Slackware Advisory SSA:2009-154-01 ntp
8166| [64114] Gentoo Security Advisory GLSA 200905-08 (ntp)
8167| [64098] Fedora Core 9 FEDORA-2009-5275 (ntp)
8168| [64095] Fedora Core 10 FEDORA-2009-5273 (ntp)
8169| [64050] CentOS Security Advisory CESA-2009:1039 (ntp)
8170| [64046] FreeBSD Ports: ntp
8171| [64032] Debian Security Advisory DSA 1801-1 (ntp)
8172| [63770] Mandrake Security Advisory MDVSA-2009:092 (ntp)
8173| [63743] Gentoo Security Advisory GLSA 200904-05 (ntp)
8174| [63343] CentOS Security Advisory CESA-2009:0046 (ntp)
8175| [63267] Fedora Core 10 FEDORA-2009-0544 (ntp)
8176| [63266] Fedora Core 9 FEDORA-2009-0547 (ntp)
8177| [63242] FreeBSD Security Advisory (FreeBSD-SA-09:03.ntpd.asc)
8178| [63230] Slackware Advisory SSA:2009-014-03 ntp
8179| [63194] Mandrake Security Advisory MDVSA-2009:007 (ntp)
8180| [63163] Ubuntu USN-705-1 (ntp)
8181| [63149] Debian Security Advisory DSA 1702-1 (ntp)
8182| [55233] Debian Security Advisory DSA 801-1 (ntp)
8183| [53863] Debian Security Advisory DSA 045-1 (ntp)
8184| [52235] mozilla -- heap overflow in NNTP handler
8185| [17229] NNTP password overflow
8186| [17228] NNTP message headers overflow
8187| [14773] Identifies services like FTP, SMTP, NNTP...
8188| [10699] IIS FrontPage DoS II
8189| [10585] IIS FrontPage DoS
8190|
8191| SecurityTracker - https://www.securitytracker.com:
8192| [1021533] NTP Signature Validation Flaw Lets Remote Users Bypass Validation Checks
8193| [1015896] Microsoft FrontPage Server Extensions Input Validation Holes Permit Cross-Site Scripting Attacks
8194| [1013420] YaBB Input Validation Error in 'usersrecentposts' Lets Remote Users Conduct Cross-Site Scripting Attacks
8195| [1011762] cPanel Backup and FrontPage Management Bugs Let Remote Authenticated Users View, Edit, and Own Arbitrary Files
8196| [1001816] Microsoft Visual Studio RAD Support Component of FrontPage Lets Remote Users Execute Arbitrary Code on the FrontPage Server
8197| [1026143] Cyrus IMAP Server NNTP Service Lets Remote Users Bypass Authentication
8198| [1026031] Cyrus IMAP Server Buffer Overflow in NNTP Daemon Lets Remote Users Execute Arbitrary Code
8199| [1024934] Subversion SVNParentPath Collection Processing Error Lets Remote Users Execute Arbitrary Code
8200| [1023298] NTP Mode 7 Packet Processing Flaw Lets Remote Users Deny Service
8201| [1022930] Cisco IOS H.323, SIP, NTP, Tunneling, and Encrypted Packet Processing Flaws Let Remote Users Deny Service
8202| [1022243] ntp crypto_recv() Autokey Stack Overflow Lets Remote Users Execute Arbitrary Code
8203| [1022033] ntp Buffer Overflow in ntpq cookedprint() Lets Remote Users Execute Arbitrary Code
8204| [1018786] Microsoft Outlook Express Bug in Processing NNTP Responses Lets Remote Users Execute Arbitrary Code
8205| [1018785] Windows Mail Bug in Parsing NNTP Responses Lets Remote Users Execute Arbitrary Code
8206| [1016679] xntpd '-u' Switch May Cause the Daemon to Run With Incorrect Group Privileges
8207| [1016668] phNNTP Include File Flaw in 'file_newsportal' Parameter Lets Remote Users Execute Arbitrary Code
8208| [1015065] Lynx Buffer Overflow in HTrjis() in Processing NNTP Headers Lets Remote Users Execute Arbitrary Code
8209| [1014200] Microsoft Outlook Express Buffer Overflow in NNTP Response Parser Lets Remote Users Execute Arbitrary Code
8210| [1012726] Mozilla Buffer Overflow in Processing NNTP URLs Lets Remote Users Execute Arbitrary Code
8211| [1011631] Microsoft NNTP Buffer Overflow Lets Remote Users Execute Arbitrary Code With SYSTEM Privileges
8212| [1011250] Microsoft FrontPage Buffer Overflow in WordPerfect Converter Lets Remote Users Execute Arbitrary Code
8213| [1009336] Network Time Protocol (NTP) Server Integer Overflow May Return the Incorrect Time
8214| [1008147] Microsoft FrontPage Server Extensions Buffer Overflow May Let Remote Users Execute Arbitrary Code
8215| [1005865] Leafnode NNTP News Server Lets Remote Users Deny Service
8216| [1005786] Xntpd Time Daemon on HP-UX May Crash or Degrade
8217| [1005287] Microsoft FrontPage Server Extensions SmartHTML Interpreter Bugs May Let Remote Users Execute Arbitrary Code with System Privileges
8218| [1004266] Cisco BTS 10200 Softswitch Underlying Operating System Contains Network Time Daemon (NTP) Buffer Overflow That May Allow a Remote User to Crash the Device or Execute Arbitrary Code
8219| [1004265] Cisco IP Manager Underlying Operating System Contains Network Time Daemon (NTP) Buffer Overflow That May Allow a Remote User to Crash the Device or Execute Arbitrary Code
8220| [1004264] Cisco Media Gateway Controller (MGC) Product Line Underlying Operating System Contains Network Time Daemon (NTP) Buffer Overflow That May Allow a Remote User to Crash the Device
8221| [1004244] Cisco IOS Systems Contain Network Time Daemon (NTP) Buffer Overflow That May Allow a Remote User to Crash the Device
8222| [1003767] 'mod_frontpage' Module for Apache Web Server Has Buffer Overlow in 'fpexec.c' That Allows Remote Users to Execute Arbitrary Code on the System with Root Privileges
8223| [1003071] PHP Rocket Add-in for FrontPage Discloses Files on the Server to Remote Users
8224| [1002197] Microsoft Windows NNTP Network News Service Has a Memory Leak That Allows Remote Users to Cause the Server to Crash
8225| [1001770] Scotty Tcl Interpreter's ntping Utility Lets Local Users Obtain Root Privileges
8226| [1001237] The Network Time Protocol Daemon (ntpd) Allows Remote Users to Execute Arbitrary Code on the Server - Typically to Gain Root Privileges on the Server
8227|
8228| OSVDB - http://www.osvdb.org:
8229| [52917] Adobe Flash Player ActionScript 2 VM DefineConstantPool Action Crafted PDF File Handling Memory Disclosure
8230| [37179] Free Image Hosting frontpage.php AD_BODY_TEMP Variable Remote
8231| [31138] SolidState ViewAccountPage.class.php base_path Parameter Remote File Inclusion
8232| [30764] ClickGallery view_recent.asp currentpage Parameter SQL Injection
8233| [26417] ClickGallery view_gallery.asp parentcurrentpage Parameter XSS
8234| [3383] Microsoft FrontPage Server Extensions imagemap.exe File Verification
8235| [805] NTP ntpd readvar Variable Remote Overflow
8236| [577] FrontPage Server Extensions Visual Studio RAD Support Overflow
8237| [95804] TRENDnet TEW-812DRU setNTP.cgi Multiple Field Command Injection
8238| [93712] Zavio IP Cameras /opt/cgi/view/param sub_C8C8 Function General.Time.NTP.Server Parameter Remote Command Execution
8239| [92877] Vivotek PT7135 IP Camera farseer.out system.ntp Parameter Remote Command Execution
8240| [91972] GNOME Evolution-Data-Server NNTP Encryption Option Failure Remote Credential Disclosure
8241| [91630] Rosewill RSVA11001 NTP Host Manipulation Remote Command Execution
8242| [91145] Microsoft IE removeChild CHtmlComponentProperty Object Handling Use-after-free Arbitrary Code Execution
8243| [90495] ownCloud /apps/files_external/addMountPoint.php mountpoint Parameter XSS
8244| [90267] Evolution NNTP STARTTLS Encryption Regression Remote Cleartext Credential Disclosure
8245| [90219] Raidsonic Multiple Product /cgi/time/time.cgi ntp_name Parameter XSS
8246| [85705] iFOBS ifobsClient/regclientprint.jsp Multiple Parameter XSS
8247| [83687] Linux Kernel fs/eventpoll.c Local DoS
8248| [83643] Knews Multilingual Newsletters Plugin for WordPress wp-content/plugins/knews/wysiwyg/fontpicker/index.php ff Parameter XSS
8249| [81824] MYRE Real Estate Mobile 1_mobile/agentprofile.php userid Parameter SQL Injection
8250| [81644] WebKit XMLDocumentParser::exitText Function XML Parsing Use-after-free Issue
8251| [78467] WebTitan NTP Server (Display) Module Unspecified XSS
8252| [77996] Contentpapst admin.php Multiple Parameter XSS
8253| [77872] Parallels Plesk Small Business Panel Site Editor (SiteBuilder) Feature /Wizard/Edit/Html currentPageId Parameter SQL Injection
8254| [76829] Calibre calibre-mount-helper Utility Arbitrary Directory / Mountpoint Manipulation
8255| [76338] WebKit XMLDocumentParser::insertErrorMessageBlock Use-after-free Issue
8256| [76336] WebKit XMLDocumentParser::endElementNs / XMLDocumentParser::parseEndElement Use-after-free Issue
8257| [76057] Cyrus IMAP Server NNTP AUTHINFO USER Command Parsing Authentication Bypass Arbitrary Command Execution
8258| [75307] Cyrus IMAP Server map/nntpd.c split_wildmats() Function NNTP Command Parsing Remote Overflow
8259| [73053] Linux Kernel fs/eventpoll.c epoll Data Structure File Descriptor Local DoS
8260| [70332] Apache Subversion Apache HTTP Server mod_dav_svn repos.c walk FunctionSVNParentPath Collection Remote DoS
8261| [69870] Lantern CMS 11-login.asp intPassedLocationID Parameter XSS
8262| [66859] Adobe Reader / Acrobat CoolType.dll maxp Table maxComponentPoints Field Font Handling Overflow
8263| [66448] IBM FileNet Content Manager InheritParentPermissions Security Inheritance Weakness
8264| [66268] InstantPhp Jobs Component for Joomla! index.php detailed_results Parameter SQL Injection
8265| [65465] WMS-CMS printpage.asp Multiple Parameter SQL Injection
8266| [65111] Opera Invalid news / nntp URI IFRAME Element Handling Remote DoS
8267| [65110] Microsoft IE Invalid news / nntp URI IFRAME Element Handling Remote DoS
8268| [65109] Mozilla Firefox Invalid news / nntp URI IFRAME Element Handling Remote DoS
8269| [64437] HP Mercury LoadRunner Agent magentproc.exe Remote Arbitrary Code Execution
8270| [63620] Mozilla Multiple Products XMLDocument::load Function nsIContentPolicy Check Restriction Bypass
8271| [63472] Apple Safari on Mac OS X libFontParser.dylib TType1ParsingContext::SpecialEncoding() Function Arbitrary Code Execution (PWN2OWN)
8272| [62909] ncpfs ncpumount sutil/ncpumount.c Mountpoint Name Local File Disclosure
8273| [60847] NTP ntpd Mode 7 Request Crafted Packet Reply Loop Remote DoS
8274| [60827] e107 e107_admin/frontpage.php Unspecified Parameter XSS
8275| [60349] Etype EServ NNTP Service Large Request Remote DoS
8276| [60142] HP-UX xntpd Unspecified Remote DoS
8277| [58758] Apache River GrantPermission Policy Manipulation Privilege Escalation
8278| [58645] Xerver HTTP Server chooseDirectory Action currentPath Parameter XSS
8279| [58644] Xerver HTTP Server chooseDirectory Action currentPath Parameter Traversal Arbitrary File Access
8280| [58342] Cisco IOS Network Time Protocol (NTP) Crafted Packet Remote DoS
8281| [57478] TGS Content Management cms/frontpage_ception.ph Multiple Parameter SQL Injection
8282| [56015] NTP on Windows SO_EXCLUSIVEADDRUSE Unspecified Issue
8283| [56014] NTP EVP_VerifyFinal() Check Unspecified Issue
8284| [54576] NTP ntpd/ntp_crypto.c crypto_recv() Function Remote Overflow
8285| [54294] eFront studentpage.php / professorpage.php File Upload Arbitrary Code Execution
8286| [53593] NTP ntpq/ntpq.c cookedprint() Function Remote Overflow
8287| [51244] Goople CMS frontpage.php Multiple Parameter SQL Injection
8288| [50015] Easyedit CMS news.php intPageID Parameter SQL Injection
8289| [50014] Easyedit CMS page.php intPageID Parameter SQL Injection
8290| [49921] vBulletin admincp/attachmentpermission.php extension Parameter SQL Injection
8291| [49856] ThemeSiteScript upload/admin/frontpage_right.php loadadminpage Parameter Remote File Inclusion
8292| [47971] DevalCMS index.php currentpath Parameter XSS
8293| [47502] Perl Filesys::SmbClientParser Folder Name Arbitrary Shell Command Injection
8294| [47001] Linux Kernel fs/namespace.c do_change_type Function Mountpoint Manipulation Local Privilege Escalation
8295| [46124] DesktopOnNet frontpage.don3app/frontpage.php app_path Parameter Remote File Inclusion
8296| [45449] ACT P202S IP Phone Hardcoded NTP Server IP Time Subversion
8297| [43913] Perlbal lib/Perlbal/ClientProxy.pm Chunked Upload File Upload Handling Overflow DoS
8298| [42913] Hosting Controller UNINSTAL.asp Crafted Host Header Arbitrary Site Frontpage Extension Manipulation
8299| [42876] Tutorials Module for XOOPS printpage.php tid Parameter SQL Injection
8300| [42058] Microsoft FrontPage CERN Image Map Dispatcher (htimage.exe) Arbitrary File Information Disclosure
8301| [39802] Arcadem LE frontpage_right.php loadadminpage Parameter Remote File Inclusion
8302| [39617] phpAutoVideo admin/frontpage_right.php loadadminpage Parameter Remote File Inclusion
8303| [37631] Microsoft Windows Malformed NNTP Response Remote Memory Corruption
8304| [34367] Squid src/client_side.c clientProcessRequest() function TRACE Request DoS
8305| [33553] Uberghey CMS frontpage.php setup_folder Parameter Remote File Inclusion
8306| [32987] Movable Type MTCommentPreviewIsStatic Tag XSS
8307| [32962] Hitachi OpenTP1 Invalid Data DoS
8308| [31200] SolidState DeleteAccountPage.class.php base_path Parameter Remote File Inclusion
8309| [31193] SolidState BillingPaymentPage.class.php base_path Parameter Remote File Inclusion
8310| [31187] SolidState AddPaymentPage.class.php base_path Parameter Remote File Inclusion
8311| [31119] SolidState NewAccountPage.class.php base_path Parameter Remote File Inclusion
8312| [31104] SolidState EditAccountPage.class.php base_path Parameter Remote File Inclusion
8313| [31103] SolidState EditPaymentPage.class.php base_path Parameter Remote File Inclusion
8314| [30763] ClickGallery gallery.asp currentpage Parameter SQL Injection
8315| [29490] Travelsized CMS frontpage.php setup_folder Parameter Remote File Inclusion
8316| [29098] TSEP printpagedetails.php tsep_config[absPath] Parameter Remote File Inclusion
8317| [28355] Joomla! Frontpage Content Submission Unspecified Injection
8318| [28260] Microsoft IIS FrontPage Server Extensions (FPSE) shtml.exe Path Disclosure
8319| [28093] contentpublisher for Mambo contentpublisher.php mosConfig_absolute_path Parameter Remote File Inclusion
8320| [27856] phNNTP article-raw.php file_newsportal Parameter Remote File Inclusion
8321| [27369] Wireshark NTP Dissector Format String Flaw
8322| [25761] Microsoft Windows NTDLL.DLL RtlDosPathNameToNtPathName_U API Path Conversion Weakness
8323| [25623] Mobotix IP Network Camera eventplayer get_image_info_abspath Parameter XSS
8324| [24674] Mozilla Multiple Products XPCWrappedNativeScope::SystemIsBeingShutDown compareDocumentPosition Handling Memory Corruption
8325| [24518] Microsoft FrontPage Server Extensions fpadmdll.dll Multiple Parameter XSS
8326| [24237] @1 Event Publisher eventpublisher.txt Direct Request Private Comment Disclosure
8327| [24236] @1 Event Publisher eventpublisher_usersubmit.htm Multiple Parameter XSS
8328| [24235] @1 Event Publisher eventpublisher_admin.htm Multiple Parameter XSS
8329| [22822] Linux Kernel mq_open System Call mntput Function Local DoS
8330| [21038] FUSE fusermount Crafted Mountpoint mtab Corruption DoS
8331| [20143] lmtp2nntp l2_spec() Function Format String
8332| [20142] lmtp2nntp lib_cfg Function Unspecified Issue
8333| [20019] Lynx NNTP HTrjis() Function Remote Overflow
8334| [19428] IBM Lotus Domino CitiPayPro.nsf SubPaymentProcessingFS Src Parameter XSS
8335| [19419] Turquoise SuperStat Date Parser Crafted NNTP Server Response Overflow
8336| [19055] NTP ntpd -u Group Permission Weakness
8337| [17306] Microsoft Outlook Express NNTP LIST Command Remote Overflow
8338| [15975] NTP ntpd Date/Time Request Remote Overflow
8339| [15870] MetaCart product.asp intProdID Parameter SQL Injection
8340| [15596] Oracle Collaboration Suite Email Server Unspecified NNTP DoS
8341| [14827] YaBB2 YaBB.pl usersrecentposts Action username Parameter XSS
8342| [14456] Slurp NNTP Client log_doit Function Format String
8343| [14410] mod_frontpage for Apache HTTP Server fpexec Remote Overflow
8344| [13353] newsfetch NNTP Response Handling Overflow DoS
8345| [12637] Mozilla nsNNTPProtocol.cpp NNTP news:// URI Handling Overflow DoS
8346| [10962] cPanel Frontpage _private Symlink Arbitrary File Permission Modification
8347| [10961] cPanel Frontpage .htaccess Hardlink Arbitrary File Owernship Modification
8348| [10895] Microsoft FrontPage asycpict.dll JPEG Processing DoS
8349| [10697] Microsoft Windows/Exchange NNTP Component Remote Overflow
8350| [10246] Microsoft Exchange Server Malformed NNTP AUTHINFO DoS
8351| [9040] IceWarp WebMail attachment.html attachmentpage_text_error Parameter XSS
8352| [4345] Mnews NNTP Response Remote Overflow
8353| [3968] Microsoft FrontPage Personal Web Server Arbitrary File Access
8354| [3501] Microsoft FrontPage form_results Information Disclosure
8355| [3386] Microsoft FrontPage Server Extensions htimage.exe File Existence Enumeration
8356| [3385] Microsoft FrontPage Server Extensions htimage.exe Remote Path Disclosure
8357| [3384] Microsoft FrontPage htimage.exe Overflow
8358| [3382] Microsoft FrontPage Server Extensions imagemap.exe Remote Path Disclosure
8359| [3381] Microsoft FrontPage imagemap.exe Overflow
8360| [3300] Microsoft FrontPage shtml MS-DOS Device Name DoS
8361| [2952] Microsoft FrontPage Server Extensions (fp30reg.dll) Debug Function Chunked Encoded Request Remote Overflow
8362| [2800] Microsoft FrontPage Server Extensions SmartHTML DoS
8363| [2306] Microsoft FrontPage Server Extensions SmartHTML Interpreter shtml.dll DoS
8364| [1928] Microsoft Windows NNTP Malformed Post DoS
8365| [1879] scotty ntping Hostname Handling Local Overflow
8366| [1304] ATRIUM Cassandra NNTP Server Login Name Remote Overflow
8367| [1135] Microsoft Windows NT Print Spooler Service (spoolss.exe) AddPrintProvider() Function Alternate Print Provider Arbitrary Command Execution
8368| [1032] Microsoft FrontPage PWS GET Request Handling Remote DoS
8369| [694] PHP Rocket for FrontPage phprocketaddin page Parameter Traversal Arbitrary File Access
8370| [482] Microsoft IIS FrontPage Server Extensions (FPSE) Malformed Form DoS
8371| [396] Microsoft FrontPage shtml.exe MS-DOS Device Name Request DoS
8372| [307] Microsoft FrontPage 2000 Server Extensions shtml.exe Path Disclosure
8373| [282] Microsoft FrontPage dvwssr.dll Backdoor and Overflow
8374| [68] Microsoft FrontPage Extensions .pwd File Permissions
8375| [67] Microsoft FrontPage Extension shtml.dll Anonymous Account Information Disclosure
8376|_
8377Too many fingerprints match this host to give specific OS details
8378Network Distance: 10 hops
8379
8380TRACEROUTE (using port 123/udp)
8381HOP RTT ADDRESS
83821 132.65 ms 10.230.200.1
83832 ...
83843 132.75 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
83854 132.74 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
83865 138.07 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
83876 139.28 ms be3376.ccr21.sto01.atlas.cogentco.com (130.117.50.226)
83887 138.14 ms level3.sto01.atlas.cogentco.com (130.117.14.6)
83898 167.19 ms ae-1-3107.edge6.Amsterdam1.Level3.net (4.69.162.214)
83909 ...
839110 167.20 ms no-reverse-dns-configured.com (94.102.49.234)
8392#######################################################################################################################################
8393Starting Nmap 7.80 ( https://nmap.org ) at 2019-11-06 18:19 EST
8394Stats: 0:05:17 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
8395NSE Timing: About 98.96% done; ETC: 18:24 (0:00:03 remaining)
8396Stats: 0:19:18 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
8397NSE Timing: About 98.96% done; ETC: 18:38 (0:00:12 remaining)
8398Nmap scan report for no-reverse-dns-configured.com (94.102.49.234)
8399Host is up (0.15s latency).
8400
8401PORT STATE SERVICE VERSION
84023306/tcp open mysql MySQL 5.0.77
8403| mysql-brute:
8404| Accounts: No valid accounts found
8405| Statistics: Performed 4 guesses in 16 seconds, average tps: 0.2
8406|_ ERROR: The service seems to have failed or is heavily firewalled...
8407| mysql-enum:
8408| Accounts: No valid accounts found
8409|_ Statistics: Performed 5 guesses in 12 seconds, average tps: 0.4
8410| mysql-info:
8411| Protocol: 10
8412| Version: 5.0.77
8413| Thread ID: 57021
8414| Capabilities flags: 41516
8415| Some Capabilities: Support41Auth, LongColumnFlag, SupportsTransactions, Speaks41ProtocolNew, ConnectWithDatabase, SupportsCompression
8416| Status: Autocommit
8417|_ Salt: TV4>xgyKKs&_,\m.;|%<
8418| vulners:
8419| cpe:/a:mysql:mysql:5.0.77:
8420| CVE-2009-2446 8.5 https://vulners.com/cve/CVE-2009-2446
8421| CVE-2009-5026 6.8 https://vulners.com/cve/CVE-2009-5026
8422| CVE-2009-4028 6.8 https://vulners.com/cve/CVE-2009-4028
8423| CVE-2010-1848 6.5 https://vulners.com/cve/CVE-2010-1848
8424| CVE-2010-1850 6.0 https://vulners.com/cve/CVE-2010-1850
8425| CVE-2008-7247 6.0 https://vulners.com/cve/CVE-2008-7247
8426| CVE-2010-3833 5.0 https://vulners.com/cve/CVE-2010-3833
8427| CVE-2010-1849 5.0 https://vulners.com/cve/CVE-2010-1849
8428| CVE-2012-0490 4.0 https://vulners.com/cve/CVE-2012-0490
8429| CVE-2012-0484 4.0 https://vulners.com/cve/CVE-2012-0484
8430| CVE-2012-0102 4.0 https://vulners.com/cve/CVE-2012-0102
8431| CVE-2012-0101 4.0 https://vulners.com/cve/CVE-2012-0101
8432| CVE-2012-0087 4.0 https://vulners.com/cve/CVE-2012-0087
8433| CVE-2010-3838 4.0 https://vulners.com/cve/CVE-2010-3838
8434| CVE-2010-3837 4.0 https://vulners.com/cve/CVE-2010-3837
8435| CVE-2010-3836 4.0 https://vulners.com/cve/CVE-2010-3836
8436| CVE-2010-3834 4.0 https://vulners.com/cve/CVE-2010-3834
8437| CVE-2010-3682 4.0 https://vulners.com/cve/CVE-2010-3682
8438| CVE-2010-3677 4.0 https://vulners.com/cve/CVE-2010-3677
8439| CVE-2009-4019 4.0 https://vulners.com/cve/CVE-2009-4019
8440| CVE-2010-1626 3.6 https://vulners.com/cve/CVE-2010-1626
8441| CVE-2012-0114 3.0 https://vulners.com/cve/CVE-2012-0114
8442|_ CVE-2012-0075 1.7 https://vulners.com/cve/CVE-2012-0075
8443| vulscan: VulDB - https://vuldb.com:
8444| [5216] Oracle MySQL Server 5.0.x/5.1.x/5.5.x denial of service
8445| [5215] Oracle MySQL Server 5.0.x/5.1.x/5.5.x information disclosure
8446| [5213] Oracle MySQL Server 5.0.x/5.1.x/5.5.x unknown vulnerability
8447| [5212] Oracle MySQL Server 5.0.x/5.1.x denial of service
8448| [5211] Oracle MySQL Server 5.0.x/5.1.x denial of service
8449| [5210] Oracle MySQL Server 5.0.x/5.1.x denial of service
8450| [53483] MySQL up to 5.0.0.0 memory corruption
8451| [53482] MySQL up to 5.0.0.0 my_net_skip_rest denial of service
8452| [53481] MySQL up to 5.0.0.0 directory traversal
8453| [51369] mysql 5.0.51a CertDecoder::GetName memory corruption
8454| [50960] MySQL up to 5.0.0.0 Access Restriction Symlink privilege escalation
8455| [44358] MySQL up to 5.0.67 cross site scripting
8456| [44075] MySQL 5.0.51a Create Table Symlink privilege escalation
8457| [37818] MySQL Community Server up to 5.0.40 denial of service
8458| [37816] MySQL Community Server up to 5.0.40 Crash denial of service
8459| [36700] MySQL up to 5.0.39 item_cmpfunc.cc in_decimal::set denial of service
8460| [37817] MySQL Community Server up to 5.0.40 Create Table information disclosure
8461| [34223] MySQL 5.0.30/5.1.13 sql_select.cc denial of service
8462|
8463| MITRE CVE - https://cve.mitre.org:
8464| [CVE-2011-1906] Trustwave WebDefend Enterprise before 5.0 7.01.903-1.4 stores specific user-account credentials in a MySQL database, which makes it easier for remote attackers to read the event collection table via requests to the management port, a different vulnerability than CVE-2011-0756.
8465| [CVE-2005-2573] The mysql_create_function function in sql_udf.cc for MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta, when running on Windows, uses an incomplete blacklist in a directory traversal check, which allows attackers to include arbitrary files via the backslash (\) character.
8466| [CVE-2005-2558] Stack-based buffer overflow in the init_syms function in MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta allows remote authenticated users who can create user-defined functions to execute arbitrary code via a long function_name field.
8467| [CVE-2012-4452] MySQL 5.0.88, and possibly other versions and platforms, allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of a CVE-2009-4030 regression, which was not omitted in other packages and versions such as MySQL 5.0.95 in Red Hat Enterprise Linux 6.
8468| [CVE-2012-0490] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect availability via unknown vectors.
8469| [CVE-2012-0484] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect confidentiality via unknown vectors.
8470| [CVE-2012-0114] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows local users to affect confidentiality and integrity via unknown vectors.
8471| [CVE-2012-0102] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0087 and CVE-2012-0101.
8472| [CVE-2012-0101] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0087 and CVE-2012-0102.
8473| [CVE-2012-0087] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0101 and CVE-2012-0102.
8474| [CVE-2012-0075] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect integrity via unknown vectors.
8475| [CVE-2010-3838] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments, which is not properly handled when the function's result is "processed using an intermediate temporary table."
8476| [CVE-2010-3837] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier, probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.
8477| [CVE-2010-3836] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view preparation, pre-evaluation of LIKE predicates, and IN Optimizers.
8478| [CVE-2010-3834] Unspecified vulnerability in MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via vectors related to "materializing a derived table that required a temporary table for grouping" and "user variable assignments."
8479| [CVE-2010-3833] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not properly propagate type errors, which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST, related to KILL_BAD_DATA and a "CREATE TABLE ... SELECT."
8480| [CVE-2010-3682] Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using EXPLAIN with crafted "SELECT ... UNION ... ORDER BY (SELECT ... WHERE ...)" statements, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store function.
8481| [CVE-2010-3677] Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a join query that uses a table with a unique SET column.
8482| [CVE-2010-1850] Buffer overflow in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to execute arbitrary code via a COM_FIELD_LIST command with a long table name.
8483| [CVE-2010-1849] The my_net_skip_rest function in sql/net_serv.cc in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by sending a large number of packets that exceed the maximum length.
8484| [CVE-2010-1848] Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tables, via a .. (dot dot) in a table name.
8485| [CVE-2009-5026] The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50, when running in certain slave configurations in which the slave is running a newer version than the master, allows remote attackers to execute arbitrary SQL commands via custom comments.
8486| [CVE-2009-4484] Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9, as used in mysqld in MySQL 5.0.x before 5.0.90, MySQL 5.1.x before 5.1.43, MySQL 5.5.x through 5.5.0-m2, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field, as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.
8487| [CVE-2009-4028] The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used, accepts a value of zero for the depth of X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate, as demonstrated by a certificate presented by a server linked against the yaSSL library.
8488| [CVE-2009-4019] mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1) properly handle errors during execution of certain SELECT statements with subqueries, and does not (2) preserve certain null_value flags during execution of statements that use the GeomFromWKB function, which allows remote authenticated users to cause a denial of service (daemon crash) via a crafted statement.
8489| [CVE-2009-2446] Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. NOTE: some of these details are obtained from third party information.
8490| [CVE-2008-7247] sql/sql_table.cc in MySQL 5.0.x through 5.0.88, 5.1.x through 5.1.41, and 6.0 before 6.0.9-alpha, when the data home directory contains a symlink to a different filesystem, allows remote authenticated users to bypass intended access restrictions by calling CREATE TABLE with a (1) DATA DIRECTORY or (2) INDEX DIRECTORY argument referring to a subdirectory that requires following this symlink.
8491| [CVE-2008-4456] Cross-site scripting (XSS) vulnerability in the command-line client in MySQL 5.0.26 through 5.0.45, and other versions including versions later than 5.0.45, when the --html option is enabled, allows attackers to inject arbitrary web script or HTML by placing it in a database cell, which might be accessed by this client when composing an HTML document. NOTE: as of 20081031, the issue has not been fixed in MySQL 5.0.67.
8492| [CVE-2008-4098] MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL home data directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4097.
8493| [CVE-2008-4097] MySQL 5.0.51a allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are associated with symlinks within pathnames for subdirectories of the MySQL home data directory, which are followed when tables are created in the future. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-2079.
8494| [CVE-2008-3963] MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token, aka an empty bit-string literal, which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement.
8495| [CVE-2008-2079] MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future.
8496| [CVE-2007-6304] The federated engine in MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4, when performing a certain SHOW TABLE STATUS query, allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns.
8497| [CVE-2007-6303] MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered, which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement.
8498| [CVE-2007-5969] MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.
8499| [CVE-2007-3782] MySQL Community Server before 5.0.45 allows remote authenticated users to gain update privileges for a table in another database via a view that refers to this external table.
8500| [CVE-2007-3781] MySQL Community Server before 5.0.45 does not require privileges such as SELECT for the source table in a CREATE TABLE LIKE statement, which allows remote authenticated users to obtain sensitive information such as the table structure.
8501| [CVE-2007-3780] MySQL Community Server before 5.0.45 allows remote attackers to cause a denial of service (daemon crash) via a malformed password packet in the connection protocol.
8502| [CVE-2007-2692] The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines, which allows remote authenticated users to gain privileges.
8503| [CVE-2007-2691] MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables.
8504| [CVE-2007-2583] The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5.1 before 5.1.18-beta, allows context-dependent attackers to cause a denial of service (crash) via a crafted IF clause that results in a divide-by-zero error and a NULL pointer dereference.
8505| [CVE-2007-1420] MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performing information_schema table subselects and using ORDER BY to sort a single-row result, which prevents certain structure elements from being initialized and triggers a NULL dereference in the filesort function.
8506| [CVE-2006-7232] sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 allows remote authenticated users to cause a denial of service (crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table, as originally demonstrated using ORDER BY.
8507| [CVE-2006-4227] MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine's definer instead of the routine's caller, which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE.
8508| [CVE-2006-4226] MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions.
8509| [CVE-2006-4031] MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy.
8510| [CVE-2006-3486] ** DISPUTED ** Off-by-one buffer overflow in the Instance_options::complete_initialization function in instance_options.cc in the Instance Manager in MySQL before 5.0.23 and 5.1 before 5.1.12 might allow local users to cause a denial of service (application crash) via unspecified vectors, which triggers the overflow when the convert_dirname function is called. NOTE: the vendor has disputed this issue via e-mail to CVE, saying that it is only exploitable when the user has access to the configuration file or the Instance Manager daemon. Due to intended functionality, this level of access would already allow the user to disrupt program operation, so this does not cross security boundaries and is not a vulnerability.
8511| [CVE-2006-3469] Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April 2006 allows remote authenticated users to cause a denial of service (crash) via a format string instead of a date as the first parameter to the date_format function, which is later used in a formatted print call to display the error message.
8512| [CVE-2006-3081] mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5.1.6 allows remote authorized users to cause a denial of service (crash) via a NULL second argument to the str_to_date function.
8513| [CVE-2006-2753] SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysql_real_escape function is used to escape the input.
8514| [CVE-2006-1518] Buffer overflow in the open_table function in sql_base.cc in MySQL 5.0.x up to 5.0.20 might allow remote attackers to execute arbitrary code via crafted COM_TABLE_DUMP packets with invalid length values.
8515| [CVE-2006-1517] sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an error message.
8516| [CVE-2006-1516] The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read.
8517| [CVE-2006-0903] MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysql_real_query function. NOTE: this issue was originally reported for the mysql_query function, but the vendor states that since mysql_query expects a null character, this is not an issue for mysql_query.
8518| [CVE-2006-0369] ** DISPUTED ** MySQL 5.0.18 allows local users with access to a VIEW to obtain sensitive information via the "SELECT * FROM information_schema.views
8519| [CVE-2005-1636] mysql_install_db in MySQL 4.1.x before 4.1.12 and 5.x up to 5.0.4 creates the mysql_install_db.X file with a predictable filename and insecure permissions, which allows local users to execute arbitrary SQL commands by modifying the file's contents.
8520| [CVE-2005-0004] The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files.
8521| [CVE-2004-0835] MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow attackers to conduct unauthorized activities.
8522| [CVE-2004-0628] Stack-based buffer overflow in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long scramble string.
8523| [CVE-2004-0627] The check_scramble_323 function in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to bypass authentication via a zero-length scrambled string.
8524|
8525| SecurityFocus - https://www.securityfocus.com/bid/:
8526| [37640] MySQL 5.0.51a Unspecified Remote Code Execution Vulnerability
8527|
8528| IBM X-Force - https://exchange.xforce.ibmcloud.com:
8529| [85724] Oracle MySQL Server XA Transactions denial of service
8530| [85723] Oracle MySQL Server Server Replication denial of service
8531| [85722] Oracle MySQL Server InnoDB denial of service
8532| [85721] Oracle MySQL Server Server Privileges unspecified
8533| [85720] Oracle MySQL Server Server Partition denial of service
8534| [85719] Oracle MySQL Server Server Parser denial of service
8535| [85718] Oracle MySQL Server Server Options denial of service
8536| [85717] Oracle MySQL Server Server Options denial of service
8537| [85716] Oracle MySQL Server Server Optimizer denial of service
8538| [85715] Oracle MySQL Server Server Optimizer denial of service
8539| [85714] Oracle MySQL Server Prepared Statements denial of service
8540| [85713] Oracle MySQL Server InnoDB denial of service
8541| [85712] Oracle MySQL Server Full Text Search denial of service
8542| [85711] Oracle MySQL Server Data Manipulation Language denial of service
8543| [85710] Oracle MySQL Server Data Manipulation Language denial of service
8544| [85709] Oracle MySQL Server Audit Log unspecified
8545| [85708] Oracle MySQL Server MemCached unspecified
8546| [84846] Debian mysql-server package information disclosure
8547| [84375] Wireshark MySQL dissector denial of service
8548| [83554] Oracle MySQL Server Server Partition denial of service
8549| [83553] Oracle MySQL Server Server Locking denial of service
8550| [83552] Oracle MySQL Server Server Install unspecified
8551| [83551] Oracle MySQL Server Server Types denial of service
8552| [83550] Oracle MySQL Server Server Privileges unspecified
8553| [83549] Oracle MySQL Server InnoDB denial of service
8554| [83548] Oracle MySQL Server InnoDB denial of service
8555| [83547] Oracle MySQL Server Data Manipulation Language denial of service
8556| [83546] Oracle MySQL Server Stored Procedure denial of service
8557| [83545] Oracle MySQL Server Server Replication denial of service
8558| [83544] Oracle MySQL Server Server Partition denial of service
8559| [83543] Oracle MySQL Server Server Optimizer denial of service
8560| [83542] Oracle MySQL Server InnoDB denial of service
8561| [83541] Oracle MySQL Server Information Schema denial of service
8562| [83540] Oracle MySQL Server Data Manipulation Language denial of service
8563| [83539] Oracle MySQL Server Data Manipulation Language denial of service
8564| [83538] Oracle MySQL Server Server Optimizer unspecified
8565| [83537] Oracle MySQL Server MemCached denial of service
8566| [83536] Oracle MySQL Server Server Privileges unspecified
8567| [83535] Oracle MySQL Server Server Privileges unspecified
8568| [83534] Oracle MySQL Server Server unspecified
8569| [83533] Oracle MySQL Server Information Schema unspecified
8570| [83532] Oracle MySQL Server Server Locking unspecified
8571| [83531] Oracle MySQL Server Data Manipulation Language denial of service
8572| [83388] MySQL administrative login attempt detected
8573| [82963] Mambo MySQL database information disclosure
8574| [82946] Oracle MySQL buffer overflow
8575| [82945] Oracle MySQL buffer overflow
8576| [82895] Oracle MySQL and MariaDB geometry queries denial of service
8577| [81577] MySQL2JSON extension for TYPO3 unspecified SQL injection
8578| [81325] Oracle MySQL Server Server Privileges denial of service
8579| [81324] Oracle MySQL Server Server Partition denial of service
8580| [81323] Oracle MySQL Server Server Optimizer denial of service
8581| [81322] Oracle MySQL Server Server Optimizer denial of service
8582| [81321] Oracle MySQL Server Server denial of service
8583| [81320] Oracle MySQL Server MyISAM denial of service
8584| [81319] Oracle MySQL Server InnoDB denial of service
8585| [81318] Oracle MySQL Server InnoDB denial of service
8586| [81317] Oracle MySQL Server Server Locking denial of service
8587| [81316] Oracle MySQL Server Server denial of service
8588| [81315] Oracle MySQL Server Server Replication unspecified
8589| [81314] Oracle MySQL Server Server Replication unspecified
8590| [81313] Oracle MySQL Server Stored Procedure denial of service
8591| [81312] Oracle MySQL Server Server Optimizer denial of service
8592| [81311] Oracle MySQL Server Information Schema denial of service
8593| [81310] Oracle MySQL Server GIS Extension denial of service
8594| [80790] Oracle MySQL yaSSL buffer overflow
8595| [80553] Oracle MySQL and MariaDB salt security bypass
8596| [80443] Oracle MySQL Server unspecified code execution
8597| [80442] Oracle MySQL Server acl_get() buffer overflow
8598| [80440] Oracle MySQL Server table buffer overflow
8599| [80435] Oracle MySQL Server database privilege escalation
8600| [80434] Oracle MySQL Server COM_BINLOG_DUMP denial of service
8601| [80433] Oracle MySQL Server Stuxnet privilege escalation
8602| [80432] Oracle MySQL Server authentication information disclosure
8603| [79394] Oracle MySQL Server Server Installation information disclosure
8604| [79393] Oracle MySQL Server Server Replication denial of service
8605| [79392] Oracle MySQL Server Server Full Text Search denial of service
8606| [79391] Oracle MySQL Server Server denial of service
8607| [79390] Oracle MySQL Server Client information disclosure
8608| [79389] Oracle MySQL Server Server Optimizer denial of service
8609| [79388] Oracle MySQL Server Server Optimizer denial of service
8610| [79387] Oracle MySQL Server Server denial of service
8611| [79386] Oracle MySQL Server InnoDB Plugin denial of service
8612| [79385] Oracle MySQL Server InnoDB denial of service
8613| [79384] Oracle MySQL Server Client unspecified
8614| [79383] Oracle MySQL Server Server denial of service
8615| [79382] Oracle MySQL Server Protocol unspecified
8616| [79381] Oracle MySQL Server Information Schema unspecified
8617| [78954] SilverStripe MySQLDatabase.php information disclosure
8618| [78948] MySQL MyISAM table symlink
8619| [77865] MySQL unknown vuln
8620| [77864] MySQL sort order denial of service
8621| [77768] MySQLDumper refresh_dblist.php information disclosure
8622| [77177] MySQL Squid Access Report unspecified cross-site scripting
8623| [77065] Oracle MySQL Server Optimizer denial of service
8624| [77064] Oracle MySQL Server Optimizer denial of service
8625| [77063] Oracle MySQL Server denial of service
8626| [77062] Oracle MySQL InnoDB denial of service
8627| [77061] Oracle MySQL GIS Extension denial of service
8628| [77060] Oracle MySQL Server Optimizer denial of service
8629| [76189] MySQL unspecified error
8630| [76188] MySQL attempts security bypass
8631| [75287] MySQLDumper restore.php information disclosure
8632| [75286] MySQLDumper filemanagement.php directory traversal
8633| [75285] MySQLDumper main.php cross-site request forgery
8634| [75284] MySQLDumper install.php cross-site scripting
8635| [75283] MySQLDumper install.php file include
8636| [75282] MySQLDumper menu.php code execution
8637| [75022] Oracle MySQL Server Server Optimizer denial of service
8638| [75021] Oracle MySQL Server Server Optimizer denial of service
8639| [75020] Oracle MySQL Server Server DML denial of service
8640| [75019] Oracle MySQL Server Partition denial of service
8641| [75018] Oracle MySQL Server MyISAM denial of service
8642| [75017] Oracle MySQL Server Server Optimizer denial of service
8643| [74672] Oracle MySQL Server multiple unspecified
8644| [73092] MySQL unspecified code execution
8645| [72540] Oracle MySQL Server denial of service
8646| [72539] Oracle MySQL Server unspecified
8647| [72538] Oracle MySQL Server denial of service
8648| [72537] Oracle MySQL Server denial of service
8649| [72536] Oracle MySQL Server unspecified
8650| [72535] Oracle MySQL Server denial of service
8651| [72534] Oracle MySQL Server denial of service
8652| [72533] Oracle MySQL Server denial of service
8653| [72532] Oracle MySQL Server denial of service
8654| [72531] Oracle MySQL Server denial of service
8655| [72530] Oracle MySQL Server denial of service
8656| [72529] Oracle MySQL Server denial of service
8657| [72528] Oracle MySQL Server denial of service
8658| [72527] Oracle MySQL Server denial of service
8659| [72526] Oracle MySQL Server denial of service
8660| [72525] Oracle MySQL Server information disclosure
8661| [72524] Oracle MySQL Server denial of service
8662| [72523] Oracle MySQL Server denial of service
8663| [72522] Oracle MySQL Server denial of service
8664| [72521] Oracle MySQL Server denial of service
8665| [72520] Oracle MySQL Server denial of service
8666| [72519] Oracle MySQL Server denial of service
8667| [72518] Oracle MySQL Server unspecified
8668| [72517] Oracle MySQL Server unspecified
8669| [72516] Oracle MySQL Server unspecified
8670| [72515] Oracle MySQL Server denial of service
8671| [72514] Oracle MySQL Server unspecified
8672| [71965] MySQL port denial of service
8673| [70680] DBD::mysqlPP unspecified SQL injection
8674| [70370] TaskFreak! multi-mysql unspecified path disclosure
8675| [68799] mod_authnz_external module for Apache mysql-auth.pl SQL injection
8676| [68294] MySQLDriverCS statement.cs sql injection
8677| [68175] Prosody MySQL denial of service
8678| [67539] Zend Framework MySQL PDO security bypass
8679| [67254] DirectAdmin MySQL information disclosure
8680| [66567] Xoops mysql.sql information disclosure
8681| [65871] PyWebDAV MySQLAuthHandler class SQL injection
8682| [65543] MySQL Select Arbitrary data into a File
8683| [65529] MySQL Eventum full_name field cross-site scripting
8684| [65380] Oracle MySQL Eventum forgot_password.php cross-site scripting
8685| [65379] Oracle MySQL Eventum list.php cross-site scripting
8686| [65266] Accellion File Transfer Appliance MySQL default password
8687| [64878] MySQL Geometry denial of service
8688| [64877] MySQL EXPLAIN EXTENDED denial of service
8689| [64876] MySQL prepared statement denial of service
8690| [64845] MySQL extreme-value denial of service
8691| [64844] MySQL Gis_line_string::init_from_wkb denial of service
8692| [64843] MySQL user-variable denial of service
8693| [64842] MySQL view preparation denial of service
8694| [64841] MySQL prepared statement denial of service
8695| [64840] MySQL LONGBLOB denial of service
8696| [64839] MySQL invocations denial of service
8697| [64838] MySQL Gis_line_string::init_from_wkb denial of service
8698| [64689] MySQL dict0crea.c denial of service
8699| [64688] MySQL SET column denial of service
8700| [64687] MySQL BINLOG command denial of service
8701| [64686] MySQL InnoDB denial of service
8702| [64685] MySQL HANDLER interface denial of service
8703| [64684] MySQL Item_singlerow_subselect::store denial of service
8704| [64683] MySQL OK packet denial of service
8705| [63518] MySQL Query Browser GUI Tools information disclosure
8706| [63517] MySQL Administrator GUI Tools information disclosure
8707| [62272] MySQL PolyFromWKB() denial of service
8708| [62269] MySQL LIKE predicates denial of service
8709| [62268] MySQL joins denial of service
8710| [62267] MySQL GREATEST() or LEAST() denial of service
8711| [62266] MySQL GROUP_CONCAT() denial of service
8712| [62265] MySQL expression values denial of service
8713| [62264] MySQL temporary table denial of service
8714| [62263] MySQL LEAST() or GREATEST() denial of service
8715| [62262] MySQL replication privilege escalation
8716| [61739] MySQL WITH ROLLUP denial of service
8717| [61343] MySQL LOAD DATA INFILE denial of service
8718| [61342] MySQL EXPLAIN denial of service
8719| [61341] MySQL HANDLER denial of service
8720| [61340] MySQL BINLOG denial of service
8721| [61339] MySQL IN() or CASE denial of service
8722| [61338] MySQL SET denial of service
8723| [61337] MySQL DDL denial of service
8724| [61318] PHP mysqlnd_wireprotocol.c buffer overflow
8725| [61317] PHP php_mysqlnd_read_error_from_line buffer overflow
8726| [61316] PHP php_mysqlnd_auth_write buffer overflow
8727| [61274] MySQL TEMPORARY InnoDB denial of service
8728| [59905] MySQL ALTER DATABASE denial of service
8729| [59841] CMySQLite updateUser.php cross-site request forgery
8730| [59112] MySQL Enterprise Monitor unspecified cross-site request forgery
8731| [59075] PHP php_mysqlnd_auth_write() buffer overflow
8732| [59074] PHP php_mysqlnd_read_error_from_line() buffer overflow
8733| [59073] PHP php_mysqlnd_rset_header_read() buffer overflow
8734| [59072] PHP php_mysqlnd_ok_read() information disclosure
8735| [58842] MySQL DROP TABLE file deletion
8736| [58676] Template Shares MySQL information disclosure
8737| [58531] MySQL COM_FIELD_LIST buffer overflow
8738| [58530] MySQL packet denial of service
8739| [58529] MySQL COM_FIELD_LIST security bypass
8740| [58311] ClanSphere the captcha generator and MySQL driver SQL injection
8741| [57925] MySQL UNINSTALL PLUGIN security bypass
8742| [57006] Quicksilver Forums mysqldump information disclosure
8743| [56800] Employee Timeclock Software mysqldump information disclosure
8744| [56200] Flex MySQL Connector ActionScript SQL injection
8745| [55877] MySQL yaSSL buffer overflow
8746| [55622] kiddog_mysqldumper extension for TYPO3 information disclosure
8747| [55416] MySQL unspecified buffer overflow
8748| [55382] Ublog UblogMySQL.sql information disclosure
8749| [55251] PHP-MySQL-Quiz editquiz.php SQL injection
8750| [54597] MySQL sql_table.cc security bypass
8751| [54596] MySQL mysqld denial of service
8752| [54365] MySQL OpenSSL security bypass
8753| [54364] MySQL MyISAM table symlink
8754| [53950] The mysql-ocaml mysql_real_escape_string weak security
8755| [52978] Zmanda Recovery Manager for MySQL mysqlhotcopy privilege escalation
8756| [52977] Zmanda Recovery Manager for MySQL socket-server.pl command execution
8757| [52660] iScouter PHP Web Portal MySQL Password Retrieval
8758| [52220] aa33code mysql.inc information disclosure
8759| [52122] MySQL Connector/J unicode SQL injection
8760| [51614] MySQL dispatch_command() denial of service
8761| [51406] MySQL Connector/NET SSL spoofing
8762| [49202] MySQL UDF command execution
8763| [49050] MySQL XPath denial of service
8764| [48919] Cisco Application Networking Manager MySQL default account password
8765| [48163] libapache2-mod-auth-mysql module for Debian multibyte encoding SQL injection
8766| [47544] MySQL Calendar index.php SQL injection
8767| [47476] MySQL Calendar index.php nodstrumCalendarV2 security bypass
8768| [45649] MySQL MyISAM symlink security bypass
8769| [45648] MySQL MyISAM symlinks security bypass
8770| [45607] MySQL Quick Admin actions.php file include
8771| [45606] MySQL Quick Admin index.php file include
8772| [45590] MySQL command-line client cross-site scripting
8773| [45436] PromoteWeb MySQL go.php SQL injection
8774| [45042] MySQL empty bit-string literal denial of service
8775| [44662] mysql-lists unspecified cross-site scripting
8776| [42267] MySQL MyISAM security bypass
8777| [42211] GEDCOM_to_MySQL2 index.php, info.php and prenom.php cross-site scripting
8778| [42014] miniBB setup_mysql.php and setup_options.php SQL injection
8779| [40920] MySQL sql_select.cc denial of service
8780| [40734] MySQL Server BINLOG privilege escalation
8781| [40350] MySQL password information disclosure
8782| [39415] Debian GNU/Linux libdspam7-drv-mysql cron job password disclosure
8783| [39402] PHP LOCAL INFILE and MySQL extension security bypass
8784| [38999] aurora framework db_mysql.lib SQL injection
8785| [38990] MySQL federated engine denial of service
8786| [38989] MySQL DEFINER value privilege escalation
8787| [38988] MySQL DATA DIRECTORY and INDEX DIRECTORY privilege escalation
8788| [38964] MySQL RENAME TABLE symlink
8789| [38733] ManageEngine EventLog Analyzer MySQL default password
8790| [38284] MySQL ha_innodb.cc convert_search_mode_to_innobase() denial of service
8791| [38189] MySQL default root password
8792| [37235] Asterisk-Addons cdr_addon_mysql module SQL injection
8793| [37099] RHSA update for MySQL case sensistive database name privilege escalation not installed
8794| [36555] PHP MySQL extension multiple functions security bypass
8795| [35960] MySQL view privilege escalation
8796| [35959] MySQL CREATE TABLE LIKE information disclosure
8797| [35958] MySQL connection protocol denial of service
8798| [35291] MySQLDumper main.php security bypass
8799| [34811] MySQL udf_init and mysql_create_function command execution
8800| [34809] MySQL mysql_update privilege escalation
8801| [34349] MySQL ALTER information disclosure
8802| [34348] MySQL mysql_change_db privilege escalation
8803| [34347] MySQL RENAME TABLE weak security
8804| [34232] MySQL IF clause denial of service
8805| [33388] Advanced Website Creator (AWC) mysql_escape_string SQL injection
8806| [33285] Eve-Nuke mysql.php file include
8807| [32957] MySQL Commander dbopen.php file include
8808| [32933] cPanel load_language.php and mysqlconfig.php file include
8809| [32911] MySQL filesort function denial of service
8810| [32462] cPanel passwdmysql cross-site scripting
8811| [32288] RHSA-2006:0544 updates for mysql not installed
8812| [32266] MySQLNewsEngine affichearticles.php3 file include
8813| [31244] The Address Book MySQL export.php password information disclosure
8814| [31037] Php/Mysql Site Builder (PHPBuilder) htm2php.php directory traversal
8815| [30760] BTSaveMySql URL file disclosure
8816| [30191] StoryStream mysql.php and mysqli.php file include
8817| [30085] MySQL MS-DOS device name denial of service
8818| [30031] Agora MysqlfinderAdmin.php file include
8819| [29438] MySQLDumper mysqldumper_path/sql.php cross-site scripting
8820| [29179] paBugs class.mysql.php file include
8821| [29120] ZoomStats MySQL file include
8822| [28448] MySQL case sensitive database name privilege escalation
8823| [28442] MySQL GRANT EXECUTE privilege escalation
8824| [28387] FunkBoard admin/mysql_install.php and admin/pg_install.php unauthorized access
8825| [28202] MySQL multiupdate subselect query denial of service
8826| [28180] MySQL MERGE table security bypass
8827| [28176] PHP MySQL Banner Exchange lib.inc information disclosure
8828| [27995] Opsware Network Automation System MySQL plaintext password
8829| [27904] MySQL date_format() format string
8830| [27635] MySQL Instance Manager denial of service
8831| [27212] MySQL SELECT str_to_date denial of service
8832| [26875] MySQL ASCII escaping SQL injection
8833| [26420] Apple Mac OS X MySQL Manager blank password
8834| [26236] MySQL login packet information disclosure
8835| [26232] MySQL COM_TABLE_DUMP buffer overflow
8836| [26228] MySQL sql_parce.cc information disclosure
8837| [26042] MySQL running
8838| [25313] WoltLab Burning Board class_db_mysql.php cross-site scripting
8839| [24966] MySQL mysql_real_query logging bypass
8840| [24653] PAM-MySQL logging function denial of service
8841| [24652] PAM-MySQL authentication double free code execution
8842| [24567] PHP/MYSQL Timesheet index.php and changehrs.php SQL injection
8843| [24095] PHP ext/mysqli exception handling format string
8844| [23990] PHP mysql_connect() buffer overflow
8845| [23596] MySQL Auction search module could allow cross-site scripting
8846| [22642] RHSA-2005:334 updates for mysql not installed
8847| [21757] MySQL UDF library functions command execution
8848| [21756] MySQL LoadLibraryEx function denial of service
8849| [21738] MySQL UDF mysql_create_function function directory traversal
8850| [21737] MySQL user defined function buffer overflow
8851| [21640] MySQL Eventum multiple class SQL injection
8852| [21638] MySQL Eventum multiple scripts cross-site scripting
8853| [20984] xmysqladmin temporary file symlink
8854| [20656] MySQL mysql_install_db script symlink
8855| [20333] Plans MySQL password information disclosure
8856| [19659] MySQL CREATE TEMPORARY TABLE command creates insecure files
8857| [19658] MySQL udf_init function gain access
8858| [19576] auraCMS mysql_fetch_row function path disclosure
8859| [18922] MySQL mysqlaccess script symlink attack
8860| [18824] MySQL UDF root privileges
8861| [18464] mysql_auth unspecified vulnerability
8862| [18449] Sugar Sales plaintext MySQL password
8863| [17783] MySQL underscore allows elevated privileges
8864| [17768] MySQL MATCH ... AGAINST SQL statement denial of service
8865| [17667] MySQL UNION change denial of service
8866| [17666] MySQL ALTER TABLE RENAME bypass restriction
8867| [17493] MySQL libmysqlclient bulk inserts buffer overflow
8868| [17462] MySQLGuest AWSguest.php script cross-site scripting
8869| [17047] MySQL mysql_real_connect buffer overflow
8870| [17030] MySQL mysqlhotcopy insecure temporary file
8871| [16612] MySQL my_rnd buffer overflow
8872| [16604] MySQL check_scramble_323 function allows unauthorized access
8873| [15883] MySQL mysqld_multi script symlink attack
8874| [15617] MySQL mysqlbug script symlink attack
8875| [15417] Confixx db_mysql_loeschen2.php SQL injection
8876| [15280] Proofpoint Protection Server MySQL allows unauthorized access
8877| [13404] HP Servicecontrol Manager multiple vulnerabilities in MySQL could allow execution of code
8878| [13153] MySQL long password buffer overflow
8879| [12689] MySQL AB ODBC Driver stores ODBC passwords and usernames in plain text
8880| [12540] Teapop PostSQL and MySQL modules SQL injection
8881| [12337] MySQL mysql_real_connect function buffer overflow
8882| [11510] MySQL datadir/my.cnf modification could allow root privileges
8883| [11493] mysqlcc configuration and connection files are world writable
8884| [11340] SuckBot mod_mysql_logger denial of service
8885| [11199] MySQL mysql_change_user() double-free memory pointer denial of service
8886| [10850] MySQL libmysql client read_one_row buffer overflow
8887| [10849] MySQL libmysql client read_rows buffer overflow
8888| [10848] MySQL COM_CHANGE_USER password buffer overflow
8889| [10847] MySQL COM_CHANGE_USER command password authentication bypass
8890| [10846] MySQL COM_TABLE_DUMP unsigned integer denial of service
8891| [10483] Bugzilla stores passwords in plain text in the MySQL database
8892| [10455] gBook MySQL could allow administrative access
8893| [10243] MySQL my.ini "
8894| [9996] MySQL SHOW GRANTS command discloses adminstrator`s encrypted password
8895| [9909] MySQL logging disabled by default on Windows
8896| [9908] MySQL binding to the loopback adapter is disabled
8897| [9902] MySQL default root password could allow unauthorized access
8898| [8748] Cyrus SASL LDAP+MySQL patch allows user unauthorized POP access
8899| [8105] PHP MySQL client library allows an attacker to bypass safe_mode restrictions
8900| [7923] Conectiva Linux MySQL /var/log/mysql file has insecure permissions
8901| [7206] WinMySQLadmin stores MySQL password in plain text
8902| [6617] MySQL "
8903| [6419] MySQL drop database command buffer overflow
8904| [6418] MySQL libmysqlclient.so buffer overflow
8905| [5969] MySQL select buffer overflow
8906| [5447] pam_mysql authentication input
8907| [5409] MySQL authentication algorithm obtain password hash
8908| [5057] PCCS MySQL Database Admin Tool could reveal username and password
8909| [4228] MySQL unauthenticated remote access
8910| [3849] MySQL default test account could allow any user to connect to the database
8911| [1568] MySQL creates readable log files
8912|
8913| Exploit-DB - https://www.exploit-db.com:
8914| [30020] MySQL 5.0.x - IF Query Handling Remote Denial of Service Vulnerability
8915| [29724] MySQL 5.0.x Single Row SubSelect Remote Denial of Service Vulnerability
8916| [27326] MySQL 5.0.18 Query Logging Bypass Vulnerability
8917| [20044] Symantec Web Gateway 5.0.3.18 Blind SQLi Backdoor via MySQL Triggers
8918| [9085] MySQL <= 5.0.45 COM_CREATE_DB Format String PoC (auth)
8919| [4615] MySQL <= 5.0.45 (Alter) Denial of Service Vulnerability
8920| [1742] MySQL (<= 4.1.18, 5.0.20) Local/Remote Information Leakage Exploit
8921| [1741] MySQL <= 5.0.20 COM_TABLE_DUMP Memory Leak/Remote BoF Exploit
8922|
8923| OpenVAS (Nessus) - http://www.openvas.org:
8924| [53230] Debian Security Advisory DSA 540-1 (mysql)
8925|
8926| SecurityTracker - https://www.securitytracker.com:
8927| [1028790] MySQL Multiple Bugs Let Remote Users Deny Service and Partially Access and Modify Data
8928| [1028449] MySQL Multiple Bugs Let Remote Authenticated Users Deny Service and Partially Access and Modify Data
8929| [1028004] MySQL Multiple Bugs Let Remote Authenticated Users Take Full Control or Deny Service and Let Local Users Access and Modify Data
8930| [1027829] MySQL Bug in UpdateXML() Lets Remote Authenticated Users Deny Service
8931| [1027828] MySQL Heap Overflow May Let Remote Authenticated Users Execute Arbitrary Code
8932| [1027827] MySQL Stack Overflow May Let Remote Authenticated Users Execute Arbitrary Code
8933| [1027665] MySQL Multiple Bugs Let Remote Authenticated Users Access and Modify Data and Deny Service and Local Users Access Data
8934| [1027263] MySQL Multiple Bugs Let Remote Authenticated Users Deny Service
8935| [1027143] MySQL memcmp() Comparison Error Lets Remote Users Bypass Authentication
8936| [1026934] MySQL Multiple Bugs Let Remote Users Deny Service
8937| [1026896] MySQL Unspecified Flaws Have Unspecified Impact
8938| [1026659] MySQL Unspecified Flaw Lets Remote Users Execute Arbitrary Code
8939| [1026530] MySQL Multiple Bugs Let Local and Remote Users Partially Access and Modifiy Data and Partially Deny Service
8940| [1024508] MySQL Replication Flaw Lets Remote Authenticated Users Gain Elevated Privileges
8941| [1024507] MySQL Multiple Flaws Let Remote Authenticated Users Deny Service
8942| [1024360] MySQL Multiple Flaws Let Remote Authenticated Users Deny Service
8943| [1024160] MySQL ALTER DATABASE Processing Error Lets Remote Authenticated Users Deny Service
8944| [1024033] MySQL COM_FIELD_LIST Packet Buffer Overflow Lets Remote Authenticated Users Execute Arbitrary Code
8945| [1024032] MySQL Large Packet Processing Flaw in my_net_skip_rest() Lets Remote Users Deny Service
8946| [1024031] MySQL COM_FIELD_LIST Validation Flaw Lets Remote Authenticated Users Gain Elevated Privileges
8947| [1024004] MySQL mi_delete_table() Symlink Flaw Lets Remote Authenticated Users Delete Data and Index Files
8948| [1023402] MySQL Unspecified Flaw Lets Remote Users Execute Arbitrary Code
8949| [1023220] MySQL Client Fails to Check Server Certificates in Certain Cases
8950| [1022812] MySQL Unspecified Buffer Overflow Lets Remote Users Execute Arbitrary Code
8951| [1022533] MySQL Format String Bug in dispatch_command() Lets Remote Users Deny Service
8952| [1022482] MySQL Connector/Net is Missing SSL Certificate Validation
8953| [1021786] MySQL Bug in ExtractValue()/UpdateXML() in Processing XPath Expressions Lets Remote Authenticated Users Deny Service
8954| [1021714] (Red Hat Issues Fix) mod_auth_mysql Input Validation Flaw Lets Remote Users Inject SQL Commands
8955| [1020858] MySQL Item_bin_string::Item_bin_string() Binary Value Processing Bug Lets Remote Authenticated Users Deny Service
8956| [1019995] MySQL MyISAM Options Let Local Users Overwrite Table Files
8957| [1019085] MySQL Bugs Let Remote Authenticated Users Gain Elevated Privileges and Deny Service
8958| [1019084] MySQL DATA DIRECTORY and INDEX DIRECTORY Options May Let Remote Authenticated Users Gain Elevated Privileges
8959| [1019083] MySQL BINLOG Filename Path Bug May Let Remote Authenticated Users Gain Elevated Privileges
8960| [1019060] MySQL Rename Table Bug Lets Remote Authenticated Users Modify System Table Information
8961| [1018978] MySQL convert_search_mode_to_innobase() Bug Lets Remote Authenticated Users Deny Service
8962| [1018824] Asterisk-Addons Input Validation Flaw in cdr_addon_mysql Lets Remote Users Inject SQL Commands
8963| [1018663] MySQL Table View Access Bug Lets Remote Authenticated Users Gain Elevated Privileges
8964| [1018629] MySQL Authentication Protocol Bug Lets Remote Users Deny Service
8965| [1018071] MySQL ALTER TABLE Function Lets Remote Authenticated Users Obtain Potentially Sensitive Information
8966| [1018070] MySQL SQL SECURITY INVOKER Routines Let Remote Authenticated Users Gain Elevated Privileges
8967| [1018069] MySQL Lets Remote Authenticated Users Issue the RENAME TABLE Command
8968| [1017746] MySQL Single Row Subselect Statements Let Remote Users Deny Service
8969| [1016790] MySQL Replication Error Lets Local Users Deny Service
8970| [1016710] MySQL Case-Sensitive Database Names May Let Users Access Restricted Databases
8971| [1016709] MySQL Error in Checking suid Routine Arguments May Let Users Gain Elevated Privileges
8972| [1016617] MySQL MERGE Access Control Error May Let Users Access a Restricted Table
8973| [1016566] Opsware Network Automation System Discloses MySQL Password to Local Users
8974| [1016216] MySQL Error in Parsing Multibyte Encoded Data in mysql_real_escape() Lets Remote Users Inject SQL Commands
8975| [1016077] Apple MySQL Manager Database Initialization Bug May Let Local Users Access the Database
8976| [1016017] MySQL Anonymous Login Processing May Disclose Some Memory Contents to Remote Users
8977| [1016016] MySQL COM_TABLE_DUMP Processing Lets Remote Authenticated Users Execute Arbitrary Code or Obtain Information
8978| [1015789] Woltlab Burning Board Input Validation Hole in 'class_db_mysql.php' Permits Cross-Site Scripting Attacks
8979| [1015693] MySQL Query Bug Lets Remote Users Bypass Query Logging
8980| [1015603] PAM-MySQL pam_get_item() Double Free May Let Remote Users Execute Arbitrary Code
8981| [1015485] PHP mysqli Extension Error Mode Format String Flaw May Let Users Execute Arbitrary Code
8982| [1014603] MySQL Eventum Input Validation Hole in 'class.auth.php' Permits SQL Injection and Other Input Validation Bugs Permit Cross-Site Scripting Attacks
8983| [1014172] xMySQLadmin Lets Local Users Delete Files
8984| [1013995] MySQL 'mysql_install_db' Uses Unsafe Temporary Files and May Let Local Users Gain Elevated Privilege
8985| [1013994] MySQL Non-existent '--user' Error May Allow the Database to Run With Incorrect Privileges
8986| [1013415] MySQL CREATE FUNCTION Lets Authenticated Users Invoke libc Functions to Execute Arbitrary Code
8987| [1013414] MySQL udf_init() Path Validation Flaw Lets Authenticated Users Execute Arbitrary Libraries
8988| [1013413] MySQL CREATE TEMPORARY TABLE Uses Predictable Temporary Files That May Let Users Gain Elevated Privileges
8989| [1012914] MySQL 'mysqlaccess.sh' Unsafe Temporary Files May Let Local Users Gain Elevated Privileges
8990| [1012893] MySQL MaxDB Buffer Overflow in websql Password Parameter Lets Remote Users Execute Arbitrary Code
8991| [1012500] mysql_auth Memory Leak Has Unspecified Impact
8992| [1011741] MySQL Access Control Error in Databases With Underscore Wildcard Character May Grant Unauthorized Access
8993| [1011606] MySQL May Let Remote Authenticated Users Access Restricted Tables or Crash the System
8994| [1011408] MySQL libmysqlclient Buffer Overflow in Executing Prepared Statements Has Unspecified Impact
8995| [1011376] MySQLGuest Lack of Input Validation Lets Remote Users Conduct Cross-Site Scripting Attacks
8996| [1011008] MySQL Buffer Overflow in mysql_real_connect() May Let Remote Users Execute Arbitrary Code
8997| [1010979] MySQL 'mysqlhotcopy' Unsafe Temporary Files May Let Local Users Gain Elevated Privileges
8998| [1010645] MySQL check_scramble_323() Zero-Length Comparison Lets Remote Users Bypass Authentication
8999| [1009784] MySQL 'mysqld_multi' Temporary File Flaw Lets Local Users Overwrite Files
9000| [1009554] MySQL 'mysqlbug' Temporary File Flaw Lets Local Users Overwrite Files
9001| [1007979] MySQL mysql_change_user() Double Free Error Lets Remote Authenticated Users Crash mysqld
9002| [1007673] MySQL acl_init() Buffer Overflow Permits Remote Authenticated Administrators to Execute Arbitrary Code
9003| [1007518] DWebPro Discloses MySQL Database Password to Local Users
9004| [1007312] MySQL World-Writable Configuration File May Let Local Users Gain Root Privileges
9005| [1006976] MySQL Buffer Overflow in 'mysql_real_connect()' Client Function May Let Remote or Local Users Execute Arbitrary Code
9006| [1005800] MySQL Overflow and Authentication Bugs May Let Remote Users Execute Code or Access Database Accounts
9007| [1005345] MySQL Buffer Overflow Lets Local Users Gain System Privileges on Windows NT
9008| [1004506] vBulletin PHP-based Forum Software Has Unspecified Security Flaw in the 'db_mysql.php' Module
9009| [1004172] PHP-Survey Script Discloses Underlying MySQL Database Username and Password to Remote Users
9010| [1003955] 3rd Party Patch for Cyrus SASL ('auxprop for mysql and ldap') Lets Remote Users Access Protected POP Mail Accounts Without Authentication
9011| [1003290] Conectiva Linux MySQL Distribution May Allow Local Users to Obtain Sensitive Information
9012| [1002993] PurePostPro Script Add-on for PureFTPd and MySQL Allows Remote Users to Execute SQL Commands on the Server
9013| [1002485] WinMySQLadmin Database Administration Tool Discloses MySQL Password to Local Users
9014| [1002324] Vpopmail Mail Server Discloses Database Password to Local Users When Installed with MySQL
9015| [1001411] phpMyAdmin Administration Tool for MySQL Allows Remote Users to Execute Commands on the Server
9016| [1001118] MySQL Database Allows Authorized Users to Modify Server Files to Deny Service or Obtain Additional Access
9017|
9018| OSVDB - http://www.osvdb.org:
9019| [95337] Oracle MySQL Server XA Transactions Subcomponent Unspecified Remote DoS
9020| [95336] Oracle MySQL Server Replication Subcomponent Unspecified Remote DoS
9021| [95335] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
9022| [95334] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue
9023| [95333] Oracle MySQL Server Partition Subcomponent Unspecified Remote DoS
9024| [95332] Oracle MySQL Server Parser Subcomponent Unspecified Remote DoS
9025| [95331] Oracle MySQL Server Options Subcomponent Unspecified Remote DoS (2013-3801)
9026| [95330] Oracle MySQL Server Options Subcomponent Unspecified Remote DoS (2013-3808)
9027| [95329] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2013-3796)
9028| [95328] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2013-3804)
9029| [95327] Oracle MySQL Server Prepared Statements Subcomponent Unspecified Remote DoS
9030| [95326] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
9031| [95325] Oracle MySQL Server Full Text Search Subcomponent Unspecified Remote DoS
9032| [95324] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-3795)
9033| [95323] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-3793)
9034| [95322] Oracle MySQL Server Audit Log Subcomponent Unspecified Remote Issue
9035| [95321] Oracle MySQL Server MemCached Subcomponent Unspecified Remote Issue
9036| [95131] AutoMySQLBackup /usr/sbin/automysqlbackup Database Name Arbitrary Code Injection
9037| [94076] Debian Linux MySQL Server mysql-server-5.5.postinst Race Condition debian.cnf Plaintext Credential Local Disclosure
9038| [93505] Wireshark MySQL Dissector (packet-mysql.c) Malformed Packet Handling Infinite Loop Remote DoS
9039| [93174] MySQL Crafted Derived Table Handling DoS
9040| [92967] MySQL2JSON (mn_mysql2json) Extension for TYPO3 Unspecified SQL Injection
9041| [92950] MySQL Running START SLAVE Statement Process Listing Plaintext Local Password Disclosure
9042| [92485] Oracle MySQL Server Partition Subcomponent Unspecified Local DoS
9043| [92484] Oracle MySQL Server Locking Subcomponent Unspecified Remote DoS (2013-1506)
9044| [92483] Oracle MySQL Server Install Subcomponent Unspecified Local Issue
9045| [92482] Oracle MySQL Server Types Subcomponent Unspecified Remote DoS
9046| [92481] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue (2013-2381)
9047| [92480] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-1566)
9048| [92479] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-1511)
9049| [92478] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-1567)
9050| [92477] Oracle MySQL Server Stored Procedure Subcomponent Unspecified Remote DoS
9051| [92476] Oracle MySQL Server Replication Subcomponent Unspecified Remote DoS
9052| [92475] Oracle MySQL Server Partition Subcomponent Unspecified Remote DoS
9053| [92474] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS
9054| [92473] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-2389)
9055| [92472] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote DoS
9056| [92471] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-1512)
9057| [92470] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-1544)
9058| [92469] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote Issue
9059| [92468] Oracle MySQL Server MemCached Subcomponent Unspecified Remote DoS
9060| [92467] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue (2013-2375)
9061| [92466] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue (2013-1531)
9062| [92465] Oracle MySQL Server Server Subcomponent Unspecified Remote Issue
9063| [92464] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote Issue
9064| [92463] Oracle MySQL Server Locking Subcomponent Unspecified Remote Issue (2013-1521)
9065| [92462] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-2395)
9066| [91536] Oracle MySQL yaSSL Unspecified Overflow (2012-0553)
9067| [91534] Oracle MySQL yaSSL Unspecified Overflow (2013-1492)
9068| [91415] MySQL Raw Geometry Object String Conversion Remote DoS
9069| [91108] Juju mysql Charm Install Script mysql.passwd MySQL Password Plaintext Local Disclosure
9070| [89970] Site Go /site-go/admin/extra/mysql/index.php idm Parameter Traversal Arbitrary File Access
9071| [89265] Oracle MySQL Server Server Privileges Subcomponent Unspecified Remote DoS
9072| [89264] Oracle MySQL Server Server Partition Subcomponent Unspecified Remote DoS
9073| [89263] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-0578)
9074| [89262] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-1705)
9075| [89261] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-0574)
9076| [89260] Oracle MySQL Server MyISAM Subcomponent Unspecified Remote DoS
9077| [89259] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2012-0572)
9078| [89258] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-0368)
9079| [89257] Oracle MySQL Server Server Locking Subcomponent Unspecified Remote DoS
9080| [89256] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-1702)
9081| [89255] Oracle MySQL Server Server Replication Subcomponent Unspecified Remote Issue
9082| [89254] Oracle MySQL Server Server Replication Subcomponent Unspecified Local Issue
9083| [89253] Oracle MySQL Server Stored Procedure Subcomponent Unspecified Remote DoS
9084| [89252] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS
9085| [89251] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote DoS
9086| [89250] Oracle MySQL Server GIS Extension Subcomponent Unspecified Remote DoS
9087| [89042] ViciBox Server MySQL cron Service Default Credentials
9088| [88415] Oracle MySQL Server COM_CHANGE_USER Account Password Brute-Force Weakness
9089| [88118] Oracle MySQL Server FILE Privilege Database Privilege Escalation
9090| [88067] Oracle MySQL Server Authentication Error Message User Enumeration
9091| [88066] Oracle MySQL Server for Linux Access Rights Checking Routine Database Name Handling Stack Buffer Overflow
9092| [88065] Oracle MySQL Server COM_BINLOG_DUMP Invalid Data Handling DoS
9093| [88064] Oracle MySQL Server Multiple-Table DELETE Heap Buffer Overflow
9094| [87704] CodeIgniter MySQL / MySQLi Driver Database Client Multi-byte Character Set Unspecified SQL Injection
9095| [87507] Oracle MySQL Statement Logging Multiple Log Plaintext Local Password Disclosure
9096| [87501] Oracle MySQL optimizer_switch Malformed Value Processing Local DoS
9097| [87494] Oracle MySQL on Windows Field_new_decimal::store_value dbug_buff Variable Overflow DoS
9098| [87480] MySQL Malformed XML Comment Handling DoS
9099| [87466] MySQL SSL Certificate Revocation Weakness
9100| [87356] Oracle MySQL do_div_mod DIV Expression Handling Remote DoS
9101| [87355] Oracle MySQL handler::pushed_cond Table Cache Handling mysqld DoS
9102| [87354] Oracle MySQL Polygon Union / Intersection Spatial Operations DoS
9103| [86273] Oracle MySQL Server Server Installation Subcomponent Unspecified Local Information Disclosure
9104| [86272] Oracle MySQL Server Server Replication Subcomponent Unspecified Remote DoS
9105| [86271] Oracle MySQL Server Server Full Text Search Subcomponent Unspecified Remote DoS
9106| [86270] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-3156)
9107| [86269] Oracle MySQL Server MySQL Client Subcomponent Unspecified Remote Information Disclosure
9108| [86268] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-3180)
9109| [86267] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-3150)
9110| [86266] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-3144)
9111| [86265] Oracle MySQL Server InnoDB Plugin Subcomponent Unspecified Remote DoS
9112| [86264] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
9113| [86263] Oracle MySQL Server MySQL Client Subcomponent Unspecified Remote Issue
9114| [86262] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-3177)
9115| [86261] Oracle MySQL Server Protocol Subcomponent Unspecified Remote Issue
9116| [86260] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote Code Execution
9117| [86175] Oracle MySQL on Windows Path Subversion Arbitrary DLL Injection Code Execution
9118| [85155] Icinga module/idoutils/db/scripts/create_mysqldb.sh Icinga User Database Access Restriction Bypass
9119| [84755] Oracle MySQL Sort Order Index Calculation Remote DoS
9120| [84719] MySQLDumper index.php page Parameter XSS
9121| [84680] MySQL Squid Access Report access.log File Path XSS
9122| [83980] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2012-1689)
9123| [83979] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2012-1734)
9124| [83978] Oracle MySQL Server Subcomponent Unspecified Remote DoS
9125| [83977] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
9126| [83976] Oracle MySQL Server GIS Extension Subcomponent Unspecified Remote DoS
9127| [83975] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2012-1735)
9128| [83661] Oracle MySQL Unspecified Issue (59533)
9129| [82804] Oracle MySQL Authentication Protocol Token Comparison Casting Failure Password Bypass
9130| [82803] Oracle MySQL Unspecified Issue (59387)
9131| [82120] Oracle MySQL Version Specific Comment Handling Arbitrary SQL Command Execution
9132| [81897] Viscacha classes/database/mysql.inc.php Multiple Parameter SQL Injection
9133| [81616] MySQLDumper Multiple Script Direct Request Information Disclosure
9134| [81615] MySQLDumper filemanagement.php f Parameter Traversal Arbitrary File Access
9135| [81614] MySQLDumper File Upload PHP Code Execution
9136| [81613] MySQLDumper main.php Multiple Function CSRF
9137| [81612] MySQLDumper restore.php filename Parameter XSS
9138| [81611] MySQLDumper sql.php Multiple Parameter XSS
9139| [81610] MySQLDumper install.php Multiple Parameter XSS
9140| [81609] MySQLDumper install.php language Parameter Traversal Arbitrary File Access
9141| [81378] Oracle MySQL Server Server Optimizer Component Unspecified Remote DoS (2012-1690)
9142| [81377] Oracle MySQL Server Server Optimizer Component Unspecified Remote DoS (2012-1696)
9143| [81376] Oracle MySQL Server Server DML Component Unspecified Remote DoS
9144| [81375] Oracle MySQL Server Partition Component Unspecified Remote DoS
9145| [81374] Oracle MySQL Server MyISAM Component Unspecified Remote DoS
9146| [81373] Oracle MySQL Server Server Optimizer Component Unspecified Remote DoS (2012-1703)
9147| [81059] Oracle MySQL Server Multiple Unspecified Issues
9148| [79038] Webmin Process Listing MySQL Password Local Disclosure
9149| [78919] Oracle MySQL Unspecified Pre-authentication Remote Code Execution
9150| [78710] WordPress wp-admin/setup-config.php MySQL Query Saturation Brute-Force Proxy Weakness
9151| [78708] WordPress wp-admin/setup-config.php MySQL Database Verification Code Injection Weakness
9152| [78707] WordPress wp-admin/setup-config.php MySQL Credentials Error Message Brute-Force Weakness
9153| [78394] Oracle MySQL Server Unspecified Remote DoS (2012-0493)
9154| [78393] Oracle MySQL Server Unspecified Remote DoS (2012-0492)
9155| [78392] Oracle MySQL Server Unspecified Remote DoS (2012-0117)
9156| [78391] Oracle MySQL Server Unspecified Remote DoS (2012-0112)
9157| [78390] Oracle MySQL Server Unspecified Remote DoS (2012-0495)
9158| [78389] Oracle MySQL Server Unspecified Remote DoS (2012-0491)
9159| [78388] Oracle MySQL Server Unspecified Remote DoS (2012-0490)
9160| [78387] Oracle MySQL Server Unspecified Remote DoS (2012-0489)
9161| [78386] Oracle MySQL Server Unspecified Remote DoS (2012-0488)
9162| [78385] Oracle MySQL Server Unspecified Remote DoS (2012-0487)
9163| [78384] Oracle MySQL Server Unspecified Remote DoS (2012-0486)
9164| [78383] Oracle MySQL Server Unspecified Remote DoS (2012-0485)
9165| [78382] Oracle MySQL Server Unspecified Remote DoS (2012-0120)
9166| [78381] Oracle MySQL Server Unspecified Remote DoS (2012-0119)
9167| [78380] Oracle MySQL Server Unspecified Remote DoS (2012-0115)
9168| [78379] Oracle MySQL Server Unspecified Remote DoS (2012-0102)
9169| [78378] Oracle MySQL Server Unspecified Remote DoS (2012-0101)
9170| [78377] Oracle MySQL Server Unspecified Remote DoS (2012-0087)
9171| [78376] Oracle MySQL Server Unspecified Remote DoS (2011-2262)
9172| [78375] Oracle MySQL Server Unspecified Local DoS
9173| [78374] Oracle MySQL Server Unspecified Remote Issue (2012-0075)
9174| [78373] Oracle MySQL Server Unspecified Local Issue
9175| [78372] Oracle MySQL Server Unspecified Remote Information Disclosure
9176| [78371] Oracle MySQL Server Unspecified Remote Issue (2012-0496)
9177| [78370] Oracle MySQL Server Unspecified Remote Issue (2012-0118)
9178| [78369] Oracle MySQL Server Unspecified Remote Issue (2012-0116)
9179| [78368] Oracle MySQL Server Unspecified Remote Issue (2012-0113)
9180| [78283] Oracle MySQL NULL Pointer Dereference Packet Parsing Remote DoS
9181| [77042] e107 CMS install_.php MySQL Server Name Parsing Remote PHP Code Execution
9182| [77040] DBD::mysqlPP Unspecified SQL Injection
9183| [75888] TaskFreak! multi-mysql Multiple Script Direct Request Path Disclosure
9184| [74120] Apache HTTP Server mod_authnz_external mysql/mysql-auth.pl user Field SQL Injection
9185| [73555] Prosody MySQL Value Column Invalid Data Type Handling DoS
9186| [73387] Zend Framework PDO_MySql Character Set Security Bypass
9187| [72836] Arctic Fox CMS Multiple Script Direct Request MySQL Settings Disclosure
9188| [72660] MySQL GUI Tools Administrator / Query Browser Command Line Credentials Local Disclosure
9189| [72120] DirectAdmin mysql_backups Folder MySQL Database Backup Local Disclosure
9190| [71368] Accellion File Transfer Appliance Weak MySQL root Password
9191| [70967] MySQL Eventum Admin User Creation CSRF
9192| [70966] MySQL Eventum preferences.php full_name Parameter XSS
9193| [70961] MySQL Eventum list.php Multiple Parameter XSS
9194| [70960] MySQL Eventum forgot_password.php URI XSS
9195| [70947] PyWebDAV DAVServer/mysqlauth.py get_userinfo() Multiple Parameter SQL Injection
9196| [70610] PHP MySQLi Extension set_magic_quotes_runtime Function mysqli_fetch_assoc Function Interaction Weakness
9197| [69885] SilverStripe modules/sapphire/trunk/core/model/MySQLDatabase.php showqueries Parameter SQL Command Disclosure
9198| [69395] MySQL Derived Table Grouping DoS
9199| [69394] MySQL Temporary Table Expression Re-Evaluation DoS
9200| [69393] MySQL GROUP_CONCAT() WITH ROLLUP Modifier DoS
9201| [69392] MySQL Extreme-Value Functions Mixed Arguments DoS
9202| [69391] MySQL Stored Procedures / Prepared Statements Nested Joins DoS
9203| [69390] MySQL Extreme-Value Functions Argument Parsing Type Error DoS
9204| [69389] MySQL CONVERT_TZ() Function Empty SET Column DoS
9205| [69388] MySQL InnoDB Storage Engine Table Handling Overflow
9206| [69387] MySQL LIKE Predicates Pre-Evaluation DoS
9207| [69001] MySQL PolyFromWKB() Function WKB Data Remote DoS
9208| [69000] MySQL HANDLER Interface Unspecified READ Request DoS
9209| [68997] MySQL Prepared-Statement Mode EXPLAIN DoS
9210| [68996] MySQL EXPLAIN EXTENDED Statement DoS
9211| [68995] MySQL GeometryCollection non-Geometry Value Assignment DoS
9212| [67488] phpMyAdmin libraries/dbi/mysqli.dbi.lib.php Unspecified Parameter XSS
9213| [67487] phpMyAdmin libraries/dbi/mysql.dbi.lib.php Unspecified Parameter XSS
9214| [67421] PHP Mysqlnd Extension mysqlnd_wireprotocol.c php_mysqlnd_rset_header_read Function Overflow
9215| [67420] PHP Mysqlnd Extension mysqlnd_wireprotocol.c php_mysqlnd_ok_read Function Arbitrary Memory Content Disclosure
9216| [67419] PHP Mysqlnd Extension php_mysqlnd_read_error_from_line Function Negative Buffer Length Value Overflow
9217| [67418] PHP Mysqlnd Extension php_mysqlnd_auth_write Function Multiple Overflows
9218| [67384] MySQL LOAD DATA INFILE Statement Incorrect OK Packet DoS
9219| [67383] MySQL EXPLAIN Statement Item_singlerow_subselect::store Function NULL Dereference DoS
9220| [67381] MySQL InnoDB Temporary Table Handling DoS
9221| [67380] MySQL BINLOG Statement Unspecified Argument DoS
9222| [67379] MySQL Multiple Operation NULL Argument Handling DoS
9223| [67378] MySQL Unique SET Column Join Statement Remote DoS
9224| [67377] MySQL DDL Statement Multiple Configuration Parameter DoS
9225| [66800] PHP Multiple mysqlnd_* Function Unspecified Overflow
9226| [66799] PHP mysqlnd Error Packet Handling Multiple Overflows
9227| [66731] PHP Bundled MySQL Library Unspecified Issue
9228| [66665] PHP MySQL LOAD DATA LOCAL open_basedir Bypass
9229| [65851] MySQL ALTER DATABASE #mysql50# Prefix Handling DoS
9230| [65450] phpGraphy mysql_cleanup.php include_path Parameter Remote File Inclusion
9231| [65085] MySQL Enterprise Monitor Unspecified CSRF
9232| [64843] MySQL DROP TABLE Command Symlink MyISAM Table Local Data Deletion
9233| [64588] MySQL sql/net_serv.cc my_net_skip_rest Function Large Packet Handling Remote DoS
9234| [64587] MySQL COM_FIELD_LIST Command Packet Table Name Argument Overflow
9235| [64586] MySQL COM_FIELD_LIST Command Packet Authentication Bypass
9236| [64524] Advanced Poll misc/get_admin.php mysql_host Parameter XSS
9237| [64447] Tirzen Framework (TZN) tzn_mysql.php Username Parameter SQL Injection Authentication Bypass
9238| [64320] ClanSphere MySQL Driver s_email Parameter SQL Injection
9239| [63903] MySQL sql/sql_plugin.cc mysql_uninstall_plugin Function UNINSTALL PLUGIN Command Privilege Check Weakness
9240| [63115] Quicksilver Forums mysqldump Process List Database Password Disclosure
9241| [62830] Employee Timeclock Software mysqldump Command-line Database Password Disclosure
9242| [62640] PHP mysqli_real_escape_string() Function Error Message Path Disclosure
9243| [62216] Flex MySQL Connector ActionScript SQL Query Arbitrary Code Execution
9244| [61752] kiddog_mysqldumper Extension for TYPO3 Unspecified Information Disclosure
9245| [61497] microTopic admin/mysql.php rating Parameter SQL Injection
9246| [60665] MySQL CREATE TABLE MyISAM Table mysql_unpacked_real_data_home Local Restriction Bypass
9247| [60664] MySQL sql/sql_table.cc Data Home Directory Symlink CREATE TABLE Access Restriction Bypass
9248| [60516] RADIO istek scripti estafresgaftesantusyan.inc Direct Request MySQL Database Credentials Disclosure
9249| [60489] MySQL GeomFromWKB() Function First Argument Geometry Value Handling DoS
9250| [60488] MySQL SELECT Statement WHERE Clause Sub-query DoS
9251| [60487] MySQL vio_verify_callback() Function Crafted Certificate MiTM Weakness
9252| [60356] MySql Client Library (libmysqlclient) mysql_real_connect Function Local Overflow
9253| [59907] MySQL on Windows bind-address Remote Connection Weakness
9254| [59906] MySQL on Windows Default Configuration Logging Weakness
9255| [59616] MySQL Hashed Password Weakness
9256| [59609] Suckbot mod_mysql_logger Shared Object Unspecified Remote DoS
9257| [59495] Cyrus SASL LDAP / MySQL Authentication Patch password Field SQL Injection Authentication Bypass
9258| [59062] phpMyAdmin Extension for TYPO3 MySQL Table Name Unspecified XSS
9259| [59045] phpMyAdmin Crafted MYSQL Table Name XSS
9260| [59030] mysql-ocaml for MySQL mysql_real_escape_string() Function Character Escaping Weakness
9261| [57587] Zmanda Recovery Manager for MySQL socket-server.pl system() Function Local Privilege Escalation
9262| [57586] Zmanda Recovery Manager for MySQL socket-server.pl system() Function Remote Shell Command Execution
9263| [56741] MySQL Connector/J Unicode w/ SJIS/Windows-31J Charset SQL Injection
9264| [56134] Virtualmin MySQL Module Execute SQL Feature Arbitrary File Access
9265| [55734] MySQL sql_parse.cc dispatch_command() Function Format String DoS
9266| [55566] MySQL Connector/NET SSL Certificate Verification Weakness
9267| [53525] MyBlog /config/mysqlconnection.inc Direct Request Information Disclosure
9268| [53524] blog+ includes/window_top.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
9269| [53523] blog+ includes/block_center_down.php row_mysql_blocks_center_down[file] Parameter Traversal Local File Inclusion
9270| [53522] blog+ includes/block_center_top.php row_mysql_blocks_center_top[file] Parameter Traversal Local File Inclusion
9271| [53521] blog+ includes/block_left.php row_mysql_blocks_left[file] Parameter Traversal Local File Inclusion
9272| [53520] blog+ includes/block_right.php row_mysql_blocks_right[file] Parameter Traversal Local File Inclusion
9273| [53519] blog+ includes/window_down.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
9274| [53366] GEDCOM_TO_MYSQL php/info.php Multiple Parameter XSS
9275| [53365] GEDCOM_TO_MYSQL php/index.php nom_branche Parameter XSS
9276| [53364] GEDCOM_TO_MYSQL php/prenom.php Multiple Parameter XSS
9277| [53360] Blogplus includes/window_top.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
9278| [53359] Blogplus includes/window_down.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
9279| [53358] Blogplus includes/block_right.php row_mysql_blocks_right[file] Parameter Traversal Local File Inclusion
9280| [53357] Blogplus includes/block_left.php row_mysql_blocks_left[file] Parameter Traversal Local File Inclusion
9281| [53356] Blogplus block_center_top.php row_mysql_blocks_center_top[file] Parameter Traversal Local File Inclusion
9282| [53355] Blogplus includes/block_center_down.php row_mysql_blocks_center_down[file] Parameter Traversal Local File Inclusion
9283| [53110] XOOPS Cube Legacy ErrorHandler::show() Function MySQL Error Message XSS
9284| [52729] Asterisk-addon cdr_addon_mysql.c Call Detail Record SQL Injection
9285| [52728] Tribox cdr_addon_mysql.c Call Detail Record XSS
9286| [52727] FreePBX cdr_addon_mysql.c Call Detail Record XSS
9287| [52726] Areski cdr_addon_mysql.c Call Detail Record XSS
9288| [52464] MySQL charset Column Truncation Weakness
9289| [52453] MySQL sql/item_xmlfunc.cc ExtractValue() / UpdateXML() Functions Scalar XPath DoS
9290| [52378] Cisco ANM MySQL root Account Default Password
9291| [52264] Broadcast Machine MySQLController.php controllers/baseDir Parameter Remote File Inclusion
9292| [51923] Apache HTTP Server mod-auth-mysql Module mod_auth_mysql.c Multibyte Character Encoding SQL Injection
9293| [51171] MySQL InnoDB convert_search_mode_to_innobase Function DoS
9294| [50892] MySQL Calendar index.php username Parameter SQL Injection
9295| [50827] Nodstrum MySQL Calendar nodstrumCalendarV2 Cookie Manipulation Admin Authentication Bypass
9296| [49875] PromoteWeb MySQL go.php id Parameter SQL Injection
9297| [48710] MySQL Command Line Client HTML Output XSS
9298| [48709] MySQL Quick Admin actions.php lang Parameter Traversal Local File Inclusion
9299| [48708] MySQL Quick Admin index.php language Cookie Traversal Local File Inclusion
9300| [48021] MySQL Empty Bit-String Literal Token SQL Statement DoS
9301| [47789] mysql-lists Unspecified XSS
9302| [47394] Keld PHP-MySQL News Script login.php username Parameter SQL Injection
9303| [45073] MySQLDumper Extension for TYPO3 Unspecified Authentication Bypass
9304| [44937] MySQL MyISAM Table CREATE TABLE Privilege Check Bypass
9305| [44138] Debian GNU/Linux libdspam7-drv-mysql Cron MySQL dspam Database Password Local Disclosure
9306| [44071] Phorum /include/db/mysql.php Unspecified Search SQL Injection
9307| [43180] MySQL sql_select.cc INFORMATION_SCHEMA Table Crafted Query Remote DoS
9308| [43179] MySQL Server BINLOG Statement Rights Checking Failure
9309| [42610] MySQL DEFINER View Value Crafted Statements Remote Privilege Escalation
9310| [42609] MySQL Federated Engine SHOW TABLE STATUS Query Remote DoS
9311| [42608] MySQL RENAME TABLE Symlink System Table Overwrite
9312| [42607] MySQL Multiple table-level DIRECTORY Remote Privilege Escalation
9313| [42460] MySQLDumper HTTP POST Request Remote Authentication Bypass
9314| [42423] AdventNet EventLog Analyzer MySQL Installation Default root Account
9315| [41861] Bacula make_catalog_backup Function MySQL Director Password Cleartext Disclosure
9316| [40232] PHP MySQL Banner Exchange inc/lib.inc Direct Request Database Disclosure
9317| [40188] Password Manager Pro (PMP) mysql Unspecified Remote Command Injection
9318| [39279] PHP mysql_error() Function XSS
9319| [39145] aurora framework db_mysql.lib pack_var() value Parameter SQL Injection
9320| [38567] NetClassifieds Mysql_db.php Halt_On_Error Setting Error Message Path Disclosure
9321| [38112] Excel Parser Pro sample/xls2mysql parser_path Parameter Remote File Inclusion
9322| [37880] Asterisk-Addons source/destination Numbers cdr_addon_mysql Module SQL Injection
9323| [37784] PHP MySQL Extension Multiple Function Security Restriction Bypass
9324| [37783] MySQL Community Server CREATE TABLE LIKE Table Structure Disclosure
9325| [37782] MySQL Community Server External Table View Privilege Escalation
9326| [37781] MySQL ALTER TABLE Information Disclosure
9327| [37539] GPL PHP Board db.mysql.inc.php root_path Parameter Remote File Inclusion
9328| [37195] Eve-Nuke Module for PHP-Nuke db/mysql.php phpbb_root_path
9329| [37015] paBugs class.mysql.php path_to_bt_dir Parameter Remote File Inclusion
9330| [36868] PHP MySQLi Extension LOCAL INFILE Operation Security Restriction Bypass
9331| [36867] PHP MySQL Extension LOCAL INFILE Operation Security Restriction Bypass
9332| [36771] InterWorx-CP SiteWorx mysql.php PATH_INFO Parameter XSS
9333| [36757] InterWorx-CP NodeWorx mysql.php PATH_INFO Parameter XSS
9334| [36732] MySQL Community Server Connection Protocol Malformed Password Packet Remote DoS
9335| [36251] Associated Press (AP) Newspower Default MySQL root Password
9336| [35168] Study Planner (Studiewijzer) db/mysql/db.inc.php SPL_CFG[dirroot] Parameter Remote File Inclusion
9337| [35037] Fantastico for cPanel includes/mysqlconfig.php fantasticopath Parameter Traversal Local File Inclusion
9338| [34780] Backup Manager Command Line Cleartext MySQL Password Disclosure
9339| [34766] MySQL RENAME TABLE Statement Arbitrary Table Name Modification
9340| [34765] MySQL mysql_change_db Function THD::db_access Privilege Escalation
9341| [34734] MySQL Crafted IF Clause Divide-by-zero NULL Dereference DoS
9342| [34038] MySQL Commander ressourcen/dbopen.php home Parameter Remote File Inclusion
9343| [33974] MySQL information_schema Table Subselect Single-Row DoS
9344| [33678] MySQLNewsEngine affichearticles.php3 newsenginedir Parameter Remote File Inclusion
9345| [33447] WGS-PPC (PPC Search Engine) config/mysql_config.php INC Parameter Remote File Inclusion
9346| [33372] deV!L'z Clanportal inc/filebrowser/browser.php MySQL Data Disclosure
9347| [33147] ActiveCalendar data/mysqlevents.php css Parameter XSS
9348| [32784] Storystream mysqli.php baseDir Parameter Remote File Inclusion
9349| [32783] Storystream mysql.php baseDir Parameter Remote File Inclusion
9350| [32421] Contenido CMS conlib/db_mysqli.inc Direct Request Path Disclosure
9351| [32272] JevonCMS /phplib/db_mysql.inc Direct Request Path Disclosure
9352| [32171] Blue Magic Board db_mysql_error.php Direct Request Path Disclosure
9353| [32056] BTSaveMySql Direct Request Config File Disclosure
9354| [32044] cPanel WebHost Manager (WHM) scripts/passwdmysql password Parameter XSS
9355| [32024] TikiWiki tiki-wiki_rss.php ver MySQL Credential Disclosure
9356| [31963] Agora MysqlfinderAdmin.php _SESSION[PATH_COMPOSANT] Parameter Remote File Inclusion
9357| [31431] ZoomStats libs/dbmax/mysql.php GLOBALS[lib][db][path] Parameter Remote File Inclusion
9358| [30172] TikiWiki Multiple Script Empty sort_mode Parameter MySQL Authentication Credential Disclosure
9359| [29696] MySQLDumper sql.php db Parameter XSS
9360| [29453] ConPresso CMS db_mysql.inc.php msg Parameter XSS
9361| [29122] cPanel mysqladmin/hooksadmin Unspecified Privilege Escalation
9362| [28296] MySQL Crafted multiupdate / subselects Query Local DoS
9363| [28288] MySQL Instance_options::complete_initialization Function Overflow
9364| [28030] Tutti Nova class.novaRead.mysql.php TNLIB_DIR Parameter Remote File Inclusion
9365| [28029] Tutti Nova class.novaAdmin.mysql.php TNLIB_DIR Parameter Remote File Inclusion
9366| [28028] Tutti Nova class.novaEdit.mysql.php TNLIB_DIR Parameter Remote File Inclusion
9367| [28013] MySQL SUID Routine Miscalculation Arbitrary DML Statement Execution
9368| [28012] MySQL Case Sensitivity Unauthorized Database Creation
9369| [27919] MySQL VIEW Access information_schema.views Information Disclosure
9370| [27703] MySQL MERGE Table Privilege Persistence
9371| [27593] Drupal database.mysqli.inc Multiple Parameter SQL Injection
9372| [27549] Opsware NAS /etc/init.d/mysqll MySQL root Cleartext Password Local Disclosure
9373| [27416] MySQL Server time.cc date_format Function Format String
9374| [27054] MySQL mysqld str_to_date Function NULL Argument DoS
9375| [26923] PHP/MySQL Classifieds (PHP Classifieds) search.php rate Parameter SQL Injection
9376| [26922] PHP/MySQL Classifieds (PHP Classifieds) AddAsset1.php Multiple Field XSS
9377| [26822] Bee-hive Lite include/listall.inc.php mysqlcall Parameter Remote File Inclusion
9378| [26821] Bee-hive Lite conad/include/mysqlCall.inc.php config Parameter Remote File Inclusion
9379| [26820] Bee-hive Lite conad/logout.inc.php mysqlCall Parameter Remote File Inclusion
9380| [26819] Bee-hive Lite conad/login.inc.php mysqlCall Parameter Remote File Inclusion
9381| [26818] Bee-hive Lite conad/checkPasswd.inc.php mysqlCall Parameter Remote File Inclusion
9382| [26817] Bee-hive Lite conad/changeUserDetails.inc.php mysqlCall Parameter Remote File Inclusion
9383| [26816] Bee-hive Lite conad/changeEmail.inc.php mysqlCall Parameter Remote File Inclusion
9384| [26125] Open Searchable Image Catalogue core.php do_mysql_query Function Error Message XSS
9385| [26123] Open Searchable Image Catalogue core.php do_mysql_query Function SQL Injection
9386| [25987] MySQL Multibyte Encoding SQL Injection Filter Bypass
9387| [25908] Drupal database.mysql.inc Multiple Parameter SQL Injection
9388| [25595] Apple Mac OS X MySQL Manager Blank root Password
9389| [25228] MySQL Crafted COM_TABLE_DUMP Request Arbitrary Memory Disclosure
9390| [25227] MySQL COM_TABLE_DUMP Packet Overflow
9391| [25226] MySQL Malformed Login Packet Remote Memory Disclosure
9392| [24245] Cholod Mysql Based Message Board Unspecified XSS
9393| [24244] Cholod Mysql Based Message Board mb.cgi showmessage Action SQL Injection
9394| [23963] WoltLab Burning Board class_db_mysql.php SQL Error Message XSS
9395| [23915] Netcool/NeuSecure MySQL Database Connection Restriction Bypass
9396| [23611] Aztek Forum index.php msg Variable Forced MySQL Error Information Disclosure
9397| [23526] MySQL Query NULL Charcter Logging Bypass
9398| [23157] PHP/MYSQL Timesheet changehrs.php Multiple Parameter SQL Injection
9399| [23156] PHP/MYSQL Timesheet index.php Multiple Parameter SQL Injection
9400| [22995] PAM-MySQL Authentication pam_get_item() Function Unspecified Privilege Escalation
9401| [22994] PAM-MySQL SQL Logging Facility Segfault DoS
9402| [22485] Recruitment Software admin/site.xml MySQL Authentication Credential Disclosure
9403| [22479] PHP mysqli Extension Error Message Format String
9404| [22232] PHP Pipe Variable mysql_connect() Function Overflow
9405| [21685] MySQL Auction Search Module keyword XSS
9406| [20698] Campsite notifyendsubs Cron MySQL Password Cleartext Remote Disclosure
9407| [20145] Proofpoint Protection Server Embedded MySQL Server Unpassworded root Account
9408| [19457] aMember Pro mysql.inc.php Remote File Inclusion
9409| [19377] MAXdev MD-Pro /MySQL_Tools/admin.php Path Disclosure
9410| [18899] MySQL UDF Library Arbitrary Function Load Privilege Escalation
9411| [18898] MySQL UDF LoadLibraryEx Function Nonexistent Library Load DoS
9412| [18897] MySQL on Windows UDF Create Function Traversal Privilege Escalation
9413| [18896] MySQL User-Defined Function init_syms() Function Overflow
9414| [18895] MySQL libmysqlclient.so host Parameter Remote Overflow
9415| [18894] MySQL drop database Request Remote Overflow
9416| [18622] FunkBoard mysql_install.php Email Field Arbitrary PHP Code Injection
9417| [18620] FunkBoard mysql_install.php Admin/Database Password Manipulation
9418| [18406] MySQL Eventum releases.php SQL Injection
9419| [18405] MySQL Eventum custom_fields_graph.php SQL Injection
9420| [18404] MySQL Eventum custom_fields.php SQL Injection
9421| [18403] MySQL Eventum login.php email Parameter SQL Injection Authentication Bypass
9422| [18402] MySQL Eventum get_jsrs_data.php F Parameter XSS
9423| [18401] MySQL Eventum list.php release Parameter XSS
9424| [18400] MySQL Eventum view.php id Parameter XSS
9425| [18173] MySQL on Windows USE Command MS-DOS Device Name DoS
9426| [17801] Bugzilla MySQL Replication Race Condition Information Disclosure
9427| [17223] xMySQLadmin Symlink Arbitrary File Deletion
9428| [16727] MySQL Nonexistent '--user' Error Incorrect Privilege Database Invocation
9429| [16689] MySQL mysql_install_db Symlink Arbitrary File Overwrite
9430| [16056] Plans Unspecified mySQL Remote Password Disclosure
9431| [15993] MySQL MaxDB Webtool Remote getIfHeader() WebDAV Function Remote Overflow
9432| [15817] MySQL MaxDB Web Tool getLockTokenHeader() Function Remote Overflow
9433| [15816] MySQL MaxDB Web Administration Service Malformed GET Request Overflow
9434| [15451] paNews auth.php mysql_prefix Parameter SQL Injection
9435| [14748] MySQL MS-DOS Device Names Request DoS
9436| [14678] MySQL CREATE FUNCTION Arbitrary libc Code Execution
9437| [14677] MySQL CREATE FUNCTION mysql.func Table Arbitrary Library Injection
9438| [14676] MySQL CREATE TEMPORARY TABLE Symlink Privilege Escalation
9439| [14386] phpMyAdmin mysqli.dbi.lib.php Path Disclosure
9440| [14052] Symantec Brightmail AntiSpam Multiple Default MySQL Accounts
9441| [13086] MySQL MaxDB Web Agent Malformed HTTP Header DoS
9442| [13085] MySQL MaxDB Web Agent WebDAV sapdbwa_GetUserData() Function Remote DoS
9443| [13013] MySQL mysqlaccess.sh Symlink Arbitrary File Manipulation
9444| [12919] MySQL MaxDB WebAgent websql Remote Overflow
9445| [12779] MySQL User Defined Function Privilege Escalation
9446| [12609] MySQL Eventum projects.php Multiple Parameter XSS
9447| [12608] MySQL Eventum preferences.php Multiple Parameter XSS
9448| [12607] MySQL Eventum forgot_password.php email Parameter XSS
9449| [12606] MySQL Eventum index.php email Parameter XSS
9450| [12605] MySQL Eventum Default Vendor Account
9451| [12275] MySQL MaxDB Web Tools wahttp Nonexistent File Request DoS
9452| [12274] MySQL MaxDB Web Tools WebDAV Handler Remote Overflow
9453| [11689] Roxen Web Server MySQL Socket Permission Weakness
9454| [10985] MySQL MATCH..AGAINST Query DoS
9455| [10959] MySQL GRANT ALL ON Privilege Escalation
9456| [10660] MySQL ALTER TABLE/RENAME Forces Old Permission Checks
9457| [10659] MySQL ALTER MERGE Tables to Change the UNION DoS
9458| [10658] MySQL mysql_real_connect() Function Remote Overflow
9459| [10532] MySQL MaxDB webdbm Server Field DoS
9460| [10491] AWS MySQLguest AWSguest.php Script Insertion
9461| [10244] MySQL libmysqlclient Prepared Statements API Overflow
9462| [10226] MySQLGuest AWSguest.php Multiple Field XSS
9463| [9912] PHP safe_mode MySQL Database Access Restriction Bypass
9464| [9911] Inter7 vpopmail MySQL Module Authentication Credential Disclosure
9465| [9910] MySQL mysql_change_user() Double-free Memory Pointer DoS
9466| [9909] MySQL datadir/my.cnf Modification Privilege Escalation
9467| [9908] MySQL my.ini Initialization File datadir Parameter Overflow
9468| [9907] MySQL SELECT Statement String Handling Overflow
9469| [9906] MySQL GRANT Privilege Arbitrary Password Modification
9470| [9509] teapop MySQL Authentication Module SQL Injection
9471| [9018] MySQL Backup Pro getbackup() Method Unspecified Issue
9472| [9015] MySQL mysqlhotcopy Insecure Temporary File Creation
9473| [8997] Cacti config.php MySQL Authentication Credential Cleartext Disclosure
9474| [8979] MySQL SHOW GRANTS Encrypted Password Disclosure
9475| [8889] MySQL COM_TABLE_DUMP Package Negative Integer DoS
9476| [8888] MySQL COM_CHANGE_USER Command Long Repsonse Overflow
9477| [8887] MySQL COM_CHANGE_USER Command One Character Password Brute Force
9478| [8886] MySQL libmysqlclient Library read_one_row Overflow
9479| [8885] MySQL libmysqlclient Library read_rows Overflow
9480| [7476] MySQL Protocol 4.1 Authentication Scramble String Overflow
9481| [7475] MySQL Zero-length Scrambled String Crafted Packet Authentication Bypass
9482| [7245] MySQL Pluggable Authentication Module (pam_mysql) Password Disclosure
9483| [7128] MySQL show database Database Name Exposure
9484| [6716] MySQL Database Engine Weak Authentication Information Disclosure
9485| [6605] MySQL mysqld Readable Log File Information Disclosure
9486| [6443] PowerPhlogger db_dump.php View Arbitrary mySQL Dump
9487| [6421] MySQL mysqld_multi Symlink Arbitrary File Overwrite
9488| [6420] MySQL mysqlbug Symlink Arbitrary File Overwrite
9489| [2537] MySQL sql_acl.cc get_salt_from_password Function Password Handling Remote Overflow
9490| [2144] WinMySQLadmin my.ini Cleartext Password Disclosure
9491| [653] PCCS-Linux MySQL Database Admin Tool Authentication Credential Disclosure
9492| [520] MySQL Database Name Traversal Arbitrary File Modification
9493| [380] MySQL Server on Windows Default Null Root Password
9494| [261] MySQL Short Check String Authentication Bypass
9495|_
9496Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
9497Device type: broadband router|general purpose|WAP|webcam|remote management
9498Running (JUST GUESSING): Asus embedded (95%), Linux 2.6.X|2.4.X (95%), AXIS embedded (95%), Cisco embedded (94%), Dell embedded (94%)
9499OS CPE: cpe:/h:asus:rt-ac66u cpe:/o:linux:linux_kernel:2.6 cpe:/h:asus:rt-n10 cpe:/h:axis:211_network_camera cpe:/o:linux:linux_kernel:2.6.20 cpe:/h:cisco:srp_521w cpe:/o:linux:linux_kernel:2.4
9500Aggressive OS guesses: Asus RT-AC66U router (Linux 2.6) (95%), Asus RT-N10 router or AXIS 211A Network Camera (Linux 2.6) (95%), Asus RT-N16 WAP (Linux 2.6) (95%), Asus RT-N66U WAP (Linux 2.6) (95%), Tomato 1.28 (Linux 2.6.22) (95%), AXIS 211A Network Camera (Linux 2.6.20) (95%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (95%), Linux 2.6.16 (95%), Linux 2.6.32 (94%), Linux 2.6.18 (94%)
9501No exact OS matches for host (test conditions non-ideal).
9502Network Distance: 10 hops
9503
9504TRACEROUTE (using port 3306/tcp)
9505HOP RTT ADDRESS
95061 132.13 ms 10.230.200.1
95072 ...
95083 132.92 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
95094 132.72 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
95105 139.52 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
95116 132.91 ms be3377.ccr21.sto01.atlas.cogentco.com (154.54.36.90)
95127 132.71 ms level3.sto01.atlas.cogentco.com (130.117.14.6)
95138 162.37 ms ae-1-3107.edge6.Amsterdam1.Level3.net (4.69.162.214)
95149 ...
951510 175.34 ms no-reverse-dns-configured.com (94.102.49.234)
9516#######################################################################################################################################
9517Starting Nmap 7.80 ( https://nmap.org ) at 2019-11-06 18:50 EST
9518NSE: Loaded 47 scripts for scanning.
9519NSE: Script Pre-scanning.
9520Initiating NSE at 18:50
9521Completed NSE at 18:50, 0.00s elapsed
9522Initiating NSE at 18:50
9523Completed NSE at 18:50, 0.00s elapsed
9524Initiating Ping Scan at 18:50
9525Scanning 94.102.49.234 [4 ports]
9526Completed Ping Scan at 18:50, 0.20s elapsed (1 total hosts)
9527Initiating Parallel DNS resolution of 1 host. at 18:50
9528Completed Parallel DNS resolution of 1 host. at 18:50, 0.02s elapsed
9529Initiating SYN Stealth Scan at 18:50
9530Scanning no-reverse-dns-configured.com (94.102.49.234) [65535 ports]
9531Discovered open port 3306/tcp on 94.102.49.234
9532Discovered open port 111/tcp on 94.102.49.234
9533Discovered open port 21/tcp on 94.102.49.234
9534Discovered open port 80/tcp on 94.102.49.234
9535Discovered open port 22/tcp on 94.102.49.234
9536Discovered open port 10050/tcp on 94.102.49.234
9537SYN Stealth Scan Timing: About 17.23% done; ETC: 18:53 (0:02:29 remaining)
9538SYN Stealth Scan Timing: About 23.91% done; ETC: 18:55 (0:03:14 remaining)
9539SYN Stealth Scan Timing: About 30.67% done; ETC: 18:56 (0:03:32 remaining)
9540SYN Stealth Scan Timing: About 43.78% done; ETC: 18:56 (0:03:14 remaining)
9541SYN Stealth Scan Timing: About 58.85% done; ETC: 18:58 (0:02:55 remaining)
9542SYN Stealth Scan Timing: About 65.97% done; ETC: 18:58 (0:02:32 remaining)
9543SYN Stealth Scan Timing: About 72.45% done; ETC: 18:58 (0:02:04 remaining)
9544SYN Stealth Scan Timing: About 78.53% done; ETC: 18:58 (0:01:39 remaining)
9545SYN Stealth Scan Timing: About 84.17% done; ETC: 18:58 (0:01:14 remaining)
9546Discovered open port 222/tcp on 94.102.49.234
9547Discovered open port 39445/tcp on 94.102.49.234
9548SYN Stealth Scan Timing: About 90.03% done; ETC: 18:58 (0:00:47 remaining)
9549Completed SYN Stealth Scan at 18:58, 475.85s elapsed (65535 total ports)
9550Initiating Service scan at 18:58
9551Scanning 8 services on no-reverse-dns-configured.com (94.102.49.234)
9552Completed Service scan at 18:59, 12.68s elapsed (8 services on 1 host)
9553Initiating OS detection (try #1) against no-reverse-dns-configured.com (94.102.49.234)
9554Retrying OS detection (try #2) against no-reverse-dns-configured.com (94.102.49.234)
9555Initiating Traceroute at 18:59
9556Completed Traceroute at 18:59, 3.01s elapsed
9557Initiating Parallel DNS resolution of 8 hosts. at 18:59
9558Completed Parallel DNS resolution of 8 hosts. at 18:59, 0.24s elapsed
9559NSE: Script scanning 94.102.49.234.
9560Initiating NSE at 18:59
9561Completed NSE at 18:59, 15.96s elapsed
9562Initiating NSE at 18:59
9563Completed NSE at 18:59, 1.53s elapsed
9564Nmap scan report for no-reverse-dns-configured.com (94.102.49.234)
9565Host is up (0.17s latency).
9566Not shown: 65527 closed ports
9567PORT STATE SERVICE VERSION
956821/tcp open ftp vsftpd 2.0.5
9569| vulscan: VulDB - https://vuldb.com:
9570| [43110] vsftpd up to 2.0.4 Memory Leak denial of service
9571|
9572| MITRE CVE - https://cve.mitre.org:
9573| [CVE-2008-2375] Memory leak in a certain Red Hat deployment of vsftpd before 2.0.5 on Red Hat Enterprise Linux (RHEL) 3 and 4, when PAM is used, allows remote attackers to cause a denial of service (memory consumption) via a large number of invalid authentication attempts within the same session, a different vulnerability than CVE-2007-5962.
9574| [CVE-2007-5962] Memory leak in a certain Red Hat patch, applied to vsftpd 2.0.5 on Red Hat Enterprise Linux (RHEL) 5 and Fedora 6 through 8, and on Foresight Linux and rPath appliances, allows remote attackers to cause a denial of service (memory consumption) via a large number of CWD commands, as demonstrated by an attack on a daemon with the deny_file configuration option.
9575| [CVE-2008-4969] ltp-network-test 20060918 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/vsftpd.conf, (b) /tmp/udp/2/*, (c) /tmp/tcp/2/*, (d) /tmp/udp/3/*, (e) /tmp/tcp/3/*, (f) /tmp/nfs_fsstress.udp.2.log, (g) /tmp/nfs_fsstress.udp.3.log, (h) /tmp/nfs_fsstress.tcp.2.log, (i) /tmp/nfs_fsstress.tcp.3.log, and (j) /tmp/nfs_fsstress.sardata temporary files, related to the (1) ftp_setup_vsftp_conf and (2) nfs_fsstress.sh scripts.
9576| [CVE-2007-4322] BlockHosts before 2.0.4 does not properly parse (1) sshd and (2) vsftpd log files, which allows remote attackers to add arbitrary deny entries to the /etc/hosts.allow file and cause a denial of service by adding arbitrary IP addresses to a daemon log file, as demonstrated by connecting through ssh with a client protocol version identification containing an IP address string, or connecting through ftp with a username containing an IP address string, different vectors than CVE-2007-2765.
9577|
9578| SecurityFocus - https://www.securityfocus.com/bid/:
9579| [82285] Vsftpd CVE-2004-0042 Remote Security Vulnerability
9580| [72451] vsftpd CVE-2015-1419 Security Bypass Vulnerability
9581| [51013] vsftpd '__tzfile_read()' Function Heap Based Buffer Overflow Vulnerability
9582| [48539] vsftpd Compromised Source Packages Backdoor Vulnerability
9583| [46617] vsftpd FTP Server 'ls.c' Remote Denial of Service Vulnerability
9584| [41443] Vsftpd Webmin Module Multiple Unspecified Vulnerabilities
9585| [30364] vsftpd FTP Server Pluggable Authentication Module (PAM) Remote Denial of Service Vulnerability
9586| [29322] vsftpd FTP Server 'deny_file' Option Remote Denial of Service Vulnerability
9587| [10394] Vsftpd Listener Denial of Service Vulnerability
9588| [7253] Red Hat Linux 9 vsftpd Compiling Error Weakness
9589|
9590| IBM X-Force - https://exchange.xforce.ibmcloud.com:
9591| [68366] vsftpd package backdoor
9592| [65873] vsftpd vsf_filename_passes_filter denial of service
9593| [55148] VSFTPD-WEBMIN-MODULE unknown unspecified
9594| [43685] vsftpd authentication attempts denial of service
9595| [42593] vsftpd deny_file denial of service
9596| [16222] vsftpd connection denial of service
9597| [14844] vsftpd message allows attacker to obtain username
9598| [11729] Red Hat Linux vsftpd FTP daemon tcp_wrapper could allow an attacker to gain access to server
9599|
9600| Exploit-DB - https://www.exploit-db.com:
9601| [5814] vsftpd 2.0.5 (CWD) Remote Memory Consumption Exploit (post auth)
9602|
9603| OpenVAS (Nessus) - http://www.openvas.org:
9604| [70399] Debian Security Advisory DSA 2305-1 (vsftpd)
9605|
9606| SecurityTracker - https://www.securitytracker.com:
9607| [1025186] vsftpd vsf_filename_passes_filter() Bug Lets Remote Authenticated Users Deny Service
9608| [1020546] vsftpd Memory Leak When Invalid Authentication Attempts Occur Lets Remote Authenticated Users Deny Service
9609| [1020079] vsftpd Memory Leak in 'deny_file' Option Lets Remote Authenticated Users Deny Service
9610| [1008628] vsftpd Discloses Whether Usernames are Valid or Not
9611|
9612| OSVDB - http://www.osvdb.org:
9613| [73573] vsftpd on vsftpd.beasts.org Trojaned Distribution
9614| [73340] vsftpd ls.c vsf_filename_passes_filter STAT Command glob Expression Remote DoS
9615| [61362] Vsftpd Webmin Module Unspecified Issues
9616| [46930] Red Hat Linux vsftpd w/ PAM Memory Exhaustion Remote DoS
9617| [45626] vsftpd deny_file Option Crafted FTP Data Remote Memory Exhaustion DoS
9618| [36515] BlockHosts sshd/vsftpd hosts.allow Arbitrary Deny Entry Manipulation
9619| [28610] vsftpd SIGURG Handler Unspecified Issue
9620| [28609] vsftpd tunable_chroot_local_user Filesystem Root Access
9621| [6861] vsftpd Login Error Message Username Enumeration
9622| [6306] vsftpd Connection Handling DoS
9623| [4564] vsftpd on Red Hat Linux Restricted Access Failure
9624|_
962522/tcp open ssh OpenSSH 5.1p1 Debian 5 (protocol 2.0)
9626| vulscan: VulDB - https://vuldb.com:
9627| [80267] OpenSSH up to 5.x/6.x/7.1p1 Forward Option roaming_common.c roaming_read/roaming_write memory corruption
9628| [80266] OpenSSH up to 5.x/6.x/7.1p1 roaming_common.c resend_bytes information disclosure
9629| [4584] OpenSSH up to 5.7 auth-options.c information disclosure
9630| [4282] OpenSSH 5.6/5.7 Legacy Certificate memory corruption
9631|
9632| MITRE CVE - https://cve.mitre.org:
9633| [CVE-2008-3259] OpenSSH before 5.1 sets the SO_REUSEADDR socket option when the X11UseLocalhost configuration setting is disabled, which allows local users on some platforms to hijack the X11 forwarding port via a bind to a single IP address, as demonstrated on the HP-UX platform.
9634| [CVE-2012-0814] The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory.
9635| [CVE-2011-5000] The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.
9636| [CVE-2011-0539] The key_certify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow remote attackers to obtain sensitive stack memory contents or make it easier to conduct hash collision attacks.
9637| [CVE-2010-4755] The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632.
9638| [CVE-2010-4478] OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252.
9639| [CVE-2009-2904] A certain Red Hat modification to the ChrootDirectory feature in OpenSSH 4.8, as used in sshd in OpenSSH 4.3 in Red Hat Enterprise Linux (RHEL) 5.4 and Fedora 11, allows local users to gain privileges via hard links to setuid programs that use configuration files within the chroot directory, related to requirements for directory ownership.
9640| [CVE-2008-3844] Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.
9641| [CVE-2006-0883] OpenSSH on FreeBSD 5.3 and 5.4, when used with OpenPAM, does not properly handle when a forked child process terminates during PAM authentication, which allows remote attackers to cause a denial of service (client connection refusal) by connecting multiple times to the SSH server, waiting for the password prompt, then disconnecting.
9642|
9643| SecurityFocus - https://www.securityfocus.com/bid/:
9644| [102780] OpenSSH CVE-2016-10708 Multiple Denial of Service Vulnerabilities
9645| [101552] OpenSSH 'sftp-server.c' Remote Security Bypass Vulnerability
9646| [94977] OpenSSH CVE-2016-10011 Local Information Disclosure Vulnerability
9647| [94975] OpenSSH CVE-2016-10012 Security Bypass Vulnerability
9648| [94972] OpenSSH CVE-2016-10010 Privilege Escalation Vulnerability
9649| [94968] OpenSSH CVE-2016-10009 Remote Code Execution Vulnerability
9650| [93776] OpenSSH 'ssh/kex.c' Denial of Service Vulnerability
9651| [92212] OpenSSH CVE-2016-6515 Denial of Service Vulnerability
9652| [92210] OpenSSH CBC Padding Weak Encryption Security Weakness
9653| [92209] OpenSSH MAC Verification Security Bypass Vulnerability
9654| [91812] OpenSSH CVE-2016-6210 User Enumeration Vulnerability
9655| [90440] OpenSSH CVE-2004-1653 Remote Security Vulnerability
9656| [90340] OpenSSH CVE-2004-2760 Remote Security Vulnerability
9657| [89385] OpenSSH CVE-2005-2666 Local Security Vulnerability
9658| [88655] OpenSSH CVE-2001-1382 Remote Security Vulnerability
9659| [88513] OpenSSH CVE-2000-0999 Remote Security Vulnerability
9660| [88367] OpenSSH CVE-1999-1010 Local Security Vulnerability
9661| [87789] OpenSSH CVE-2003-0682 Remote Security Vulnerability
9662| [86187] OpenSSH 'session.c' Local Security Bypass Vulnerability
9663| [86144] OpenSSH CVE-2007-2768 Remote Security Vulnerability
9664| [84427] OpenSSH CVE-2016-1908 Security Bypass Vulnerability
9665| [84314] OpenSSH CVE-2016-3115 Remote Command Injection Vulnerability
9666| [84185] OpenSSH CVE-2006-4925 Denial-Of-Service Vulnerability
9667| [81293] OpenSSH CVE-2016-1907 Denial of Service Vulnerability
9668| [80698] OpenSSH CVE-2016-0778 Heap Based Buffer Overflow Vulnerability
9669| [80695] OpenSSH CVE-2016-0777 Information Disclosure Vulnerability
9670| [76497] OpenSSH CVE-2015-6565 Local Security Bypass Vulnerability
9671| [76317] OpenSSH PAM Support Multiple Remote Code Execution Vulnerabilities
9672| [75990] OpenSSH Login Handling Security Bypass Weakness
9673| [75525] OpenSSH 'x11_open_helper()' Function Security Bypass Vulnerability
9674| [71420] Portable OpenSSH 'gss-serv-krb5.c' Security Bypass Vulnerability
9675| [68757] OpenSSH Multiple Remote Denial of Service Vulnerabilities
9676| [66459] OpenSSH Certificate Validation Security Bypass Vulnerability
9677| [66355] OpenSSH 'child_set_env()' Function Security Bypass Vulnerability
9678| [65674] OpenSSH 'ssh-keysign.c' Local Information Disclosure Vulnerability
9679| [65230] OpenSSH 'schnorr.c' Remote Memory Corruption Vulnerability
9680| [63605] OpenSSH 'sshd' Process Remote Memory Corruption Vulnerability
9681| [61286] OpenSSH Remote Denial of Service Vulnerability
9682| [58894] GSI-OpenSSH PAM_USER Security Bypass Vulnerability
9683| [58162] OpenSSH CVE-2010-5107 Denial of Service Vulnerability
9684| [54114] OpenSSH 'ssh_gssapi_parse_ename()' Function Denial of Service Vulnerability
9685| [51702] Debian openssh-server Forced Command Handling Information Disclosure Vulnerability
9686| [50416] Linux Kernel 'kdump' and 'mkdumprd' OpenSSH Integration Remote Information Disclosure Vulnerability
9687| [49473] OpenSSH Ciphersuite Specification Information Disclosure Weakness
9688| [48507] OpenSSH 'pam_thread()' Remote Buffer Overflow Vulnerability
9689| [47691] Portable OpenSSH 'ssh-keysign' Local Unauthorized Access Vulnerability
9690| [46155] OpenSSH Legacy Certificate Signing Information Disclosure Vulnerability
9691| [45304] OpenSSH J-PAKE Security Bypass Vulnerability
9692| [36552] Red Hat Enterprise Linux OpenSSH 'ChrootDirectory' Option Local Privilege Escalation Vulnerability
9693| [32319] OpenSSH CBC Mode Information Disclosure Vulnerability
9694| [30794] Red Hat OpenSSH Backdoor Vulnerability
9695| [30339] OpenSSH 'X11UseLocalhost' X11 Forwarding Session Hijacking Vulnerability
9696| [30276] Debian OpenSSH SELinux Privilege Escalation Vulnerability
9697| [28531] OpenSSH ForceCommand Command Execution Weakness
9698| [28444] OpenSSH X Connections Session Hijacking Vulnerability
9699| [26097] OpenSSH LINUX_AUDIT_RECORD_EVENT Remote Log Injection Weakness
9700| [25628] OpenSSH X11 Cookie Local Authentication Bypass Vulnerability
9701| [23601] OpenSSH S/Key Remote Information Disclosure Vulnerability
9702| [20956] OpenSSH Privilege Separation Key Signature Weakness
9703| [20418] OpenSSH-Portable Existing Password Remote Information Disclosure Weakness
9704| [20245] OpenSSH-Portable GSSAPI Authentication Abort Information Disclosure Weakness
9705| [20241] Portable OpenSSH GSSAPI Remote Code Execution Vulnerability
9706| [20216] OpenSSH Duplicated Block Remote Denial of Service Vulnerability
9707| [16892] OpenSSH Remote PAM Denial Of Service Vulnerability
9708| [14963] OpenSSH LoginGraceTime Remote Denial Of Service Vulnerability
9709| [14729] OpenSSH GSSAPI Credential Disclosure Vulnerability
9710| [14727] OpenSSH DynamicForward Inadvertent GatewayPorts Activation Vulnerability
9711| [11781] OpenSSH-portable PAM Authentication Remote Information Disclosure Vulnerability
9712| [9986] RCP, OpenSSH SCP Client File Corruption Vulnerability
9713| [9040] OpenSSH PAM Conversation Memory Scrubbing Weakness
9714| [8677] Multiple Portable OpenSSH PAM Vulnerabilities
9715| [8628] OpenSSH Buffer Mismanagement Vulnerabilities
9716| [7831] OpenSSH Reverse DNS Lookup Access Control Bypass Vulnerability
9717| [7482] OpenSSH Remote Root Authentication Timing Side-Channel Weakness
9718| [7467] OpenSSH-portable Enabled PAM Delay Information Disclosure Vulnerability
9719| [7343] OpenSSH Authentication Execution Path Timing Information Leakage Weakness
9720| [6168] OpenSSH Visible Password Vulnerability
9721| [5374] OpenSSH Trojan Horse Vulnerability
9722| [5093] OpenSSH Challenge-Response Buffer Overflow Vulnerabilities
9723| [4560] OpenSSH Kerberos 4 TGT/AFS Token Buffer Overflow Vulnerability
9724| [4241] OpenSSH Channel Code Off-By-One Vulnerability
9725| [3614] OpenSSH UseLogin Environment Variable Passing Vulnerability
9726| [3560] OpenSSH Kerberos Arbitrary Privilege Elevation Vulnerability
9727| [3369] OpenSSH Key Based Source IP Access Control Bypass Vulnerability
9728| [3345] OpenSSH SFTP Command Restriction Bypassing Vulnerability
9729| [2917] OpenSSH PAM Session Evasion Vulnerability
9730| [2825] OpenSSH Client X11 Forwarding Cookie Removal File Symbolic Link Vulnerability
9731| [2356] OpenSSH Private Key Authentication Check Vulnerability
9732| [1949] OpenSSH Client Unauthorized Remote Forwarding Vulnerability
9733| [1334] OpenSSH UseLogin Vulnerability
9734|
9735| IBM X-Force - https://exchange.xforce.ibmcloud.com:
9736| [83258] GSI-OpenSSH auth-pam.c security bypass
9737| [82781] OpenSSH time limit denial of service
9738| [82231] OpenSSH pam_ssh_agent_auth PAM code execution
9739| [74809] OpenSSH ssh_gssapi_parse_ename denial of service
9740| [72756] Debian openssh-server commands information disclosure
9741| [68339] OpenSSH pam_thread buffer overflow
9742| [67264] OpenSSH ssh-keysign unauthorized access
9743| [65910] OpenSSH remote_glob function denial of service
9744| [65163] OpenSSH certificate information disclosure
9745| [64387] OpenSSH J-PAKE security bypass
9746| [63337] Cisco Unified Videoconferencing OpenSSH weak security
9747| [46620] OpenSSH and multiple SSH Tectia products CBC mode information disclosure
9748| [45202] OpenSSH signal handler denial of service
9749| [44747] RHEL OpenSSH backdoor
9750| [44280] OpenSSH PermitRootLogin information disclosure
9751| [44279] OpenSSH sshd weak security
9752| [44037] OpenSSH sshd SELinux role unauthorized access
9753| [43940] OpenSSH X11 forwarding information disclosure
9754| [41549] OpenSSH ForceCommand directive security bypass
9755| [41438] OpenSSH sshd session hijacking
9756| [40897] OpenSSH known_hosts weak security
9757| [40587] OpenSSH username weak security
9758| [37371] OpenSSH username data manipulation
9759| [37118] RHSA update for OpenSSH privilege separation monitor authentication verification weakness not installed
9760| [37112] RHSA update for OpenSSH signal handler race condition not installed
9761| [37107] RHSA update for OpenSSH identical block denial of service not installed
9762| [36637] OpenSSH X11 cookie privilege escalation
9763| [35167] OpenSSH packet.c newkeys[mode] denial of service
9764| [34490] OpenSSH OPIE information disclosure
9765| [33794] OpenSSH ChallengeResponseAuthentication information disclosure
9766| [32975] Apple Mac OS X OpenSSH denial of service
9767| [32387] RHSA-2006:0738 updates for openssh not installed
9768| [32359] RHSA-2006:0697 updates for openssh not installed
9769| [32230] RHSA-2006:0298 updates for openssh not installed
9770| [32132] RHSA-2006:0044 updates for openssh not installed
9771| [30120] OpenSSH privilege separation monitor authentication verification weakness
9772| [29255] OpenSSH GSSAPI user enumeration
9773| [29254] OpenSSH signal handler race condition
9774| [29158] OpenSSH identical block denial of service
9775| [28147] Apple Mac OS X OpenSSH nonexistent user login denial of service
9776| [25116] OpenSSH OpenPAM denial of service
9777| [24305] OpenSSH SCP shell expansion command execution
9778| [22665] RHSA-2005:106 updates for openssh not installed
9779| [22117] OpenSSH GSSAPI allows elevated privileges
9780| [22115] OpenSSH GatewayPorts security bypass
9781| [20930] OpenSSH sshd.c LoginGraceTime denial of service
9782| [19441] Sun Solaris OpenSSH LDAP (1) client authentication denial of service
9783| [17213] OpenSSH allows port bouncing attacks
9784| [16323] OpenSSH scp file overwrite
9785| [13797] OpenSSH PAM information leak
9786| [13271] OpenSSH could allow an attacker to corrupt the PAM conversion stack
9787| [13264] OpenSSH PAM code could allow an attacker to gain access
9788| [13215] OpenSSH buffer management errors could allow an attacker to execute code
9789| [13214] OpenSSH memory vulnerabilities
9790| [13191] OpenSSH large packet buffer overflow
9791| [12196] OpenSSH could allow an attacker to bypass login restrictions
9792| [11970] OpenSSH could allow an attacker to obtain valid administrative account
9793| [11902] OpenSSH PAM support enabled information leak
9794| [9803] OpenSSH "
9795| [9763] OpenSSH downloaded from the OpenBSD FTP site or OpenBSD FTP mirror sites could contain a Trojan Horse
9796| [9307] OpenSSH is running on the system
9797| [9169] OpenSSH "
9798| [8896] OpenSSH Kerberos 4 TGT/AFS buffer overflow
9799| [8697] FreeBSD libutil in OpenSSH fails to drop privileges prior to using the login class capability database
9800| [8383] OpenSSH off-by-one error in channel code
9801| [7647] OpenSSH UseLogin option arbitrary code execution
9802| [7634] OpenSSH using sftp and restricted keypairs could allow an attacker to bypass restrictions
9803| [7598] OpenSSH with Kerberos allows attacker to gain elevated privileges
9804| [7179] OpenSSH source IP access control bypass
9805| [6757] OpenSSH "
9806| [6676] OpenSSH X11 forwarding symlink attack could allow deletion of arbitrary files
9807| [6084] OpenSSH 2.3.1 allows remote users to bypass authentication
9808| [5517] OpenSSH allows unauthorized access to resources
9809| [4646] OpenSSH UseLogin option allows remote users to execute commands as root
9810|
9811| Exploit-DB - https://www.exploit-db.com:
9812| [21579] OpenSSH 3.x Challenge-Response Buffer Overflow Vulnerabilities (2)
9813| [21578] OpenSSH 3.x Challenge-Response Buffer Overflow Vulnerabilities (1)
9814| [21402] OpenSSH 2.x/3.x Kerberos 4 TGT/AFS Token Buffer Overflow Vulnerability
9815| [21314] OpenSSH 2.x/3.0.1/3.0.2 Channel Code Off-By-One Vulnerability
9816| [20253] OpenSSH 1.2 scp File Create/Overwrite Vulnerability
9817| [17462] FreeBSD OpenSSH 3.5p1 - Remote Root Exploit
9818| [14866] Novell Netware 6.5 - OpenSSH Remote Stack Overflow
9819| [6094] Debian OpenSSH Remote SELinux Privilege Elevation Exploit (auth)
9820| [3303] Portable OpenSSH <= 3.6.1p-PAM / 4.1-SUSE Timing Attack Exploit
9821| [2444] OpenSSH <= 4.3 p1 (Duplicated Block) Remote Denial of Service Exploit
9822| [1572] Dropbear / OpenSSH Server (MAX_UNAUTH_CLIENTS) Denial of Service
9823| [258] glibc-2.2 and openssh-2.3.0p1 exploits glibc => 2.1.9x
9824| [26] OpenSSH/PAM <= 3.6.1p1 Remote Users Ident (gossh.sh)
9825| [25] OpenSSH/PAM <= 3.6.1p1 Remote Users Discovery Tool
9826|
9827| OpenVAS (Nessus) - http://www.openvas.org:
9828| [902488] OpenSSH 'sshd' GSSAPI Credential Disclosure Vulnerability
9829| [900179] OpenSSH CBC Mode Information Disclosure Vulnerability
9830| [881183] CentOS Update for openssh CESA-2012:0884 centos6
9831| [880802] CentOS Update for openssh CESA-2009:1287 centos5 i386
9832| [880746] CentOS Update for openssh CESA-2009:1470 centos5 i386
9833| [870763] RedHat Update for openssh RHSA-2012:0884-04
9834| [870129] RedHat Update for openssh RHSA-2008:0855-01
9835| [861813] Fedora Update for openssh FEDORA-2010-5429
9836| [861319] Fedora Update for openssh FEDORA-2007-395
9837| [861170] Fedora Update for openssh FEDORA-2007-394
9838| [861012] Fedora Update for openssh FEDORA-2007-715
9839| [840345] Ubuntu Update for openssh vulnerability USN-597-1
9840| [840300] Ubuntu Update for openssh update USN-612-5
9841| [840271] Ubuntu Update for openssh vulnerability USN-612-2
9842| [840268] Ubuntu Update for openssh update USN-612-7
9843| [840259] Ubuntu Update for openssh vulnerabilities USN-649-1
9844| [840214] Ubuntu Update for openssh vulnerability USN-566-1
9845| [831074] Mandriva Update for openssh MDVA-2010:162 (openssh)
9846| [830929] Mandriva Update for openssh MDVA-2010:090 (openssh)
9847| [830807] Mandriva Update for openssh MDVA-2010:026 (openssh)
9848| [830603] Mandriva Update for openssh MDVSA-2008:098 (openssh)
9849| [830523] Mandriva Update for openssh MDVSA-2008:078 (openssh)
9850| [830317] Mandriva Update for openssh-askpass-qt MDKA-2007:127 (openssh-askpass-qt)
9851| [830191] Mandriva Update for openssh MDKSA-2007:236 (openssh)
9852| [802407] OpenSSH 'sshd' Challenge Response Authentication Buffer Overflow Vulnerability
9853| [103503] openssh-server Forced Command Handling Information Disclosure Vulnerability
9854| [103247] OpenSSH Ciphersuite Specification Information Disclosure Weakness
9855| [103064] OpenSSH Legacy Certificate Signing Information Disclosure Vulnerability
9856| [100584] OpenSSH X Connections Session Hijacking Vulnerability
9857| [100153] OpenSSH CBC Mode Information Disclosure Vulnerability
9858| [66170] CentOS Security Advisory CESA-2009:1470 (openssh)
9859| [65987] SLES10: Security update for OpenSSH
9860| [65819] SLES10: Security update for OpenSSH
9861| [65514] SLES9: Security update for OpenSSH
9862| [65513] SLES9: Security update for OpenSSH
9863| [65334] SLES9: Security update for OpenSSH
9864| [65248] SLES9: Security update for OpenSSH
9865| [65218] SLES9: Security update for OpenSSH
9866| [65169] SLES9: Security update for openssh,openssh-askpass
9867| [65126] SLES9: Security update for OpenSSH
9868| [65019] SLES9: Security update for OpenSSH
9869| [65015] SLES9: Security update for OpenSSH
9870| [64931] CentOS Security Advisory CESA-2009:1287 (openssh)
9871| [61639] Debian Security Advisory DSA 1638-1 (openssh)
9872| [61030] Debian Security Advisory DSA 1576-2 (openssh)
9873| [61029] Debian Security Advisory DSA 1576-1 (openssh)
9874| [60840] FreeBSD Security Advisory (FreeBSD-SA-08:05.openssh.asc)
9875| [60803] Gentoo Security Advisory GLSA 200804-03 (openssh)
9876| [60667] Slackware Advisory SSA:2008-095-01 openssh
9877| [59014] Slackware Advisory SSA:2007-255-01 openssh
9878| [58741] Gentoo Security Advisory GLSA 200711-02 (openssh)
9879| [57919] Gentoo Security Advisory GLSA 200611-06 (openssh)
9880| [57895] Gentoo Security Advisory GLSA 200609-17 (openssh)
9881| [57585] Debian Security Advisory DSA 1212-1 (openssh (1:3.8.1p1-8.sarge.6))
9882| [57492] Slackware Advisory SSA:2006-272-02 openssh
9883| [57483] Debian Security Advisory DSA 1189-1 (openssh-krb5)
9884| [57476] FreeBSD Security Advisory (FreeBSD-SA-06:22.openssh.asc)
9885| [57470] FreeBSD Ports: openssh
9886| [56352] FreeBSD Security Advisory (FreeBSD-SA-06:09.openssh.asc)
9887| [56330] Gentoo Security Advisory GLSA 200602-11 (OpenSSH)
9888| [56294] Slackware Advisory SSA:2006-045-06 openssh
9889| [53964] Slackware Advisory SSA:2003-266-01 New OpenSSH packages
9890| [53885] Slackware Advisory SSA:2003-259-01 OpenSSH Security Advisory
9891| [53884] Slackware Advisory SSA:2003-260-01 OpenSSH updated again
9892| [53788] Debian Security Advisory DSA 025-1 (openssh)
9893| [52638] FreeBSD Security Advisory (FreeBSD-SA-03:15.openssh.asc)
9894| [52635] FreeBSD Security Advisory (FreeBSD-SA-03:12.openssh.asc)
9895| [11343] OpenSSH Client Unauthorized Remote Forwarding
9896| [10954] OpenSSH AFS/Kerberos ticket/token passing
9897| [10883] OpenSSH Channel Code Off by 1
9898| [10823] OpenSSH UseLogin Environment Variables
9899|
9900| SecurityTracker - https://www.securitytracker.com:
9901| [1028187] OpenSSH pam_ssh_agent_auth Module on Red Hat Enterprise Linux Lets Remote Users Execute Arbitrary Code
9902| [1026593] OpenSSH Lets Remote Authenticated Users Obtain Potentially Sensitive Information
9903| [1025739] OpenSSH on FreeBSD Has Buffer Overflow in pam_thread() That Lets Remote Users Execute Arbitrary Code
9904| [1025482] OpenSSH ssh-keysign Utility Lets Local Users Gain Elevated Privileges
9905| [1025028] OpenSSH Legacy Certificates May Disclose Stack Contents to Remote Users
9906| [1022967] OpenSSH on Red Hat Enterprise Linux Lets Remote Authenticated Users Gain Elevated Privileges
9907| [1021235] OpenSSH CBC Mode Error Handling May Let Certain Remote Users Obtain Plain Text in Certain Cases
9908| [1020891] OpenSSH on Debian Lets Remote Users Prevent Logins
9909| [1020730] OpenSSH for Red Hat Enterprise Linux Packages May Have Been Compromised
9910| [1020537] OpenSSH on HP-UX Lets Local Users Hijack X11 Sessions
9911| [1019733] OpenSSH Unsafe Default Configuration May Let Local Users Execute Arbitrary Commands
9912| [1019707] OpenSSH Lets Local Users Hijack Forwarded X Sessions in Certain Cases
9913| [1017756] Apple OpenSSH Key Generation Process Lets Remote Users Deny Service
9914| [1017183] OpenSSH Privilege Separation Monitor Validation Error May Cause the Monitor to Fail to Properly Control the Unprivileged Process
9915| [1016940] OpenSSH Race Condition in Signal Handler Lets Remote Users Deny Service and May Potentially Permit Code Execution
9916| [1016939] OpenSSH GSSAPI Authentication Abort Error Lets Remote Users Determine Valid Usernames
9917| [1016931] OpenSSH SSH v1 CRC Attack Detection Implementation Lets Remote Users Deny Service
9918| [1016672] OpenSSH on Mac OS X Lets Remote Users Deny Service
9919| [1015706] OpenSSH Interaction With OpenPAM Lets Remote Users Deny Service
9920| [1015540] OpenSSH scp Double Shell Character Expansion During Local-to-Local Copying May Let Local Users Gain Elevated Privileges in Certain Cases
9921| [1014845] OpenSSH May Unexpectedly Activate GatewayPorts and Also May Disclose GSSAPI Credentials in Certain Cases
9922| [1011193] OpenSSH scp Directory Traversal Flaw Lets Remote SSH Servers Overwrite Files in Certain Cases
9923| [1011143] OpenSSH Default Configuration May Be Unsafe When Used With Anonymous SSH Services
9924| [1007791] Portable OpenSSH PAM free() Bug May Let Remote Users Execute Root Code
9925| [1007716] OpenSSH buffer_append_space() and Other Buffer Management Errors May Let Remote Users Execute Arbitrary Code
9926| [1006926] OpenSSH Host Access Restrictions Can Be Bypassed By Remote Users
9927| [1006688] OpenSSH Timing Flaw With Pluggable Authentication Modules Can Disclose Valid User Account Names to Remote Users
9928| [1004818] OpenSSH's Secure Shell (SSH) Implementation Weakness May Disclose User Passwords to Remote Users During Man-in-the-Middle Attacks
9929| [1004616] OpenSSH Integer Overflow and Buffer Overflow May Allow Remote Users to Gain Root Access to the System
9930| [1004391] OpenSSH 'BSD_AUTH' Access Control Bug May Allow Unauthorized Remote Users to Authenticated to the System
9931| [1004115] OpenSSH Buffer Overflow in Kerberos Ticket and AFS Token Processing Lets Local Users Execute Arbitrary Code With Root Level Permissions
9932| [1003758] OpenSSH Off-by-one 'Channels' Bug May Let Authorized Remote Users Execute Arbitrary Code with Root Privileges
9933| [1002895] OpenSSH UseLogin Environment Variable Bug Lets Local Users Execute Commands and Gain Root Access
9934| [1002748] OpenSSH 3.0 Denial of Service Condition May Allow Remote Users to Crash the sshd Daemon and KerberosV Configuration Error May Allow Remote Users to Partially Authenticate When Authentication Should Not Be Permitted
9935| [1002734] OpenSSH's S/Key Implementation Information Disclosure Flaw Provides Remote Users With Information About Valid User Accounts
9936| [1002455] OpenSSH May Fail to Properly Restrict IP Addresses in Certain Configurations
9937| [1002432] OpenSSH's Sftp-server Subsystem Lets Authorized Remote Users with Restricted Keypairs Obtain Additional Access on the Server
9938| [1001683] OpenSSH Allows Authorized Users to Delete Other User Files Named Cookies
9939|
9940| OSVDB - http://www.osvdb.org:
9941| [92034] GSI-OpenSSH auth-pam.c Memory Management Authentication Bypass
9942| [90474] Red Hat / Fedora PAM Module for OpenSSH Incorrect error() Function Calling Local Privilege Escalation
9943| [90007] OpenSSH logingracetime / maxstartup Threshold Connection Saturation Remote DoS
9944| [81500] OpenSSH gss-serv.c ssh_gssapi_parse_ename Function Field Length Value Parsing Remote DoS
9945| [78706] OpenSSH auth-options.c sshd auth_parse_options Function authorized_keys Command Option Debug Message Information Disclosure
9946| [75753] OpenSSH PAM Module Aborted Conversation Local Information Disclosure
9947| [75249] OpenSSH sftp-glob.c remote_glob Function Glob Expression Parsing Remote DoS
9948| [75248] OpenSSH sftp.c process_put Function Glob Expression Parsing Remote DoS
9949| [72183] Portable OpenSSH ssh-keysign ssh-rand-helper Utility File Descriptor Leak Local Information Disclosure
9950| [70873] OpenSSH Legacy Certificates Stack Memory Disclosure
9951| [69658] OpenSSH J-PAKE Public Parameter Validation Shared Secret Authentication Bypass
9952| [67743] Novell NetWare OpenSSH SSHD.NLM Absolute Path Handling Remote Overflow
9953| [59353] OpenSSH sshd Local TCP Redirection Connection Masking Weakness
9954| [58495] OpenSSH sshd ChrootDirectory Feature SetUID Hard Link Local Privilege Escalation
9955| [56921] OpenSSH Unspecified Remote Compromise
9956| [53021] OpenSSH on ftp.openbsd.org Trojaned Distribution
9957| [50036] OpenSSH CBC Mode Chosen Ciphertext 32-bit Chunk Plaintext Context Disclosure
9958| [49386] OpenSSH sshd TCP Connection State Remote Account Enumeration
9959| [48791] OpenSSH on Debian sshd Crafted Username Arbitrary Remote SELinux Role Access
9960| [47635] OpenSSH Packages on Red Hat Enterprise Linux Compromised Distribution
9961| [47227] OpenSSH X11UseLocalhost X11 Forwarding Port Hijacking
9962| [45873] Cisco WebNS SSHield w/ OpenSSH Crafted Large Packet Remote DoS
9963| [43911] OpenSSH ~/.ssh/rc ForceCommand Bypass Arbitrary Command Execution
9964| [43745] OpenSSH X11 Forwarding Local Session Hijacking
9965| [43371] OpenSSH Trusted X11 Cookie Connection Policy Bypass
9966| [39214] OpenSSH linux_audit_record_event Crafted Username Audit Log Injection
9967| [37315] pam_usb OpenSSH Authentication Unspecified Issue
9968| [34850] OpenSSH on Mac OS X Key Generation Remote Connection DoS
9969| [34601] OPIE w/ OpenSSH Account Enumeration
9970| [34600] OpenSSH S/KEY Authentication Account Enumeration
9971| [32721] OpenSSH Username Password Complexity Account Enumeration
9972| [30232] OpenSSH Privilege Separation Monitor Weakness
9973| [29494] OpenSSH packet.c Invalid Protocol Sequence Remote DoS
9974| [29266] OpenSSH GSSAPI Authentication Abort Username Enumeration
9975| [29264] OpenSSH Signal Handler Pre-authentication Race Condition Code Execution
9976| [29152] OpenSSH Identical Block Packet DoS
9977| [27745] Apple Mac OS X OpenSSH Nonexistent Account Login Enumeration DoS
9978| [23797] OpenSSH with OpenPAM Connection Saturation Forked Process Saturation DoS
9979| [22692] OpenSSH scp Command Line Filename Processing Command Injection
9980| [20216] OpenSSH with KerberosV Remote Authentication Bypass
9981| [19142] OpenSSH Multiple X11 Channel Forwarding Leaks
9982| [19141] OpenSSH GSSAPIAuthentication Credential Escalation
9983| [18236] OpenSSH no pty Command Execution Local PAM Restriction Bypass
9984| [16567] OpenSSH Privilege Separation LoginGraceTime DoS
9985| [16039] Solaris 108994 Series Patch OpenSSH LDAP Client Authentication DoS
9986| [9562] OpenSSH Default Configuration Anon SSH Service Port Bounce Weakness
9987| [9550] OpenSSH scp Traversal Arbitrary File Overwrite
9988| [6601] OpenSSH *realloc() Unspecified Memory Errors
9989| [6245] OpenSSH SKEY/BSD_AUTH Challenge-Response Remote Overflow
9990| [6073] OpenSSH on FreeBSD libutil Arbitrary File Read
9991| [6072] OpenSSH PAM Conversation Function Stack Modification
9992| [6071] OpenSSH SSHv1 PAM Challenge-Response Authentication Privilege Escalation
9993| [5536] OpenSSH sftp-server Restricted Keypair Restriction Bypass
9994| [5408] OpenSSH echo simulation Information Disclosure
9995| [5113] OpenSSH NIS YP Netgroups Authentication Bypass
9996| [4536] OpenSSH Portable AIX linker Privilege Escalation
9997| [3938] OpenSSL and OpenSSH /dev/random Check Failure
9998| [3456] OpenSSH buffer_append_space() Heap Corruption
9999| [2557] OpenSSH Multiple Buffer Management Multiple Overflows
10000| [2140] OpenSSH w/ PAM Username Validity Timing Attack
10001| [2112] OpenSSH Reverse DNS Lookup Bypass
10002| [2109] OpenSSH sshd Root Login Timing Side-Channel Weakness
10003| [1853] OpenSSH Symbolic Link 'cookies' File Removal
10004| [839] OpenSSH PAMAuthenticationViaKbdInt Challenge-Response Remote Overflow
10005| [781] OpenSSH Kerberos TGT/AFS Token Passing Remote Overflow
10006| [730] OpenSSH Channel Code Off by One Remote Privilege Escalation
10007| [688] OpenSSH UseLogin Environment Variable Local Command Execution
10008| [642] OpenSSH Multiple Key Type ACL Bypass
10009| [504] OpenSSH SSHv2 Public Key Authentication Bypass
10010| [341] OpenSSH UseLogin Local Privilege Escalation
10011|_
1001280/tcp open http Apache httpd 2.2.3
10013|_http-server-header: Apache/2.2.3 (CentOS)
10014| vulners:
10015| cpe:/a:apache:http_server:2.2.3:
10016| CVE-2010-0425 10.0 https://vulners.com/cve/CVE-2010-0425
10017| CVE-2011-3192 7.8 https://vulners.com/cve/CVE-2011-3192
10018| CVE-2007-6423 7.8 https://vulners.com/cve/CVE-2007-6423
10019| CVE-2017-7679 7.5 https://vulners.com/cve/CVE-2017-7679
10020| CVE-2017-7668 7.5 https://vulners.com/cve/CVE-2017-7668
10021| CVE-2017-3169 7.5 https://vulners.com/cve/CVE-2017-3169
10022| CVE-2017-3167 7.5 https://vulners.com/cve/CVE-2017-3167
10023| CVE-2013-2249 7.5 https://vulners.com/cve/CVE-2013-2249
10024| CVE-2009-1891 7.1 https://vulners.com/cve/CVE-2009-1891
10025| CVE-2009-1890 7.1 https://vulners.com/cve/CVE-2009-1890
10026| CVE-2012-0883 6.9 https://vulners.com/cve/CVE-2012-0883
10027| CVE-2018-1312 6.8 https://vulners.com/cve/CVE-2018-1312
10028| CVE-2006-4154 6.8 https://vulners.com/cve/CVE-2006-4154
10029| CVE-2007-1741 6.2 https://vulners.com/cve/CVE-2007-1741
10030| CVE-2013-1862 5.1 https://vulners.com/cve/CVE-2013-1862
10031| CVE-2014-0231 5.0 https://vulners.com/cve/CVE-2014-0231
10032| CVE-2014-0098 5.0 https://vulners.com/cve/CVE-2014-0098
10033| CVE-2013-6438 5.0 https://vulners.com/cve/CVE-2013-6438
10034| CVE-2011-3368 5.0 https://vulners.com/cve/CVE-2011-3368
10035| CVE-2010-1452 5.0 https://vulners.com/cve/CVE-2010-1452
10036| CVE-2010-0408 5.0 https://vulners.com/cve/CVE-2010-0408
10037| CVE-2009-2699 5.0 https://vulners.com/cve/CVE-2009-2699
10038| CVE-2007-6750 5.0 https://vulners.com/cve/CVE-2007-6750
10039| CVE-2009-1195 4.9 https://vulners.com/cve/CVE-2009-1195
10040| CVE-2012-0031 4.6 https://vulners.com/cve/CVE-2012-0031
10041| CVE-2011-3607 4.4 https://vulners.com/cve/CVE-2011-3607
10042| CVE-2007-1743 4.4 https://vulners.com/cve/CVE-2007-1743
10043| CVE-2016-4975 4.3 https://vulners.com/cve/CVE-2016-4975
10044| CVE-2013-1896 4.3 https://vulners.com/cve/CVE-2013-1896
10045| CVE-2012-4558 4.3 https://vulners.com/cve/CVE-2012-4558
10046| CVE-2012-3499 4.3 https://vulners.com/cve/CVE-2012-3499
10047| CVE-2012-0053 4.3 https://vulners.com/cve/CVE-2012-0053
10048| CVE-2011-4317 4.3 https://vulners.com/cve/CVE-2011-4317
10049| CVE-2011-3639 4.3 https://vulners.com/cve/CVE-2011-3639
10050| CVE-2011-3348 4.3 https://vulners.com/cve/CVE-2011-3348
10051| CVE-2011-0419 4.3 https://vulners.com/cve/CVE-2011-0419
10052| CVE-2010-0434 4.3 https://vulners.com/cve/CVE-2010-0434
10053| CVE-2008-2939 4.3 https://vulners.com/cve/CVE-2008-2939
10054| CVE-2008-2168 4.3 https://vulners.com/cve/CVE-2008-2168
10055| CVE-2008-0455 4.3 https://vulners.com/cve/CVE-2008-0455
10056| CVE-2007-6420 4.3 https://vulners.com/cve/CVE-2007-6420
10057| CVE-2007-6388 4.3 https://vulners.com/cve/CVE-2007-6388
10058| CVE-2007-6203 4.3 https://vulners.com/cve/CVE-2007-6203
10059| CVE-2007-5000 4.3 https://vulners.com/cve/CVE-2007-5000
10060| CVE-2007-4465 4.3 https://vulners.com/cve/CVE-2007-4465
10061| CVE-2006-5752 4.3 https://vulners.com/cve/CVE-2006-5752
10062| CVE-2006-4110 4.3 https://vulners.com/cve/CVE-2006-4110
10063| CVE-2007-6422 4.0 https://vulners.com/cve/CVE-2007-6422
10064| CVE-2007-1742 3.7 https://vulners.com/cve/CVE-2007-1742
10065| CVE-2007-6421 3.5 https://vulners.com/cve/CVE-2007-6421
10066| CVE-2016-8612 3.3 https://vulners.com/cve/CVE-2016-8612
10067| CVE-2012-2687 2.6 https://vulners.com/cve/CVE-2012-2687
10068| CVE-2008-0456 2.6 https://vulners.com/cve/CVE-2008-0456
10069|_ CVE-2011-4415 1.2 https://vulners.com/cve/CVE-2011-4415
10070| vulscan: VulDB - https://vuldb.com:
10071| [134248] Apache Archiva up to 2.2.3 Artifact Upload directory traversal
10072| [134247] Apache Archiva up to 2.2.3 Artifact Upload directory traversal
10073| [122889] Apache HTTP Server up to 2.2.31/2.4.23 mod_userdir HTTP Response Splitting privilege escalation
10074| [106777] Apache HTTP Server up to 2.2.34/2.4.27 Limit Directive ap_limit_section HTTP Request information disclosure
10075| [103520] Apache HTTP Server up to 2.2.33/2.4.26 mod_auth_digest Authorization Header memory corruption
10076| [102698] Apache HTTP Server up to 2.2.32/2.4.25 mod_mime Content-Type memory corruption
10077| [102690] Apache HTTP Server up to 2.2.32/2.4.25 mod_ssl ap_hook_process_connection() denial of service
10078| [102689] Apache HTTP Server up to 2.2.32/2.4.25 ap_get_basic_auth_pw weak authentication
10079| [12291] Apache Struts up to 2.2.3 DebuggingInterceptor privilege escalation
10080| [64485] Apache Struts up to 2.2.3.0 privilege escalation
10081| [64457] Apache Struts up to 2.2.3.0 cross site scripting
10082| [60352] Apache Struts up to 2.2.3 memory corruption
10083| [59902] Apache Struts up to 2.2.3 Interfaces unknown vulnerability
10084| [4528] Apache Struts up to 2.2.3 DebuggingInterceptor privilege escalation
10085| [4527] Apache Struts up to 2.2.3 ExceptionDelegator cross site scripting
10086| [4512] Apache Struts up to 2.2.3 CookieInterceptor privilege escalation
10087| [135663] Apache Camel up to 2.23.x JSON-lib Library XML Data XML External Entity
10088| [134290] Apache UIMA DUCC up to 2.2.2 cross site scripting
10089| [124152] Apache Camel Mail up to 2.22.0 Path directory traversal
10090| [122456] Apache Camel up to 2.20.3/2.21.0 XSD Validator XML External Entity
10091| [102697] Apache HTTP Server 2.2.24/2.2.32 HTTP Strict Parsing ap_find_token Request Header memory corruption
10092| [100162] Oracle StorageTek Tape Analytics SW Tool up to 2.2.0 Apache Commons Collections privilege escalation
10093| [100160] Oracle StorageTek Tape Analytics SW Tool up to 2.2.0 Apache Trinidad unknown vulnerability
10094| [87540] Apache Ambari up to 2.2.0 File Browser View information disclosure
10095| [75668] Apache Sling API/Sling Servlets Post up to 2.2.1 HtmlResponse cross site scripting
10096| [65386] Apache Solr up to 2.2.1 on TYPO3 cross site scripting
10097| [65385] Apache Solr up to 2.2.1 on TYPO3 unknown vulnerability
10098| [65313] Apache Sling 2.2.0/2.3.0 AbstractCreateOperation.java deepGetOrCreateNode denial of service
10099| [9891] Apache HTTP Server 2.2.22 suEXEC Feature .htaccess information disclosure
10100| [64466] Apache OpenJPA up to 2.2.1 Serialization memory corruption
10101| [63646] Apache HTTP Server up to 2.2.23/2.4.3 mod_proxy_balancer.c balancer_handler cross site scripting
10102| [63089] Apache HTTP Server up to 2.2.13 mod_proxy_ajp denial of service
10103| [4583] Apache HTTP Server up to 2.2.21 Threaded MPM denial of service
10104| [4582] Apache HTTP Server up to 2.2.21 protocol.c information disclosure
10105| [59850] Apache Geronimo up to 2.2.1 denial of service
10106| [57435] Apache Struts up to 2.2.1.1 FileHandler.java cross site scripting
10107| [57425] Apache Struts up to 2.2.1.1 cross site scripting
10108| [4352] Apache HTTP Server 2.2.x APR apr_fnmatch denial of service
10109| [54394] Apache CXF up to 2.2.8 Memory Consumption denial of service
10110| [54166] Apache HTTP Server up to 2.2.12 mod_cache Crash denial of service
10111| [49856] Apache HTTP Server 2.2.13 mod_proxy_ftp ap_proxy_ftp_handler denial of service
10112| [40502] Apache HTTP Server up to 2.2.5 mod_proxy_balancer memory corruption
10113| [40501] Apache HTTP Server 2.2.6 mod_proxy_balancer cross site request forgery
10114| [40398] Apache HTTP Server up to 2.2 mod_proxy_balancer cross site scripting
10115| [40397] Apache HTTP Server up to 2.2 mod_proxy_balancer balancer_handler denial of service
10116| [40221] Apache HTTP Server 2.2.6 information disclosure
10117| [3130] Apache OpenOffice 2.2.1 RTF Document Heap-based memory corruption
10118|
10119| MITRE CVE - https://cve.mitre.org:
10120| [CVE-2012-1006] Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.0.14 and 2.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) lastName parameter to struts2-showcase/person/editPerson.action, or the (3) clientName parameter to struts2-rest-showcase/orders.
10121| [CVE-2012-0838] Apache Struts 2 before 2.2.3.1 evaluates a string as an OGNL expression during the handling of a conversion error, which allows remote attackers to modify run-time data values, and consequently execute arbitrary code, via invalid input to a field.
10122| [CVE-2012-0391] The ExceptionDelegator component in Apache Struts before 2.2.3.1 interprets parameter values as OGNL expressions during certain exception handling for mismatched data types of properties, which allows remote attackers to execute arbitrary Java code via a crafted parameter.
10123| [CVE-2011-2087] Multiple cross-site scripting (XSS) vulnerabilities in component handlers in the javatemplates (aka Java Templates) plugin in Apache Struts 2.x before 2.2.3 allow remote attackers to inject arbitrary web script or HTML via an arbitrary parameter value to a .action URI, related to improper handling of value attributes in (1) FileHandler.java, (2) HiddenHandler.java, (3) PasswordHandler.java, (4) RadioHandler.java, (5) ResetHandler.java, (6) SelectHandler.java, (7) SubmitHandler.java, and (8) TextFieldHandler.java.
10124| [CVE-2011-1772] Multiple cross-site scripting (XSS) vulnerabilities in XWork in Apache Struts 2.x before 2.2.3, and OpenSymphony XWork in OpenSymphony WebWork, allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) an action name, (2) the action attribute of an s:submit element, or (3) the method attribute of an s:submit element.
10125| [CVE-2007-1743] suexec in Apache HTTP Server (httpd) 2.2.3 does not verify combinations of user and group IDs on the command line, which might allow local users to leverage other vulnerabilities to create arbitrary UID/GID owned files if /proc is mounted. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because "the attacks described rely on an insecure server configuration" in which the user "has write access to the document root." In addition, because this is dependent on other vulnerabilities, perhaps this is resultant and should not be included in CVE.
10126| [CVE-2007-1742] suexec in Apache HTTP Server (httpd) 2.2.3 uses a partial comparison for verifying whether the current directory is within the document root, which might allow local users to perform unauthorized operations on incorrect directories, as demonstrated using "html_backup" and "htmleditor" under an "html" directory. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because "the attacks described rely on an insecure server configuration" in which the user "has write access to the document root."
10127| [CVE-2007-1741] Multiple race conditions in suexec in Apache HTTP Server (httpd) 2.2.3 between directory and file validation, and their usage, allow local users to gain privileges and execute arbitrary code by renaming directories or performing symlink attacks. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because "the attacks described rely on an insecure server configuration" in which the user "has write access to the document root."
10128| [CVE-2013-1896] mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segmentation fault) via a MERGE request in which the URI is configured for handling by the mod_dav_svn module, but a certain href attribute in XML data refers to a non-DAV URI.
10129| [CVE-2013-1862] mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator.
10130| [CVE-2013-1768] The BrokerFactory functionality in Apache OpenJPA 1.x before 1.2.3 and 2.x before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects, which makes it easier for remote attackers to execute arbitrary code by creating a serialized object and leveraging improperly secured server programs.
10131| [CVE-2013-1048] The Debian apache2ctl script in the apache2 package squeeze before 2.2.16-6+squeeze11, wheezy before 2.2.22-13, and sid before 2.2.22-13 for the Apache HTTP Server on Debian GNU/Linux does not properly create the /var/lock/apache2 lock directory, which allows local users to gain privileges via an unspecified symlink attack.
10132| [CVE-2012-4558] Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via a crafted string.
10133| [CVE-2012-4557] The mod_proxy_ajp module in the Apache HTTP Server 2.2.12 through 2.2.21 places a worker node into an error state upon detection of a long request-processing time, which allows remote attackers to cause a denial of service (worker consumption) via an expensive request.
10134| [CVE-2012-3499] Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3) mod_ldap, (4) mod_proxy_ftp, and (5) mod_status modules.
10135| [CVE-2012-0216] The default configuration of the apache2 package in Debian GNU/Linux squeeze before 2.2.16-6+squeeze7, wheezy before 2.2.22-4, and sid before 2.2.22-4, when mod_php or mod_rivet is used, provides example scripts under the doc/ URI, which might allow local users to conduct cross-site scripting (XSS) attacks, gain privileges, or obtain sensitive information via vectors involving localhost HTTP requests to the Apache HTTP Server.
10136| [CVE-2012-0053] protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script.
10137| [CVE-2012-0031] scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading to an invalid call to the free function.
10138| [CVE-2012-0021] The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server 2.2.17 through 2.2.21, when a threaded MPM is used, does not properly handle a %{}C format string, which allows remote attackers to cause a denial of service (daemon crash) via a cookie that lacks both a name and a value.
10139| [CVE-2011-5034] Apache Geronimo 2.2.1 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. NOTE: this might overlap CVE-2011-4461.
10140| [CVE-2011-4668] IBM Tivoli Netcool/Reporter 2.2 before 2.2.0.8 allows remote attackers to execute arbitrary code via vectors related to an unspecified CGI program used with the Apache HTTP Server.
10141| [CVE-2011-4415] The ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, does not restrict the size of values of environment variables, which allows local users to cause a denial of service (memory consumption or NULL pointer dereference) via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, related to (1) the "len +=" statement and (2) the apr_pcalloc function call, a different vulnerability than CVE-2011-3607.
10142| [CVE-2011-4317] The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an @ (at sign) character and a : (colon) character in invalid positions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368.
10143| [CVE-2011-3639] The mod_proxy module in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x before 2.2.18, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers by using the HTTP/0.9 protocol with a malformed URI containing an initial @ (at sign) character. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368.
10144| [CVE-2011-3607] Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, allows local users to gain privileges via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, leading to a heap-based buffer overflow.
10145| [CVE-2011-3368] The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character.
10146| [CVE-2011-3348] The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service (temporary "error state" in the backend server) via a malformed HTTP request.
10147| [CVE-2011-3192] The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.
10148| [CVE-2011-2088] XWork 2.2.1 in Apache Struts 2.2.1, and OpenSymphony XWork in OpenSymphony WebWork, allows remote attackers to obtain potentially sensitive information about internal Java class paths via vectors involving an s:submit element and a nonexistent method, a different vulnerability than CVE-2011-1772.3.
10149| [CVE-2011-1928] The fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service (infinite loop) via a URI that does not match unspecified types of wildcard patterns, as demonstrated by attacks against mod_autoindex in httpd when a /*/WEB-INF/ configuration pattern is used. NOTE: this issue exists because of an incorrect fix for CVE-2011-0419.
10150| [CVE-2011-1176] The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module 2.2.11-01 and 2.2.11-02 for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which might allow remote attackers to gain privileges by leveraging the root uid and root gid of an mpm-itk process.
10151| [CVE-2011-0419] Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd.
10152| [CVE-2010-4476] The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.
10153| [CVE-2010-2791] mod_proxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend connection if a timeout occurs when reading a response from a persistent connection, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request. NOTE: this is the same issue as CVE-2010-2068, but for a different OS and set of affected versions.
10154| [CVE-2010-2076] Apache CXF 2.0.x before 2.0.13, 2.1.x before 2.1.10, and 2.2.x before 2.2.9, as used in Apache ServiceMix, Apache Camel, Apache Chemistry, Apache jUDDI, Apache Geronimo, and other products, does not properly reject DTDs in SOAP messages, which allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via a crafted DTD, as demonstrated by an entity declaration in a request to samples/wsdl_first_pure_xml, a similar issue to CVE-2010-1632.
10155| [CVE-2010-2068] mod_proxy_http.c in mod_proxy_http in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain configurations involving proxy worker pools, does not properly detect timeouts, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request.
10156| [CVE-2010-1452] The (1) mod_cache and (2) mod_dav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service (process crash) via a request that lacks a path.
10157| [CVE-2010-0434] The ap_read_request function in server/protocol.c in the Apache HTTP Server 2.2.x before 2.2.15, when a multithreaded MPM is used, does not properly handle headers in subrequests in certain circumstances involving a parent request that has a body, which might allow remote attackers to obtain sensitive information via a crafted request that triggers access to memory locations associated with an earlier request.
10158| [CVE-2010-0425] modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server 2.0.37 through 2.0.63, 2.2.0 through 2.2.14, and 2.3.x before 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapi_unload for an ISAPI .dll module, which allows remote attackers to execute arbitrary code via unspecified vectors related to a crafted request, a reset packet, and "orphaned callback pointers."
10159| [CVE-2010-0408] The ap_proxy_ajp_request function in mod_proxy_ajp.c in mod_proxy_ajp in the Apache HTTP Server 2.2.x before 2.2.15 does not properly handle certain situations in which a client sends no request body, which allows remote attackers to cause a denial of service (backend server outage) via a crafted request, related to use of a 500 error code instead of the appropriate 400 error code.
10160| [CVE-2009-3555] The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.
10161| [CVE-2009-3094] The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command.
10162| [CVE-2009-2699] The Solaris pollset feature in the Event Port backend in poll/unix/port.c in the Apache Portable Runtime (APR) library before 1.3.9, as used in the Apache HTTP Server before 2.2.14 and other products, does not properly handle errors, which allows remote attackers to cause a denial of service (daemon hang) via unspecified HTTP requests, related to the prefork and event MPMs.
10163| [CVE-2009-1891] The mod_deflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service (CPU consumption).
10164| [CVE-2009-1195] The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not properly handle Options=IncludesNOEXEC in the AllowOverride directive, which allows local users to gain privileges by configuring (1) Options Includes, (2) Options +Includes, or (3) Options +IncludesNOEXEC in a .htaccess file, and then inserting an exec element in a .shtml file.
10165| [CVE-2009-1191] mod_proxy_ajp.c in the mod_proxy_ajp module in the Apache HTTP Server 2.2.11 allows remote attackers to obtain sensitive response data, intended for a client that sent an earlier POST request with no request body, via an HTTP request.
10166| [CVE-2008-3666] Unspecified vulnerability in Sun Solaris 10 and OpenSolaris before snv_96 allows (1) context-dependent attackers to cause a denial of service (panic) via vectors involving creation of a crafted file and use of the sendfilev system call, as demonstrated by a file served by an Apache 2.2.x web server with EnableSendFile configured
10167| [CVE-2008-2939] Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web script or HTML via a wildcard in the last directory component in the pathname in an FTP URI.
10168| [CVE-2008-2364] The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service (memory consumption) via a large number of interim responses.
10169| [CVE-2008-2168] Cross-site scripting (XSS) vulnerability in Apache 2.2.6 and earlier allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded URLs that are not properly handled when displaying the 403 Forbidden error page.
10170| [CVE-2008-0456] CRLF injection vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks by uploading a file with a multi-line name containing HTTP header sequences and a file extension, which leads to injection within a (1) "406 Not Acceptable" or (2) "300 Multiple Choices" HTTP response when the extension is omitted in a request for the file.
10171| [CVE-2008-0455] Cross-site scripting (XSS) vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary web script or HTML by uploading a file with a name containing XSS sequences and a file extension, which leads to injection within a (1) "406 Not Acceptable" or (2) "300 Multiple Choices" HTTP response when the extension is omitted in a request for the file.
10172| [CVE-2008-0005] mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting (XSS) attacks using UTF-7 encoding.
10173| [CVE-2007-6750] The Apache HTTP Server 1.x and 2.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris, related to the lack of the mod_reqtimeout module in versions before 2.2.15.
10174| [CVE-2007-6423] ** DISPUTED ** Unspecified vulnerability in mod_proxy_balancer for Apache HTTP Server 2.2.x before 2.2.7-dev, when running on Windows, allows remote attackers to trigger memory corruption via a long URL. NOTE: the vendor could not reproduce this issue.
10175| [CVE-2007-6422] The balancer_handler function in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6, when a threaded Multi-Processing Module is used, allows remote authenticated users to cause a denial of service (child process crash) via an invalid bb variable.
10176| [CVE-2007-6421] Cross-site scripting (XSS) vulnerability in balancer-manager in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the (1) ss, (2) wr, or (3) rr parameters, or (4) the URL.
10177| [CVE-2007-6420] Cross-site request forgery (CSRF) vulnerability in the balancer-manager in mod_proxy_balancer for Apache HTTP Server 2.2.x allows remote attackers to gain privileges via unspecified vectors.
10178| [CVE-2007-6388] Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
10179| [CVE-2007-6203] Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated via an HTTP request containing an invalid Content-length value, a similar issue to CVE-2006-3918.
10180| [CVE-2007-5000] Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
10181| [CVE-2007-4465] Cross-site scripting (XSS) vulnerability in mod_autoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that this issue is due to a design limitation of browsers that attempt to perform automatic content type detection.
10182| [CVE-2007-3304] Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka "SIGUSR1 killer."
10183| [CVE-2007-3303] Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows local users to cause a denial of service via certain code sequences executed in a worker process that (1) stop request processing by killing all worker processes and preventing creation of replacements or (2) hang the system by forcing the master process to fork an arbitrarily large number of worker processes. NOTE: This might be an inherent design limitation of Apache with respect to worker processes in hosted environments.
10184| [CVE-2007-1862] The recall_headers function in mod_mem_cache in Apache 2.2.4 does not properly copy all levels of header data, which can cause Apache to return HTTP headers containing previously used data, which could be used by remote attackers to obtain potentially sensitive information.
10185| [CVE-2007-0792] The mod_perl initialization script in Bugzilla 2.23.3 does not set the Bugzilla Apache configuration to allow .htaccess permissions to override file permissions, which allows remote attackers to obtain the database username and password via a direct request for the localconfig file.
10186| [CVE-2006-4110] Apache 2.2.2, when running on Windows, allows remote attackers to read source code of CGI programs via a request that contains uppercase (or alternate case) characters that bypass the case-sensitive ScriptAlias directive, but allow access to the file on case-insensitive file systems.
10187| [CVE-2006-3918] http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated using a Flash SWF file.
10188| [CVE-2006-3747] Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules.
10189| [CVE-2006-2806] The SMTP server in Apache Java Mail Enterprise Server (aka Apache James) 2.2.0 allows remote attackers to cause a denial of service (CPU consumption) via a long argument to the MAIL command.
10190| [CVE-2006-1292] Directory traversal vulnerability in Jim Hu and Chad Little PHP iCalendar 2.21 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences and a NUL (%00) character in the phpicalendar[cookie_language] and phpicalendar[cookie_style] cookies, as demonstrated by injecting PHP sequences into an Apache access_log file, which is then included by day.php.
10191| [CVE-2006-1079] htpasswd, as used in Acme thttpd 2.25b and possibly other products such as Apache, might allow local users to gain privileges via shell metacharacters in a command line argument, which is used in a call to the system function. NOTE: since htpasswd is normally installed as a non-setuid program, and the exploit is through command line options, perhaps this issue should not be included in CVE. However, if there are some typical or recommended configurations that use htpasswd with sudo privileges, or common products that access htpasswd remotely, then perhaps it should be included.
10192| [CVE-2006-1078] Multiple buffer overflows in htpasswd, as used in Acme thttpd 2.25b, and possibly other products such as Apache, might allow local users to gain privileges via (1) a long command line argument and (2) a long line in a file. NOTE: since htpasswd is normally installed as a non-setuid program, and the exploit is through command line options, perhaps this issue should not be included in CVE. However, if there are some typical or recommended configurations that use htpasswd with sudo privileges, or common products that access htpasswd remotely, then perhaps it should be included.
10193| [CVE-2004-2650] Spooler in Apache Foundation James 2.2.0 allows local users to cause a denial of service (memory consumption) by triggering various error conditions in the retrieve function, which prevents a lock from being released and causes a memory leak.
10194| [CVE-2003-1172] Directory traversal vulnerability in the view-source sample file in Apache Software Foundation Cocoon 2.1 and 2.2 allows remote attackers to access arbitrary files via a .. (dot dot) in the filename parameter.
10195| [CVE-2002-1233] A regression error in the Debian distributions of the apache-ssl package (before 1.3.9 on Debian 2.2, and before 1.3.26 on Debian 3.0), for Apache 1.3.27 and earlier, allows local users to read or modify the Apache password file via a symlink attack on temporary files when the administrator runs (1) htpasswd or (2) htdigest, a re-introduction of a vulnerability that was originally identified and addressed by CVE-2001-0131.
10196|
10197| SecurityFocus - https://www.securityfocus.com/bid/:
10198| [42102] Apache 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosure Vulnerability
10199| [27237] Apache HTTP Server 2.2.6, 2.0.61 and 1.3.39 'mod_status' Cross-Site Scripting Vulnerability
10200|
10201| IBM X-Force - https://exchange.xforce.ibmcloud.com:
10202| [75211] Debian GNU/Linux apache 2 cross-site scripting
10203|
10204| Exploit-DB - https://www.exploit-db.com:
10205| [2237] Apache < 1.3.37, 2.0.59, 2.2.3 (mod_rewrite) Remote Overflow PoC
10206| [31052] Apache <= 2.2.6 'mod_negotiation' HTML Injection and HTTP Response Splitting Vulnerability
10207| [30901] Apache HTTP Server 2.2.6 Windows Share PHP File Extension Mapping Information Disclosure Vulnerability
10208| [30835] Apache HTTP Server <= 2.2.4 413 Error HTTP Request Method Cross-Site Scripting Weakness
10209| [28365] Apache 2.2.2 CGI Script Source Code Information Disclosure Vulnerability
10210| [27915] Apache James 2.2 SMTP Denial of Service Vulnerability
10211| [18984] Apache Struts <= 2.2.1.1 - Remote Command Execution
10212| [17691] Apache Struts < 2.2.0 - Remote Command Execution
10213| [15319] Apache 2.2 (Windows) Local Denial of Service
10214| [11650] Apache 2.2.14 mod_isapi Dangling Pointer Remote SYSTEM Exploit
10215|
10216| OpenVAS (Nessus) - http://www.openvas.org:
10217| [100858] Apache 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosure Vulnerability
10218|
10219| SecurityTracker - https://www.securitytracker.com:
10220| [1008196] Apache 2.x on Windows May Return Unexpected Files For URLs Ending With Certain Characters
10221| [1007143] Apache 2.0 Web Server May Use a Weaker Encryption Implementation Than Specified in Some Cases
10222| [1006444] Apache 2.0 Web Server Line Feed Buffer Allocation Flaw Lets Remote Users Deny Service
10223| [1005963] Apache Web Server 2.x Windows Device Access Flaw Lets Remote Users Crash the Server or Possibly Execute Arbitrary Code
10224| [1004770] Apache 2.x Web Server ap_log_rerror() Function May Disclose Full Installation Path to Remote Users
10225|
10226| OSVDB - http://www.osvdb.org:
10227| [20897] PHP w/ Apache 2 SAPI virtual() Function Unspecified INI Setting Disclosure
10228|_
10229111/tcp open rpcbind 2 (RPC #100000)
10230222/tcp open ssh OpenSSH 5.1p1 Debian 5 (protocol 2.0)
10231| vulscan: VulDB - https://vuldb.com:
10232| [80267] OpenSSH up to 5.x/6.x/7.1p1 Forward Option roaming_common.c roaming_read/roaming_write memory corruption
10233| [80266] OpenSSH up to 5.x/6.x/7.1p1 roaming_common.c resend_bytes information disclosure
10234| [4584] OpenSSH up to 5.7 auth-options.c information disclosure
10235| [4282] OpenSSH 5.6/5.7 Legacy Certificate memory corruption
10236|
10237| MITRE CVE - https://cve.mitre.org:
10238| [CVE-2008-3259] OpenSSH before 5.1 sets the SO_REUSEADDR socket option when the X11UseLocalhost configuration setting is disabled, which allows local users on some platforms to hijack the X11 forwarding port via a bind to a single IP address, as demonstrated on the HP-UX platform.
10239| [CVE-2012-0814] The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory.
10240| [CVE-2011-5000] The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.
10241| [CVE-2011-0539] The key_certify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow remote attackers to obtain sensitive stack memory contents or make it easier to conduct hash collision attacks.
10242| [CVE-2010-4755] The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632.
10243| [CVE-2010-4478] OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252.
10244| [CVE-2009-2904] A certain Red Hat modification to the ChrootDirectory feature in OpenSSH 4.8, as used in sshd in OpenSSH 4.3 in Red Hat Enterprise Linux (RHEL) 5.4 and Fedora 11, allows local users to gain privileges via hard links to setuid programs that use configuration files within the chroot directory, related to requirements for directory ownership.
10245| [CVE-2008-3844] Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.
10246| [CVE-2006-0883] OpenSSH on FreeBSD 5.3 and 5.4, when used with OpenPAM, does not properly handle when a forked child process terminates during PAM authentication, which allows remote attackers to cause a denial of service (client connection refusal) by connecting multiple times to the SSH server, waiting for the password prompt, then disconnecting.
10247|
10248| SecurityFocus - https://www.securityfocus.com/bid/:
10249| [102780] OpenSSH CVE-2016-10708 Multiple Denial of Service Vulnerabilities
10250| [101552] OpenSSH 'sftp-server.c' Remote Security Bypass Vulnerability
10251| [94977] OpenSSH CVE-2016-10011 Local Information Disclosure Vulnerability
10252| [94975] OpenSSH CVE-2016-10012 Security Bypass Vulnerability
10253| [94972] OpenSSH CVE-2016-10010 Privilege Escalation Vulnerability
10254| [94968] OpenSSH CVE-2016-10009 Remote Code Execution Vulnerability
10255| [93776] OpenSSH 'ssh/kex.c' Denial of Service Vulnerability
10256| [92212] OpenSSH CVE-2016-6515 Denial of Service Vulnerability
10257| [92210] OpenSSH CBC Padding Weak Encryption Security Weakness
10258| [92209] OpenSSH MAC Verification Security Bypass Vulnerability
10259| [91812] OpenSSH CVE-2016-6210 User Enumeration Vulnerability
10260| [90440] OpenSSH CVE-2004-1653 Remote Security Vulnerability
10261| [90340] OpenSSH CVE-2004-2760 Remote Security Vulnerability
10262| [89385] OpenSSH CVE-2005-2666 Local Security Vulnerability
10263| [88655] OpenSSH CVE-2001-1382 Remote Security Vulnerability
10264| [88513] OpenSSH CVE-2000-0999 Remote Security Vulnerability
10265| [88367] OpenSSH CVE-1999-1010 Local Security Vulnerability
10266| [87789] OpenSSH CVE-2003-0682 Remote Security Vulnerability
10267| [86187] OpenSSH 'session.c' Local Security Bypass Vulnerability
10268| [86144] OpenSSH CVE-2007-2768 Remote Security Vulnerability
10269| [84427] OpenSSH CVE-2016-1908 Security Bypass Vulnerability
10270| [84314] OpenSSH CVE-2016-3115 Remote Command Injection Vulnerability
10271| [84185] OpenSSH CVE-2006-4925 Denial-Of-Service Vulnerability
10272| [81293] OpenSSH CVE-2016-1907 Denial of Service Vulnerability
10273| [80698] OpenSSH CVE-2016-0778 Heap Based Buffer Overflow Vulnerability
10274| [80695] OpenSSH CVE-2016-0777 Information Disclosure Vulnerability
10275| [76497] OpenSSH CVE-2015-6565 Local Security Bypass Vulnerability
10276| [76317] OpenSSH PAM Support Multiple Remote Code Execution Vulnerabilities
10277| [75990] OpenSSH Login Handling Security Bypass Weakness
10278| [75525] OpenSSH 'x11_open_helper()' Function Security Bypass Vulnerability
10279| [71420] Portable OpenSSH 'gss-serv-krb5.c' Security Bypass Vulnerability
10280| [68757] OpenSSH Multiple Remote Denial of Service Vulnerabilities
10281| [66459] OpenSSH Certificate Validation Security Bypass Vulnerability
10282| [66355] OpenSSH 'child_set_env()' Function Security Bypass Vulnerability
10283| [65674] OpenSSH 'ssh-keysign.c' Local Information Disclosure Vulnerability
10284| [65230] OpenSSH 'schnorr.c' Remote Memory Corruption Vulnerability
10285| [63605] OpenSSH 'sshd' Process Remote Memory Corruption Vulnerability
10286| [61286] OpenSSH Remote Denial of Service Vulnerability
10287| [58894] GSI-OpenSSH PAM_USER Security Bypass Vulnerability
10288| [58162] OpenSSH CVE-2010-5107 Denial of Service Vulnerability
10289| [54114] OpenSSH 'ssh_gssapi_parse_ename()' Function Denial of Service Vulnerability
10290| [51702] Debian openssh-server Forced Command Handling Information Disclosure Vulnerability
10291| [50416] Linux Kernel 'kdump' and 'mkdumprd' OpenSSH Integration Remote Information Disclosure Vulnerability
10292| [49473] OpenSSH Ciphersuite Specification Information Disclosure Weakness
10293| [48507] OpenSSH 'pam_thread()' Remote Buffer Overflow Vulnerability
10294| [47691] Portable OpenSSH 'ssh-keysign' Local Unauthorized Access Vulnerability
10295| [46155] OpenSSH Legacy Certificate Signing Information Disclosure Vulnerability
10296| [45304] OpenSSH J-PAKE Security Bypass Vulnerability
10297| [36552] Red Hat Enterprise Linux OpenSSH 'ChrootDirectory' Option Local Privilege Escalation Vulnerability
10298| [32319] OpenSSH CBC Mode Information Disclosure Vulnerability
10299| [30794] Red Hat OpenSSH Backdoor Vulnerability
10300| [30339] OpenSSH 'X11UseLocalhost' X11 Forwarding Session Hijacking Vulnerability
10301| [30276] Debian OpenSSH SELinux Privilege Escalation Vulnerability
10302| [28531] OpenSSH ForceCommand Command Execution Weakness
10303| [28444] OpenSSH X Connections Session Hijacking Vulnerability
10304| [26097] OpenSSH LINUX_AUDIT_RECORD_EVENT Remote Log Injection Weakness
10305| [25628] OpenSSH X11 Cookie Local Authentication Bypass Vulnerability
10306| [23601] OpenSSH S/Key Remote Information Disclosure Vulnerability
10307| [20956] OpenSSH Privilege Separation Key Signature Weakness
10308| [20418] OpenSSH-Portable Existing Password Remote Information Disclosure Weakness
10309| [20245] OpenSSH-Portable GSSAPI Authentication Abort Information Disclosure Weakness
10310| [20241] Portable OpenSSH GSSAPI Remote Code Execution Vulnerability
10311| [20216] OpenSSH Duplicated Block Remote Denial of Service Vulnerability
10312| [16892] OpenSSH Remote PAM Denial Of Service Vulnerability
10313| [14963] OpenSSH LoginGraceTime Remote Denial Of Service Vulnerability
10314| [14729] OpenSSH GSSAPI Credential Disclosure Vulnerability
10315| [14727] OpenSSH DynamicForward Inadvertent GatewayPorts Activation Vulnerability
10316| [11781] OpenSSH-portable PAM Authentication Remote Information Disclosure Vulnerability
10317| [9986] RCP, OpenSSH SCP Client File Corruption Vulnerability
10318| [9040] OpenSSH PAM Conversation Memory Scrubbing Weakness
10319| [8677] Multiple Portable OpenSSH PAM Vulnerabilities
10320| [8628] OpenSSH Buffer Mismanagement Vulnerabilities
10321| [7831] OpenSSH Reverse DNS Lookup Access Control Bypass Vulnerability
10322| [7482] OpenSSH Remote Root Authentication Timing Side-Channel Weakness
10323| [7467] OpenSSH-portable Enabled PAM Delay Information Disclosure Vulnerability
10324| [7343] OpenSSH Authentication Execution Path Timing Information Leakage Weakness
10325| [6168] OpenSSH Visible Password Vulnerability
10326| [5374] OpenSSH Trojan Horse Vulnerability
10327| [5093] OpenSSH Challenge-Response Buffer Overflow Vulnerabilities
10328| [4560] OpenSSH Kerberos 4 TGT/AFS Token Buffer Overflow Vulnerability
10329| [4241] OpenSSH Channel Code Off-By-One Vulnerability
10330| [3614] OpenSSH UseLogin Environment Variable Passing Vulnerability
10331| [3560] OpenSSH Kerberos Arbitrary Privilege Elevation Vulnerability
10332| [3369] OpenSSH Key Based Source IP Access Control Bypass Vulnerability
10333| [3345] OpenSSH SFTP Command Restriction Bypassing Vulnerability
10334| [2917] OpenSSH PAM Session Evasion Vulnerability
10335| [2825] OpenSSH Client X11 Forwarding Cookie Removal File Symbolic Link Vulnerability
10336| [2356] OpenSSH Private Key Authentication Check Vulnerability
10337| [1949] OpenSSH Client Unauthorized Remote Forwarding Vulnerability
10338| [1334] OpenSSH UseLogin Vulnerability
10339|
10340| IBM X-Force - https://exchange.xforce.ibmcloud.com:
10341| [83258] GSI-OpenSSH auth-pam.c security bypass
10342| [82781] OpenSSH time limit denial of service
10343| [82231] OpenSSH pam_ssh_agent_auth PAM code execution
10344| [74809] OpenSSH ssh_gssapi_parse_ename denial of service
10345| [72756] Debian openssh-server commands information disclosure
10346| [68339] OpenSSH pam_thread buffer overflow
10347| [67264] OpenSSH ssh-keysign unauthorized access
10348| [65910] OpenSSH remote_glob function denial of service
10349| [65163] OpenSSH certificate information disclosure
10350| [64387] OpenSSH J-PAKE security bypass
10351| [63337] Cisco Unified Videoconferencing OpenSSH weak security
10352| [46620] OpenSSH and multiple SSH Tectia products CBC mode information disclosure
10353| [45202] OpenSSH signal handler denial of service
10354| [44747] RHEL OpenSSH backdoor
10355| [44280] OpenSSH PermitRootLogin information disclosure
10356| [44279] OpenSSH sshd weak security
10357| [44037] OpenSSH sshd SELinux role unauthorized access
10358| [43940] OpenSSH X11 forwarding information disclosure
10359| [41549] OpenSSH ForceCommand directive security bypass
10360| [41438] OpenSSH sshd session hijacking
10361| [40897] OpenSSH known_hosts weak security
10362| [40587] OpenSSH username weak security
10363| [37371] OpenSSH username data manipulation
10364| [37118] RHSA update for OpenSSH privilege separation monitor authentication verification weakness not installed
10365| [37112] RHSA update for OpenSSH signal handler race condition not installed
10366| [37107] RHSA update for OpenSSH identical block denial of service not installed
10367| [36637] OpenSSH X11 cookie privilege escalation
10368| [35167] OpenSSH packet.c newkeys[mode] denial of service
10369| [34490] OpenSSH OPIE information disclosure
10370| [33794] OpenSSH ChallengeResponseAuthentication information disclosure
10371| [32975] Apple Mac OS X OpenSSH denial of service
10372| [32387] RHSA-2006:0738 updates for openssh not installed
10373| [32359] RHSA-2006:0697 updates for openssh not installed
10374| [32230] RHSA-2006:0298 updates for openssh not installed
10375| [32132] RHSA-2006:0044 updates for openssh not installed
10376| [30120] OpenSSH privilege separation monitor authentication verification weakness
10377| [29255] OpenSSH GSSAPI user enumeration
10378| [29254] OpenSSH signal handler race condition
10379| [29158] OpenSSH identical block denial of service
10380| [28147] Apple Mac OS X OpenSSH nonexistent user login denial of service
10381| [25116] OpenSSH OpenPAM denial of service
10382| [24305] OpenSSH SCP shell expansion command execution
10383| [22665] RHSA-2005:106 updates for openssh not installed
10384| [22117] OpenSSH GSSAPI allows elevated privileges
10385| [22115] OpenSSH GatewayPorts security bypass
10386| [20930] OpenSSH sshd.c LoginGraceTime denial of service
10387| [19441] Sun Solaris OpenSSH LDAP (1) client authentication denial of service
10388| [17213] OpenSSH allows port bouncing attacks
10389| [16323] OpenSSH scp file overwrite
10390| [13797] OpenSSH PAM information leak
10391| [13271] OpenSSH could allow an attacker to corrupt the PAM conversion stack
10392| [13264] OpenSSH PAM code could allow an attacker to gain access
10393| [13215] OpenSSH buffer management errors could allow an attacker to execute code
10394| [13214] OpenSSH memory vulnerabilities
10395| [13191] OpenSSH large packet buffer overflow
10396| [12196] OpenSSH could allow an attacker to bypass login restrictions
10397| [11970] OpenSSH could allow an attacker to obtain valid administrative account
10398| [11902] OpenSSH PAM support enabled information leak
10399| [9803] OpenSSH "
10400| [9763] OpenSSH downloaded from the OpenBSD FTP site or OpenBSD FTP mirror sites could contain a Trojan Horse
10401| [9307] OpenSSH is running on the system
10402| [9169] OpenSSH "
10403| [8896] OpenSSH Kerberos 4 TGT/AFS buffer overflow
10404| [8697] FreeBSD libutil in OpenSSH fails to drop privileges prior to using the login class capability database
10405| [8383] OpenSSH off-by-one error in channel code
10406| [7647] OpenSSH UseLogin option arbitrary code execution
10407| [7634] OpenSSH using sftp and restricted keypairs could allow an attacker to bypass restrictions
10408| [7598] OpenSSH with Kerberos allows attacker to gain elevated privileges
10409| [7179] OpenSSH source IP access control bypass
10410| [6757] OpenSSH "
10411| [6676] OpenSSH X11 forwarding symlink attack could allow deletion of arbitrary files
10412| [6084] OpenSSH 2.3.1 allows remote users to bypass authentication
10413| [5517] OpenSSH allows unauthorized access to resources
10414| [4646] OpenSSH UseLogin option allows remote users to execute commands as root
10415|
10416| Exploit-DB - https://www.exploit-db.com:
10417| [21579] OpenSSH 3.x Challenge-Response Buffer Overflow Vulnerabilities (2)
10418| [21578] OpenSSH 3.x Challenge-Response Buffer Overflow Vulnerabilities (1)
10419| [21402] OpenSSH 2.x/3.x Kerberos 4 TGT/AFS Token Buffer Overflow Vulnerability
10420| [21314] OpenSSH 2.x/3.0.1/3.0.2 Channel Code Off-By-One Vulnerability
10421| [20253] OpenSSH 1.2 scp File Create/Overwrite Vulnerability
10422| [17462] FreeBSD OpenSSH 3.5p1 - Remote Root Exploit
10423| [14866] Novell Netware 6.5 - OpenSSH Remote Stack Overflow
10424| [6094] Debian OpenSSH Remote SELinux Privilege Elevation Exploit (auth)
10425| [3303] Portable OpenSSH <= 3.6.1p-PAM / 4.1-SUSE Timing Attack Exploit
10426| [2444] OpenSSH <= 4.3 p1 (Duplicated Block) Remote Denial of Service Exploit
10427| [1572] Dropbear / OpenSSH Server (MAX_UNAUTH_CLIENTS) Denial of Service
10428| [258] glibc-2.2 and openssh-2.3.0p1 exploits glibc => 2.1.9x
10429| [26] OpenSSH/PAM <= 3.6.1p1 Remote Users Ident (gossh.sh)
10430| [25] OpenSSH/PAM <= 3.6.1p1 Remote Users Discovery Tool
10431|
10432| OpenVAS (Nessus) - http://www.openvas.org:
10433| [902488] OpenSSH 'sshd' GSSAPI Credential Disclosure Vulnerability
10434| [900179] OpenSSH CBC Mode Information Disclosure Vulnerability
10435| [881183] CentOS Update for openssh CESA-2012:0884 centos6
10436| [880802] CentOS Update for openssh CESA-2009:1287 centos5 i386
10437| [880746] CentOS Update for openssh CESA-2009:1470 centos5 i386
10438| [870763] RedHat Update for openssh RHSA-2012:0884-04
10439| [870129] RedHat Update for openssh RHSA-2008:0855-01
10440| [861813] Fedora Update for openssh FEDORA-2010-5429
10441| [861319] Fedora Update for openssh FEDORA-2007-395
10442| [861170] Fedora Update for openssh FEDORA-2007-394
10443| [861012] Fedora Update for openssh FEDORA-2007-715
10444| [840345] Ubuntu Update for openssh vulnerability USN-597-1
10445| [840300] Ubuntu Update for openssh update USN-612-5
10446| [840271] Ubuntu Update for openssh vulnerability USN-612-2
10447| [840268] Ubuntu Update for openssh update USN-612-7
10448| [840259] Ubuntu Update for openssh vulnerabilities USN-649-1
10449| [840214] Ubuntu Update for openssh vulnerability USN-566-1
10450| [831074] Mandriva Update for openssh MDVA-2010:162 (openssh)
10451| [830929] Mandriva Update for openssh MDVA-2010:090 (openssh)
10452| [830807] Mandriva Update for openssh MDVA-2010:026 (openssh)
10453| [830603] Mandriva Update for openssh MDVSA-2008:098 (openssh)
10454| [830523] Mandriva Update for openssh MDVSA-2008:078 (openssh)
10455| [830317] Mandriva Update for openssh-askpass-qt MDKA-2007:127 (openssh-askpass-qt)
10456| [830191] Mandriva Update for openssh MDKSA-2007:236 (openssh)
10457| [802407] OpenSSH 'sshd' Challenge Response Authentication Buffer Overflow Vulnerability
10458| [103503] openssh-server Forced Command Handling Information Disclosure Vulnerability
10459| [103247] OpenSSH Ciphersuite Specification Information Disclosure Weakness
10460| [103064] OpenSSH Legacy Certificate Signing Information Disclosure Vulnerability
10461| [100584] OpenSSH X Connections Session Hijacking Vulnerability
10462| [100153] OpenSSH CBC Mode Information Disclosure Vulnerability
10463| [66170] CentOS Security Advisory CESA-2009:1470 (openssh)
10464| [65987] SLES10: Security update for OpenSSH
10465| [65819] SLES10: Security update for OpenSSH
10466| [65514] SLES9: Security update for OpenSSH
10467| [65513] SLES9: Security update for OpenSSH
10468| [65334] SLES9: Security update for OpenSSH
10469| [65248] SLES9: Security update for OpenSSH
10470| [65218] SLES9: Security update for OpenSSH
10471| [65169] SLES9: Security update for openssh,openssh-askpass
10472| [65126] SLES9: Security update for OpenSSH
10473| [65019] SLES9: Security update for OpenSSH
10474| [65015] SLES9: Security update for OpenSSH
10475| [64931] CentOS Security Advisory CESA-2009:1287 (openssh)
10476| [61639] Debian Security Advisory DSA 1638-1 (openssh)
10477| [61030] Debian Security Advisory DSA 1576-2 (openssh)
10478| [61029] Debian Security Advisory DSA 1576-1 (openssh)
10479| [60840] FreeBSD Security Advisory (FreeBSD-SA-08:05.openssh.asc)
10480| [60803] Gentoo Security Advisory GLSA 200804-03 (openssh)
10481| [60667] Slackware Advisory SSA:2008-095-01 openssh
10482| [59014] Slackware Advisory SSA:2007-255-01 openssh
10483| [58741] Gentoo Security Advisory GLSA 200711-02 (openssh)
10484| [57919] Gentoo Security Advisory GLSA 200611-06 (openssh)
10485| [57895] Gentoo Security Advisory GLSA 200609-17 (openssh)
10486| [57585] Debian Security Advisory DSA 1212-1 (openssh (1:3.8.1p1-8.sarge.6))
10487| [57492] Slackware Advisory SSA:2006-272-02 openssh
10488| [57483] Debian Security Advisory DSA 1189-1 (openssh-krb5)
10489| [57476] FreeBSD Security Advisory (FreeBSD-SA-06:22.openssh.asc)
10490| [57470] FreeBSD Ports: openssh
10491| [56352] FreeBSD Security Advisory (FreeBSD-SA-06:09.openssh.asc)
10492| [56330] Gentoo Security Advisory GLSA 200602-11 (OpenSSH)
10493| [56294] Slackware Advisory SSA:2006-045-06 openssh
10494| [53964] Slackware Advisory SSA:2003-266-01 New OpenSSH packages
10495| [53885] Slackware Advisory SSA:2003-259-01 OpenSSH Security Advisory
10496| [53884] Slackware Advisory SSA:2003-260-01 OpenSSH updated again
10497| [53788] Debian Security Advisory DSA 025-1 (openssh)
10498| [52638] FreeBSD Security Advisory (FreeBSD-SA-03:15.openssh.asc)
10499| [52635] FreeBSD Security Advisory (FreeBSD-SA-03:12.openssh.asc)
10500| [11343] OpenSSH Client Unauthorized Remote Forwarding
10501| [10954] OpenSSH AFS/Kerberos ticket/token passing
10502| [10883] OpenSSH Channel Code Off by 1
10503| [10823] OpenSSH UseLogin Environment Variables
10504|
10505| SecurityTracker - https://www.securitytracker.com:
10506| [1028187] OpenSSH pam_ssh_agent_auth Module on Red Hat Enterprise Linux Lets Remote Users Execute Arbitrary Code
10507| [1026593] OpenSSH Lets Remote Authenticated Users Obtain Potentially Sensitive Information
10508| [1025739] OpenSSH on FreeBSD Has Buffer Overflow in pam_thread() That Lets Remote Users Execute Arbitrary Code
10509| [1025482] OpenSSH ssh-keysign Utility Lets Local Users Gain Elevated Privileges
10510| [1025028] OpenSSH Legacy Certificates May Disclose Stack Contents to Remote Users
10511| [1022967] OpenSSH on Red Hat Enterprise Linux Lets Remote Authenticated Users Gain Elevated Privileges
10512| [1021235] OpenSSH CBC Mode Error Handling May Let Certain Remote Users Obtain Plain Text in Certain Cases
10513| [1020891] OpenSSH on Debian Lets Remote Users Prevent Logins
10514| [1020730] OpenSSH for Red Hat Enterprise Linux Packages May Have Been Compromised
10515| [1020537] OpenSSH on HP-UX Lets Local Users Hijack X11 Sessions
10516| [1019733] OpenSSH Unsafe Default Configuration May Let Local Users Execute Arbitrary Commands
10517| [1019707] OpenSSH Lets Local Users Hijack Forwarded X Sessions in Certain Cases
10518| [1017756] Apple OpenSSH Key Generation Process Lets Remote Users Deny Service
10519| [1017183] OpenSSH Privilege Separation Monitor Validation Error May Cause the Monitor to Fail to Properly Control the Unprivileged Process
10520| [1016940] OpenSSH Race Condition in Signal Handler Lets Remote Users Deny Service and May Potentially Permit Code Execution
10521| [1016939] OpenSSH GSSAPI Authentication Abort Error Lets Remote Users Determine Valid Usernames
10522| [1016931] OpenSSH SSH v1 CRC Attack Detection Implementation Lets Remote Users Deny Service
10523| [1016672] OpenSSH on Mac OS X Lets Remote Users Deny Service
10524| [1015706] OpenSSH Interaction With OpenPAM Lets Remote Users Deny Service
10525| [1015540] OpenSSH scp Double Shell Character Expansion During Local-to-Local Copying May Let Local Users Gain Elevated Privileges in Certain Cases
10526| [1014845] OpenSSH May Unexpectedly Activate GatewayPorts and Also May Disclose GSSAPI Credentials in Certain Cases
10527| [1011193] OpenSSH scp Directory Traversal Flaw Lets Remote SSH Servers Overwrite Files in Certain Cases
10528| [1011143] OpenSSH Default Configuration May Be Unsafe When Used With Anonymous SSH Services
10529| [1007791] Portable OpenSSH PAM free() Bug May Let Remote Users Execute Root Code
10530| [1007716] OpenSSH buffer_append_space() and Other Buffer Management Errors May Let Remote Users Execute Arbitrary Code
10531| [1006926] OpenSSH Host Access Restrictions Can Be Bypassed By Remote Users
10532| [1006688] OpenSSH Timing Flaw With Pluggable Authentication Modules Can Disclose Valid User Account Names to Remote Users
10533| [1004818] OpenSSH's Secure Shell (SSH) Implementation Weakness May Disclose User Passwords to Remote Users During Man-in-the-Middle Attacks
10534| [1004616] OpenSSH Integer Overflow and Buffer Overflow May Allow Remote Users to Gain Root Access to the System
10535| [1004391] OpenSSH 'BSD_AUTH' Access Control Bug May Allow Unauthorized Remote Users to Authenticated to the System
10536| [1004115] OpenSSH Buffer Overflow in Kerberos Ticket and AFS Token Processing Lets Local Users Execute Arbitrary Code With Root Level Permissions
10537| [1003758] OpenSSH Off-by-one 'Channels' Bug May Let Authorized Remote Users Execute Arbitrary Code with Root Privileges
10538| [1002895] OpenSSH UseLogin Environment Variable Bug Lets Local Users Execute Commands and Gain Root Access
10539| [1002748] OpenSSH 3.0 Denial of Service Condition May Allow Remote Users to Crash the sshd Daemon and KerberosV Configuration Error May Allow Remote Users to Partially Authenticate When Authentication Should Not Be Permitted
10540| [1002734] OpenSSH's S/Key Implementation Information Disclosure Flaw Provides Remote Users With Information About Valid User Accounts
10541| [1002455] OpenSSH May Fail to Properly Restrict IP Addresses in Certain Configurations
10542| [1002432] OpenSSH's Sftp-server Subsystem Lets Authorized Remote Users with Restricted Keypairs Obtain Additional Access on the Server
10543| [1001683] OpenSSH Allows Authorized Users to Delete Other User Files Named Cookies
10544|
10545| OSVDB - http://www.osvdb.org:
10546| [92034] GSI-OpenSSH auth-pam.c Memory Management Authentication Bypass
10547| [90474] Red Hat / Fedora PAM Module for OpenSSH Incorrect error() Function Calling Local Privilege Escalation
10548| [90007] OpenSSH logingracetime / maxstartup Threshold Connection Saturation Remote DoS
10549| [81500] OpenSSH gss-serv.c ssh_gssapi_parse_ename Function Field Length Value Parsing Remote DoS
10550| [78706] OpenSSH auth-options.c sshd auth_parse_options Function authorized_keys Command Option Debug Message Information Disclosure
10551| [75753] OpenSSH PAM Module Aborted Conversation Local Information Disclosure
10552| [75249] OpenSSH sftp-glob.c remote_glob Function Glob Expression Parsing Remote DoS
10553| [75248] OpenSSH sftp.c process_put Function Glob Expression Parsing Remote DoS
10554| [72183] Portable OpenSSH ssh-keysign ssh-rand-helper Utility File Descriptor Leak Local Information Disclosure
10555| [70873] OpenSSH Legacy Certificates Stack Memory Disclosure
10556| [69658] OpenSSH J-PAKE Public Parameter Validation Shared Secret Authentication Bypass
10557| [67743] Novell NetWare OpenSSH SSHD.NLM Absolute Path Handling Remote Overflow
10558| [59353] OpenSSH sshd Local TCP Redirection Connection Masking Weakness
10559| [58495] OpenSSH sshd ChrootDirectory Feature SetUID Hard Link Local Privilege Escalation
10560| [56921] OpenSSH Unspecified Remote Compromise
10561| [53021] OpenSSH on ftp.openbsd.org Trojaned Distribution
10562| [50036] OpenSSH CBC Mode Chosen Ciphertext 32-bit Chunk Plaintext Context Disclosure
10563| [49386] OpenSSH sshd TCP Connection State Remote Account Enumeration
10564| [48791] OpenSSH on Debian sshd Crafted Username Arbitrary Remote SELinux Role Access
10565| [47635] OpenSSH Packages on Red Hat Enterprise Linux Compromised Distribution
10566| [47227] OpenSSH X11UseLocalhost X11 Forwarding Port Hijacking
10567| [45873] Cisco WebNS SSHield w/ OpenSSH Crafted Large Packet Remote DoS
10568| [43911] OpenSSH ~/.ssh/rc ForceCommand Bypass Arbitrary Command Execution
10569| [43745] OpenSSH X11 Forwarding Local Session Hijacking
10570| [43371] OpenSSH Trusted X11 Cookie Connection Policy Bypass
10571| [39214] OpenSSH linux_audit_record_event Crafted Username Audit Log Injection
10572| [37315] pam_usb OpenSSH Authentication Unspecified Issue
10573| [34850] OpenSSH on Mac OS X Key Generation Remote Connection DoS
10574| [34601] OPIE w/ OpenSSH Account Enumeration
10575| [34600] OpenSSH S/KEY Authentication Account Enumeration
10576| [32721] OpenSSH Username Password Complexity Account Enumeration
10577| [30232] OpenSSH Privilege Separation Monitor Weakness
10578| [29494] OpenSSH packet.c Invalid Protocol Sequence Remote DoS
10579| [29266] OpenSSH GSSAPI Authentication Abort Username Enumeration
10580| [29264] OpenSSH Signal Handler Pre-authentication Race Condition Code Execution
10581| [29152] OpenSSH Identical Block Packet DoS
10582| [27745] Apple Mac OS X OpenSSH Nonexistent Account Login Enumeration DoS
10583| [23797] OpenSSH with OpenPAM Connection Saturation Forked Process Saturation DoS
10584| [22692] OpenSSH scp Command Line Filename Processing Command Injection
10585| [20216] OpenSSH with KerberosV Remote Authentication Bypass
10586| [19142] OpenSSH Multiple X11 Channel Forwarding Leaks
10587| [19141] OpenSSH GSSAPIAuthentication Credential Escalation
10588| [18236] OpenSSH no pty Command Execution Local PAM Restriction Bypass
10589| [16567] OpenSSH Privilege Separation LoginGraceTime DoS
10590| [16039] Solaris 108994 Series Patch OpenSSH LDAP Client Authentication DoS
10591| [9562] OpenSSH Default Configuration Anon SSH Service Port Bounce Weakness
10592| [9550] OpenSSH scp Traversal Arbitrary File Overwrite
10593| [6601] OpenSSH *realloc() Unspecified Memory Errors
10594| [6245] OpenSSH SKEY/BSD_AUTH Challenge-Response Remote Overflow
10595| [6073] OpenSSH on FreeBSD libutil Arbitrary File Read
10596| [6072] OpenSSH PAM Conversation Function Stack Modification
10597| [6071] OpenSSH SSHv1 PAM Challenge-Response Authentication Privilege Escalation
10598| [5536] OpenSSH sftp-server Restricted Keypair Restriction Bypass
10599| [5408] OpenSSH echo simulation Information Disclosure
10600| [5113] OpenSSH NIS YP Netgroups Authentication Bypass
10601| [4536] OpenSSH Portable AIX linker Privilege Escalation
10602| [3938] OpenSSL and OpenSSH /dev/random Check Failure
10603| [3456] OpenSSH buffer_append_space() Heap Corruption
10604| [2557] OpenSSH Multiple Buffer Management Multiple Overflows
10605| [2140] OpenSSH w/ PAM Username Validity Timing Attack
10606| [2112] OpenSSH Reverse DNS Lookup Bypass
10607| [2109] OpenSSH sshd Root Login Timing Side-Channel Weakness
10608| [1853] OpenSSH Symbolic Link 'cookies' File Removal
10609| [839] OpenSSH PAMAuthenticationViaKbdInt Challenge-Response Remote Overflow
10610| [781] OpenSSH Kerberos TGT/AFS Token Passing Remote Overflow
10611| [730] OpenSSH Channel Code Off by One Remote Privilege Escalation
10612| [688] OpenSSH UseLogin Environment Variable Local Command Execution
10613| [642] OpenSSH Multiple Key Type ACL Bypass
10614| [504] OpenSSH SSHv2 Public Key Authentication Bypass
10615| [341] OpenSSH UseLogin Local Privilege Escalation
10616|_
106173306/tcp open mysql MySQL 5.0.77
10618| vulners:
10619| cpe:/a:mysql:mysql:5.0.77:
10620| CVE-2009-2446 8.5 https://vulners.com/cve/CVE-2009-2446
10621| CVE-2009-5026 6.8 https://vulners.com/cve/CVE-2009-5026
10622| CVE-2009-4028 6.8 https://vulners.com/cve/CVE-2009-4028
10623| CVE-2010-1848 6.5 https://vulners.com/cve/CVE-2010-1848
10624| CVE-2010-1850 6.0 https://vulners.com/cve/CVE-2010-1850
10625| CVE-2008-7247 6.0 https://vulners.com/cve/CVE-2008-7247
10626| CVE-2010-3833 5.0 https://vulners.com/cve/CVE-2010-3833
10627| CVE-2010-1849 5.0 https://vulners.com/cve/CVE-2010-1849
10628| CVE-2012-0490 4.0 https://vulners.com/cve/CVE-2012-0490
10629| CVE-2012-0484 4.0 https://vulners.com/cve/CVE-2012-0484
10630| CVE-2012-0102 4.0 https://vulners.com/cve/CVE-2012-0102
10631| CVE-2012-0101 4.0 https://vulners.com/cve/CVE-2012-0101
10632| CVE-2012-0087 4.0 https://vulners.com/cve/CVE-2012-0087
10633| CVE-2010-3838 4.0 https://vulners.com/cve/CVE-2010-3838
10634| CVE-2010-3837 4.0 https://vulners.com/cve/CVE-2010-3837
10635| CVE-2010-3836 4.0 https://vulners.com/cve/CVE-2010-3836
10636| CVE-2010-3834 4.0 https://vulners.com/cve/CVE-2010-3834
10637| CVE-2010-3682 4.0 https://vulners.com/cve/CVE-2010-3682
10638| CVE-2010-3677 4.0 https://vulners.com/cve/CVE-2010-3677
10639| CVE-2009-4019 4.0 https://vulners.com/cve/CVE-2009-4019
10640| CVE-2010-1626 3.6 https://vulners.com/cve/CVE-2010-1626
10641| CVE-2012-0114 3.0 https://vulners.com/cve/CVE-2012-0114
10642|_ CVE-2012-0075 1.7 https://vulners.com/cve/CVE-2012-0075
10643| vulscan: VulDB - https://vuldb.com:
10644| [5216] Oracle MySQL Server 5.0.x/5.1.x/5.5.x denial of service
10645| [5215] Oracle MySQL Server 5.0.x/5.1.x/5.5.x information disclosure
10646| [5213] Oracle MySQL Server 5.0.x/5.1.x/5.5.x unknown vulnerability
10647| [5212] Oracle MySQL Server 5.0.x/5.1.x denial of service
10648| [5211] Oracle MySQL Server 5.0.x/5.1.x denial of service
10649| [5210] Oracle MySQL Server 5.0.x/5.1.x denial of service
10650| [53483] MySQL up to 5.0.0.0 memory corruption
10651| [53482] MySQL up to 5.0.0.0 my_net_skip_rest denial of service
10652| [53481] MySQL up to 5.0.0.0 directory traversal
10653| [51369] mysql 5.0.51a CertDecoder::GetName memory corruption
10654| [50960] MySQL up to 5.0.0.0 Access Restriction Symlink privilege escalation
10655| [44358] MySQL up to 5.0.67 cross site scripting
10656| [44075] MySQL 5.0.51a Create Table Symlink privilege escalation
10657| [37818] MySQL Community Server up to 5.0.40 denial of service
10658| [37816] MySQL Community Server up to 5.0.40 Crash denial of service
10659| [36700] MySQL up to 5.0.39 item_cmpfunc.cc in_decimal::set denial of service
10660| [37817] MySQL Community Server up to 5.0.40 Create Table information disclosure
10661| [34223] MySQL 5.0.30/5.1.13 sql_select.cc denial of service
10662|
10663| MITRE CVE - https://cve.mitre.org:
10664| [CVE-2011-1906] Trustwave WebDefend Enterprise before 5.0 7.01.903-1.4 stores specific user-account credentials in a MySQL database, which makes it easier for remote attackers to read the event collection table via requests to the management port, a different vulnerability than CVE-2011-0756.
10665| [CVE-2005-2573] The mysql_create_function function in sql_udf.cc for MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta, when running on Windows, uses an incomplete blacklist in a directory traversal check, which allows attackers to include arbitrary files via the backslash (\) character.
10666| [CVE-2005-2558] Stack-based buffer overflow in the init_syms function in MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta allows remote authenticated users who can create user-defined functions to execute arbitrary code via a long function_name field.
10667| [CVE-2012-4452] MySQL 5.0.88, and possibly other versions and platforms, allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of a CVE-2009-4030 regression, which was not omitted in other packages and versions such as MySQL 5.0.95 in Red Hat Enterprise Linux 6.
10668| [CVE-2012-0490] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect availability via unknown vectors.
10669| [CVE-2012-0484] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect confidentiality via unknown vectors.
10670| [CVE-2012-0114] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows local users to affect confidentiality and integrity via unknown vectors.
10671| [CVE-2012-0102] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0087 and CVE-2012-0101.
10672| [CVE-2012-0101] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0087 and CVE-2012-0102.
10673| [CVE-2012-0087] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0101 and CVE-2012-0102.
10674| [CVE-2012-0075] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect integrity via unknown vectors.
10675| [CVE-2010-3838] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments, which is not properly handled when the function's result is "processed using an intermediate temporary table."
10676| [CVE-2010-3837] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier, probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.
10677| [CVE-2010-3836] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view preparation, pre-evaluation of LIKE predicates, and IN Optimizers.
10678| [CVE-2010-3834] Unspecified vulnerability in MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via vectors related to "materializing a derived table that required a temporary table for grouping" and "user variable assignments."
10679| [CVE-2010-3833] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not properly propagate type errors, which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST, related to KILL_BAD_DATA and a "CREATE TABLE ... SELECT."
10680| [CVE-2010-3682] Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using EXPLAIN with crafted "SELECT ... UNION ... ORDER BY (SELECT ... WHERE ...)" statements, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store function.
10681| [CVE-2010-3677] Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a join query that uses a table with a unique SET column.
10682| [CVE-2010-1850] Buffer overflow in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to execute arbitrary code via a COM_FIELD_LIST command with a long table name.
10683| [CVE-2010-1849] The my_net_skip_rest function in sql/net_serv.cc in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by sending a large number of packets that exceed the maximum length.
10684| [CVE-2010-1848] Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tables, via a .. (dot dot) in a table name.
10685| [CVE-2009-5026] The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50, when running in certain slave configurations in which the slave is running a newer version than the master, allows remote attackers to execute arbitrary SQL commands via custom comments.
10686| [CVE-2009-4484] Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9, as used in mysqld in MySQL 5.0.x before 5.0.90, MySQL 5.1.x before 5.1.43, MySQL 5.5.x through 5.5.0-m2, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field, as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.
10687| [CVE-2009-4028] The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used, accepts a value of zero for the depth of X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate, as demonstrated by a certificate presented by a server linked against the yaSSL library.
10688| [CVE-2009-4019] mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1) properly handle errors during execution of certain SELECT statements with subqueries, and does not (2) preserve certain null_value flags during execution of statements that use the GeomFromWKB function, which allows remote authenticated users to cause a denial of service (daemon crash) via a crafted statement.
10689| [CVE-2009-2446] Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. NOTE: some of these details are obtained from third party information.
10690| [CVE-2008-7247] sql/sql_table.cc in MySQL 5.0.x through 5.0.88, 5.1.x through 5.1.41, and 6.0 before 6.0.9-alpha, when the data home directory contains a symlink to a different filesystem, allows remote authenticated users to bypass intended access restrictions by calling CREATE TABLE with a (1) DATA DIRECTORY or (2) INDEX DIRECTORY argument referring to a subdirectory that requires following this symlink.
10691| [CVE-2008-4456] Cross-site scripting (XSS) vulnerability in the command-line client in MySQL 5.0.26 through 5.0.45, and other versions including versions later than 5.0.45, when the --html option is enabled, allows attackers to inject arbitrary web script or HTML by placing it in a database cell, which might be accessed by this client when composing an HTML document. NOTE: as of 20081031, the issue has not been fixed in MySQL 5.0.67.
10692| [CVE-2008-4098] MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL home data directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4097.
10693| [CVE-2008-4097] MySQL 5.0.51a allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are associated with symlinks within pathnames for subdirectories of the MySQL home data directory, which are followed when tables are created in the future. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-2079.
10694| [CVE-2008-3963] MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token, aka an empty bit-string literal, which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement.
10695| [CVE-2008-2079] MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future.
10696| [CVE-2007-6304] The federated engine in MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4, when performing a certain SHOW TABLE STATUS query, allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns.
10697| [CVE-2007-6303] MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered, which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement.
10698| [CVE-2007-5969] MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.
10699| [CVE-2007-3782] MySQL Community Server before 5.0.45 allows remote authenticated users to gain update privileges for a table in another database via a view that refers to this external table.
10700| [CVE-2007-3781] MySQL Community Server before 5.0.45 does not require privileges such as SELECT for the source table in a CREATE TABLE LIKE statement, which allows remote authenticated users to obtain sensitive information such as the table structure.
10701| [CVE-2007-3780] MySQL Community Server before 5.0.45 allows remote attackers to cause a denial of service (daemon crash) via a malformed password packet in the connection protocol.
10702| [CVE-2007-2692] The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines, which allows remote authenticated users to gain privileges.
10703| [CVE-2007-2691] MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables.
10704| [CVE-2007-2583] The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5.1 before 5.1.18-beta, allows context-dependent attackers to cause a denial of service (crash) via a crafted IF clause that results in a divide-by-zero error and a NULL pointer dereference.
10705| [CVE-2007-1420] MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performing information_schema table subselects and using ORDER BY to sort a single-row result, which prevents certain structure elements from being initialized and triggers a NULL dereference in the filesort function.
10706| [CVE-2006-7232] sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 allows remote authenticated users to cause a denial of service (crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table, as originally demonstrated using ORDER BY.
10707| [CVE-2006-4227] MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine's definer instead of the routine's caller, which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE.
10708| [CVE-2006-4226] MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions.
10709| [CVE-2006-4031] MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy.
10710| [CVE-2006-3486] ** DISPUTED ** Off-by-one buffer overflow in the Instance_options::complete_initialization function in instance_options.cc in the Instance Manager in MySQL before 5.0.23 and 5.1 before 5.1.12 might allow local users to cause a denial of service (application crash) via unspecified vectors, which triggers the overflow when the convert_dirname function is called. NOTE: the vendor has disputed this issue via e-mail to CVE, saying that it is only exploitable when the user has access to the configuration file or the Instance Manager daemon. Due to intended functionality, this level of access would already allow the user to disrupt program operation, so this does not cross security boundaries and is not a vulnerability.
10711| [CVE-2006-3469] Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April 2006 allows remote authenticated users to cause a denial of service (crash) via a format string instead of a date as the first parameter to the date_format function, which is later used in a formatted print call to display the error message.
10712| [CVE-2006-3081] mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5.1.6 allows remote authorized users to cause a denial of service (crash) via a NULL second argument to the str_to_date function.
10713| [CVE-2006-2753] SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysql_real_escape function is used to escape the input.
10714| [CVE-2006-1518] Buffer overflow in the open_table function in sql_base.cc in MySQL 5.0.x up to 5.0.20 might allow remote attackers to execute arbitrary code via crafted COM_TABLE_DUMP packets with invalid length values.
10715| [CVE-2006-1517] sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an error message.
10716| [CVE-2006-1516] The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read.
10717| [CVE-2006-0903] MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysql_real_query function. NOTE: this issue was originally reported for the mysql_query function, but the vendor states that since mysql_query expects a null character, this is not an issue for mysql_query.
10718| [CVE-2006-0369] ** DISPUTED ** MySQL 5.0.18 allows local users with access to a VIEW to obtain sensitive information via the "SELECT * FROM information_schema.views
10719| [CVE-2005-1636] mysql_install_db in MySQL 4.1.x before 4.1.12 and 5.x up to 5.0.4 creates the mysql_install_db.X file with a predictable filename and insecure permissions, which allows local users to execute arbitrary SQL commands by modifying the file's contents.
10720| [CVE-2005-0004] The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files.
10721| [CVE-2004-0835] MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow attackers to conduct unauthorized activities.
10722| [CVE-2004-0628] Stack-based buffer overflow in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long scramble string.
10723| [CVE-2004-0627] The check_scramble_323 function in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to bypass authentication via a zero-length scrambled string.
10724|
10725| SecurityFocus - https://www.securityfocus.com/bid/:
10726| [37640] MySQL 5.0.51a Unspecified Remote Code Execution Vulnerability
10727|
10728| IBM X-Force - https://exchange.xforce.ibmcloud.com:
10729| [85724] Oracle MySQL Server XA Transactions denial of service
10730| [85723] Oracle MySQL Server Server Replication denial of service
10731| [85722] Oracle MySQL Server InnoDB denial of service
10732| [85721] Oracle MySQL Server Server Privileges unspecified
10733| [85720] Oracle MySQL Server Server Partition denial of service
10734| [85719] Oracle MySQL Server Server Parser denial of service
10735| [85718] Oracle MySQL Server Server Options denial of service
10736| [85717] Oracle MySQL Server Server Options denial of service
10737| [85716] Oracle MySQL Server Server Optimizer denial of service
10738| [85715] Oracle MySQL Server Server Optimizer denial of service
10739| [85714] Oracle MySQL Server Prepared Statements denial of service
10740| [85713] Oracle MySQL Server InnoDB denial of service
10741| [85712] Oracle MySQL Server Full Text Search denial of service
10742| [85711] Oracle MySQL Server Data Manipulation Language denial of service
10743| [85710] Oracle MySQL Server Data Manipulation Language denial of service
10744| [85709] Oracle MySQL Server Audit Log unspecified
10745| [85708] Oracle MySQL Server MemCached unspecified
10746| [84846] Debian mysql-server package information disclosure
10747| [84375] Wireshark MySQL dissector denial of service
10748| [83554] Oracle MySQL Server Server Partition denial of service
10749| [83553] Oracle MySQL Server Server Locking denial of service
10750| [83552] Oracle MySQL Server Server Install unspecified
10751| [83551] Oracle MySQL Server Server Types denial of service
10752| [83550] Oracle MySQL Server Server Privileges unspecified
10753| [83549] Oracle MySQL Server InnoDB denial of service
10754| [83548] Oracle MySQL Server InnoDB denial of service
10755| [83547] Oracle MySQL Server Data Manipulation Language denial of service
10756| [83546] Oracle MySQL Server Stored Procedure denial of service
10757| [83545] Oracle MySQL Server Server Replication denial of service
10758| [83544] Oracle MySQL Server Server Partition denial of service
10759| [83543] Oracle MySQL Server Server Optimizer denial of service
10760| [83542] Oracle MySQL Server InnoDB denial of service
10761| [83541] Oracle MySQL Server Information Schema denial of service
10762| [83540] Oracle MySQL Server Data Manipulation Language denial of service
10763| [83539] Oracle MySQL Server Data Manipulation Language denial of service
10764| [83538] Oracle MySQL Server Server Optimizer unspecified
10765| [83537] Oracle MySQL Server MemCached denial of service
10766| [83536] Oracle MySQL Server Server Privileges unspecified
10767| [83535] Oracle MySQL Server Server Privileges unspecified
10768| [83534] Oracle MySQL Server Server unspecified
10769| [83533] Oracle MySQL Server Information Schema unspecified
10770| [83532] Oracle MySQL Server Server Locking unspecified
10771| [83531] Oracle MySQL Server Data Manipulation Language denial of service
10772| [83388] MySQL administrative login attempt detected
10773| [82963] Mambo MySQL database information disclosure
10774| [82946] Oracle MySQL buffer overflow
10775| [82945] Oracle MySQL buffer overflow
10776| [82895] Oracle MySQL and MariaDB geometry queries denial of service
10777| [81577] MySQL2JSON extension for TYPO3 unspecified SQL injection
10778| [81325] Oracle MySQL Server Server Privileges denial of service
10779| [81324] Oracle MySQL Server Server Partition denial of service
10780| [81323] Oracle MySQL Server Server Optimizer denial of service
10781| [81322] Oracle MySQL Server Server Optimizer denial of service
10782| [81321] Oracle MySQL Server Server denial of service
10783| [81320] Oracle MySQL Server MyISAM denial of service
10784| [81319] Oracle MySQL Server InnoDB denial of service
10785| [81318] Oracle MySQL Server InnoDB denial of service
10786| [81317] Oracle MySQL Server Server Locking denial of service
10787| [81316] Oracle MySQL Server Server denial of service
10788| [81315] Oracle MySQL Server Server Replication unspecified
10789| [81314] Oracle MySQL Server Server Replication unspecified
10790| [81313] Oracle MySQL Server Stored Procedure denial of service
10791| [81312] Oracle MySQL Server Server Optimizer denial of service
10792| [81311] Oracle MySQL Server Information Schema denial of service
10793| [81310] Oracle MySQL Server GIS Extension denial of service
10794| [80790] Oracle MySQL yaSSL buffer overflow
10795| [80553] Oracle MySQL and MariaDB salt security bypass
10796| [80443] Oracle MySQL Server unspecified code execution
10797| [80442] Oracle MySQL Server acl_get() buffer overflow
10798| [80440] Oracle MySQL Server table buffer overflow
10799| [80435] Oracle MySQL Server database privilege escalation
10800| [80434] Oracle MySQL Server COM_BINLOG_DUMP denial of service
10801| [80433] Oracle MySQL Server Stuxnet privilege escalation
10802| [80432] Oracle MySQL Server authentication information disclosure
10803| [79394] Oracle MySQL Server Server Installation information disclosure
10804| [79393] Oracle MySQL Server Server Replication denial of service
10805| [79392] Oracle MySQL Server Server Full Text Search denial of service
10806| [79391] Oracle MySQL Server Server denial of service
10807| [79390] Oracle MySQL Server Client information disclosure
10808| [79389] Oracle MySQL Server Server Optimizer denial of service
10809| [79388] Oracle MySQL Server Server Optimizer denial of service
10810| [79387] Oracle MySQL Server Server denial of service
10811| [79386] Oracle MySQL Server InnoDB Plugin denial of service
10812| [79385] Oracle MySQL Server InnoDB denial of service
10813| [79384] Oracle MySQL Server Client unspecified
10814| [79383] Oracle MySQL Server Server denial of service
10815| [79382] Oracle MySQL Server Protocol unspecified
10816| [79381] Oracle MySQL Server Information Schema unspecified
10817| [78954] SilverStripe MySQLDatabase.php information disclosure
10818| [78948] MySQL MyISAM table symlink
10819| [77865] MySQL unknown vuln
10820| [77864] MySQL sort order denial of service
10821| [77768] MySQLDumper refresh_dblist.php information disclosure
10822| [77177] MySQL Squid Access Report unspecified cross-site scripting
10823| [77065] Oracle MySQL Server Optimizer denial of service
10824| [77064] Oracle MySQL Server Optimizer denial of service
10825| [77063] Oracle MySQL Server denial of service
10826| [77062] Oracle MySQL InnoDB denial of service
10827| [77061] Oracle MySQL GIS Extension denial of service
10828| [77060] Oracle MySQL Server Optimizer denial of service
10829| [76189] MySQL unspecified error
10830| [76188] MySQL attempts security bypass
10831| [75287] MySQLDumper restore.php information disclosure
10832| [75286] MySQLDumper filemanagement.php directory traversal
10833| [75285] MySQLDumper main.php cross-site request forgery
10834| [75284] MySQLDumper install.php cross-site scripting
10835| [75283] MySQLDumper install.php file include
10836| [75282] MySQLDumper menu.php code execution
10837| [75022] Oracle MySQL Server Server Optimizer denial of service
10838| [75021] Oracle MySQL Server Server Optimizer denial of service
10839| [75020] Oracle MySQL Server Server DML denial of service
10840| [75019] Oracle MySQL Server Partition denial of service
10841| [75018] Oracle MySQL Server MyISAM denial of service
10842| [75017] Oracle MySQL Server Server Optimizer denial of service
10843| [74672] Oracle MySQL Server multiple unspecified
10844| [73092] MySQL unspecified code execution
10845| [72540] Oracle MySQL Server denial of service
10846| [72539] Oracle MySQL Server unspecified
10847| [72538] Oracle MySQL Server denial of service
10848| [72537] Oracle MySQL Server denial of service
10849| [72536] Oracle MySQL Server unspecified
10850| [72535] Oracle MySQL Server denial of service
10851| [72534] Oracle MySQL Server denial of service
10852| [72533] Oracle MySQL Server denial of service
10853| [72532] Oracle MySQL Server denial of service
10854| [72531] Oracle MySQL Server denial of service
10855| [72530] Oracle MySQL Server denial of service
10856| [72529] Oracle MySQL Server denial of service
10857| [72528] Oracle MySQL Server denial of service
10858| [72527] Oracle MySQL Server denial of service
10859| [72526] Oracle MySQL Server denial of service
10860| [72525] Oracle MySQL Server information disclosure
10861| [72524] Oracle MySQL Server denial of service
10862| [72523] Oracle MySQL Server denial of service
10863| [72522] Oracle MySQL Server denial of service
10864| [72521] Oracle MySQL Server denial of service
10865| [72520] Oracle MySQL Server denial of service
10866| [72519] Oracle MySQL Server denial of service
10867| [72518] Oracle MySQL Server unspecified
10868| [72517] Oracle MySQL Server unspecified
10869| [72516] Oracle MySQL Server unspecified
10870| [72515] Oracle MySQL Server denial of service
10871| [72514] Oracle MySQL Server unspecified
10872| [71965] MySQL port denial of service
10873| [70680] DBD::mysqlPP unspecified SQL injection
10874| [70370] TaskFreak! multi-mysql unspecified path disclosure
10875| [68799] mod_authnz_external module for Apache mysql-auth.pl SQL injection
10876| [68294] MySQLDriverCS statement.cs sql injection
10877| [68175] Prosody MySQL denial of service
10878| [67539] Zend Framework MySQL PDO security bypass
10879| [67254] DirectAdmin MySQL information disclosure
10880| [66567] Xoops mysql.sql information disclosure
10881| [65871] PyWebDAV MySQLAuthHandler class SQL injection
10882| [65543] MySQL Select Arbitrary data into a File
10883| [65529] MySQL Eventum full_name field cross-site scripting
10884| [65380] Oracle MySQL Eventum forgot_password.php cross-site scripting
10885| [65379] Oracle MySQL Eventum list.php cross-site scripting
10886| [65266] Accellion File Transfer Appliance MySQL default password
10887| [64878] MySQL Geometry denial of service
10888| [64877] MySQL EXPLAIN EXTENDED denial of service
10889| [64876] MySQL prepared statement denial of service
10890| [64845] MySQL extreme-value denial of service
10891| [64844] MySQL Gis_line_string::init_from_wkb denial of service
10892| [64843] MySQL user-variable denial of service
10893| [64842] MySQL view preparation denial of service
10894| [64841] MySQL prepared statement denial of service
10895| [64840] MySQL LONGBLOB denial of service
10896| [64839] MySQL invocations denial of service
10897| [64838] MySQL Gis_line_string::init_from_wkb denial of service
10898| [64689] MySQL dict0crea.c denial of service
10899| [64688] MySQL SET column denial of service
10900| [64687] MySQL BINLOG command denial of service
10901| [64686] MySQL InnoDB denial of service
10902| [64685] MySQL HANDLER interface denial of service
10903| [64684] MySQL Item_singlerow_subselect::store denial of service
10904| [64683] MySQL OK packet denial of service
10905| [63518] MySQL Query Browser GUI Tools information disclosure
10906| [63517] MySQL Administrator GUI Tools information disclosure
10907| [62272] MySQL PolyFromWKB() denial of service
10908| [62269] MySQL LIKE predicates denial of service
10909| [62268] MySQL joins denial of service
10910| [62267] MySQL GREATEST() or LEAST() denial of service
10911| [62266] MySQL GROUP_CONCAT() denial of service
10912| [62265] MySQL expression values denial of service
10913| [62264] MySQL temporary table denial of service
10914| [62263] MySQL LEAST() or GREATEST() denial of service
10915| [62262] MySQL replication privilege escalation
10916| [61739] MySQL WITH ROLLUP denial of service
10917| [61343] MySQL LOAD DATA INFILE denial of service
10918| [61342] MySQL EXPLAIN denial of service
10919| [61341] MySQL HANDLER denial of service
10920| [61340] MySQL BINLOG denial of service
10921| [61339] MySQL IN() or CASE denial of service
10922| [61338] MySQL SET denial of service
10923| [61337] MySQL DDL denial of service
10924| [61318] PHP mysqlnd_wireprotocol.c buffer overflow
10925| [61317] PHP php_mysqlnd_read_error_from_line buffer overflow
10926| [61316] PHP php_mysqlnd_auth_write buffer overflow
10927| [61274] MySQL TEMPORARY InnoDB denial of service
10928| [59905] MySQL ALTER DATABASE denial of service
10929| [59841] CMySQLite updateUser.php cross-site request forgery
10930| [59112] MySQL Enterprise Monitor unspecified cross-site request forgery
10931| [59075] PHP php_mysqlnd_auth_write() buffer overflow
10932| [59074] PHP php_mysqlnd_read_error_from_line() buffer overflow
10933| [59073] PHP php_mysqlnd_rset_header_read() buffer overflow
10934| [59072] PHP php_mysqlnd_ok_read() information disclosure
10935| [58842] MySQL DROP TABLE file deletion
10936| [58676] Template Shares MySQL information disclosure
10937| [58531] MySQL COM_FIELD_LIST buffer overflow
10938| [58530] MySQL packet denial of service
10939| [58529] MySQL COM_FIELD_LIST security bypass
10940| [58311] ClanSphere the captcha generator and MySQL driver SQL injection
10941| [57925] MySQL UNINSTALL PLUGIN security bypass
10942| [57006] Quicksilver Forums mysqldump information disclosure
10943| [56800] Employee Timeclock Software mysqldump information disclosure
10944| [56200] Flex MySQL Connector ActionScript SQL injection
10945| [55877] MySQL yaSSL buffer overflow
10946| [55622] kiddog_mysqldumper extension for TYPO3 information disclosure
10947| [55416] MySQL unspecified buffer overflow
10948| [55382] Ublog UblogMySQL.sql information disclosure
10949| [55251] PHP-MySQL-Quiz editquiz.php SQL injection
10950| [54597] MySQL sql_table.cc security bypass
10951| [54596] MySQL mysqld denial of service
10952| [54365] MySQL OpenSSL security bypass
10953| [54364] MySQL MyISAM table symlink
10954| [53950] The mysql-ocaml mysql_real_escape_string weak security
10955| [52978] Zmanda Recovery Manager for MySQL mysqlhotcopy privilege escalation
10956| [52977] Zmanda Recovery Manager for MySQL socket-server.pl command execution
10957| [52660] iScouter PHP Web Portal MySQL Password Retrieval
10958| [52220] aa33code mysql.inc information disclosure
10959| [52122] MySQL Connector/J unicode SQL injection
10960| [51614] MySQL dispatch_command() denial of service
10961| [51406] MySQL Connector/NET SSL spoofing
10962| [49202] MySQL UDF command execution
10963| [49050] MySQL XPath denial of service
10964| [48919] Cisco Application Networking Manager MySQL default account password
10965| [48163] libapache2-mod-auth-mysql module for Debian multibyte encoding SQL injection
10966| [47544] MySQL Calendar index.php SQL injection
10967| [47476] MySQL Calendar index.php nodstrumCalendarV2 security bypass
10968| [45649] MySQL MyISAM symlink security bypass
10969| [45648] MySQL MyISAM symlinks security bypass
10970| [45607] MySQL Quick Admin actions.php file include
10971| [45606] MySQL Quick Admin index.php file include
10972| [45590] MySQL command-line client cross-site scripting
10973| [45436] PromoteWeb MySQL go.php SQL injection
10974| [45042] MySQL empty bit-string literal denial of service
10975| [44662] mysql-lists unspecified cross-site scripting
10976| [42267] MySQL MyISAM security bypass
10977| [42211] GEDCOM_to_MySQL2 index.php, info.php and prenom.php cross-site scripting
10978| [42014] miniBB setup_mysql.php and setup_options.php SQL injection
10979| [40920] MySQL sql_select.cc denial of service
10980| [40734] MySQL Server BINLOG privilege escalation
10981| [40350] MySQL password information disclosure
10982| [39415] Debian GNU/Linux libdspam7-drv-mysql cron job password disclosure
10983| [39402] PHP LOCAL INFILE and MySQL extension security bypass
10984| [38999] aurora framework db_mysql.lib SQL injection
10985| [38990] MySQL federated engine denial of service
10986| [38989] MySQL DEFINER value privilege escalation
10987| [38988] MySQL DATA DIRECTORY and INDEX DIRECTORY privilege escalation
10988| [38964] MySQL RENAME TABLE symlink
10989| [38733] ManageEngine EventLog Analyzer MySQL default password
10990| [38284] MySQL ha_innodb.cc convert_search_mode_to_innobase() denial of service
10991| [38189] MySQL default root password
10992| [37235] Asterisk-Addons cdr_addon_mysql module SQL injection
10993| [37099] RHSA update for MySQL case sensistive database name privilege escalation not installed
10994| [36555] PHP MySQL extension multiple functions security bypass
10995| [35960] MySQL view privilege escalation
10996| [35959] MySQL CREATE TABLE LIKE information disclosure
10997| [35958] MySQL connection protocol denial of service
10998| [35291] MySQLDumper main.php security bypass
10999| [34811] MySQL udf_init and mysql_create_function command execution
11000| [34809] MySQL mysql_update privilege escalation
11001| [34349] MySQL ALTER information disclosure
11002| [34348] MySQL mysql_change_db privilege escalation
11003| [34347] MySQL RENAME TABLE weak security
11004| [34232] MySQL IF clause denial of service
11005| [33388] Advanced Website Creator (AWC) mysql_escape_string SQL injection
11006| [33285] Eve-Nuke mysql.php file include
11007| [32957] MySQL Commander dbopen.php file include
11008| [32933] cPanel load_language.php and mysqlconfig.php file include
11009| [32911] MySQL filesort function denial of service
11010| [32462] cPanel passwdmysql cross-site scripting
11011| [32288] RHSA-2006:0544 updates for mysql not installed
11012| [32266] MySQLNewsEngine affichearticles.php3 file include
11013| [31244] The Address Book MySQL export.php password information disclosure
11014| [31037] Php/Mysql Site Builder (PHPBuilder) htm2php.php directory traversal
11015| [30760] BTSaveMySql URL file disclosure
11016| [30191] StoryStream mysql.php and mysqli.php file include
11017| [30085] MySQL MS-DOS device name denial of service
11018| [30031] Agora MysqlfinderAdmin.php file include
11019| [29438] MySQLDumper mysqldumper_path/sql.php cross-site scripting
11020| [29179] paBugs class.mysql.php file include
11021| [29120] ZoomStats MySQL file include
11022| [28448] MySQL case sensitive database name privilege escalation
11023| [28442] MySQL GRANT EXECUTE privilege escalation
11024| [28387] FunkBoard admin/mysql_install.php and admin/pg_install.php unauthorized access
11025| [28202] MySQL multiupdate subselect query denial of service
11026| [28180] MySQL MERGE table security bypass
11027| [28176] PHP MySQL Banner Exchange lib.inc information disclosure
11028| [27995] Opsware Network Automation System MySQL plaintext password
11029| [27904] MySQL date_format() format string
11030| [27635] MySQL Instance Manager denial of service
11031| [27212] MySQL SELECT str_to_date denial of service
11032| [26875] MySQL ASCII escaping SQL injection
11033| [26420] Apple Mac OS X MySQL Manager blank password
11034| [26236] MySQL login packet information disclosure
11035| [26232] MySQL COM_TABLE_DUMP buffer overflow
11036| [26228] MySQL sql_parce.cc information disclosure
11037| [26042] MySQL running
11038| [25313] WoltLab Burning Board class_db_mysql.php cross-site scripting
11039| [24966] MySQL mysql_real_query logging bypass
11040| [24653] PAM-MySQL logging function denial of service
11041| [24652] PAM-MySQL authentication double free code execution
11042| [24567] PHP/MYSQL Timesheet index.php and changehrs.php SQL injection
11043| [24095] PHP ext/mysqli exception handling format string
11044| [23990] PHP mysql_connect() buffer overflow
11045| [23596] MySQL Auction search module could allow cross-site scripting
11046| [22642] RHSA-2005:334 updates for mysql not installed
11047| [21757] MySQL UDF library functions command execution
11048| [21756] MySQL LoadLibraryEx function denial of service
11049| [21738] MySQL UDF mysql_create_function function directory traversal
11050| [21737] MySQL user defined function buffer overflow
11051| [21640] MySQL Eventum multiple class SQL injection
11052| [21638] MySQL Eventum multiple scripts cross-site scripting
11053| [20984] xmysqladmin temporary file symlink
11054| [20656] MySQL mysql_install_db script symlink
11055| [20333] Plans MySQL password information disclosure
11056| [19659] MySQL CREATE TEMPORARY TABLE command creates insecure files
11057| [19658] MySQL udf_init function gain access
11058| [19576] auraCMS mysql_fetch_row function path disclosure
11059| [18922] MySQL mysqlaccess script symlink attack
11060| [18824] MySQL UDF root privileges
11061| [18464] mysql_auth unspecified vulnerability
11062| [18449] Sugar Sales plaintext MySQL password
11063| [17783] MySQL underscore allows elevated privileges
11064| [17768] MySQL MATCH ... AGAINST SQL statement denial of service
11065| [17667] MySQL UNION change denial of service
11066| [17666] MySQL ALTER TABLE RENAME bypass restriction
11067| [17493] MySQL libmysqlclient bulk inserts buffer overflow
11068| [17462] MySQLGuest AWSguest.php script cross-site scripting
11069| [17047] MySQL mysql_real_connect buffer overflow
11070| [17030] MySQL mysqlhotcopy insecure temporary file
11071| [16612] MySQL my_rnd buffer overflow
11072| [16604] MySQL check_scramble_323 function allows unauthorized access
11073| [15883] MySQL mysqld_multi script symlink attack
11074| [15617] MySQL mysqlbug script symlink attack
11075| [15417] Confixx db_mysql_loeschen2.php SQL injection
11076| [15280] Proofpoint Protection Server MySQL allows unauthorized access
11077| [13404] HP Servicecontrol Manager multiple vulnerabilities in MySQL could allow execution of code
11078| [13153] MySQL long password buffer overflow
11079| [12689] MySQL AB ODBC Driver stores ODBC passwords and usernames in plain text
11080| [12540] Teapop PostSQL and MySQL modules SQL injection
11081| [12337] MySQL mysql_real_connect function buffer overflow
11082| [11510] MySQL datadir/my.cnf modification could allow root privileges
11083| [11493] mysqlcc configuration and connection files are world writable
11084| [11340] SuckBot mod_mysql_logger denial of service
11085| [11199] MySQL mysql_change_user() double-free memory pointer denial of service
11086| [10850] MySQL libmysql client read_one_row buffer overflow
11087| [10849] MySQL libmysql client read_rows buffer overflow
11088| [10848] MySQL COM_CHANGE_USER password buffer overflow
11089| [10847] MySQL COM_CHANGE_USER command password authentication bypass
11090| [10846] MySQL COM_TABLE_DUMP unsigned integer denial of service
11091| [10483] Bugzilla stores passwords in plain text in the MySQL database
11092| [10455] gBook MySQL could allow administrative access
11093| [10243] MySQL my.ini "
11094| [9996] MySQL SHOW GRANTS command discloses adminstrator`s encrypted password
11095| [9909] MySQL logging disabled by default on Windows
11096| [9908] MySQL binding to the loopback adapter is disabled
11097| [9902] MySQL default root password could allow unauthorized access
11098| [8748] Cyrus SASL LDAP+MySQL patch allows user unauthorized POP access
11099| [8105] PHP MySQL client library allows an attacker to bypass safe_mode restrictions
11100| [7923] Conectiva Linux MySQL /var/log/mysql file has insecure permissions
11101| [7206] WinMySQLadmin stores MySQL password in plain text
11102| [6617] MySQL "
11103| [6419] MySQL drop database command buffer overflow
11104| [6418] MySQL libmysqlclient.so buffer overflow
11105| [5969] MySQL select buffer overflow
11106| [5447] pam_mysql authentication input
11107| [5409] MySQL authentication algorithm obtain password hash
11108| [5057] PCCS MySQL Database Admin Tool could reveal username and password
11109| [4228] MySQL unauthenticated remote access
11110| [3849] MySQL default test account could allow any user to connect to the database
11111| [1568] MySQL creates readable log files
11112|
11113| Exploit-DB - https://www.exploit-db.com:
11114| [30020] MySQL 5.0.x - IF Query Handling Remote Denial of Service Vulnerability
11115| [29724] MySQL 5.0.x Single Row SubSelect Remote Denial of Service Vulnerability
11116| [27326] MySQL 5.0.18 Query Logging Bypass Vulnerability
11117| [20044] Symantec Web Gateway 5.0.3.18 Blind SQLi Backdoor via MySQL Triggers
11118| [9085] MySQL <= 5.0.45 COM_CREATE_DB Format String PoC (auth)
11119| [4615] MySQL <= 5.0.45 (Alter) Denial of Service Vulnerability
11120| [1742] MySQL (<= 4.1.18, 5.0.20) Local/Remote Information Leakage Exploit
11121| [1741] MySQL <= 5.0.20 COM_TABLE_DUMP Memory Leak/Remote BoF Exploit
11122|
11123| OpenVAS (Nessus) - http://www.openvas.org:
11124| [53230] Debian Security Advisory DSA 540-1 (mysql)
11125|
11126| SecurityTracker - https://www.securitytracker.com:
11127| [1028790] MySQL Multiple Bugs Let Remote Users Deny Service and Partially Access and Modify Data
11128| [1028449] MySQL Multiple Bugs Let Remote Authenticated Users Deny Service and Partially Access and Modify Data
11129| [1028004] MySQL Multiple Bugs Let Remote Authenticated Users Take Full Control or Deny Service and Let Local Users Access and Modify Data
11130| [1027829] MySQL Bug in UpdateXML() Lets Remote Authenticated Users Deny Service
11131| [1027828] MySQL Heap Overflow May Let Remote Authenticated Users Execute Arbitrary Code
11132| [1027827] MySQL Stack Overflow May Let Remote Authenticated Users Execute Arbitrary Code
11133| [1027665] MySQL Multiple Bugs Let Remote Authenticated Users Access and Modify Data and Deny Service and Local Users Access Data
11134| [1027263] MySQL Multiple Bugs Let Remote Authenticated Users Deny Service
11135| [1027143] MySQL memcmp() Comparison Error Lets Remote Users Bypass Authentication
11136| [1026934] MySQL Multiple Bugs Let Remote Users Deny Service
11137| [1026896] MySQL Unspecified Flaws Have Unspecified Impact
11138| [1026659] MySQL Unspecified Flaw Lets Remote Users Execute Arbitrary Code
11139| [1026530] MySQL Multiple Bugs Let Local and Remote Users Partially Access and Modifiy Data and Partially Deny Service
11140| [1024508] MySQL Replication Flaw Lets Remote Authenticated Users Gain Elevated Privileges
11141| [1024507] MySQL Multiple Flaws Let Remote Authenticated Users Deny Service
11142| [1024360] MySQL Multiple Flaws Let Remote Authenticated Users Deny Service
11143| [1024160] MySQL ALTER DATABASE Processing Error Lets Remote Authenticated Users Deny Service
11144| [1024033] MySQL COM_FIELD_LIST Packet Buffer Overflow Lets Remote Authenticated Users Execute Arbitrary Code
11145| [1024032] MySQL Large Packet Processing Flaw in my_net_skip_rest() Lets Remote Users Deny Service
11146| [1024031] MySQL COM_FIELD_LIST Validation Flaw Lets Remote Authenticated Users Gain Elevated Privileges
11147| [1024004] MySQL mi_delete_table() Symlink Flaw Lets Remote Authenticated Users Delete Data and Index Files
11148| [1023402] MySQL Unspecified Flaw Lets Remote Users Execute Arbitrary Code
11149| [1023220] MySQL Client Fails to Check Server Certificates in Certain Cases
11150| [1022812] MySQL Unspecified Buffer Overflow Lets Remote Users Execute Arbitrary Code
11151| [1022533] MySQL Format String Bug in dispatch_command() Lets Remote Users Deny Service
11152| [1022482] MySQL Connector/Net is Missing SSL Certificate Validation
11153| [1021786] MySQL Bug in ExtractValue()/UpdateXML() in Processing XPath Expressions Lets Remote Authenticated Users Deny Service
11154| [1021714] (Red Hat Issues Fix) mod_auth_mysql Input Validation Flaw Lets Remote Users Inject SQL Commands
11155| [1020858] MySQL Item_bin_string::Item_bin_string() Binary Value Processing Bug Lets Remote Authenticated Users Deny Service
11156| [1019995] MySQL MyISAM Options Let Local Users Overwrite Table Files
11157| [1019085] MySQL Bugs Let Remote Authenticated Users Gain Elevated Privileges and Deny Service
11158| [1019084] MySQL DATA DIRECTORY and INDEX DIRECTORY Options May Let Remote Authenticated Users Gain Elevated Privileges
11159| [1019083] MySQL BINLOG Filename Path Bug May Let Remote Authenticated Users Gain Elevated Privileges
11160| [1019060] MySQL Rename Table Bug Lets Remote Authenticated Users Modify System Table Information
11161| [1018978] MySQL convert_search_mode_to_innobase() Bug Lets Remote Authenticated Users Deny Service
11162| [1018824] Asterisk-Addons Input Validation Flaw in cdr_addon_mysql Lets Remote Users Inject SQL Commands
11163| [1018663] MySQL Table View Access Bug Lets Remote Authenticated Users Gain Elevated Privileges
11164| [1018629] MySQL Authentication Protocol Bug Lets Remote Users Deny Service
11165| [1018071] MySQL ALTER TABLE Function Lets Remote Authenticated Users Obtain Potentially Sensitive Information
11166| [1018070] MySQL SQL SECURITY INVOKER Routines Let Remote Authenticated Users Gain Elevated Privileges
11167| [1018069] MySQL Lets Remote Authenticated Users Issue the RENAME TABLE Command
11168| [1017746] MySQL Single Row Subselect Statements Let Remote Users Deny Service
11169| [1016790] MySQL Replication Error Lets Local Users Deny Service
11170| [1016710] MySQL Case-Sensitive Database Names May Let Users Access Restricted Databases
11171| [1016709] MySQL Error in Checking suid Routine Arguments May Let Users Gain Elevated Privileges
11172| [1016617] MySQL MERGE Access Control Error May Let Users Access a Restricted Table
11173| [1016566] Opsware Network Automation System Discloses MySQL Password to Local Users
11174| [1016216] MySQL Error in Parsing Multibyte Encoded Data in mysql_real_escape() Lets Remote Users Inject SQL Commands
11175| [1016077] Apple MySQL Manager Database Initialization Bug May Let Local Users Access the Database
11176| [1016017] MySQL Anonymous Login Processing May Disclose Some Memory Contents to Remote Users
11177| [1016016] MySQL COM_TABLE_DUMP Processing Lets Remote Authenticated Users Execute Arbitrary Code or Obtain Information
11178| [1015789] Woltlab Burning Board Input Validation Hole in 'class_db_mysql.php' Permits Cross-Site Scripting Attacks
11179| [1015693] MySQL Query Bug Lets Remote Users Bypass Query Logging
11180| [1015603] PAM-MySQL pam_get_item() Double Free May Let Remote Users Execute Arbitrary Code
11181| [1015485] PHP mysqli Extension Error Mode Format String Flaw May Let Users Execute Arbitrary Code
11182| [1014603] MySQL Eventum Input Validation Hole in 'class.auth.php' Permits SQL Injection and Other Input Validation Bugs Permit Cross-Site Scripting Attacks
11183| [1014172] xMySQLadmin Lets Local Users Delete Files
11184| [1013995] MySQL 'mysql_install_db' Uses Unsafe Temporary Files and May Let Local Users Gain Elevated Privilege
11185| [1013994] MySQL Non-existent '--user' Error May Allow the Database to Run With Incorrect Privileges
11186| [1013415] MySQL CREATE FUNCTION Lets Authenticated Users Invoke libc Functions to Execute Arbitrary Code
11187| [1013414] MySQL udf_init() Path Validation Flaw Lets Authenticated Users Execute Arbitrary Libraries
11188| [1013413] MySQL CREATE TEMPORARY TABLE Uses Predictable Temporary Files That May Let Users Gain Elevated Privileges
11189| [1012914] MySQL 'mysqlaccess.sh' Unsafe Temporary Files May Let Local Users Gain Elevated Privileges
11190| [1012893] MySQL MaxDB Buffer Overflow in websql Password Parameter Lets Remote Users Execute Arbitrary Code
11191| [1012500] mysql_auth Memory Leak Has Unspecified Impact
11192| [1011741] MySQL Access Control Error in Databases With Underscore Wildcard Character May Grant Unauthorized Access
11193| [1011606] MySQL May Let Remote Authenticated Users Access Restricted Tables or Crash the System
11194| [1011408] MySQL libmysqlclient Buffer Overflow in Executing Prepared Statements Has Unspecified Impact
11195| [1011376] MySQLGuest Lack of Input Validation Lets Remote Users Conduct Cross-Site Scripting Attacks
11196| [1011008] MySQL Buffer Overflow in mysql_real_connect() May Let Remote Users Execute Arbitrary Code
11197| [1010979] MySQL 'mysqlhotcopy' Unsafe Temporary Files May Let Local Users Gain Elevated Privileges
11198| [1010645] MySQL check_scramble_323() Zero-Length Comparison Lets Remote Users Bypass Authentication
11199| [1009784] MySQL 'mysqld_multi' Temporary File Flaw Lets Local Users Overwrite Files
11200| [1009554] MySQL 'mysqlbug' Temporary File Flaw Lets Local Users Overwrite Files
11201| [1007979] MySQL mysql_change_user() Double Free Error Lets Remote Authenticated Users Crash mysqld
11202| [1007673] MySQL acl_init() Buffer Overflow Permits Remote Authenticated Administrators to Execute Arbitrary Code
11203| [1007518] DWebPro Discloses MySQL Database Password to Local Users
11204| [1007312] MySQL World-Writable Configuration File May Let Local Users Gain Root Privileges
11205| [1006976] MySQL Buffer Overflow in 'mysql_real_connect()' Client Function May Let Remote or Local Users Execute Arbitrary Code
11206| [1005800] MySQL Overflow and Authentication Bugs May Let Remote Users Execute Code or Access Database Accounts
11207| [1005345] MySQL Buffer Overflow Lets Local Users Gain System Privileges on Windows NT
11208| [1004506] vBulletin PHP-based Forum Software Has Unspecified Security Flaw in the 'db_mysql.php' Module
11209| [1004172] PHP-Survey Script Discloses Underlying MySQL Database Username and Password to Remote Users
11210| [1003955] 3rd Party Patch for Cyrus SASL ('auxprop for mysql and ldap') Lets Remote Users Access Protected POP Mail Accounts Without Authentication
11211| [1003290] Conectiva Linux MySQL Distribution May Allow Local Users to Obtain Sensitive Information
11212| [1002993] PurePostPro Script Add-on for PureFTPd and MySQL Allows Remote Users to Execute SQL Commands on the Server
11213| [1002485] WinMySQLadmin Database Administration Tool Discloses MySQL Password to Local Users
11214| [1002324] Vpopmail Mail Server Discloses Database Password to Local Users When Installed with MySQL
11215| [1001411] phpMyAdmin Administration Tool for MySQL Allows Remote Users to Execute Commands on the Server
11216| [1001118] MySQL Database Allows Authorized Users to Modify Server Files to Deny Service or Obtain Additional Access
11217|
11218| OSVDB - http://www.osvdb.org:
11219| [95337] Oracle MySQL Server XA Transactions Subcomponent Unspecified Remote DoS
11220| [95336] Oracle MySQL Server Replication Subcomponent Unspecified Remote DoS
11221| [95335] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
11222| [95334] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue
11223| [95333] Oracle MySQL Server Partition Subcomponent Unspecified Remote DoS
11224| [95332] Oracle MySQL Server Parser Subcomponent Unspecified Remote DoS
11225| [95331] Oracle MySQL Server Options Subcomponent Unspecified Remote DoS (2013-3801)
11226| [95330] Oracle MySQL Server Options Subcomponent Unspecified Remote DoS (2013-3808)
11227| [95329] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2013-3796)
11228| [95328] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2013-3804)
11229| [95327] Oracle MySQL Server Prepared Statements Subcomponent Unspecified Remote DoS
11230| [95326] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
11231| [95325] Oracle MySQL Server Full Text Search Subcomponent Unspecified Remote DoS
11232| [95324] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-3795)
11233| [95323] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-3793)
11234| [95322] Oracle MySQL Server Audit Log Subcomponent Unspecified Remote Issue
11235| [95321] Oracle MySQL Server MemCached Subcomponent Unspecified Remote Issue
11236| [95131] AutoMySQLBackup /usr/sbin/automysqlbackup Database Name Arbitrary Code Injection
11237| [94076] Debian Linux MySQL Server mysql-server-5.5.postinst Race Condition debian.cnf Plaintext Credential Local Disclosure
11238| [93505] Wireshark MySQL Dissector (packet-mysql.c) Malformed Packet Handling Infinite Loop Remote DoS
11239| [93174] MySQL Crafted Derived Table Handling DoS
11240| [92967] MySQL2JSON (mn_mysql2json) Extension for TYPO3 Unspecified SQL Injection
11241| [92950] MySQL Running START SLAVE Statement Process Listing Plaintext Local Password Disclosure
11242| [92485] Oracle MySQL Server Partition Subcomponent Unspecified Local DoS
11243| [92484] Oracle MySQL Server Locking Subcomponent Unspecified Remote DoS (2013-1506)
11244| [92483] Oracle MySQL Server Install Subcomponent Unspecified Local Issue
11245| [92482] Oracle MySQL Server Types Subcomponent Unspecified Remote DoS
11246| [92481] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue (2013-2381)
11247| [92480] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-1566)
11248| [92479] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-1511)
11249| [92478] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-1567)
11250| [92477] Oracle MySQL Server Stored Procedure Subcomponent Unspecified Remote DoS
11251| [92476] Oracle MySQL Server Replication Subcomponent Unspecified Remote DoS
11252| [92475] Oracle MySQL Server Partition Subcomponent Unspecified Remote DoS
11253| [92474] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS
11254| [92473] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-2389)
11255| [92472] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote DoS
11256| [92471] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-1512)
11257| [92470] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-1544)
11258| [92469] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote Issue
11259| [92468] Oracle MySQL Server MemCached Subcomponent Unspecified Remote DoS
11260| [92467] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue (2013-2375)
11261| [92466] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue (2013-1531)
11262| [92465] Oracle MySQL Server Server Subcomponent Unspecified Remote Issue
11263| [92464] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote Issue
11264| [92463] Oracle MySQL Server Locking Subcomponent Unspecified Remote Issue (2013-1521)
11265| [92462] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-2395)
11266| [91536] Oracle MySQL yaSSL Unspecified Overflow (2012-0553)
11267| [91534] Oracle MySQL yaSSL Unspecified Overflow (2013-1492)
11268| [91415] MySQL Raw Geometry Object String Conversion Remote DoS
11269| [91108] Juju mysql Charm Install Script mysql.passwd MySQL Password Plaintext Local Disclosure
11270| [89970] Site Go /site-go/admin/extra/mysql/index.php idm Parameter Traversal Arbitrary File Access
11271| [89265] Oracle MySQL Server Server Privileges Subcomponent Unspecified Remote DoS
11272| [89264] Oracle MySQL Server Server Partition Subcomponent Unspecified Remote DoS
11273| [89263] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-0578)
11274| [89262] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-1705)
11275| [89261] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-0574)
11276| [89260] Oracle MySQL Server MyISAM Subcomponent Unspecified Remote DoS
11277| [89259] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2012-0572)
11278| [89258] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-0368)
11279| [89257] Oracle MySQL Server Server Locking Subcomponent Unspecified Remote DoS
11280| [89256] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-1702)
11281| [89255] Oracle MySQL Server Server Replication Subcomponent Unspecified Remote Issue
11282| [89254] Oracle MySQL Server Server Replication Subcomponent Unspecified Local Issue
11283| [89253] Oracle MySQL Server Stored Procedure Subcomponent Unspecified Remote DoS
11284| [89252] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS
11285| [89251] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote DoS
11286| [89250] Oracle MySQL Server GIS Extension Subcomponent Unspecified Remote DoS
11287| [89042] ViciBox Server MySQL cron Service Default Credentials
11288| [88415] Oracle MySQL Server COM_CHANGE_USER Account Password Brute-Force Weakness
11289| [88118] Oracle MySQL Server FILE Privilege Database Privilege Escalation
11290| [88067] Oracle MySQL Server Authentication Error Message User Enumeration
11291| [88066] Oracle MySQL Server for Linux Access Rights Checking Routine Database Name Handling Stack Buffer Overflow
11292| [88065] Oracle MySQL Server COM_BINLOG_DUMP Invalid Data Handling DoS
11293| [88064] Oracle MySQL Server Multiple-Table DELETE Heap Buffer Overflow
11294| [87704] CodeIgniter MySQL / MySQLi Driver Database Client Multi-byte Character Set Unspecified SQL Injection
11295| [87507] Oracle MySQL Statement Logging Multiple Log Plaintext Local Password Disclosure
11296| [87501] Oracle MySQL optimizer_switch Malformed Value Processing Local DoS
11297| [87494] Oracle MySQL on Windows Field_new_decimal::store_value dbug_buff Variable Overflow DoS
11298| [87480] MySQL Malformed XML Comment Handling DoS
11299| [87466] MySQL SSL Certificate Revocation Weakness
11300| [87356] Oracle MySQL do_div_mod DIV Expression Handling Remote DoS
11301| [87355] Oracle MySQL handler::pushed_cond Table Cache Handling mysqld DoS
11302| [87354] Oracle MySQL Polygon Union / Intersection Spatial Operations DoS
11303| [86273] Oracle MySQL Server Server Installation Subcomponent Unspecified Local Information Disclosure
11304| [86272] Oracle MySQL Server Server Replication Subcomponent Unspecified Remote DoS
11305| [86271] Oracle MySQL Server Server Full Text Search Subcomponent Unspecified Remote DoS
11306| [86270] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-3156)
11307| [86269] Oracle MySQL Server MySQL Client Subcomponent Unspecified Remote Information Disclosure
11308| [86268] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-3180)
11309| [86267] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-3150)
11310| [86266] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-3144)
11311| [86265] Oracle MySQL Server InnoDB Plugin Subcomponent Unspecified Remote DoS
11312| [86264] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
11313| [86263] Oracle MySQL Server MySQL Client Subcomponent Unspecified Remote Issue
11314| [86262] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-3177)
11315| [86261] Oracle MySQL Server Protocol Subcomponent Unspecified Remote Issue
11316| [86260] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote Code Execution
11317| [86175] Oracle MySQL on Windows Path Subversion Arbitrary DLL Injection Code Execution
11318| [85155] Icinga module/idoutils/db/scripts/create_mysqldb.sh Icinga User Database Access Restriction Bypass
11319| [84755] Oracle MySQL Sort Order Index Calculation Remote DoS
11320| [84719] MySQLDumper index.php page Parameter XSS
11321| [84680] MySQL Squid Access Report access.log File Path XSS
11322| [83980] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2012-1689)
11323| [83979] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2012-1734)
11324| [83978] Oracle MySQL Server Subcomponent Unspecified Remote DoS
11325| [83977] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
11326| [83976] Oracle MySQL Server GIS Extension Subcomponent Unspecified Remote DoS
11327| [83975] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2012-1735)
11328| [83661] Oracle MySQL Unspecified Issue (59533)
11329| [82804] Oracle MySQL Authentication Protocol Token Comparison Casting Failure Password Bypass
11330| [82803] Oracle MySQL Unspecified Issue (59387)
11331| [82120] Oracle MySQL Version Specific Comment Handling Arbitrary SQL Command Execution
11332| [81897] Viscacha classes/database/mysql.inc.php Multiple Parameter SQL Injection
11333| [81616] MySQLDumper Multiple Script Direct Request Information Disclosure
11334| [81615] MySQLDumper filemanagement.php f Parameter Traversal Arbitrary File Access
11335| [81614] MySQLDumper File Upload PHP Code Execution
11336| [81613] MySQLDumper main.php Multiple Function CSRF
11337| [81612] MySQLDumper restore.php filename Parameter XSS
11338| [81611] MySQLDumper sql.php Multiple Parameter XSS
11339| [81610] MySQLDumper install.php Multiple Parameter XSS
11340| [81609] MySQLDumper install.php language Parameter Traversal Arbitrary File Access
11341| [81378] Oracle MySQL Server Server Optimizer Component Unspecified Remote DoS (2012-1690)
11342| [81377] Oracle MySQL Server Server Optimizer Component Unspecified Remote DoS (2012-1696)
11343| [81376] Oracle MySQL Server Server DML Component Unspecified Remote DoS
11344| [81375] Oracle MySQL Server Partition Component Unspecified Remote DoS
11345| [81374] Oracle MySQL Server MyISAM Component Unspecified Remote DoS
11346| [81373] Oracle MySQL Server Server Optimizer Component Unspecified Remote DoS (2012-1703)
11347| [81059] Oracle MySQL Server Multiple Unspecified Issues
11348| [79038] Webmin Process Listing MySQL Password Local Disclosure
11349| [78919] Oracle MySQL Unspecified Pre-authentication Remote Code Execution
11350| [78710] WordPress wp-admin/setup-config.php MySQL Query Saturation Brute-Force Proxy Weakness
11351| [78708] WordPress wp-admin/setup-config.php MySQL Database Verification Code Injection Weakness
11352| [78707] WordPress wp-admin/setup-config.php MySQL Credentials Error Message Brute-Force Weakness
11353| [78394] Oracle MySQL Server Unspecified Remote DoS (2012-0493)
11354| [78393] Oracle MySQL Server Unspecified Remote DoS (2012-0492)
11355| [78392] Oracle MySQL Server Unspecified Remote DoS (2012-0117)
11356| [78391] Oracle MySQL Server Unspecified Remote DoS (2012-0112)
11357| [78390] Oracle MySQL Server Unspecified Remote DoS (2012-0495)
11358| [78389] Oracle MySQL Server Unspecified Remote DoS (2012-0491)
11359| [78388] Oracle MySQL Server Unspecified Remote DoS (2012-0490)
11360| [78387] Oracle MySQL Server Unspecified Remote DoS (2012-0489)
11361| [78386] Oracle MySQL Server Unspecified Remote DoS (2012-0488)
11362| [78385] Oracle MySQL Server Unspecified Remote DoS (2012-0487)
11363| [78384] Oracle MySQL Server Unspecified Remote DoS (2012-0486)
11364| [78383] Oracle MySQL Server Unspecified Remote DoS (2012-0485)
11365| [78382] Oracle MySQL Server Unspecified Remote DoS (2012-0120)
11366| [78381] Oracle MySQL Server Unspecified Remote DoS (2012-0119)
11367| [78380] Oracle MySQL Server Unspecified Remote DoS (2012-0115)
11368| [78379] Oracle MySQL Server Unspecified Remote DoS (2012-0102)
11369| [78378] Oracle MySQL Server Unspecified Remote DoS (2012-0101)
11370| [78377] Oracle MySQL Server Unspecified Remote DoS (2012-0087)
11371| [78376] Oracle MySQL Server Unspecified Remote DoS (2011-2262)
11372| [78375] Oracle MySQL Server Unspecified Local DoS
11373| [78374] Oracle MySQL Server Unspecified Remote Issue (2012-0075)
11374| [78373] Oracle MySQL Server Unspecified Local Issue
11375| [78372] Oracle MySQL Server Unspecified Remote Information Disclosure
11376| [78371] Oracle MySQL Server Unspecified Remote Issue (2012-0496)
11377| [78370] Oracle MySQL Server Unspecified Remote Issue (2012-0118)
11378| [78369] Oracle MySQL Server Unspecified Remote Issue (2012-0116)
11379| [78368] Oracle MySQL Server Unspecified Remote Issue (2012-0113)
11380| [78283] Oracle MySQL NULL Pointer Dereference Packet Parsing Remote DoS
11381| [77042] e107 CMS install_.php MySQL Server Name Parsing Remote PHP Code Execution
11382| [77040] DBD::mysqlPP Unspecified SQL Injection
11383| [75888] TaskFreak! multi-mysql Multiple Script Direct Request Path Disclosure
11384| [74120] Apache HTTP Server mod_authnz_external mysql/mysql-auth.pl user Field SQL Injection
11385| [73555] Prosody MySQL Value Column Invalid Data Type Handling DoS
11386| [73387] Zend Framework PDO_MySql Character Set Security Bypass
11387| [72836] Arctic Fox CMS Multiple Script Direct Request MySQL Settings Disclosure
11388| [72660] MySQL GUI Tools Administrator / Query Browser Command Line Credentials Local Disclosure
11389| [72120] DirectAdmin mysql_backups Folder MySQL Database Backup Local Disclosure
11390| [71368] Accellion File Transfer Appliance Weak MySQL root Password
11391| [70967] MySQL Eventum Admin User Creation CSRF
11392| [70966] MySQL Eventum preferences.php full_name Parameter XSS
11393| [70961] MySQL Eventum list.php Multiple Parameter XSS
11394| [70960] MySQL Eventum forgot_password.php URI XSS
11395| [70947] PyWebDAV DAVServer/mysqlauth.py get_userinfo() Multiple Parameter SQL Injection
11396| [70610] PHP MySQLi Extension set_magic_quotes_runtime Function mysqli_fetch_assoc Function Interaction Weakness
11397| [69885] SilverStripe modules/sapphire/trunk/core/model/MySQLDatabase.php showqueries Parameter SQL Command Disclosure
11398| [69395] MySQL Derived Table Grouping DoS
11399| [69394] MySQL Temporary Table Expression Re-Evaluation DoS
11400| [69393] MySQL GROUP_CONCAT() WITH ROLLUP Modifier DoS
11401| [69392] MySQL Extreme-Value Functions Mixed Arguments DoS
11402| [69391] MySQL Stored Procedures / Prepared Statements Nested Joins DoS
11403| [69390] MySQL Extreme-Value Functions Argument Parsing Type Error DoS
11404| [69389] MySQL CONVERT_TZ() Function Empty SET Column DoS
11405| [69388] MySQL InnoDB Storage Engine Table Handling Overflow
11406| [69387] MySQL LIKE Predicates Pre-Evaluation DoS
11407| [69001] MySQL PolyFromWKB() Function WKB Data Remote DoS
11408| [69000] MySQL HANDLER Interface Unspecified READ Request DoS
11409| [68997] MySQL Prepared-Statement Mode EXPLAIN DoS
11410| [68996] MySQL EXPLAIN EXTENDED Statement DoS
11411| [68995] MySQL GeometryCollection non-Geometry Value Assignment DoS
11412| [67488] phpMyAdmin libraries/dbi/mysqli.dbi.lib.php Unspecified Parameter XSS
11413| [67487] phpMyAdmin libraries/dbi/mysql.dbi.lib.php Unspecified Parameter XSS
11414| [67421] PHP Mysqlnd Extension mysqlnd_wireprotocol.c php_mysqlnd_rset_header_read Function Overflow
11415| [67420] PHP Mysqlnd Extension mysqlnd_wireprotocol.c php_mysqlnd_ok_read Function Arbitrary Memory Content Disclosure
11416| [67419] PHP Mysqlnd Extension php_mysqlnd_read_error_from_line Function Negative Buffer Length Value Overflow
11417| [67418] PHP Mysqlnd Extension php_mysqlnd_auth_write Function Multiple Overflows
11418| [67384] MySQL LOAD DATA INFILE Statement Incorrect OK Packet DoS
11419| [67383] MySQL EXPLAIN Statement Item_singlerow_subselect::store Function NULL Dereference DoS
11420| [67381] MySQL InnoDB Temporary Table Handling DoS
11421| [67380] MySQL BINLOG Statement Unspecified Argument DoS
11422| [67379] MySQL Multiple Operation NULL Argument Handling DoS
11423| [67378] MySQL Unique SET Column Join Statement Remote DoS
11424| [67377] MySQL DDL Statement Multiple Configuration Parameter DoS
11425| [66800] PHP Multiple mysqlnd_* Function Unspecified Overflow
11426| [66799] PHP mysqlnd Error Packet Handling Multiple Overflows
11427| [66731] PHP Bundled MySQL Library Unspecified Issue
11428| [66665] PHP MySQL LOAD DATA LOCAL open_basedir Bypass
11429| [65851] MySQL ALTER DATABASE #mysql50# Prefix Handling DoS
11430| [65450] phpGraphy mysql_cleanup.php include_path Parameter Remote File Inclusion
11431| [65085] MySQL Enterprise Monitor Unspecified CSRF
11432| [64843] MySQL DROP TABLE Command Symlink MyISAM Table Local Data Deletion
11433| [64588] MySQL sql/net_serv.cc my_net_skip_rest Function Large Packet Handling Remote DoS
11434| [64587] MySQL COM_FIELD_LIST Command Packet Table Name Argument Overflow
11435| [64586] MySQL COM_FIELD_LIST Command Packet Authentication Bypass
11436| [64524] Advanced Poll misc/get_admin.php mysql_host Parameter XSS
11437| [64447] Tirzen Framework (TZN) tzn_mysql.php Username Parameter SQL Injection Authentication Bypass
11438| [64320] ClanSphere MySQL Driver s_email Parameter SQL Injection
11439| [63903] MySQL sql/sql_plugin.cc mysql_uninstall_plugin Function UNINSTALL PLUGIN Command Privilege Check Weakness
11440| [63115] Quicksilver Forums mysqldump Process List Database Password Disclosure
11441| [62830] Employee Timeclock Software mysqldump Command-line Database Password Disclosure
11442| [62640] PHP mysqli_real_escape_string() Function Error Message Path Disclosure
11443| [62216] Flex MySQL Connector ActionScript SQL Query Arbitrary Code Execution
11444| [61752] kiddog_mysqldumper Extension for TYPO3 Unspecified Information Disclosure
11445| [61497] microTopic admin/mysql.php rating Parameter SQL Injection
11446| [60665] MySQL CREATE TABLE MyISAM Table mysql_unpacked_real_data_home Local Restriction Bypass
11447| [60664] MySQL sql/sql_table.cc Data Home Directory Symlink CREATE TABLE Access Restriction Bypass
11448| [60516] RADIO istek scripti estafresgaftesantusyan.inc Direct Request MySQL Database Credentials Disclosure
11449| [60489] MySQL GeomFromWKB() Function First Argument Geometry Value Handling DoS
11450| [60488] MySQL SELECT Statement WHERE Clause Sub-query DoS
11451| [60487] MySQL vio_verify_callback() Function Crafted Certificate MiTM Weakness
11452| [60356] MySql Client Library (libmysqlclient) mysql_real_connect Function Local Overflow
11453| [59907] MySQL on Windows bind-address Remote Connection Weakness
11454| [59906] MySQL on Windows Default Configuration Logging Weakness
11455| [59616] MySQL Hashed Password Weakness
11456| [59609] Suckbot mod_mysql_logger Shared Object Unspecified Remote DoS
11457| [59495] Cyrus SASL LDAP / MySQL Authentication Patch password Field SQL Injection Authentication Bypass
11458| [59062] phpMyAdmin Extension for TYPO3 MySQL Table Name Unspecified XSS
11459| [59045] phpMyAdmin Crafted MYSQL Table Name XSS
11460| [59030] mysql-ocaml for MySQL mysql_real_escape_string() Function Character Escaping Weakness
11461| [57587] Zmanda Recovery Manager for MySQL socket-server.pl system() Function Local Privilege Escalation
11462| [57586] Zmanda Recovery Manager for MySQL socket-server.pl system() Function Remote Shell Command Execution
11463| [56741] MySQL Connector/J Unicode w/ SJIS/Windows-31J Charset SQL Injection
11464| [56134] Virtualmin MySQL Module Execute SQL Feature Arbitrary File Access
11465| [55734] MySQL sql_parse.cc dispatch_command() Function Format String DoS
11466| [55566] MySQL Connector/NET SSL Certificate Verification Weakness
11467| [53525] MyBlog /config/mysqlconnection.inc Direct Request Information Disclosure
11468| [53524] blog+ includes/window_top.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
11469| [53523] blog+ includes/block_center_down.php row_mysql_blocks_center_down[file] Parameter Traversal Local File Inclusion
11470| [53522] blog+ includes/block_center_top.php row_mysql_blocks_center_top[file] Parameter Traversal Local File Inclusion
11471| [53521] blog+ includes/block_left.php row_mysql_blocks_left[file] Parameter Traversal Local File Inclusion
11472| [53520] blog+ includes/block_right.php row_mysql_blocks_right[file] Parameter Traversal Local File Inclusion
11473| [53519] blog+ includes/window_down.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
11474| [53366] GEDCOM_TO_MYSQL php/info.php Multiple Parameter XSS
11475| [53365] GEDCOM_TO_MYSQL php/index.php nom_branche Parameter XSS
11476| [53364] GEDCOM_TO_MYSQL php/prenom.php Multiple Parameter XSS
11477| [53360] Blogplus includes/window_top.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
11478| [53359] Blogplus includes/window_down.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
11479| [53358] Blogplus includes/block_right.php row_mysql_blocks_right[file] Parameter Traversal Local File Inclusion
11480| [53357] Blogplus includes/block_left.php row_mysql_blocks_left[file] Parameter Traversal Local File Inclusion
11481| [53356] Blogplus block_center_top.php row_mysql_blocks_center_top[file] Parameter Traversal Local File Inclusion
11482| [53355] Blogplus includes/block_center_down.php row_mysql_blocks_center_down[file] Parameter Traversal Local File Inclusion
11483| [53110] XOOPS Cube Legacy ErrorHandler::show() Function MySQL Error Message XSS
11484| [52729] Asterisk-addon cdr_addon_mysql.c Call Detail Record SQL Injection
11485| [52728] Tribox cdr_addon_mysql.c Call Detail Record XSS
11486| [52727] FreePBX cdr_addon_mysql.c Call Detail Record XSS
11487| [52726] Areski cdr_addon_mysql.c Call Detail Record XSS
11488| [52464] MySQL charset Column Truncation Weakness
11489| [52453] MySQL sql/item_xmlfunc.cc ExtractValue() / UpdateXML() Functions Scalar XPath DoS
11490| [52378] Cisco ANM MySQL root Account Default Password
11491| [52264] Broadcast Machine MySQLController.php controllers/baseDir Parameter Remote File Inclusion
11492| [51923] Apache HTTP Server mod-auth-mysql Module mod_auth_mysql.c Multibyte Character Encoding SQL Injection
11493| [51171] MySQL InnoDB convert_search_mode_to_innobase Function DoS
11494| [50892] MySQL Calendar index.php username Parameter SQL Injection
11495| [50827] Nodstrum MySQL Calendar nodstrumCalendarV2 Cookie Manipulation Admin Authentication Bypass
11496| [49875] PromoteWeb MySQL go.php id Parameter SQL Injection
11497| [48710] MySQL Command Line Client HTML Output XSS
11498| [48709] MySQL Quick Admin actions.php lang Parameter Traversal Local File Inclusion
11499| [48708] MySQL Quick Admin index.php language Cookie Traversal Local File Inclusion
11500| [48021] MySQL Empty Bit-String Literal Token SQL Statement DoS
11501| [47789] mysql-lists Unspecified XSS
11502| [47394] Keld PHP-MySQL News Script login.php username Parameter SQL Injection
11503| [45073] MySQLDumper Extension for TYPO3 Unspecified Authentication Bypass
11504| [44937] MySQL MyISAM Table CREATE TABLE Privilege Check Bypass
11505| [44138] Debian GNU/Linux libdspam7-drv-mysql Cron MySQL dspam Database Password Local Disclosure
11506| [44071] Phorum /include/db/mysql.php Unspecified Search SQL Injection
11507| [43180] MySQL sql_select.cc INFORMATION_SCHEMA Table Crafted Query Remote DoS
11508| [43179] MySQL Server BINLOG Statement Rights Checking Failure
11509| [42610] MySQL DEFINER View Value Crafted Statements Remote Privilege Escalation
11510| [42609] MySQL Federated Engine SHOW TABLE STATUS Query Remote DoS
11511| [42608] MySQL RENAME TABLE Symlink System Table Overwrite
11512| [42607] MySQL Multiple table-level DIRECTORY Remote Privilege Escalation
11513| [42460] MySQLDumper HTTP POST Request Remote Authentication Bypass
11514| [42423] AdventNet EventLog Analyzer MySQL Installation Default root Account
11515| [41861] Bacula make_catalog_backup Function MySQL Director Password Cleartext Disclosure
11516| [40232] PHP MySQL Banner Exchange inc/lib.inc Direct Request Database Disclosure
11517| [40188] Password Manager Pro (PMP) mysql Unspecified Remote Command Injection
11518| [39279] PHP mysql_error() Function XSS
11519| [39145] aurora framework db_mysql.lib pack_var() value Parameter SQL Injection
11520| [38567] NetClassifieds Mysql_db.php Halt_On_Error Setting Error Message Path Disclosure
11521| [38112] Excel Parser Pro sample/xls2mysql parser_path Parameter Remote File Inclusion
11522| [37880] Asterisk-Addons source/destination Numbers cdr_addon_mysql Module SQL Injection
11523| [37784] PHP MySQL Extension Multiple Function Security Restriction Bypass
11524| [37783] MySQL Community Server CREATE TABLE LIKE Table Structure Disclosure
11525| [37782] MySQL Community Server External Table View Privilege Escalation
11526| [37781] MySQL ALTER TABLE Information Disclosure
11527| [37539] GPL PHP Board db.mysql.inc.php root_path Parameter Remote File Inclusion
11528| [37195] Eve-Nuke Module for PHP-Nuke db/mysql.php phpbb_root_path
11529| [37015] paBugs class.mysql.php path_to_bt_dir Parameter Remote File Inclusion
11530| [36868] PHP MySQLi Extension LOCAL INFILE Operation Security Restriction Bypass
11531| [36867] PHP MySQL Extension LOCAL INFILE Operation Security Restriction Bypass
11532| [36771] InterWorx-CP SiteWorx mysql.php PATH_INFO Parameter XSS
11533| [36757] InterWorx-CP NodeWorx mysql.php PATH_INFO Parameter XSS
11534| [36732] MySQL Community Server Connection Protocol Malformed Password Packet Remote DoS
11535| [36251] Associated Press (AP) Newspower Default MySQL root Password
11536| [35168] Study Planner (Studiewijzer) db/mysql/db.inc.php SPL_CFG[dirroot] Parameter Remote File Inclusion
11537| [35037] Fantastico for cPanel includes/mysqlconfig.php fantasticopath Parameter Traversal Local File Inclusion
11538| [34780] Backup Manager Command Line Cleartext MySQL Password Disclosure
11539| [34766] MySQL RENAME TABLE Statement Arbitrary Table Name Modification
11540| [34765] MySQL mysql_change_db Function THD::db_access Privilege Escalation
11541| [34734] MySQL Crafted IF Clause Divide-by-zero NULL Dereference DoS
11542| [34038] MySQL Commander ressourcen/dbopen.php home Parameter Remote File Inclusion
11543| [33974] MySQL information_schema Table Subselect Single-Row DoS
11544| [33678] MySQLNewsEngine affichearticles.php3 newsenginedir Parameter Remote File Inclusion
11545| [33447] WGS-PPC (PPC Search Engine) config/mysql_config.php INC Parameter Remote File Inclusion
11546| [33372] deV!L'z Clanportal inc/filebrowser/browser.php MySQL Data Disclosure
11547| [33147] ActiveCalendar data/mysqlevents.php css Parameter XSS
11548| [32784] Storystream mysqli.php baseDir Parameter Remote File Inclusion
11549| [32783] Storystream mysql.php baseDir Parameter Remote File Inclusion
11550| [32421] Contenido CMS conlib/db_mysqli.inc Direct Request Path Disclosure
11551| [32272] JevonCMS /phplib/db_mysql.inc Direct Request Path Disclosure
11552| [32171] Blue Magic Board db_mysql_error.php Direct Request Path Disclosure
11553| [32056] BTSaveMySql Direct Request Config File Disclosure
11554| [32044] cPanel WebHost Manager (WHM) scripts/passwdmysql password Parameter XSS
11555| [32024] TikiWiki tiki-wiki_rss.php ver MySQL Credential Disclosure
11556| [31963] Agora MysqlfinderAdmin.php _SESSION[PATH_COMPOSANT] Parameter Remote File Inclusion
11557| [31431] ZoomStats libs/dbmax/mysql.php GLOBALS[lib][db][path] Parameter Remote File Inclusion
11558| [30172] TikiWiki Multiple Script Empty sort_mode Parameter MySQL Authentication Credential Disclosure
11559| [29696] MySQLDumper sql.php db Parameter XSS
11560| [29453] ConPresso CMS db_mysql.inc.php msg Parameter XSS
11561| [29122] cPanel mysqladmin/hooksadmin Unspecified Privilege Escalation
11562| [28296] MySQL Crafted multiupdate / subselects Query Local DoS
11563| [28288] MySQL Instance_options::complete_initialization Function Overflow
11564| [28030] Tutti Nova class.novaRead.mysql.php TNLIB_DIR Parameter Remote File Inclusion
11565| [28029] Tutti Nova class.novaAdmin.mysql.php TNLIB_DIR Parameter Remote File Inclusion
11566| [28028] Tutti Nova class.novaEdit.mysql.php TNLIB_DIR Parameter Remote File Inclusion
11567| [28013] MySQL SUID Routine Miscalculation Arbitrary DML Statement Execution
11568| [28012] MySQL Case Sensitivity Unauthorized Database Creation
11569| [27919] MySQL VIEW Access information_schema.views Information Disclosure
11570| [27703] MySQL MERGE Table Privilege Persistence
11571| [27593] Drupal database.mysqli.inc Multiple Parameter SQL Injection
11572| [27549] Opsware NAS /etc/init.d/mysqll MySQL root Cleartext Password Local Disclosure
11573| [27416] MySQL Server time.cc date_format Function Format String
11574| [27054] MySQL mysqld str_to_date Function NULL Argument DoS
11575| [26923] PHP/MySQL Classifieds (PHP Classifieds) search.php rate Parameter SQL Injection
11576| [26922] PHP/MySQL Classifieds (PHP Classifieds) AddAsset1.php Multiple Field XSS
11577| [26822] Bee-hive Lite include/listall.inc.php mysqlcall Parameter Remote File Inclusion
11578| [26821] Bee-hive Lite conad/include/mysqlCall.inc.php config Parameter Remote File Inclusion
11579| [26820] Bee-hive Lite conad/logout.inc.php mysqlCall Parameter Remote File Inclusion
11580| [26819] Bee-hive Lite conad/login.inc.php mysqlCall Parameter Remote File Inclusion
11581| [26818] Bee-hive Lite conad/checkPasswd.inc.php mysqlCall Parameter Remote File Inclusion
11582| [26817] Bee-hive Lite conad/changeUserDetails.inc.php mysqlCall Parameter Remote File Inclusion
11583| [26816] Bee-hive Lite conad/changeEmail.inc.php mysqlCall Parameter Remote File Inclusion
11584| [26125] Open Searchable Image Catalogue core.php do_mysql_query Function Error Message XSS
11585| [26123] Open Searchable Image Catalogue core.php do_mysql_query Function SQL Injection
11586| [25987] MySQL Multibyte Encoding SQL Injection Filter Bypass
11587| [25908] Drupal database.mysql.inc Multiple Parameter SQL Injection
11588| [25595] Apple Mac OS X MySQL Manager Blank root Password
11589| [25228] MySQL Crafted COM_TABLE_DUMP Request Arbitrary Memory Disclosure
11590| [25227] MySQL COM_TABLE_DUMP Packet Overflow
11591| [25226] MySQL Malformed Login Packet Remote Memory Disclosure
11592| [24245] Cholod Mysql Based Message Board Unspecified XSS
11593| [24244] Cholod Mysql Based Message Board mb.cgi showmessage Action SQL Injection
11594| [23963] WoltLab Burning Board class_db_mysql.php SQL Error Message XSS
11595| [23915] Netcool/NeuSecure MySQL Database Connection Restriction Bypass
11596| [23611] Aztek Forum index.php msg Variable Forced MySQL Error Information Disclosure
11597| [23526] MySQL Query NULL Charcter Logging Bypass
11598| [23157] PHP/MYSQL Timesheet changehrs.php Multiple Parameter SQL Injection
11599| [23156] PHP/MYSQL Timesheet index.php Multiple Parameter SQL Injection
11600| [22995] PAM-MySQL Authentication pam_get_item() Function Unspecified Privilege Escalation
11601| [22994] PAM-MySQL SQL Logging Facility Segfault DoS
11602| [22485] Recruitment Software admin/site.xml MySQL Authentication Credential Disclosure
11603| [22479] PHP mysqli Extension Error Message Format String
11604| [22232] PHP Pipe Variable mysql_connect() Function Overflow
11605| [21685] MySQL Auction Search Module keyword XSS
11606| [20698] Campsite notifyendsubs Cron MySQL Password Cleartext Remote Disclosure
11607| [20145] Proofpoint Protection Server Embedded MySQL Server Unpassworded root Account
11608| [19457] aMember Pro mysql.inc.php Remote File Inclusion
11609| [19377] MAXdev MD-Pro /MySQL_Tools/admin.php Path Disclosure
11610| [18899] MySQL UDF Library Arbitrary Function Load Privilege Escalation
11611| [18898] MySQL UDF LoadLibraryEx Function Nonexistent Library Load DoS
11612| [18897] MySQL on Windows UDF Create Function Traversal Privilege Escalation
11613| [18896] MySQL User-Defined Function init_syms() Function Overflow
11614| [18895] MySQL libmysqlclient.so host Parameter Remote Overflow
11615| [18894] MySQL drop database Request Remote Overflow
11616| [18622] FunkBoard mysql_install.php Email Field Arbitrary PHP Code Injection
11617| [18620] FunkBoard mysql_install.php Admin/Database Password Manipulation
11618| [18406] MySQL Eventum releases.php SQL Injection
11619| [18405] MySQL Eventum custom_fields_graph.php SQL Injection
11620| [18404] MySQL Eventum custom_fields.php SQL Injection
11621| [18403] MySQL Eventum login.php email Parameter SQL Injection Authentication Bypass
11622| [18402] MySQL Eventum get_jsrs_data.php F Parameter XSS
11623| [18401] MySQL Eventum list.php release Parameter XSS
11624| [18400] MySQL Eventum view.php id Parameter XSS
11625| [18173] MySQL on Windows USE Command MS-DOS Device Name DoS
11626| [17801] Bugzilla MySQL Replication Race Condition Information Disclosure
11627| [17223] xMySQLadmin Symlink Arbitrary File Deletion
11628| [16727] MySQL Nonexistent '--user' Error Incorrect Privilege Database Invocation
11629| [16689] MySQL mysql_install_db Symlink Arbitrary File Overwrite
11630| [16056] Plans Unspecified mySQL Remote Password Disclosure
11631| [15993] MySQL MaxDB Webtool Remote getIfHeader() WebDAV Function Remote Overflow
11632| [15817] MySQL MaxDB Web Tool getLockTokenHeader() Function Remote Overflow
11633| [15816] MySQL MaxDB Web Administration Service Malformed GET Request Overflow
11634| [15451] paNews auth.php mysql_prefix Parameter SQL Injection
11635| [14748] MySQL MS-DOS Device Names Request DoS
11636| [14678] MySQL CREATE FUNCTION Arbitrary libc Code Execution
11637| [14677] MySQL CREATE FUNCTION mysql.func Table Arbitrary Library Injection
11638| [14676] MySQL CREATE TEMPORARY TABLE Symlink Privilege Escalation
11639| [14386] phpMyAdmin mysqli.dbi.lib.php Path Disclosure
11640| [14052] Symantec Brightmail AntiSpam Multiple Default MySQL Accounts
11641| [13086] MySQL MaxDB Web Agent Malformed HTTP Header DoS
11642| [13085] MySQL MaxDB Web Agent WebDAV sapdbwa_GetUserData() Function Remote DoS
11643| [13013] MySQL mysqlaccess.sh Symlink Arbitrary File Manipulation
11644| [12919] MySQL MaxDB WebAgent websql Remote Overflow
11645| [12779] MySQL User Defined Function Privilege Escalation
11646| [12609] MySQL Eventum projects.php Multiple Parameter XSS
11647| [12608] MySQL Eventum preferences.php Multiple Parameter XSS
11648| [12607] MySQL Eventum forgot_password.php email Parameter XSS
11649| [12606] MySQL Eventum index.php email Parameter XSS
11650| [12605] MySQL Eventum Default Vendor Account
11651| [12275] MySQL MaxDB Web Tools wahttp Nonexistent File Request DoS
11652| [12274] MySQL MaxDB Web Tools WebDAV Handler Remote Overflow
11653| [11689] Roxen Web Server MySQL Socket Permission Weakness
11654| [10985] MySQL MATCH..AGAINST Query DoS
11655| [10959] MySQL GRANT ALL ON Privilege Escalation
11656| [10660] MySQL ALTER TABLE/RENAME Forces Old Permission Checks
11657| [10659] MySQL ALTER MERGE Tables to Change the UNION DoS
11658| [10658] MySQL mysql_real_connect() Function Remote Overflow
11659| [10532] MySQL MaxDB webdbm Server Field DoS
11660| [10491] AWS MySQLguest AWSguest.php Script Insertion
11661| [10244] MySQL libmysqlclient Prepared Statements API Overflow
11662| [10226] MySQLGuest AWSguest.php Multiple Field XSS
11663| [9912] PHP safe_mode MySQL Database Access Restriction Bypass
11664| [9911] Inter7 vpopmail MySQL Module Authentication Credential Disclosure
11665| [9910] MySQL mysql_change_user() Double-free Memory Pointer DoS
11666| [9909] MySQL datadir/my.cnf Modification Privilege Escalation
11667| [9908] MySQL my.ini Initialization File datadir Parameter Overflow
11668| [9907] MySQL SELECT Statement String Handling Overflow
11669| [9906] MySQL GRANT Privilege Arbitrary Password Modification
11670| [9509] teapop MySQL Authentication Module SQL Injection
11671| [9018] MySQL Backup Pro getbackup() Method Unspecified Issue
11672| [9015] MySQL mysqlhotcopy Insecure Temporary File Creation
11673| [8997] Cacti config.php MySQL Authentication Credential Cleartext Disclosure
11674| [8979] MySQL SHOW GRANTS Encrypted Password Disclosure
11675| [8889] MySQL COM_TABLE_DUMP Package Negative Integer DoS
11676| [8888] MySQL COM_CHANGE_USER Command Long Repsonse Overflow
11677| [8887] MySQL COM_CHANGE_USER Command One Character Password Brute Force
11678| [8886] MySQL libmysqlclient Library read_one_row Overflow
11679| [8885] MySQL libmysqlclient Library read_rows Overflow
11680| [7476] MySQL Protocol 4.1 Authentication Scramble String Overflow
11681| [7475] MySQL Zero-length Scrambled String Crafted Packet Authentication Bypass
11682| [7245] MySQL Pluggable Authentication Module (pam_mysql) Password Disclosure
11683| [7128] MySQL show database Database Name Exposure
11684| [6716] MySQL Database Engine Weak Authentication Information Disclosure
11685| [6605] MySQL mysqld Readable Log File Information Disclosure
11686| [6443] PowerPhlogger db_dump.php View Arbitrary mySQL Dump
11687| [6421] MySQL mysqld_multi Symlink Arbitrary File Overwrite
11688| [6420] MySQL mysqlbug Symlink Arbitrary File Overwrite
11689| [2537] MySQL sql_acl.cc get_salt_from_password Function Password Handling Remote Overflow
11690| [2144] WinMySQLadmin my.ini Cleartext Password Disclosure
11691| [653] PCCS-Linux MySQL Database Admin Tool Authentication Credential Disclosure
11692| [520] MySQL Database Name Traversal Arbitrary File Modification
11693| [380] MySQL Server on Windows Default Null Root Password
11694| [261] MySQL Short Check String Authentication Bypass
11695|_
1169610050/tcp open tcpwrapped
1169739445/tcp open status 1 (RPC #100024)
11698Device type: broadband router|WAP|router|remote management|general purpose
11699Running (JUST GUESSING): Asus embedded (95%), Linux 2.6.X|2.4.X (95%), Cisco embedded (94%), Peplink embedded (94%), Dell embedded (94%), D-Link embedded (94%)
11700OS CPE: cpe:/h:asus:rt-ac66u cpe:/o:linux:linux_kernel:2.6 cpe:/h:asus:rt-n16 cpe:/h:cisco:srp_521w cpe:/o:linux:linux_kernel:2.4 cpe:/h:peplink:balance_380 cpe:/h:dlink:dir-300_nru
11701Aggressive OS guesses: Asus RT-AC66U router (Linux 2.6) (95%), Asus RT-N16 WAP (Linux 2.6) (95%), Asus RT-N66U WAP (Linux 2.6) (95%), Tomato 1.28 (Linux 2.6.22) (95%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (95%), Cisco SRP 521W WAP (Linux 2.6) (94%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (94%), OpenWrt White Russian 0.9 (Linux 2.4.30) (94%), Peplink Balance 380 router (94%), Dell Chassis Management Controller (CMC) (94%)
11702No exact OS matches for host (test conditions non-ideal).
11703Uptime guess: 11.605 days (since Sat Oct 26 05:27:57 2019)
11704Network Distance: 10 hops
11705TCP Sequence Prediction: Difficulty=258 (Good luck!)
11706IP ID Sequence Generation: All zeros
11707Service Info: Host: dummy-host.example.com; OSs: Unix, Linux; CPE: cpe:/o:linux:linux_kernel
11708
11709TRACEROUTE (using port 80/tcp)
11710HOP RTT ADDRESS
117111 129.82 ms 10.230.200.1
117122 ...
117133 130.73 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
117144 130.38 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
117155 137.21 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
117166 132.65 ms be3377.ccr21.sto01.atlas.cogentco.com (154.54.36.90)
117177 132.20 ms level3.sto01.atlas.cogentco.com (130.117.14.6)
117188 161.11 ms ae-1-3107.edge6.Amsterdam1.Level3.net (4.69.162.214)
117199 ...
1172010 160.46 ms no-reverse-dns-configured.com (94.102.49.234)
11721
11722NSE: Script Post-scanning.
11723Initiating NSE at 18:59
11724Completed NSE at 18:59, 0.00s elapsed
11725Initiating NSE at 18:59
11726Completed NSE at 18:59, 0.00s elapsed
11727#######################################################################################################################################
11728Starting Nmap 7.80 ( https://nmap.org ) at 2019-11-06 18:59 EST
11729NSE: Loaded 47 scripts for scanning.
11730NSE: Script Pre-scanning.
11731Initiating NSE at 18:59
11732Completed NSE at 18:59, 0.00s elapsed
11733Initiating NSE at 18:59
11734Completed NSE at 18:59, 0.00s elapsed
11735Initiating Parallel DNS resolution of 1 host. at 18:59
11736Completed Parallel DNS resolution of 1 host. at 18:59, 0.02s elapsed
11737Initiating UDP Scan at 18:59
11738Scanning no-reverse-dns-configured.com (94.102.49.234) [15 ports]
11739Discovered open port 123/udp on 94.102.49.234
11740Increasing send delay for 94.102.49.234 from 0 to 50 due to max_successful_tryno increase to 4
11741Increasing send delay for 94.102.49.234 from 50 to 100 due to max_successful_tryno increase to 5
11742Completed UDP Scan at 18:59, 7.08s elapsed (15 total ports)
11743Initiating Service scan at 18:59
11744Scanning 1 service on no-reverse-dns-configured.com (94.102.49.234)
11745Completed Service scan at 18:59, 0.16s elapsed (1 service on 1 host)
11746Initiating OS detection (try #1) against no-reverse-dns-configured.com (94.102.49.234)
11747Retrying OS detection (try #2) against no-reverse-dns-configured.com (94.102.49.234)
11748Initiating Traceroute at 18:59
11749Completed Traceroute at 18:59, 7.15s elapsed
11750Initiating Parallel DNS resolution of 1 host. at 18:59
11751Completed Parallel DNS resolution of 1 host. at 18:59, 0.00s elapsed
11752NSE: Script scanning 94.102.49.234.
11753Initiating NSE at 18:59
11754Completed NSE at 18:59, 3.26s elapsed
11755Initiating NSE at 18:59
11756Completed NSE at 18:59, 0.00s elapsed
11757Nmap scan report for no-reverse-dns-configured.com (94.102.49.234)
11758Host is up (0.17s latency).
11759
11760PORT STATE SERVICE VERSION
1176153/udp closed domain
1176267/udp closed dhcps
1176368/udp closed dhcpc
1176469/udp closed tftp
1176588/udp closed kerberos-sec
11766123/udp open ntp NTP v4 (secondary server)
11767| vulscan: VulDB - https://vuldb.com:
11768| [133843] ntp Port unknown vulnerability
11769| [128043] InfoVista VistaPortal SE 5.1 EditCurrentPresentSpace.jsp Parameter cross site scripting
11770| [128042] InfoVista VistaPortal SE 5.1 EditCurrentPool.jsp Parameter cross site scripting
11771| [128036] InfoVista VistaPortal SE 5.1 EditCurrentPresentSpace.jsp Parameter cross site scripting
11772| [105145] ntp up to 4.2.8p2-RC1/4.3.11 on Big Endian MD5 Key Generator ntp-keygen.c Variable weak encryption
11773| [96331] OpenNTPD up to 6.0 CN Validator weak authentication
11774| [95322] ntpd up to 4.2.8p8 Initial Sync Calculation unknown vulnerability
11775| [89036] Microsoft Windows up to Vista SP2 Print Spooler ntprint.dll PSetupDownloadAndInstallLegacyDriver privilege escalation
11776| [89035] Microsoft Windows up to Vista SP2 Print Spooler ntprint.dll PSetupDownloadAndInstallLegacyDriver memory corruption
11777| [87754] ntpd up to 4.2.8p7 Crypto-NAK Packet valid_NAK denial of service
11778| [87751] ntpd up to 4.2.8p7 Validation ntp_proto.c receive privilege escalation
11779| [60308] UTC Fire & Security GE-MC100-NTP/GPS-ZB Hardcoded Credentials unknown vulnerability
11780| [91177] WebTitan Appliance v3.50.x NTP Server Persistent cross site scripting
11781| [3368] Microsoft Windows up to Vista NNTP Response Heap-based memory corruption
11782| [141110] Cisco NX-OS ntp Packet Flooding denial of service
11783| [139263] Polycom Obihai Obi1022 5.1.11 NTP POST Request command injection
11784| [138862] Terracotta Quartz Scheduler up to 2.3.0 XML Data XMLSchedulingDataProcessor.java initDocumentParser XML External Entity
11785| [136554] Foxit Reader SDK Professsional 5.4.0.1031 Textbox IReader_ContentProvider PDF File memory corruption
11786| [136165] Foxit Reader SDK Professsional 5.4.0.1031 TextBox IReader_ContentProvider PDF File memory corruption
11787| [135088] ntp up to 4.2.8p12 NULL Pointer Dereference denial of service
11788| [131170] D-Link DIR-825 Rev.B 2.10 ntp_sync.cgi POST Request privilege escalation
11789| [129795] NTPsec up to 1.1.2 ntpd ntp_control.c denial of service
11790| [129794] NTPsec up to 1.1.2 ntp_control.c process_control() memory corruption
11791| [129793] NTPsec up to 1.1.2 ntp_control.c read_sysvars memory corruption
11792| [129792] NTPsec up to 1.1.2 ntpd ntp_config.c Request memory corruption
11793| [128241] jco.ir Karma 6.0.0 ContentPlaceHolder1_uxTitle ArchiveNews.aspx Parameter sql injection
11794| [124080] D-Link DIR-816 A2 1.10 B05 /goform/NTPSyncWithHost handler Shell Metacharacter command injection
11795| [122955] btrfsmaintenance up to 0.4.1 evaluate_auto_mountpoint Code Execution
11796| [121557] NeoMutt Message Data nntp.c memory corruption
11797| [121556] NeoMutt newsrc.c nntp_add_group memory corruption
11798| [119727] ntp 4.2.8p11 ntpq/ntpdc Long String Stack-based memory corruption
11799| [118765] Apple iOS up to 11.3.1 FontParser memory corruption
11800| [118715] Apple watchOS up to 4.3.0 FontParser memory corruption
11801| [117884] Foxit Reader 9.0.0.29935 PrintParams memory corruption
11802| [117883] Foxit Reader 9.0.0.29935 PrintParams memory corruption
11803| [114231] ntp 4.2.8p6/4.2.8p7/4.2.8p8/4.2.8p9/4.2.8p10 Symmetric Mode decodearr memory corruption
11804| [114140] ntp up to 4.2.8p11 Protocol Engine Source IP Address denial of service
11805| [114139] ntp up to 4.2.8p11 ntpd Timestamp denial of service
11806| [114138] ntp up to 4.2.8p11 ntpd ctl_getitem Packet denial of service
11807| [114137] ntp up to 4.2.8p6/4.3.91 ntpd Sybil privilege escalation
11808| [111779] Wireshark up to 2.4.3 JSON/XML/NTP/XMPP/GDB epan/tvbparse.c denial of service
11809| [104358] ntp up to 4.2.7 ntpd ntpd/ntp_config.c denial of service
11810| [98857] Apple tvOS up to 10.1 FontParser information disclosure
11811| [98856] Apple tvOS up to 10.1 FontParser memory corruption
11812| [98855] Apple tvOS up to 10.1 FontParser memory corruption
11813| [98854] Apple tvOS up to 10.1 FontParser memory corruption
11814| [98823] Apple watchOS up to 3.1 FontParser Out-of-Bounds information disclosure
11815| [98822] Apple watchOS up to 3.1 FontParser memory corruption
11816| [98821] Apple watchOS up to 3.1 FontParser memory corruption
11817| [98820] Apple watchOS up to 3.1 FontParser memory corruption
11818| [98741] Apple iOS up to 10.2 FontParser Out-of-Bounds information disclosure
11819| [98740] Apple iOS up to 10.2 FontParser memory corruption
11820| [98739] Apple iOS up to 10.2 FontParser memory corruption
11821| [98738] Apple iOS up to 10.2 FontParser memory corruption
11822| [98630] Apple macOS up to 10.12.3 FontParser Out-of-Bounds memory corruption
11823| [98629] Apple macOS up to 10.12.3 FontParser memory corruption
11824| [98628] Apple macOS up to 10.12.3 FontParser memory corruption
11825| [98627] Apple macOS up to 10.12.3 FontParser memory corruption
11826| [98552] ntp up to 4.2.8p9 Timestamp Origin Check spoofing
11827| [98551] ntp up to 4.2.8p9 ntpq Stack-based memory corruption
11828| [98550] ntp up to 4.2.8p9 Legacy MX4200 refclock mx4200_send memory corruption
11829| [98549] ntp up to 4.2.8p9 ctl_put memory corruption
11830| [98548] ntp up to 4.2.8p9 on Windows Data Structure denial of service
11831| [98545] ntp up to 4.2.8p9 Config Directive Segmentation Fault denial of service
11832| [98543] ntp up to 4.2.8p9 Configuration Directive denial of service
11833| [97826] Joomla CMS com_frontpage sql injection
11834| [95890] Apple watchOS up to 3.1.2 FontParser memory corruption
11835| [95889] Apple watchOS up to 3.1.2 FontParser memory corruption
11836| [95334] ntpd up to 4.2.8p8 on Windows UDP Packet denial of service
11837| [95333] ntpd up to 4.2.8p8 NULL Pointer Dereference denial of service
11838| [95332] ntpd up to 4.2.8p8 Control Mode privilege escalation
11839| [95321] ntpd up to 4.2.8p8 Origin Timestamp Protection Bypass privilege escalation
11840| [95320] ntpd up to 4.2.8p8 Source denial of service
11841| [95319] ntpd up to 4.2.8p8 Broadcast Packet denial of service
11842| [95318] ntpd up to 4.2.8p8 Broadcast Mode Replay Prevention denial of service
11843| [95317] ntpd up to 4.2.8p8 Rate Limit spoofing denial of service
11844| [94382] Apple macOS up to 10.12.1 FontParser memory corruption
11845| [94381] Apple macOS up to 10.12.1 FontParser memory corruption
11846| [94255] Apple tvOS up to 10.0 FontParser memory corruption
11847| [94254] Apple tvOS up to 10.0 FontParser memory corruption
11848| [94180] Apple iOS up to 10.1.1 FontParser memory corruption
11849| [94179] Apple iOS up to 10.1.1 FontParser memory corruption
11850| [93993] BusyBox NTP Packet networking/ntpd.c recv_and_process_client_pkt denial of service
11851| [93745] ntpd up to 4.2.8p8/4.3.93 UDP Packet NULL Pointer Dereference denial of service
11852| [93087] Apple watchOS up to 3.0 FontParser User information disclosure
11853| [93076] Apple tvOS up to 10.0 FontParser Out-of-Bounds information disclosure
11854| [93064] Apple macOS 10.12.0 FontParser Out-of-Bounds information disclosure
11855| [93044] Apple iOS up to 10.0.3 FontParser Out-of-Bounds information disclosure
11856| [92853] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 NTP denial of service
11857| [92127] Apple tvOS up to 9.x FontParser Memory information disclosure
11858| [92108] Apple watchOS up to 2.x FontParser Memory information disclosure
11859| [92076] Apple macOS up to 10.11 FontParser memory corruption
11860| [91998] Apple iOS up to 10 FontParser memory corruption
11861| [91519] Microsoft Internet Explorer 9/10/11 MSHTML HandleStyleComponentProperty memory corruption
11862| [90452] Cisco IOS 15.5(3)S3/15.6(1)S2/15.6(2)S1/15.6(2)T1 NTP Interface Queue denial of service
11863| [88542] Meinberg IMS-LANTIME up to 6.20 NTP Time Server privilege escalation
11864| [88541] Meinberg IMS-LANTIME up to 6.20 NTP Time Server POST Request Stack-Based memory corruption
11865| [88540] Meinberg IMS-LANTIME up to 6.20 NTP Time Server POST Request Stack-Based memory corruption
11866| [87753] ntpd up to 4.2.8p7 Synchronization denial of service
11867| [87752] ntpd up to 4.2.8p7 Autokey denial of service
11868| [87750] ntpd up to 4.2.8p7 MAC denial of service
11869| [82989] ntp 4.2.8 ctl_getitem denial of service
11870| [82988] ntp 4.2.8 MATCH_ASSOC denial of service
11871| [82987] ntp 4.2.8 Trusted Key denial of service
11872| [82986] ntp 4.2.8 unconfig Directive denial of service
11873| [82985] ntp 4.2.8 IPv4 Bogon Packet privilege escalation
11874| [82983] ntp 4.2.8 Ephemeral Association privilege escalation
11875| [82982] ntp 4.2.8 ntpd Client privilege escalation
11876| [82981] ntp 4.2.8 Crypto NAK denial of service
11877| [82723] Cisco IOS/IOS XE ntp Time privilege escalation
11878| [81486] Apple iOS up to 9.2 FontParser memory corruption
11879| [81435] Apple Mac OS X up to 10.11.3 FontParser memory corruption
11880| [80654] ntp 4.2.8p5 ntpq Replay privilege escalation
11881| [80653] ntp 4.2.8p5 ntpq/ntpdc information disclosure
11882| [80652] ntp 4.2.8p5 ntpq Infinite Loop denial of service
11883| [80651] ntp 4.2.8p5 Origin Timestamp privilege escalation
11884| [80650] ntp 4.2.8p5 Authenticated Broadcast Mode privilege escalation
11885| [80649] ntp 4.2.8p5 reslist Command Stack-Based denial of service
11886| [80648] ntp 4.2.8p5 ntpdc NULL Pointer Dereference denial of service
11887| [80647] ntp 4.2.8p5 ntpq privilege escalation
11888| [80645] ntp 4.2.8p5 Key Checker spoofing
11889| [80644] ntp 4.2.8p5 Broadcast privilege escalation
11890| [78936] ntpd up to 4.2.8p5/4.3.78 ntp_crypto.c privilege escalation
11891| [78938] ntpd 4.2.8 sntp denial of service
11892| [78937] ntpd 4.2.8 logconfig Command Crash denial of service
11893| [78859] ntpd 4.2.8 autokey ntp_crypto.c denial of service
11894| [78858] ntpd 4.2.8 autokey ntp_crypto.c denial of service
11895| [78857] ntpd 4.2.8 ntp_crypto.c Extension Field denial of service
11896| [78856] ntpd 4.2.8 decodenetnum denial of service
11897| [78855] ntpd 4.2.8 KoD Packet denial of service
11898| [78854] ntpd 4.2.8 Rate Limit denial of service
11899| [78853] ntpd 4.2.8 Configuration Directive directory traversal
11900| [78852] ntpd 4.2.8 CRYPTO_ASSOC information disclosure
11901| [78851] ntpd 4.2.8 Private Mode Integer denial of service
11902| [78850] ntpd 4.2.8 Password Management Key File Use-After-Free memory corruption
11903| [78849] ntpd 4.2.8 Remote Configuration denial of service
11904| [78848] ntpd 4.2.8 URL Request save_config directory traversal
11905| [78847] ntpd 4.2.8 cookedprint memory corruption
11906| [78846] ntpd 4.2.8 refclock memory corruption
11907| [78845] ntpd 4.2.8 Password Management Heap-based memory corruption
11908| [78844] ntpd 4.2.8 Crypto-NAK Packet Logic privilege escalation
11909| [78808] Apple Mac OS X up to 10.11.0 FontParser Font File memory corruption
11910| [78807] Apple Mac OS X up to 10.11.0 FontParser Font File memory corruption
11911| [78806] Apple Mac OS X up to 10.11.0 FontParser Font File memory corruption
11912| [78805] Apple Mac OS X up to 10.11.0 FontParser Font File memory corruption
11913| [78804] Apple Mac OS X up to 10.11.0 FontParser Font File memory corruption
11914| [78803] Apple Mac OS X up to 10.11.0 FontParser Font File memory corruption
11915| [78802] Apple Mac OS X up to 10.11.0 FontParser Font File memory corruption
11916| [78801] Apple Mac OS X up to 10.11.0 FontParser Font File memory corruption
11917| [78800] Apple Mac OS X up to 10.11.0 FontParser Font File memory corruption
11918| [78799] Apple Mac OS X up to 10.11.0 FontParser Font File memory corruption
11919| [78798] Apple Mac OS X up to 10.11.0 FontParser Font File memory corruption
11920| [78797] Apple Mac OS X up to 10.11.0 FontParser Font File memory corruption
11921| [78745] Apple iOS up to 9.0 FontParser Font File memory corruption
11922| [78744] Apple iOS up to 9.0 FontParser Font File memory corruption
11923| [78743] Apple iOS up to 9.0 FontParser Font File memory corruption
11924| [78742] Apple iOS up to 9.0 FontParser Font File memory corruption
11925| [78741] Apple iOS up to 9.0 FontParser Font File memory corruption
11926| [78740] Apple iOS up to 9.0 FontParser Font File memory corruption
11927| [78739] Apple iOS up to 9.0 FontParser Font File memory corruption
11928| [78738] Apple iOS up to 9.0 FontParser Font File memory corruption
11929| [78737] Apple iOS up to 9.0 FontParser Font File memory corruption
11930| [78736] Apple iOS up to 9.0 FontParser Font File memory corruption
11931| [78735] Apple iOS up to 9.0 FontParser Font File memory corruption
11932| [78734] Apple iOS up to 9.0 FontParser Font File memory corruption
11933| [78200] ntp up to 4.2.7 on Linux/OS X ntpd ntp_io.c spoofing
11934| [78199] ntp up to 4.2.7 ntpd ntp_crypto.c memory corruption
11935| [77314] pfSense up to 2.2.2 services_ntpd.php cross site scripting
11936| [77193] Apple Mac OS X up to 10.10.4 FontParser memory corruption
11937| [77192] Apple Mac OS X up to 10.10.4 FontParser memory corruption
11938| [77191] Apple Mac OS X up to 10.10.4 FontParser memory corruption
11939| [77147] Apple iOS up to 8.4.0 FontParser memory corruption
11940| [77146] Apple iOS up to 8.4.0 FontParser memory corruption
11941| [77145] Apple iOS up to 8.4.0 FontParser memory corruption
11942| [76265] Apple Mac OS X up to 10.10.3 FontParser TrueTypeScaler Font File memory corruption
11943| [75452] Apple Watch OS 1.0 FontParser memory corruption
11944| [74740] Apple MacOS X up to 10.10.2 ntp weak authentication
11945| [74718] Apple MacOS X up to 10.10.2 FontParser memory corruption
11946| [74665] ntpd up to 4.2.8 Symmetric Mode denial of service
11947| [74664] ntpd up to 4.2.8 MAC Checker weak authentication
11948| [74290] Dell Asset Manager GetClientPackage.aspx sql injection
11949| [69165] Red Hat JBoss Enterprise Application Platform 6.3.3 RESTEasy DocumentProvider XML External Entity
11950| [68927] Apple iOS up to 8.1.2 FontParser memory corruption
11951| [68926] Apple iOS up to 8.1.2 FontParser memory corruption
11952| [68879] Apple Mac OS X 10.8.5/10.9.5/10.10/10.10.1 FontParser memory corruption
11953| [68878] Apple Mac OS X 10.8.5/10.9.5/10.10/10.10.1 FontParser memory corruption
11954| [68456] NTP Daemon up to 4.2.7 Random Generator ntp_config.c config_auth weak authentication
11955| [68641] NTP Daemon 4.2.7 PRNG Crash information disclosure
11956| [68640] NTP Daemon 4.2.7 PRNG spoofing
11957| [68457] NTP Daemon up to 4.2.7 Random Generator weak authentication
11958| [68455] NTP Daemon up to 4.2.7 ntp_proto.c receive denial of service
11959| [68454] NTP Daemon up to 4.2.7 configure memory corruption
11960| [68453] NTP Daemon up to 4.2.7 ctl_putdata memory corruption
11961| [68452] NTP Daemon up to 4.2.7 crypto_recv memory corruption
11962| [71475] wEPISDParentPortal 1.0 X.509 Certificate spoofing
11963| [67032] Cisco IOS/IOS XE 15.2/15.4 NTP Service privilege escalation
11964| [11702] NTP Project ntpd 4.2.6 monlist Functionality ntp_request.c query denial of service
11965| [65493] Dlink DSL-2760U sntpcfg.cgi cross site scripting
11966| [10540] Google Chrome 29.0.1547.76 XML Document xmldocumentparser.cpp append memory corruption
11967| [10494] Cisco IOS/IOS XE NTP denial of service
11968| [9806] TRENDnet TEW-812DRU Input Sanitizer setNTP.cgi cross site scripting
11969| [11630] Python 2.6.8/2.7.5/3.3.2 nntplib readline denial of service
11970| [60183] Instantphp lknSupport Search Module cross site scripting
11971| [59298] Instantphp Jobs Pro 1.6.4 search_jobs.html sql injection
11972| [58483] CMU Cyrus IMAP Server up to 2.4.4 nntpd.c split_wildmats memory corruption
11973| [56769] IBM WebSphere Application Server up to 6.1.0.10 getACRWorkElementPtr denial of service
11974| [5339] WebMaster Solutions WmsCms 2.0 printpage.asp Eingabe sql injection
11975| [52232] PaymentProcessorScript PPScript shop.htm sql injection
11976| [51585] TYPO3 mjseventpro 0.2.1 sql injection
11977| [4078] Sun Solaris NTP Mode 7 Request denial of service
11978| [48235] ntp up to 4.2.x ntp_crypto.c crypto_recv memory corruption
11979| [47706] ntp up to 4.2.4p7 ntpq/ntpq.c cookedprint memory corruption
11980| [45910] Goople CMS 1.8.2 frontpage.php sql injection
11981| [45837] Goople CMS up to 1.8.2 frontpage.php sql injection
11982| [45794] NTP up to 4.2.4p4 EVP_VerifyFinal memory corruption
11983| [43343] Alain Barbet Filesys Smbclientparser up to 2.6 SMB Server filesys::smbclientparser memory corruption
11984| [41522] XOOPS Tutoriais Module up to 2.1b printpage.php sql injection
11985| [40320] Agares Media phpAutoVideo 2.21 frontpage_right.php privilege escalation
11986| [40250] Agares Media Arcadem 2.04 frontpage_right.php privilege escalation
11987| [36948] Johntp adsense-deluxe 0.x on WordPress adsense-deluxe.php cross site request forgery
11988| [35867] Free Php Scripts Free Image Hosting up to 2.0 Login frontpage.php privilege escalation
11989| [34928] HP Mercury Performance Center Agent 8.0 magentproc.exe memory corruption
11990| [34504] Uberghey CMS 0.3.1 frontpage.php privilege escalation
11991| [32641] Dan Jensen Travelsized CMS up to 0.4 frontpage.php privilege escalation
11992|
11993| MITRE CVE - https://cve.mitre.org:
11994| [CVE-2013-1997] Multiple buffer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XAllocColorCells, (2) _XkbReadGetDeviceInfoReply, (3) _XkbReadGeomShapes, (4) _XkbReadGetGeometryReply, (5) _XkbReadKeySyms, (6) _XkbReadKeyActions, (7) _XkbReadKeyBehaviors, (8) _XkbReadModifierMap, (9) _XkbReadExplicitComponents, (10) _XkbReadVirtualModMap, (11) _XkbReadGetNamesReply, (12) _XkbReadGetMapReply, (13) _XimXGetReadData, (14) XListFonts, (15) XListExtensions, and (16) XGetFontPath functions.
11995| [CVE-2013-1984] Multiple integer overflows in X.org libXi 1.7.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XGetDeviceControl, (2) XGetFeedbackControl, (3) XGetDeviceDontPropagateList, (4) XGetDeviceMotionEvents, (5) XIGetProperty, (6) XIGetSelectedEvents, (7) XGetDeviceProperties, and (8) XListInputDevices functions.
11996| [CVE-2012-4258] Multiple SQL injection vulnerabilities in MYRE Real Estate Software (2012 Q2) allow remote attackers to execute arbitrary SQL commands via the (1) link_idd parameter to 1_mobile/listings.php or (2) userid parameter to 1_mobile/agentprofile.php.
11997| [CVE-2012-3375] The epoll_ctl system call in fs/eventpoll.c in the Linux kernel before 3.2.24 does not properly handle ELOOP errors in EPOLL_CTL_ADD operations, which allows local users to cause a denial of service (file-descriptor consumption and system crash) via a crafted application that attempts to create a circular epoll dependency. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-1083.
11998| [CVE-2012-1288] The UTC Fire & Security GE-MC100-NTP/GPS-ZB Master Clock device uses hardcoded credentials for an administrative account, which makes it easier for remote attackers to obtain access via an HTTP session.
11999| [CVE-2011-4859] The Schneider Electric Quantum Ethernet Module, as used in the Quantum 140NOE771* and 140CPU65* modules, the Premium TSXETY* and TSXP57* modules, the M340 BMXNOE01* and BMXP3420* modules, and the STB DIO STBNIC2212 and STBNIP2* modules, uses hardcoded passwords for the (1) AUTCSE, (2) AUT_CSE, (3) fdrusers, (4) ftpuser, (5) loader, (6) nic2212, (7) nimrohs2212, (8) nip2212, (9) noe77111_v500, (10) ntpupdate, (11) pcfactory, (12) sysdiag, (13) target, (14) test, (15) USER, and (16) webserver accounts, which makes it easier for remote attackers to obtain access via the (a) TELNET, (b) Windriver Debug, or (c) FTP port.
12000| [CVE-2011-3208] Stack-based buffer overflow in the split_wildmats function in nntpd.c in nntpd in Cyrus IMAP Server before 2.3.17 and 2.4.x before 2.4.11 allows remote attackers to execute arbitrary code via a crafted NNTP command.
12001| [CVE-2011-2724] The check_mtab function in client/mount.cifs.c in mount.cifs in smbfs in Samba 3.5.10 and earlier does not properly verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-0547.
12002| [CVE-2011-1313] Double free vulnerability in IBM WebSphere Application Server (WAS) 6.1.0.x before 6.1.0.35 and 7.x before 7.0.0.15 allows remote backend IIOP servers to cause a denial of service (S0C4 ABEND and storage corruption) by rejecting IIOP requests at opportunistic time instants, as demonstrated by requests associated with an ORB_Request::getACRWorkElementPtr function call.
12003| [CVE-2011-1082] fs/eventpoll.c in the Linux kernel before 2.6.38 places epoll file descriptors within other epoll data structures without properly checking for (1) closed loops or (2) deep chains, which allows local users to cause a denial of service (deadlock or stack memory consumption) via a crafted application that makes epoll_create and epoll_ctl system calls.
12004| [CVE-2010-4539] The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger the walking of SVNParentPath collections.
12005| [CVE-2010-3879] FUSE, possibly 2.8.5 and earlier, allows local users to create mtab entries with arbitrary pathnames, and consequently unmount any filesystem, via a symlink attack on the parent directory of the mountpoint of a FUSE filesystem, a different vulnerability than CVE-2010-0789.
12006| [CVE-2010-2896] IBM FileNet Content Manager (CM) 4.0.0, 4.0.1, 4.5.0, and 4.5.1 before FP4 does not properly manage the InheritParentPermissions setting during an upgrade from 3.x, which might allow attackers to bypass intended folder permissions via unspecified vectors.
12007| [CVE-2010-2121] Opera 9.52 allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid (1) news:// or (2) nntp:// URIs.
12008| [CVE-2010-2119] Microsoft Internet Explorer 6.0.2900.2180 allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid nntp:// URIs.
12009| [CVE-2010-2117] Mozilla Firefox 3.0.19, 3.5.x, and 3.6.x allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid (1) news:// or (2) nntp:// URIs.
12010| [CVE-2010-1721] SQL injection vulnerability in the Intellectual Property (aka IProperty or com_iproperty) component 1.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an agentproperties action to index.php.
12011| [CVE-2010-1708] Multiple SQL injection vulnerabilities in agentadmin.php in Free Realty allow remote attackers to execute arbitrary SQL commands via the (1) login field (aka agentname parameter) or (2) password field (aka agentpassword parameter).
12012| [CVE-2010-1078] SQL injection vulnerability in archive.php in XlentProjects SphereCMS 1.1 alpha allows remote attackers to execute arbitrary SQL commands via encoded null bytes ("%00") in the view parameter, which bypasses a protection mechanism.
12013| [CVE-2010-0790] sutil/ncpumount.c in ncpumount in ncpfs 2.2.6 produces certain detailed error messages about the results of privileged file-access attempts, which allows local users to determine the existence of arbitrary files via the mountpoint name.
12014| [CVE-2010-0789] fusermount in FUSE before 2.7.5, and 2.8.x before 2.8.2, allows local users to unmount an arbitrary FUSE filesystem share via a symlink attack on a mountpoint.
12015| [CVE-2010-0787] client/mount.cifs.c in mount.cifs in smbfs in Samba 3.0.22, 3.0.28a, 3.2.3, 3.3.2, 3.4.0, and 3.4.5 allows local users to mount a CIFS share on an arbitrary mountpoint, and gain privileges, via a symlink attack on the mountpoint directory file.
12016| [CVE-2010-0547] client/mount.cifs.c in mount.cifs in smbfs in Samba 3.4.5 and earlier does not verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string.
12017| [CVE-2010-0340] SQL injection vulnerability in the MJS Event Pro (mjseventpro) extension 0.2.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
12018| [CVE-2010-0296] The encode_name macro in misc/mntent_r.c in the GNU C Library (aka glibc or libc6) 2.11.1 and earlier, as used by ncpmount and mount.cifs, does not properly handle newline characters in mountpoint names, which allows local users to cause a denial of service (mtab corruption), or possibly modify mount options and gain privileges, via a crafted mount request.
12019| [CVE-2010-0293] The client logging functionality in chronyd in Chrony before 1.23.1 does not restrict the amount of memory used for storage of client information, which allows remote attackers to cause a denial of service (memory consumption) via spoofed (1) NTP or (2) cmdmon packets.
12020| [CVE-2010-0182] The XMLDocument::load function in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 does not perform the expected nsIContentPolicy checks during loading of content by XML documents, which allows attackers to bypass intended access restrictions via crafted content.
12021| [CVE-2009-4724] SQL injection vulnerability in shop.htm in PaymentProcessorScript.net PPScript allows remote attackers to execute arbitrary SQL commands via the cid parameter.
12022| [CVE-2009-3562] Cross-site scripting (XSS) vulnerability in Xerver HTTP Server 4.32 allows remote attackers to inject arbitrary web script or HTML via the currentPath parameter in a chooseDirectory action.
12023| [CVE-2009-3561] Directory traversal vulnerability in Xerver HTTP Server 4.32 allows remote attackers to read arbitrary files via a full pathname with a drive letter in the currentPath parameter in a chooseDirectory action.
12024| [CVE-2009-2869] Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to cause a denial of service (device reload) via a crafted NTPv4 packet, aka Bug IDs CSCsu24505 and CSCsv75948.
12025| [CVE-2009-1252] Stack-based buffer overflow in the crypto_recv function in ntp_crypto.c in ntpd in NTP before 4.2.4p7 and 4.2.5 before 4.2.5p74, when OpenSSL and autokey are enabled, allows remote attackers to execute arbitrary code via a crafted packet containing an extension field.
12026| [CVE-2009-0159] Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows remote NTP servers to execute arbitrary code via a crafted response.
12027| [CVE-2009-0121] SQL injection vulnerability in frontpage.php in Goople CMS 1.8.2 allows remote attackers to execute arbitrary SQL commands via the password parameter. NOTE: the provenance of this information is unknown
12028| [CVE-2009-0111] SQL injection vulnerability in frontpage.php in Goople CMS 1.8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter.
12029| [CVE-2009-0021] NTP 4.2.4 before 4.2.4p5 and 4.2.5 before 4.2.5p150 does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to CVE-2008-5077.
12030| [CVE-2008-6982] Cross-site scripting (XSS) vulnerability in index.php in devalcms 1.4a allows remote attackers to inject arbitrary web script or HTML via the currentpath parameter.
12031| [CVE-2008-6865] SQL injection vulnerability in modules.php in the Sectionsnew module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action.
12032| [CVE-2008-6728] SQL injection vulnerability in the Sections module in PHP-Nuke, probably before 8.0, allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action to modules.php.
12033| [CVE-2008-6255] Multiple SQL injection vulnerabilities in vBulletin 3.7.4 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) answer parameter to admincp/verify.php, (2) extension parameter in an edit action to admincp/attachmentpermission.php, and the (3) iperm parameter to admincp/image.php.
12034| [CVE-2008-5362] The DefineConstantPool action in the ActionScript 2 virtual machine in Adobe Flash Player 10.x before 10.0.12.36 and 9.x before 9.0.151.0, and Adobe AIR before 1.5, accepts an untrusted input value for a "constant count," which allows remote attackers to read sensitive data from process memory via a crafted PDF file.
12035| [CVE-2008-5361] The ActionScript 2 virtual machine in Adobe Flash Player 10.x before 10.0.12.36 and 9.x before 9.0.151.0, and Adobe AIR before 1.5, does not verify a member element's size when performing (1) DefineConstantPool, (2) ActionJump, (3) ActionPush, (4) ActionTry, and unspecified other actions, which allows remote attackers to read sensitive data from process memory via a crafted PDF file.
12036| [CVE-2008-5066] PHP remote file inclusion vulnerability in upload/admin/frontpage_right.php in Agares Media ThemeSiteScript 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the loadadminpage parameter.
12037| [CVE-2008-4253] The FlexGrid ActiveX control in Microsoft Visual Basic 6.0, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, Office FrontPage 2002 SP3, and Office Project 2003 SP3 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to corruption of the "system state," aka "FlexGrid Control Memory Corruption Vulnerability."
12038| [CVE-2008-4174] Multiple cross-site scripting (XSS) vulnerabilities in index.php in Dynamic MP3 Lister 2.0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) currentpath, (2) invert, (3) search, and (4) sort parameters.
12039| [CVE-2008-3970] pam_mount 0.10 through 0.45, when luserconf is enabled, does not verify mountpoint and source ownership before mounting a user-defined volume, which allows local users to bypass intended access restrictions via a local mount.
12040| [CVE-2008-3285] The Filesys::SmbClientParser module 2.7 and earlier for Perl allows remote SMB servers to execute arbitrary code via a folder name containing shell metacharacters.
12041| [CVE-2008-2931] The do_change_type function in fs/namespace.c in the Linux kernel before 2.6.22 does not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of a mountpoint.
12042| [CVE-2008-2913] Directory traversal vulnerability in func.php in Devalcms 1.4a, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the currentpath parameter, in conjunction with certain ... (triple dot) and ..... sequences in the currentfile parameter, to index.php.
12043| [CVE-2008-2751] Multiple cross-site scripting (XSS) vulnerabilities in the Glassfish webadmin interface in Sun Java System Application Server 9.1_01 allow remote attackers to inject arbitrary web script or HTML via the (1) propertyForm:propertyContentPage:propertySheet:propertSectionTextField:jndiProp:JndiNew, (2) propertyForm:propertyContentPage:propertySheet:propertSectionTextField:resTypeProp:resType, (3) propertyForm:propertyContentPage:propertySheet:propertSectionTextField:factoryClassProp:factoryClass, or (4) propertyForm:propertyContentPage:propertySheet:propertSectionTextField:descProp:desc parameter to (a) resourceNode/customResourceNew.jsf
12044| [CVE-2008-2649] Multiple PHP remote file inclusion vulnerabilities in DesktopOnNet 3 Beta allow remote attackers to execute arbitrary PHP code via a URL in the app_path parameter to (1) don3_requiem.don3app/don3_requiem.php and (2) frontpage.don3app/frontpage.php.
12045| [CVE-2008-1351] SQL injection vulnerability in the Tutorials 2.1b module for XOOPS allows remote attackers to execute arbitrary SQL commands via the tid parameter to printpage.php, which is accessible directly or through a printpage action to index.php.
12046| [CVE-2008-1053] Multiple SQL injection vulnerabilities in the Kose_Yazilari module for PHP-Nuke allow remote attackers to execute arbitrary SQL commands via the artid parameter in a (1) viewarticle or (2) printpage action to modules.php.
12047| [CVE-2008-0435] Directory traversal vulnerability in index.php in OZJournals 2.1.1 allows remote attackers to read portions of arbitrary files via a .. (dot dot) in the id parameter in a printpreview action.
12048| [CVE-2008-0074] Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.0 through 7.0 allows local users to gain privileges via unknown vectors related to file change notifications in the TPRoot, NNTPFile\Root, or WWWRoot folders.
12049| [CVE-2007-6614] PHP remote file inclusion vulnerability in admin/frontpage_right.php in Agares Media phpAutoVideo 2.21 allows remote attackers to execute arbitrary PHP code via a URL in the loadadminpage parameter, a related issue to CVE-2007-6542.
12050| [CVE-2007-6542] PHP remote file inclusion vulnerability in admin/frontpage_right.php in Arcadem LE 2.04 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the loadadminpage parameter.
12051| [CVE-2007-6499] Unspecified vulnerability in Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to uninstall the FrontPage extensions of an arbitrary account via a request to fp2002/UNINSTAL.asp with a "host id (IIS) value."
12052| [CVE-2007-6455] Multiple cross-site scripting (XSS) vulnerabilities in index.php in Mambo 4.6.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Itemid parameter in a com_frontpage option and the (2) option parameter.
12053| [CVE-2007-4841] Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to execute arbitrary commands via a (1) mailto, (2) nntp, (3) news, or (4) snews URI with invalid "%" encoding, related to improper file type handling on Windows XP with Internet Explorer 7 installed, a variant of CVE-2007-3845.
12054| [CVE-2007-4042] Multiple argument injection vulnerabilities in Netscape Navigator 9 allow remote attackers to execute arbitrary commands via a NULL byte (%00) and shell metacharacters in a (1) mailto, (2) nntp, (3) news, (4) snews, or (5) telnet URI, a similar issue to CVE-2007-3670.
12055| [CVE-2007-4041] Multiple argument injection vulnerabilities in Mozilla Firefox 2.0.0.5 and 3.0alpha allow remote attackers to execute arbitrary commands via a NULL byte (%00) and shell metacharacters in a (1) mailto, (2) nntp, (3) news, (4) snews, or (5) telnet URI, a similar issue to CVE-2007-3670.
12056| [CVE-2007-3897] Heap-based buffer overflow in Microsoft Outlook Express 6 and earlier, and Windows Mail for Vista, allows remote Network News Transfer Protocol (NNTP) servers to execute arbitrary code via long NNTP responses that trigger memory corruption.
12057| [CVE-2007-3109] The CERN Image Map Dispatcher (htimage.exe) in Microsoft FrontPage allows remote attackers to determine the existence, and possibly partial contents, of arbitrary files under the web root via a relative pathname in the PATH_INFO.
12058| [CVE-2007-1715] PHP remote file inclusion vulnerability in frontpage.php in Free Image Hosting 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the AD_BODY_TEMP parameter. NOTE: the forgot_pass.php vector is already covered by CVE-2006-5670, and the login.php vector overlaps CVE-2006-5763.
12059| [CVE-2007-1560] The clientProcessRequest() function in src/client_side.c in Squid 2.6 before 2.6.STABLE12 allows remote attackers to cause a denial of service (daemon crash) via crafted TRACE requests that trigger an assertion error.
12060| [CVE-2007-0604] Cross-site scripting (XSS) vulnerability in Movable Type (MT) before 3.34 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the MTCommentPreviewIsStatic tag, which can open the "comment entry screen," a different vulnerability than CVE-2007-0231.
12061| [CVE-2007-0446] Stack-based buffer overflow in magentproc.exe for Hewlett-Packard Mercury LoadRunner Agent 8.0 and 8.1, Performance Center Agent 8.0 and 8.1, and Monitor over Firewall 8.1 allows remote attackers to execute arbitrary code via a packet with a long server_ip_name field to TCP port 54345, which triggers the overflow in mchan.dll.
12062| [CVE-2007-0359] PHP remote file inclusion vulnerability in frontpage.php in Uberghey CMS 0.3.1 allows remote attackers to execute arbitrary PHP code via a URL in the setup_folder parameter.
12063| [CVE-2006-7160] The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly earlier versions, does not validate arguments to hooked SSDT functions, which allows local users to cause a denial of service (crash) via invalid arguments to the (1) NtAssignProcessToJobObject,, (2) NtCreateKey, (3) NtCreateThread, (4) NtDeleteFile, (5) NtLoadDriver, (6) NtOpenProcess, (7) NtProtectVirtualMemory, (8) NtReplaceKey, (9) NtTerminateProcess, (10) NtTerminateThread, (11) NtUnloadDriver, and (12) NtWriteVirtualMemory functions.
12064| [CVE-2006-6187] Multiple SQL injection vulnerabilities in ClickTech Click Gallery allow remote attackers to execute arbitrary SQL commands via the (1) currentpage or (2) gallery_id parameter to (a) view_gallery.asp, the (3) image_id parameter to (b) download_image.asp, the currentpage or (5) orderby parameter to (c) gallery.asp, or the currentpage parameter to (d) view_recent.asp.
12065| [CVE-2006-5864] Stack-based buffer overflow in the ps_gettext function in ps.c for GNU gv 3.6.2, and possibly earlier versions, allows user-assisted attackers to execute arbitrary code via a PostScript (PS) file with certain headers that contain long comments, as demonstrated using the (1) DocumentMedia, (2) DocumentPaperSizes, and possibly (3) PageMedia and (4) PaperSize headers. NOTE: this issue can be exploited through other products that use gv such as evince.
12066| [CVE-2006-5182] PHP remote file inclusion vulnerability in frontpage.php in Dan Jensen Travelsized CMS 0.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the setup_folder parameter.
12067| [CVE-2006-5020] Multiple PHP remote file inclusion vulnerabilities in SolidState 0.4 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the base_path parameter in manager/pages/ scripts including (1) AccountsPage.class.php, (2) AddInvoicePage.class.php, (3) AddIPAddressPage.class.php, (4) AddPaymentPage.class.php, (5) AddTaxRulePage.class.php, (6) AssignDomainPage.class.php, (7) AssignHostingPage.class.php, (8) AssignProductPage.class.php, (9) BillingPage.class.php, (10) BillingPaymentPage.class.php, (11) BrowseAccountsPage.class.php, (12) BrowseInvoicesPage.class.php, (13) ConfigureEditUserPage.class.php, (14) ConfigureNewUserPage.class.php, (15) ConfigureNewUserReceiptPage.class.php, (16) ConfigureUsersPage.class.php, (17) DeleteAccountPage.class.php, (18) DeleteDomainServicePage.class.php, (19) DeleteHostingServicePage.class.php, (20) DeleteInvoicePage.class.php, (21) DeleteProductPage.class.php, (22) DeleteServerPage.class.php, (23) DomainServicesPage.class.php, (24) DomainsPage.class.php, (25) EditAccountPage.class.php, (26) EditDomainPage.class.php, (27) EditDomainServicePage.class.php, (28) EditHostingServicePage.class.php, (29) EditPaymentPage.class.php, (30) EditProductPage.class.php, (31) EditServerPage.class.php, (32) EmailInvoicePage.class.php, (33) ExecuteOrderPage.class.php, (34) ExpiredDomainsPage.class.php, (35) FulfilledOrdersPage.class.php, (36) GenerateInvoicesPage.class.php, (37) HomePage.class.php, (38) InactiveAccountsPage.class.php, (39) IPManagerPage.class.php, (40) LoginPage.class.php, (41) LogPage.class.php, (42) ModulesPage.class.php, (43) NewAccountPage.class.php, (44) NewDomainServicePage.class.php, (45) NewProductPage.class.php, (46) OutstandingInvoicesPage.class.php, (47) PendingAccountsPage.class.php, (48) PendingOrdersPage.class.php, (49) PrintInvoicePage.class.php, (50) ProductsPage.class.php, (51) RegisterDomainPage.class.php, (52) RegisteredDomainsPage.class.php, (53) ServersPage.class.php, (54) ServicesHostingServicesPage.class.php, (55) ServicesNewHostingPage.class.php, (56) ServicesPage.class.php, (57) ServicesWebHostingPage.class.php, (58) SettingsPage.class.php, (59) TaxesPage.class.php, (60) TransferDomainPage.class.php, (61) ViewAccountPage.class.php, (62) ViewDomainServicePage.class.php, (63) ViewHostingServicePage.class.php, (64) ViewInvoicePage.class.php, (65) ViewLogMessagePage.class.php, (66) ViewOrderPage.class.php, (67) ViewProductPage.class.php, (68) ViewServerPage.class.php, (69) WelcomeEmailPage.class.php
12068| [CVE-2006-4286] ** DISPUTED ** PHP remote file inclusion vulnerability in contentpublisher.php in the contentpublisher component (com_contentpublisher) for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. NOTE: this issue has been disputed by third parties who state that contentpublisher.php protects against direct request in the most recent version. The original researcher is known to be frequently inaccurate.
12069| [CVE-2006-4103] PHP remote file inclusion vulnerability in article-raw.php in Jason Alexander phNNTP 1.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the file_newsportal parameter.
12070| [CVE-2006-4055] Multiple PHP remote file inclusion vulnerabilities in Olaf Noehring The Search Engine Project (TSEP) 0.942 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the tsep_config[absPath] parameter to (1) include/colorswitch.php, (2) contentimages.class.php, (3) ipfunctions.php, (4) configfunctions.php, (5) printpagedetails.php, or (6) log.class.php. NOTE: the copyright.php vector is already covered by CVE-2006-3993.
12071| [CVE-2006-3628] Multiple format string vulnerabilities in Wireshark (aka Ethereal) 0.10.x to 0.99.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) ANSI MAP, (2) Checkpoint FW-1, (3) MQ, (4) XML, and (5) NTP dissectors.
12072| [CVE-2006-3026] Multiple cross-site scripting (XSS) vulnerabilities in ClickGallery 5.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) gallery_id parameter in gallery.asp and (2) parentcurrentpage parameter in view_gallery.asp.
12073| [CVE-2006-2490] Multiple cross-site scripting (XSS) vulnerabilities in Mobotix IP Network Cameras M1 1.9.4.7 and M10 2.0.5.2, and other versions before 2.2.3.18 for M10/D10 and 3.0.3.31 for M22, allow remote attackers to inject arbitrary web script or HTML via URL-encoded values in (1) the query string to help/help, (2) the get_image_info_abspath parameter to control/eventplayer, and (3) the source_ip parameter to events.tar.
12074| [CVE-2006-1662] The frontpage option in Limbo CMS 1.0.4.2 and 1.0.4.1 allows remote attackers to execute arbitrary PHP commands via the Itemid parameter in index.php.
12075| [CVE-2006-1437] UPOINT @1 Event Publisher stores sensitive information under the web document root with insufifcient access control, which allows remote attackers to read private comments via a direct request to eventpublisher.txt.
12076| [CVE-2006-1436] Multiple cross-site scripting (XSS) vulnerabilities in UPOINT @1 Event Publisher allow remote attackers to inject arbitrary web script or HTML via the (1) Event, (2) Description, (3) Time, (4) Website, and (5) Public Remarks fields to (a) eventpublisher_admin.htm and (b) eventpublisher_usersubmit.htm.
12077| [CVE-2006-0375] Advantage Century Telecommunication (ACT) P202S IP Phone 1.01.21 running firmware 1.1.21 on VxWorks uses a hardcoded Network Time Protocol (NTP) server in Taiwan, which could allow remote attackers to provide false time information, block access to time information, or conduct other attacks.
12078| [CVE-2006-0015] Cross-site scripting (XSS) vulnerability in _vti_bin/_vti_adm/fpadmdll.dll in Microsoft FrontPage Server Extensions 2002 and SharePoint Team Services allows remote attackers to inject arbitrary web script or HTML, then leverage the attack to execute arbitrary programs or create new accounts, via the (1) operation, (2) command, and (3) name parameters.
12079| [CVE-2005-4716] Hitachi TP1/Server Base and TP1/NET/Library 2 on IBM AIX allow remote attackers to (1) cause a denial of service (OpenTP1 system outage) via invalid data to a port used by a system-server process, and (2) cause a denial of service (process failure) via invalid data to a port used by any of certain other processes.
12080| [CVE-2005-3356] The mq_open system call in Linux kernel 2.6.9, in certain situations, can decrement a counter twice ("double decrement") as a result of multiple calls to the mntput function when the dentry_open function call fails, which allows local users to cause a denial of service (panic) via unspecified attack vectors.
12081| [CVE-2005-3120] Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.
12082| [CVE-2005-2658] Buffer overflow in utility.cpp in Turquoise SuperStat (turqstat) 2.2.4 and earlier might allow remote NNTP servers to execute arbitrary code via a date with a long month.
12083| [CVE-2005-2428] Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, stores sensitive data from names.nsf in hidden form fields, which allows remote attackers to read the HTML source to obtain sensitive information such as (1) the password hash in the HTTPPassword field, (2) the password change date in the HTTPPasswordChangeDate field, (3) the client platform in the ClntPltfrm field, (4) the client machine name in the ClntMachine field, and (5) the client Lotus Domino release in the ClntBld field, a different vulnerability than CVE-2005-2696.
12084| [CVE-2005-1363] Multiple SQL injection vulnerabilities in MetaCart 2.0 for PayFlow allow remote attackers to execute arbitrary commands via (1) intCatalogID, (2) strSubCatalogID, or (3) strSubCatalog_NAME parameter to productsByCategory.asp, (4) curCatalogID, (5) strSubCatalog_NAME, (6) intCatalogID, or (7) page parameter to productsByCategory.asp or (8) intProdID parameter to product.asp.
12085| [CVE-2005-1362] Multiple SQL injection vulnerabilities in MetaCart 2.0 for Paypal allow remote attackers to execute arbitrary SQL commands via the (1) intProdID parameter to product.asp, (2) intCatalogID or (3) strSubCatalogID parameters to productsByCategory.asp, (4) chkText, (5) strText, (6) chkPrice, (7) intPrice, (8) chkCat, or (9) strCat parameters to searchAction.asp.
12086| [CVE-2005-1361] Multiple SQL injection vulnerabilities in MetaCart e-Shop 8.0 allow remote attackers to execute arbitrary SQL commands via the (1) intProdID parameter in product.asp or (2) strCatalog_NAME parameter to productsByCategory.asp.
12087| [CVE-2005-1213] Stack-based buffer overflow in the news reader for Microsoft Outlook Express (MSOE.DLL) 5.5 SP2, 6, and 6 SP1 allows remote malicious NNTP servers to execute arbitrary code via a LIST response with a long second field.
12088| [CVE-2005-0807] Multiple buffer overflows in Cain & Abel before 2.67 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via (1) an IKE packet with a large ID field that is not properly handled by the PSK sniffer filter, (2) the HTTP sniffer filter, or the (3) POP3, (4) SMTP, (5) IMAP, (6) NNTP, or (7) TDS sniffer filters.
12089| [CVE-2005-0785] Cross-site scripting (XSS) vulnerability in usersrecentposts in YaBB 2.0 rc1 allows remote attackers to inject arbitrary web script or HTML via the username parameter.
12090| [CVE-2005-0741] Cross-site scripting (XSS) vulnerability in YaBB.pl for YaBB 2.0 RC1 allows remote attackers to inject arbitrary web script or HTML via the username parameter in a usersrecentposts action.
12091| [CVE-2005-0736] Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events.
12092| [CVE-2005-0719] Unknown vulnerability in the systems message queue in HP Tru64 Unix 4.0F PK8 through 5.1B-2/PK4 allows local users to cause a denial of service (process crash) for processes such as nfsstat, pfstat, arp, ogated, rarpd, route, sendmail, srconfig, strsetup, trpt, netstat, and xntpd.
12093| [CVE-2005-0101] Buffer overflow in the socket_getline function in Newspost 2.1.1 and earlier allows remote malicious NNTP servers to execute arbitrary code via a long string without a newline character.
12094| [CVE-2004-2068] fetchnews in leafnode 1.9.47 and earlier allows remote attackers to cause a denial of service (process hang) via an emptry NNTP news article with missing mandatory headers.
12095| [CVE-2004-1719] Multiple cross-site scripting (XSS) vulnerabilities in Merak Webmail Server 5.2.7 allow remote attackers to inject arbitrary web script or HTML via the (1) category, (2) cserver, (3) ext, (4) global, (5) showgroups, (6) or showlite parameters to address.html, or the (7) spage or (8) autoresponder parameters to settings.html, the (9) folder parameter to readmail.html, or the (10) attachmentpage_text_error parameter to attachment.html, (11) folder, (12) ct, or (13) cv parameters to calendar.html, (14) an <img> tag, or (15) the subject of an e-mail message.
12096| [CVE-2004-1610] SalesLogix 6.1 uses client-specified pathnames for writing certain files, which might allow remote authenticated users to create arbitrary files and execute code via the (1) vMME.AttachmentPath or (2) vMME.LibraryPath variables.
12097| [CVE-2004-1316] Heap-based buffer overflow in MSG_UnEscapeSearchUrl in nsNNTPProtocol.cpp for Mozilla 1.7.3 and earlier allows remote attackers to cause a denial of service (application crash) via an NNTP URL (news:) with a trailing '\' (backslash) character, which prevents a string from being NULL terminated.
12098| [CVE-2004-0574] The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper length validation and an "unchecked buffer," leading to off-by-one and heap-based buffer overflows.
12099| [CVE-2003-1266] The (1) FTP, (2) POP3, (3) SMTP, and (4) NNTP servers in EServer 2.92 through 2.97, and possibly 2.98, allow remote attackers to cause a denial of service (crash) via a large amount of data.
12100| [CVE-2003-0824] Unknown vulnerability in the SmartHTML interpreter (shtml.dll) in Microsoft FrontPage Server Extensions 2000 and 2002, and Microsoft SharePoint Team Services 2002, allows remote attackers to cause a denial of service (response failure) via a certain request.
12101| [CVE-2003-0822] Buffer overflow in the debug functionality in fp30reg.dll of Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to execute arbitrary code via a crafted chunked encoded request.
12102| [CVE-2003-0744] The fetchnews NNTP client in leafnode 1.9.3 to 1.9.41 allows remote attackers to cause a denial of service (process hang and termination) via certain malformed Usenet news articles that cause fetchnews to hang while waiting for input.
12103| [CVE-2002-2317] Memory leak in the (1) httpd, (2) nntpd, and (3) vpn driver in VelociRaptor 1.0 allows remote attackers to cause a denial of service (memory consumption) via an unknown method.
12104| [CVE-2002-2305] SQL injection vulnerability in agentadmin.php in Immobilier allows remote attackers to execute arbitrary SQL commands via the (1) agentname or (2) agentpassword parameter.
12105| [CVE-2002-2262] Unspecified vulnerability in xntpd of HP-UX 10.20 through 11.11 allows remote attackers to cause a denial of service (hang) via unknown attack vectors.
12106| [CVE-2002-1789] Format string vulnerability in newsx NNTP client before 1.4.8 allows local users to execute arbitrary code via format string specifiers that are not properly handled in a call to the syslog function.
12107| [CVE-2002-1788] Format string vulnerability in the nn_exitmsg function in nn 6.6.0 through 6.6.3 allows remote NNTP servers to execute arbitrary code via format strings in server responses.
12108| [CVE-2002-1718] Microsoft Internet Information Server (IIS) 5.1 may allow remote attackers to view the contents of a Frontpage Server Extension (FPSE) file, as claimed using an HTTP request for colegal.htm that contains .. (dot dot) sequences.
12109| [CVE-2002-0913] Format string vulnerability in log_doit function of Slurp NNTP client 1.1.0 allows a malicious news server to execute arbitrary code on the client via format strings in a server response.
12110| [CVE-2002-0909] Multiple buffer overflows in mnews 1.22 and earlier allow (1) a remote NNTP server to execute arbitrary code via long responses, or local users can gain privileges via long command line arguments (2) -f, (3) -n, (4) -D, (5) -M, or (6) -P, or via long environment variables (7) JNAMES or (8) MAILSERVER.
12111| [CVE-2002-0692] Buffer overflow in SmartHTML Interpreter (shtml.dll) in Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to cause a denial of service (CPU consumption) or run arbitrary code, respectively, via a certain type of web file request.
12112| [CVE-2002-0525] Format string vulnerabilities in (1) inews or (2) rnews for INN 2.2.3 and earlier allow local users and remote malicious NNTP servers to gain privileges via format string specifiers in NTTP responses.
12113| [CVE-2002-0002] Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code.
12114| [CVE-2001-1204] Directory traversal vulnerability in phprocketaddin in Total PC Solutions PHP Rocket Add-in for FrontPage 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter.
12115| [CVE-2001-0764] Buffer overflow in ntping in scotty 2.1.0 allows local users to execute arbitrary code via a long hostname as a command line argument.
12116| [CVE-2001-0543] Memory leak in NNTP service in Windows NT 4.0 and Windows 2000 allows remote attackers to cause a denial of service (memory exhaustion) via a large number of malformed posts.
12117| [CVE-2001-0414] Buffer overflow in ntpd ntp daemon 4.0.99k and earlier (aka xntpd and xntp3) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long readvar argument.
12118| [CVE-2001-0341] Buffer overflow in Microsoft Visual Studio RAD Support sub-component of FrontPage Server Extensions allows remote attackers to execute arbitrary commands via a long registration request (URL) to fp30reg.dll.
12119| [CVE-2001-0096] FrontPage Server Extensions (FPSE) in IIS 4.0 and 5.0 allows remote attackers to cause a denial of service via a malformed form, aka the "Malformed Web Form Submission" vulnerability.
12120| [CVE-2000-0438] Buffer overflow in fdmount on Linux systems allows local users in the "floppy" group to execute arbitrary commands via a long mountpoint parameter.
12121| [CVE-2000-0431] Cobalt RaQ2 and RaQ3 does not properly set the access permissions and ownership for files that are uploaded via FrontPage, which allows attackers to bypass cgiwrap and modify files.
12122| [CVE-2000-0341] ATRIUM Cassandra NNTP Server 1.10 allows remote attackers to cause a denial of service via a long login name.
12123| [CVE-2000-0256] Buffer overflows in htimage.exe and Imagemap.exe in FrontPage 97 and 98 Server Extensions allow a user to conduct activities that are not otherwise available through the web site, aka the "Server-Side Image Map Components" vulnerability.
12124| [CVE-2000-0153] FrontPage Personal Web Server (PWS) allows remote attackers to read files via a .... (dot dot) attack.
12125| [CVE-2000-0122] Frontpage Server Extensions allows remote attackers to determine the physical path of a virtual directory via a GET request to the htimage.exe CGI program.
12126| [CVE-2000-0114] Frontpage Server Extensions allows remote attackers to determine the name of the anonymous account via an RPC POST request to shtml.dll in the /_vti_bin/ virtual directory.
12127| [CVE-1999-1016] Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly others, allows remote malicious web site or HTML emails to cause a denial of service (100% CPU consumption) via large HTML form fields such as text inputs in a table cell.
12128| [CVE-1999-0681] Buffer overflow in Microsoft FrontPage Server Extensions (PWS) 3.0.2.926 on Windows 95, and possibly other versions, allows remote attackers to cause a denial of service via a long URL.
12129| [CVE-2011-3372] imap/nntpd.c in the NNTP server (nntpd) for Cyrus IMAPd 2.4.x before 2.4.12 allows remote attackers to bypass authentication by sending an AUTHINFO USER command without sending an additional AUTHINFO PASS command.
12130| [CVE-2009-3563] ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons.
12131| [CVE-2006-2334] The RtlDosPathNameToNtPathName_U API function in NTDLL.DLL in Microsoft Windows 2000 SP4 and XP SP2 does not properly convert DOS style paths with trailing spaces into NT style paths, which allows context-dependent attackers to create files that cannot be accessed through the expected DOS path or prevent access to other similarly named files in the same directory, which prevents those files from being detected or disinfected by certain anti-virus and anti-spyware software.
12132| [CVE-2006-1711] Plone 2.0.5, 2.1.2, and 2.5-beta1 does not restrict access to the (1) changeMemberPortrait, (2) deletePersonalPortrait, and (3) testCurrentPassword methods, which allows remote attackers to modify portraits.
12133| [CVE-2005-2496] The xntpd ntp (ntpd) daemon before 4.2.0b, when run with the -u option and using a string to specify the group, uses the group ID of the user instead of the group, which causes xntpd to run with different privileges than intended.
12134| [CVE-2005-1911] The fetchnews NNTP client in leafnode 1.11.2 and earlier can hang while waiting for input that never arrives, which allows remote NNTP servers to cause a denial of service (news loss).
12135| [CVE-2005-1453] fetchnews in leafnode 1.9.48 to 1.11.1 allows remote NNTP servers to cause a denial of service (crash) by closing the connection while fetchnews is reading (1) an article header or (2) an article body, which also prevents fetchnews from querying other servers.
12136| [CVE-2004-0657] Integer overflow in the NTP daemon (NTPd) before 4.0 causes the NTP server to return the wrong date/time offset when a client requests a date/time that is more than 34 years away from the server's time.
12137| [CVE-2002-0427] Buffer overflows in fpexec in mod_frontpage before 1.6.1 may allow attackers to gain root privileges.
12138| [CVE-2000-0710] The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers determine the physical path of the server components by requesting an invalid URL whose name includes a standard DOS device name.
12139| [CVE-2000-0709] The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to cause a denial of service in some components by requesting a URL whose name includes a standard DOS device name.
12140| [CVE-2000-0413] The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote attackers to determine the physical path of HTML, HTM, ASP, and SHTML files by requesting a file that does not exist, which generates an error message that reveals the path.
12141| [CVE-1999-1376] Buffer overflow in fpcount.exe in IIS 4.0 with FrontPage Server Extensions allows remote attackers to execute arbitrary commands.
12142| [CVE-1999-1052] Microsoft FrontPage stores form results in a default location in /_private/form_results.txt, which is world-readable and accessible in the document root, which allows remote attackers to read possibly sensitive information submitted by other users.
12143| [CVE-1999-1043] Microsoft Exchange Server 5.5 and 5.0 does not properly handle (1) malformed NNTP data, or (2) malformed SMTP data, which allows remote attackers to cause a denial of service (application error).
12144| [CVE-1999-0386] Microsoft Personal Web Server and FrontPage Personal Web Server in some Windows systems allows a remote attacker to read files on the server by using a nonstandard URL.
12145|
12146| SecurityFocus - https://www.securityfocus.com/bid/:
12147| [104517] NTP CVE-2018-12327 Stack Buffer Overflow Vulnerability
12148| [103351] NTP CVE-2018-7183 Buffer Overflow Vulnerability
12149| [103339] NTP CVE-2018-7185 Denial of Service Vulnerability
12150| [103194] NTP CVE-2018-7170 Incomplete Fix Remote Security Vulnerability
12151| [103192] NTP CVE-2018-7184 Denial of Service Vulnerability
12152| [103191] NTP CVE-2018-7182 Information Disclosure Vulnerability
12153| [97078] NTP CVE-2017-6452 Local Stack Based Buffer Overflow Vulnerability
12154| [97076] NTP CVE-2017-6459 Local Denial of Service Vulnerability
12155| [97074] NTP CVE-2017-6455 Local Denial of Service Vulnerability
12156| [97058] NTP CVE-2017-6451 Local Denial of Service Vulnerability
12157| [97052] NTP CVE-2017-6460 Stack Buffer Overflow Vulnerability
12158| [97051] NTP CVE-2017-6458 Buffer Overflow Vulnerability
12159| [97050] NTP CVE-2017-6464 Denial of Service Vulnerability
12160| [97049] NTP CVE-2017-6463 Denial of Service Vulnerability
12161| [97046] NTP CVE-2016-9042 Denial of Service Vulnerability
12162| [97045] NTP CVE-2017-6462 Local Buffer Overflow Vulnerability
12163| [94455] NTP CVE-2016-7433 Local Denial of Service Vulnerability
12164| [94454] NTP CVE-2016-7431 Denial of Service Vulnerability
12165| [94453] NTP CVE-2016-7429 Local Denial of Service Vulnerability
12166| [94452] NTP CVE-2016-9310 Denial of Service Vulnerability
12167| [94451] NTP CVE-2016-7426 Local Denial of Service Vulnerability
12168| [94450] NTP CVE-2016-9312 Denial of Service Vulnerability
12169| [94448] NTP CVE-2016-7434 Local Denial of Service Vulnerability
12170| [94447] NTP CVE-2016-7427 Denial of Service Vulnerability
12171| [94446] NTP CVE-2016-7428 Denial of Service Vulnerability
12172| [94444] NTP CVE-2016-9311 NULL Pointer Dereference Denial of Service Vulnerability
12173| [92277] BusyBox 'networking/ntpd.c' Remote Denial of Service Vulnerability
12174| [91400] Meinberg NTP Time Server Multiple Privilege Escalation and Buffer Overflow Vulnerabilities
12175| [91180] Foxit Reader 'CPDF_StreamContentParser::~CPDF_StreamContentParser' Memory Corruption Vulnerability
12176| [91010] NTP CVE-2016-4953 Denial of Service Vulnerability
12177| [91009] NTP CVE-2016-4956 Incomplete Fix Denial of Service Vulnerability
12178| [91007] NTP CVE-2016-4955 Denial of Service Vulnerability
12179| [90818] OpenNTPD 'ntpd/constraint.c' Certificate Validation Security Bypass Vulnerability
12180| [88276] NTP CVE-2016-1547 Denial of Service Vulnerability
12181| [88264] NTP CVE-2016-1548 Security Bypass Vulnerability
12182| [88261] NTP CVE-2016-1550 Local Security Bypass Vulnerability
12183| [88226] NTP CVE-2016-2518 Denial of Service Vulnerability
12184| [88219] NTP CVE-2016-1551 Remote Security Vulnerability
12185| [88204] NTP CVE-2016-2519 Denial of Service Vulnerability
12186| [88200] NTP CVE-2016-1549 Remote Security Vulnerability
12187| [88189] NTP CVE-2016-2517 Denial of Service Vulnerability
12188| [88180] NTP CVE-2016-2516 Denial of Service Vulnerability
12189| [88081] Microsoft FrontPage CVE-1999-1052 Information Disclosure Vulnerability
12190| [86089] Microsoft FrontPage CVE-2007-3109 Remote Security Vulnerability
12191| [83193] NTP CVE-2004-0657 Remote Security Vulnerability
12192| [82105] NTP CVE-2015-8139 Security Bypass Vulnerability
12193| [82102] NTP CVE-2015-8140 Security Bypass Vulnerability
12194| [81963] NTP CVE-2015-7973 Security Bypass Vulnerability
12195| [81962] NTP CVE-2015-7978 Denial of Service Vulnerability
12196| [81960] NTP CVE-2015-7974 Symmetric Key Encryption Authentication Security Bypass Vulnerability
12197| [81959] NTP CVE-2015-7975 Local Denial of Service Vulnerability
12198| [81816] NTP CVE-2015-7979 Denial of Service Vulnerability
12199| [81815] NTP CVE-2015-7977 NULL Pointer Dereference Denial of Service Vulnerability
12200| [81814] NTP CVE-2015-8158 Denial of Service Vulnerability
12201| [81811] NTP CVE-2015-8138 Denial of Service Vulnerability
12202| [81552] NTP Cronjob Script CVE-2016-0727 Local Privilege Escalation Vulnerability
12203| [77288] Network Time Protocol 'ntpq.c' Memory Corruption Vulnerability
12204| [77286] NTP CVE-2015-7702 Incomplete Fix Denial of Service Vulnerability
12205| [77285] NTP CVE-2015-7692 Incomplete Fix Denial of Service Vulnerability
12206| [77282] Network Time Protocol 'ntp_control.c' Directory Traversal Vulnerability
12207| [77281] NTP CVE-2015-7701 Denial of Service Vulnerability
12208| [77278] NTP Multiple Arbitrary File Overwrite Vulnerabilities
12209| [77274] NTP CVE-2015-7691 Incomplete Fix Denial of Service Vulnerability
12210| [76476] RETIRED: NTP CVE-2015-5196 Multiple Arbitrary File Overwrite Vulnerabilities
12211| [76475] NTP CVE-2015-5194 Denial of Service Vulnerability
12212| [76474] NTP 'ntpd/ntp_config.c' Remote Denial of Service Vulnerability
12213| [76473] NTP CVE-2015-5219 Denial of Service Vulnerability
12214| [75589] NTP CVE-2015-5146 Denial of Service Vulnerability
12215| [73951] NTP CVE-2015-1798 Man in the Middle Security Bypass Vulnerability
12216| [73950] NTP CVE-2015-1799 Denial of Service Vulnerability
12217| [73713] Mjseventpro CVE-2010-0340 SQL-Injection Vulnerability
12218| [72584] NTP 'ntp_io.c' Authentication Security Bypass Vulnerability
12219| [72583] NTP 'ntp_crypto.c' Information Disclosure Vulnerability
12220| [71969] Network Time Protocol ntpdc Local Buffer Overflow Vulnerability
12221| [65434] Apache Subversion 'mod_dav_svn' Module SVNListParentPath Denial of Service Vulnerability
12222| [64692] NTP 'ntp_request.c' Remote Denial of Service Vulnerability
12223| [62185] Microsoft FrontPage CVE-2013-3137 Information Disclosure Vulnerability
12224| [55561] IFOBS 'regclientprint.jsp' Multiple HTML Injection Vulnerabilities
12225| [54283] Linux Kernel 'fs/eventpoll.c' Local Denial of Service Vulnerability
12226| [52083] UTC Fire & Security GE-MC100-NTP/GPS-ZB Default Credentials Authentication Bypass Vulnerability
12227| [46630] Linux Kernel epoll Subsystem 'eventpoll.c' Multiple Local Denial of Service Vulnerabilities
12228| [45792] HP LoadRunner 'magentproc.exe' Remote Code Execution Vulnerability
12229| [41798] IBM FileNet Content Manager 'InheritParentPermissions' Flag Security Bypass Vulnerability
12230| [39479] Mozilla Firefox/Thunderbird/SeaMonkey 'nsIContentPolicy' Security Bypass Vulnerability
12231| [38309] XlentProjects SphereCMS 'archive.php' SQL Injection Vulnerability
12232| [37781] TYPO3 MJS Event Pro (mjseventpro) Unspecified SQL Injection Vulnerability
12233| [37255] NTP mode 7 MODE_PRIVATE Packet Remote Denial of Service Vulnerability
12234| [36502] Cisco IOS NTPv4 Reply Packet Remote Denial of Service Vulnerability
12235| [36457] Xerver Administration Interface 'currentPath' Parameter Cross Site Scripting Vulnerability
12236| [35017] NTP 'ntpd' Autokey Stack Buffer Overflow Vulnerability
12237| [34481] NTP 'ntpq' Stack Buffer Overflow Vulnerability
12238| [33290] TimeTools NTP Time Server Syslog Monitor Remote Denial of Service Vulnerability
12239| [33135] Goople CMS 'frontpage.php' SQL Injection Vulnerability
12240| [32352] vBulletin 'admincp/attachmentpermission.php' SQL Injection Vulnerability
12241| [31959] Agares Media ThemeSiteScript 'frontpage_right.php' Remote File Include Vulnerability
12242| [30290] SmbClientParser Perl Module Remote Command Execution Vulnerability
12243| [28297] Travelsized CMS 'frontpage.php' and 'index.php' Multiple Input Validation Vulnerabilities
12244| [28230] XOOPS MyTutorials Module 'printpage.php' SQL Injection Vulnerability
12245| [27375] OZ Journals 'printpreview' Local File Disclosure Vulnerability
12246| [26986] Arcadem LE 'frontpage_right.php' Remote File Include Vulnerability
12247| [25908] Microsoft Outlook Express And Windows Mail NNTP Protocol Heap Buffer Overflow Vulnerability
12248| [22223] Hitachi OpenTP1 Unspecified Remote Denial of Service Vulnerability
12249| [22098] Uberghey Frontpage.PHP Remote File Include Vulnerability
12250| [20321] Travelsized CMS Frontpage.PHP Remote File Include Vulnerability
12251| [20044] Limbo CMS Frontpage Arbitrary File Upload Vulnerability
12252| [19423] phNNTP File_newsportal Remote File Include Vulnerability
12253| [17452] Microsoft FrontPage Server Extensions Cross-Site Scripting Vulnerability
12254| [16902] Limbo CMS Frontpage Arbitrary PHP Command Execution Vulnerability
12255| [15117] Lynx NNTP Article Header Buffer Overflow Vulnerability
12256| [15093] Hitachi OpenTP1 Denial Of Service Vulnerability
12257| [14673] NTPD Insecure Privileges Vulnerability
12258| [13951] Microsoft Outlook Express NNTP Response Parsing Buffer Overflow Vulnerability
12259| [13376] MetaCart E-Shop V-8 IntProdID Parameter Remote SQL Injection Vulnerability
12260| [12756] YaBB Remote UsersRecentPosts Cross-Site Scripting Vulnerability
12261| [12141] Microsoft FrontPage 2000 Internet Publishing Service Provider DAV File Upload Vulnerability
12262| [11412] Microsoft Frontpage Asycpict.DLL JPEG Handling Remote Denial of Service Vulnerabilities
12263| [11379] Microsoft NNTP Component Heap Overflow Vulnerability
12264| [9008] Microsoft FrontPage Server Extensions SmartHTML Interpreter Denial Of Service Vulnerability
12265| [9007] Microsoft FrontPage Server Extensions Remote Debug Buffer Overrun Vulnerability
12266| [6522] EType EServ NNTP Remote Denial Of Service Vulnerability
12267| [6356] HP-UX xntpd Unspecified Denial Of Service Vulnerability
12268| [5804] Microsoft FrontPage Server Extensions SmartHTML Buffer Overflow Vulnerability
12269| [5240] NewsX NNTP SysLog Format String Vulnerability
12270| [5160] Kim Storm NN NNTP Error Message Format String Vulnerability
12271| [4251] Improved mod_frontpage Buffer Overflow Vulnerability
12272| [4084] Microsoft IIS 5.1 Frontpage Server Extensions File Source Disclosure Vulnerability
12273| [4078] Microsoft IIS 5.1 Frontpage Extensions Path Disclosure Information Vulnerability
12274| [3751] Total PC Solutions PHP Rocket Add-in for FrontPage Directory Traversal Vulnerability
12275| [3183] Microsoft Windows NNTP Denial of Service Vulnerability
12276| [2911] Juergen Schoenwaelder scotty ntping Buffer Overflow Vulnerability
12277| [2540] Ntpd Remote Buffer Overflow Vulnerability
12278| [1608] Microsoft FrontPage Server Extensions MS-DOS Device Name Denial Of Service Vulnerability
12279| [1594] Microsoft FrontPage/IIS Cross Site Scripting shtml.dll Vulnerability
12280| [1435] Microsoft FrontPage 2000 Server Extensions Denial Of Service Vulnerability
12281| [1205] Microsoft FrontPage Extensions .pwd File Permissions Vulnerability
12282| [1174] Microsoft Frontpage Server Extensions Path Disclosure Vulnerability
12283| [1156] Cassandra NNTPServer v1.10 Buffer Overflow Vulnerability
12284| [1141] MS Frontpage htimage.exe File Existence Disclosure Vulnerability
12285| [1117] MS Frontpage Image Mapper Buffer Overflow Vulnerability
12286| [1109] MS IIS FrontPage 98 Extensions Buffer Overflow Vulnerability
12287| [1108] MS IIS FrontPage 98 Extensions Filename Obfuscation Vulnerability
12288| [989] Microsoft FrontPage PWS Directory Traversal Vulnerability
12289| [964] MS Frontpage htimage.exe Path Leak Vulnerability
12290| [568] Microsoft FrontPage PWS DoS Vulnerability
12291| [74045] NTP 'ntp-keygen.c' Predictable Random Number Generator Weakness
12292| [71762] NTP 'ntp-keygen.c' Predictable Random Number Generator Weakness
12293| [71757] NTP 'ntp_config.c' Insufficient Entropy Security Weakness
12294| [10980] Microsoft NTP Time Synchronization Spoof Weakness
12295|
12296| IBM X-Force - https://exchange.xforce.ibmcloud.com:
12297| [82317] ownCloud viewer.php and addMountPoint.php cross-site scripting
12298| [52238] Microsoft FrontPage Server Extensions Vital Information Leakage
12299| [36554] Wireshark NTP dissector format string vulnerable Windows version detected
12300| [6730] Microsoft FrontPage Server Extensions Visual Studio RAD Support sub-component buffer overflow
12301| [86041] TRENDnet TEW-812DRU uapply.cgi and setNTP.cgi cross-site request forgery
12302| [82084] IB-NAS5220 and IB-NAS4220-B ntp_name parameter cross-site scripting
12303| [78636] IFOBS regclientprint.jsp cross-site scripting
12304| [76340] MYRE Real Estate Mobile listings.php and agentprofile.php SQL injection
12305| [75403] MYRE Real Estate Mobile listings.php and agentprofile.php SQL injection
12306| [73583] Moodle frontpage security bypass
12307| [70325] Cyrus IMAPd NNTP security bypass
12308| [66589] Linux Kernel eventpoll.c denial of service
12309| [66034] Linux NTP buffer overflow
12310| [65872] Linux Kernel eventpoll.c denial of service
12311| [62765] Plesk Small Business Manager currentPageId SQL injection
12312| [60481] IBM FileNet Content Manager InheritParentPermissions security bypass
12313| [59090] Opera news:// and nntp:// URI denial of service
12314| [59088] Microsoft Internet Explorer nntp:// URIs denial of service
12315| [59086] Mozilla Firefox news:// and nntp:// URI denial of service
12316| [58364] HP LoadRunner Agent magentproc.exe code execution
12317| [57822] Magneto Software SntpGetReply buffer overflow
12318| [54650] NTP mode7 (MODE_PRIVATE) denial of service
12319| [53675] XLink Omni-NFS Enterprise ntpd.exe buffer overflow
12320| [53663] Xerver currentPath directory traversal
12321| [53662] Xerver currentPath cross-site scripting
12322| [53455] Cisco IOS NTPv4 denial of service
12323| [52468] TGS Content Management index.php and frontpage_ception.php SQL injection
12324| [52237] Microsoft FrontPage Server Extensions To Do List Found
12325| [52236] Microsoft FrontPage Server Extensions Machine Name Disclosure
12326| [52235] Microsoft FrontPage Configuration Information Leakage
12327| [52234] Microsoft FrontPage '_vti_cnf' Information Leakage
12328| [50617] NTP ntpd buffer overflow
12329| [50258] Drupal frontpage forms information disclosure
12330| [49838] NTP cookedprint() buffer overflow
12331| [48023] Windows NTP Time Server Syslog Monitor syslog message denial of service
12332| [47773] Goople CMS frontpage.php SQL injection
12333| [47244] Adobe AIR and Adobe Flash Player DefineConstantPool information disclosure
12334| [46174] ThemeSiteScript frontpage_right.php file include
12335| [44940] devalcms currentpath parameter cross-site scripting
12336| [43910] Filesys::SmbClientParser directory command execution
12337| [43418] Avaya Messaging Storage Server date, time and NTP server command execution
12338| [41538] Perlbal ClientProxy.pm denial of service
12339| [41181] tutorials module for XOOPS printpage.php and index.php SQL injection
12340| [40129] Leafnode fetchnews NNTP client denial of service
12341| [39414] WordPress XMLRPC metaWeblog.getRecentPosts function informaiton disclosure
12342| [39266] phpAutoVideo frontpage_right.php file include
12343| [39228] Arcadem LE frontpage_right.php file include
12344| [36811] Microsoft Outlook Express and Windows Mail NNTP response code execution
12345| [34720] Microsoft FrontPage Personal Web Server CERN Image Map Dispatcher buffer overflow
12346| [34719] Microsoft FrontPage CERN Image Map Dispatcher information disclosure
12347| [33124] Squid clientProcessRequest() function denial of service
12348| [32247] RHSA-2006:0393 updates for ntp not installed
12349| [32076] Microsoft Frontpage Extensions directory /_vti_pvt/ present
12350| [31553] Uberghey CMS frontpage.php file include
12351| [29337] Travelsized CMS frontpage.php file include
12352| [28271] phNNTP article-raw.php file include
12353| [27828] Wireshark (Ethereal) NTP dissector format string
12354| [25965] @1 Event Publisher eventpublisher.txt information disclosure
12355| [25537] Microsoft FrontPage Server Extensions HTML cross-site scripting
12356| [22748] Hitachi OpenTP1 denial of service
12357| [22035] NTP incorrect group permissions
12358| [21537] Microsoft FrontPage style tag denial of service
12359| [20830] Microsoft Outlook Express NNTP Response Parsing buffer overflow
12360| [20283] MetaCart e-Shop intProdID and intCatalogID parameters SQL injection
12361| [19186] newsfetch NNTP responses buffer overflow
12362| [18711] Mozilla NNTP buffer overflow
12363| [17739] Microsoft FrontPage and Internet Explorer asycpict.dll JPEG denial of service
12364| [17641] Microsoft Windows NNTP buffer overflow
12365| [15406] NTP integer buffer overflow
12366| [13680] Microsoft FrontPage Server Extensions SmartHTML Interpreter denial of service
12367| [13674] Microsoft FrontPage Server Extensions debug buffer overflow
12368| [11873] Microsoft Internet Explorer, Outlook, and FrontPage shlwapi.dll library denial of service
12369| [10942] Leafnode NNTP server denial of service
12370| [10836] HP-UX xntpd denial of service
12371| [10195] Microsoft FrontPage Server Extensions (FPSE) 2002 SmartHTML Interpreter buffer overflow
12372| [10194] Microsoft FrontPage Server Extensions (FPSE) 2000 SmartHTML Interpreter denial of service
12373| [9583] newsx NNTP client syslog() local format string
12374| [9491] nn NNTP error message format string
12375| [9270] slurp NNTP client syslog() format string
12376| [9226] mnews NNTP response remote buffer overflow
12377| [8800] Microsoft IIS FrontPage Server Extensions and ASP.NET ISAPI filter error handling denial of service
12378| [8733] SNTP time broadcast audit
12379| [8517] NNTP port probe
12380| [8513] SNTP malformed packet
12381| [8411] NTP servers from which the router obtains time are set
12382| [8410] NTP server is enabled on the router
12383| [8400] Apache HTTP Server mod_frontpage buffer overflows
12384| [8362] Microsoft FrontPage form_results.txt is world readable
12385| [7951] Shell metacharacters in NNTP fields
12386| [7795] Microsoft FrontPage Server Extensions (FPSE) "
12387| [7788] Microsoft FrontPage Server Extensions (FPSE) "
12388| [7749] PHP Rocket Add-in for FrontPage "
12389| [7710] NNTP Subject
12390| [6977] Microsoft Windows NT and 2000 NNTP memory leak denial of service
12391| [6735] Scotty ntping buffer overflow could allow the execution of arbitrary code
12392| [6321] Ntpd server readvar control message buffer overflow
12393| [5494] Microsoft FrontPage 98 Server Extensions fpcount.exe CGI can be remotely crashed
12394| [5124] Microsoft FrontPage Server Extensions device name denial of service
12395| [4899] Microsoft FrontPage Extensions shtml.dll multiple access denial of service
12396| [4484] Microsoft FrontPage Server Extensions image mapping components allow remote code execution
12397| [4439] Microsoft FrontPage Server Extensions"
12398| [4410] CASSANDRA NNTP server buffer overflow
12399| [4333] Microsoft FrontPage 98 Server Extensions DVWSSR.DLL file buffer overflow
12400| [4268] Microsoft FrontPage 98 Server Extensions DVWSSR.DLL file could allow remote ASP source retrieval
12401| [3393] Microsoft FrontPage Extensions authors.pwd file could reveal encrypted passwords
12402| [3391] Microsoft FrontPage Extensions service.pwd file could reveal encrypted passwords
12403| [3178] Exchange NNTP server unauthenticated command
12404| [3174] Exchange NNTP server dropped connection
12405| [3117] Microsoft FrontPage long URL buffer overflow
12406| [1223] Microsoft Exchange Server SMTP and NNTP denial of service
12407| [908] Microsoft FrontPage extensions under Unix create world readable password files
12408| [670] NNTP username
12409| [669] NNTP password
12410| [668] NNTP group
12411| [561] Microsoft FrontPage 1.1 allows users to write to executable directories
12412| [438] NNTP daemon
12413| [89] NNTP reading
12414| [88] NNTP posting
12415|
12416| Exploit-DB - https://www.exploit-db.com:
12417| [27620] Microsoft FrontPage Server Extensions Cross-Site Scripting Vulnerability
12418| [25536] MetaCart E-Shop V-8 IntProdID Parameter Remote SQL Injection Vulnerability
12419| [25199] YaBB 2.0 - Remote UsersRecentPosts Cross-Site Scripting Vulnerability
12420| [22124] EType EServ 1.9x NNTP Remote Denial of Service Vulnerability
12421| [20960] Juergen Schoenwaelder scotty 2.1.x ntping Buffer Overflow Vulnerability
12422| [20727] Ntpd Remote Buffer Overflow Vulnerability
12423| [19897] FrontPage 2000,IIS 4.0/5.0 Server Extensions Path Disclosure Vulnerability
12424| [19884] Atrium Software Cassandra NNTP Server 1.10 Buffer Overflow Vulnerability
12425| [19846] MS FrontPage 98 Server Extensions for IIS,MS InterDev 1.0 - Buffer Overflow Vulnerability
12426| [19445] Microsoft FrontPage Personal WebServer 1.0 PWS DoS Vulnerability
12427| [16960] Linux NTP query client 4.2.6p1 - Heap Overflow Vulnerability
12428| [5245] XOOPS Module tutorials (printpage.php) SQL Injection Vulnerability
12429| [3147] Uberghey 0.3.1 (frontpage.php) Remote File Include Vulnerability
12430| [2148] phNNTP <= 1.3 (article-raw.php) Remote File Include Vulnerability
12431| [28809] HP LoadRunner magentproc.exe Overflow
12432| [27894] obotix IP Camera M1 1.9.4 .7/M10 2.0.5 .2 eventplayer get_image_info_abspath Parameter XSS
12433| [24379] Merak Mail Server 7.4.5 attachment.html attachmentpage_text_error Parameter XSS
12434| [19877] FrontPage 98/Personal WebServer 1.0,Personal Web Server 2.0 htimage.exe File Existence Disclosure
12435| [19853] FrontPage 97/98 Server Image Mapper Buffer Overflow
12436| [19845] MS FrontPage 98 Server Extensions for IIS,MS InterDev 1.0 Filename Obfuscation
12437| [19753] ms frontpage personal webserver 1.0/personal web server 4.0 - Directory Traversal
12438| [19605] Linux Kernel fs/eventpoll.c Local Denial of Service
12439| [16379] Microsoft Outlook Express NNTP Response Parsing Buffer Overflow
12440| [16356] Microsoft IIS ISAPI FrontPage fp30reg.dll Chunked Overflow
12441| [16285] NTP daemon readvar Buffer Overflow
12442| [15838] OpenClassifieds 1.7.0.3 Chained: Captcha Bypass->SQLi->Persistent XSS on Frontpage
12443| [12204] MagnetoSoft SNTP 4.0.0.7 - ActiveX SntpSendRequest Crash PoC
12444| [12203] MagnetoSoft SNTP 4.0.0.7 - ActiveX SntpGetReply BOF
12445| [9940] ntpd 4.0.99j-k readvar Buffer Overflow
12446| [7683] Goople <= 1.8.2 (frontpage.php) Blind SQL Injection Exploit
12447| [2471] Travelsized CMS <= 0.4 (frontpage.php) Remote File Include Exploit
12448| [1066] MS Outlook Express NNTP Buffer Overflow Exploit (MS05-030)
12449| [578] MS Windows NNTP Service (XPAT) Denial of Service Exploit (MS04-036)
12450| [121] MS Frontpage Server Extensions fp30reg.dll Exploit (MS03-051)
12451|
12452| OpenVAS (Nessus) - http://www.openvas.org:
12453| [902839] Microsoft FrontPage Server Extensions MS-DOS Device Name DoS Vulnerability
12454| [900652] NTP 'ntpd' Autokey Stack Overflow Vulnerability
12455| [900623] NTP Stack Buffer Overflow Vulnerability
12456| [801713] Microsoft Outlook Express And Windows Mail NNTP Protocol Heap Buffer Overflow Vulnerability (941202)
12457| [800408] NTP EVP_VerifyFinal() Security Bypass Vulnerability
12458| [800407] NTP Version Detection (Linux)
12459| [100399] NTP mode 7 MODE_PRIVATE Packet Remote Denial of Service Vulnerability
12460| [56769] FreeBSD Ports: frontpage -- cross site scripting vulnerability
12461| [10884] NTP read variables
12462| [880846] CentOS Update for ntp CESA-2009:1648 centos4 i386
12463| [880814] CentOS Update for ntp CESA-2009:0046 centos5 i386
12464| [880810] CentOS Update for ntp CESA-2009:1648 centos5 i386
12465| [880762] CentOS Update for ntp CESA-2009:1039 centos5 i386
12466| [880690] CentOS Update for ntp CESA-2009:1651 centos3 i386
12467| [855775] Solaris Update for usr/sbin/ntpq 141396-01
12468| [855676] Solaris Update for ntpq 141911-01
12469| [855649] Solaris Update for ntpq 141910-01
12470| [855628] Solaris Update for usr/sbin/ntpq 141397-01
12471| [855247] Solaris Update for /usr/lib/inet/xntpd and /usr/sbin/ntpdate 109668-07
12472| [855010] Solaris Update for /usr/lib/inet/xntpd and /usr/sbin/ntpdate 109667-07
12473| [835252] HP-UX Update for XNTP HPSBUX02639
12474| [835204] HP-UX Update for XNTP HPSBUX02437
12475| [835161] HP-UX Update for xntpd HPSBUX00232
12476| [835070] HP-UX Update for xntpd(1M) HPSBUX00148
12477| [100608] Windows NT NNTP Component Buffer Overflow
12478| [66662] FreeBSD Security Advisory (FreeBSD-SA-10:02.ntpd.asc)
12479| [66639] Gentoo Security Advisory GLSA 201001-01 (ntp)
12480| [66527] CentOS Security Advisory CESA-2009:1648 (ntp)
12481| [66526] CentOS Security Advisory CESA-2009:1651 (ntp)
12482| [66519] Slackware Advisory SSA:2009-343-01 ntp
12483| [66515] Debian Security Advisory DSA 1948-1 (ntp)
12484| [66511] Fedora Core 10 FEDORA-2009-13121 (ntp)
12485| [66507] Fedora Core 11 FEDORA-2009-13090 (ntp)
12486| [66501] Fedora Core 12 FEDORA-2009-13046 (ntp)
12487| [66368] Mandriva Security Advisory MDVSA-2009:309 (ntp)
12488| [65948] SLES10: Security update for xntp
12489| [65773] SLES10: Security update for xntp
12490| [65666] SLES11: Security update for ntp
12491| [65606] SLES9: Security update for xntp
12492| [65578] SLES9: Security update for xntp
12493| [65238] SLES9: Security update for xntp, xntp-doc
12494| [64225] Fedora Core 11 FEDORA-2009-5674 (ntp)
12495| [64207] FreeBSD Security Advisory (FreeBSD-SA-09:11.ntpd.asc)
12496| [64146] Ubuntu USN-777-1 (ntp)
12497| [64128] Mandrake Security Advisory MDVSA-2009:117 (ntp)
12498| [64116] Slackware Advisory SSA:2009-154-01 ntp
12499| [64114] Gentoo Security Advisory GLSA 200905-08 (ntp)
12500| [64098] Fedora Core 9 FEDORA-2009-5275 (ntp)
12501| [64095] Fedora Core 10 FEDORA-2009-5273 (ntp)
12502| [64050] CentOS Security Advisory CESA-2009:1039 (ntp)
12503| [64046] FreeBSD Ports: ntp
12504| [64032] Debian Security Advisory DSA 1801-1 (ntp)
12505| [63770] Mandrake Security Advisory MDVSA-2009:092 (ntp)
12506| [63743] Gentoo Security Advisory GLSA 200904-05 (ntp)
12507| [63343] CentOS Security Advisory CESA-2009:0046 (ntp)
12508| [63267] Fedora Core 10 FEDORA-2009-0544 (ntp)
12509| [63266] Fedora Core 9 FEDORA-2009-0547 (ntp)
12510| [63242] FreeBSD Security Advisory (FreeBSD-SA-09:03.ntpd.asc)
12511| [63230] Slackware Advisory SSA:2009-014-03 ntp
12512| [63194] Mandrake Security Advisory MDVSA-2009:007 (ntp)
12513| [63163] Ubuntu USN-705-1 (ntp)
12514| [63149] Debian Security Advisory DSA 1702-1 (ntp)
12515| [55233] Debian Security Advisory DSA 801-1 (ntp)
12516| [53863] Debian Security Advisory DSA 045-1 (ntp)
12517| [52235] mozilla -- heap overflow in NNTP handler
12518| [17229] NNTP password overflow
12519| [17228] NNTP message headers overflow
12520| [14773] Identifies services like FTP, SMTP, NNTP...
12521| [10699] IIS FrontPage DoS II
12522| [10585] IIS FrontPage DoS
12523|
12524| SecurityTracker - https://www.securitytracker.com:
12525| [1021533] NTP Signature Validation Flaw Lets Remote Users Bypass Validation Checks
12526| [1015896] Microsoft FrontPage Server Extensions Input Validation Holes Permit Cross-Site Scripting Attacks
12527| [1013420] YaBB Input Validation Error in 'usersrecentposts' Lets Remote Users Conduct Cross-Site Scripting Attacks
12528| [1011762] cPanel Backup and FrontPage Management Bugs Let Remote Authenticated Users View, Edit, and Own Arbitrary Files
12529| [1001816] Microsoft Visual Studio RAD Support Component of FrontPage Lets Remote Users Execute Arbitrary Code on the FrontPage Server
12530| [1026143] Cyrus IMAP Server NNTP Service Lets Remote Users Bypass Authentication
12531| [1026031] Cyrus IMAP Server Buffer Overflow in NNTP Daemon Lets Remote Users Execute Arbitrary Code
12532| [1024934] Subversion SVNParentPath Collection Processing Error Lets Remote Users Execute Arbitrary Code
12533| [1023298] NTP Mode 7 Packet Processing Flaw Lets Remote Users Deny Service
12534| [1022930] Cisco IOS H.323, SIP, NTP, Tunneling, and Encrypted Packet Processing Flaws Let Remote Users Deny Service
12535| [1022243] ntp crypto_recv() Autokey Stack Overflow Lets Remote Users Execute Arbitrary Code
12536| [1022033] ntp Buffer Overflow in ntpq cookedprint() Lets Remote Users Execute Arbitrary Code
12537| [1018786] Microsoft Outlook Express Bug in Processing NNTP Responses Lets Remote Users Execute Arbitrary Code
12538| [1018785] Windows Mail Bug in Parsing NNTP Responses Lets Remote Users Execute Arbitrary Code
12539| [1016679] xntpd '-u' Switch May Cause the Daemon to Run With Incorrect Group Privileges
12540| [1016668] phNNTP Include File Flaw in 'file_newsportal' Parameter Lets Remote Users Execute Arbitrary Code
12541| [1015065] Lynx Buffer Overflow in HTrjis() in Processing NNTP Headers Lets Remote Users Execute Arbitrary Code
12542| [1014200] Microsoft Outlook Express Buffer Overflow in NNTP Response Parser Lets Remote Users Execute Arbitrary Code
12543| [1012726] Mozilla Buffer Overflow in Processing NNTP URLs Lets Remote Users Execute Arbitrary Code
12544| [1011631] Microsoft NNTP Buffer Overflow Lets Remote Users Execute Arbitrary Code With SYSTEM Privileges
12545| [1011250] Microsoft FrontPage Buffer Overflow in WordPerfect Converter Lets Remote Users Execute Arbitrary Code
12546| [1009336] Network Time Protocol (NTP) Server Integer Overflow May Return the Incorrect Time
12547| [1008147] Microsoft FrontPage Server Extensions Buffer Overflow May Let Remote Users Execute Arbitrary Code
12548| [1005865] Leafnode NNTP News Server Lets Remote Users Deny Service
12549| [1005786] Xntpd Time Daemon on HP-UX May Crash or Degrade
12550| [1005287] Microsoft FrontPage Server Extensions SmartHTML Interpreter Bugs May Let Remote Users Execute Arbitrary Code with System Privileges
12551| [1004266] Cisco BTS 10200 Softswitch Underlying Operating System Contains Network Time Daemon (NTP) Buffer Overflow That May Allow a Remote User to Crash the Device or Execute Arbitrary Code
12552| [1004265] Cisco IP Manager Underlying Operating System Contains Network Time Daemon (NTP) Buffer Overflow That May Allow a Remote User to Crash the Device or Execute Arbitrary Code
12553| [1004264] Cisco Media Gateway Controller (MGC) Product Line Underlying Operating System Contains Network Time Daemon (NTP) Buffer Overflow That May Allow a Remote User to Crash the Device
12554| [1004244] Cisco IOS Systems Contain Network Time Daemon (NTP) Buffer Overflow That May Allow a Remote User to Crash the Device
12555| [1003767] 'mod_frontpage' Module for Apache Web Server Has Buffer Overlow in 'fpexec.c' That Allows Remote Users to Execute Arbitrary Code on the System with Root Privileges
12556| [1003071] PHP Rocket Add-in for FrontPage Discloses Files on the Server to Remote Users
12557| [1002197] Microsoft Windows NNTP Network News Service Has a Memory Leak That Allows Remote Users to Cause the Server to Crash
12558| [1001770] Scotty Tcl Interpreter's ntping Utility Lets Local Users Obtain Root Privileges
12559| [1001237] The Network Time Protocol Daemon (ntpd) Allows Remote Users to Execute Arbitrary Code on the Server - Typically to Gain Root Privileges on the Server
12560|
12561| OSVDB - http://www.osvdb.org:
12562| [52917] Adobe Flash Player ActionScript 2 VM DefineConstantPool Action Crafted PDF File Handling Memory Disclosure
12563| [37179] Free Image Hosting frontpage.php AD_BODY_TEMP Variable Remote
12564| [31138] SolidState ViewAccountPage.class.php base_path Parameter Remote File Inclusion
12565| [30764] ClickGallery view_recent.asp currentpage Parameter SQL Injection
12566| [26417] ClickGallery view_gallery.asp parentcurrentpage Parameter XSS
12567| [3383] Microsoft FrontPage Server Extensions imagemap.exe File Verification
12568| [805] NTP ntpd readvar Variable Remote Overflow
12569| [577] FrontPage Server Extensions Visual Studio RAD Support Overflow
12570| [95804] TRENDnet TEW-812DRU setNTP.cgi Multiple Field Command Injection
12571| [93712] Zavio IP Cameras /opt/cgi/view/param sub_C8C8 Function General.Time.NTP.Server Parameter Remote Command Execution
12572| [92877] Vivotek PT7135 IP Camera farseer.out system.ntp Parameter Remote Command Execution
12573| [91972] GNOME Evolution-Data-Server NNTP Encryption Option Failure Remote Credential Disclosure
12574| [91630] Rosewill RSVA11001 NTP Host Manipulation Remote Command Execution
12575| [91145] Microsoft IE removeChild CHtmlComponentProperty Object Handling Use-after-free Arbitrary Code Execution
12576| [90495] ownCloud /apps/files_external/addMountPoint.php mountpoint Parameter XSS
12577| [90267] Evolution NNTP STARTTLS Encryption Regression Remote Cleartext Credential Disclosure
12578| [90219] Raidsonic Multiple Product /cgi/time/time.cgi ntp_name Parameter XSS
12579| [85705] iFOBS ifobsClient/regclientprint.jsp Multiple Parameter XSS
12580| [83687] Linux Kernel fs/eventpoll.c Local DoS
12581| [83643] Knews Multilingual Newsletters Plugin for WordPress wp-content/plugins/knews/wysiwyg/fontpicker/index.php ff Parameter XSS
12582| [81824] MYRE Real Estate Mobile 1_mobile/agentprofile.php userid Parameter SQL Injection
12583| [81644] WebKit XMLDocumentParser::exitText Function XML Parsing Use-after-free Issue
12584| [78467] WebTitan NTP Server (Display) Module Unspecified XSS
12585| [77996] Contentpapst admin.php Multiple Parameter XSS
12586| [77872] Parallels Plesk Small Business Panel Site Editor (SiteBuilder) Feature /Wizard/Edit/Html currentPageId Parameter SQL Injection
12587| [76829] Calibre calibre-mount-helper Utility Arbitrary Directory / Mountpoint Manipulation
12588| [76338] WebKit XMLDocumentParser::insertErrorMessageBlock Use-after-free Issue
12589| [76336] WebKit XMLDocumentParser::endElementNs / XMLDocumentParser::parseEndElement Use-after-free Issue
12590| [76057] Cyrus IMAP Server NNTP AUTHINFO USER Command Parsing Authentication Bypass Arbitrary Command Execution
12591| [75307] Cyrus IMAP Server map/nntpd.c split_wildmats() Function NNTP Command Parsing Remote Overflow
12592| [73053] Linux Kernel fs/eventpoll.c epoll Data Structure File Descriptor Local DoS
12593| [70332] Apache Subversion Apache HTTP Server mod_dav_svn repos.c walk FunctionSVNParentPath Collection Remote DoS
12594| [69870] Lantern CMS 11-login.asp intPassedLocationID Parameter XSS
12595| [66859] Adobe Reader / Acrobat CoolType.dll maxp Table maxComponentPoints Field Font Handling Overflow
12596| [66448] IBM FileNet Content Manager InheritParentPermissions Security Inheritance Weakness
12597| [66268] InstantPhp Jobs Component for Joomla! index.php detailed_results Parameter SQL Injection
12598| [65465] WMS-CMS printpage.asp Multiple Parameter SQL Injection
12599| [65111] Opera Invalid news / nntp URI IFRAME Element Handling Remote DoS
12600| [65110] Microsoft IE Invalid news / nntp URI IFRAME Element Handling Remote DoS
12601| [65109] Mozilla Firefox Invalid news / nntp URI IFRAME Element Handling Remote DoS
12602| [64437] HP Mercury LoadRunner Agent magentproc.exe Remote Arbitrary Code Execution
12603| [63620] Mozilla Multiple Products XMLDocument::load Function nsIContentPolicy Check Restriction Bypass
12604| [63472] Apple Safari on Mac OS X libFontParser.dylib TType1ParsingContext::SpecialEncoding() Function Arbitrary Code Execution (PWN2OWN)
12605| [62909] ncpfs ncpumount sutil/ncpumount.c Mountpoint Name Local File Disclosure
12606| [60847] NTP ntpd Mode 7 Request Crafted Packet Reply Loop Remote DoS
12607| [60827] e107 e107_admin/frontpage.php Unspecified Parameter XSS
12608| [60349] Etype EServ NNTP Service Large Request Remote DoS
12609| [60142] HP-UX xntpd Unspecified Remote DoS
12610| [58758] Apache River GrantPermission Policy Manipulation Privilege Escalation
12611| [58645] Xerver HTTP Server chooseDirectory Action currentPath Parameter XSS
12612| [58644] Xerver HTTP Server chooseDirectory Action currentPath Parameter Traversal Arbitrary File Access
12613| [58342] Cisco IOS Network Time Protocol (NTP) Crafted Packet Remote DoS
12614| [57478] TGS Content Management cms/frontpage_ception.ph Multiple Parameter SQL Injection
12615| [56015] NTP on Windows SO_EXCLUSIVEADDRUSE Unspecified Issue
12616| [56014] NTP EVP_VerifyFinal() Check Unspecified Issue
12617| [54576] NTP ntpd/ntp_crypto.c crypto_recv() Function Remote Overflow
12618| [54294] eFront studentpage.php / professorpage.php File Upload Arbitrary Code Execution
12619| [53593] NTP ntpq/ntpq.c cookedprint() Function Remote Overflow
12620| [51244] Goople CMS frontpage.php Multiple Parameter SQL Injection
12621| [50015] Easyedit CMS news.php intPageID Parameter SQL Injection
12622| [50014] Easyedit CMS page.php intPageID Parameter SQL Injection
12623| [49921] vBulletin admincp/attachmentpermission.php extension Parameter SQL Injection
12624| [49856] ThemeSiteScript upload/admin/frontpage_right.php loadadminpage Parameter Remote File Inclusion
12625| [47971] DevalCMS index.php currentpath Parameter XSS
12626| [47502] Perl Filesys::SmbClientParser Folder Name Arbitrary Shell Command Injection
12627| [47001] Linux Kernel fs/namespace.c do_change_type Function Mountpoint Manipulation Local Privilege Escalation
12628| [46124] DesktopOnNet frontpage.don3app/frontpage.php app_path Parameter Remote File Inclusion
12629| [45449] ACT P202S IP Phone Hardcoded NTP Server IP Time Subversion
12630| [43913] Perlbal lib/Perlbal/ClientProxy.pm Chunked Upload File Upload Handling Overflow DoS
12631| [42913] Hosting Controller UNINSTAL.asp Crafted Host Header Arbitrary Site Frontpage Extension Manipulation
12632| [42876] Tutorials Module for XOOPS printpage.php tid Parameter SQL Injection
12633| [42058] Microsoft FrontPage CERN Image Map Dispatcher (htimage.exe) Arbitrary File Information Disclosure
12634| [39802] Arcadem LE frontpage_right.php loadadminpage Parameter Remote File Inclusion
12635| [39617] phpAutoVideo admin/frontpage_right.php loadadminpage Parameter Remote File Inclusion
12636| [37631] Microsoft Windows Malformed NNTP Response Remote Memory Corruption
12637| [34367] Squid src/client_side.c clientProcessRequest() function TRACE Request DoS
12638| [33553] Uberghey CMS frontpage.php setup_folder Parameter Remote File Inclusion
12639| [32987] Movable Type MTCommentPreviewIsStatic Tag XSS
12640| [32962] Hitachi OpenTP1 Invalid Data DoS
12641| [31200] SolidState DeleteAccountPage.class.php base_path Parameter Remote File Inclusion
12642| [31193] SolidState BillingPaymentPage.class.php base_path Parameter Remote File Inclusion
12643| [31187] SolidState AddPaymentPage.class.php base_path Parameter Remote File Inclusion
12644| [31119] SolidState NewAccountPage.class.php base_path Parameter Remote File Inclusion
12645| [31104] SolidState EditAccountPage.class.php base_path Parameter Remote File Inclusion
12646| [31103] SolidState EditPaymentPage.class.php base_path Parameter Remote File Inclusion
12647| [30763] ClickGallery gallery.asp currentpage Parameter SQL Injection
12648| [29490] Travelsized CMS frontpage.php setup_folder Parameter Remote File Inclusion
12649| [29098] TSEP printpagedetails.php tsep_config[absPath] Parameter Remote File Inclusion
12650| [28355] Joomla! Frontpage Content Submission Unspecified Injection
12651| [28260] Microsoft IIS FrontPage Server Extensions (FPSE) shtml.exe Path Disclosure
12652| [28093] contentpublisher for Mambo contentpublisher.php mosConfig_absolute_path Parameter Remote File Inclusion
12653| [27856] phNNTP article-raw.php file_newsportal Parameter Remote File Inclusion
12654| [27369] Wireshark NTP Dissector Format String Flaw
12655| [25761] Microsoft Windows NTDLL.DLL RtlDosPathNameToNtPathName_U API Path Conversion Weakness
12656| [25623] Mobotix IP Network Camera eventplayer get_image_info_abspath Parameter XSS
12657| [24674] Mozilla Multiple Products XPCWrappedNativeScope::SystemIsBeingShutDown compareDocumentPosition Handling Memory Corruption
12658| [24518] Microsoft FrontPage Server Extensions fpadmdll.dll Multiple Parameter XSS
12659| [24237] @1 Event Publisher eventpublisher.txt Direct Request Private Comment Disclosure
12660| [24236] @1 Event Publisher eventpublisher_usersubmit.htm Multiple Parameter XSS
12661| [24235] @1 Event Publisher eventpublisher_admin.htm Multiple Parameter XSS
12662| [22822] Linux Kernel mq_open System Call mntput Function Local DoS
12663| [21038] FUSE fusermount Crafted Mountpoint mtab Corruption DoS
12664| [20143] lmtp2nntp l2_spec() Function Format String
12665| [20142] lmtp2nntp lib_cfg Function Unspecified Issue
12666| [20019] Lynx NNTP HTrjis() Function Remote Overflow
12667| [19428] IBM Lotus Domino CitiPayPro.nsf SubPaymentProcessingFS Src Parameter XSS
12668| [19419] Turquoise SuperStat Date Parser Crafted NNTP Server Response Overflow
12669| [19055] NTP ntpd -u Group Permission Weakness
12670| [17306] Microsoft Outlook Express NNTP LIST Command Remote Overflow
12671| [15975] NTP ntpd Date/Time Request Remote Overflow
12672| [15870] MetaCart product.asp intProdID Parameter SQL Injection
12673| [15596] Oracle Collaboration Suite Email Server Unspecified NNTP DoS
12674| [14827] YaBB2 YaBB.pl usersrecentposts Action username Parameter XSS
12675| [14456] Slurp NNTP Client log_doit Function Format String
12676| [14410] mod_frontpage for Apache HTTP Server fpexec Remote Overflow
12677| [13353] newsfetch NNTP Response Handling Overflow DoS
12678| [12637] Mozilla nsNNTPProtocol.cpp NNTP news:// URI Handling Overflow DoS
12679| [10962] cPanel Frontpage _private Symlink Arbitrary File Permission Modification
12680| [10961] cPanel Frontpage .htaccess Hardlink Arbitrary File Owernship Modification
12681| [10895] Microsoft FrontPage asycpict.dll JPEG Processing DoS
12682| [10697] Microsoft Windows/Exchange NNTP Component Remote Overflow
12683| [10246] Microsoft Exchange Server Malformed NNTP AUTHINFO DoS
12684| [9040] IceWarp WebMail attachment.html attachmentpage_text_error Parameter XSS
12685| [4345] Mnews NNTP Response Remote Overflow
12686| [3968] Microsoft FrontPage Personal Web Server Arbitrary File Access
12687| [3501] Microsoft FrontPage form_results Information Disclosure
12688| [3386] Microsoft FrontPage Server Extensions htimage.exe File Existence Enumeration
12689| [3385] Microsoft FrontPage Server Extensions htimage.exe Remote Path Disclosure
12690| [3384] Microsoft FrontPage htimage.exe Overflow
12691| [3382] Microsoft FrontPage Server Extensions imagemap.exe Remote Path Disclosure
12692| [3381] Microsoft FrontPage imagemap.exe Overflow
12693| [3300] Microsoft FrontPage shtml MS-DOS Device Name DoS
12694| [2952] Microsoft FrontPage Server Extensions (fp30reg.dll) Debug Function Chunked Encoded Request Remote Overflow
12695| [2800] Microsoft FrontPage Server Extensions SmartHTML DoS
12696| [2306] Microsoft FrontPage Server Extensions SmartHTML Interpreter shtml.dll DoS
12697| [1928] Microsoft Windows NNTP Malformed Post DoS
12698| [1879] scotty ntping Hostname Handling Local Overflow
12699| [1304] ATRIUM Cassandra NNTP Server Login Name Remote Overflow
12700| [1135] Microsoft Windows NT Print Spooler Service (spoolss.exe) AddPrintProvider() Function Alternate Print Provider Arbitrary Command Execution
12701| [1032] Microsoft FrontPage PWS GET Request Handling Remote DoS
12702| [694] PHP Rocket for FrontPage phprocketaddin page Parameter Traversal Arbitrary File Access
12703| [482] Microsoft IIS FrontPage Server Extensions (FPSE) Malformed Form DoS
12704| [396] Microsoft FrontPage shtml.exe MS-DOS Device Name Request DoS
12705| [307] Microsoft FrontPage 2000 Server Extensions shtml.exe Path Disclosure
12706| [282] Microsoft FrontPage dvwssr.dll Backdoor and Overflow
12707| [68] Microsoft FrontPage Extensions .pwd File Permissions
12708| [67] Microsoft FrontPage Extension shtml.dll Anonymous Account Information Disclosure
12709|_
12710137/udp filtered netbios-ns
12711138/udp filtered netbios-dgm
12712139/udp closed netbios-ssn
12713161/udp closed snmp
12714162/udp closed snmptrap
12715389/udp closed ldap
12716500/udp closed isakmp
12717520/udp closed route
127182049/udp closed nfs
12719Too many fingerprints match this host to give specific OS details
12720Network Distance: 10 hops
12721
12722TRACEROUTE (using port 138/udp)
12723HOP RTT ADDRESS
127241 127.12 ms 10.230.200.1
127252 ... 3
127264 127.22 ms 10.230.200.1
127275 127.19 ms 10.230.200.1
127286 127.17 ms 10.230.200.1
127297 127.17 ms 10.230.200.1
127308 127.15 ms 10.230.200.1
127319 127.15 ms 10.230.200.1
1273210 127.13 ms 10.230.200.1
1273311 ... 18
1273419 126.43 ms 10.230.200.1
1273520 127.11 ms 10.230.200.1
1273621 ... 28
1273729 126.79 ms 10.230.200.1
1273830 126.53 ms 10.230.200.1
12739
12740NSE: Script Post-scanning.
12741Initiating NSE at 18:59
12742Completed NSE at 18:59, 0.00s elapsed
12743Initiating NSE at 18:59
12744Completed NSE at 18:59, 0.00s elapsed
12745#######################################################################################################################################
12746Hosts
12747=====
12748
12749address mac name os_name os_flavor os_sp purpose info comments
12750------- --- ---- ------- --------- ----- ------- ---- --------
1275194.102.49.234 no-reverse-dns-configured.com embedded device
12752
12753Services
12754========
12755
12756host port proto name state info
12757---- ---- ----- ---- ----- ----
1275894.102.49.234 21 tcp ftp open vsftpd 2.0.5
1275994.102.49.234 22 tcp ssh open OpenSSH 5.1p1 Debian 5 protocol 2.0
1276094.102.49.234 53 udp domain closed
1276194.102.49.234 67 udp dhcps closed
1276294.102.49.234 68 udp dhcpc closed
1276394.102.49.234 69 udp tftp closed
1276494.102.49.234 80 tcp http open Apache httpd 2.2.3
1276594.102.49.234 88 udp kerberos-sec closed
1276694.102.49.234 111 tcp rpcbind open 2 RPC #100000
1276794.102.49.234 123 udp ntp open NTP v4 secondary server
1276894.102.49.234 137 udp netbios-ns filtered
1276994.102.49.234 138 udp netbios-dgm filtered
1277094.102.49.234 139 udp netbios-ssn closed
1277194.102.49.234 161 udp snmp closed
1277294.102.49.234 162 udp snmptrap closed
1277394.102.49.234 222 tcp ssh open OpenSSH 5.1p1 Debian 5 protocol 2.0
1277494.102.49.234 389 udp ldap closed
1277594.102.49.234 500 udp isakmp closed
1277694.102.49.234 520 udp route closed
1277794.102.49.234 2049 udp nfs closed
1277894.102.49.234 3306 tcp mysql open MySQL 5.0.77
1277994.102.49.234 10050 tcp tcpwrapped open
1278094.102.49.234 39445 tcp status open 1 RPC #100024
12781#######################################################################################################################################
12782 Anonymous JTSEC HunterUnit Full Recon #5