· 6 years ago · Apr 04, 2019, 07:34 PM
1Help Center Show API Key
2Shodan Developers Book View All...
3Shodan
4
5
6Explore
7Downloads
8Reports
9Pricing
10Enterprise Access
11 My Account
12Upgrade
13+
14-
15© Mapbox © OpenStreetMap Improve this map © DigitalGlobe
16207.38.241.147 207-38-241-147.ny.subnet.cable.rcncustomer.comView Raw Data
17self-signed
18City Astoria
19Country United States
20Organization RCN
21ISP RCN
22Last Update 2019-04-02T01:23:17.682671
23Hostnames 207-38-241-147.ny.subnet.cable.rcncustomer.com
24ASN AS6079
25Web Technologies
26ExtJS
27
28Vulnerabilities
29Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.
30
31CVE-2010-2068 mod_proxy_http.c in mod_proxy_http in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain configurations involving proxy worker pools, does not properly detect timeouts, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request.
32CVE-2006-4924 sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector.
33CVE-2018-10549 An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. exif_read_data in ext/exif/exif.c has an out-of-bounds read for crafted JPEG data because exif_iif_add_value mishandles the case of a MakerNote that lacks a final '\0' character.
34CVE-2014-5459 The PEAR_REST class in REST.php in PEAR in PHP through 5.6.0 allows local users to write to arbitrary files via a symlink attack on a (1) rest.cachefile or (2) rest.cacheid file in /tmp/pear/cache/, related to the retrieveCacheFirst and useLocalCache functions.
35CVE-2017-15906 The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.
36CVE-2018-10545 An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1.x before 7.1.16, and 7.2.x before 7.2.4. Dumpable FPM child processes allow bypassing opcache access controls because fpm_unix.c makes a PR_SET_DUMPABLE prctl call, allowing one user (in a multiuser environment) to obtain sensitive information from the process memory of a second user's PHP applications by running gcore on the PID of the PHP-FPM worker process.
37CVE-2017-7679 In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.
38CVE-2018-10546 An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. An infinite loop exists in ext/iconv/iconv.c because the iconv stream filter does not reject invalid multibyte sequences.
39CVE-2006-5052 Unspecified vulnerability in portable OpenSSH before 4.4, when running on some platforms, allows remote attackers to determine the validity of usernames via unknown vectors involving a GSSAPI "authentication abort."
40CVE-2006-5051 Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free.
41CVE-2012-1172 The file-upload implementation in rfc1867.c in PHP before 5.4.0 does not properly handle invalid [ (open square bracket) characters in name values, which makes it easier for remote attackers to cause a denial of service (malformed $_FILES indexes) or conduct directory traversal attacks during multi-file uploads by leveraging a script that lacks its own filename restrictions.
42CVE-2013-4248 The openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
43CVE-2012-2311 sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that contain a %3D sequence but no = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1823.
44CVE-2014-1692 The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service (memory corruption) or have unspecified other impact via vectors that trigger an error condition.
45CVE-2014-2497 The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted color table in an XPM file.
46CVE-2012-0814 The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory.
47CVE-2012-2688 Unspecified vulnerability in the _php_stream_scandir function in the stream implementation in PHP before 5.3.15 and 5.4.x before 5.4.5 has unknown impact and remote attack vectors, related to an "overflow."
48CVE-2012-2687 Multiple cross-site scripting (XSS) vulnerabilities in the make_variant_list function in mod_negotiation.c in the mod_negotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted filename that is not properly handled during construction of a variant list.
49CVE-2018-10547 An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. There is Reflected XSS on the PHAR 403 and 404 error pages via request data of a request for a .phar file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-5712.
50CVE-2018-20783 In PHP before 5.6.39, 7.x before 7.0.33, 7.1.x before 7.1.25, and 7.2.x before 7.2.13, a buffer over-read in PHAR reading functions may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse a .phar file. This is related to phar_parse_pharfile in ext/phar/phar.c.
51CVE-2009-3555 The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.
52CVE-2017-3167 In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.
53CVE-2011-4327 ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.
54CVE-2012-0053 protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script.
55CVE-2012-0883 envvars (aka envvars-std) in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse DSO in the current working directory during execution of apachectl.
56CVE-2017-3169 In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port.
57CVE-2007-2243 OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabled, allows remote attackers to determine the existence of user accounts by attempting to authenticate via S/KEY, which displays a different response if the user account exists, a similar issue to CVE-2001-1483.
58CVE-2011-3639 The mod_proxy module in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x before 2.2.18, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers by using the HTTP/0.9 protocol with a malformed URI containing an initial @ (at sign) character. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368.
59CVE-2019-9637 An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename() across filesystems is implemented, it is possible that file being renamed is briefly available with wrong permissions while the rename is ongoing, thus enabling unauthorized users to access the data.
60CVE-2016-4975 Possible CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir. This issue was mitigated by changes made in 2.4.25 and 2.2.32 which prohibit CR or LF injection into the "Location" or other outbound header key or value. Fixed in Apache HTTP Server 2.4.25 (Affected 2.4.1-2.4.23). Fixed in Apache HTTP Server 2.2.32 (Affected 2.2.0-2.2.31).
61CVE-2013-1824 The SOAP parser in PHP before 5.3.22 and 5.4.x before 5.4.12 allows remote attackers to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue in the soap_xmlParseFile and soap_xmlParseMemory functions.
62CVE-2005-2798 sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts.
63CVE-2019-9023 An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A number of heap-based buffer over-read instances are present in mbstring regular expression functions when supplied with invalid multibyte data. These occur in ext/mbstring/oniguruma/regcomp.c, ext/mbstring/oniguruma/regexec.c, ext/mbstring/oniguruma/regparse.c, ext/mbstring/oniguruma/enc/unicode.c, and ext/mbstring/oniguruma/src/utf32_be.c when a multibyte regular expression pattern contains invalid multibyte sequences.
64CVE-2014-9427 sapi/cgi/cgi_main.c in the CGI component in PHP through 5.4.36, 5.5.x through 5.5.20, and 5.6.x through 5.6.4, when mmap is used to read a .php file, does not properly consider the mapping's length during processing of an invalid file that begins with a # character and lacks a newline character, which causes an out-of-bounds read and might (1) allow remote attackers to obtain sensitive information from php-cgi process memory by leveraging the ability to upload a .php file or (2) trigger unexpected code execution if a valid PHP script is present in memory locations adjacent to the mapping.
65CVE-2013-1643 The SOAP parser in PHP before 5.3.23 and 5.4.x before 5.4.13 allows remote attackers to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue in the soap_xmlParseFile and soap_xmlParseMemory functions. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-1824.
66CVE-2011-4317 The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an @ (at sign) character and a : (colon) character in invalid positions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368.
67CVE-2013-6420 The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate that is not properly handled by the openssl_x509_parse function.
68CVE-2006-0225 scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice.
69CVE-2013-2249 mod_session_dbd.c in the mod_session_dbd module in the Apache HTTP Server before 2.4.5 proceeds with save operations for a session without considering the dirty flag and the requirement for a new session ID, which has unspecified impact and remote attack vectors.
70CVE-2018-10548 An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. ext/ldap/ldap.c allows remote LDAP servers to cause a denial of service (NULL pointer dereference and application crash) because of mishandling of the ldap_get_dn return value.
71CVE-2011-3348 The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service (temporary "error state" in the backend server) via a malformed HTTP request.
72CVE-2018-19520 An issue was discovered in SDCMS 1.6 with PHP 5.x. app/admin/controller/themecontroller.php uses a check_bad function in an attempt to block certain PHP functions such as eval, but does not prevent use of preg_replace 'e' calls, allowing users to execute arbitrary code by leveraging access to admin template management.
73CVE-2018-19396 ext/standard/var_unserializer.c in PHP 5.x through 7.1.24 allows attackers to cause a denial of service (application crash) via an unserialize call for the com, dotnet, or variant class.
74CVE-2016-7478 Zend/zend_exceptions.c in PHP, possibly 5.x before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (infinite loop) via a crafted Exception object in serialized data, a related issue to CVE-2015-8876.
75CVE-2011-5000 The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.
76CVE-2012-2143 The crypt_des (aka DES-based crypt) function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent attackers to obtain access via an authentication attempt with an initial substring of the intended password, as demonstrated by a Unicode password.
77CVE-2012-1171 The libxml RSHUTDOWN function in PHP 5.x allows remote attackers to bypass the open_basedir protection mechanism and read arbitrary files via vectors involving a stream_close method call during use of a custom stream wrapper.
78CVE-2012-0831 PHP before 5.3.10 does not properly perform a temporary change to the magic_quotes_gpc directive during the importing of environment variables, which makes it easier for remote attackers to conduct SQL injection attacks via a crafted request, related to main/php_variables.c, sapi/cgi/cgi_main.c, and sapi/fpm/fpm/fpm_main.c.
79CVE-2018-17082 The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS via the body of a "Transfer-Encoding: chunked" request, because the bucket brigade is mishandled in the php_handler function in sapi/apache2handler/sapi_apache2.c.
80CVE-2019-9639 An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the data_len variable.
81CVE-2019-9638 An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the maker_note->offset relationship to value_len.
82CVE-2017-7668 The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. By maliciously crafting a sequence of request headers, an attacker may be able to cause a segmentation fault, or to force ap_find_token() to return an incorrect value.
83CVE-2013-6438 The dav_xml_get_cdata function in main/util.c in the mod_dav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service (daemon crash) via a crafted DAV WRITE request.
84CVE-2013-1635 ext/soap/soap.c in PHP before 5.3.22 and 5.4.x before 5.4.13 does not validate the relationship between the soap.wsdl_cache_dir directive and the open_basedir directive, which allows remote attackers to bypass intended access restrictions by triggering the creation of cached SOAP WSDL files in an arbitrary directory.
85CVE-2011-4415 The ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, does not restrict the size of values of environment variables, which allows local users to cause a denial of service (memory consumption or NULL pointer dereference) via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, related to (1) the "len +=" statement and (2) the apr_pcalloc function call, a different vulnerability than CVE-2011-3607.
86CVE-2010-5107 The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.
87CVE-2018-14883 An issue was discovered in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. An Integer Overflow leads to a heap-based buffer over-read in exif_thumbnail_extract of exif.c.
88CVE-2011-1398 The sapi_header_op function in main/SAPI.c in PHP before 5.3.11 and 5.4.x before 5.4.0RC2 does not check for %0D sequences (aka carriage return characters), which allows remote attackers to bypass an HTTP response-splitting protection mechanism via a crafted URL, related to improper interaction between the PHP header function and certain browsers, as demonstrated by Internet Explorer and Google Chrome.
89CVE-2010-0434 The ap_read_request function in server/protocol.c in the Apache HTTP Server 2.2.x before 2.2.15, when a multithreaded MPM is used, does not properly handle headers in subrequests in certain circumstances involving a parent request that has a body, which might allow remote attackers to obtain sensitive information via a crafted request that triggers access to memory locations associated with an earlier request.
90CVE-2010-1452 The (1) mod_cache and (2) mod_dav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service (process crash) via a request that lacks a path.
91CVE-2018-15473 OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
92CVE-2005-2666 SSH, as implemented in OpenSSH before 4.0 and possibly other implementations, stores hostnames, IP addresses, and keys in plaintext in the known_hosts file, which makes it easier for an attacker that has compromised an SSH user's account to generate a list of additional targets that are more likely to have the same password or key.
93CVE-2008-4109 A certain Debian patch for OpenSSH before 4.3p2-9etch3 on etch; before 4.6p1-1 on sid and lenny; and on other distributions such as SUSE uses functions that are not async-signal-safe in the signal handler for login timeouts, which allows remote attackers to cause a denial of service (connection slot exhaustion) via multiple login attempts. NOTE: this issue exists because of an incorrect fix for CVE-2006-5051.
94CVE-2012-3450 pdo_sql_parser.re in the PDO extension in PHP before 5.3.14 and 5.4.x before 5.4.4 does not properly determine the end of the query string during parsing of prepared statements, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted parameter value.
95CVE-2011-4718 Session fixation vulnerability in the Sessions subsystem in PHP before 5.5.2 allows remote attackers to hijack web sessions by specifying a session ID.
96CVE-2014-0237 The cdf_unpack_summary_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (performance degradation) by triggering many file_printf calls.
97CVE-2004-2069 sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, when using privilege separation, does not properly signal the non-privileged process when a session has been terminated after exceeding the LoginGraceTime setting, which leaves the connection open and allows remote attackers to cause a denial of service (connection consumption).
98CVE-2011-0419 Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd.
99CVE-2014-0231 The mod_cgid module in the Apache HTTP Server before 2.4.10 does not have a timeout mechanism, which allows remote attackers to cause a denial of service (process hang) via a request to a CGI script that does not read from its stdin file descriptor.
100CVE-2014-0238 The cdf_read_property_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (infinite loop or out-of-bounds memory access) via a vector that (1) has zero length or (2) is too long.
101CVE-2008-3259 OpenSSH before 5.1 sets the SO_REUSEADDR socket option when the X11UseLocalhost configuration setting is disabled, which allows local users on some platforms to hijack the X11 forwarding port via a bind to a single IP address, as demonstrated on the HP-UX platform.
102CVE-2013-4635 Integer overflow in the SdnToJewish function in jewish.c in the Calendar component in PHP before 5.3.26 and 5.4.x before 5.4.16 allows context-dependent attackers to cause a denial of service (application hang) via a large argument to the jdtojewish function.
103CVE-2019-9020 An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. Invalid input to the function xmlrpc_decode() can lead to an invalid memory access (heap out of bounds read or read after free). This is related to xml_elem_parse_buf in ext/xmlrpc/libxmlrpc/xml_element.c.
104CVE-2019-9021 An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A heap-based buffer over-read in PHAR reading functions in the PHAR extension may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse the file name, a different vulnerability than CVE-2018-20783. This is related to phar_detect_phar_fname_ext in ext/phar/phar.c.
105CVE-2019-9024 An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. xmlrpc_decode() can allow a hostile XMLRPC server to cause PHP to read memory outside of allocated areas in base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c.
106CVE-2011-3192 The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.
107CVE-2010-0425 modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server 2.0.37 through 2.0.63, 2.2.0 through 2.2.14, and 2.3.x before 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapi_unload for an ISAPI .dll module, which allows remote attackers to execute arbitrary code via unspecified vectors related to a crafted request, a reset packet, and "orphaned callback pointers."
108CVE-2011-3368 The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character.
109CVE-2012-4558 Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via a crafted string.
110CVE-2011-3607 Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, allows local users to gain privileges via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, leading to a heap-based buffer overflow.
111CVE-2018-19935 ext/imap/php_imap.c in PHP 5.x and 7.x before 7.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty string in the message argument to the imap_mail function.
112CVE-2012-4557 The mod_proxy_ajp module in the Apache HTTP Server 2.2.12 through 2.2.21 places a worker node into an error state upon detection of a long request-processing time, which allows remote attackers to cause a denial of service (worker consumption) via an expensive request.
113CVE-2015-8994 An issue was discovered in PHP 5.x and 7.x, when the configuration uses apache2handler/mod_php or php-fpm with OpCache enabled. With 5.x after 5.6.28 or 7.x after 7.0.13, the issue is resolved in a non-default configuration with the opcache.validate_permission=1 setting. The vulnerability details are as follows. In PHP SAPIs where PHP interpreters share a common parent process, Zend OpCache creates a shared memory object owned by the common parent during initialization. Child PHP processes inherit the SHM descriptor, using it to cache and retrieve compiled script bytecode ("opcode" in PHP jargon). Cache keys vary depending on configuration, but filename is a central key component, and compiled opcode can generally be run if a script's filename is known or can be guessed. Many common shared-hosting configurations change EUID in child processes to enforce privilege separation among hosted users (for example using mod_ruid2 for the Apache HTTP Server, or php-fpm user settings). In these scenarios, the default Zend OpCache behavior defeats script file permissions by sharing a single SHM cache among all child PHP processes. PHP scripts often contain sensitive information: Think of CMS configurations where reading or running another user's script usually means gaining privileges to the CMS database.
114CVE-2019-6977 gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. This can be exploited by an attacker who is able to trigger imagecolormatch calls with crafted image data.
115CVE-2016-10708 sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.
116CVE-2007-6750 The Apache HTTP Server 1.x and 2.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris, related to the lack of the mod_reqtimeout module in versions before 2.2.15.
117CVE-2012-1823 sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case.
118CVE-2013-1862 mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator.
119CVE-2013-4113 ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing depth, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted document that is processed by the xml_parse_into_struct function.
120CVE-2014-0098 The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server before 2.4.8 allows remote attackers to cause a denial of service (segmentation fault and daemon crash) via a crafted cookie that is not properly handled during truncation.
121CVE-2019-9641 An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_TIFF.
122CVE-2012-3365 The SQLite functionality in PHP before 5.3.15 allows remote attackers to bypass the open_basedir protection mechanism via unspecified vectors.
123CVE-2010-4755 The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632.
124CVE-2018-15132 An issue was discovered in ext/standard/link_win32.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. The linkinfo function on Windows doesn't implement the open_basedir check. This could be abused to find files on paths outside of the allowed directories.
125CVE-2010-0408 The ap_proxy_ajp_request function in mod_proxy_ajp.c in mod_proxy_ajp in the Apache HTTP Server 2.2.x before 2.2.15 does not properly handle certain situations in which a client sends no request body, which allows remote attackers to cause a denial of service (backend server outage) via a crafted request, related to use of a 500 error code instead of the appropriate 400 error code.
126CVE-2014-4721 The phpinfo implementation in ext/standard/info.c in PHP before 5.4.30 and 5.5.x before 5.5.14 does not ensure use of the string data type for the PHP_AUTH_PW, PHP_AUTH_TYPE, PHP_AUTH_USER, and PHP_SELF variables, which might allow context-dependent attackers to obtain sensitive information from process memory by using the integer data type with crafted values, related to a "type confusion" vulnerability, as demonstrated by reading a private SSL key in an Apache HTTP Server web-hosting environment with mod_ssl and a PHP 5.3.x mod_php.
127CVE-2013-1896 mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segmentation fault) via a MERGE request in which the URI is configured for handling by the mod_dav_svn module, but a certain href attribute in XML data refers to a non-DAV URI.
128CVE-2016-8612 Apache HTTP Server mod_cluster before version httpd 2.4.23 is vulnerable to an Improper Input Validation in the protocol parsing logic in the load balancer resulting in a Segmentation Fault in the serving httpd process.
129CVE-2010-4478 OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252.
130CVE-2012-2336 sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to cause a denial of service (resource consumption) by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'T' case. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1823.
131CVE-2013-2110 Heap-based buffer overflow in the php_quot_print_encode function in ext/standard/quot_print.c in PHP before 5.3.26 and 5.4.x before 5.4.16 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted argument to the quoted_printable_encode function.
132CVE-2012-3499 Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3) mod_ldap, (4) mod_proxy_ftp, and (5) mod_status modules.
133CVE-2012-0031 scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading to an invalid call to the free function.
134CVE-2018-19395 ext/standard/var.c in PHP 5.x through 7.1.24 on Windows allows attackers to cause a denial of service (NULL pointer dereference and application crash) because com and com_safearray_proxy return NULL in com_properties_get in ext/com_dotnet/com_handlers.c, as demonstrated by a serialize call on COM("WScript.Shell").
135CVE-2012-2386 Integer overflow in the phar_parse_tarfile function in tar.c in the phar extension in PHP before 5.3.14 and 5.4.x before 5.4.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tar file that triggers a heap-based buffer overflow.
136CVE-2012-6113 The openssl_encrypt function in ext/openssl/openssl.c in PHP 5.3.9 through 5.3.13 does not initialize a certain variable, which allows remote attackers to obtain sensitive information from process memory by providing zero bytes of input data.
137CVE-2017-16642 In PHP before 5.6.32, 7.x before 7.0.25, and 7.1.x before 7.1.11, an error in the date extension's timelib_meridian handling of 'front of' and 'back of' directives could be used by attackers able to supply date strings to leak information from the interpreter, related to ext/date/lib/parse_date.c out-of-bounds reads affecting the php_parse_date function. NOTE: this is a different issue than CVE-2017-11145.
138Ports
139228081137443445515873368980809000
140Services
14122
142tcp
143ssh
144OpenSSHVersion: 3.7.1p2
145SSH-2.0-OpenSSH_3.7.1p2
146Key type: ssh-rsa
147Key: AAAAB3NzaC1yc2EAAAADAQABAAAAgQDi49Y5B4SH8xsEid+SNeAEVzYiJxr7reflZDaUKiXVwHlJ
148+pRzsu/o3vJ0BCYKCJ/sn5DxPb+E2Mzw5+oonih3qpTZez1DTw2QfjPa1X79nrVa8Ez2SafWRJc8
149V4GRnDi0MzfYHWv4MLNsP2iZ3IhvgVazWmWgvsPdLaIZ7I5/xw==
150Fingerprint: 17:60:bb:44:2f:36:d8:df:6b:98:fb:63:7f:52:a7:a1
151
152Kex Algorithms:
153 diffie-hellman-group-exchange-sha1
154 diffie-hellman-group1-sha1
155
156Server Host Key Algorithms:
157 ssh-rsa
158
159Encryption Algorithms:
160 aes128-cbc
161 3des-cbc
162 blowfish-cbc
163 cast128-cbc
164 arcfour
165 aes192-cbc
166 aes256-cbc
167 rijndael-cbc@lysator.liu.se
168 aes128-ctr
169 aes192-ctr
170 aes256-ctr
171
172MAC Algorithms:
173 hmac-md5
174 hmac-sha1
175 hmac-ripemd160
176 hmac-ripemd160@openssh.com
177 hmac-sha1-96
178 hmac-md5-96
179
180Compression Algorithms:
181 none
182 zlib
183
18480
185tcp
186http
187
188HTTP/1.1 200 OK
189Content-Type: text/html
190Accept-Ranges: bytes
191ETag: "750604968"
192Last-Modified: Thu, 13 Apr 2017 10:59:04 GMT
193Content-Length: 2839
194Date: Thu, 21 Mar 2019 22:14:56 GMT
195Server: lighttpd/1.4.32
196
19781
198tcp
199http-simple-new
200
201HTTP/1.1 200 OK
202X-Powered-By: PHP/5.3.10
203Content-type: text/html
204Transfer-Encoding: chunked
205Date: Sat, 23 Mar 2019 16:52:05 GMT
206Server: lighttpd/1.4.32
207
208137
209udp
210netbios
211NetBIOS Response
212MAC: 00:00:00:00:00:00
213
214Names:
215THEOLOGOSNAS <0x1d>
216__MSBROWSE__ <0x1>
217443
218tcp
219https
220
221HTTP/1.1 200 OK
222Content-Type: text/html
223Accept-Ranges: bytes
224ETag: "576705456"
225Last-Modified: Thu, 13 Apr 2017 10:59:05 GMT
226Content-Length: 97
227Date: Fri, 22 Mar 2019 01:54:56 GMT
228Server: lighttpd/1.4.32
229
230SSL Certificate
231Certificate:
232 Data:
233 Version: 3 (0x2)
234 Serial Number: 1 (0x1)
235 Signature Algorithm: md5WithRSAEncryption
236 Issuer: C=JP, ST=Tokyo, L=Chuo-ku, O=BUFFALO INC., OU=NAS, CN=develop
237 Validity
238 Not Before: Jun 13 05:47:53 2007 GMT
239 Not After : Jun 8 05:47:53 2027 GMT
240 Subject: C=JP, ST=Tokyo, L=Chuo, O=buffalo, OU=NAS, CN=develop
241 Subject Public Key Info:
242 Public Key Algorithm: rsaEncryption
243 Public-Key: (1024 bit)
244 Modulus:
245 00:e2:e3:d6:39:07:84:87:f3:1b:04:89:df:92:35:
246 e0:04:57:36:22:27:1a:fb:ad:e7:e5:64:36:94:2a:
247 25:d5:c0:79:49:fa:94:73:b2:ef:e8:de:f2:74:04:
248 26:0a:08:9f:ec:9f:90:f1:3d:bf:84:d8:cc:f0:e7:
249 ea:28:9e:28:77:aa:94:d9:7b:3d:43:4f:0d:90:7e:
250 33:da:d5:7e:fd:9e:b5:5a:f0:4c:f6:49:a7:d6:44:
251 97:3c:57:81:91:9c:38:b4:33:37:d8:1d:6b:f8:30:
252 b3:6c:3f:68:99:dc:88:6f:81:56:b3:5a:65:a0:be:
253 c3:dd:2d:a2:19:ec:8e:7f:c7
254 Exponent: 65537 (0x10001)
255 X509v3 extensions:
256 X509v3 Basic Constraints:
257 CA:FALSE
258 Netscape Cert Type:
259 SSL Server
260 Netscape Comment:
261 OpenSSL Generated Certificate
262 X509v3 Subject Key Identifier:
263 3C:5D:67:B5:2F:F0:C1:6F:51:B7:4A:79:9B:29:C5:12:41:7C:65:E4
264 X509v3 Authority Key Identifier:
265 keyid:1E:89:B0:35:42:4B:AE:76:F6:C7:C0:2B:92:FC:27:B1:13:A9:3F:B4
266 DirName:/C=JP/ST=Tokyo/L=Chuo-ku/O=BUFFALO INC./OU=NAS/CN=develop
267 serial:00
268
269 Signature Algorithm: md5WithRSAEncryption
270 5e:d8:cb:73:36:e3:17:57:fb:b1:50:aa:ed:c2:68:b5:04:ba:
271 c3:2d:e4:a4:79:57:84:57:75:82:a1:55:f9:c7:48:f6:5b:aa:
272 bc:f3:dc:24:2b:81:05:0e:6f:58:87:c4:a5:2f:81:31:0c:8e:
273 3d:01:a1:e4:01:39:8d:e3:c5:d2:7f:a7:db:0a:a8:0e:28:63:
274 53:a9:90:1c:10:c6:2b:40:1b:a0:96:34:d1:1d:37:33:11:af:
275 ab:6d:2b:41:4d:fc:76:34:43:37:9b:86:4b:8e:d4:62:be:85:
276 d4:d3:9d:fd:29:60:1f:77:e0:98:29:ea:ba:66:35:97:a9:b0:
277 89:e5
278445
279tcp
280smb
281SambaVersion: 3.6.3-31a.osstech
282SMB Status
283Authentication: disabled
284SMB Version: 1
285Capabilities: raw-mode,unicode,large-files,nt-smb,rpc-remote-api,nt-status,level2-oplocks,lock-and-read,nt-find,infolevel-passthru,large-readx,large-writex,extended-security
286
287Shares
288Name Type Comments
289------------------------------------------------------------------------
290lp Printer Network Printer for Windows
291info Disk TeraStation Utilities
292share Disk TeraStation folder
293THEOLOGOSfolder Disk Theologos Folder
294CopaLimoInc Disk Travel
295SergioLexVallerieDaSilva Disk Individual Client
296THEOFANO Disk Church
297ElcioAR Disk Corporation
298DaSilvaLimoTransCorp Disk Corporation
299BilliardsandGRofLIinc Disk Corporation
300HMtruckingCorp Disk Corporation
301MERtruckingCorp Disk Corporation
302MSQtruckingCorp Disk Corporation
303SBMacielInc Disk Corporation
304AccountingBackUPfolder Disk Accounting Backup Folder
305AnthonySevastos Disk Individual
306SBMaciel Disk Incorporation
307TriasiaRealtyLLC Disk Real Estate Holding
308AntivirsSecurityFolder Disk
309HMTruckingCorpQBW Disk
310HMTruckingCorpWrite Disk
311MERACCOUNTINGQBW Disk
312MERWRITEREAD Disk
313MSQAccountingQBW Disk
314MSQ-Read-Write Disk Corporation
315OUTLOOKMS Disk File
316CopaLimoAccounting Disk
317CopaLimo-Read-Write Disk
318GeorgiosD Disk Individual
319Carlos-Simone Disk individuals
320DLT-Accounting Disk CORPORATION
321ElcioARaccounting Disk Corporation
322ElcioAR-read-write Disk Corporation
323SBMacielINCAccounting Disk Corporation
324SBMaciel-Read-Write Disk Corporation
325SDSREADWRITE Disk INDIVIDUAL
326SDAccounting Disk individual
327TriasiaAccounting Disk
328CSSNLLC Disk LLC
329Alice Disk Individual
330AlbertoG Disk Individual
331BasilE Disk Individual
332BiancaM Disk Individual
333Damir-Terra Disk Individuals
334DanelV Disk Individual
335DejnaV Disk Individual
336EnesM Disk Individual
337HenryV Disk Individual
338Hilmo-Sadika Disk Individuals
339LaurenL Disk Individual
340Padraig-Emi Disk Individuals
341RobertM Disk Individual
342Pierre-Kellen Disk Individuals
343BilliardsLIAccounting Disk
344GoldenBAccounting Disk Corporation
345Leroys Disk Individuals
346Spyridon-T-Write-Folder Disk Individual
347SFT-ITR-Folder Disk Individuals
348Mauro-Solange Disk
349KoutouvasD Disk Individual
350AbreuME Disk Individuals
351MarcioQ Disk Individual
352ConstantineE Disk Individual
353NicolasN Disk Individual
354SucoM Disk individual
355Elcio-Cristine Disk Individuals
356Rodrigo-Ilanda Disk Individuals
357VivendiGroupCorp Disk Corporation
358Orthodoxy Disk Eklisia
359FrankMoreira Disk Individual
360Chase-Bank Disk Bank
361Alpha-Bank Disk Bank
362SBMSERVICESINC Disk CORPORATION NJ
363SBMSERVICESINCACCOUNTING Disk CORPORATION NJ
364SBMSERVICESINC-RW Disk CORPORATION NJ
365FMRTINC Disk CORPORATION
366OCAmagazine Disk Incorporation
367OCAmagazineAccounting Disk Incorporporation
368FMRTaccounting Disk orporation
369IOANNIS-TSOLAKAKIS Disk Individual
370Adelino-A Disk Individual
371Mepdeliveryinc Disk 1120S CORP
372MEP-D-I-Accounting Disk 1120S Corporation
373Aloisio-Cristina Disk Individuals
374SPACEAVCORP-ACCOUNTING Disk CORPORATION
375SPACEAVCORP-FOLDER Disk CORPORATION
376Athanassios-Halkias Disk Individual
377Maria-Fraga Disk
378SeadMrkulic Disk
379SummerTruckingLLC Disk
380Aloisio-Machado Disk
381Roberto-Quintela Disk Individual
382Carolina-Quintela Disk
383Murilo-Ferreira Disk Individual
384SummerTruckingLLCaccounting Disk
385
Indiv Disk
386SamanthaRM Disk Individual
387MarleneAM Disk
388AllanM Disk Individual
389THEOLOGOS-CLIENTS Disk BUSINESS PERSONAL
390AlousaiPirroSafer Disk Alumunum works in Greece
391BIB_Drywall_Finishing_Corp Disk C Corp
392RosanaMVSouza Disk Individual
393Rosana-MVS-Accounting Disk Individual
394SolangeAOliveira Disk Propritorship
395SolangeAO-Accounting Disk Propritorship
396CleanSentInc Disk Marcio Frank Nephew
397Eduardo-Moacira-Santos Disk Self-Employed
398IPC$ IPC IPC Service ("TeraStatio
399515
400tcp
401line-printer-daemon
402Printer: printer@TheologosNAS - ERROR: spool queue for 'printer' does not exist on server TheologosNAS
403check for correct printer name or you may need to run
404'checkpc -f' to create queue
405873
406tcp
407rsync
408rsyncdVersion: 31.0
409@RSYNCD: 31.0
410array1_share
411array1_THEOLOGOSfolder
412array1_CopaLimoInc
413array1_SergioLexVallerieDaSilva
414array1_THEOFANO
415array1_ElcioAR
416array1_DaSilvaLimoTransCorp
417array1_BilliardsandGRofLIinc
418array1_HMtruckingCorp
419array1_MERtruckingCorp
420array1_MSQtruckingCorp
421array1_SBMacielInc
422array1_AccountingBackUPfolder
423array1_AnthonySevastos
424array1_SBMaciel
425array1_AntivirsSecurityFolder
426array1_HMTruckingCorpQBW
427array1_HMTruckingCorpWrite
428array1_MERACCOUNTINGQBW
429array1_MERWRITEREAD
430array1_MSQAccountingQBW
431array1_MSQ%2dRead%2dWrite
432array1_OUTLOOKMS
433array1_CopaLimoAccounting
434array1_CopaLimo%2dRead%2dWrite
435array1_GeorgiosD
436array1_Carlos%2dSimone
437array1_DLT%2dAccounting
438array1_ElcioARaccounting
439array1_ElcioAR%2dread%2dwrite
440array1_SBMacielINCAccounting
441array1_SBMaciel%2dRead%2dWrite
442array1_SDSREADWRITE
443array1_SDAccounting
444array1_TriasiaAccounting
445array1_CSSNLLC
446array1_Alice
447array1_AlbertoG
448array1_BasilE
449array1_BiancaM
450array1_Damir%2dTerra
451array1_DejnaV
452array1_EnesM
453array1_HenryV
454array1_Hilmo%2dSadika
455array1_LaurenL
456array1_Padraig%2dEmi
457array1_RobertM
458array1_Pierre%2dKellen
459array1_BilliardsLIAccounting
460array1_GoldenBAccounting
461array1_Leroys
462array1_Spyridon%2dT%2dWrite%2dFolder
463array1_SFT%2dITR%2dFolder
464array1_Mauro%2dSolange
465array1_MarcioQ
466array1_Elcio%2dCristine
467array1_Orthodoxy
468array1_Chase%2dBank
469array1_Alpha%2dBank
470array1_IOANNIS%2dTSOLAKAKIS
471array1_SPACEAVCORP%2dACCOUNTING
472array1_Athanassios%2dHalkias
473array1_Maria%2dFraga
474array1_SeadMrkulic
475array1_SummerTruckingLLC
476array1_LourivalC
477array1_THEOLOGOS%2dCLIENTS
478array1_SolangeAOliveira
479array1_SolangeAO%2dAccounting
480@RSYNCD: EXIT
4813689
482tcp
483http-simple-new
484
485mt-daapd DAAPVersion: 0.2.4
486HTTP/1.1 401 Unauthorized
487WWW-Authenticate: Basic realm="webserver"
488Content-Language: en_us
489Content-Type: text/html
490Server: mt-daapd/0.2.4
491Connection: close
492Date: Sat, 23 Mar 2019 06:35:21 GMT
493
4948080
495tcp
496http
497
498HTTP/1.1 401 Unauthorized
499Server:
500Date: Thu, 28 Mar 2019 23:25:25 GMT
501WWW-Authenticate: Basic realm="NETGEAR WNR834B"
502Content-Type: text/html
503Connection: close
504
5059000
506tcp
507https-simple-new
508
509Apache httpdVersion: 2.2.14
510HTTP/1.1 200 OK
511Date: Fri, 29 Mar 2019 04:14:39 GMT
512Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8l mod_perl/2.0.4 Perl/v5.10.0
513Last-Modified: Tue, 28 May 2013 08:07:09 GMT
514ETag: "393e9-209-4ddc2c0730540"
515Accept-Ranges: bytes
516Content-Length: 521
517Content-Type: text/html
518
519<html>
520<head>
521 <title>Redirecting...</title>
522 <meta name="viewport" content="width=device-width,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no" />
523
524 <script type="text/javascript" src="./st/js/sencha-touch-1.1.0/sencha-touch.js"></script>
525 <script type="text/javascript">
526 if ( Ext.is.iOS || Ext.is.Android ) {
527 location = "/st/" + location.hash;
528 } else {
529 location = "/ui/" + location.hash;
530 }
531 </script>
532
533</head>
534<body>
535 <noscript>
536 <img src="enable-javascript.png" />
537 </noscript>
538</body>
539</html>
540© 2013-2019, All Rights Reserved - Shodan®