· 6 years ago · Dec 03, 2019, 11:36 PM
1#######################################################################################################################################
2=======================================================================================================================================
3Hostname alemarahenglish.com ISP Ch-net S.r.l.
4Continent Europe Flag
5RO
6Country Romania Country Code RO
7Region Unknown Local time 03 Dec 2019 23:37 EET
8City Unknown Postal Code Unknown
9IP Address 93.113.37.250 Latitude 45.997
10 Longitude 24.997
11=======================================================================================================================================
12#######################################################################################################################################
13> alemarahenglish.com
14Server: 185.93.180.131
15Address: 185.93.180.131#53
16
17Non-authoritative answer:
18Name: alemarahenglish.com
19Address: 93.113.37.250
20>
21#######################################################################################################################################
22 Domain Name: ALEMARAHENGLISH.COM
23 Registry Domain ID: 2352801919_DOMAIN_COM-VRSN
24 Registrar WHOIS Server: whois.tucows.com
25 Registrar URL: http://www.tucows.com
26 Updated Date: 2019-05-06T12:54:26Z
27 Creation Date: 2019-01-16T16:55:13Z
28 Registry Expiry Date: 2020-01-16T16:55:13Z
29 Registrar: Tucows Domains Inc.
30 Registrar IANA ID: 69
31 Registrar Abuse Contact Email:
32 Registrar Abuse Contact Phone:
33 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
34 Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
35 Name Server: NS1.AFRAID.ORG
36 Name Server: NS2.AFRAID.ORG
37 DNSSEC: unsigned
38#######################################################################################################################################
39Domain Name: ALEMARAHENGLISH.COM
40Registry Domain ID: 2352801919_DOMAIN_COM-VRSN
41Registrar WHOIS Server: whois.tucows.com
42Registrar URL: http://tucowsdomains.com
43Updated Date: 2019-05-06T12:54:26
44Creation Date: 2019-01-16T16:55:13
45Registrar Registration Expiration Date: 2020-01-16T16:55:13
46Registrar: TUCOWS, INC.
47Registrar IANA ID: 69
48Reseller: Hover
49Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
50Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
51Registry Registrant ID:
52Registrant Name: Contact Privacy Inc. Customer 0153694091
53Registrant Organization: Contact Privacy Inc. Customer 0153694091
54Registrant Street: 96 Mowat Ave
55Registrant City: Toronto
56Registrant State/Province: ON
57Registrant Postal Code: M6K 3M1
58Registrant Country: CA
59Registrant Phone: +1.4165385457
60Registrant Phone Ext:
61Registrant Fax:
62Registrant Fax Ext:
63Registrant Email: alemarahenglish.com@contactprivacy.com
64Registry Admin ID:
65Admin Name: Contact Privacy Inc. Customer 0153694091
66Admin Organization: Contact Privacy Inc. Customer 0153694091
67Admin Street: 96 Mowat Ave
68Admin City: Toronto
69Admin State/Province: ON
70Admin Postal Code: M6K 3M1
71Admin Country: CA
72Admin Phone: +1.4165385457
73Admin Phone Ext:
74Admin Fax:
75Admin Fax Ext:
76Admin Email: alemarahenglish.com@contactprivacy.com
77Registry Tech ID:
78Tech Name: Contact Privacy Inc. Customer 0153694091
79Tech Organization: Contact Privacy Inc. Customer 0153694091
80Tech Street: 96 Mowat Ave
81Tech City: Toronto
82Tech State/Province: ON
83Tech Postal Code: M6K 3M1
84Tech Country: CA
85Tech Phone: +1.4165385457
86Tech Phone Ext:
87Tech Fax:
88Tech Fax Ext:
89Tech Email: alemarahenglish.com@contactprivacy.com
90Name Server: ns1.afraid.org
91Name Server: ns2.afraid.org
92DNSSEC: unsigned
93#######################################################################################################################################
94[+] Target : alemarahenglish.com
95
96[+] IP Address : 93.113.37.250
97
98[+] Headers :
99
100[+] Date : Tue, 03 Dec 2019 21:52:55 GMT
101[+] Server : Apache
102[+] X-Powered-By : PHP/5.5.38
103[+] Link : <http://alemarahenglish.com/index.php?rest_route=/>; rel="https://api.w.org/", <http://alemarahenglish.com/>; rel=shortlink
104[+] Keep-Alive : timeout=5, max=100
105[+] Connection : Keep-Alive
106[+] Transfer-Encoding : chunked
107[+] Content-Type : text/html; charset=UTF-8
108
109[+] SSL Certificate Information :
110
111[+] commonName : alemarahenglish.com
112[+] countryName : US
113[+] stateOrProvinceName : TX
114[+] localityName : Houston
115[+] organizationName : cPanel, Inc.
116[+] commonName : cPanel, Inc. Certification Authority
117[+] Version : 3
118[+] Serial Number : 7F5BF780D45B313138F52F14A347CD37
119[+] Not Before : Oct 6 00:00:00 2019 GMT
120[+] Not After : Jan 4 23:59:59 2020 GMT
121[+] OCSP : ('http://ocsp.comodoca.com',)
122[+] subject Alt Name : (('DNS', 'alemarahenglish.com'), ('DNS', 'cpanel.alemarahenglish.com'), ('DNS', 'mail.alemarahenglish.com'), ('DNS', 'webdisk.alemarahenglish.com'), ('DNS', 'webmail.alemarahenglish.com'), ('DNS', 'www.alemarahenglish.com'))
123[+] CA Issuers : ('http://crt.comodoca.com/cPanelIncCertificationAuthority.crt',)
124[+] CRL Distribution Points : ('http://crl.comodoca.com/cPanelIncCertificationAuthority.crl',)
125
126[+] Whois Lookup :
127
128[+] NIR : None
129[+] ASN Registry : ripencc
130[+] ASN : 41011
131[+] ASN CIDR : 93.113.37.0/24
132[+] ASN Country Code : RO
133[+] ASN Date : 2007-12-21
134[+] ASN Description : CH-NET-AS, RO
135[+] cidr : 93.113.37.0/24
136[+] name : RO-SCCH-CENTER-93-113-37-0-24
137[+] handle : PCV20-RIPE
138[+] range : 93.113.37.0 - 93.113.37.255
139[+] description : CH-NET S.R.L.
140[+] country : RO
141[+] state : None
142[+] city : None
143[+] address : Str.Pacii Nr 36
144077040
145Com Chiajna
146ROMANIA
147[+] postal_code : None
148[+] emails : None
149[+] created : 2017-11-11T09:05:49Z
150[+] updated : 2017-11-11T09:05:49Z
151
152[+] Crawling Target...
153
154[+] Looking for robots.txt........[ Not Found ]
155[+] Looking for sitemap.xml.......[ Not Found ]
156[+] Extracting CSS Links..........[ 26 ]
157[+] Extracting Javascript Links...[ 36 ]
158[+] Extracting Internal Links.....[ 76 ]
159[+] Extracting External Links.....[ 10 ]
160[+] Extracting Images.............[ 52 ]
161
162[+] Total Links Extracted : 200
163
164[+] Dumping Links in /opt/FinalRecon/dumps/alemarahenglish.com.dump
165[+] Completed!
166#######################################################################################################################################
167[+] Starting At 2019-12-03 16:53:18.087593
168[+] Collecting Information On: http://alemarahenglish.com/
169[#] Status: 200
170--------------------------------------------------
171[#] Web Server Detected: Apache
172[#] X-Powered-By: PHP/5.5.38
173[!] X-Frame-Options Headers not detect! target might be vulnerable Click Jacking
174- Date: Tue, 03 Dec 2019 21:53:13 GMT
175- Server: Apache
176- X-Powered-By: PHP/5.5.38
177- Link: <http://alemarahenglish.com/index.php?rest_route=/>; rel="https://api.w.org/", <http://alemarahenglish.com/>; rel=shortlink
178- Keep-Alive: timeout=5, max=100
179- Connection: Keep-Alive
180- Transfer-Encoding: chunked
181- Content-Type: text/html; charset=UTF-8
182--------------------------------------------------
183[#] Finding Location..!
184[#] status: success
185[#] country: Romania
186[#] countryCode: RO
187[#] region: IF
188[#] regionName: Ilfov
189[#] city: Chiajna
190[#] zip: 077040
191[#] lat: 44.4597
192[#] lon: 25.9805
193[#] timezone: Europe/Bucharest
194[#] isp: SC CH-NET SRL
195[#] org: Ch-net S.R.L.
196[#] as: AS41011 CH-NET S.R.L.
197[#] query: 93.113.37.250
198--------------------------------------------------
199[x] Didn't Detect WAF Presence on: http://alemarahenglish.com/
200--------------------------------------------------
201[#] Starting Reverse DNS
202[-] Failed ! Fail
203--------------------------------------------------
204[!] Scanning Open Port
205[#] 21/tcp open ftp
206[#] 22/tcp open ssh
207[#] 53/tcp open domain
208[#] 80/tcp open http
209[#] 110/tcp open pop3
210[#] 143/tcp open imap
211[#] 443/tcp open https
212[#] 465/tcp open smtps
213[#] 587/tcp open submission
214[#] 993/tcp open imaps
215[#] 995/tcp open pop3s
216--------------------------------------------------
217[+] Collecting Information Disclosure!
218[#] Detecting sitemap.xml file
219[-] sitemap.xml file not Found!?
220[#] Detecting robots.txt file
221[-] robots.txt file not Found!?
222[#] Detecting GNU Mailman
223[!] GNU Mailman App Detected: http://alemarahenglish.com//mailman/admin
224[!] version: 2.1.27
225--------------------------------------------------
226[+] Crawling Url Parameter On: http://alemarahenglish.com/
227--------------------------------------------------
228[#] Searching Html Form !
229[+] Html Form Discovered
230[#] action: http://alemarahenglish.com/wp-login.php
231[#] class: None
232[#] id: None
233[#] method: post
234--------------------------------------------------
235[!] Found 6 dom parameter
236[#] http://alemarahenglish.com/index.php?rest_route=%2Foembed%2F1.0%2Fembed&url=http%3A%2F%2Falemarahenglish.com%2F
237[#] http://alemarahenglish.com/index.php?rest_route=%2Foembed%2F1.0%2Fembed&url=http%3A%2F%2Falemarahenglish.com%2F&format=xml
238[#] http://alemarahenglish.com//#
239[#] http://alemarahenglish.com//#
240[#] http://alemarahenglish.com//#
241[#] http://alemarahenglish.com//#
242--------------------------------------------------
243[!] 159 Internal Dynamic Parameter Discovered
244[+] http://alemarahenglish.com/?feed=rss2
245[+] http://alemarahenglish.com/?feed=comments-rss2
246[+] http://alemarahenglish.com/xmlrpc.php?rsd
247[+] http://alemarahenglish.com/index.php?rest_route=%2Foembed%2F1.0%2Fembed&url=http%3A%2F%2Falemarahenglish.com%2F
248[+] http://alemarahenglish.com/index.php?rest_route=%2Foembed%2F1.0%2Fembed&url=http%3A%2F%2Falemarahenglish.com%2F&format=xml
249[+] http://alemarahenglish.com/?cat=2
250[+] http://alemarahenglish.com/?cat=10
251[+] http://alemarahenglish.com/?cat=18
252[+] http://alemarahenglish.com/?cat=7
253[+] http://alemarahenglish.com/?cat=8
254[+] http://alemarahenglish.com/?cat=19
255[+] http://alemarahenglish.com/?cat=3
256[+] http://alemarahenglish.com/?cat=9
257[+] http://alemarahenglish.com/?cat=2
258[+] http://alemarahenglish.com/?cat=10
259[+] http://alemarahenglish.com/?cat=18
260[+] http://alemarahenglish.com/?cat=7
261[+] http://alemarahenglish.com/?cat=8
262[+] http://alemarahenglish.com/?cat=19
263[+] http://alemarahenglish.com/?cat=3
264[+] http://alemarahenglish.com/?cat=9
265[+] http://alemarahenglish.com/?p=55652
266[+] http://alemarahenglish.com/?p=55650
267[+] http://alemarahenglish.com/?p=55648
268[+] http://alemarahenglish.com/?p=55646
269[+] http://alemarahenglish.com/?p=55644
270[+] http://alemarahenglish.com/?p=55642
271[+] http://alemarahenglish.com/?p=55640
272[+] http://alemarahenglish.com/?p=55633
273[+] http://alemarahenglish.com/?p=55631
274[+] http://alemarahenglish.com/?p=55629
275[+] http://alemarahenglish.com/?p=55627
276[+] http://alemarahenglish.com/?p=55624
277[+] http://alemarahenglish.com/?p=55621
278[+] http://alemarahenglish.com/wp-login.php?action=lostpassword
279[+] http://alemarahenglish.com/?p=55635
280[+] http://alemarahenglish.com/?p=55635
281[+] http://alemarahenglish.com/?p=55633
282[+] http://alemarahenglish.com/?p=55633
283[+] http://alemarahenglish.com/?p=55599
284[+] http://alemarahenglish.com/?p=55599
285[+] http://alemarahenglish.com/?p=55596
286[+] http://alemarahenglish.com/?p=55596
287[+] http://alemarahenglish.com/?p=55593
288[+] http://alemarahenglish.com/?p=55593
289[+] http://alemarahenglish.com/?p=55586
290[+] http://alemarahenglish.com/?p=55586
291[+] http://alemarahenglish.com/?cat=10
292[+] http://alemarahenglish.com/?p=55633
293[+] http://alemarahenglish.com/?p=55633
294[+] http://alemarahenglish.com/?p=55593
295[+] http://alemarahenglish.com/?p=55593
296[+] http://alemarahenglish.com/?p=55586
297[+] http://alemarahenglish.com/?p=55586
298[+] http://alemarahenglish.com/?p=55547
299[+] http://alemarahenglish.com/?p=55547
300[+] http://alemarahenglish.com/?p=55505
301[+] http://alemarahenglish.com/?p=55505
302[+] http://alemarahenglish.com/?p=55502
303[+] http://alemarahenglish.com/?p=55502
304[+] http://alemarahenglish.com/?p=55499
305[+] http://alemarahenglish.com/?p=55499
306[+] http://alemarahenglish.com/?p=55486
307[+] http://alemarahenglish.com/?p=55486
308[+] http://alemarahenglish.com/?p=55485
309[+] http://alemarahenglish.com/?p=55485
310[+] http://alemarahenglish.com/?p=55460
311[+] http://alemarahenglish.com/?p=55460
312[+] http://alemarahenglish.com/?cat=10
313[+] http://alemarahenglish.com/?cat=18
314[+] http://alemarahenglish.com/?p=55599
315[+] http://alemarahenglish.com/?p=55599
316[+] http://alemarahenglish.com/?p=55066
317[+] http://alemarahenglish.com/?p=55066
318[+] http://alemarahenglish.com/?p=55062
319[+] http://alemarahenglish.com/?p=55062
320[+] http://alemarahenglish.com/?cat=18
321[+] http://alemarahenglish.com/?cat=8
322[+] http://alemarahenglish.com/?p=55038
323[+] http://alemarahenglish.com/?p=55038
324[+] http://alemarahenglish.com/?p=53058
325[+] http://alemarahenglish.com/?p=53058
326[+] http://alemarahenglish.com/?p=52601
327[+] http://alemarahenglish.com/?p=52601
328[+] http://alemarahenglish.com/?p=52430
329[+] http://alemarahenglish.com/?p=52430
330[+] http://alemarahenglish.com/?cat=8
331[+] http://alemarahenglish.com/?cat=19
332[+] http://alemarahenglish.com/?p=55144
333[+] http://alemarahenglish.com/?p=55144
334[+] http://alemarahenglish.com/?p=54959
335[+] http://alemarahenglish.com/?p=54959
336[+] http://alemarahenglish.com/?p=54866
337[+] http://alemarahenglish.com/?p=54866
338[+] http://alemarahenglish.com/?p=54777
339[+] http://alemarahenglish.com/?p=54777
340[+] http://alemarahenglish.com/?cat=19
341[+] http://alemarahenglish.com/?cat=9
342[+] http://alemarahenglish.com/?p=54897
343[+] http://alemarahenglish.com/?p=54897
344[+] http://alemarahenglish.com/?p=54425
345[+] http://alemarahenglish.com/?p=54425
346[+] http://alemarahenglish.com/?p=53514
347[+] http://alemarahenglish.com/?p=53514
348[+] http://alemarahenglish.com/?cat=9
349[+] http://alemarahenglish.com/?p=55144
350[+] http://alemarahenglish.com/?p=55144
351[+] http://alemarahenglish.com/?p=55038
352[+] http://alemarahenglish.com/?p=55038
353[+] http://alemarahenglish.com/?p=54959
354[+] http://alemarahenglish.com/?p=54959
355[+] http://alemarahenglish.com/?p=54897
356[+] http://alemarahenglish.com/?p=54897
357[+] http://alemarahenglish.com/?p=54866
358[+] http://alemarahenglish.com/?p=54866
359[+] http://alemarahenglish.com/?p=55429
360[+] http://alemarahenglish.com/?p=55429
361[+] http://alemarahenglish.com/?p=55130
362[+] http://alemarahenglish.com/?p=55130
363[+] http://alemarahenglish.com/?p=55072
364[+] http://alemarahenglish.com/?p=55072
365[+] http://alemarahenglish.com/?p=54796
366[+] http://alemarahenglish.com/?p=54796
367[+] http://alemarahenglish.com/?p=54380
368[+] http://alemarahenglish.com/?p=54380
369[+] http://alemarahenglish.com/?p=55596
370[+] http://alemarahenglish.com/?p=55383
371[+] http://alemarahenglish.com/?p=55635
372[+] http://alemarahenglish.com/?p=55207
373[+] http://alemarahenglish.com/?p=54735
374[+] http://alemarahenglish.com/?p=54428
375[+] http://alemarahenglish.com/?p=54105
376[+] http://alemarahenglish.com/?p=55652
377[+] http://alemarahenglish.com/?p=55650
378[+] http://alemarahenglish.com/?p=55648
379[+] http://alemarahenglish.com/?p=55646
380[+] http://alemarahenglish.com/?p=55644
381[+] http://alemarahenglish.com/?p=55642
382[+] http://alemarahenglish.com/?p=55640
383[+] http://alemarahenglish.com/?p=55633
384[+] http://alemarahenglish.com/?p=55631
385[+] http://alemarahenglish.com/?p=55629
386[+] http://alemarahenglish.com/?p=55627
387[+] http://alemarahenglish.com/?p=55624
388[+] http://alemarahenglish.com/?p=55621
389[+] http://alemarahenglish.com/?p=55619
390[+] http://alemarahenglish.com/?p=55617
391[+] http://alemarahenglish.com/?p=55615
392[+] http://alemarahenglish.com/?p=55613
393[+] http://alemarahenglish.com/?p=55611
394[+] http://alemarahenglish.com/?p=55609
395[+] http://alemarahenglish.com/?p=55596
396[+] http://alemarahenglish.com/?p=55383
397[+] http://alemarahenglish.com/?p=55350
398[+] http://alemarahenglish.com/?p=55347
399[+] http://alemarahenglish.com/?m=201911
400[+] http://alemarahenglish.com/?m=20191201
401[+] http://alemarahenglish.com/?m=20191202
402[+] http://alemarahenglish.com/?m=20191203
403--------------------------------------------------
404[!] 3 External Dynamic Parameter Discovered
405[#] https://twitter.com/Zabehulah_M33?ref_src=twsrc%5Etfw
406[#] https://twitter.com/QyAhmadi_1?ref_src=twsrc%5Etfw
407[#] https://twitter.com/suhailshaheen1?ref_src=twsrc%5Etfw
408--------------------------------------------------
409[!] 18 Internal links Discovered
410[+] http://alemarahenglish.com/xmlrpc.php
411[+] http://alemarahenglish.com/wp-content/themes/multinews/css/print.css
412[+] http://alemarahenglish.com/wp-content/themes/multinews/apple-touch-icon-precomposed.png
413[+] http://alemarahenglish.com/wp-includes/wlwmanifest.xml
414[+] http://alemarahenglish.com/
415[+] http://alemarahenglish.com/wp-content/plugins/js_composer/assets/css/vc_lte_ie9.min.css
416[+] http://alemarahenglish.com/wp-content/uploads/2019/03/mono24-45x45.jpg
417[+] http://alemarahenglish.com/wp-content/uploads/2019/03/mono24.jpg
418[+] http://alemarahenglish.com/wp-content/uploads/2019/03/mono24.jpg
419[+] http://alemarahenglish.com
420[+] http://alemarahenglish.com
421[+] http://alemarahenglish.com
422[+] http://alemarahenglish.com/wp-content/uploads/2019/03/Agriculture-1-660x750.jpg
423[+] http://alemarahenglish.com/wp-content/uploads/2019/03/%D9%85%D9%84%DA%A9%D9%8A-%D8%AA%D9%84%D9%81%D8%A7%D8%AAEnglish2-660x750.jpg
424[+] http://alemarahenglish.com/wp-content/uploads/2019/03/Commission-660x750.jpg
425[+] http://alemarahenglish.com/wp-content/uploads/2019/03/Taleem-660x750.jpg
426[+] http://alemarahenglish.com/wp-content/uploads/2019/03/Electric-660x750.jpg
427[+] http://alemarahenglish.com/wp-content/uploads/2019/09/wwwe-660x750.jpg
428--------------------------------------------------
429[!] 12 External links Discovered
430[#] http://gmpg.org/xfn/11
431[#] http://browsehappy.com/
432[#] http://alemarahdari.com/
433[#] http://alemaraharabi.com/
434[#] http://alemarahurdu.net/
435[#] http://shahamat1.com
436[#] http://alemarahislam.com
437[#] http://mujali.net
438[#] http://taraani.com
439[#] http://alemarahislam.com
440[#] http://mujali.net
441[#] http://taraani.com
442--------------------------------------------------
443[#] Mapping Subdomain..
444[!] Found 2 Subdomain
445- alemarahenglish.com
446- www.alemarahenglish.com
447--------------------------------------------------
448[!] Done At 2019-12-03 16:53:47.784389
449#######################################################################################################################################
450[i] Scanning Site: http://alemarahenglish.com
451
452
453
454B A S I C I N F O
455====================
456
457
458[+] Site Title: Islamic Emirate of Afghanistan | Official website of Islamic Emirate of Afghanistan
459[+] IP address: 93.113.37.250
460[+] Web Server: Apache
461[+] CMS: WordPress
462[+] Cloudflare: Not Detected
463[+] Robots File: Could NOT Find robots.txt!
464
465
466
467
468W H O I S L O O K U P
469========================
470
471 Domain Name: ALEMARAHENGLISH.COM
472 Registry Domain ID: 2352801919_DOMAIN_COM-VRSN
473 Registrar WHOIS Server: whois.tucows.com
474 Registrar URL: http://www.tucows.com
475 Updated Date: 2019-05-06T12:54:26Z
476 Creation Date: 2019-01-16T16:55:13Z
477 Registry Expiry Date: 2020-01-16T16:55:13Z
478 Registrar: Tucows Domains Inc.
479 Registrar IANA ID: 69
480 Registrar Abuse Contact Email:
481 Registrar Abuse Contact Phone:
482 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
483 Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
484 Name Server: NS1.AFRAID.ORG
485 Name Server: NS2.AFRAID.ORG
486 DNSSEC: unsigned
487 URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
488>>> Last update of whois database: 2019-12-03T21:53:22Z <<<
489
490For more information on Whois status codes, please visit https://icann.org/epp
491
492
493
494The Registry database contains ONLY .COM, .NET, .EDU domains and
495Registrars.
496
497
498
499
500G E O I P L O O K U P
501=========================
502
503[i] IP Address: 93.113.37.250
504[i] Country: Romania
505[i] State:
506[i] City:
507[i] Latitude: 46.0
508[i] Longitude: 25.0
509
510
511
512
513H T T P H E A D E R S
514=======================
515
516
517[i] HTTP/1.1 200 OK
518[i] Date: Tue, 03 Dec 2019 21:53:22 GMT
519[i] Server: Apache
520[i] X-Powered-By: PHP/5.5.38
521[i] Link: <http://alemarahenglish.com/index.php?rest_route=/>; rel="https://api.w.org/", <http://alemarahenglish.com/>; rel=shortlink
522[i] Connection: close
523[i] Content-Type: text/html; charset=UTF-8
524
525
526
527
528D N S L O O K U P
529===================
530
531alemarahenglish.com. 3599 IN A 93.113.37.250
532alemarahenglish.com. 3599 IN SOA ns1.afraid.org. dnsadmin.afraid.org. 1906160001 86400 7200 2419200 3600
533alemarahenglish.com. 3599 IN NS ns3.afraid.org.
534alemarahenglish.com. 3599 IN NS ns1.afraid.org.
535alemarahenglish.com. 3599 IN NS ns4.afraid.org.
536alemarahenglish.com. 3599 IN NS ns2.afraid.org.
537
538
539
540
541S U B N E T C A L C U L A T I O N
542====================================
543
544Address = 93.113.37.250
545Network = 93.113.37.250 / 32
546Netmask = 255.255.255.255
547Broadcast = not needed on Point-to-Point links
548Wildcard Mask = 0.0.0.0
549Hosts Bits = 0
550Max. Hosts = 1 (2^0 - 0)
551Host Range = { 93.113.37.250 - 93.113.37.250 }
552
553
554
555N M A P P O R T S C A N
556============================
557
558Starting Nmap 7.70 ( https://nmap.org ) at 2019-12-03 21:53 UTC
559Nmap scan report for alemarahenglish.com (93.113.37.250)
560Host is up (0.10s latency).
561rDNS record for 93.113.37.250: adsla250.ch-clienti.ro
562
563PORT STATE SERVICE
56421/tcp open ftp
56522/tcp open ssh
56623/tcp filtered telnet
56780/tcp open http
568110/tcp open pop3
569143/tcp open imap
570443/tcp open https
5713389/tcp filtered ms-wbt-server
572
573Nmap done: 1 IP address (1 host up) scanned in 1.87 seconds
574
575
576
577S U B - D O M A I N F I N D E R
578==================================
579
580
581[i] Total Subdomains Found : 1
582
583[+] Subdomain: www.alemarahenglish.com
584[-] IP: 93.113.37.250
585#######################################################################################################################################
586Trying "alemarahenglish.com"
587;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21792
588;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 4, ADDITIONAL: 6
589
590;; QUESTION SECTION:
591;alemarahenglish.com. IN ANY
592
593;; ANSWER SECTION:
594alemarahenglish.com. 0 IN SOA ns1.afraid.org. dnsadmin.afraid.org. 1906160001 86400 7200 2419200 3600
595alemarahenglish.com. 0 IN A 93.113.37.250
596alemarahenglish.com. 0 IN NS ns1.afraid.org.
597alemarahenglish.com. 0 IN NS ns2.afraid.org.
598alemarahenglish.com. 0 IN NS ns4.afraid.org.
599alemarahenglish.com. 0 IN NS ns3.afraid.org.
600
601;; AUTHORITY SECTION:
602alemarahenglish.com. 3600 IN NS ns2.afraid.org.
603alemarahenglish.com. 3600 IN NS ns4.afraid.org.
604alemarahenglish.com. 3600 IN NS ns1.afraid.org.
605alemarahenglish.com. 3600 IN NS ns3.afraid.org.
606
607;; ADDITIONAL SECTION:
608ns4.afraid.org. 12161 IN A 174.128.246.102
609ns3.afraid.org. 12161 IN A 69.197.18.161
610ns1.afraid.org. 12161 IN A 50.23.197.94
611ns1.afraid.org. 12161 IN AAAA 2607:f0d0:1102:d5::2
612ns2.afraid.org. 36941 IN A 69.65.50.192
613ns2.afraid.org. 208 IN AAAA 2001:1850:1:5:800::6b
614
615Received 356 bytes from 2001:18c0:121:6900:724f:b8ff:fefd:5b6a#53 in 255 ms
616######################################################################################################################################
617
618; <<>> DiG 9.11.5-P4-5.1+b1-Debian <<>> +trace alemarahenglish.com any
619;; global options: +cmd
620. 80088 IN NS j.root-servers.net.
621. 80088 IN NS l.root-servers.net.
622. 80088 IN NS e.root-servers.net.
623. 80088 IN NS i.root-servers.net.
624. 80088 IN NS f.root-servers.net.
625. 80088 IN NS m.root-servers.net.
626. 80088 IN NS a.root-servers.net.
627. 80088 IN NS h.root-servers.net.
628. 80088 IN NS d.root-servers.net.
629. 80088 IN NS k.root-servers.net.
630. 80088 IN NS b.root-servers.net.
631. 80088 IN NS g.root-servers.net.
632. 80088 IN NS c.root-servers.net.
633. 80088 IN RRSIG NS 8 0 518400 20191216190000 20191203180000 22545 . bZbjzYTGHV37OxN7DMm7KeB1jfDAtalOlIyO/aesJKCRDIrcHRTs4CuJ DSD0q58NVE/cjupVT0JF42opXwCMXQZoOcEFe2VLRlo8VdcHxA26ndoD ZhiHpdQgHgQGvpTLVnzFunlI9GAjJhQS1x1XI6W6IFYN9HUx+gieswEf eDoW/Jo0wj9nxC8A4ce6GbPEH7yWQ+06w4wRctLuTf8uCM1BNCo25GvF tWKTdM/8lO2p5PkyRwEdh5BKAxxZoiXW2J7TMzwMXPkVxBdkjbCPi16/ 4Os6SKA+PZveFLkjC+eqdASnrERCJoWFtFouDy++fKcJgFl3S6B3T5wF fR2MoA==
634;; Received 525 bytes from 185.93.180.131#53(185.93.180.131) in 185 ms
635
636com. 172800 IN NS a.gtld-servers.net.
637com. 172800 IN NS b.gtld-servers.net.
638com. 172800 IN NS c.gtld-servers.net.
639com. 172800 IN NS d.gtld-servers.net.
640com. 172800 IN NS e.gtld-servers.net.
641com. 172800 IN NS f.gtld-servers.net.
642com. 172800 IN NS g.gtld-servers.net.
643com. 172800 IN NS h.gtld-servers.net.
644com. 172800 IN NS i.gtld-servers.net.
645com. 172800 IN NS j.gtld-servers.net.
646com. 172800 IN NS k.gtld-servers.net.
647com. 172800 IN NS l.gtld-servers.net.
648com. 172800 IN NS m.gtld-servers.net.
649com. 86400 IN DS 30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766
650com. 86400 IN RRSIG DS 8 1 86400 20191216190000 20191203180000 22545 . Vn0FpW295UK1NzfanyPjoxPGDyK1zU6JUnVo9cQRni619ecJOsTsOcvB dvrkPQLz8SElMshjqasc7sGi65P8v8gILSNnhgs7b6IXSlwfiA6cNg+c Qb6+ajnLw/VZiDUkOBp52WT51RsA5J9/1GW9vzWmVdudbYloW76NOS8n cLWCpCxeQUpJjxIl9THVzcixGa0t1A+Fh/hmDdpz+VjBHuFC2nCXT1+g xEXeKHdS8BVD+XdQADGX5g1nEzOKmZ3s+1syRVbVmO6K+cUQMECAGcg/ wDHVb3KfggGtKmEONeElA7RtPNWwtgGe3tNcIvuBiZ4BG+YJrUG+xquq wqNg4w==
651;; Received 1179 bytes from 199.7.91.13#53(d.root-servers.net) in 256 ms
652
653alemarahenglish.com. 172800 IN NS ns1.afraid.org.
654alemarahenglish.com. 172800 IN NS ns2.afraid.org.
655CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0Q1GIN43N1ARRC9OSM6QPQR81H5M9A NS SOA RRSIG DNSKEY NSEC3PARAM
656CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400 20191209054950 20191202043950 12163 com. S9i2P8sKc5s+dCJwh/UR7HlyuiRL5Iz6cCd3oPPV71iyHoYlqq7Q8qFO OVZj5tJP0BTXw9po8arg1iBmd5yJ7mpHCaVCKmY+dssg3fyfPlSl/lXd a4YL4xoHWNCa0Ow5Ywds7/AqtqDfhN0dnP6i+eaFD9rgrmfO6CVoto6B UYrEQbB2Es6vyUvE/ITtkZUI8wfOQjmLXp3jnQ7PUcWSdw==
6579M6JR3EDI6UIIF1TSUUPQ4QN2GO715BK.com. 86400 IN NSEC3 1 1 0 - 9M6K70GBMIKD04UPHML6EAV4LUSK24SL NS DS RRSIG
6589M6JR3EDI6UIIF1TSUUPQ4QN2GO715BK.com. 86400 IN RRSIG NSEC3 8 2 86400 20191208053726 20191201042726 12163 com. PJwQdn1ZID1agOyacdgvVHt9k6HqRwB8Dbh9LwMCPSBvFnXQqQOiDDlz K9oY9a4MB+YlO/LlVe3x2506NJaDFPngsjqEJlqOeMJHiVbNKH1wWy7P eV6frO8g8WnY558pfqgStNnly6aVE3ZJnTyGpmamwWnY7GJd3Q1fInjb EQn/KeB2SKwXM4UsGj9uxj4TuTZIihmD5h9pcyU8Dq1qEA==
659;; Received 643 bytes from 192.41.162.30#53(l.gtld-servers.net) in 145 ms
660
661alemarahenglish.com. 3600 IN A 93.113.37.250
662alemarahenglish.com. 3600 IN SOA ns1.afraid.org. dnsadmin.afraid.org. 1906160001 86400 7200 2419200 3600
663alemarahenglish.com. 3600 IN NS ns2.afraid.org.
664alemarahenglish.com. 3600 IN NS ns1.afraid.org.
665alemarahenglish.com. 3600 IN NS ns4.afraid.org.
666alemarahenglish.com. 3600 IN NS ns3.afraid.org.
667;; Received 339 bytes from 2607:f0d0:1102:d5::2#53(ns1.afraid.org) in 99 ms
668#######################################################################################################################################
669[*] Performing General Enumeration of Domain: alemarahenglish.com
670[-] DNSSEC is not configured for alemarahenglish.com
671[*] SOA ns1.afraid.org 50.23.197.94
672[*] NS ns4.afraid.org 174.128.246.102
673[*] Bind Version for 174.128.246.102 unknown
674[*] NS ns4.afraid.org 2610:150:bddb:d271::2
675[*] Bind Version for 2610:150:bddb:d271::2 unknown
676[*] NS ns3.afraid.org 69.197.18.161
677[*] Bind Version for 69.197.18.161 unknown
678[*] NS ns2.afraid.org 69.65.50.192
679[*] Bind Version for 69.65.50.192 unknown
680[*] NS ns2.afraid.org 2001:1850:1:5:800::6b
681[*] Bind Version for 2001:1850:1:5:800::6b unknown
682[*] NS ns1.afraid.org 50.23.197.94
683[*] Bind Version for 50.23.197.94 unknown
684[*] NS ns1.afraid.org 2607:f0d0:1102:d5::2
685[*] Bind Version for 2607:f0d0:1102:d5::2 unknown
686[-] Could not Resolve MX Records for alemarahenglish.com
687[*] A alemarahenglish.com 93.113.37.250
688[*] Enumerating SRV Records
689[-] No SRV Records Found for alemarahenglish.com
690[+] 0 Records Found
691######################################################################################################################################
692[*] Processing domain alemarahenglish.com
693[*] Using system resolvers ['185.93.180.131', '194.187.251.67', '38.132.106.139', '192.168.0.1', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a']
694[+] Getting nameservers
695174.128.246.102 - ns4.afraid.org
69669.197.18.161 - ns3.afraid.org
69769.65.50.192 - ns2.afraid.org
69850.23.197.94 - ns1.afraid.org
699[-] Zone transfer failed
700
701[*] Scanning alemarahenglish.com for A records
70293.113.37.250 - alemarahenglish.com
703127.0.0.1 - localhost.alemarahenglish.com
70493.113.37.250 - www.alemarahenglish.com
705
706#######################################################################################################################################
707Domains still to check: 1
708 Checking if the hostname alemarahenglish.com. given is in fact a domain...
709
710Analyzing domain: alemarahenglish.com.
711 Checking NameServers using system default resolver...
712 IP: 174.128.246.102 (United States)
713 HostName: ns4.afraid.org Type: NS
714 IP: 69.197.18.161 (United States)
715 HostName: ns3.afraid.org Type: NS
716 HostName: ns3.afraid.org Type: PTR
717 IP: 69.65.50.192 (United States)
718 HostName: ns2.afraid.org Type: NS
719 HostName: ns2.afraid.org Type: PTR
720 IP: 50.23.197.94 (United States)
721 HostName: ns1.afraid.org Type: NS
722 HostName: ns1.afraid.org Type: PTR
723
724 Checking MailServers using system default resolver...
725 WARNING!! There are no MX records for this domain
726
727 Checking the zone transfer for each NS... (if this takes more than 10 seconds, just hit CTRL-C and it will continue. Bug in the libs)
728 No zone transfer found on nameserver 69.197.18.161
729 No zone transfer found on nameserver 50.23.197.94
730 No zone transfer found on nameserver 174.128.246.102
731 No zone transfer found on nameserver 69.65.50.192
732
733 Checking SPF record...
734 No SPF record
735
736 Checking 192 most common hostnames using system default resolver...
737 IP: 93.113.37.250 (Romania)
738 HostName: www.alemarahenglish.com. Type: A
739
740 Checking with nmap the reverse DNS hostnames of every <ip>/24 netblock using system default resolver...
741 Checking netblock 69.197.18.0
742 Checking netblock 50.23.197.0
743 Checking netblock 93.113.37.0
744 Checking netblock 174.128.246.0
745 Checking netblock 69.65.50.0
746
747 Searching for alemarahenglish.com. emails in Google
748
749 Checking 5 active hosts using nmap... (nmap -sn -n -v -PP -PM -PS80,25 -PA -PY -PU53,40125 -PE --reason <ip> -oA <output_directory>/nmap/<ip>.sn)
750 Host 69.197.18.161 is up (reset ttl 64)
751 Host 50.23.197.94 is up (reset ttl 64)
752 Host 93.113.37.250 is up (reset ttl 64)
753 Host 174.128.246.102 is up (reset ttl 64)
754 Host 69.65.50.192 is up (reset ttl 64)
755
756 Checking ports on every active host using nmap... (nmap -O --reason --webxml --traceroute -sS -sV -sC -Pn -n -v -F <ip> -oA <output_directory>/nmap/<ip>)
757 Scanning ip 69.197.18.161 (ns3.afraid.org (PTR)):
758 Scanning ip 50.23.197.94 (ns1.afraid.org (PTR)):
759 53/tcp open domain syn-ack ttl 44 (unknown banner: unknown)
760 | dns-nsid:
761 |_ bind.version: unknown
762 | fingerprint-strings:
763 | DNSVersionBindReqTCP:
764 | version
765 | bind
766 |_ unknown
767 80/tcp open http syn-ack ttl 44 nginx
768 | http-methods:
769 |_ Supported Methods: GET
770 |_http-title: Welcome to nginx!
771 443/tcp open ssl/http syn-ack ttl 44 nginx
772 | http-methods:
773 |_ Supported Methods: HEAD POST
774 | http-robots.txt: 4 disallowed entries
775 | /zc.php /tools/contact.php /subdomain/edit.php
776 |_/password/
777 |_http-title: FreeDNS - Free DNS - Dynamic DNS - Static DNS subdomain and do...
778 | ssl-cert: Subject: commonName=freedns.afraid.org
779 | Subject Alternative Name: DNS:freedns.afraid.org, DNS:www.freedns.afraid.org
780 | Issuer: commonName=COMODO RSA Domain Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB
781 | Public Key type: rsa
782 | Public Key bits: 2048
783 | Signature Algorithm: sha256WithRSAEncryption
784 | Not valid before: 2018-07-20T00:00:00
785 | Not valid after: 2020-08-18T23:59:59
786 | MD5: 6c30 0f04 fd5b 93b5 2c91 c1c5 28b8 4524
787 |_SHA-1: 116b 5c31 91af 28c9 a5a2 caf1 e19a 4cc0 ef5d 1351
788 |_ssl-date: TLS randomness does not represent time
789 | tls-alpn:
790 |_ http/1.1
791 | tls-nextprotoneg:
792 |_ http/1.1
793 8080/tcp open http syn-ack ttl 44 nginx
794 |_http-title: Welcome to nginx!
795 Scanning ip 93.113.37.250 (www.alemarahenglish.com.):
796 Scanning ip 174.128.246.102 (ns4.afraid.org):
797 53/tcp open domain syn-ack ttl 47 (unknown banner: unknown)
798 | dns-nsid:
799 |_ bind.version: unknown
800 | fingerprint-strings:
801 | DNSVersionBindReqTCP:
802 | version
803 | bind
804 |_ unknown
805 Scanning ip 69.65.50.192 (ns2.afraid.org (PTR)):
806 53/tcp open domain syn-ack ttl 47 (unknown banner: unknown)
807 | dns-nsid:
808 |_ bind.version: unknown
809 | fingerprint-strings:
810 | DNSVersionBindReqTCP:
811 | version
812 | bind
813 |_ unknown
814 WebCrawling domain's web servers... up to 50 max links.
815
816 + URL to crawl: http://ns1.afraid.org
817 + Date: 2019-12-03
818
819 + Crawling URL: http://ns1.afraid.org:
820 + Links:
821 + Crawling http://ns1.afraid.org
822 + Searching for directories...
823 + Searching open folders...
824
825
826 + URL to crawl: https://ns1.afraid.org
827 + Date: 2019-12-03
828
829 + Crawling URL: https://ns1.afraid.org:
830 + Links:
831 + Crawling https://ns1.afraid.org
832 + Searching for directories...
833 + Searching open folders...
834
835
836 + URL to crawl: http://ns1.afraid.org:8080
837 + Date: 2019-12-03
838
839 + Crawling URL: http://ns1.afraid.org:8080:
840 + Links:
841 + Crawling http://ns1.afraid.org:8080
842 + Searching for directories...
843 + Searching open folders...
844
845--Finished--
846Summary information for domain alemarahenglish.com.
847-----------------------------------------
848
849 Domain Ips Information:
850 IP: 69.197.18.161
851 HostName: ns3.afraid.org Type: NS
852 HostName: ns3.afraid.org Type: PTR
853 Country: United States
854 Is Active: True (reset ttl 64)
855 IP: 50.23.197.94
856 HostName: ns1.afraid.org Type: NS
857 HostName: ns1.afraid.org Type: PTR
858 Country: United States
859 Is Active: True (reset ttl 64)
860 Port: 53/tcp open domain syn-ack ttl 44 (unknown banner: unknown)
861 Script Info: | dns-nsid:
862 Script Info: |_ bind.version: unknown
863 Script Info: | fingerprint-strings:
864 Script Info: | DNSVersionBindReqTCP:
865 Script Info: | version
866 Script Info: | bind
867 Script Info: |_ unknown
868 Port: 80/tcp open http syn-ack ttl 44 nginx
869 Script Info: | http-methods:
870 Script Info: |_ Supported Methods: GET
871 Script Info: |_http-title: Welcome to nginx!
872 Port: 443/tcp open ssl/http syn-ack ttl 44 nginx
873 Script Info: | http-methods:
874 Script Info: |_ Supported Methods: HEAD POST
875 Script Info: | http-robots.txt: 4 disallowed entries
876 Script Info: | /zc.php /tools/contact.php /subdomain/edit.php
877 Script Info: |_/password/
878 Script Info: |_http-title: FreeDNS - Free DNS - Dynamic DNS - Static DNS subdomain and do...
879 Script Info: | ssl-cert: Subject: commonName=freedns.afraid.org
880 Script Info: | Subject Alternative Name: DNS:freedns.afraid.org, DNS:www.freedns.afraid.org
881 Script Info: | Issuer: commonName=COMODO RSA Domain Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB
882 Script Info: | Public Key type: rsa
883 Script Info: | Public Key bits: 2048
884 Script Info: | Signature Algorithm: sha256WithRSAEncryption
885 Script Info: | Not valid before: 2018-07-20T00:00:00
886 Script Info: | Not valid after: 2020-08-18T23:59:59
887 Script Info: | MD5: 6c30 0f04 fd5b 93b5 2c91 c1c5 28b8 4524
888 Script Info: |_SHA-1: 116b 5c31 91af 28c9 a5a2 caf1 e19a 4cc0 ef5d 1351
889 Script Info: |_ssl-date: TLS randomness does not represent time
890 Script Info: | tls-alpn:
891 Script Info: |_ http/1.1
892 Script Info: | tls-nextprotoneg:
893 Script Info: |_ http/1.1
894 Port: 8080/tcp open http syn-ack ttl 44 nginx
895 Script Info: |_http-title: Welcome to nginx!
896 IP: 93.113.37.250
897 HostName: www.alemarahenglish.com. Type: A
898 Country: Romania
899 Is Active: True (reset ttl 64)
900 IP: 174.128.246.102
901 HostName: ns4.afraid.org Type: NS
902 Country: United States
903 Is Active: True (reset ttl 64)
904 Port: 53/tcp open domain syn-ack ttl 47 (unknown banner: unknown)
905 Script Info: | dns-nsid:
906 Script Info: |_ bind.version: unknown
907 Script Info: | fingerprint-strings:
908 Script Info: | DNSVersionBindReqTCP:
909 Script Info: | version
910 Script Info: | bind
911 Script Info: |_ unknown
912 IP: 69.65.50.192
913 HostName: ns2.afraid.org Type: NS
914 HostName: ns2.afraid.org Type: PTR
915 Country: United States
916 Is Active: True (reset ttl 64)
917 Port: 53/tcp open domain syn-ack ttl 47 (unknown banner: unknown)
918 Script Info: | dns-nsid:
919 Script Info: |_ bind.version: unknown
920 Script Info: | fingerprint-strings:
921 Script Info: | DNSVersionBindReqTCP:
922 Script Info: | version
923 Script Info: | bind
924 Script Info: |_ unknown
925######################################################################################################################################
926traceroute to alemarahenglish.com (93.113.37.250), 30 hops max, 60 byte packets
927 1 10.230.200.1 (10.230.200.1) 164.420 ms 164.410 ms 164.442 ms
928 2 * * *
929 3 te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49) 170.989 ms 171.003 ms 170.996 ms
930 4 be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249) 169.189 ms 169.195 ms 169.440 ms
931 5 be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190) 174.648 ms 174.576 ms 174.610 ms
932 6 be2281.ccr41.ham01.atlas.cogentco.com (154.54.63.1) 198.999 ms be2282.ccr42.ham01.atlas.cogentco.com (154.54.72.105) 176.531 ms be2281.ccr41.ham01.atlas.cogentco.com (154.54.63.1) 180.005 ms
933 7 be3029.ccr21.prg01.atlas.cogentco.com (154.54.59.62) 191.362 ms 192.687 ms 197.188 ms
934 8 be3044.ccr21.bts01.atlas.cogentco.com (154.54.59.98) 198.006 ms 194.092 ms be3045.ccr22.bts01.atlas.cogentco.com (154.54.59.106) 201.323 ms
935 9 be3263.ccr31.bud01.atlas.cogentco.com (154.54.59.178) 203.286 ms 200.619 ms be3261.ccr31.bud01.atlas.cogentco.com (130.117.3.138) 197.003 ms
93610 be3262.ccr31.buh01.atlas.cogentco.com (154.54.38.246) 209.381 ms 211.707 ms 206.691 ms
93711 149.6.51.74 (149.6.51.74) 330.125 ms 318.755 ms 317.354 ms
93812 10.10.21.6 (10.10.21.6) 210.414 ms 215.351 ms 215.314 ms
93913 ospf6509.ch-center.com (93.113.37.210) 211.517 ms 213.914 ms 213.284 ms
94014 * * *
941#######################################################################################################################################
942----- alemarahenglish.com -----
943
944
945Host's addresses:
946__________________
947
948alemarahenglish.com. 3492 IN A 93.113.37.250
949
950
951Name Servers:
952______________
953
954ns4.afraid.org. 84950 IN A 174.128.246.102
955ns3.afraid.org. 84950 IN A 69.197.18.161
956ns2.afraid.org. 85758 IN A 69.65.50.192
957ns1.afraid.org. 83789 IN A 50.23.197.94
958
959
960Mail (MX) Servers:
961___________________
962
963
964Brute forcing with /usr/share/dnsenum/dns.txt:
965_______________________________________________
966
967www.alemarahenglish.com. 3600 IN A 93.113.37.250
968
969
970Launching Whois Queries:
971_________________________
972
973 whois ip result: 93.113.37.0 -> 93.113.37.0/24
974
975
976alemarahenglish.com___________________
977
978 93.113.37.0/24
979######################################################################################################################################
980Starting Nmap 7.80 ( https://nmap.org ) at 2019-12-03 18:18 EST
981Nmap scan report for alemarahenglish.com (93.113.37.250)
982Host is up (0.14s latency).
983rDNS record for 93.113.37.250: adsla250.ch-clienti.ro
984
985PORT STATE SERVICE
98680/tcp closed http
987
988Nmap done: 1 IP address (1 host up) scanned in 0.72 seconds
989#######################################################################################################################################
990Starting Nmap 7.80 ( https://nmap.org ) at 2019-12-03 18:16 EST
991Nmap scan report for alemarahenglish.com (93.113.37.250)
992Host is up (0.14s latency).
993rDNS record for 93.113.37.250: adsla250.ch-clienti.ro
994Not shown: 988 filtered ports
995PORT STATE SERVICE
99620/tcp closed ftp-data
99721/tcp open ftp
99822/tcp open ssh
99953/tcp open domain
100080/tcp closed http
1001110/tcp open pop3
1002143/tcp open imap
1003443/tcp closed https
1004465/tcp open smtps
1005587/tcp open submission
1006993/tcp open imaps
1007995/tcp open pop3s
1008
1009Nmap done: 1 IP address (1 host up) scanned in 7.48 seconds
1010######################################################################################################################################
1011WARNING: Duplicate port number(s) specified. Are you alert enough to be using Nmap? Have some coffee or Jolt(tm).
1012Starting Nmap 7.80 ( https://nmap.org ) at 2019-12-03 17:06 EST
1013Nmap scan report for adsla250.ch-clienti.ro (93.113.37.250)
1014Host is up (0.18s latency).
1015Not shown: 482 filtered ports, 3 closed ports
1016Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
1017PORT STATE SERVICE
101821/tcp open ftp
101922/tcp open ssh
102053/tcp open domain
102180/tcp open http
1022110/tcp open pop3
1023143/tcp open imap
1024443/tcp open https
1025465/tcp open smtps
1026587/tcp open submission
1027993/tcp open imaps
1028995/tcp open pop3s
1029
1030Nmap done: 1 IP address (1 host up) scanned in 6.46 seconds
1031#######################################################################################################################################
1032Starting Nmap 7.80 ( https://nmap.org ) at 2019-12-03 17:06 EST
1033Nmap scan report for adsla250.ch-clienti.ro (93.113.37.250)
1034Host is up (0.14s latency).
1035Not shown: 2 filtered ports
1036PORT STATE SERVICE
103753/udp open domain
103867/udp open|filtered dhcps
103968/udp open|filtered dhcpc
104069/udp open|filtered tftp
104188/udp open|filtered kerberos-sec
1042123/udp open|filtered ntp
1043139/udp open|filtered netbios-ssn
1044161/udp open|filtered snmp
1045162/udp open|filtered snmptrap
1046389/udp open|filtered ldap
1047500/udp open|filtered isakmp
1048520/udp open|filtered route
10492049/udp open|filtered nfs
1050
1051Nmap done: 1 IP address (1 host up) scanned in 2.28 seconds
1052######################################################################################################################################
1053Starting Nmap 7.80 ( https://nmap.org ) at 2019-12-03 18:05 EST
1054Nmap scan report for alemarahenglish.com (93.113.37.250)
1055Host is up (0.41s latency).
1056rDNS record for 93.113.37.250: adsla250.ch-clienti.ro
1057Not shown: 985 filtered ports
1058PORT STATE SERVICE
105920/tcp closed ftp-data
106021/tcp open ftp
106122/tcp open ssh
106225/tcp closed smtp
106353/tcp open domain
106480/tcp closed http
1065110/tcp open pop3
1066139/tcp closed netbios-ssn
1067143/tcp open imap
1068443/tcp closed https
1069445/tcp closed microsoft-ds
1070465/tcp open smtps
1071587/tcp open submission
1072993/tcp open imaps
1073995/tcp open pop3s
1074
1075Host script results:
1076| dns-brute:
1077| DNS Brute-force hostnames:
1078|_ www.alemarahenglish.com - 93.113.37.250
1079#######################################################################################################################################
1080Starting Nmap 7.80 ( https://nmap.org ) at 2019-12-03 18:15 EST
1081Nmap scan report for alemarahenglish.com (93.113.37.250)
1082Host is up (0.14s latency).
1083rDNS record for 93.113.37.250: adsla250.ch-clienti.ro
1084Not shown: 985 filtered ports
1085PORT STATE SERVICE VERSION
108620/tcp closed ftp-data
108721/tcp open ftp Pure-FTPd
108822/tcp open ssh OpenSSH 5.3 (protocol 2.0)
108925/tcp closed smtp
109053/tcp open domain ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
109180/tcp closed http
1092110/tcp open pop3 Dovecot pop3d
1093139/tcp closed netbios-ssn
1094143/tcp open imap Dovecot imapd
1095443/tcp closed https
1096445/tcp closed microsoft-ds
1097465/tcp open ssl/smtp Exim smtpd 4.92
1098587/tcp open smtp Exim smtpd 4.92
1099993/tcp open ssl/imaps?
1100995/tcp open ssl/pop3s?
1101Service Info: Host: farsi.shahamat.info; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:6
1102######################################################################################################################################
1103Starting Nmap 7.80 ( https://nmap.org ) at 2019-12-03 18:20 EST
1104Nmap scan report for alemarahenglish.com (93.113.37.250)
1105Host is up (0.15s latency).
1106rDNS record for 93.113.37.250: adsla250.ch-clienti.ro
1107Not shown: 985 filtered ports
1108PORT STATE SERVICE VERSION
110920/tcp closed ftp-data
111021/tcp open ftp Pure-FTPd
1111| vulscan: VulDB - https://vuldb.com:
1112| [102925] Foscam C1 Indoor HD Camera 2.52.2.37 Web Management Interface pureftpd.passwd HTTP Request privilege escalation
1113| [57510] Pureftpd Pure-FTPd up to 0.x Memory Consumption denial of service
1114| [57504] Pureftpd Pure-FTPd up to 0.x ftp_parser.c Cleartext unknown vulnerability
1115|
1116| MITRE CVE - https://cve.mitre.org:
1117| [CVE-2004-0656] The accept_client function in PureFTPd 1.0.18 and earlier allows remote attackers to cause a denial of service by exceeding the maximum number of connections.
1118|
1119| SecurityFocus - https://www.securityfocus.com/bid/:
1120| [10664] PureFTPd Accept_Client Remote Denial of Service Vulnerability
1121|
1122| IBM X-Force - https://exchange.xforce.ibmcloud.com:
1123| No findings
1124|
1125| Exploit-DB - https://www.exploit-db.com:
1126| No findings
1127|
1128| OpenVAS (Nessus) - http://www.openvas.org:
1129| No findings
1130|
1131| SecurityTracker - https://www.securitytracker.com:
1132| [1010701] PureFTPd Logic Bug in accept_client() Lets Remote Users Crash the FTP Daemon
1133| [1008135] (Claim is Retracted) PureFTPd Buffer Overflow in displayrate() Lets Remote Users Crash the Service
1134| [1002993] PurePostPro Script Add-on for PureFTPd and MySQL Allows Remote Users to Execute SQL Commands on the Server
1135| [1001126] PureFTPd May Allow Remote Users to Deny Service on the Server
1136|
1137| OSVDB - http://www.osvdb.org:
1138| No findings
1139|_
114022/tcp open ssh OpenSSH 5.3 (protocol 2.0)
1141| vulscan: VulDB - https://vuldb.com:
1142| [80267] OpenSSH up to 5.x/6.x/7.1p1 Forward Option roaming_common.c roaming_read/roaming_write memory corruption
1143| [80266] OpenSSH up to 5.x/6.x/7.1p1 roaming_common.c resend_bytes information disclosure
1144| [4584] OpenSSH up to 5.7 auth-options.c information disclosure
1145| [4282] OpenSSH 5.6/5.7 Legacy Certificate memory corruption
1146|
1147| MITRE CVE - https://cve.mitre.org:
1148| [CVE-2006-0883] OpenSSH on FreeBSD 5.3 and 5.4, when used with OpenPAM, does not properly handle when a forked child process terminates during PAM authentication, which allows remote attackers to cause a denial of service (client connection refusal) by connecting multiple times to the SSH server, waiting for the password prompt, then disconnecting.
1149| [CVE-2012-0814] The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory.
1150| [CVE-2011-5000] The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.
1151| [CVE-2011-0539] The key_certify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow remote attackers to obtain sensitive stack memory contents or make it easier to conduct hash collision attacks.
1152| [CVE-2010-4755] The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632.
1153| [CVE-2010-4478] OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252.
1154| [CVE-2009-2904] A certain Red Hat modification to the ChrootDirectory feature in OpenSSH 4.8, as used in sshd in OpenSSH 4.3 in Red Hat Enterprise Linux (RHEL) 5.4 and Fedora 11, allows local users to gain privileges via hard links to setuid programs that use configuration files within the chroot directory, related to requirements for directory ownership.
1155| [CVE-2008-3844] Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.
1156| [CVE-2008-3259] OpenSSH before 5.1 sets the SO_REUSEADDR socket option when the X11UseLocalhost configuration setting is disabled, which allows local users on some platforms to hijack the X11 forwarding port via a bind to a single IP address, as demonstrated on the HP-UX platform.
1157|
1158| SecurityFocus - https://www.securityfocus.com/bid/:
1159| [102780] OpenSSH CVE-2016-10708 Multiple Denial of Service Vulnerabilities
1160| [101552] OpenSSH 'sftp-server.c' Remote Security Bypass Vulnerability
1161| [94977] OpenSSH CVE-2016-10011 Local Information Disclosure Vulnerability
1162| [94975] OpenSSH CVE-2016-10012 Security Bypass Vulnerability
1163| [94972] OpenSSH CVE-2016-10010 Privilege Escalation Vulnerability
1164| [94968] OpenSSH CVE-2016-10009 Remote Code Execution Vulnerability
1165| [93776] OpenSSH 'ssh/kex.c' Denial of Service Vulnerability
1166| [92212] OpenSSH CVE-2016-6515 Denial of Service Vulnerability
1167| [92210] OpenSSH CBC Padding Weak Encryption Security Weakness
1168| [92209] OpenSSH MAC Verification Security Bypass Vulnerability
1169| [91812] OpenSSH CVE-2016-6210 User Enumeration Vulnerability
1170| [90440] OpenSSH CVE-2004-1653 Remote Security Vulnerability
1171| [90340] OpenSSH CVE-2004-2760 Remote Security Vulnerability
1172| [89385] OpenSSH CVE-2005-2666 Local Security Vulnerability
1173| [88655] OpenSSH CVE-2001-1382 Remote Security Vulnerability
1174| [88513] OpenSSH CVE-2000-0999 Remote Security Vulnerability
1175| [88367] OpenSSH CVE-1999-1010 Local Security Vulnerability
1176| [87789] OpenSSH CVE-2003-0682 Remote Security Vulnerability
1177| [86187] OpenSSH 'session.c' Local Security Bypass Vulnerability
1178| [86144] OpenSSH CVE-2007-2768 Remote Security Vulnerability
1179| [84427] OpenSSH CVE-2016-1908 Security Bypass Vulnerability
1180| [84314] OpenSSH CVE-2016-3115 Remote Command Injection Vulnerability
1181| [84185] OpenSSH CVE-2006-4925 Denial-Of-Service Vulnerability
1182| [81293] OpenSSH CVE-2016-1907 Denial of Service Vulnerability
1183| [80698] OpenSSH CVE-2016-0778 Heap Based Buffer Overflow Vulnerability
1184| [80695] OpenSSH CVE-2016-0777 Information Disclosure Vulnerability
1185| [76497] OpenSSH CVE-2015-6565 Local Security Bypass Vulnerability
1186| [76317] OpenSSH PAM Support Multiple Remote Code Execution Vulnerabilities
1187| [75990] OpenSSH Login Handling Security Bypass Weakness
1188| [75525] OpenSSH 'x11_open_helper()' Function Security Bypass Vulnerability
1189| [71420] Portable OpenSSH 'gss-serv-krb5.c' Security Bypass Vulnerability
1190| [68757] OpenSSH Multiple Remote Denial of Service Vulnerabilities
1191| [66459] OpenSSH Certificate Validation Security Bypass Vulnerability
1192| [66355] OpenSSH 'child_set_env()' Function Security Bypass Vulnerability
1193| [65674] OpenSSH 'ssh-keysign.c' Local Information Disclosure Vulnerability
1194| [65230] OpenSSH 'schnorr.c' Remote Memory Corruption Vulnerability
1195| [63605] OpenSSH 'sshd' Process Remote Memory Corruption Vulnerability
1196| [61286] OpenSSH Remote Denial of Service Vulnerability
1197| [58894] GSI-OpenSSH PAM_USER Security Bypass Vulnerability
1198| [58162] OpenSSH CVE-2010-5107 Denial of Service Vulnerability
1199| [54114] OpenSSH 'ssh_gssapi_parse_ename()' Function Denial of Service Vulnerability
1200| [51702] Debian openssh-server Forced Command Handling Information Disclosure Vulnerability
1201| [50416] Linux Kernel 'kdump' and 'mkdumprd' OpenSSH Integration Remote Information Disclosure Vulnerability
1202| [49473] OpenSSH Ciphersuite Specification Information Disclosure Weakness
1203| [48507] OpenSSH 'pam_thread()' Remote Buffer Overflow Vulnerability
1204| [47691] Portable OpenSSH 'ssh-keysign' Local Unauthorized Access Vulnerability
1205| [46155] OpenSSH Legacy Certificate Signing Information Disclosure Vulnerability
1206| [45304] OpenSSH J-PAKE Security Bypass Vulnerability
1207| [36552] Red Hat Enterprise Linux OpenSSH 'ChrootDirectory' Option Local Privilege Escalation Vulnerability
1208| [32319] OpenSSH CBC Mode Information Disclosure Vulnerability
1209| [30794] Red Hat OpenSSH Backdoor Vulnerability
1210| [30339] OpenSSH 'X11UseLocalhost' X11 Forwarding Session Hijacking Vulnerability
1211| [30276] Debian OpenSSH SELinux Privilege Escalation Vulnerability
1212| [28531] OpenSSH ForceCommand Command Execution Weakness
1213| [28444] OpenSSH X Connections Session Hijacking Vulnerability
1214| [26097] OpenSSH LINUX_AUDIT_RECORD_EVENT Remote Log Injection Weakness
1215| [25628] OpenSSH X11 Cookie Local Authentication Bypass Vulnerability
1216| [23601] OpenSSH S/Key Remote Information Disclosure Vulnerability
1217| [20956] OpenSSH Privilege Separation Key Signature Weakness
1218| [20418] OpenSSH-Portable Existing Password Remote Information Disclosure Weakness
1219| [20245] OpenSSH-Portable GSSAPI Authentication Abort Information Disclosure Weakness
1220| [20241] Portable OpenSSH GSSAPI Remote Code Execution Vulnerability
1221| [20216] OpenSSH Duplicated Block Remote Denial of Service Vulnerability
1222| [16892] OpenSSH Remote PAM Denial Of Service Vulnerability
1223| [14963] OpenSSH LoginGraceTime Remote Denial Of Service Vulnerability
1224| [14729] OpenSSH GSSAPI Credential Disclosure Vulnerability
1225| [14727] OpenSSH DynamicForward Inadvertent GatewayPorts Activation Vulnerability
1226| [11781] OpenSSH-portable PAM Authentication Remote Information Disclosure Vulnerability
1227| [9986] RCP, OpenSSH SCP Client File Corruption Vulnerability
1228| [9040] OpenSSH PAM Conversation Memory Scrubbing Weakness
1229| [8677] Multiple Portable OpenSSH PAM Vulnerabilities
1230| [8628] OpenSSH Buffer Mismanagement Vulnerabilities
1231| [7831] OpenSSH Reverse DNS Lookup Access Control Bypass Vulnerability
1232| [7482] OpenSSH Remote Root Authentication Timing Side-Channel Weakness
1233| [7467] OpenSSH-portable Enabled PAM Delay Information Disclosure Vulnerability
1234| [7343] OpenSSH Authentication Execution Path Timing Information Leakage Weakness
1235| [6168] OpenSSH Visible Password Vulnerability
1236| [5374] OpenSSH Trojan Horse Vulnerability
1237| [5093] OpenSSH Challenge-Response Buffer Overflow Vulnerabilities
1238| [4560] OpenSSH Kerberos 4 TGT/AFS Token Buffer Overflow Vulnerability
1239| [4241] OpenSSH Channel Code Off-By-One Vulnerability
1240| [3614] OpenSSH UseLogin Environment Variable Passing Vulnerability
1241| [3560] OpenSSH Kerberos Arbitrary Privilege Elevation Vulnerability
1242| [3369] OpenSSH Key Based Source IP Access Control Bypass Vulnerability
1243| [3345] OpenSSH SFTP Command Restriction Bypassing Vulnerability
1244| [2917] OpenSSH PAM Session Evasion Vulnerability
1245| [2825] OpenSSH Client X11 Forwarding Cookie Removal File Symbolic Link Vulnerability
1246| [2356] OpenSSH Private Key Authentication Check Vulnerability
1247| [1949] OpenSSH Client Unauthorized Remote Forwarding Vulnerability
1248| [1334] OpenSSH UseLogin Vulnerability
1249|
1250| IBM X-Force - https://exchange.xforce.ibmcloud.com:
1251| [83258] GSI-OpenSSH auth-pam.c security bypass
1252| [82781] OpenSSH time limit denial of service
1253| [82231] OpenSSH pam_ssh_agent_auth PAM code execution
1254| [74809] OpenSSH ssh_gssapi_parse_ename denial of service
1255| [72756] Debian openssh-server commands information disclosure
1256| [68339] OpenSSH pam_thread buffer overflow
1257| [67264] OpenSSH ssh-keysign unauthorized access
1258| [65910] OpenSSH remote_glob function denial of service
1259| [65163] OpenSSH certificate information disclosure
1260| [64387] OpenSSH J-PAKE security bypass
1261| [63337] Cisco Unified Videoconferencing OpenSSH weak security
1262| [46620] OpenSSH and multiple SSH Tectia products CBC mode information disclosure
1263| [45202] OpenSSH signal handler denial of service
1264| [44747] RHEL OpenSSH backdoor
1265| [44280] OpenSSH PermitRootLogin information disclosure
1266| [44279] OpenSSH sshd weak security
1267| [44037] OpenSSH sshd SELinux role unauthorized access
1268| [43940] OpenSSH X11 forwarding information disclosure
1269| [41549] OpenSSH ForceCommand directive security bypass
1270| [41438] OpenSSH sshd session hijacking
1271| [40897] OpenSSH known_hosts weak security
1272| [40587] OpenSSH username weak security
1273| [37371] OpenSSH username data manipulation
1274| [37118] RHSA update for OpenSSH privilege separation monitor authentication verification weakness not installed
1275| [37112] RHSA update for OpenSSH signal handler race condition not installed
1276| [37107] RHSA update for OpenSSH identical block denial of service not installed
1277| [36637] OpenSSH X11 cookie privilege escalation
1278| [35167] OpenSSH packet.c newkeys[mode] denial of service
1279| [34490] OpenSSH OPIE information disclosure
1280| [33794] OpenSSH ChallengeResponseAuthentication information disclosure
1281| [32975] Apple Mac OS X OpenSSH denial of service
1282| [32387] RHSA-2006:0738 updates for openssh not installed
1283| [32359] RHSA-2006:0697 updates for openssh not installed
1284| [32230] RHSA-2006:0298 updates for openssh not installed
1285| [32132] RHSA-2006:0044 updates for openssh not installed
1286| [30120] OpenSSH privilege separation monitor authentication verification weakness
1287| [29255] OpenSSH GSSAPI user enumeration
1288| [29254] OpenSSH signal handler race condition
1289| [29158] OpenSSH identical block denial of service
1290| [28147] Apple Mac OS X OpenSSH nonexistent user login denial of service
1291| [25116] OpenSSH OpenPAM denial of service
1292| [24305] OpenSSH SCP shell expansion command execution
1293| [22665] RHSA-2005:106 updates for openssh not installed
1294| [22117] OpenSSH GSSAPI allows elevated privileges
1295| [22115] OpenSSH GatewayPorts security bypass
1296| [20930] OpenSSH sshd.c LoginGraceTime denial of service
1297| [19441] Sun Solaris OpenSSH LDAP (1) client authentication denial of service
1298| [17213] OpenSSH allows port bouncing attacks
1299| [16323] OpenSSH scp file overwrite
1300| [13797] OpenSSH PAM information leak
1301| [13271] OpenSSH could allow an attacker to corrupt the PAM conversion stack
1302| [13264] OpenSSH PAM code could allow an attacker to gain access
1303| [13215] OpenSSH buffer management errors could allow an attacker to execute code
1304| [13214] OpenSSH memory vulnerabilities
1305| [13191] OpenSSH large packet buffer overflow
1306| [12196] OpenSSH could allow an attacker to bypass login restrictions
1307| [11970] OpenSSH could allow an attacker to obtain valid administrative account
1308| [11902] OpenSSH PAM support enabled information leak
1309| [9803] OpenSSH "
1310| [9763] OpenSSH downloaded from the OpenBSD FTP site or OpenBSD FTP mirror sites could contain a Trojan Horse
1311| [9307] OpenSSH is running on the system
1312| [9169] OpenSSH "
1313| [8896] OpenSSH Kerberos 4 TGT/AFS buffer overflow
1314| [8697] FreeBSD libutil in OpenSSH fails to drop privileges prior to using the login class capability database
1315| [8383] OpenSSH off-by-one error in channel code
1316| [7647] OpenSSH UseLogin option arbitrary code execution
1317| [7634] OpenSSH using sftp and restricted keypairs could allow an attacker to bypass restrictions
1318| [7598] OpenSSH with Kerberos allows attacker to gain elevated privileges
1319| [7179] OpenSSH source IP access control bypass
1320| [6757] OpenSSH "
1321| [6676] OpenSSH X11 forwarding symlink attack could allow deletion of arbitrary files
1322| [6084] OpenSSH 2.3.1 allows remote users to bypass authentication
1323| [5517] OpenSSH allows unauthorized access to resources
1324| [4646] OpenSSH UseLogin option allows remote users to execute commands as root
1325|
1326| Exploit-DB - https://www.exploit-db.com:
1327| [21579] OpenSSH 3.x Challenge-Response Buffer Overflow Vulnerabilities (2)
1328| [21578] OpenSSH 3.x Challenge-Response Buffer Overflow Vulnerabilities (1)
1329| [21402] OpenSSH 2.x/3.x Kerberos 4 TGT/AFS Token Buffer Overflow Vulnerability
1330| [21314] OpenSSH 2.x/3.0.1/3.0.2 Channel Code Off-By-One Vulnerability
1331| [20253] OpenSSH 1.2 scp File Create/Overwrite Vulnerability
1332| [17462] FreeBSD OpenSSH 3.5p1 - Remote Root Exploit
1333| [14866] Novell Netware 6.5 - OpenSSH Remote Stack Overflow
1334| [6094] Debian OpenSSH Remote SELinux Privilege Elevation Exploit (auth)
1335| [3303] Portable OpenSSH <= 3.6.1p-PAM / 4.1-SUSE Timing Attack Exploit
1336| [2444] OpenSSH <= 4.3 p1 (Duplicated Block) Remote Denial of Service Exploit
1337| [1572] Dropbear / OpenSSH Server (MAX_UNAUTH_CLIENTS) Denial of Service
1338| [258] glibc-2.2 and openssh-2.3.0p1 exploits glibc => 2.1.9x
1339| [26] OpenSSH/PAM <= 3.6.1p1 Remote Users Ident (gossh.sh)
1340| [25] OpenSSH/PAM <= 3.6.1p1 Remote Users Discovery Tool
1341|
1342| OpenVAS (Nessus) - http://www.openvas.org:
1343| [902488] OpenSSH 'sshd' GSSAPI Credential Disclosure Vulnerability
1344| [900179] OpenSSH CBC Mode Information Disclosure Vulnerability
1345| [881183] CentOS Update for openssh CESA-2012:0884 centos6
1346| [880802] CentOS Update for openssh CESA-2009:1287 centos5 i386
1347| [880746] CentOS Update for openssh CESA-2009:1470 centos5 i386
1348| [870763] RedHat Update for openssh RHSA-2012:0884-04
1349| [870129] RedHat Update for openssh RHSA-2008:0855-01
1350| [861813] Fedora Update for openssh FEDORA-2010-5429
1351| [861319] Fedora Update for openssh FEDORA-2007-395
1352| [861170] Fedora Update for openssh FEDORA-2007-394
1353| [861012] Fedora Update for openssh FEDORA-2007-715
1354| [840345] Ubuntu Update for openssh vulnerability USN-597-1
1355| [840300] Ubuntu Update for openssh update USN-612-5
1356| [840271] Ubuntu Update for openssh vulnerability USN-612-2
1357| [840268] Ubuntu Update for openssh update USN-612-7
1358| [840259] Ubuntu Update for openssh vulnerabilities USN-649-1
1359| [840214] Ubuntu Update for openssh vulnerability USN-566-1
1360| [831074] Mandriva Update for openssh MDVA-2010:162 (openssh)
1361| [830929] Mandriva Update for openssh MDVA-2010:090 (openssh)
1362| [830807] Mandriva Update for openssh MDVA-2010:026 (openssh)
1363| [830603] Mandriva Update for openssh MDVSA-2008:098 (openssh)
1364| [830523] Mandriva Update for openssh MDVSA-2008:078 (openssh)
1365| [830317] Mandriva Update for openssh-askpass-qt MDKA-2007:127 (openssh-askpass-qt)
1366| [830191] Mandriva Update for openssh MDKSA-2007:236 (openssh)
1367| [802407] OpenSSH 'sshd' Challenge Response Authentication Buffer Overflow Vulnerability
1368| [103503] openssh-server Forced Command Handling Information Disclosure Vulnerability
1369| [103247] OpenSSH Ciphersuite Specification Information Disclosure Weakness
1370| [103064] OpenSSH Legacy Certificate Signing Information Disclosure Vulnerability
1371| [100584] OpenSSH X Connections Session Hijacking Vulnerability
1372| [100153] OpenSSH CBC Mode Information Disclosure Vulnerability
1373| [66170] CentOS Security Advisory CESA-2009:1470 (openssh)
1374| [65987] SLES10: Security update for OpenSSH
1375| [65819] SLES10: Security update for OpenSSH
1376| [65514] SLES9: Security update for OpenSSH
1377| [65513] SLES9: Security update for OpenSSH
1378| [65334] SLES9: Security update for OpenSSH
1379| [65248] SLES9: Security update for OpenSSH
1380| [65218] SLES9: Security update for OpenSSH
1381| [65169] SLES9: Security update for openssh,openssh-askpass
1382| [65126] SLES9: Security update for OpenSSH
1383| [65019] SLES9: Security update for OpenSSH
1384| [65015] SLES9: Security update for OpenSSH
1385| [64931] CentOS Security Advisory CESA-2009:1287 (openssh)
1386| [61639] Debian Security Advisory DSA 1638-1 (openssh)
1387| [61030] Debian Security Advisory DSA 1576-2 (openssh)
1388| [61029] Debian Security Advisory DSA 1576-1 (openssh)
1389| [60840] FreeBSD Security Advisory (FreeBSD-SA-08:05.openssh.asc)
1390| [60803] Gentoo Security Advisory GLSA 200804-03 (openssh)
1391| [60667] Slackware Advisory SSA:2008-095-01 openssh
1392| [59014] Slackware Advisory SSA:2007-255-01 openssh
1393| [58741] Gentoo Security Advisory GLSA 200711-02 (openssh)
1394| [57919] Gentoo Security Advisory GLSA 200611-06 (openssh)
1395| [57895] Gentoo Security Advisory GLSA 200609-17 (openssh)
1396| [57585] Debian Security Advisory DSA 1212-1 (openssh (1:3.8.1p1-8.sarge.6))
1397| [57492] Slackware Advisory SSA:2006-272-02 openssh
1398| [57483] Debian Security Advisory DSA 1189-1 (openssh-krb5)
1399| [57476] FreeBSD Security Advisory (FreeBSD-SA-06:22.openssh.asc)
1400| [57470] FreeBSD Ports: openssh
1401| [56352] FreeBSD Security Advisory (FreeBSD-SA-06:09.openssh.asc)
1402| [56330] Gentoo Security Advisory GLSA 200602-11 (OpenSSH)
1403| [56294] Slackware Advisory SSA:2006-045-06 openssh
1404| [53964] Slackware Advisory SSA:2003-266-01 New OpenSSH packages
1405| [53885] Slackware Advisory SSA:2003-259-01 OpenSSH Security Advisory
1406| [53884] Slackware Advisory SSA:2003-260-01 OpenSSH updated again
1407| [53788] Debian Security Advisory DSA 025-1 (openssh)
1408| [52638] FreeBSD Security Advisory (FreeBSD-SA-03:15.openssh.asc)
1409| [52635] FreeBSD Security Advisory (FreeBSD-SA-03:12.openssh.asc)
1410| [11343] OpenSSH Client Unauthorized Remote Forwarding
1411| [10954] OpenSSH AFS/Kerberos ticket/token passing
1412| [10883] OpenSSH Channel Code Off by 1
1413| [10823] OpenSSH UseLogin Environment Variables
1414|
1415| SecurityTracker - https://www.securitytracker.com:
1416| [1028187] OpenSSH pam_ssh_agent_auth Module on Red Hat Enterprise Linux Lets Remote Users Execute Arbitrary Code
1417| [1026593] OpenSSH Lets Remote Authenticated Users Obtain Potentially Sensitive Information
1418| [1025739] OpenSSH on FreeBSD Has Buffer Overflow in pam_thread() That Lets Remote Users Execute Arbitrary Code
1419| [1025482] OpenSSH ssh-keysign Utility Lets Local Users Gain Elevated Privileges
1420| [1025028] OpenSSH Legacy Certificates May Disclose Stack Contents to Remote Users
1421| [1022967] OpenSSH on Red Hat Enterprise Linux Lets Remote Authenticated Users Gain Elevated Privileges
1422| [1021235] OpenSSH CBC Mode Error Handling May Let Certain Remote Users Obtain Plain Text in Certain Cases
1423| [1020891] OpenSSH on Debian Lets Remote Users Prevent Logins
1424| [1020730] OpenSSH for Red Hat Enterprise Linux Packages May Have Been Compromised
1425| [1020537] OpenSSH on HP-UX Lets Local Users Hijack X11 Sessions
1426| [1019733] OpenSSH Unsafe Default Configuration May Let Local Users Execute Arbitrary Commands
1427| [1019707] OpenSSH Lets Local Users Hijack Forwarded X Sessions in Certain Cases
1428| [1017756] Apple OpenSSH Key Generation Process Lets Remote Users Deny Service
1429| [1017183] OpenSSH Privilege Separation Monitor Validation Error May Cause the Monitor to Fail to Properly Control the Unprivileged Process
1430| [1016940] OpenSSH Race Condition in Signal Handler Lets Remote Users Deny Service and May Potentially Permit Code Execution
1431| [1016939] OpenSSH GSSAPI Authentication Abort Error Lets Remote Users Determine Valid Usernames
1432| [1016931] OpenSSH SSH v1 CRC Attack Detection Implementation Lets Remote Users Deny Service
1433| [1016672] OpenSSH on Mac OS X Lets Remote Users Deny Service
1434| [1015706] OpenSSH Interaction With OpenPAM Lets Remote Users Deny Service
1435| [1015540] OpenSSH scp Double Shell Character Expansion During Local-to-Local Copying May Let Local Users Gain Elevated Privileges in Certain Cases
1436| [1014845] OpenSSH May Unexpectedly Activate GatewayPorts and Also May Disclose GSSAPI Credentials in Certain Cases
1437| [1011193] OpenSSH scp Directory Traversal Flaw Lets Remote SSH Servers Overwrite Files in Certain Cases
1438| [1011143] OpenSSH Default Configuration May Be Unsafe When Used With Anonymous SSH Services
1439| [1007791] Portable OpenSSH PAM free() Bug May Let Remote Users Execute Root Code
1440| [1007716] OpenSSH buffer_append_space() and Other Buffer Management Errors May Let Remote Users Execute Arbitrary Code
1441| [1006926] OpenSSH Host Access Restrictions Can Be Bypassed By Remote Users
1442| [1006688] OpenSSH Timing Flaw With Pluggable Authentication Modules Can Disclose Valid User Account Names to Remote Users
1443| [1004818] OpenSSH's Secure Shell (SSH) Implementation Weakness May Disclose User Passwords to Remote Users During Man-in-the-Middle Attacks
1444| [1004616] OpenSSH Integer Overflow and Buffer Overflow May Allow Remote Users to Gain Root Access to the System
1445| [1004391] OpenSSH 'BSD_AUTH' Access Control Bug May Allow Unauthorized Remote Users to Authenticated to the System
1446| [1004115] OpenSSH Buffer Overflow in Kerberos Ticket and AFS Token Processing Lets Local Users Execute Arbitrary Code With Root Level Permissions
1447| [1003758] OpenSSH Off-by-one 'Channels' Bug May Let Authorized Remote Users Execute Arbitrary Code with Root Privileges
1448| [1002895] OpenSSH UseLogin Environment Variable Bug Lets Local Users Execute Commands and Gain Root Access
1449| [1002748] OpenSSH 3.0 Denial of Service Condition May Allow Remote Users to Crash the sshd Daemon and KerberosV Configuration Error May Allow Remote Users to Partially Authenticate When Authentication Should Not Be Permitted
1450| [1002734] OpenSSH's S/Key Implementation Information Disclosure Flaw Provides Remote Users With Information About Valid User Accounts
1451| [1002455] OpenSSH May Fail to Properly Restrict IP Addresses in Certain Configurations
1452| [1002432] OpenSSH's Sftp-server Subsystem Lets Authorized Remote Users with Restricted Keypairs Obtain Additional Access on the Server
1453| [1001683] OpenSSH Allows Authorized Users to Delete Other User Files Named Cookies
1454|
1455| OSVDB - http://www.osvdb.org:
1456| [92034] GSI-OpenSSH auth-pam.c Memory Management Authentication Bypass
1457| [90474] Red Hat / Fedora PAM Module for OpenSSH Incorrect error() Function Calling Local Privilege Escalation
1458| [90007] OpenSSH logingracetime / maxstartup Threshold Connection Saturation Remote DoS
1459| [81500] OpenSSH gss-serv.c ssh_gssapi_parse_ename Function Field Length Value Parsing Remote DoS
1460| [78706] OpenSSH auth-options.c sshd auth_parse_options Function authorized_keys Command Option Debug Message Information Disclosure
1461| [75753] OpenSSH PAM Module Aborted Conversation Local Information Disclosure
1462| [75249] OpenSSH sftp-glob.c remote_glob Function Glob Expression Parsing Remote DoS
1463| [75248] OpenSSH sftp.c process_put Function Glob Expression Parsing Remote DoS
1464| [72183] Portable OpenSSH ssh-keysign ssh-rand-helper Utility File Descriptor Leak Local Information Disclosure
1465| [70873] OpenSSH Legacy Certificates Stack Memory Disclosure
1466| [69658] OpenSSH J-PAKE Public Parameter Validation Shared Secret Authentication Bypass
1467| [67743] Novell NetWare OpenSSH SSHD.NLM Absolute Path Handling Remote Overflow
1468| [59353] OpenSSH sshd Local TCP Redirection Connection Masking Weakness
1469| [58495] OpenSSH sshd ChrootDirectory Feature SetUID Hard Link Local Privilege Escalation
1470| [56921] OpenSSH Unspecified Remote Compromise
1471| [53021] OpenSSH on ftp.openbsd.org Trojaned Distribution
1472| [50036] OpenSSH CBC Mode Chosen Ciphertext 32-bit Chunk Plaintext Context Disclosure
1473| [49386] OpenSSH sshd TCP Connection State Remote Account Enumeration
1474| [48791] OpenSSH on Debian sshd Crafted Username Arbitrary Remote SELinux Role Access
1475| [47635] OpenSSH Packages on Red Hat Enterprise Linux Compromised Distribution
1476| [47227] OpenSSH X11UseLocalhost X11 Forwarding Port Hijacking
1477| [45873] Cisco WebNS SSHield w/ OpenSSH Crafted Large Packet Remote DoS
1478| [43911] OpenSSH ~/.ssh/rc ForceCommand Bypass Arbitrary Command Execution
1479| [43745] OpenSSH X11 Forwarding Local Session Hijacking
1480| [43371] OpenSSH Trusted X11 Cookie Connection Policy Bypass
1481| [39214] OpenSSH linux_audit_record_event Crafted Username Audit Log Injection
1482| [37315] pam_usb OpenSSH Authentication Unspecified Issue
1483| [34850] OpenSSH on Mac OS X Key Generation Remote Connection DoS
1484| [34601] OPIE w/ OpenSSH Account Enumeration
1485| [34600] OpenSSH S/KEY Authentication Account Enumeration
1486| [32721] OpenSSH Username Password Complexity Account Enumeration
1487| [30232] OpenSSH Privilege Separation Monitor Weakness
1488| [29494] OpenSSH packet.c Invalid Protocol Sequence Remote DoS
1489| [29266] OpenSSH GSSAPI Authentication Abort Username Enumeration
1490| [29264] OpenSSH Signal Handler Pre-authentication Race Condition Code Execution
1491| [29152] OpenSSH Identical Block Packet DoS
1492| [27745] Apple Mac OS X OpenSSH Nonexistent Account Login Enumeration DoS
1493| [23797] OpenSSH with OpenPAM Connection Saturation Forked Process Saturation DoS
1494| [22692] OpenSSH scp Command Line Filename Processing Command Injection
1495| [20216] OpenSSH with KerberosV Remote Authentication Bypass
1496| [19142] OpenSSH Multiple X11 Channel Forwarding Leaks
1497| [19141] OpenSSH GSSAPIAuthentication Credential Escalation
1498| [18236] OpenSSH no pty Command Execution Local PAM Restriction Bypass
1499| [16567] OpenSSH Privilege Separation LoginGraceTime DoS
1500| [16039] Solaris 108994 Series Patch OpenSSH LDAP Client Authentication DoS
1501| [9562] OpenSSH Default Configuration Anon SSH Service Port Bounce Weakness
1502| [9550] OpenSSH scp Traversal Arbitrary File Overwrite
1503| [6601] OpenSSH *realloc() Unspecified Memory Errors
1504| [6245] OpenSSH SKEY/BSD_AUTH Challenge-Response Remote Overflow
1505| [6073] OpenSSH on FreeBSD libutil Arbitrary File Read
1506| [6072] OpenSSH PAM Conversation Function Stack Modification
1507| [6071] OpenSSH SSHv1 PAM Challenge-Response Authentication Privilege Escalation
1508| [5536] OpenSSH sftp-server Restricted Keypair Restriction Bypass
1509| [5408] OpenSSH echo simulation Information Disclosure
1510| [5113] OpenSSH NIS YP Netgroups Authentication Bypass
1511| [4536] OpenSSH Portable AIX linker Privilege Escalation
1512| [3938] OpenSSL and OpenSSH /dev/random Check Failure
1513| [3456] OpenSSH buffer_append_space() Heap Corruption
1514| [2557] OpenSSH Multiple Buffer Management Multiple Overflows
1515| [2140] OpenSSH w/ PAM Username Validity Timing Attack
1516| [2112] OpenSSH Reverse DNS Lookup Bypass
1517| [2109] OpenSSH sshd Root Login Timing Side-Channel Weakness
1518| [1853] OpenSSH Symbolic Link 'cookies' File Removal
1519| [839] OpenSSH PAMAuthenticationViaKbdInt Challenge-Response Remote Overflow
1520| [781] OpenSSH Kerberos TGT/AFS Token Passing Remote Overflow
1521| [730] OpenSSH Channel Code Off by One Remote Privilege Escalation
1522| [688] OpenSSH UseLogin Environment Variable Local Command Execution
1523| [642] OpenSSH Multiple Key Type ACL Bypass
1524| [504] OpenSSH SSHv2 Public Key Authentication Bypass
1525| [341] OpenSSH UseLogin Local Privilege Escalation
1526|_
152725/tcp closed smtp
152853/tcp open domain ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
1529| vulscan: VulDB - https://vuldb.com:
1530| [93249] ISC BIND up to 9.8.x/9.9.9-P3/9.9.9-S5/9.10.4-P3/9.11.0 DNAME Response db.c denial of service
1531| [93015] ISC BIND up to 9.8.4/9.9.2 Packet Option DNS Packet Crash denial of service
1532| [80354] ISC BIND up to 9.8.8/9.9.8-P2/9.9.8-S3/9.10.3-P2 Address Prefix List apl_42.c denial of service
1533| [77552] ISC BIND up to 9.8.8/9.9.7-P2/9.10.2-P3 OpenPGP Key openpgpkey_61.c denial of service
1534| [77551] ISC BIND up to 9.8.8/9.9.7-P2/9.10.2-P3 DNSSEC Key buffer.c denial of service
1535| [13184] ISC BIND 9.8.1-P1 Smoothed Round Trip Time Algorithm DNS spoofing
1536| [9946] ISC BIND 9.8.1-P1 SRTT Algorithm privilege escalation
1537| [4443] ISC BIND up to 9.8.x Recursive Query Processor denial of service
1538| [57895] ISC BIND 9.8.0/9.8.1 Crash denial of service
1539| [4357] ISC BIND up to 9.8.x Negative Caching RRSIG RRsets denial of service
1540| [57404] ISC BIND 9.8.0 denial of service
1541| [135686] Bosch Smart Home Controller up to 9.8 Backup information disclosure
1542| [135684] Bosch Smart Home Controller up to 9.8 JSON-RPC Interface information disclosure
1543| [129940] Adobe Connect up to 9.8.1 Session Token information disclosure
1544| [117535] Synacor Zimbra Collaboration up to 8.6.0 Patch 9/8.7.11 Patch 2/8.8.7 mailboxd Error information disclosure
1545| [11371] Cisco ONS 15454 9.8.0 Controller Card denial of service
1546|
1547| MITRE CVE - https://cve.mitre.org:
1548| [CVE-2013-4854] The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.
1549| [CVE-2013-3919] resolver.c in ISC BIND 9.8.5 before 9.8.5-P1, 9.9.3 before 9.9.3-P1, and 9.6-ESV-R9 before 9.6-ESV-R9-P1, when a recursive resolver is configured, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a record in a malformed zone.
1550| [CVE-2013-2266] libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process.
1551| [CVE-2012-5689] ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record.
1552| [CVE-2012-5688] ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.
1553| [CVE-2012-5166] ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before 9.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows remote attackers to cause a denial of service (named daemon hang) via unspecified combinations of resource records.
1554| [CVE-2012-4244] ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P3 allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a long resource record.
1555| [CVE-2012-1667] ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service (daemon crash or data corruption) or obtain sensitive information from process memory via a crafted record.
1556| [CVE-2012-1033] The resolver in ISC BIND 9 through 9.8.1-P1 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack.
1557| [CVE-2011-4313] query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver.
1558| [CVE-2011-2465] Unspecified vulnerability in ISC BIND 9 9.8.0, 9.8.0-P1, 9.8.0-P2, and 9.8.1b1, when recursion is enabled and the Response Policy Zone (RPZ) contains DNAME or certain CNAME records, allows remote attackers to cause a denial of service (named daemon crash) via an unspecified query.
1559| [CVE-2011-2464] Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service (named daemon crash) via a crafted UPDATE request.
1560| [CVE-2011-1910] Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service (assertion failure and daemon exit) via a negative response containing large RRSIG RRsets.
1561| [CVE-2011-1907] ISC BIND 9.8.x before 9.8.0-P1, when Response Policy Zones (RPZ) RRset replacement is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an RRSIG query.
1562| [CVE-2010-1567] The SIP implementation on the Cisco PGW 2200 Softswitch with software before 9.8(1)S5 allows remote attackers to cause a denial of service (device crash) via a malformed header, aka Bug ID CSCsz13590.
1563|
1564| SecurityFocus - https://www.securityfocus.com/bid/:
1565| [48264] Aastra 9480i CT Multiple Information Disclosure Vulnerabilities
1566| [61774] ISC BIND 9 SRTT Algorithm Authoritative Server Selection Security Vulnerability
1567| [61479] ISC BIND 9 DNS RDATA Handling CVE-2013-4854 Remote Denial of Service Vulnerability
1568| [58736] ISC BIND 9 'libdns' Remote Denial of Service Vulnerability
1569| [57556] ISC BIND 9 DNS64 CVE-2012-5689 Remote Denial of Service Vulnerability
1570| [56817] ISC BIND 9 DNS64 Remote Denial of Service Vulnerability
1571| [55852] ISC BIND 9 DNS RDATA Handling CVE-2012-5166 Remote Denial of Service Vulnerability
1572| [55522] ISC BIND 9 DNS Resource Records Handling CVE-2012-4244 Remote Denial of Service Vulnerability
1573| [54659] ISC BIND 9 TCP Query Remote Denial of Service Vulnerability
1574| [54658] ISC BIND 9 DNSSEC Validation CVE-2012-3817 Denial of Service Vulnerability
1575| [53772] ISC BIND 9 DNS Resource Records Handling Remote Denial of Service Vulnerability
1576| [50690] ISC BIND 9 Recursive Queries Remote Denial of Service Vulnerability
1577| [48566] ISC BIND 9 Unspecified Packet Processing Remote Denial of Service Vulnerability
1578| [48565] ISC BIND 9 RPZ Configurations Remote Denial of Service Vulnerabilities
1579| [48007] ISC BIND 9 Large RRSIG RRsets Remote Denial of Service Vulnerability
1580| [47734] ISC BIND 9 RRSIG Query Type Remote Denial of Service Vulnerability
1581| [46491] ISC BIND 9 IXFR Transfer/DDNS Update Remote Denial of Service Vulnerability
1582| [45385] ISC BIND 9 DNSSEC Validation Remote Denial of Service Vulnerability
1583| [45133] ISC BIND 9 'RRSIG' Record Type Negative Cache Remote Denial of Service Vulnerability
1584| [41730] ISC BIND 9 'RRSIG' Record Type Remote Denial of Service Vulnerability
1585| [37865] ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability
1586| [37118] ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
1587| [35848] ISC BIND 9 Remote Dynamic Update Message Denial of Service Vulnerability
1588| [25076] ISC BIND 9 Default ACL Settings Recursive Queries And Cached Content Security Bypass Vulnerability
1589| [25037] ISC BIND 9 Remote Cache Poisoning Vulnerability
1590| [4936] ISC BIND 9 Remote Denial Of Service Vulnerability
1591|
1592| IBM X-Force - https://exchange.xforce.ibmcloud.com:
1593| [85799] Cisco Unified IP Phones 9900 Series directory traversal
1594| [75412] Cisco Unified IP Phones 9900 series RT privilege escalation
1595| [68733] Cisco 9000 Series Aggregation Service Router IPv4 packet denial of service
1596| [9704] Multiple Lucent router UDP port 9 could disclose sensitive information
1597| [9250] BIND 9 dns_message_findtype() denial of service
1598| [1852] BIND prior to 4.9.7 buffer overflow affects Digital Firewall 97 users
1599| [539] Microsoft Windows 95 and Internet Explorer password disclosure
1600| [86004] ISC BIND RDATA denial of service
1601| [84767] ISC BIND denial of service
1602| [83066] ISC BIND denial of service
1603| [81504] ISC BIND AAAA denial of service
1604| [80510] ISC BIND DNS64 denial of service
1605| [79121] ISC BIND queries denial of service
1606| [78479] ISC BIND RDATA denial of service
1607| [77185] ISC BIND TCP queries denial of service
1608| [77184] ISC BIND bad cache denial of service
1609| [76034] ISC BIND rdata denial of service
1610| [73053] ISC BIND cache update policy security bypass
1611| [71332] ISC BIND recursive queries denial of service
1612| [68375] ISC BIND UPDATE denial of service
1613| [68374] ISC BIND Response Policy Zones denial of service
1614| [67665] ISC BIND RRSIG Rrsets denial of service
1615| [67297] ISC BIND RRSIG denial of service
1616| [65554] ISC BIND IXFR transfer denial of service
1617| [63602] ISC BIND allow-query security bypass
1618| [63596] ISC BIND zone data security bypass
1619| [63595] ISC BIND RRSIG denial of service
1620| [62072] ISC BIND DNSSEC query denial of service
1621| [62071] ISC BIND ACL security bypass
1622| [61871] ISC BIND anchors denial of service
1623| [60421] ISC BIND RRSIG denial of service
1624| [56049] ISC BIND out-of-bailiwick weak security
1625| [55937] ISC Bind unspecified cache poisoning
1626| [55753] ISC BIND DNSSEC NSEC/NSEC3 cache poisoning
1627| [54416] ISC BIND DNSSEC cache poisoning
1628| [52073] ISC BIND dns_db_findrdataset() denial of service
1629| [47409] Multiple Mozilla products XBL loadBindingDocument information disclosure
1630| [45234] ISC BIND UDP denial of service
1631| [39670] ISC BIND inet_network buffer overflow
1632| [37233] libgssapi ISC BIND Novell SUSE Linux Enterprise Server GSS-TSIG request denial of service
1633| [37128] RHSA update for ISC BIND RRset denial of service not installed
1634| [37127] RHSA update for ISC BIND named service denial of service not installed
1635| [36275] ISC BIND DNS query spoofing
1636| [35575] ISC BIND query ID cache poisoning
1637| [35571] ISC BIND ACL security bypass
1638| [31838] ISC BIND RRset denial of service
1639| [31799] ISC BIND named service denial of service
1640| [29876] HP Tru64 ypbind core dump information disclosure
1641| [28745] ISC BIND DNSSEC RRset denial of service
1642| [28744] ISC BIND recursive INSIST denial of service
1643| [22041] BEA WebLogic Server and Express LDAP anonymous bind information disclosure
1644| [18836] BIND hostname disclosure
1645| [10624] ISC BIND DNS stub resolver library (libresolv.a) stack buffer overflows
1646| [10333] ISC BIND SIG null pointer dereference denial of service
1647| [10332] ISC BIND OPT resource record (RR) denial of service
1648| [10304] ISC BIND SIG cached resource records (RR) heap buffer overflow
1649| [7027] Cisco CBOS Web-based configuration utility binds to port 80 by default
1650| [5814] ISC BIND "
1651| [5540] ISC BIND can be remotely crashed by issuing ZXFR requests
1652| [5462] ISC BIND AXFR host command remote buffer overflow
1653|
1654| Exploit-DB - https://www.exploit-db.com:
1655| [17376] Aastra IP Phone 9480i Web Interface Data disclosure Vulnerability
1656| [9300] ISC BIND 9 Remote Dynamic Update Message Denial of Service PoC
1657|
1658| OpenVAS (Nessus) - http://www.openvas.org:
1659| [103090] ISC BIND 9 IXFR Transfer/DDNS Update Remote Denial of Service Vulnerability
1660| [103031] ISC BIND 9 < 9.7.2-P2 Multiple Vulnerabilities
1661| [103030] ISC BIND 9 'RRSIG' Record Type Negative Cache Remote Denial of Service Vulnerability
1662| [100717] ISC BIND 9 'RRSIG' Record Type Remote Denial of Service Vulnerability
1663| [100458] ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability
1664| [100362] ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
1665| [100251] ISC BIND 9 Remote Dynamic Update Message Denial of Service Vulnerability
1666| [63208] Fedora Core 9 FEDORA-2009-0350 (bind)
1667| [11226] Oracle 9iAS default error information disclosure
1668|
1669| SecurityTracker - https://www.securitytracker.com:
1670| [1025811] Cisco ASR 9000 Series Router IPv4 Packet Processing Flaw Lets Remote Users Deny Service
1671| [1012995] BIND 9 Validator Assumption Error May Let Remote Users Deny Service
1672| [1005048] Oracle Enterprise Manager Web Service Component of Oracle 9i Application Server Discloses the Web Cache Administrator Password to Local Users
1673| [1003675] Oracle 9iAS Application Server Discloses CGI-BIN Script Source Code to Remote Users
1674| [1001186] Microsoft Windows Me Operating System and Windows 98 with the Plus! 98 Package Disclose Data Compression Passwords
1675| [1028901] (McAfee Issues Advisory for McAfee Email Gateway) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
1676| [1028900] (McAfee Issues Advisory for McAfee Email and Web Security Appliance) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
1677| [1028899] (McAfee Issues Fix for McAfee Web Gateway) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
1678| [1028866] (McAfee Issues Fix for McAfee Firewall Enterprise) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
1679| [1028854] (NetBSD Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
1680| [1028849] (Red Hat Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
1681| [1028848] (Red Hat Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
1682| [1028839] (FreeBSD Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
1683| [1028838] ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
1684| [1028632] ISC BIND RUNTIME_CHECK Error Lets Remote Users Deny Service Against Recursive Resolvers
1685| [1028046] ISC BIND DNS64 and Response Policy Zones (RPZ) Bug Lets Remote Users Deny Service
1686| [1027835] ISC BIND DNS64 Bug Lets Remote Users Deny Service
1687| [1027642] ISC BIND RDATA Processing Flaw Lets Remote Users Deny Service
1688| [1027529] ISC BIND RDATA Processing Flaw Lets Remote Users Deny Service
1689| [1026647] ISC BIND Cache Update Policy Can Be Bypassed to Allow Revoked Domain Names to Remain Resolvable
1690| [1026335] ISC BIND Invalid Record Caching Flaw Lets Remote Users Deny Service
1691| [1025743] ISC BIND Response Policy Zones DNAME/CNAME Processing Flaw Lets Remote Users Deny Service
1692| [1025742] ISC BIND Packet Processing Flaw Lets Remote Users Deny Service
1693| [1015850] Samba winbindd Daemon Discloses Server Password to Local Users
1694| [1003359] BindView NETinventory Discloses Password to Local Users During Auditing
1695| [1001721] BIND Domain Name System Software May Disclose DNS Transactional Signature (TSIG) Keys to Local Users
1696|
1697| OSVDB - http://www.osvdb.org:
1698| [72941] Aastra 9480i IP Phone Multiple Configuration File Direct Request Information Disclosure
1699|_
170080/tcp closed http
1701110/tcp open pop3 Dovecot pop3d
1702| vulscan: VulDB - https://vuldb.com:
1703| [139289] cPanel up to 68.0.14 dovecot-xaps-plugin Format privilege escalation
1704| [134480] Dovecot up to 2.3.5.2 Submission-Login Crash denial of service
1705| [134479] Dovecot up to 2.3.5.2 IMAP Server Crash denial of service
1706| [134024] Dovecot up to 2.3.5.1 JSON Encoder Username Crash denial of service
1707| [132543] Dovecot up to 2.2.36.0/2.3.4.0 Certificate Impersonation weak authentication
1708| [119762] Dovecot up to 2.2.28 dict Authentication var_expand() denial of service
1709| [114012] Dovecot up to 2.2.33 TLS SNI Restart denial of service
1710| [114009] Dovecot SMTP Delivery Email Message Out-of-Bounds memory corruption
1711| [112447] Dovecot up to 2.2.33/2.3.0 SASL Auth Memory Leak denial of service
1712| [106837] Dovecot up to 2.2.16 ssl-proxy-openssl.c ssl-proxy-opensslc denial of service
1713| [97052] Dovecot up to 2.2.26 auth-policy Unset Crash denial of service
1714| [69835] Dovecot 2.2.0/2.2.1 denial of service
1715| [13348] Dovecot up to 1.2.15/2.1.15 IMAP4/POP3 SSL/TLS Handshake denial of service
1716| [65684] Dovecot up to 2.2.6 unknown vulnerability
1717| [9807] Dovecot up to 1.2.7 on Exim Input Sanitizer privilege escalation
1718| [63692] Dovecot up to 2.0.15 spoofing
1719| [7062] Dovecot 2.1.10 mail-search.c denial of service
1720| [57517] Dovecot up to 2.0.12 Login directory traversal
1721| [57516] Dovecot up to 2.0.12 Access Restriction directory traversal
1722| [57515] Dovecot up to 2.0.12 Crash denial of service
1723| [54944] Dovecot up to 1.2.14 denial of service
1724| [54943] Dovecot up to 1.2.14 Access Restriction Symlink privilege escalation
1725| [54942] Dovecot up to 2.0.4 Access Restriction denial of service
1726| [54941] Dovecot up to 2.0.4 Access Restriction unknown vulnerability
1727| [54840] Dovecot up to 1.2.12 AGate unknown vulnerability
1728| [53277] Dovecot up to 1.2.10 denial of service
1729| [50082] Dovecot up to 1.1.6 Stack-based memory corruption
1730| [45256] Dovecot up to 1.1.5 directory traversal
1731| [44846] Dovecot 1.1.4/1.1.5 IMAP Client Crash denial of service
1732| [44546] Dovecot up to 1.0.x Access Restriction unknown vulnerability
1733| [44545] Dovecot up to 1.0.x Access Restriction unknown vulnerability
1734| [41430] Dovecot 1.0.12/1.1 Locking unknown vulnerability
1735| [40356] Dovecot 1.0.9 Cache unknown vulnerability
1736| [38222] Dovecot 1.0.2 directory traversal
1737| [36376] Dovecot up to 1.0.x directory traversal
1738| [33332] Timo Sirainen Dovecot up to 1.0test53 Off-By-One memory corruption
1739|
1740| MITRE CVE - https://cve.mitre.org:
1741| [CVE-2011-4318] Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate for a different hostname.
1742| [CVE-2011-2167] script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script.
1743| [CVE-2011-2166] script-login in Dovecot 2.0.x before 2.0.13 does not follow the user and group configuration settings, which might allow remote authenticated users to bypass intended access restrictions by leveraging a script.
1744| [CVE-2011-1929] lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' characters in header names, which allows remote attackers to cause a denial of service (daemon crash or mailbox corruption) via a crafted e-mail message.
1745| [CVE-2010-4011] Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage memory for user names, which allows remote authenticated users to read the private e-mail of other persons in opportunistic circumstances via standard e-mail clients accessing a user's own mailbox, related to a "memory aliasing issue."
1746| [CVE-2010-3780] Dovecot 1.2.x before 1.2.15 allows remote authenticated users to cause a denial of service (master process outage) by simultaneously disconnecting many (1) IMAP or (2) POP3 sessions.
1747| [CVE-2010-3779] Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.beta2 grants the admin permission to the owner of each mailbox in a non-public namespace, which might allow remote authenticated users to bypass intended access restrictions by changing the ACL of a mailbox, as demonstrated by a symlinked shared mailbox.
1748| [CVE-2010-3707] plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving more specific entries that occur after less specific entries, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox.
1749| [CVE-2010-3706] plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving the private namespace of a user, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox.
1750| [CVE-2010-3304] The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly created mailboxes in certain configurations, which might allow remote attackers to read mailboxes that have unintended weak ACLs.
1751| [CVE-2010-0745] Unspecified vulnerability in Dovecot 1.2.x before 1.2.11 allows remote attackers to cause a denial of service (CPU consumption) via long headers in an e-mail message.
1752| [CVE-2010-0535] Dovecot in Apple Mac OS X 10.6 before 10.6.3, when Kerberos is enabled, does not properly enforce the service access control list (SACL) for sending and receiving e-mail, which allows remote authenticated users to bypass intended access restrictions via unspecified vectors.
1753| [CVE-2010-0433] The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before 0.9.8n, when Kerberos is enabled but Kerberos configuration files cannot be opened, does not check a certain return value, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via SSL cipher negotiation, as demonstrated by a chroot installation of Dovecot or stunnel without Kerberos configuration files inside the chroot.
1754| [CVE-2009-3897] Dovecot 1.2.x before 1.2.8 sets 0777 permissions during creation of certain directories at installation time, which allows local users to access arbitrary user accounts by replacing the auth socket, related to the parent directories of the base_dir directory, and possibly the base_dir directory itself.
1755| [CVE-2009-3235] Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632.
1756| [CVE-2009-2632] Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect use of the sizeof operator for determining buffer length, combined with an integer signedness error.
1757| [CVE-2008-5301] Directory traversal vulnerability in the ManageSieve implementation in Dovecot 1.0.15, 1.1, and 1.2 allows remote attackers to read and modify arbitrary .sieve files via a ".." (dot dot) in a script name.
1758| [CVE-2008-4907] The message parsing feature in Dovecot 1.1.4 and 1.1.5, when using the FETCH ENVELOPE command in the IMAP client, allows remote attackers to cause a denial of service (persistent crash) via an email with a malformed From address, which triggers an assertion error, aka "invalid message address parsing bug."
1759| [CVE-2008-4870] dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedora, uses world-readable permissions for dovecot.conf, which allows local users to obtain the ssl_key_password parameter value.
1760| [CVE-2008-4578] The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes.
1761| [CVE-2008-4577] The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions.
1762| [CVE-2008-1218] Argument injection vulnerability in Dovecot 1.0.x before 1.0.13, and 1.1.x before 1.1.rc3, when using blocking passdbs, allows remote attackers to bypass the password check via a password containing TAB characters, which are treated as argument delimiters that enable the skip_password_check field to be specified.
1763| [CVE-2008-1199] Dovecot before 1.0.11, when configured to use mail_extra_groups to allow Dovecot to create dotlocks in /var/mail, might allow local users to read sensitive mail files for other users, or modify files or directories that are writable by group, via a symlink attack.
1764| [CVE-2007-6598] Dovecot before 1.0.10, with certain configuration options including use of %variables, does not properly maintain the LDAP+auth cache, which might allow remote authenticated users to login as a different user who has the same password.
1765| [CVE-2007-5794] Race condition in nss_ldap, when used in applications that are linked against the pthread library and fork after a call to nss_ldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong mailboxes being returned, but other applications might also be affected.
1766| [CVE-2007-4211] The ACL plugin in Dovecot before 1.0.3 allows remote authenticated users with the insert right to save certain flags via a (1) COPY or (2) APPEND command.
1767| [CVE-2007-2231] Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot before 1.0.rc29, when using the zlib plugin, allows remote attackers to read arbitrary gzipped (.gz) mailboxes (mbox files) via a .. (dot dot) sequence in the mailbox name.
1768| [CVE-2007-2173] Eval injection vulnerability in (1) courier-imapd.indirect and (2) courier-pop3d.indirect in Courier-IMAP before 4.0.6-r2, and 4.1.x before 4.1.2-r1, on Gentoo Linux allows remote attackers to execute arbitrary commands via the XMAILDIR variable, related to the LOGINRUN variable.
1769| [CVE-2007-0618] Unspecified vulnerability in (1) pop3d, (2) pop3ds, (3) imapd, and (4) imapds in IBM AIX 5.3.0 has unspecified impact and attack vectors, involving an "authentication vulnerability."
1770| [CVE-2006-5973] Off-by-one buffer overflow in Dovecot 1.0test53 through 1.0.rc14, and possibly other versions, when index files are used and mmap_disable is set to "yes," allows remote authenticated IMAP or POP3 users to cause a denial of service (crash) via unspecified vectors involving the cache file.
1771| [CVE-2006-2502] Stack-based buffer overflow in pop3d in Cyrus IMAPD (cyrus-imapd) 2.3.2, when the popsubfolders option is enabled, allows remote attackers to execute arbitrary code via a long USER command.
1772| [CVE-2006-2414] Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command.
1773| [CVE-2006-0730] Multiple unspecified vulnerabilities in Dovecot before 1.0beta3 allow remote attackers to cause a denial of service (application crash or hang) via unspecified vectors involving (1) "potential hangs" in the APPEND command and "potential crashes" in (2) dovecot-auth and (3) imap/pop3-login. NOTE: vector 2 might be related to a double free vulnerability.
1774| [CVE-2002-0925] Format string vulnerability in mmsyslog function allows remote attackers to execute arbitrary code via (1) the USER command to mmpop3d for mmmail 0.0.13 and earlier, (2) the HELO command to mmsmtpd for mmmail 0.0.13 and earlier, or (3) the USER command to mmftpd 0.0.7 and earlier.
1775| [CVE-2001-0143] vpop3d program in linuxconf 1.23r and earlier allows local users to overwrite arbitrary files via a symlink attack.
1776| [CVE-2000-1197] POP2 or POP3 server (pop3d) in imap-uw IMAP package on FreeBSD and other operating systems creates lock files with predictable names, which allows local users to cause a denial of service (lack of mail access) for other users by creating lock files for other mail boxes.
1777| [CVE-1999-1445] Vulnerability in imapd and ipop3d in Slackware 3.4 and 3.3 with shadowing enabled, and possibly other operating systems, allows remote attackers to cause a core dump via a short sequence of USER and PASS commands that do not provide valid usernames or passwords.
1778|
1779| SecurityFocus - https://www.securityfocus.com/bid/:
1780| [103201] Dovecot CVE-2017-14461 Out-Of-Bounds Read Information Disclosure Vulnerability
1781| [97536] Dovecot CVE-2017-2669 Denial of Service Vulnerability
1782| [94639] Dovecot Auth Component CVE-2016-8652 Denial of Service Vulnerability
1783| [91175] Dovecot CVE-2016-4982 Local Information Disclosure Vulnerability
1784| [84736] Dovecot CVE-2008-4870 Local Security Vulnerability
1785| [74335] Dovecot 'ssl-proxy-openssl.c' Remote Denial of Service Vulnerability
1786| [67306] Dovecot Denial of Service Vulnerability
1787| [67219] akpop3d 'pszQuery' Remote Memory Corruption Vulnerability
1788| [63367] Dovecot Checkpassword Authentication Protocol Local Authentication Bypass Vulnerability
1789| [61763] RETIRED: Dovecot 'LIST' Command Denial of Service Vulnerability
1790| [60465] Exim for Dovecot 'use_shell' Remote Command Execution Vulnerability
1791| [60052] Dovecot 'APPEND' Parameter Denial of Service Vulnerability
1792| [56759] RETIRED: Dovecot 'mail-search.c' Denial of Service Vulnerability
1793| [50709] Dovecot SSL Certificate 'Common Name' Field Validation Security Bypass Vulnerability
1794| [48003] Dovecot 'script-login' Multiple Security Bypass Vulnerabilities
1795| [47930] Dovecot Header Name NULL Character Denial of Service Vulnerability
1796| [44874] Apple Mac OS X Dovecot (CVE-2010-4011) Memory Corruption Vulnerability
1797| [43690] Dovecot Access Control List (ACL) Multiple Remote Vulnerabilities
1798| [41964] Dovecot Access Control List (ACL) Plugin Security Bypass Weakness
1799| [39838] tpop3d Remote Denial of Service Vulnerability
1800| [39258] Dovecot Service Control Access List Security Bypass Vulnerability
1801| [37084] Dovecot Insecure 'base_dir' Permissions Local Privilege Escalation Vulnerability
1802| [36377] Dovecot Sieve Plugin Multiple Unspecified Buffer Overflow Vulnerabilities
1803| [32582] Dovecot ManageSieve Service '.sieve' Files Directory Traversal Vulnerability
1804| [31997] Dovecot Invalid Message Address Parsing Denial of Service Vulnerability
1805| [31587] Dovecot ACL Plugin Multiple Security Bypass Vulnerabilities
1806| [28181] Dovecot 'Tab' Character Password Check Security Bypass Vulnerability
1807| [28092] Dovecot 'mail_extra_groups' Insecure Settings Local Unauthorized Access Vulnerability
1808| [27093] Dovecot Authentication Cache Security Bypass Vulnerability
1809| [25182] Dovecot ACL Plugin Security Bypass Vulnerability
1810| [23552] Dovecot Zlib Plugin Remote Information Disclosure Vulnerability
1811| [22262] IBM AIX Pop3D/Pop3DS/IMapD/IMapDS Authentication Bypass Vulnerability
1812| [21183] Dovecot IMAP Server Mapped Pages Off-By-One Buffer Overflow Vulnerability
1813| [18056] Cyrus IMAPD POP3D Remote Buffer Overflow Vulnerability
1814| [17961] Dovecot Remote Information Disclosure Vulnerability
1815| [16672] Dovecot Double Free Denial of Service Vulnerability
1816| [8495] akpop3d User Name SQL Injection Vulnerability
1817| [8473] Vpop3d Remote Denial Of Service Vulnerability
1818| [3990] ZPop3D Bad Login Logging Failure Vulnerability
1819| [2781] DynFX MailServer POP3d Denial of Service Vulnerability
1820|
1821| IBM X-Force - https://exchange.xforce.ibmcloud.com:
1822| [86382] Dovecot POP3 Service denial of service
1823| [84396] Dovecot IMAP APPEND denial of service
1824| [80453] Dovecot mail-search.c denial of service
1825| [71354] Dovecot SSL Common Name (CN) weak security
1826| [67675] Dovecot script-login security bypass
1827| [67674] Dovecot script-login directory traversal
1828| [67589] Dovecot header name denial of service
1829| [63267] Apple Mac OS X Dovecot information disclosure
1830| [62340] Dovecot mailbox security bypass
1831| [62339] Dovecot IMAP or POP3 denial of service
1832| [62256] Dovecot mailbox security bypass
1833| [62255] Dovecot ACL entry security bypass
1834| [60639] Dovecot ACL plugin weak security
1835| [57267] Apple Mac OS X Dovecot Kerberos security bypass
1836| [56763] Dovecot header denial of service
1837| [54363] Dovecot base_dir privilege escalation
1838| [53248] CMU Sieve plugin for Dovecot unspecified buffer overflow
1839| [46323] Dovecot dovecot.conf information disclosure
1840| [46227] Dovecot message parsing denial of service
1841| [45669] Dovecot ACL mailbox security bypass
1842| [45667] Dovecot ACL plugin rights security bypass
1843| [41085] Dovecot TAB characters authentication bypass
1844| [41009] Dovecot mail_extra_groups option unauthorized access
1845| [39342] Dovecot LDAP auth cache configuration security bypass
1846| [35767] Dovecot ACL plugin security bypass
1847| [34082] Dovecot mbox-storage.c directory traversal
1848| [30433] Dovecot IMAP/POP3 server dovecot.index.cache buffer overflow
1849| [26578] Cyrus IMAP pop3d buffer overflow
1850| [26536] Dovecot IMAP LIST information disclosure
1851| [24710] Dovecot dovecot-auth and imap/pop3-login denial of service
1852| [24709] Dovecot APPEND command denial of service
1853| [13018] akpop3d authentication code SQL injection
1854| [7345] Slackware Linux imapd and ipop3d core dump
1855| [6269] imap, ipop2d and ipop3d buffer overflows
1856| [5923] Linuxconf vpop3d symbolic link
1857| [4918] IPOP3D, Buffer overflow attack
1858| [1560] IPOP3D, user login successful
1859| [1559] IPOP3D user login to remote host successful
1860| [1525] IPOP3D, user logout
1861| [1524] IPOP3D, user auto-logout
1862| [1523] IPOP3D, user login failure
1863| [1522] IPOP3D, brute force attack
1864| [1521] IPOP3D, user kiss of death logout
1865| [418] pop3d mktemp creates insecure temporary files
1866|
1867| Exploit-DB - https://www.exploit-db.com:
1868| [25297] Dovecot with Exim sender_address Parameter - Remote Command Execution
1869| [23053] Vpop3d Remote Denial of Service Vulnerability
1870| [16836] Cyrus IMAPD pop3d popsubfolders USER Buffer Overflow
1871| [11893] tPop3d 1.5.3 DoS
1872| [5257] Dovecot IMAP 1.0.10 <= 1.1rc2 - Remote Email Disclosure Exploit
1873| [2185] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (3)
1874| [2053] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (2)
1875| [1813] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit
1876|
1877| OpenVAS (Nessus) - http://www.openvas.org:
1878| [901026] Dovecot Sieve Plugin Multiple Buffer Overflow Vulnerabilities
1879| [901025] Dovecot Version Detection
1880| [881402] CentOS Update for dovecot CESA-2011:1187 centos5 x86_64
1881| [881358] CentOS Update for dovecot CESA-2011:1187 centos4 x86_64
1882| [880980] CentOS Update for dovecot CESA-2011:1187 centos5 i386
1883| [880967] CentOS Update for dovecot CESA-2011:1187 centos4 i386
1884| [870607] RedHat Update for dovecot RHSA-2011:0600-01
1885| [870471] RedHat Update for dovecot RHSA-2011:1187-01
1886| [870153] RedHat Update for dovecot RHSA-2008:0297-02
1887| [863272] Fedora Update for dovecot FEDORA-2011-7612
1888| [863115] Fedora Update for dovecot FEDORA-2011-7258
1889| [861525] Fedora Update for dovecot FEDORA-2007-664
1890| [861394] Fedora Update for dovecot FEDORA-2007-493
1891| [861333] Fedora Update for dovecot FEDORA-2007-1485
1892| [860845] Fedora Update for dovecot FEDORA-2008-9202
1893| [860663] Fedora Update for dovecot FEDORA-2008-2475
1894| [860169] Fedora Update for dovecot FEDORA-2008-2464
1895| [860089] Fedora Update for dovecot FEDORA-2008-9232
1896| [840950] Ubuntu Update for dovecot USN-1295-1
1897| [840668] Ubuntu Update for dovecot USN-1143-1
1898| [840583] Ubuntu Update for dovecot vulnerabilities USN-1059-1
1899| [840335] Ubuntu Update for dovecot vulnerabilities USN-593-1
1900| [840290] Ubuntu Update for dovecot vulnerability USN-567-1
1901| [840234] Ubuntu Update for dovecot vulnerability USN-666-1
1902| [840072] Ubuntu Update for dovecot vulnerability USN-487-1
1903| [831405] Mandriva Update for dovecot MDVSA-2011:101 (dovecot)
1904| [831230] Mandriva Update for dovecot MDVSA-2010:217 (dovecot)
1905| [831197] Mandriva Update for dovecot MDVSA-2010:196 (dovecot)
1906| [831054] Mandriva Update for dovecot MDVSA-2010:104 (dovecot)
1907| [830496] Mandriva Update for dovecot MDVSA-2008:232 (dovecot)
1908| [801055] Dovecot 'base_dir' Insecure Permissions Security Bypass Vulnerability
1909| [800030] Dovecot ACL Plugin Security Bypass Vulnerabilities
1910| [70767] Gentoo Security Advisory GLSA 201110-04 (Dovecot)
1911| [70259] FreeBSD Ports: dovecot
1912| [69959] Debian Security Advisory DSA 2252-1 (dovecot)
1913| [66522] FreeBSD Ports: dovecot
1914| [65010] Ubuntu USN-838-1 (dovecot)
1915| [64978] Debian Security Advisory DSA 1892-1 (dovecot)
1916| [64953] Mandrake Security Advisory MDVSA-2009:242-1 (dovecot)
1917| [64952] Mandrake Security Advisory MDVSA-2009:242 (dovecot)
1918| [64861] Fedora Core 10 FEDORA-2009-9559 (dovecot)
1919| [62965] Gentoo Security Advisory GLSA 200812-16 (dovecot)
1920| [62854] FreeBSD Ports: dovecot-managesieve
1921| [61916] FreeBSD Ports: dovecot
1922| [60588] Gentoo Security Advisory GLSA 200803-25 (dovecot)
1923| [60568] Debian Security Advisory DSA 1516-1 (dovecot)
1924| [60528] FreeBSD Ports: dovecot
1925| [60134] Debian Security Advisory DSA 1457-1 (dovecot)
1926| [60089] FreeBSD Ports: dovecot
1927| [58578] Debian Security Advisory DSA 1359-1 (dovecot)
1928| [56834] Debian Security Advisory DSA 1080-1 (dovecot)
1929|
1930| SecurityTracker - https://www.securitytracker.com:
1931| [1028585] Dovecot APPEND Parameter Processing Flaw Lets Remote Authenticated Users Deny Service
1932| [1024740] Mac OS X Server Dovecot Memory Aliasing Bug May Cause Mail to Be Delivered to the Wrong User
1933| [1017288] Dovecot POP3/IMAP Cache File Buffer Overflow May Let Remote Users Execute Arbitrary Code
1934|
1935| OSVDB - http://www.osvdb.org:
1936| [96172] Dovecot POP3 Service Terminated LIST Command Remote DoS
1937| [93525] Dovecot IMAP APPEND Command Malformed Parameter Parsing Remote DoS
1938| [93004] Dovecot with Exim sender_address Parameter Remote Command Execution
1939| [88058] Dovecot lib-storage/mail-search.c Multiple Keyword Search Handling Remote DoS
1940| [77185] Dovecot SSL Certificate Common Name Field MitM Spoofing Weakness
1941| [74515] Dovecot script-login chroot Configuration Setting Traversal Arbitrary File Access
1942| [74514] Dovecot script-login User / Group Configuration Settings Remote Access Restriction Bypass
1943| [72495] Dovecot lib-mail/message-header-parser.c Mail Header Name NULL Character Handling Remote DoS
1944| [69260] Apple Mac OS X Server Dovecot Memory Aliasing Mail Delivery Issue
1945| [68516] Dovecot plugins/acl/acl-backend-vfile.c ACL Permission Addition User Private Namespace Mailbox Access Restriction Remote Bypass
1946| [68515] Dovecot plugins/acl/acl-backend-vfile.c ACL Permission Addition Specific Entry Order Mailbox Access Restriction Remote Bypass
1947| [68513] Dovecot Non-public Namespace Mailbox ACL Manipulation Access Restriction Remote Bypass
1948| [68512] Dovecot IMAP / POP3 Session Disconnect Master Process Outage Remote DoS
1949| [66625] Dovecot ACL Plugin INBOX ACL Copying Weakness Restriction Bypass
1950| [66113] Dovecot Mail Root Directory Creation Permission Weakness
1951| [66112] Dovecot Installation base_dir Parent Directory Permission Weakness
1952| [66111] Dovecot SEARCH Functionality str_find_init() Function Overflow
1953| [66110] Dovecot Multiple Unspecified Buffer Overflows
1954| [66108] Dovecot Malformed Message Body Processing Unspecified Functions Remote DoS
1955| [64783] Dovecot E-mail Message Header Unspecified DoS
1956| [63372] Apple Mac OS X Dovecot Kerberos Authentication SACL Restriction Bypass
1957| [62796] Dovecot mbox Format Email Header Handling DoS
1958| [60316] Dovecot base_dir Directory Permission Weakness Local Privilege Escalation
1959| [58103] Dovecot CMU Sieve Plugin Script Handling Multiple Overflows
1960| [50253] Dovecot dovecot.conf Permission Weakness Local ssl_key_password Parameter Disclosure
1961| [49918] Dovecot ManageSieve Script Name Handling Traversal Arbitrary File Manipulation
1962| [49429] Dovecot Message Parsing Feature Crafted Email Header Handling Remote DoS
1963| [49099] Dovecot ACL Plugin k Right Mailbox Creation Restriction Bypass
1964| [49098] Dovecot ACL Plugin Negative Access Rights Bypass
1965| [43137] Dovecot mail_extra_groups Symlink File Manipulation
1966| [42979] Dovecot passdbs Argument Injection Authentication Bypass
1967| [39876] Dovecot LDAP Auth Cache Security Bypass
1968| [39386] Dovecot ACL Plugin Insert Right APPEND / COPY Command Unauthorized Flag Manipulation
1969| [35489] Dovecot index/mbox/mbox-storage.c Traversal Arbitrary Gzip File Access
1970| [30524] Dovecot IMAP/POP3 Server dovecot.index.cache Handling Overflow
1971| [25853] Cyrus IMAPD pop3d USER Command Remote Overflow
1972| [25727] Dovecot Multiple Command Traversal Arbitrary Directory Listing
1973| [23281] Dovecot imap/pop3-login dovecot-auth DoS
1974| [23280] Dovecot Malformed APPEND Command DoS
1975| [14459] mmmail mmpop3d USER Command mmsyslog Function Format String
1976| [12033] Slackware Linux imapd/ipop3d Malformed USER/PASS Sequence DoS
1977| [5857] Linux pop3d Arbitrary Mail File Access
1978| [2471] akpop3d username SQL Injection
1979|_
1980139/tcp closed netbios-ssn
1981143/tcp open imap Dovecot imapd
1982| vulscan: VulDB - https://vuldb.com:
1983| [139289] cPanel up to 68.0.14 dovecot-xaps-plugin Format privilege escalation
1984| [134480] Dovecot up to 2.3.5.2 Submission-Login Crash denial of service
1985| [134479] Dovecot up to 2.3.5.2 IMAP Server Crash denial of service
1986| [134024] Dovecot up to 2.3.5.1 JSON Encoder Username Crash denial of service
1987| [132543] Dovecot up to 2.2.36.0/2.3.4.0 Certificate Impersonation weak authentication
1988| [119762] Dovecot up to 2.2.28 dict Authentication var_expand() denial of service
1989| [114012] Dovecot up to 2.2.33 TLS SNI Restart denial of service
1990| [114009] Dovecot SMTP Delivery Email Message Out-of-Bounds memory corruption
1991| [112447] Dovecot up to 2.2.33/2.3.0 SASL Auth Memory Leak denial of service
1992| [106837] Dovecot up to 2.2.16 ssl-proxy-openssl.c ssl-proxy-opensslc denial of service
1993| [97052] Dovecot up to 2.2.26 auth-policy Unset Crash denial of service
1994| [69835] Dovecot 2.2.0/2.2.1 denial of service
1995| [13348] Dovecot up to 1.2.15/2.1.15 IMAP4/POP3 SSL/TLS Handshake denial of service
1996| [65684] Dovecot up to 2.2.6 unknown vulnerability
1997| [9807] Dovecot up to 1.2.7 on Exim Input Sanitizer privilege escalation
1998| [63692] Dovecot up to 2.0.15 spoofing
1999| [7062] Dovecot 2.1.10 mail-search.c denial of service
2000| [59792] Cyrus IMAPd 2.4.11 weak authentication
2001| [57517] Dovecot up to 2.0.12 Login directory traversal
2002| [57516] Dovecot up to 2.0.12 Access Restriction directory traversal
2003| [57515] Dovecot up to 2.0.12 Crash denial of service
2004| [54944] Dovecot up to 1.2.14 denial of service
2005| [54943] Dovecot up to 1.2.14 Access Restriction Symlink privilege escalation
2006| [54942] Dovecot up to 2.0.4 Access Restriction denial of service
2007| [54941] Dovecot up to 2.0.4 Access Restriction unknown vulnerability
2008| [54840] Dovecot up to 1.2.12 AGate unknown vulnerability
2009| [53277] Dovecot up to 1.2.10 denial of service
2010| [50082] Dovecot up to 1.1.6 Stack-based memory corruption
2011| [45256] Dovecot up to 1.1.5 directory traversal
2012| [44846] Dovecot 1.1.4/1.1.5 IMAP Client Crash denial of service
2013| [44546] Dovecot up to 1.0.x Access Restriction unknown vulnerability
2014| [44545] Dovecot up to 1.0.x Access Restriction unknown vulnerability
2015| [41430] Dovecot 1.0.12/1.1 Locking unknown vulnerability
2016| [40356] Dovecot 1.0.9 Cache unknown vulnerability
2017| [38222] Dovecot 1.0.2 directory traversal
2018| [37927] Ipswitch Ipswitch Collaboration Suite up to 2006.1 IMAP Service imapd32.exe memory corruption
2019| [36376] Dovecot up to 1.0.x directory traversal
2020| [35759] Atrium MERCUR IMAPD IMAP4 mcrimap4.exe memory corruption
2021| [33332] Timo Sirainen Dovecot up to 1.0test53 Off-By-One memory corruption
2022|
2023| MITRE CVE - https://cve.mitre.org:
2024| [CVE-2009-2632] Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect use of the sizeof operator for determining buffer length, combined with an integer signedness error.
2025| [CVE-2011-4318] Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate for a different hostname.
2026| [CVE-2011-3481] The index_get_ids function in index.c in imapd in Cyrus IMAP Server before 2.4.11, when server-side threading is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted References header in an e-mail message.
2027| [CVE-2011-3372] imap/nntpd.c in the NNTP server (nntpd) for Cyrus IMAPd 2.4.x before 2.4.12 allows remote attackers to bypass authentication by sending an AUTHINFO USER command without sending an additional AUTHINFO PASS command.
2028| [CVE-2011-2167] script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script.
2029| [CVE-2011-2166] script-login in Dovecot 2.0.x before 2.0.13 does not follow the user and group configuration settings, which might allow remote authenticated users to bypass intended access restrictions by leveraging a script.
2030| [CVE-2011-1929] lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' characters in header names, which allows remote attackers to cause a denial of service (daemon crash or mailbox corruption) via a crafted e-mail message.
2031| [CVE-2010-4011] Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage memory for user names, which allows remote authenticated users to read the private e-mail of other persons in opportunistic circumstances via standard e-mail clients accessing a user's own mailbox, related to a "memory aliasing issue."
2032| [CVE-2010-3780] Dovecot 1.2.x before 1.2.15 allows remote authenticated users to cause a denial of service (master process outage) by simultaneously disconnecting many (1) IMAP or (2) POP3 sessions.
2033| [CVE-2010-3779] Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.beta2 grants the admin permission to the owner of each mailbox in a non-public namespace, which might allow remote authenticated users to bypass intended access restrictions by changing the ACL of a mailbox, as demonstrated by a symlinked shared mailbox.
2034| [CVE-2010-3707] plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving more specific entries that occur after less specific entries, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox.
2035| [CVE-2010-3706] plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving the private namespace of a user, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox.
2036| [CVE-2010-3304] The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly created mailboxes in certain configurations, which might allow remote attackers to read mailboxes that have unintended weak ACLs.
2037| [CVE-2010-0745] Unspecified vulnerability in Dovecot 1.2.x before 1.2.11 allows remote attackers to cause a denial of service (CPU consumption) via long headers in an e-mail message.
2038| [CVE-2010-0535] Dovecot in Apple Mac OS X 10.6 before 10.6.3, when Kerberos is enabled, does not properly enforce the service access control list (SACL) for sending and receiving e-mail, which allows remote authenticated users to bypass intended access restrictions via unspecified vectors.
2039| [CVE-2010-0433] The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before 0.9.8n, when Kerberos is enabled but Kerberos configuration files cannot be opened, does not check a certain return value, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via SSL cipher negotiation, as demonstrated by a chroot installation of Dovecot or stunnel without Kerberos configuration files inside the chroot.
2040| [CVE-2009-3897] Dovecot 1.2.x before 1.2.8 sets 0777 permissions during creation of certain directories at installation time, which allows local users to access arbitrary user accounts by replacing the auth socket, related to the parent directories of the base_dir directory, and possibly the base_dir directory itself.
2041| [CVE-2009-3235] Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632.
2042| [CVE-2008-5301] Directory traversal vulnerability in the ManageSieve implementation in Dovecot 1.0.15, 1.1, and 1.2 allows remote attackers to read and modify arbitrary .sieve files via a ".." (dot dot) in a script name.
2043| [CVE-2008-4907] The message parsing feature in Dovecot 1.1.4 and 1.1.5, when using the FETCH ENVELOPE command in the IMAP client, allows remote attackers to cause a denial of service (persistent crash) via an email with a malformed From address, which triggers an assertion error, aka "invalid message address parsing bug."
2044| [CVE-2008-4870] dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedora, uses world-readable permissions for dovecot.conf, which allows local users to obtain the ssl_key_password parameter value.
2045| [CVE-2008-4578] The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes.
2046| [CVE-2008-4577] The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions.
2047| [CVE-2008-1218] Argument injection vulnerability in Dovecot 1.0.x before 1.0.13, and 1.1.x before 1.1.rc3, when using blocking passdbs, allows remote attackers to bypass the password check via a password containing TAB characters, which are treated as argument delimiters that enable the skip_password_check field to be specified.
2048| [CVE-2008-1199] Dovecot before 1.0.11, when configured to use mail_extra_groups to allow Dovecot to create dotlocks in /var/mail, might allow local users to read sensitive mail files for other users, or modify files or directories that are writable by group, via a symlink attack.
2049| [CVE-2007-6598] Dovecot before 1.0.10, with certain configuration options including use of %variables, does not properly maintain the LDAP+auth cache, which might allow remote authenticated users to login as a different user who has the same password.
2050| [CVE-2007-5794] Race condition in nss_ldap, when used in applications that are linked against the pthread library and fork after a call to nss_ldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong mailboxes being returned, but other applications might also be affected.
2051| [CVE-2007-5740] The format string protection mechanism in IMAPD for Perdition Mail Retrieval Proxy 1.17 and earlier allows remote attackers to execute arbitrary code via an IMAP tag with a null byte followed by a format string specifier, which is not counted by the mechanism.
2052| [CVE-2007-5018] Stack-based buffer overflow in IMAPD in Mercury/32 4.52 allows remote authenticated users to execute arbitrary code via a long argument in a SEARCH ON command. NOTE: this issue might overlap with CVE-2004-1211.
2053| [CVE-2007-4211] The ACL plugin in Dovecot before 1.0.3 allows remote authenticated users with the insert right to save certain flags via a (1) COPY or (2) APPEND command.
2054| [CVE-2007-3925] Multiple buffer overflows in the IMAP service (imapd32.exe) in Ipswitch IMail Server 2006 before 2006.21 allow remote authenticated users to execute arbitrary code via the (1) Search or (2) Search Charset command.
2055| [CVE-2007-2231] Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot before 1.0.rc29, when using the zlib plugin, allows remote attackers to read arbitrary gzipped (.gz) mailboxes (mbox files) via a .. (dot dot) sequence in the mailbox name.
2056| [CVE-2007-2173] Eval injection vulnerability in (1) courier-imapd.indirect and (2) courier-pop3d.indirect in Courier-IMAP before 4.0.6-r2, and 4.1.x before 4.1.2-r1, on Gentoo Linux allows remote attackers to execute arbitrary commands via the XMAILDIR variable, related to the LOGINRUN variable.
2057| [CVE-2007-1579] Stack-based buffer overflow in Atrium MERCUR IMAPD allows remote attackers to have an unknown impact via a certain SUBSCRIBE command.
2058| [CVE-2007-1578] Multiple integer signedness errors in the NTLM implementation in Atrium MERCUR IMAPD (mcrimap4.exe) 5.00.14, with SP4, allow remote attackers to execute arbitrary code via a long NTLMSSP argument that triggers a stack-based buffer overflow.
2059| [CVE-2007-0618] Unspecified vulnerability in (1) pop3d, (2) pop3ds, (3) imapd, and (4) imapds in IBM AIX 5.3.0 has unspecified impact and attack vectors, involving an "authentication vulnerability."
2060| [CVE-2006-6762] The IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to cause a denial of service via an APPEND command with a single "(" (parenthesis) in the argument.
2061| [CVE-2006-6761] Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via a long argument to the SUBSCRIBE command.
2062| [CVE-2006-6425] Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via unspecified vectors involving the APPEND command.
2063| [CVE-2006-6424] Multiple buffer overflows in Novell NetMail before 3.52e FTF2 allow remote attackers to execute arbitrary code (1) by appending literals to certain IMAP verbs when specifying command continuation requests to IMAPD, resulting in a heap overflow
2064| [CVE-2006-5973] Off-by-one buffer overflow in Dovecot 1.0test53 through 1.0.rc14, and possibly other versions, when index files are used and mmap_disable is set to "yes," allows remote authenticated IMAP or POP3 users to cause a denial of service (crash) via unspecified vectors involving the cache file.
2065| [CVE-2006-2502] Stack-based buffer overflow in pop3d in Cyrus IMAPD (cyrus-imapd) 2.3.2, when the popsubfolders option is enabled, allows remote attackers to execute arbitrary code via a long USER command.
2066| [CVE-2006-2414] Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command.
2067| [CVE-2006-0730] Multiple unspecified vulnerabilities in Dovecot before 1.0beta3 allow remote attackers to cause a denial of service (application crash or hang) via unspecified vectors involving (1) "potential hangs" in the APPEND command and "potential crashes" in (2) dovecot-auth and (3) imap/pop3-login. NOTE: vector 2 might be related to a double free vulnerability.
2068| [CVE-2005-2278] Stack-based buffer overflow in the IMAP daemon (imapd) in MailEnable Professional 1.54 allows remote authenticated users to execute arbitrary code via the status command with a long mailbox name.
2069| [CVE-2005-1256] Stack-based buffer overflow in the IMAP daemon (IMAPD32.EXE) in IMail 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to execute arbitrary code via a STATUS command with a long mailbox name.
2070| [CVE-2005-1249] The IMAP daemon (IMAPD32.EXE) in Ipswitch Collaboration Suite (ICS) allows remote attackers to cause a denial of service (CPU consumption) via an LSUB command with a large number of null characters, which causes an infinite loop.
2071| [CVE-2005-1015] Buffer overflow in MailEnable Imapd (MEIMAP.exe) allows remote attackers to execute arbitrary code via a long LOGIN command.
2072| [CVE-2005-0546] Multiple buffer overflows in Cyrus IMAPd before 2.2.11 may allow attackers to execute arbitrary code via (1) an off-by-one error in the imapd annotate extension, (2) an off-by-one error in "cached header handling," (3) a stack-based buffer overflow in fetchnews, or (4) a stack-based buffer overflow in imapd.
2073| [CVE-2003-1322] Multiple stack-based buffer overflows in Atrium MERCUR IMAPD in MERCUR Mailserver before 4.2.15.0 allow remote attackers to execute arbitrary code via a long (1) EXAMINE, (2) DELETE, (3) SUBSCRIBE, (4) RENAME, (5) UNSUBSCRIBE, (6) LIST, (7) LSUB, (8) STATUS, (9) LOGIN, (10) CREATE, or (11) SELECT command.
2074| [CVE-2002-1782] The default configuration of University of Washington IMAP daemon (wu-imapd), when running on a system that does not allow shell access, allows a local user with a valid IMAP account to read arbitrary files as that user.
2075| [CVE-2002-1604] Multiple buffer overflows in HP Tru64 UNIX allow local and possibly remote attackers to execute arbitrary code via a long NLSPATH environment variable to (1) csh, (2) dtsession, (3) dxsysinfo, (4) imapd, (5) inc, (6) uucp, (7) uux, (8) rdist, or (9) deliver.
2076| [CVE-2002-0997] Buffer overflows in IMAP Agent (imapd) for Novell NetMail (NIMS) 3.0.3 before 3.0.3A allows remote attackers to cause a denial of service.
2077| [CVE-2002-0379] Buffer overflow in University of Washington imap server (uw-imapd) imap-2001 (imapd 2001.315) and imap-2001a (imapd 2001.315) with legacy RFC 1730 support, and imapd 2000.287 and earlier, allows remote authenticated users to execute arbitrary code via a long BODY request.
2078| [CVE-2001-0691] Buffer overflows in Washington University imapd 2000a through 2000c could allow local users without shell access to execute code as themselves in certain configurations.
2079| [CVE-2000-0284] Buffer overflow in University of Washington imapd version 4.7 allows users with a valid account to execute commands via LIST or other commands.
2080| [CVE-1999-1557] Buffer overflow in the login functions in IMAP server (imapd) in Ipswitch IMail 5.0 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long user name or (2) a long password.
2081| [CVE-1999-1445] Vulnerability in imapd and ipop3d in Slackware 3.4 and 3.3 with shadowing enabled, and possibly other operating systems, allows remote attackers to cause a core dump via a short sequence of USER and PASS commands that do not provide valid usernames or passwords.
2082| [CVE-1999-1224] IMAP 4.1 BETA, and possibly other versions, does not properly handle the SIGABRT (abort) signal, which allows local users to crash the server (imapd) via certain sequences of commands, which causes a core dump that may contain sensitive password information.
2083|
2084| SecurityFocus - https://www.securityfocus.com/bid/:
2085| [103201] Dovecot CVE-2017-14461 Out-Of-Bounds Read Information Disclosure Vulnerability
2086| [97536] Dovecot CVE-2017-2669 Denial of Service Vulnerability
2087| [94639] Dovecot Auth Component CVE-2016-8652 Denial of Service Vulnerability
2088| [91175] Dovecot CVE-2016-4982 Local Information Disclosure Vulnerability
2089| [84736] Dovecot CVE-2008-4870 Local Security Vulnerability
2090| [84478] imapd CVE-1999-1224 Denial-Of-Service Vulnerability
2091| [74335] Dovecot 'ssl-proxy-openssl.c' Remote Denial of Service Vulnerability
2092| [67306] Dovecot Denial of Service Vulnerability
2093| [65650] Eudora WorldMail imapd 'UID' Command Buffer Overflow Vulnerability
2094| [63367] Dovecot Checkpassword Authentication Protocol Local Authentication Bypass Vulnerability
2095| [61763] RETIRED: Dovecot 'LIST' Command Denial of Service Vulnerability
2096| [60465] Exim for Dovecot 'use_shell' Remote Command Execution Vulnerability
2097| [60052] Dovecot 'APPEND' Parameter Denial of Service Vulnerability
2098| [56759] RETIRED: Dovecot 'mail-search.c' Denial of Service Vulnerability
2099| [51403] Eudora WorldMail imapd 'LIST' Command Buffer Overflow Vulnerability
2100| [50709] Dovecot SSL Certificate 'Common Name' Field Validation Security Bypass Vulnerability
2101| [49949] Cyrus IMAPd NTTP Logic Error Authentication Bypass Vulnerability
2102| [48003] Dovecot 'script-login' Multiple Security Bypass Vulnerabilities
2103| [47930] Dovecot Header Name NULL Character Denial of Service Vulnerability
2104| [44874] Apple Mac OS X Dovecot (CVE-2010-4011) Memory Corruption Vulnerability
2105| [43690] Dovecot Access Control List (ACL) Multiple Remote Vulnerabilities
2106| [41964] Dovecot Access Control List (ACL) Plugin Security Bypass Weakness
2107| [39258] Dovecot Service Control Access List Security Bypass Vulnerability
2108| [37084] Dovecot Insecure 'base_dir' Permissions Local Privilege Escalation Vulnerability
2109| [36377] Dovecot Sieve Plugin Multiple Unspecified Buffer Overflow Vulnerabilities
2110| [32582] Dovecot ManageSieve Service '.sieve' Files Directory Traversal Vulnerability
2111| [31997] Dovecot Invalid Message Address Parsing Denial of Service Vulnerability
2112| [31587] Dovecot ACL Plugin Multiple Security Bypass Vulnerabilities
2113| [28181] Dovecot 'Tab' Character Password Check Security Bypass Vulnerability
2114| [28092] Dovecot 'mail_extra_groups' Insecure Settings Local Unauthorized Access Vulnerability
2115| [27093] Dovecot Authentication Cache Security Bypass Vulnerability
2116| [26270] Perdition IMAPD __STR_VWRITE Remote Format String Vulnerability
2117| [25733] Mercury/32 IMAPD SEARCH Command Remote Stack Buffer Overflow Vulnerability
2118| [25182] Dovecot ACL Plugin Security Bypass Vulnerability
2119| [23552] Dovecot Zlib Plugin Remote Information Disclosure Vulnerability
2120| [23058] Atrium Mercur IMapD NTLM Buffer Overflow Vulnerability
2121| [22262] IBM AIX Pop3D/Pop3DS/IMapD/IMapDS Authentication Bypass Vulnerability
2122| [21183] Dovecot IMAP Server Mapped Pages Off-By-One Buffer Overflow Vulnerability
2123| [18056] Cyrus IMAPD POP3D Remote Buffer Overflow Vulnerability
2124| [17961] Dovecot Remote Information Disclosure Vulnerability
2125| [16672] Dovecot Double Free Denial of Service Vulnerability
2126| [15980] Qualcomm WorldMail IMAPD Buffer Overflow Vulnerability
2127| [15753] Ipswitch Collaboration Suite and IMail Server IMAPD LIST Command Denial Of Service Vulnerability
2128| [12636] Cyrus IMAPD Multiple Remote Buffer Overflow Vulnerabilities
2129| [11738] Cyrus IMAPD Multiple Remote Unspecified Vulnerabilities
2130| [11729] Cyrus IMAPD Multiple Remote Vulnerabilities
2131| [6298] Cyrus IMAPD Pre-Login Heap Corruption Vulnerability
2132| [4713] Wu-imapd Partial Mailbox Attribute Remote Buffer Overflow Vulnerability
2133| [2856] Imapd 'Local' Buffer Overflow Vulnerabilities
2134| [1110] Univ. Of Washington imapd Buffer Overflow Vulnerabilities
2135| [502] NT IMail Imapd Buffer Overflow DoS Vulnerability
2136| [130] imapd Buffer Overflow Vulnerability
2137|
2138| IBM X-Force - https://exchange.xforce.ibmcloud.com:
2139| [86382] Dovecot POP3 Service denial of service
2140| [84396] Dovecot IMAP APPEND denial of service
2141| [80453] Dovecot mail-search.c denial of service
2142| [71354] Dovecot SSL Common Name (CN) weak security
2143| [70325] Cyrus IMAPd NNTP security bypass
2144| [67675] Dovecot script-login security bypass
2145| [67674] Dovecot script-login directory traversal
2146| [67589] Dovecot header name denial of service
2147| [63267] Apple Mac OS X Dovecot information disclosure
2148| [62340] Dovecot mailbox security bypass
2149| [62339] Dovecot IMAP or POP3 denial of service
2150| [62256] Dovecot mailbox security bypass
2151| [62255] Dovecot ACL entry security bypass
2152| [60639] Dovecot ACL plugin weak security
2153| [57267] Apple Mac OS X Dovecot Kerberos security bypass
2154| [56763] Dovecot header denial of service
2155| [54363] Dovecot base_dir privilege escalation
2156| [53248] CMU Sieve plugin for Dovecot unspecified buffer overflow
2157| [47526] UW-imapd rfc822_output_char() denial of service
2158| [46323] Dovecot dovecot.conf information disclosure
2159| [46227] Dovecot message parsing denial of service
2160| [45669] Dovecot ACL mailbox security bypass
2161| [45667] Dovecot ACL plugin rights security bypass
2162| [41085] Dovecot TAB characters authentication bypass
2163| [41009] Dovecot mail_extra_groups option unauthorized access
2164| [39342] Dovecot LDAP auth cache configuration security bypass
2165| [35767] Dovecot ACL plugin security bypass
2166| [34082] Dovecot mbox-storage.c directory traversal
2167| [30433] Dovecot IMAP/POP3 server dovecot.index.cache buffer overflow
2168| [26536] Dovecot IMAP LIST information disclosure
2169| [24710] Dovecot dovecot-auth and imap/pop3-login denial of service
2170| [24709] Dovecot APPEND command denial of service
2171| [22629] RHSA-2005:408 updates for cyrus-imapd not installed
2172| [19460] Cyrus IMAP imapd buffer overflow
2173| [19455] Cyrus IMAP imapd extension off-by-one buffer overflow
2174| [18492] Novell NetMail IMAPD 101_mEna buffer overflow
2175| [10803] UW IMAP (wu-imapd) authenticated user buffer overflow
2176| [9238] UW IMAP (wu-imapd) could allow a remote attacker to access arbitrary files
2177| [9055] UW IMAP (wu-imapd) partial mailbox attributes to request buffer overflow
2178| [7345] Slackware Linux imapd and ipop3d core dump
2179| [573] Imapd denial of service
2180|
2181| Exploit-DB - https://www.exploit-db.com:
2182| [30724] Perdition 1.17 IMAPD __STR_VWRITE Remote Format String Vulnerability
2183| [25297] Dovecot with Exim sender_address Parameter - Remote Command Execution
2184| [22061] Cyrus IMAPD 1.4/1.5.19/2.0.12/2.0.16/2.1.9/2.1.10 Pre-Login Heap Corruption Vulnerability
2185| [21443] Wu-imapd 2000/2001 Partial Mailbox Attribute Remote Buffer Overflow Vulnerability (2)
2186| [21442] Wu-imapd 2000/2001 Partial Mailbox Attribute Remote Buffer Overflow Vulnerability (1)
2187| [19849] UoW imapd 10.234/12.264 COPY Buffer Overflow (meta)
2188| [19848] UoW imapd 10.234/12.264 LSUB Buffer Overflow (meta)
2189| [19847] UoW imapd 10.234/12.264 Buffer Overflow Vulnerabilities
2190| [19377] Ipswitch IMail 5.0 Imapd Buffer Overflow DoS Vulnerability
2191| [19107] Netscape Messaging Server 3.55,University of Washington imapd 10.234 Buffer Overflow Vulnerability
2192| [18354] WorldMail imapd 3.0 SEH overflow (egg hunter)
2193| [16836] Cyrus IMAPD pop3d popsubfolders USER Buffer Overflow
2194| [16485] MailEnable IMAPD 1.54 - STATUS Request Buffer Overflow
2195| [16482] MDaemon 9.6.4 IMAPD FETCH Buffer Overflow
2196| [16480] MailEnable IMAPD W3C Logging Buffer Overflow
2197| [16477] Mdaemon 8.0.3 IMAPD CRAM-MD5 Authentication Overflow
2198| [16475] MailEnable IMAPD (2.35) Login Request Buffer Overflow
2199| [16474] Qualcomm WorldMail 3.0 IMAPD LIST Buffer Overflow
2200| [5257] Dovecot IMAP 1.0.10 <= 1.1rc2 - Remote Email Disclosure Exploit
2201| [4429] Mercury/32 4.52 IMAPD SEARCH command Post-Auth Overflow Exploit
2202| [3627] IPSwitch IMail Server <= 8.20 IMAPD Remote Buffer Overflow Exploit
2203| [3527] Mercur IMAPD 5.00.14 Remote Denial of Service Exploit (win32)
2204| [2185] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (3)
2205| [2053] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (2)
2206| [1813] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit
2207| [1380] Eudora Qualcomm WorldMail 3.0 (IMAPd) Remote Overflow Exploit
2208| [1332] MailEnable 1.54 Pro Universal IMAPD W3C Logging BoF Exploit
2209| [1327] FTGate4 Groupware Mail Server 4.1 (imapd) Remote Buffer Overflow PoC
2210| [1151] MDaemon 8.0.3 IMAPD CRAM-MD5 Authentication Overflow Exploit
2211| [1124] IPSwitch IMail Server <= 8.15 IMAPD Remote Root Exploit
2212| [915] MailEnable Enterprise 1.x Imapd Remote Exploit
2213| [903] Cyrus imapd 2.2.4 - 2.2.8 (imapmagicplus) Remote Exploit
2214| [340] Linux imapd Remote Overflow File Retrieve Exploit
2215|
2216| OpenVAS (Nessus) - http://www.openvas.org:
2217| [901026] Dovecot Sieve Plugin Multiple Buffer Overflow Vulnerabilities
2218| [901025] Dovecot Version Detection
2219| [881425] CentOS Update for cyrus-imapd CESA-2011:1508 centos5 x86_64
2220| [881403] CentOS Update for cyrus-imapd CESA-2011:0859 centos5 x86_64
2221| [881402] CentOS Update for dovecot CESA-2011:1187 centos5 x86_64
2222| [881397] CentOS Update for cyrus-imapd CESA-2011:1317 centos4 x86_64
2223| [881370] CentOS Update for cyrus-imapd CESA-2011:1508 centos4 x86_64
2224| [881358] CentOS Update for dovecot CESA-2011:1187 centos4 x86_64
2225| [881318] CentOS Update for cyrus-imapd CESA-2011:0859 centos4 x86_64
2226| [881255] CentOS Update for cyrus-imapd CESA-2011:1317 centos5 x86_64
2227| [881050] CentOS Update for cyrus-imapd CESA-2011:1508 centos5 i386
2228| [881049] CentOS Update for cyrus-imapd CESA-2011:1508 centos4 i386
2229| [881007] CentOS Update for cyrus-imapd CESA-2011:1317 centos5 i386
2230| [880980] CentOS Update for dovecot CESA-2011:1187 centos5 i386
2231| [880978] CentOS Update for cyrus-imapd CESA-2011:1317 centos4 i386
2232| [880967] CentOS Update for dovecot CESA-2011:1187 centos4 i386
2233| [880958] CentOS Update for cyrus-imapd CESA-2011:0859 centos4 i386
2234| [880905] CentOS Update for cyrus-imapd CESA-2009:1459 centos4 i386
2235| [880864] CentOS Update for cyrus-imapd CESA-2009:1459 centos5 i386
2236| [880826] CentOS Update for cyrus-imapd CESA-2009:1116 centos5 i386
2237| [880536] CentOS Update for cyrus-imapd CESA-2011:0859 centos5 i386
2238| [870607] RedHat Update for dovecot RHSA-2011:0600-01
2239| [870520] RedHat Update for cyrus-imapd RHSA-2011:1508-01
2240| [870489] RedHat Update for cyrus-imapd RHSA-2011:1317-01
2241| [870471] RedHat Update for dovecot RHSA-2011:1187-01
2242| [870443] RedHat Update for cyrus-imapd RHSA-2011:0859-01
2243| [870153] RedHat Update for dovecot RHSA-2008:0297-02
2244| [864075] Fedora Update for cyrus-imapd FEDORA-2011-13832
2245| [863585] Fedora Update for cyrus-imapd FEDORA-2011-13869
2246| [863579] Fedora Update for cyrus-imapd FEDORA-2011-13860
2247| [863281] Fedora Update for cyrus-imapd FEDORA-2011-7193
2248| [863273] Fedora Update for cyrus-imapd FEDORA-2011-7217
2249| [863272] Fedora Update for dovecot FEDORA-2011-7612
2250| [863115] Fedora Update for dovecot FEDORA-2011-7258
2251| [861525] Fedora Update for dovecot FEDORA-2007-664
2252| [861394] Fedora Update for dovecot FEDORA-2007-493
2253| [861333] Fedora Update for dovecot FEDORA-2007-1485
2254| [860845] Fedora Update for dovecot FEDORA-2008-9202
2255| [860663] Fedora Update for dovecot FEDORA-2008-2475
2256| [860169] Fedora Update for dovecot FEDORA-2008-2464
2257| [860089] Fedora Update for dovecot FEDORA-2008-9232
2258| [840950] Ubuntu Update for dovecot USN-1295-1
2259| [840668] Ubuntu Update for dovecot USN-1143-1
2260| [840583] Ubuntu Update for dovecot vulnerabilities USN-1059-1
2261| [840335] Ubuntu Update for dovecot vulnerabilities USN-593-1
2262| [840290] Ubuntu Update for dovecot vulnerability USN-567-1
2263| [840234] Ubuntu Update for dovecot vulnerability USN-666-1
2264| [840072] Ubuntu Update for dovecot vulnerability USN-487-1
2265| [831590] Mandriva Update for cyrus-imapd MDVSA-2012:037 (cyrus-imapd)
2266| [831468] Mandriva Update for cyrus-imapd MDVSA-2011:149 (cyrus-imapd)
2267| [831410] Mandriva Update for cyrus-imapd MDVSA-2011:100 (cyrus-imapd)
2268| [831405] Mandriva Update for dovecot MDVSA-2011:101 (dovecot)
2269| [831230] Mandriva Update for dovecot MDVSA-2010:217 (dovecot)
2270| [831207] Mandriva Update for cyrus-imapd MDVA-2010:208 (cyrus-imapd)
2271| [831197] Mandriva Update for dovecot MDVSA-2010:196 (dovecot)
2272| [831054] Mandriva Update for dovecot MDVSA-2010:104 (dovecot)
2273| [830496] Mandriva Update for dovecot MDVSA-2008:232 (dovecot)
2274| [801055] Dovecot 'base_dir' Insecure Permissions Security Bypass Vulnerability
2275| [800149] UW-imapd tmail and dmail BOF Vulnerabilities (Linux)
2276| [800030] Dovecot ACL Plugin Security Bypass Vulnerabilities
2277| [70767] Gentoo Security Advisory GLSA 201110-04 (Dovecot)
2278| [70696] Debian Security Advisory DSA 2377-1 (cyrus-imapd-2.2)
2279| [70407] Debian Security Advisory DSA 2318-1 (cyrus-imapd-2.2)
2280| [70259] FreeBSD Ports: dovecot
2281| [69965] Debian Security Advisory DSA 2258-1 (kolab-cyrus-imapd)
2282| [69959] Debian Security Advisory DSA 2252-1 (dovecot)
2283| [69740] Debian Security Advisory DSA 2242-1 (cyrus-imapd-2.2)
2284| [66522] FreeBSD Ports: dovecot
2285| [66416] Mandriva Security Advisory MDVSA-2009:229-1 (cyrus-imapd)
2286| [66233] SLES10: Security update for Cyrus IMAPD
2287| [66226] SLES11: Security update for Cyrus IMAPD
2288| [66222] SLES9: Security update for Cyrus IMAPD
2289| [65938] SLES10: Security update for Cyrus IMAPD
2290| [65723] SLES11: Security update for Cyrus IMAPD
2291| [65523] SLES9: Security update for Cyrus IMAPD
2292| [65479] SLES9: Security update for cyrus-imapd
2293| [65094] SLES9: Security update for cyrus-imapd
2294| [65010] Ubuntu USN-838-1 (dovecot)
2295| [64989] CentOS Security Advisory CESA-2009:1459 (cyrus-imapd)
2296| [64978] Debian Security Advisory DSA 1892-1 (dovecot)
2297| [64977] Debian Security Advisory DSA 1893-1 (cyrus-imapd-2.2 kolab-cyrus-imapd)
2298| [64965] Fedora Core 11 FEDORA-2009-9901 (cyrus-imapd)
2299| [64963] Fedora Core 10 FEDORA-2009-9869 (cyrus-imapd)
2300| [64953] Mandrake Security Advisory MDVSA-2009:242-1 (dovecot)
2301| [64952] Mandrake Security Advisory MDVSA-2009:242 (dovecot)
2302| [64898] FreeBSD Ports: cyrus-imapd
2303| [64864] Debian Security Advisory DSA 1881-1 (cyrus-imapd-2.2)
2304| [64861] Fedora Core 10 FEDORA-2009-9559 (dovecot)
2305| [64847] Fedora Core 10 FEDORA-2009-9428 (cyrus-imapd)
2306| [64846] Fedora Core 11 FEDORA-2009-9417 (cyrus-imapd)
2307| [64838] Mandrake Security Advisory MDVSA-2009:229 (cyrus-imapd)
2308| [64271] CentOS Security Advisory CESA-2009:1116 (cyrus-imapd)
2309| [62965] Gentoo Security Advisory GLSA 200812-16 (dovecot)
2310| [62854] FreeBSD Ports: dovecot-managesieve
2311| [61916] FreeBSD Ports: dovecot
2312| [60588] Gentoo Security Advisory GLSA 200803-25 (dovecot)
2313| [60568] Debian Security Advisory DSA 1516-1 (dovecot)
2314| [60528] FreeBSD Ports: dovecot
2315| [60134] Debian Security Advisory DSA 1457-1 (dovecot)
2316| [60089] FreeBSD Ports: dovecot
2317| [58578] Debian Security Advisory DSA 1359-1 (dovecot)
2318| [56834] Debian Security Advisory DSA 1080-1 (dovecot)
2319| [55807] Slackware Advisory SSA:2005-310-06 imapd
2320| [54861] Gentoo Security Advisory GLSA 200502-29 (cyrus-imapd)
2321| [54755] Gentoo Security Advisory GLSA 200411-34 (cyrus-imapd)
2322| [53739] Debian Security Advisory DSA 215-1 (cyrus-imapd)
2323| [53288] Debian Security Advisory DSA 597-1 (cyrus-imapd)
2324| [52297] FreeBSD Ports: cyrus-imapd
2325| [52296] FreeBSD Ports: cyrus-imapd
2326| [52295] FreeBSD Ports: cyrus-imapd
2327| [52294] FreeBSD Ports: cyrus-imapd
2328| [52172] FreeBSD Ports: cyrus-imapd
2329|
2330| SecurityTracker - https://www.securitytracker.com:
2331| [1028585] Dovecot APPEND Parameter Processing Flaw Lets Remote Authenticated Users Deny Service
2332| [1024740] Mac OS X Server Dovecot Memory Aliasing Bug May Cause Mail to Be Delivered to the Wrong User
2333| [1017288] Dovecot POP3/IMAP Cache File Buffer Overflow May Let Remote Users Execute Arbitrary Code
2334| [1013278] Cyrus IMAPd Buffer Overflows in Annotate Extension, Cached Header, and Fetchnews May Let Remote Users Execute Arbitrary Code
2335|
2336| OSVDB - http://www.osvdb.org:
2337| [96172] Dovecot POP3 Service Terminated LIST Command Remote DoS
2338| [93525] Dovecot IMAP APPEND Command Malformed Parameter Parsing Remote DoS
2339| [93004] Dovecot with Exim sender_address Parameter Remote Command Execution
2340| [88058] Dovecot lib-storage/mail-search.c Multiple Keyword Search Handling Remote DoS
2341| [78304] Eudora WorldMail imapd SEH LIST Command Parsing Remote Overflow
2342| [77185] Dovecot SSL Certificate Common Name Field MitM Spoofing Weakness
2343| [75445] Cyrus IMAP Server imapd index.c index_get_ids Function References Header NULL Dereference Remote DoS
2344| [74515] Dovecot script-login chroot Configuration Setting Traversal Arbitrary File Access
2345| [74514] Dovecot script-login User / Group Configuration Settings Remote Access Restriction Bypass
2346| [72495] Dovecot lib-mail/message-header-parser.c Mail Header Name NULL Character Handling Remote DoS
2347| [69260] Apple Mac OS X Server Dovecot Memory Aliasing Mail Delivery Issue
2348| [68516] Dovecot plugins/acl/acl-backend-vfile.c ACL Permission Addition User Private Namespace Mailbox Access Restriction Remote Bypass
2349| [68515] Dovecot plugins/acl/acl-backend-vfile.c ACL Permission Addition Specific Entry Order Mailbox Access Restriction Remote Bypass
2350| [68513] Dovecot Non-public Namespace Mailbox ACL Manipulation Access Restriction Remote Bypass
2351| [68512] Dovecot IMAP / POP3 Session Disconnect Master Process Outage Remote DoS
2352| [66625] Dovecot ACL Plugin INBOX ACL Copying Weakness Restriction Bypass
2353| [66113] Dovecot Mail Root Directory Creation Permission Weakness
2354| [66112] Dovecot Installation base_dir Parent Directory Permission Weakness
2355| [66111] Dovecot SEARCH Functionality str_find_init() Function Overflow
2356| [66110] Dovecot Multiple Unspecified Buffer Overflows
2357| [66108] Dovecot Malformed Message Body Processing Unspecified Functions Remote DoS
2358| [64783] Dovecot E-mail Message Header Unspecified DoS
2359| [63372] Apple Mac OS X Dovecot Kerberos Authentication SACL Restriction Bypass
2360| [62796] Dovecot mbox Format Email Header Handling DoS
2361| [60316] Dovecot base_dir Directory Permission Weakness Local Privilege Escalation
2362| [58103] Dovecot CMU Sieve Plugin Script Handling Multiple Overflows
2363| [57843] Cyrus IMAP Server (cyrus-imapd) SIEVE Script Component (sieve/script.c) Crafted Script Handling Overflow
2364| [57681] UoW imap Server (uw-imapd) Arbitrary Remote File Access
2365| [52906] UW-imapd c-client Initial Request Remote Format String
2366| [52905] UW-imapd c-client Library RFC822BUFFER Routines rfc822_output_char Function Off-by-one
2367| [52456] UW-imapd on Debian Linux LOGIN Command Remote DoS
2368| [50253] Dovecot dovecot.conf Permission Weakness Local ssl_key_password Parameter Disclosure
2369| [49918] Dovecot ManageSieve Script Name Handling Traversal Arbitrary File Manipulation
2370| [49485] UW-imapd dmail Utility Mailbox Name Handling Overflow
2371| [49484] UW-imapd tmail Utility Mailbox Name Handling Overflow
2372| [49429] Dovecot Message Parsing Feature Crafted Email Header Handling Remote DoS
2373| [49099] Dovecot ACL Plugin k Right Mailbox Creation Restriction Bypass
2374| [49098] Dovecot ACL Plugin Negative Access Rights Bypass
2375| [43137] Dovecot mail_extra_groups Symlink File Manipulation
2376| [42979] Dovecot passdbs Argument Injection Authentication Bypass
2377| [42004] Perdition Mail Retrieval Proxy IMAPD IMAP Tag Remote Format String Arbitrary Code Execution
2378| [39876] Dovecot LDAP Auth Cache Security Bypass
2379| [39670] Mercury Mail Transport System IMAPD SEARCH Command Remote Overflow
2380| [39386] Dovecot ACL Plugin Insert Right APPEND / COPY Command Unauthorized Flag Manipulation
2381| [35489] Dovecot index/mbox/mbox-storage.c Traversal Arbitrary Gzip File Access
2382| [31362] Novell NetMail IMAP Daemon (IMAPD) APPEND Command Remote Overflow
2383| [31361] Novell NetMail IMAP Daemon (IMAPD) APPEND Command DoS
2384| [31360] Novell NetMail IMAP Daemon (IMAPD) SUBSCRIBE Command Remote Overflow
2385| [30524] Dovecot IMAP/POP3 Server dovecot.index.cache Handling Overflow
2386| [25853] Cyrus IMAPD pop3d USER Command Remote Overflow
2387| [25727] Dovecot Multiple Command Traversal Arbitrary Directory Listing
2388| [23281] Dovecot imap/pop3-login dovecot-auth DoS
2389| [23280] Dovecot Malformed APPEND Command DoS
2390| [18179] HP Tru64 UNIX imapd NLSPATH Environment Variable Local Overflow
2391| [13242] UW-imapd CRAM-MD5 Authentication Bypass
2392| [12385] Novell NetMail IMAPD 101_mEna Script Remote Overflow
2393| [12042] UoW imapd Multiple Unspecified Overflows
2394| [12037] UoW imapd (UW-IMAP) Multiple Command Remote Overflows
2395| [12033] Slackware Linux imapd/ipop3d Malformed USER/PASS Sequence DoS
2396| [911] UoW imapd AUTHENTICATE Command Remote Overflow
2397| [790] UoW imap Server (uw-imapd) BODY Request Remote Overflow
2398| [519] UoW imapd SIGABRT Signal Forced Crash Information Disclosure
2399|_
2400443/tcp closed https
2401445/tcp closed microsoft-ds
2402465/tcp open ssl/smtp Exim smtpd 4.92
2403| vulscan: VulDB - https://vuldb.com:
2404| [141327] Exim up to 4.92.1 Backslash privilege escalation
2405| [138827] Exim up to 4.92 Expansion Code Execution
2406| [135932] Exim up to 4.92 privilege escalation
2407| [113048] Exim up to 4.90 SMTP Listener Message memory corruption
2408|
2409| MITRE CVE - https://cve.mitre.org:
2410| [CVE-2012-5671] Heap-based buffer overflow in the dkim_exim_query_dns_txt function in dkim.c in Exim 4.70 through 4.80, when DKIM support is enabled and acl_smtp_connect and acl_smtp_rcpt are not set to "warn control = dkim_disable_verify," allows remote attackers to execute arbitrary code via an email from a malicious DNS server.
2411| [CVE-2012-0478] The texImage2D implementation in the WebGL subsystem in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 does not properly restrict JSVAL_TO_OBJECT casts, which might allow remote attackers to execute arbitrary code via a crafted web page.
2412| [CVE-2011-1764] Format string vulnerability in the dkim_exim_verify_finish function in src/dkim.c in Exim before 4.76 might allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in data used in DKIM logging, as demonstrated by an identity field containing a % (percent) character.
2413| [CVE-2011-1407] The DKIM implementation in Exim 4.7x before 4.76 permits matching for DKIM identities to apply to lookup items, instead of only strings, which allows remote attackers to execute arbitrary code or access a filesystem via a crafted identity.
2414| [CVE-2011-0017] The open_log function in log.c in Exim 4.72 and earlier does not check the return value from (1) setuid or (2) setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack.
2415| [CVE-2010-4345] Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.
2416| [CVE-2010-4344] Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging.
2417| [CVE-2010-2024] transports/appendfile.c in Exim before 4.72, when MBX locking is enabled, allows local users to change permissions of arbitrary files or create arbitrary files, and cause a denial of service or possibly gain privileges, via a symlink attack on a lockfile in /tmp/.
2418| [CVE-2010-2023] transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the st_nlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user's file.
2419| [CVE-2006-1251] Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 allows remote attackers to delete arbitrary files via an email with a To field that contains a filename separated by whitespace, which is not quoted when greylistclean.cron provides the argument to the rm command.
2420| [CVE-2005-0022] Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow attackers to execute arbitrary code during SPA authentication.
2421| [CVE-2005-0021] Multiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via (1) an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the host_aton function, or (2) the -bh command line option or dnsdb PTR lookup, which triggers an overflow in the dns_build_reverse function.
2422| [CVE-2004-0400] Stack-based buffer overflow in Exim 4 before 4.33, when the headers_check_syntax option is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code during the header check.
2423| [CVE-2004-0399] Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code during sender verification.
2424| [CVE-2003-0743] Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 and Exim 4 (exim4) before 4.21 may allow remote attackers to execute arbitrary code via an invalid (1) HELO or (2) EHLO argument with a large number of spaces followed by a NULL character and a newline, which is not properly trimmed before the "(no argument given)" string is appended to the buffer.
2425| [CVE-2002-1381] Format string vulnerability in daemon.c for Exim 4.x through 4.10, and 3.x through 3.36, allows exim administrative users to execute arbitrary code by modifying the pid_file_path value.
2426|
2427| SecurityFocus - https://www.securityfocus.com/bid/:
2428| [103049] Exim 'base64d()' Function Buffer Overflow Vulnerability
2429| [99252] Exim CVE-2017-1000369 Local Privilege Escalation Vulnerability
2430| [94947] Exim CVE-2016-9963 Unspecified Information Disclosure Vulnerability
2431| [84132] Exim CVE-2016-1531 Local Privilege Escalation Vulnerability
2432| [68857] Exim CVE-2014-2972 Local Privilege Escalation Vulnerability
2433| [67695] Exim 'dmarc.c' Remote Code Execution Vulnerability
2434| [60465] Exim for Dovecot 'use_shell' Remote Command Execution Vulnerability
2435| [56285] Exim DKIM DNS Decoding CVE-2012-5671 Remote Buffer Overflow Vulnerability
2436| [47836] Exim DKIM CVE-2011-1407 Remote Code Execution Vulnerability
2437| [47736] Exim 'dkim_exim_verify_finish()' Remote Format String Vulnerability
2438| [46065] Exim 'log.c' Local Privilege Escalation Vulnerability
2439| [45341] Exim ALT_CONFIG_ROOT_ONLY 'exim' User Local Privilege Escalation Vulnerability
2440| [45308] Exim Crafted Header Remote Code Execution Vulnerability
2441| [40454] Exim MBX Locking Insecure Temporary File Creation Vulnerability
2442| [40451] Exim Sticky Mail Directory Local Privilege Escalation Vulnerability
2443| [36181] ikiwiki 'teximg' Plugin Insecure TeX Commands Information Disclosure Vulnerability
2444| [23977] Exim SpamAssassin Reply Remote Buffer Overflow Vulnerability
2445| [17110] sa-exim Unauthorized File Access Vulnerability
2446| [12268] Exim IP Address Command Line Argument Local Buffer Overflow Vulnerability
2447| [12188] Exim SPA Authentication Remote Buffer Overflow Vulnerability
2448| [12185] Exim Illegal IPv6 Address Buffer Overflow Vulnerability
2449| [10291] Exim Header Syntax Checking Remote Stack Buffer Overrun Vulnerability
2450| [10290] Exim Sender Verification Remote Stack Buffer Overrun Vulnerability
2451| [8518] Exim EHLO/HELO Remote Heap Corruption Vulnerability
2452| [6314] Exim Internet Mailer Format String Vulnerability
2453| [4096] Exim Configuration File Argument Command Line Buffer Overflow Vulnerability
2454| [3728] Exim Pipe Hostname Arbitrary Command Execution Vulnerability
2455| [2828] Exim Format String Vulnerability
2456| [1859] Exim Buffer Overflow Vulnerability
2457|
2458| IBM X-Force - https://exchange.xforce.ibmcloud.com:
2459| [84758] Exim sender_address parameter command execution
2460| [84015] Exim command execution
2461| [80186] Mozilla Firefox, Thunderbird, and SeaMonkey copyTexImage2D code execution
2462| [80184] Mozilla Firefox, Thunderbird, and SeaMonkey texImage2D calls code execution
2463| [79615] Exim dkim_exim_query_dns_txt() buffer overflow
2464| [75155] Mozilla Firefox, Thunderbird, and SeaMonkey texImage2D denial of service
2465| [67455] Exim DKIM processing code execution
2466| [67299] Exim dkim_exim_verify_finish() format string
2467| [65028] Exim open_log privilege escalation
2468| [63967] Exim config file privilege escalation
2469| [63960] Exim header buffer overflow
2470| [59043] Exim mail directory privilege escalation
2471| [59042] Exim MBX symlink
2472| [52922] ikiwiki teximg plugin information disclosure
2473| [34265] Exim spamd buffer overflow
2474| [25286] Sa-exim greylistclean.cron file deletion
2475| [22687] RHSA-2005:025 updates for exim not installed
2476| [18901] Exim dns_build_reverse buffer overflow
2477| [18764] Exim spa_base64_to_bits function buffer overflow
2478| [18763] Exim host_aton buffer overflow
2479| [16079] Exim require_verify buffer overflow
2480| [16077] Exim header_check_syntax buffer overflow
2481| [16075] Exim sender_verify buffer overflow
2482| [13067] Exim HELO or EHLO command heap overflow
2483| [10761] Exim daemon.c format string
2484| [8194] Exim configuration file -c command-line argument buffer overflow
2485| [7738] Exim allows attacker to hide commands in localhost names using pipes
2486| [6671] Exim "
2487| [1893] Exim MTA allows local users to gain root privileges
2488|
2489| Exploit-DB - https://www.exploit-db.com:
2490| [16925] Exim4 <= 4.69 - string_format Function Heap Buffer Overflow
2491| [15725] Exim 4.63 Remote Root Exploit
2492| [1009] Exim <= 4.41 dns_build_reverse Local Exploit
2493| [812] Exim <= 4.43 auth_spa_server() Remote PoC Exploit
2494| [796] Exim <= 4.42 Local Root Exploit
2495| [756] Exim <= 4.41 dns_build_reverse Local Exploit PoC
2496|
2497| OpenVAS (Nessus) - http://www.openvas.org:
2498| [100663] Exim < 4.72 RC2 Multiple Vulnerabilities
2499|
2500| SecurityTracker - https://www.securitytracker.com:
2501| [1025539] Exim DKIM Processing Flaw Lets Remote Users Execute Arbitrary Code
2502| [1025504] Exim DKIM Signature Format String Flaw Lets Remote Users Execute Arbitrary Code
2503| [1024859] Exim Configuration File Capability Lets Local Users Gain Elevated Privileges
2504| [1024858] Exim Buffer Overfow in string_format() Lets Remote Users Execute Arbitrary Code
2505| [1012904] Exim Buffer Overflow in dns_build_reverse() Lets Local Users Obtain Elevated Privileges
2506| [1012771] Exim Buffer Overflows in host_aton() and spa_base64_to_bits() May Let Local Users Gain Elevated Privileges
2507| [1010081] Exim Buffer Overflows in 'accept.c' and 'verify.c' Let Remote Users Execute Arbitrary Code
2508| [1007609] Exim Heap Overflow in 'smtp_in.c' May Allow Remote Arbitrary Code Execution
2509| [1005756] Exim Mail Server Format String Bug Lets Local Exim Administrators Execute Arbitrary Code With Root Privileges
2510| [1003547] Potential Bug in Exim Mail Server May Let Local Users Execute Code With Root Privileges
2511| [1003014] Exim Mail Server Pipe Address Validation Error May Let Remote Users Execute Arbitrary Code With Root Privileges in a Certain Configuration
2512| [1001694] Exim Mail Server May Allow Remote Users to Execute Arbitrary Code with Root-Level Privileges on the Server
2513|
2514| OSVDB - http://www.osvdb.org:
2515| [93004] Dovecot with Exim sender_address Parameter Remote Command Execution
2516| [87599] Mozilla Multiple Product copyTexImage2D Call Image Dimension Handling Memory Corruption
2517| [87581] Mozilla Multiple Product texImage2D Call Handling Memory Corruption
2518| [86616] Exim src/dkim.c dkim_exim_query_dns_txt() Function DNS Record Parsing Remote Overflow
2519| [81523] Mozilla Multiple Product WebGL texImage2D() Function JSVAL_TO_OBJECT Remote Code Execution
2520| [72642] Exim DKIM Identity Lookup Item Remote Code Execution
2521| [72156] Exim src/dkim.c dkim_exim_verify_finish() Function DKIM-Signature Header Format String
2522| [70696] Exim log.c open_log() Function Local Privilege Escalation
2523| [69860] Exim exim User Account Configuration File Directive Local Privilege Escalation
2524| [69685] Exim string_format Function Remote Overflow
2525| [65159] Exim transports/appendfile.c MBX Locking Race Condition Permission Modification
2526| [65158] Exim transports/appendfile.c Hardlink Handling Arbitrary File Overwrite
2527| [57575] teximg Plugin for ikiwiki TEX Command Arbitrary File Local Disclosure
2528| [23849] sa-exim greylistclean.cron Arbitrary File Deletion
2529| [13073] Oracle Database Server Advanced Queuing Component dbms_transform_eximp Unspecified Security Issue
2530| [12946] Exim -bh Command Line Option dns_build_reverse Function Local Overflow
2531| [12727] Exim SPA Authentication spa_base64_to_bits Function Remote Overflow
2532| [12726] Exim -be Command Line Option host_aton Function Local Overflow
2533| [10877] Exim smtp_in.c HELO/EHLO Remote Overflow
2534| [10360] Exim daemon.c pid_file_path Variable Manipulation Arbitrary Command Execution
2535| [10032] libXpm CreateXImage Function Integer Overflow
2536| [7160] Exim .forward :include: Option Privilege Escalation
2537| [6479] Vexim COOKIE Authentication Credential Disclosure
2538| [6478] Vexim Multiple Parameter SQL Injection
2539| [5930] Exim Parenthesis File Name Filter Bypass
2540| [5897] Exim header_syntax Function Remote Overflow
2541| [5896] Exim sender_verify Function Remote Overflow
2542| [5530] Exim Localhost Name Arbitrary Command Execution
2543| [5330] Exim Configuration File Variable Overflow
2544| [1855] Exim Batched SMTP Mail Header Format String
2545|_
2546587/tcp open smtp Exim smtpd 4.92
2547| vulscan: VulDB - https://vuldb.com:
2548| [141327] Exim up to 4.92.1 Backslash privilege escalation
2549| [138827] Exim up to 4.92 Expansion Code Execution
2550| [135932] Exim up to 4.92 privilege escalation
2551| [113048] Exim up to 4.90 SMTP Listener Message memory corruption
2552|
2553| MITRE CVE - https://cve.mitre.org:
2554| [CVE-2012-5671] Heap-based buffer overflow in the dkim_exim_query_dns_txt function in dkim.c in Exim 4.70 through 4.80, when DKIM support is enabled and acl_smtp_connect and acl_smtp_rcpt are not set to "warn control = dkim_disable_verify," allows remote attackers to execute arbitrary code via an email from a malicious DNS server.
2555| [CVE-2012-0478] The texImage2D implementation in the WebGL subsystem in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 does not properly restrict JSVAL_TO_OBJECT casts, which might allow remote attackers to execute arbitrary code via a crafted web page.
2556| [CVE-2011-1764] Format string vulnerability in the dkim_exim_verify_finish function in src/dkim.c in Exim before 4.76 might allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in data used in DKIM logging, as demonstrated by an identity field containing a % (percent) character.
2557| [CVE-2011-1407] The DKIM implementation in Exim 4.7x before 4.76 permits matching for DKIM identities to apply to lookup items, instead of only strings, which allows remote attackers to execute arbitrary code or access a filesystem via a crafted identity.
2558| [CVE-2011-0017] The open_log function in log.c in Exim 4.72 and earlier does not check the return value from (1) setuid or (2) setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack.
2559| [CVE-2010-4345] Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.
2560| [CVE-2010-4344] Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging.
2561| [CVE-2010-2024] transports/appendfile.c in Exim before 4.72, when MBX locking is enabled, allows local users to change permissions of arbitrary files or create arbitrary files, and cause a denial of service or possibly gain privileges, via a symlink attack on a lockfile in /tmp/.
2562| [CVE-2010-2023] transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the st_nlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user's file.
2563| [CVE-2006-1251] Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 allows remote attackers to delete arbitrary files via an email with a To field that contains a filename separated by whitespace, which is not quoted when greylistclean.cron provides the argument to the rm command.
2564| [CVE-2005-0022] Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow attackers to execute arbitrary code during SPA authentication.
2565| [CVE-2005-0021] Multiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via (1) an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the host_aton function, or (2) the -bh command line option or dnsdb PTR lookup, which triggers an overflow in the dns_build_reverse function.
2566| [CVE-2004-0400] Stack-based buffer overflow in Exim 4 before 4.33, when the headers_check_syntax option is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code during the header check.
2567| [CVE-2004-0399] Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code during sender verification.
2568| [CVE-2003-0743] Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 and Exim 4 (exim4) before 4.21 may allow remote attackers to execute arbitrary code via an invalid (1) HELO or (2) EHLO argument with a large number of spaces followed by a NULL character and a newline, which is not properly trimmed before the "(no argument given)" string is appended to the buffer.
2569| [CVE-2002-1381] Format string vulnerability in daemon.c for Exim 4.x through 4.10, and 3.x through 3.36, allows exim administrative users to execute arbitrary code by modifying the pid_file_path value.
2570|
2571| SecurityFocus - https://www.securityfocus.com/bid/:
2572| [103049] Exim 'base64d()' Function Buffer Overflow Vulnerability
2573| [99252] Exim CVE-2017-1000369 Local Privilege Escalation Vulnerability
2574| [94947] Exim CVE-2016-9963 Unspecified Information Disclosure Vulnerability
2575| [84132] Exim CVE-2016-1531 Local Privilege Escalation Vulnerability
2576| [68857] Exim CVE-2014-2972 Local Privilege Escalation Vulnerability
2577| [67695] Exim 'dmarc.c' Remote Code Execution Vulnerability
2578| [60465] Exim for Dovecot 'use_shell' Remote Command Execution Vulnerability
2579| [56285] Exim DKIM DNS Decoding CVE-2012-5671 Remote Buffer Overflow Vulnerability
2580| [47836] Exim DKIM CVE-2011-1407 Remote Code Execution Vulnerability
2581| [47736] Exim 'dkim_exim_verify_finish()' Remote Format String Vulnerability
2582| [46065] Exim 'log.c' Local Privilege Escalation Vulnerability
2583| [45341] Exim ALT_CONFIG_ROOT_ONLY 'exim' User Local Privilege Escalation Vulnerability
2584| [45308] Exim Crafted Header Remote Code Execution Vulnerability
2585| [40454] Exim MBX Locking Insecure Temporary File Creation Vulnerability
2586| [40451] Exim Sticky Mail Directory Local Privilege Escalation Vulnerability
2587| [36181] ikiwiki 'teximg' Plugin Insecure TeX Commands Information Disclosure Vulnerability
2588| [23977] Exim SpamAssassin Reply Remote Buffer Overflow Vulnerability
2589| [17110] sa-exim Unauthorized File Access Vulnerability
2590| [12268] Exim IP Address Command Line Argument Local Buffer Overflow Vulnerability
2591| [12188] Exim SPA Authentication Remote Buffer Overflow Vulnerability
2592| [12185] Exim Illegal IPv6 Address Buffer Overflow Vulnerability
2593| [10291] Exim Header Syntax Checking Remote Stack Buffer Overrun Vulnerability
2594| [10290] Exim Sender Verification Remote Stack Buffer Overrun Vulnerability
2595| [8518] Exim EHLO/HELO Remote Heap Corruption Vulnerability
2596| [6314] Exim Internet Mailer Format String Vulnerability
2597| [4096] Exim Configuration File Argument Command Line Buffer Overflow Vulnerability
2598| [3728] Exim Pipe Hostname Arbitrary Command Execution Vulnerability
2599| [2828] Exim Format String Vulnerability
2600| [1859] Exim Buffer Overflow Vulnerability
2601|
2602| IBM X-Force - https://exchange.xforce.ibmcloud.com:
2603| [84758] Exim sender_address parameter command execution
2604| [84015] Exim command execution
2605| [80186] Mozilla Firefox, Thunderbird, and SeaMonkey copyTexImage2D code execution
2606| [80184] Mozilla Firefox, Thunderbird, and SeaMonkey texImage2D calls code execution
2607| [79615] Exim dkim_exim_query_dns_txt() buffer overflow
2608| [75155] Mozilla Firefox, Thunderbird, and SeaMonkey texImage2D denial of service
2609| [67455] Exim DKIM processing code execution
2610| [67299] Exim dkim_exim_verify_finish() format string
2611| [65028] Exim open_log privilege escalation
2612| [63967] Exim config file privilege escalation
2613| [63960] Exim header buffer overflow
2614| [59043] Exim mail directory privilege escalation
2615| [59042] Exim MBX symlink
2616| [52922] ikiwiki teximg plugin information disclosure
2617| [34265] Exim spamd buffer overflow
2618| [25286] Sa-exim greylistclean.cron file deletion
2619| [22687] RHSA-2005:025 updates for exim not installed
2620| [18901] Exim dns_build_reverse buffer overflow
2621| [18764] Exim spa_base64_to_bits function buffer overflow
2622| [18763] Exim host_aton buffer overflow
2623| [16079] Exim require_verify buffer overflow
2624| [16077] Exim header_check_syntax buffer overflow
2625| [16075] Exim sender_verify buffer overflow
2626| [13067] Exim HELO or EHLO command heap overflow
2627| [10761] Exim daemon.c format string
2628| [8194] Exim configuration file -c command-line argument buffer overflow
2629| [7738] Exim allows attacker to hide commands in localhost names using pipes
2630| [6671] Exim "
2631| [1893] Exim MTA allows local users to gain root privileges
2632|
2633| Exploit-DB - https://www.exploit-db.com:
2634| [16925] Exim4 <= 4.69 - string_format Function Heap Buffer Overflow
2635| [15725] Exim 4.63 Remote Root Exploit
2636| [1009] Exim <= 4.41 dns_build_reverse Local Exploit
2637| [812] Exim <= 4.43 auth_spa_server() Remote PoC Exploit
2638| [796] Exim <= 4.42 Local Root Exploit
2639| [756] Exim <= 4.41 dns_build_reverse Local Exploit PoC
2640|
2641| OpenVAS (Nessus) - http://www.openvas.org:
2642| [100663] Exim < 4.72 RC2 Multiple Vulnerabilities
2643|
2644| SecurityTracker - https://www.securitytracker.com:
2645| [1025539] Exim DKIM Processing Flaw Lets Remote Users Execute Arbitrary Code
2646| [1025504] Exim DKIM Signature Format String Flaw Lets Remote Users Execute Arbitrary Code
2647| [1024859] Exim Configuration File Capability Lets Local Users Gain Elevated Privileges
2648| [1024858] Exim Buffer Overfow in string_format() Lets Remote Users Execute Arbitrary Code
2649| [1012904] Exim Buffer Overflow in dns_build_reverse() Lets Local Users Obtain Elevated Privileges
2650| [1012771] Exim Buffer Overflows in host_aton() and spa_base64_to_bits() May Let Local Users Gain Elevated Privileges
2651| [1010081] Exim Buffer Overflows in 'accept.c' and 'verify.c' Let Remote Users Execute Arbitrary Code
2652| [1007609] Exim Heap Overflow in 'smtp_in.c' May Allow Remote Arbitrary Code Execution
2653| [1005756] Exim Mail Server Format String Bug Lets Local Exim Administrators Execute Arbitrary Code With Root Privileges
2654| [1003547] Potential Bug in Exim Mail Server May Let Local Users Execute Code With Root Privileges
2655| [1003014] Exim Mail Server Pipe Address Validation Error May Let Remote Users Execute Arbitrary Code With Root Privileges in a Certain Configuration
2656| [1001694] Exim Mail Server May Allow Remote Users to Execute Arbitrary Code with Root-Level Privileges on the Server
2657|
2658| OSVDB - http://www.osvdb.org:
2659| [93004] Dovecot with Exim sender_address Parameter Remote Command Execution
2660| [87599] Mozilla Multiple Product copyTexImage2D Call Image Dimension Handling Memory Corruption
2661| [87581] Mozilla Multiple Product texImage2D Call Handling Memory Corruption
2662| [86616] Exim src/dkim.c dkim_exim_query_dns_txt() Function DNS Record Parsing Remote Overflow
2663| [81523] Mozilla Multiple Product WebGL texImage2D() Function JSVAL_TO_OBJECT Remote Code Execution
2664| [72642] Exim DKIM Identity Lookup Item Remote Code Execution
2665| [72156] Exim src/dkim.c dkim_exim_verify_finish() Function DKIM-Signature Header Format String
2666| [70696] Exim log.c open_log() Function Local Privilege Escalation
2667| [69860] Exim exim User Account Configuration File Directive Local Privilege Escalation
2668| [69685] Exim string_format Function Remote Overflow
2669| [65159] Exim transports/appendfile.c MBX Locking Race Condition Permission Modification
2670| [65158] Exim transports/appendfile.c Hardlink Handling Arbitrary File Overwrite
2671| [57575] teximg Plugin for ikiwiki TEX Command Arbitrary File Local Disclosure
2672| [23849] sa-exim greylistclean.cron Arbitrary File Deletion
2673| [13073] Oracle Database Server Advanced Queuing Component dbms_transform_eximp Unspecified Security Issue
2674| [12946] Exim -bh Command Line Option dns_build_reverse Function Local Overflow
2675| [12727] Exim SPA Authentication spa_base64_to_bits Function Remote Overflow
2676| [12726] Exim -be Command Line Option host_aton Function Local Overflow
2677| [10877] Exim smtp_in.c HELO/EHLO Remote Overflow
2678| [10360] Exim daemon.c pid_file_path Variable Manipulation Arbitrary Command Execution
2679| [10032] libXpm CreateXImage Function Integer Overflow
2680| [7160] Exim .forward :include: Option Privilege Escalation
2681| [6479] Vexim COOKIE Authentication Credential Disclosure
2682| [6478] Vexim Multiple Parameter SQL Injection
2683| [5930] Exim Parenthesis File Name Filter Bypass
2684| [5897] Exim header_syntax Function Remote Overflow
2685| [5896] Exim sender_verify Function Remote Overflow
2686| [5530] Exim Localhost Name Arbitrary Command Execution
2687| [5330] Exim Configuration File Variable Overflow
2688| [1855] Exim Batched SMTP Mail Header Format String
2689|_
2690993/tcp open ssl/imaps?
2691995/tcp open ssl/pop3s?
2692Service Info: Host: farsi.shahamat.info; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:6
2693#######################################################################################################################################
2694[+] URL: http://alemarahenglish.com/
2695[+] Started: Tue Dec 3 16:41:31 2019
2696
2697Interesting Finding(s):
2698
2699[+] http://alemarahenglish.com/
2700 | Interesting Entries:
2701 | - Server: Apache
2702 | - X-Powered-By: PHP/5.5.38
2703 | Found By: Headers (Passive Detection)
2704 | Confidence: 100%
2705
2706[+] http://alemarahenglish.com/xmlrpc.php
2707 | Found By: Link Tag (Passive Detection)
2708 | Confidence: 100%
2709 | Confirmed By: Direct Access (Aggressive Detection), 100% confidence
2710 | References:
2711 | - http://codex.wordpress.org/XML-RPC_Pingback_API
2712 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
2713 | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
2714 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
2715 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
2716
2717[+] http://alemarahenglish.com/readme.html
2718 | Found By: Direct Access (Aggressive Detection)
2719 | Confidence: 100%
2720
2721[+] Upload directory has listing enabled: http://alemarahenglish.com/wp-content/uploads/
2722 | Found By: Direct Access (Aggressive Detection)
2723 | Confidence: 100%
2724
2725[+] http://alemarahenglish.com/wp-cron.php
2726 | Found By: Direct Access (Aggressive Detection)
2727 | Confidence: 60%
2728 | References:
2729 | - https://www.iplocation.net/defend-wordpress-from-ddos
2730 | - https://github.com/wpscanteam/wpscan/issues/1299
2731
2732[+] WordPress version 5.1.3 identified (Latest, released on 2019-10-14).
2733 | Found By: Rss Generator (Passive Detection)
2734 | - http://alemarahenglish.com/?feed=rss2, <generator>https://wordpress.org/?v=5.1.3</generator>
2735 | - http://alemarahenglish.com/?feed=comments-rss2, <generator>https://wordpress.org/?v=5.1.3</generator>
2736
2737[+] WordPress theme in use: multinews
2738 | Location: http://alemarahenglish.com/wp-content/themes/multinews/
2739 | Style URL: http://alemarahenglish.com/wp-content/themes/multinews/style.css?ver=5.1.3
2740 | Style Name: Multi News | Shared By Themes24x7.com
2741 | Style URI: http://www.momizat.com
2742 | Description: <strong>A responsive News/magazine theme</strong> - built on unlimited concept...
2743 | Author: Momizat
2744 | Author URI: http://www.momizat.com
2745 |
2746 | Found By: Css Style In Homepage (Passive Detection)
2747 |
2748 | Version: 2.5.5.2 (80% confidence)
2749 | Found By: Style (Passive Detection)
2750 | - http://alemarahenglish.com/wp-content/themes/multinews/style.css?ver=5.1.3, Match: 'Version: 2.5.5.2'
2751
2752[+] Enumerating All Plugins (via Passive Methods)
2753[+] Checking Plugin Versions (via Passive and Aggressive Methods)
2754
2755[i] Plugin(s) Identified:
2756
2757[+] all_in_one_bannerRotator
2758 | Location: http://alemarahenglish.com/wp-content/plugins/all_in_one_bannerRotator/
2759 |
2760 | Found By: Urls In Homepage (Passive Detection)
2761 |
2762 | The version could not be determined.
2763
2764[+] all_in_one_bannerWithPlaylist
2765 | Location: http://alemarahenglish.com/wp-content/plugins/all_in_one_bannerWithPlaylist/
2766 |
2767 | Found By: Urls In Homepage (Passive Detection)
2768 |
2769 | The version could not be determined.
2770
2771[+] all_in_one_carousel
2772 | Location: http://alemarahenglish.com/wp-content/plugins/all_in_one_carousel/
2773 |
2774 | Found By: Urls In Homepage (Passive Detection)
2775 |
2776 | The version could not be determined.
2777
2778[+] all_in_one_contentSlider
2779 | Location: http://alemarahenglish.com/wp-content/plugins/all_in_one_contentSlider/
2780 |
2781 | Found By: Urls In Homepage (Passive Detection)
2782 |
2783 | The version could not be determined.
2784
2785[+] all_in_one_thumbnailsBanner
2786 | Location: http://alemarahenglish.com/wp-content/plugins/all_in_one_thumbnailsBanner/
2787 |
2788 | Found By: Urls In Homepage (Passive Detection)
2789 |
2790 | The version could not be determined.
2791
2792[+] contact-form-7
2793 | Location: http://alemarahenglish.com/wp-content/plugins/contact-form-7/
2794 | Last Updated: 2019-11-12T17:37:00.000Z
2795 | [!] The version is out of date, the latest version is 5.1.5
2796 |
2797 | Found By: Urls In Homepage (Passive Detection)
2798 |
2799 | Version: 5.1.4 (100% confidence)
2800 | Found By: Query Parameter (Passive Detection)
2801 | - http://alemarahenglish.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.4
2802 | - http://alemarahenglish.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.4
2803 | Confirmed By:
2804 | Readme - Stable Tag (Aggressive Detection)
2805 | - http://alemarahenglish.com/wp-content/plugins/contact-form-7/readme.txt
2806 | Readme - ChangeLog Section (Aggressive Detection)
2807 | - http://alemarahenglish.com/wp-content/plugins/contact-form-7/readme.txt
2808
2809[+] Elite-video-player
2810 | Location: http://alemarahenglish.com/wp-content/plugins/Elite-video-player/
2811 |
2812 | Found By: Urls In Homepage (Passive Detection)
2813 |
2814 | The version could not be determined.
2815
2816[+] geodirectory-multinews
2817 | Location: http://alemarahenglish.com/wp-content/plugins/geodirectory-multinews/
2818 |
2819 | Found By: Urls In Homepage (Passive Detection)
2820 |
2821 | Version: 1.0.0 (100% confidence)
2822 | Found By: Readme - Stable Tag (Aggressive Detection)
2823 | - http://alemarahenglish.com/wp-content/plugins/geodirectory-multinews/readme.txt
2824 | Confirmed By: Readme - ChangeLog Section (Aggressive Detection)
2825 | - http://alemarahenglish.com/wp-content/plugins/geodirectory-multinews/readme.txt
2826
2827[+] js_composer
2828 | Location: http://alemarahenglish.com/wp-content/plugins/js_composer/
2829 |
2830 | Found By: Urls In Homepage (Passive Detection)
2831 | Confirmed By: Body Tag (Passive Detection)
2832 |
2833 | Version: 5.6 (80% confidence)
2834 | Found By: Body Tag (Passive Detection)
2835 | - http://alemarahenglish.com/, Match: 'js-comp-ver-5.6'
2836 | Confirmed By: Query Parameter (Passive Detection)
2837 | - http://alemarahenglish.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.6
2838 | - http://alemarahenglish.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.6
2839
2840[+] LayerSlider
2841 | Location: http://alemarahenglish.com/wp-content/plugins/LayerSlider/
2842 |
2843 | Found By: Urls In Homepage (Passive Detection)
2844 | Confirmed By: Meta Generator (Passive Detection)
2845 |
2846 | Version: 6.7.6 (90% confidence)
2847 | Found By: Query Parameter (Passive Detection)
2848 | - http://alemarahenglish.com/wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css?ver=6.7.6
2849 | - http://alemarahenglish.com/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.7.6
2850 | - http://alemarahenglish.com/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions.js?ver=6.7.6
2851 | Confirmed By: Meta Generator (Passive Detection)
2852 | - http://alemarahenglish.com/, Match: 'Powered by LayerSlider 6.7.6 -'
2853
2854[+] recent-posts-widget-with-thumbnails
2855 | Location: http://alemarahenglish.com/wp-content/plugins/recent-posts-widget-with-thumbnails/
2856 | Last Updated: 2019-11-18T23:41:00.000Z
2857 | [!] The version is out of date, the latest version is 6.6.1
2858 |
2859 | Found By: Urls In Homepage (Passive Detection)
2860 |
2861 | Version: 6.5.1 (100% confidence)
2862 | Found By: Readme - Stable Tag (Aggressive Detection)
2863 | - http://alemarahenglish.com/wp-content/plugins/recent-posts-widget-with-thumbnails/README.txt
2864 | Confirmed By: Readme - ChangeLog Section (Aggressive Detection)
2865 | - http://alemarahenglish.com/wp-content/plugins/recent-posts-widget-with-thumbnails/README.txt
2866
2867[+] recents-post-widget-extended
2868 | Location: http://alemarahenglish.com/wp-content/plugins/recents-post-widget-extended/
2869 |
2870 | Found By: Comment (Passive Detection)
2871 |
2872 | The version could not be determined.
2873
2874[+] revslider
2875 | Location: http://alemarahenglish.com/wp-content/plugins/revslider/
2876 |
2877 | Found By: Urls In Homepage (Passive Detection)
2878 | Confirmed By: Meta Generator (Passive Detection)
2879 |
2880 | Version: 5.4.8.1 (100% confidence)
2881 | Found By: Meta Generator (Passive Detection)
2882 | - http://alemarahenglish.com/, Match: 'Powered by Slider Revolution 5.4.8.1'
2883 | Confirmed By:
2884 | Query Parameter (Passive Detection)
2885 | - http://alemarahenglish.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.1
2886 | - http://alemarahenglish.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.1
2887 | - http://alemarahenglish.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8.1
2888 | Release Log (Aggressive Detection)
2889 | - http://alemarahenglish.com/wp-content/plugins/revslider/release_log.html, Match: 'Version 5.4.8.1 StarPath (5th December 2018)'
2890
2891[+] Enumerating Config Backups (via Passive and Aggressive Methods)
2892 Checking Config Backups - Time: 00:00:01 <=============> (21 / 21) 100.00% Time: 00:00:01
2893
2894[i] No Config Backups Found.
2895
2896[!] No WPVulnDB API Token given, as a result vulnerability data has not been output.
2897[!] You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up.
2898
2899[+] Finished: Tue Dec 3 16:42:05 2019
2900[+] Requests Done: 113
2901[+] Cached Requests: 5
2902[+] Data Sent: 28.321 KB
2903[+] Data Received: 521.669 KB
2904[+] Memory used: 142.485 MB
2905[+] Elapsed time: 00:00:34
2906#######################################################################################################################################
2907[+] URL: http://alemarahenglish.com/
2908[+] Started: Tue Dec 3 16:41:36 2019
2909
2910Interesting Finding(s):
2911
2912[+] http://alemarahenglish.com/
2913 | Interesting Entries:
2914 | - Server: Apache
2915 | - X-Powered-By: PHP/5.5.38
2916 | Found By: Headers (Passive Detection)
2917 | Confidence: 100%
2918
2919[+] http://alemarahenglish.com/xmlrpc.php
2920 | Found By: Link Tag (Passive Detection)
2921 | Confidence: 100%
2922 | Confirmed By: Direct Access (Aggressive Detection), 100% confidence
2923 | References:
2924 | - http://codex.wordpress.org/XML-RPC_Pingback_API
2925 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
2926 | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
2927 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
2928 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
2929
2930[+] http://alemarahenglish.com/readme.html
2931 | Found By: Direct Access (Aggressive Detection)
2932 | Confidence: 100%
2933
2934[+] Upload directory has listing enabled: http://alemarahenglish.com/wp-content/uploads/
2935 | Found By: Direct Access (Aggressive Detection)
2936 | Confidence: 100%
2937
2938[+] http://alemarahenglish.com/wp-cron.php
2939 | Found By: Direct Access (Aggressive Detection)
2940 | Confidence: 60%
2941 | References:
2942 | - https://www.iplocation.net/defend-wordpress-from-ddos
2943 | - https://github.com/wpscanteam/wpscan/issues/1299
2944
2945[+] WordPress version 5.1.3 identified (Latest, released on 2019-10-14).
2946 | Found By: Rss Generator (Passive Detection)
2947 | - http://alemarahenglish.com/?feed=rss2, <generator>https://wordpress.org/?v=5.1.3</generator>
2948 | - http://alemarahenglish.com/?feed=comments-rss2, <generator>https://wordpress.org/?v=5.1.3</generator>
2949
2950[+] WordPress theme in use: multinews
2951 | Location: http://alemarahenglish.com/wp-content/themes/multinews/
2952 | Style URL: http://alemarahenglish.com/wp-content/themes/multinews/style.css?ver=5.1.3
2953 | Style Name: Multi News | Shared By Themes24x7.com
2954 | Style URI: http://www.momizat.com
2955 | Description: <strong>A responsive News/magazine theme</strong> - built on unlimited concept...
2956 | Author: Momizat
2957 | Author URI: http://www.momizat.com
2958 |
2959 | Found By: Css Style In Homepage (Passive Detection)
2960 |
2961 | Version: 2.5.5.2 (80% confidence)
2962 | Found By: Style (Passive Detection)
2963 | - http://alemarahenglish.com/wp-content/themes/multinews/style.css?ver=5.1.3, Match: 'Version: 2.5.5.2'
2964
2965[+] Enumerating Users (via Passive and Aggressive Methods)
2966 Brute Forcing Author IDs - Time: 00:00:12 <==> (10 / 10) 100.00% Time: 00:00:12
2967
2968[i] User(s) Identified:
2969
2970[+] zahir khan
2971 | Found By: Rss Generator (Passive Detection)
2972
2973[+] abdulqahar balkhi
2974 | Found By: Rss Generator (Passive Detection)
2975 | Confirmed By: Login Error Messages (Aggressive Detection)
2976
2977[+] englishkhan
2978 | Found By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
2979 | Confirmed By: Login Error Messages (Aggressive Detection)
2980
2981[+] abdulqahar-balkhi
2982 | Found By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
2983
2984[+] zahirkhan
2985 | Found By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
2986 | Confirmed By: Login Error Messages (Aggressive Detection)
2987
2988[+] farhad
2989 | Found By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
2990 | Confirmed By: Login Error Messages (Aggressive Detection)
2991
2992[!] No WPVulnDB API Token given, as a result vulnerability data has not been output.
2993[!] You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up.
2994
2995[+] Finished: Tue Dec 3 16:42:11 2019
2996[+] Requests Done: 43
2997[+] Cached Requests: 25
2998[+] Data Sent: 10.888 KB
2999[+] Data Received: 604.138 KB
3000[+] Memory used: 123.7 MB
3001[+] Elapsed time: 00:00:34
3002#######################################################################################################################################
3003[+] URL: http://alemarahenglish.com/
3004[+] Started: Tue Dec 3 16:47:04 2019
3005
3006Interesting Finding(s):
3007
3008[+] http://alemarahenglish.com/
3009 | Interesting Entries:
3010 | - Server: Apache
3011 | - X-Powered-By: PHP/5.5.38
3012 | Found By: Headers (Passive Detection)
3013 | Confidence: 100%
3014
3015[+] http://alemarahenglish.com/xmlrpc.php
3016 | Found By: Link Tag (Passive Detection)
3017 | Confidence: 100%
3018 | Confirmed By: Direct Access (Aggressive Detection), 100% confidence
3019 | References:
3020 | - http://codex.wordpress.org/XML-RPC_Pingback_API
3021 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
3022 | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
3023 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
3024 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
3025
3026[+] http://alemarahenglish.com/readme.html
3027 | Found By: Direct Access (Aggressive Detection)
3028 | Confidence: 100%
3029
3030[+] Upload directory has listing enabled: http://alemarahenglish.com/wp-content/uploads/
3031 | Found By: Direct Access (Aggressive Detection)
3032 | Confidence: 100%
3033
3034[+] http://alemarahenglish.com/wp-cron.php
3035 | Found By: Direct Access (Aggressive Detection)
3036 | Confidence: 60%
3037 | References:
3038 | - https://www.iplocation.net/defend-wordpress-from-ddos
3039 | - https://github.com/wpscanteam/wpscan/issues/1299
3040
3041[+] WordPress version 5.1.3 identified (Latest, released on 2019-10-14).
3042 | Found By: Rss Generator (Passive Detection)
3043 | - http://alemarahenglish.com/?feed=rss2, <generator>https://wordpress.org/?v=5.1.3</generator>
3044 | - http://alemarahenglish.com/?feed=comments-rss2, <generator>https://wordpress.org/?v=5.1.3</generator>
3045
3046[+] WordPress theme in use: multinews
3047 | Location: http://alemarahenglish.com/wp-content/themes/multinews/
3048 | Style URL: http://alemarahenglish.com/wp-content/themes/multinews/style.css?ver=5.1.3
3049 | Style Name: Multi News | Shared By Themes24x7.com
3050 | Style URI: http://www.momizat.com
3051 | Description: <strong>A responsive News/magazine theme</strong> - built on unlimited concept...
3052 | Author: Momizat
3053 | Author URI: http://www.momizat.com
3054 |
3055 | Found By: Css Style In Homepage (Passive Detection)
3056 |
3057 | Version: 2.5.5.2 (80% confidence)
3058 | Found By: Style (Passive Detection)
3059 | - http://alemarahenglish.com/wp-content/themes/multinews/style.css?ver=5.1.3, Match: 'Version: 2.5.5.2'
3060
3061[+] Enumerating Users (via Passive and Aggressive Methods)
3062 Brute Forcing Author IDs - Time: 00:00:02 <============> (10 / 10) 100.00% Time: 00:00:02
3063
3064[i] User(s) Identified:
3065
3066[+] zahir khan
3067 | Found By: Rss Generator (Passive Detection)
3068
3069[+] abdulqahar balkhi
3070 | Found By: Rss Generator (Passive Detection)
3071 | Confirmed By: Login Error Messages (Aggressive Detection)
3072
3073[+] abdulqahar-balkhi
3074 | Found By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
3075
3076[+] englishkhan
3077 | Found By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
3078 | Confirmed By: Login Error Messages (Aggressive Detection)
3079
3080[+] zahirkhan
3081 | Found By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
3082 | Confirmed By: Login Error Messages (Aggressive Detection)
3083
3084[+] farhad
3085 | Found By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
3086 | Confirmed By: Login Error Messages (Aggressive Detection)
3087
3088[!] No WPVulnDB API Token given, as a result vulnerability data has not been output.
3089[!] You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up.
3090
3091[+] Finished: Tue Dec 3 16:47:21 2019
3092[+] Requests Done: 19
3093[+] Cached Requests: 49
3094[+] Data Sent: 4.965 KB
3095[+] Data Received: 59.296 KB
3096[+] Memory used: 124.298 MB
3097[+] Elapsed time: 00:00:16
3098#######################################################################################################################################
3099[INFO] ------TARGET info------
3100[*] TARGET: http://alemarahenglish.com/
3101[*] TARGET IP: 93.113.37.250
3102[INFO] NO load balancer detected for alemarahenglish.com...
3103[*] DNS servers: ns1.afraid.org.
3104[*] TARGET server: Apache
3105[*] CC: RO
3106[*] Country: Romania
3107[*] RegionCode: IF
3108[*] RegionName: Ilfov
3109[*] City: Chiajna
3110[*] ASN: AS41011
3111[*] BGP_PREFIX: 93.113.37.0/24
3112[*] ISP: CH-NET-AS CH-NET S.R.L., RO
3113[INFO] DNS enumeration:
3114[INFO] Possible abuse mails are:
3115[*] abuse@alemarahenglish.com
3116[*] abuse@ch-center.com
3117[INFO] NO PAC (Proxy Auto Configuration) file FOUND
3118[INFO] Starting FUZZing in http://alemarahenglish.com/FUzZzZzZzZz...
3119[INFO] Status code Folders
3120[ALERT] Look in the source code. It may contain passwords
3121[ALERT] Content in http://alemarahenglish.com/ AND http://www.alemarahenglish.com/ is different
3122[INFO] MD5 for http://alemarahenglish.com/ is: c5121bab2d82b3d56dcd6acf9a96353b
3123[INFO] MD5 for http://www.alemarahenglish.com/ is: 1e1116b28fb3bf04685d2e884601a7dc
3124[INFO] http://alemarahenglish.com/ redirects to http://alemarahenglish.com/
3125[INFO] http://www.alemarahenglish.com/ redirects to http://alemarahenglish.com/
3126[INFO] Links found from http://alemarahenglish.com/ http://93.113.37.250/:
3127[*] http://93.113.37.250/cgi-sys/defaultwebpage.cgi
3128[*] http://alemaraharabi.com/
3129[*] http://alemarahdari.com/
3130[*] http://alemarahenglish.com/
3131[*] http://alemarahenglish.com/?cat=10
3132[*] http://alemarahenglish.com/?cat=18
3133[*] http://alemarahenglish.com/?cat=19
3134[*] http://alemarahenglish.com/?cat=2
3135[*] http://alemarahenglish.com/?cat=3
3136[*] http://alemarahenglish.com/?cat=7
3137[*] http://alemarahenglish.com/?cat=8
3138[*] http://alemarahenglish.com/?cat=9
3139[*] http://alemarahenglish.com/?feed=comments-rss2
3140[*] http://alemarahenglish.com/?feed=rss2
3141[*] http://alemarahenglish.com/index.php?rest_route=/oembed/1.0/embed&url=http://alemarahenglish.com/
3142[*] http://alemarahenglish.com/index.php?rest_route=/oembed/1.0/embed&url=http://alemarahenglish.com/&format=xml
3143[*] http://alemarahenglish.com/?m=201911
3144[*] http://alemarahenglish.com/?m=20191201
3145[*] http://alemarahenglish.com/?m=20191202
3146[*] http://alemarahenglish.com/?m=20191203
3147[*] http://alemarahenglish.com/?p=52430
3148[*] http://alemarahenglish.com/?p=52601
3149[*] http://alemarahenglish.com/?p=53058
3150[*] http://alemarahenglish.com/?p=53514
3151[*] http://alemarahenglish.com/?p=54105
3152[*] http://alemarahenglish.com/?p=54380
3153[*] http://alemarahenglish.com/?p=54425
3154[*] http://alemarahenglish.com/?p=54428
3155[*] http://alemarahenglish.com/?p=54735
3156[*] http://alemarahenglish.com/?p=54777
3157[*] http://alemarahenglish.com/?p=54796
3158[*] http://alemarahenglish.com/?p=54866
3159[*] http://alemarahenglish.com/?p=54897
3160[*] http://alemarahenglish.com/?p=54959
3161[*] http://alemarahenglish.com/?p=55038
3162[*] http://alemarahenglish.com/?p=55062
3163[*] http://alemarahenglish.com/?p=55066
3164[*] http://alemarahenglish.com/?p=55072
3165[*] http://alemarahenglish.com/?p=55130
3166[*] http://alemarahenglish.com/?p=55144
3167[*] http://alemarahenglish.com/?p=55207
3168[*] http://alemarahenglish.com/?p=55347
3169[*] http://alemarahenglish.com/?p=55350
3170[*] http://alemarahenglish.com/?p=55383
3171[*] http://alemarahenglish.com/?p=55429
3172[*] http://alemarahenglish.com/?p=55460
3173[*] http://alemarahenglish.com/?p=55485
3174[*] http://alemarahenglish.com/?p=55486
3175[*] http://alemarahenglish.com/?p=55499
3176[*] http://alemarahenglish.com/?p=55502
3177[*] http://alemarahenglish.com/?p=55505
3178[*] http://alemarahenglish.com/?p=55547
3179[*] http://alemarahenglish.com/?p=55586
3180[*] http://alemarahenglish.com/?p=55593
3181[*] http://alemarahenglish.com/?p=55596
3182[*] http://alemarahenglish.com/?p=55599
3183[*] http://alemarahenglish.com/?p=55609
3184[*] http://alemarahenglish.com/?p=55611
3185[*] http://alemarahenglish.com/?p=55613
3186[*] http://alemarahenglish.com/?p=55615
3187[*] http://alemarahenglish.com/?p=55617
3188[*] http://alemarahenglish.com/?p=55619
3189[*] http://alemarahenglish.com/?p=55621
3190[*] http://alemarahenglish.com/?p=55624
3191[*] http://alemarahenglish.com/?p=55627
3192[*] http://alemarahenglish.com/?p=55629
3193[*] http://alemarahenglish.com/?p=55631
3194[*] http://alemarahenglish.com/?p=55633
3195[*] http://alemarahenglish.com/?p=55635
3196[*] http://alemarahenglish.com/?p=55640
3197[*] http://alemarahenglish.com/?p=55642
3198[*] http://alemarahenglish.com/?p=55644
3199[*] http://alemarahenglish.com/?p=55646
3200[*] http://alemarahenglish.com/?p=55648
3201[*] http://alemarahenglish.com/?p=55650
3202[*] http://alemarahenglish.com/?p=55652
3203[*] http://alemarahenglish.com/wp-content/uploads/2019/03/Agriculture-1-660x750.jpg
3204[*] http://alemarahenglish.com/wp-content/uploads/2019/03/Commission-660x750.jpg
3205[*] http://alemarahenglish.com/wp-content/uploads/2019/03/Electric-660x750.jpg
3206[*] http://alemarahenglish.com/wp-content/uploads/2019/03/Taleem-660x750.jpg
3207[*] http://alemarahenglish.com/wp-content/uploads/2019/03/ملکي-تلفاتEnglish2-660x750.jpg
3208[*] http://alemarahenglish.com/wp-content/uploads/2019/09/wwwe-660x750.jpg
3209[*] http://alemarahenglish.com/wp-login.php?action=lostpassword
3210[*] http://alemarahislam.com/
3211[*] http://alemarahurdu.net/
3212[*] http://mujali.net/
3213[*] http://shahamat1.com/
3214[*] https://twitter.com/QyAhmadi_1?ref_src=twsrc^tfw
3215[*] https://twitter.com/suhailshaheen1?ref_src=twsrc^tfw
3216[*] https://twitter.com/Zabehulah_M33?ref_src=twsrc^tfw
3217[*] http://taraani.com/
3218cut: intervalle de champ incorrecte
3219Saisissez « cut --help » pour plus d'informations.
3220[INFO] Shodan detected the following opened ports on 93.113.37.250:
3221[*] 1
3222[*] 11
3223[*] 110
3224[*] 143
3225[*] 2079
3226[*] 2082
3227[*] 2083
3228[*] 2086
3229[*] 2087
3230[*] 2095
3231[*] 2096
3232[*] 21
3233[*] 22
3234[*] 4
3235[*] 443
3236[*] 465
3237[*] 53
3238[*] 587
3239[*] 6
3240[*] 80
3241[*] 993
3242[*] 995
3243[INFO] ------VirusTotal SECTION------
3244[INFO] VirusTotal passive DNS only stores address records. The following domains resolved to the given IP address:
3245[INFO] Latest URLs hosted in this IP address detected by at least one URL scanner or malicious URL dataset:
3246[INFO] Latest files that are not detected by any antivirus solution and were downloaded by VirusTotal from the IP address provided:
3247[INFO] ------Alexa Rank SECTION------
3248[INFO] Percent of Visitors Rank in Country:
3249[INFO] Percent of Search Traffic:
3250[INFO] Percent of Unique Visits:
3251[INFO] Total Sites Linking In:
3252[*] Total Sites
3253[INFO] Useful links related to alemarahenglish.com - 93.113.37.250:
3254[*] https://www.virustotal.com/pt/ip-address/93.113.37.250/information/
3255[*] https://www.hybrid-analysis.com/search?host=93.113.37.250
3256[*] https://www.shodan.io/host/93.113.37.250
3257[*] https://www.senderbase.org/lookup/?search_string=93.113.37.250
3258[*] https://www.alienvault.com/open-threat-exchange/ip/93.113.37.250
3259[*] http://pastebin.com/search?q=93.113.37.250
3260[*] http://urlquery.net/search.php?q=93.113.37.250
3261[*] http://www.alexa.com/siteinfo/alemarahenglish.com
3262[*] http://www.google.com/safebrowsing/diagnostic?site=alemarahenglish.com
3263[*] https://censys.io/ipv4/93.113.37.250
3264[*] https://www.abuseipdb.com/check/93.113.37.250
3265[*] https://urlscan.io/search/#93.113.37.250
3266[*] https://github.com/search?q=93.113.37.250&type=Code
3267[INFO] Useful links related to AS41011 - 93.113.37.0/24:
3268[*] http://www.google.com/safebrowsing/diagnostic?site=AS:41011
3269[*] https://www.senderbase.org/lookup/?search_string=93.113.37.0/24
3270[*] http://bgp.he.net/AS41011
3271[*] https://stat.ripe.net/AS41011
3272[INFO] Date: 03/12/19 | Time: 16:49:17
3273[INFO] Total time: 1 minute(s) and 45 second(s)
3274#######################################################################################################################################
3275[-] Target: http://alemarahenglish.com (93.113.37.250)
3276[M] Website Not in HTTPS: http://alemarahenglish.com
3277[I] Server: Apache
3278[I] X-Powered-By: PHP/5.5.38
3279[L] X-Frame-Options: Not Enforced
3280[I] Strict-Transport-Security: Not Enforced
3281[I] X-Content-Security-Policy: Not Enforced
3282[I] X-Content-Type-Options: Not Enforced
3283[L] No Robots.txt Found
3284[I] CMS Detection: WordPress
3285[I] Wordpress Version: 5.1.3
3286[M] EDB-ID: 47557 "Wordpress 5.2.4 - Cross-Origin Resource Sharing"
3287[M] EDB-ID: 47361 "WordPress 5.2.3 - Cross-Site Host Modification"
3288[M] EDB-ID: 47690 "WordPress Core < 5.2.3 - Viewing Unauthenticated/Password/Private Posts"
3289[I] Wordpress Theme: multinews
3290[-] WordPress usernames identified:
3291[M] abdulqahar balkhi
3292[M] abdulqahar-balkhi
3293[M] englishkhan
3294[M] farahd khan
3295[M] farhad
3296[M] zahir khan
3297[M] zahirkhan
3298[M] XML-RPC services are enabled
3299[M] Website vulnerable to XML-RPC Brute Force Vulnerability
3300[I] Autocomplete Off Not Found: http://alemarahenglish.com/wp-login.php
3301[-] Default WordPress Files:
3302[I] http://alemarahenglish.com/license.txt
3303[I] http://alemarahenglish.com/readme.html
3304[I] http://alemarahenglish.com/wp-includes/ID3/license.commercial.txt
3305[I] http://alemarahenglish.com/wp-includes/ID3/license.txt
3306[I] http://alemarahenglish.com/wp-includes/ID3/readme.txt
3307[I] http://alemarahenglish.com/wp-includes/images/crystal/license.txt
3308[I] http://alemarahenglish.com/wp-includes/js/plupload/license.txt
3309[I] http://alemarahenglish.com/wp-includes/js/swfupload/license.txt
3310[I] http://alemarahenglish.com/wp-includes/js/tinymce/license.txt
3311[-] Searching Wordpress Plugins ...
3312[I] Elite-video-player
3313[I] LayerSlider
3314[I] all_in_one_bannerRotator
3315[I] all_in_one_bannerWithPlaylist
3316[I] all_in_one_carousel
3317[I] all_in_one_contentSlider
3318[I] all_in_one_thumbnailsBanner
3319[I] contact-form-7 v5.1.4
3320[I] geodirectory-multinews v1.0.0
3321[I] jetpack v7.7.1
3322[M] EDB-ID: 18126 "WordPress Plugin jetpack - 'sharedaddy.php' ID SQL Injection"
3323[I] js_composer
3324[I] recent-posts-widget-with-thumbnails
3325[I] revslider
3326[I] Checking for Directory Listing Enabled ...
3327[L] http://alemarahenglish.com/wp-admin/css
3328[L] http://alemarahenglish.com/wp-admin/images
3329[L] http://alemarahenglish.com/wp-admin/includes
3330[L] http://alemarahenglish.com/wp-admin/js
3331[L] http://alemarahenglish.com/wp-admin/maint
3332[L] http://alemarahenglish.com/wp-content/themes
3333[L] http://alemarahenglish.com/wp-includes
3334[L] http://alemarahenglish.com/wp-includes/ID3
3335[L] http://alemarahenglish.com/wp-includes/IXR
3336[L] http://alemarahenglish.com/wp-includes/Requests
3337[L] http://alemarahenglish.com/wp-includes/SimplePie
3338[L] http://alemarahenglish.com/wp-includes/Text
3339[L] http://alemarahenglish.com/wp-includes/blocks
3340[L] http://alemarahenglish.com/wp-includes/certificates
3341[L] http://alemarahenglish.com/wp-includes/css
3342[L] http://alemarahenglish.com/wp-includes/customize
3343[L] http://alemarahenglish.com/wp-includes/fonts
3344[L] http://alemarahenglish.com/wp-includes/images
3345[L] http://alemarahenglish.com/wp-includes/js
3346[L] http://alemarahenglish.com/wp-includes/pomo
3347[L] http://alemarahenglish.com/wp-includes/random_compat
3348[L] http://alemarahenglish.com/wp-includes/rest-api
3349[L] http://alemarahenglish.com/wp-includes/theme-compat
3350[L] http://alemarahenglish.com/wp-includes/widgets
3351[L] http://alemarahenglish.com/wp-content/plugins/Elite-video-player
3352[L] http://alemarahenglish.com/wp-content/plugins/all_in_one_bannerRotator
3353[L] http://alemarahenglish.com/wp-content/plugins/all_in_one_bannerWithPlaylist
3354[L] http://alemarahenglish.com/wp-content/plugins/all_in_one_carousel
3355[L] http://alemarahenglish.com/wp-content/plugins/all_in_one_contentSlider
3356[L] http://alemarahenglish.com/wp-content/plugins/all_in_one_thumbnailsBanner
3357[L] http://alemarahenglish.com/wp-content/plugins/contact-form-7
3358[L] http://alemarahenglish.com/wp-content/plugins/geodirectory-multinews
3359[L] http://alemarahenglish.com/wp-content/plugins/jetpack
3360[-] Date & Time: 03/12/2019 16:48:30
3361[-] Completed in: 0:06:51
3362#######################################################################################################################################
3363 Anonymous JTSEC #OpISIS Full Recon #23