result

Starting Nmap 7.94SVN ( https://nmap.
org ) at 2024-05-11 15:34 CDT

Stats: 0:04:52 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
NSE Timing: About 99.90% done; ETC: 15:39 (0:00:00 remaining)
Nmap scan report for 192.168.213.130 (192.168.213.130)
Host is up (0.0035s latency).
Not shown: 977 closed tcp ports (conn-refused)
PORT STATE SERVICE VERSION
21/tcp open ftp vsftpd 2.3.4
| vulners:
| cpe:/a:vsftpd:vsftpd:2.3.4:
| PRION:CVE-2011-2523 10.0 https://vulners.com/prion/PRION:CVE-2011-
2523
| EDB-ID:49757 10.0 https://vulners.com/exploitdb/EDB-ID:49757
*EXPLOIT*
|_ 1337DAY-ID-36095 10.0 https://vulners.com/zdt/1337DAY-ID-36095
*EXPLOIT*
| ftp-vsftpd-backdoor:
| VULNERABLE:
| vsFTPd version 2.3.4 backdoor
| State: VULNERABLE (Exploitable)
| IDs: CVE:CVE-2011-2523 BID:48539
| vsFTPd version 2.3.4 backdoor, this was reported on 2011-07-04.
| Disclosure date: 2011-07-03
| Exploit results:
| Shell command: id
| Results: uid=0(root) gid=0(root)
| References:
| https://github.com/rapid7/metasploit-framework/blob/master/modules/
exploits/unix/ftp/vsftpd_234_backdoor.rb
| http://scarybeastsecurity.blogspot.com/2011/07/alert-vsftpd-download-
backdoored.html
| https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2523
|_ https://www.securityfocus.com/bid/48539
22/tcp open ssh OpenSSH 4.7p1 Debian 8ubuntu1 (protocol 2.0)
| vulners:
| cpe:/a:openbsd:openssh:4.7p1:
| SSV:78173 7.8 https://vulners.com/seebug/SSV:78173 *EXPLOIT*
*EXPLOIT*
*EXPLOIT*
| SECURITYVULNS:VULN:8166 7.5
https://vulners.com/securityvulns/SECURITYVULNS:VULN:8166
4478
| CVE-2012-1577 7.5 https://vulners.com/cve/CVE-2012-1577
1013
1657
2168
5107
4755
4754
0814
5000
4327
3259
|_ SECURITYVULNS:VULN:9455 0.0
23/tcp open telnet Linux telnetd
25/tcp open smtp Postfix smtpd
| smtp-vuln-cve2010-4344:
|_ The SMTP server is not Exim: NOT VULNERABLE
| ssl-poodle:
| VULNERABLE:
| SSL POODLE information leak
| State: VULNERABLE
| IDs: CVE:CVE-2014-3566 BID:70574
| The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other
| products, uses nondeterministic CBC padding, which makes it easier
| for man-in-the-middle attackers to obtain cleartext data via a
| padding-oracle attack, aka the "POODLE" issue.
| Check results:
| TLS_RSA_WITH_AES_128_CBC_SHA
| References:
| https://www.openssl.org/~bodo/ssl-poodle.pdf
| https://www.imperialviolet.org/2014/10/14/poodle.html
| ssl-dh-params:
| VULNERABLE:
| Anonymous Diffie-Hellman Key Exchange MitM Vulnerability
| State: VULNERABLE
| Transport Layer Security (TLS) services that use anonymous
| Diffie-Hellman key exchange only provide protection against passive
| eavesdropping, and are vulnerable to active man-in-the-middle attacks
| which could completely compromise the confidentiality and integrity
| of any data exchanged over the resulting session.
| Check results:
| ANONYMOUS DH GROUP 1
| Cipher Suite: TLS_DH_anon_EXPORT_WITH_RC4_40_MD5
| Modulus Type: Safe prime
| Modulus Source: Unknown/Custom-generated
| Modulus Length: 512
| Generator Length: 8
| Public Key Length: 512
| References:
| https://www.ietf.org/rfc/rfc2246.txt
|
| Transport Layer Security (TLS) Protocol DHE_EXPORT Ciphers Downgrade MitM
(Logjam)
| State: VULNERABLE
| IDs: CVE:CVE-2015-4000 BID:74733
| The Transport Layer Security (TLS) protocol contains a flaw that is
| triggered when handling Diffie-Hellman key exchanges defined with
| the DHE_EXPORT cipher. This may allow a man-in-the-middle attacker
| to downgrade the security of a TLS session to 512-bit export-grade
| cryptography, which is significantly weaker, allowing the attacker
| to more easily break the encryption and monitor or tamper with
| the encrypted stream.
| Check results:
| EXPORT-GRADE DH GROUP 1
| Cipher Suite: TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
| References:
| https://www.securityfocus.com/bid/74733
| https://weakdh.org
|
| Diffie-Hellman Key Exchange Insufficient Group Strength
| State: VULNERABLE
| Transport Layer Security (TLS) services that use Diffie-Hellman groups
| of insufficient strength, especially those using one of a few commonly
| shared groups, may be susceptible to passive eavesdropping attacks.
| Check results:
| WEAK DH GROUP 1
| Cipher Suite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
| Modulus Source: postfix builtin
| References:
|_ https://weakdh.org
|_sslv2-drown: ERROR: Script execution failed (use -d to debug)
53/tcp open domain ISC BIND 9.4.2
| vulners:
| cpe:/a:isc:bind:9.4.2:
0122
1667
8500
5166
4244
3817
0382
| EXPLOITPACK:D6DDF5E24DE171DAAD71FD95FC1B67F2 7.2
https://vulners.com/exploitpack/EXPLOITPACK:D6DDF5E24DE171DAAD71FD95FC1B67F2
*EXPLOIT*
*EXPLOIT*
8461
8704
0025
8705
3614
9444
2848
8000
1033
4313
1910
| PACKETSTORM:157836 5.0
https://vulners.com/packetstorm/PACKETSTORM:157836 *EXPLOIT*
| FBC03933-7A65-52F3-83F4-4B2253A490B6 5.0
https://vulners.com/githubexploit/FBC03933-7A65-52F3-83F4-4B2253A490B6
*EXPLOIT*
0097
0696
| 1337DAY-ID-34485 4.3 https://vulners.com/zdt/1337DAY-ID-34485
*EXPLOIT*
0290
4022
*EXPLOIT*
80/tcp open http Apache httpd 2.2.8 ((Ubuntu) DAV/2)
| http-sql-injection:
| Possible sqli for queries:
| http://192.168.213.130:80/mutillidae/index.php?page=credits.php%27%20OR
%20sqlspider
| http://192.168.213.130:80/mutillidae/index.php?page=notes.php%27%20OR
%20sqlspider
| http://192.168.213.130:80/mutillidae/index.php?page=set-background-color.php
%27%20OR%20sqlspider
| http://192.168.213.130:80/mutillidae/index.php?page=browser-info.php%27%20OR
%20sqlspider
| http://192.168.213.130:80/mutillidae/index.php?page=login.php%27%20OR
%20sqlspider
| http://192.168.213.130:80/mutillidae/index.php?page=home.php%27%20OR
%20sqlspider
| http://192.168.213.130:80/mutillidae/?page=add-to-your-blog.php%27%20OR
%20sqlspider
| http://192.168.213.130:80/mutillidae/?page=view-someones-blog.php%27%20OR
%20sqlspider
| http://192.168.213.130:80/mutillidae/index.php?page=register.php%27%20OR
%20sqlspider
| http://192.168.213.130:80/mutillidae/index.php?page=arbitrary-file-
inclusion.php%27%20OR%20sqlspider
| http://192.168.213.130:80/mutillidae/index.php?page=secret-administrative-
pages.php%27%20OR%20sqlspider
| http://192.168.213.130:80/mutillidae/index.php?page=capture-data.php%27%20OR
%20sqlspider
| http://192.168.213.130:80/mutillidae/?page=show-log.php%27%20OR%20sqlspider
| http://192.168.213.130:80/mutillidae/index.php?page=home.php&do=toggle-hints
| http://192.168.213.130:80/mutillidae/?page=user-info.php%27%20OR%20sqlspider
| http://192.168.213.130:80/mutillidae/?page=text-file-viewer.php%27%20OR
%20sqlspider
| http://192.168.213.130:80/mutillidae/index.php?page=change-log.htm%27%20OR
%20sqlspider
| http://192.168.213.130:80/mutillidae/index.php?page=documentation
%2Fvulnerabilities.php%27%20OR%20sqlspider
| http://192.168.213.130:80/mutillidae/index.php?page=framing.php%27%20OR
%20sqlspider
| http://192.168.213.130:80/mutillidae/index.php?page=usage-instructions.php
| http://192.168.213.130:80/mutillidae/index.php?page=documentation%2Fhow-to-
access-Mutillidae-over-Virtual-Box-network.php%27%20OR%20sqlspider
| http://192.168.213.130:80/mutillidae/?page=credits.php%27%20OR%20sqlspider
| http://192.168.213.130:80/mutillidae/index.php?page=text-file-viewer.php
| http://192.168.213.130:80/mutillidae/index.php?page=php-errors.php%27%20OR
%20sqlspider
| http://192.168.213.130:80/mutillidae/index.php?page=user-info.php%27%20OR
%20sqlspider
| http://192.168.213.130:80/mutillidae/index.php?page=installation.php%27%20OR
%20sqlspider
| http://192.168.213.130:80/mutillidae/index.php?page=user-poll.php%27%20OR
%20sqlspider
| http://192.168.213.130:80/mutillidae/index.php?page=captured-data.php%27%20OR
%20sqlspider
| http://192.168.213.130:80/mutillidae/index.php?page=source-viewer.php%27%20OR
%20sqlspider
| http://192.168.213.130:80/mutillidae/?page=login.php%27%20OR%20sqlspider
| http://192.168.213.130:80/mutillidae/index.php?page=add-to-your-blog.php
| http://192.168.213.130:80/mutillidae/index.php?page=view-someones-blog.php
| http://192.168.213.130:80/mutillidae/index.php?page=password-generator.php
%27%20OR%20sqlspider&username=anonymous
| http://192.168.213.130:80/mutillidae/index.php?page=pen-test-tool-lookup.php
| http://192.168.213.130:80/mutillidae/?page=source-viewer.php%27%20OR
%20sqlspider
| http://192.168.213.130:80/mutillidae/index.php?page=html5-storage.php%27%20OR
%20sqlspider
| http://192.168.213.130:80/mutillidae/index.php?page=home.php&do=toggle-
security%27%20OR%20sqlspider
| http://192.168.213.130:80/mutillidae/index.php?page=site-footer-xss-
discussion.php%27%20OR%20sqlspider
| http://192.168.213.130:80/mutillidae/index.php?page=dns-lookup.php%27%20OR
%20sqlspider
| http://192.168.213.130:80/mutillidae/index.php?page=show-log.php%27%20OR
%20sqlspider
| http://192.168.213.130:80/dav/?C=S%3BO%3DA%27%20OR%20sqlspider
| http://192.168.213.130:80/dav/?C=M%3BO%3DA%27%20OR%20sqlspider
| http://192.168.213.130:80/dav/?C=N%3BO%3DD%27%20OR%20sqlspider
| http://192.168.213.130:80/dav/?C=D%3BO%3DA%27%20OR%20sqlspider
%20sqlspider
| http://192.168.213.130:80/mutillidae/index.php?page=redirectandlog.php
%27%20OR%20sqlspider&forwardurl=https%3A%2F%2Ffanyv88.com%3A443%2Fhttp%2Fwww.owasp.org%2Findex.php%2FLouisville
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%27%20OR%20sqlspider&forwardurl=https%3A%2F%2Ffanyv88.com%3A443%2Fhttps%2Faddons.mozilla.org%2Fen-US%2Ffirefox
%2Fcollections%2Fjdruin%2Fpr%2F
%20sqlspider
%27%20OR%20sqlspider&forwardurl=https%3A%2F%2Ffanyv88.com%3A443%2Fhttp%2Fpauldotcom.com%2F
%27%20OR%20sqlspider&forwardurl=https%3A%2F%2Ffanyv88.com%3A443%2Fhttp%2Fwww.room362.com%2F
%20sqlspider
%27%20OR%20sqlspider&forwardurl=https%3A%2F%2Ffanyv88.com%3A443%2Fhttp%2Fwww.isd-podcast.com%2F
%20sqlspider
%20sqlspider
%27%20OR%20sqlspider&forwardurl=https%3A%2F%2Ffanyv88.com%3A443%2Fhttp%2Fwww.owasp.org
%27%20OR%20sqlspider&forwardurl=https%3A%2F%2Ffanyv88.com%3A443%2Fhttp%2Fwww.pocodoy.com%2Fblog%2F
%27%20OR%20sqlspider&forwardurl=https%3A%2F%2Ffanyv88.com%3A443%2Fhttp%2Fwww.issa-kentuckiana.org%2F
%27%20OR%20sqlspider&forwardurl=https%3A%2F%2Ffanyv88.com%3A443%2Fhttp%2Fwww.irongeek.com%2F
%20sqlspider
%20sqlspider
%20sqlspider
%27%20OR%20sqlspider&forwardurl=https%3A%2F%2Ffanyv88.com%3A443%2Fhttp%2Fwww.php.net%2F
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
| http://192.168.213.130:80/mutillidae/?page=register.php%27%20OR%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
%20sqlspider
|_ http://192.168.213.130:80/mutillidae/?page=text-file-viewer.php%27%20OR
%20sqlspider
|_http-dombased-xss: Couldn't find any DOM based XSS.
|_http-trace: TRACE is enabled
| http-slowloris-check:
| VULNERABLE:
| Slowloris DOS attack
| State: LIKELY VULNERABLE
| IDs: CVE:CVE-2007-6750
| Slowloris tries to keep many connections to the target web server open and
hold
| them open as long as possible. It accomplishes this by opening connections
to
| the target web server and sending a partial request. By doing so, it
starves
| the http server's resources causing Denial Of Service.
|
| References:
| http://ha.ckers.org/slowloris/
|_ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6750
| http-enum:
| /tikiwiki/: Tikiwiki
| /test/: Test page
| /phpinfo.php: Possible information file
| /phpMyAdmin/: phpMyAdmin
| /doc/: Potentially interesting directory w/ listing on 'apache/2.2.8 (ubuntu)
dav/2'
| /icons/: Potentially interesting folder w/ directory listing
|_ /index/: Potentially interesting folder
|_http-vuln-cve2017-1001000: ERROR: Script execution failed (use -d to debug)
|_http-server-header: Apache/2.2.8 (Ubuntu) DAV/2
| http-csrf:
| Spidering limited to: maxdepth=3; maxpagecount=20; withinhost=192.168.213.130
| Found the following possible CSRF vulnerabilities:
|
| Path: http://192.168.213.130:80/dvwa/
| Form id:
| Form action: login.php
|
| Path: http://192.168.213.130:80/mutillidae/index.php?page=set-background-
color.php
| Form id: id-bad-cred-tr
| Form action: index.php?page=set-background-color.php
|
| Path: http://192.168.213.130:80/mutillidae/index.php?page=login.php
| Form id: idloginform
|_ Form action: index.php?page=login.php
|_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
| vulners:
| cpe:/a:apache:http_server:2.2.8:
| EXPLOITPACK:186B5FCF5C57B52642E62C06BABC6F83 7.8
https://vulners.com/exploitpack/EXPLOITPACK:186B5FCF5C57B52642E62C06BABC6F83
*EXPLOIT*
*EXPLOIT*
*EXPLOIT*
| ECC3E825-EE29-59D3-BE28-1B30DB15940E 7.5
https://vulners.com/githubexploit/ECC3E825-EE29-59D3-BE28-1B30DB15940E
*EXPLOIT*
*EXPLOIT*
| VULNERLAB:967 5.8 https://vulners.com/vulnerlab/VULNERLAB:967
*EXPLOIT*
| VULNERABLE:967 5.8 https://vulners.com/vulnerlab/VULNERABLE:967
*EXPLOIT*
| EXPLOITPACK:8B4E7E8DAE5A13C8250C6C33307CD66C 5.8
https://vulners.com/exploitpack/EXPLOITPACK:8B4E7E8DAE5A13C8250C6C33307CD66C
*EXPLOIT*
*EXPLOIT*
| F7F6E599-CEF4-5E03-8E10-FE18C4101E38 5.0
https://vulners.com/githubexploit/F7F6E599-CEF4-5E03-8E10-FE18C4101E38
*EXPLOIT*
| EXPLOITPACK:C8C256BE0BFF5FE1C0405CB0AA9C075D 5.0
https://vulners.com/exploitpack/EXPLOITPACK:C8C256BE0BFF5FE1C0405CB0AA9C075D
*EXPLOIT*
| EXPLOITPACK:460143F0ACAE117DD79BD75EDFDA154B 5.0
https://vulners.com/exploitpack/EXPLOITPACK:460143F0ACAE117DD79BD75EDFDA154B
*EXPLOIT*
*EXPLOIT*
*EXPLOIT*
| E5C174E5-D6E8-56E0-8403-D287DE52EB3F 5.0
https://vulners.com/githubexploit/E5C174E5-D6E8-56E0-8403-D287DE52EB3F
*EXPLOIT*
| DB6E1BBD-08B1-574D-A351-7D6BB9898A4A 5.0
https://vulners.com/githubexploit/DB6E1BBD-08B1-574D-A351-7D6BB9898A4A
*EXPLOIT*
| B0208442-6E17-5772-B12D-B5BE30FA5540 5.0
https://vulners.com/githubexploit/B0208442-6E17-5772-B12D-B5BE30FA5540
*EXPLOIT*
| A820A056-9F91-5059-B0BC-8D92C7A31A52 5.0
https://vulners.com/githubexploit/A820A056-9F91-5059-B0BC-8D92C7A31A52
*EXPLOIT*
| 9814661A-35A4-5DB7-BB25-A1040F365C81 5.0
https://vulners.com/githubexploit/9814661A-35A4-5DB7-BB25-A1040F365C81
*EXPLOIT*
| 5A864BCC-B490-5532-83AB-2E4109BB3C31 5.0
https://vulners.com/githubexploit/5A864BCC-B490-5532-83AB-2E4109BB3C31
*EXPLOIT*
*EXPLOIT*
*EXPLOIT*
*EXPLOIT*
|_ CVE-2011-4415 1.2 https://vulners.com/cve/CVE-2011-4415
111/tcp open rpcbind 2 (RPC #100000)
| rpcinfo:
| program version port/proto service
| 100000 2 111/tcp rpcbind
| 100000 2 111/udp rpcbind
| 100003 2,3,4 2049/tcp nfs
| 100003 2,3,4 2049/udp nfs
| 100005 1,2,3 36082/udp mountd
| 100005 1,2,3 54960/tcp mountd
| 100021 1,3,4 40806/tcp nlockmgr
| 100021 1,3,4 41160/udp nlockmgr
| 100024 1 33292/udp status
|_ 100024 1 37008/tcp status
139/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: WORKGROUP)
| vulners:
| Samba smbd 3.X - 4.X:
| SAMBA_IS_KNOWN_PIPENAME 10.0
https://vulners.com/canvas/SAMBA_IS_KNOWN_PIPENAME *EXPLOIT*
| SAINT:C50A339EFD5B2F96051BC00F96014CAA 10.0
https://vulners.com/saint/SAINT:C50A339EFD5B2F96051BC00F96014CAA *EXPLOIT*
| SAINT:6FE788CBA26F517C02B44A699047593B 10.0
https://vulners.com/saint/SAINT:6FE788CBA26F517C02B44A699047593B *EXPLOIT*
| SAINT:3579A721D51A069C725493EA48A26E42 10.0
https://vulners.com/saint/SAINT:3579A721D51A069C725493EA48A26E42 *EXPLOIT*
| MSF:EXPLOIT-LINUX-SAMBA-IS_KNOWN_PIPENAME- 10.0
https://vulners.com/metasploit/MSF:EXPLOIT-LINUX-SAMBA-IS_KNOWN_PIPENAME-
*EXPLOIT*
| EXPLOITPACK:11BDEE18B40708887778CCF837705185 10.0
https://vulners.com/exploitpack/EXPLOITPACK:11BDEE18B40708887778CCF837705185
*EXPLOIT*
*EXPLOIT*
*EXPLOIT*
*EXPLOIT*
*EXPLOIT*
| MSF:AUXILIARY-ADMIN-DCERPC-CVE_2020_1472_ZEROLOGON- 9.3
https://vulners.com/metasploit/MSF:AUXILIARY-ADMIN-DCERPC-
CVE_2020_1472_ZEROLOGON- *EXPLOIT*
| FC661572-B96B-5B2C-B12F-E8D279E189BF 9.3
https://vulners.com/githubexploit/FC661572-B96B-5B2C-B12F-E8D279E189BF
*EXPLOIT*
| F472C105-E3B1-524A-BBF5-1C436185F6EE 9.3
https://vulners.com/githubexploit/F472C105-E3B1-524A-BBF5-1C436185F6EE
*EXPLOIT*
| F085F702-F1C3-5ACB-99BE-086DA182D98B 9.3
https://vulners.com/githubexploit/F085F702-F1C3-5ACB-99BE-086DA182D98B
*EXPLOIT*
*EXPLOIT*
| E9F25671-2BEF-5E8B-A60A-55C6DD9DE820 9.3
https://vulners.com/githubexploit/E9F25671-2BEF-5E8B-A60A-55C6DD9DE820
*EXPLOIT*
| DEC5B8BB-1933-54FF-890E-9C2720E9966E 9.3
https://vulners.com/githubexploit/DEC5B8BB-1933-54FF-890E-9C2720E9966E
*EXPLOIT*
| D7AB3F4A-8E41-5E5B-B987-99AFB571FE9C 9.3
https://vulners.com/githubexploit/D7AB3F4A-8E41-5E5B-B987-99AFB571FE9C
*EXPLOIT*
| D3C401E0-D013-59E2-8FFB-6BEF41DA3D1B 9.3
https://vulners.com/githubexploit/D3C401E0-D013-59E2-8FFB-6BEF41DA3D1B
*EXPLOIT*
| D178DAA4-01D0-50D0-A741-1C3C76A7D023 9.3
https://vulners.com/githubexploit/D178DAA4-01D0-50D0-A741-1C3C76A7D023
*EXPLOIT*
| CF07CF32-0B8E-58E5-A410-8FA68D411ED0 9.3
https://vulners.com/githubexploit/CF07CF32-0B8E-58E5-A410-8FA68D411ED0
*EXPLOIT*
| C841D92F-11E1-5077-AE70-CA2FEF0BC96E 9.3
https://vulners.com/githubexploit/C841D92F-11E1-5077-AE70-CA2FEF0BC96E
*EXPLOIT*
| C7F6FB3B-581D-53E1-A2BF-C935FE7B03C8 9.3
https://vulners.com/githubexploit/C7F6FB3B-581D-53E1-A2BF-C935FE7B03C8
*EXPLOIT*
| C7CE5D12-A4E5-5FF2-9F07-CD5E84B4C02F 9.3
https://vulners.com/githubexploit/C7CE5D12-A4E5-5FF2-9F07-CD5E84B4C02F
*EXPLOIT*
| C5B49BD0-D347-5AEB-A774-EE7BB35688E9 9.3
https://vulners.com/githubexploit/C5B49BD0-D347-5AEB-A774-EE7BB35688E9
*EXPLOIT*
| BBE1926E-1EC7-5657-8766-3CA8418F815C 9.3
https://vulners.com/githubexploit/BBE1926E-1EC7-5657-8766-3CA8418F815C
*EXPLOIT*
| BA280EB1-2FF9-52DA-8BA4-A276A1158DD8 9.3
https://vulners.com/githubexploit/BA280EB1-2FF9-52DA-8BA4-A276A1158DD8
*EXPLOIT*
| B7C1C535-3653-5D12-8922-4C6A5CCBD5F3 9.3
https://vulners.com/githubexploit/B7C1C535-3653-5D12-8922-4C6A5CCBD5F3
*EXPLOIT*
| AEF449B8-DC3E-544A-A748-5A1C6F7EBA59 9.3
https://vulners.com/githubexploit/AEF449B8-DC3E-544A-A748-5A1C6F7EBA59
*EXPLOIT*
| A24AC1AC-55EF-51D8-B696-32F369DCAB96 9.3
https://vulners.com/githubexploit/A24AC1AC-55EF-51D8-B696-32F369DCAB96
*EXPLOIT*
| 9C9BD402-511C-597D-9864-647131FE6647 9.3
https://vulners.com/githubexploit/9C9BD402-511C-597D-9864-647131FE6647
*EXPLOIT*
| 939F3BE7-AF69-5351-BD56-12412FA184C5 9.3
https://vulners.com/githubexploit/939F3BE7-AF69-5351-BD56-12412FA184C5
*EXPLOIT*
| 87B06BBD-7ED2-5BD2-95E1-21EE66501505 9.3
https://vulners.com/githubexploit/87B06BBD-7ED2-5BD2-95E1-21EE66501505
*EXPLOIT*
| 879CF3A7-ECBC-552A-A044-5E2724F63279 9.3
https://vulners.com/githubexploit/879CF3A7-ECBC-552A-A044-5E2724F63279
*EXPLOIT*
| 7078ED42-959E-5242-BE9D-17F2F99C76A8 9.3
https://vulners.com/githubexploit/7078ED42-959E-5242-BE9D-17F2F99C76A8
*EXPLOIT*
| 6FB0B63E-DE9A-5065-B577-ECA3ED5E9F4B 9.3
https://vulners.com/githubexploit/6FB0B63E-DE9A-5065-B577-ECA3ED5E9F4B
*EXPLOIT*
| 63C36F7A-5F99-5A79-B99F-260360AC237F 9.3
https://vulners.com/githubexploit/63C36F7A-5F99-5A79-B99F-260360AC237F
*EXPLOIT*
| 5E80DB20-575C-537A-9B83-CCFCCB55E448 9.3
https://vulners.com/githubexploit/5E80DB20-575C-537A-9B83-CCFCCB55E448
*EXPLOIT*
| 5B025A0D-055E-552C-B1FB-287C6F191F8E 9.3
https://vulners.com/githubexploit/5B025A0D-055E-552C-B1FB-287C6F191F8E
*EXPLOIT*
| 50FA6373-CBCD-5EF5-B37D-0ECD621C6134 9.3
https://vulners.com/githubexploit/50FA6373-CBCD-5EF5-B37D-0ECD621C6134
*EXPLOIT*
| 4CB63A18-5D6F-57E3-8CD8-9110CF63E120 9.3
https://vulners.com/githubexploit/4CB63A18-5D6F-57E3-8CD8-9110CF63E120
*EXPLOIT*
| 49EC151F-12F0-59CF-960C-25BD54F46680 9.3
https://vulners.com/githubexploit/49EC151F-12F0-59CF-960C-25BD54F46680
*EXPLOIT*
| 3F400483-1F7E-5BE5-8612-4D55D450D553 9.3
https://vulners.com/githubexploit/3F400483-1F7E-5BE5-8612-4D55D450D553
*EXPLOIT*
| 2E71FF50-1B48-5A8E-9212-C4CF9399715C 9.3
https://vulners.com/githubexploit/2E71FF50-1B48-5A8E-9212-C4CF9399715C
*EXPLOIT*
| 2D16FB2A-7A61-5E45-AAF8-1E090E0ADCC0 9.3
https://vulners.com/githubexploit/2D16FB2A-7A61-5E45-AAF8-1E090E0ADCC0
*EXPLOIT*
| 28D42B84-AB24-5FC6-ADE1-610374D67F21 9.3
https://vulners.com/githubexploit/28D42B84-AB24-5FC6-ADE1-610374D67F21
*EXPLOIT*
| 2255B39F-1B91-56F4-A323-8704808620D3 9.3
https://vulners.com/githubexploit/2255B39F-1B91-56F4-A323-8704808620D3
*EXPLOIT*
| 20466D13-6C5B-5326-9C8B-160E9BE37195 9.3
https://vulners.com/githubexploit/20466D13-6C5B-5326-9C8B-160E9BE37195
*EXPLOIT*
| 14BD2DBD-3A91-55FC-9836-14EF9ABF56CF 9.3
https://vulners.com/githubexploit/14BD2DBD-3A91-55FC-9836-14EF9ABF56CF
*EXPLOIT*
*EXPLOIT*
| 12E44744-1AF0-523A-ACA2-593B4D33E014 9.3
https://vulners.com/githubexploit/12E44744-1AF0-523A-ACA2-593B4D33E014
*EXPLOIT*
| 0CFAB531-412C-57A0-BD9E-EF072620C078 9.3
https://vulners.com/githubexploit/0CFAB531-412C-57A0-BD9E-EF072620C078
*EXPLOIT*
| 07E56BF6-A72B-5ACD-A2FF-818C48E4E132 9.3
https://vulners.com/githubexploit/07E56BF6-A72B-5ACD-A2FF-818C48E4E132
*EXPLOIT*
| 07DF268C-467E-54A3-B713-057BA19C72F7 9.3
https://vulners.com/githubexploit/07DF268C-467E-54A3-B713-057BA19C72F7
*EXPLOIT*
| 06BAC40D-74DF-5994-909F-3A87FC3B76C8 9.3
https://vulners.com/githubexploit/06BAC40D-74DF-5994-909F-3A87FC3B76C8
*EXPLOIT*
| 04BCA9BC-E3AD-5234-A5F0-7A1ED826F600 9.3
https://vulners.com/githubexploit/04BCA9BC-E3AD-5234-A5F0-7A1ED826F600
*EXPLOIT*
| 042AB58A-C86A-5A8B-AED3-2FF3624E97E3 9.3
https://vulners.com/githubexploit/042AB58A-C86A-5A8B-AED3-2FF3624E97E3
*EXPLOIT*
*EXPLOIT*
*EXPLOIT*
445/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: WORKGROUP)
| vulners:
| Samba smbd 3.X - 4.X:
| SAMBA_IS_KNOWN_PIPENAME 10.0
https://vulners.com/canvas/SAMBA_IS_KNOWN_PIPENAME *EXPLOIT*
| SAINT:C50A339EFD5B2F96051BC00F96014CAA 10.0
https://vulners.com/saint/SAINT:C50A339EFD5B2F96051BC00F96014CAA *EXPLOIT*
| SAINT:6FE788CBA26F517C02B44A699047593B 10.0
https://vulners.com/saint/SAINT:6FE788CBA26F517C02B44A699047593B *EXPLOIT*
| SAINT:3579A721D51A069C725493EA48A26E42 10.0
https://vulners.com/saint/SAINT:3579A721D51A069C725493EA48A26E42 *EXPLOIT*
| MSF:EXPLOIT-LINUX-SAMBA-IS_KNOWN_PIPENAME- 10.0
https://vulners.com/metasploit/MSF:EXPLOIT-LINUX-SAMBA-IS_KNOWN_PIPENAME-
*EXPLOIT*
| EXPLOITPACK:11BDEE18B40708887778CCF837705185 10.0
https://vulners.com/exploitpack/EXPLOITPACK:11BDEE18B40708887778CCF837705185
*EXPLOIT*
*EXPLOIT*
*EXPLOIT*
*EXPLOIT*
*EXPLOIT*
| MSF:AUXILIARY-ADMIN-DCERPC-CVE_2020_1472_ZEROLOGON- 9.3
https://vulners.com/metasploit/MSF:AUXILIARY-ADMIN-DCERPC-
CVE_2020_1472_ZEROLOGON- *EXPLOIT*
| FC661572-B96B-5B2C-B12F-E8D279E189BF 9.3
https://vulners.com/githubexploit/FC661572-B96B-5B2C-B12F-E8D279E189BF
*EXPLOIT*
| F472C105-E3B1-524A-BBF5-1C436185F6EE 9.3
https://vulners.com/githubexploit/F472C105-E3B1-524A-BBF5-1C436185F6EE
*EXPLOIT*
| F085F702-F1C3-5ACB-99BE-086DA182D98B 9.3
https://vulners.com/githubexploit/F085F702-F1C3-5ACB-99BE-086DA182D98B
*EXPLOIT*
*EXPLOIT*
| E9F25671-2BEF-5E8B-A60A-55C6DD9DE820 9.3
https://vulners.com/githubexploit/E9F25671-2BEF-5E8B-A60A-55C6DD9DE820
*EXPLOIT*
| DEC5B8BB-1933-54FF-890E-9C2720E9966E 9.3
https://vulners.com/githubexploit/DEC5B8BB-1933-54FF-890E-9C2720E9966E
*EXPLOIT*
| D7AB3F4A-8E41-5E5B-B987-99AFB571FE9C 9.3
https://vulners.com/githubexploit/D7AB3F4A-8E41-5E5B-B987-99AFB571FE9C
*EXPLOIT*
| D3C401E0-D013-59E2-8FFB-6BEF41DA3D1B 9.3
https://vulners.com/githubexploit/D3C401E0-D013-59E2-8FFB-6BEF41DA3D1B
*EXPLOIT*
| D178DAA4-01D0-50D0-A741-1C3C76A7D023 9.3
https://vulners.com/githubexploit/D178DAA4-01D0-50D0-A741-1C3C76A7D023
*EXPLOIT*
| CF07CF32-0B8E-58E5-A410-8FA68D411ED0 9.3
https://vulners.com/githubexploit/CF07CF32-0B8E-58E5-A410-8FA68D411ED0
*EXPLOIT*
| C841D92F-11E1-5077-AE70-CA2FEF0BC96E 9.3
https://vulners.com/githubexploit/C841D92F-11E1-5077-AE70-CA2FEF0BC96E
*EXPLOIT*
| C7F6FB3B-581D-53E1-A2BF-C935FE7B03C8 9.3
https://vulners.com/githubexploit/C7F6FB3B-581D-53E1-A2BF-C935FE7B03C8
*EXPLOIT*
| C7CE5D12-A4E5-5FF2-9F07-CD5E84B4C02F 9.3
https://vulners.com/githubexploit/C7CE5D12-A4E5-5FF2-9F07-CD5E84B4C02F
*EXPLOIT*
| C5B49BD0-D347-5AEB-A774-EE7BB35688E9 9.3
https://vulners.com/githubexploit/C5B49BD0-D347-5AEB-A774-EE7BB35688E9
*EXPLOIT*
| BBE1926E-1EC7-5657-8766-3CA8418F815C 9.3
https://vulners.com/githubexploit/BBE1926E-1EC7-5657-8766-3CA8418F815C
*EXPLOIT*
| BA280EB1-2FF9-52DA-8BA4-A276A1158DD8 9.3
https://vulners.com/githubexploit/BA280EB1-2FF9-52DA-8BA4-A276A1158DD8
*EXPLOIT*
| B7C1C535-3653-5D12-8922-4C6A5CCBD5F3 9.3
https://vulners.com/githubexploit/B7C1C535-3653-5D12-8922-4C6A5CCBD5F3
*EXPLOIT*
| AEF449B8-DC3E-544A-A748-5A1C6F7EBA59 9.3
https://vulners.com/githubexploit/AEF449B8-DC3E-544A-A748-5A1C6F7EBA59
*EXPLOIT*
| A24AC1AC-55EF-51D8-B696-32F369DCAB96 9.3
https://vulners.com/githubexploit/A24AC1AC-55EF-51D8-B696-32F369DCAB96
*EXPLOIT*
| 9C9BD402-511C-597D-9864-647131FE6647 9.3
https://vulners.com/githubexploit/9C9BD402-511C-597D-9864-647131FE6647
*EXPLOIT*
| 939F3BE7-AF69-5351-BD56-12412FA184C5 9.3
https://vulners.com/githubexploit/939F3BE7-AF69-5351-BD56-12412FA184C5
*EXPLOIT*
| 87B06BBD-7ED2-5BD2-95E1-21EE66501505 9.3
https://vulners.com/githubexploit/87B06BBD-7ED2-5BD2-95E1-21EE66501505
*EXPLOIT*
| 879CF3A7-ECBC-552A-A044-5E2724F63279 9.3
https://vulners.com/githubexploit/879CF3A7-ECBC-552A-A044-5E2724F63279
*EXPLOIT*
| 7078ED42-959E-5242-BE9D-17F2F99C76A8 9.3
https://vulners.com/githubexploit/7078ED42-959E-5242-BE9D-17F2F99C76A8
*EXPLOIT*
| 6FB0B63E-DE9A-5065-B577-ECA3ED5E9F4B 9.3
https://vulners.com/githubexploit/6FB0B63E-DE9A-5065-B577-ECA3ED5E9F4B
*EXPLOIT*
| 63C36F7A-5F99-5A79-B99F-260360AC237F 9.3
https://vulners.com/githubexploit/63C36F7A-5F99-5A79-B99F-260360AC237F
*EXPLOIT*
| 5E80DB20-575C-537A-9B83-CCFCCB55E448 9.3
https://vulners.com/githubexploit/5E80DB20-575C-537A-9B83-CCFCCB55E448
*EXPLOIT*
| 5B025A0D-055E-552C-B1FB-287C6F191F8E 9.3
https://vulners.com/githubexploit/5B025A0D-055E-552C-B1FB-287C6F191F8E
*EXPLOIT*
| 50FA6373-CBCD-5EF5-B37D-0ECD621C6134 9.3
https://vulners.com/githubexploit/50FA6373-CBCD-5EF5-B37D-0ECD621C6134
*EXPLOIT*
| 4CB63A18-5D6F-57E3-8CD8-9110CF63E120 9.3
https://vulners.com/githubexploit/4CB63A18-5D6F-57E3-8CD8-9110CF63E120
*EXPLOIT*
| 49EC151F-12F0-59CF-960C-25BD54F46680 9.3
https://vulners.com/githubexploit/49EC151F-12F0-59CF-960C-25BD54F46680
*EXPLOIT*
| 3F400483-1F7E-5BE5-8612-4D55D450D553 9.3
https://vulners.com/githubexploit/3F400483-1F7E-5BE5-8612-4D55D450D553
*EXPLOIT*
| 2E71FF50-1B48-5A8E-9212-C4CF9399715C 9.3
https://vulners.com/githubexploit/2E71FF50-1B48-5A8E-9212-C4CF9399715C
*EXPLOIT*
| 2D16FB2A-7A61-5E45-AAF8-1E090E0ADCC0 9.3
https://vulners.com/githubexploit/2D16FB2A-7A61-5E45-AAF8-1E090E0ADCC0
*EXPLOIT*
| 28D42B84-AB24-5FC6-ADE1-610374D67F21 9.3
https://vulners.com/githubexploit/28D42B84-AB24-5FC6-ADE1-610374D67F21
*EXPLOIT*
| 2255B39F-1B91-56F4-A323-8704808620D3 9.3
https://vulners.com/githubexploit/2255B39F-1B91-56F4-A323-8704808620D3
*EXPLOIT*
| 20466D13-6C5B-5326-9C8B-160E9BE37195 9.3
https://vulners.com/githubexploit/20466D13-6C5B-5326-9C8B-160E9BE37195
*EXPLOIT*
| 14BD2DBD-3A91-55FC-9836-14EF9ABF56CF 9.3
https://vulners.com/githubexploit/14BD2DBD-3A91-55FC-9836-14EF9ABF56CF
*EXPLOIT*
*EXPLOIT*
| 12E44744-1AF0-523A-ACA2-593B4D33E014 9.3
https://vulners.com/githubexploit/12E44744-1AF0-523A-ACA2-593B4D33E014
*EXPLOIT*
| 0CFAB531-412C-57A0-BD9E-EF072620C078 9.3
https://vulners.com/githubexploit/0CFAB531-412C-57A0-BD9E-EF072620C078
*EXPLOIT*
| 07E56BF6-A72B-5ACD-A2FF-818C48E4E132 9.3
https://vulners.com/githubexploit/07E56BF6-A72B-5ACD-A2FF-818C48E4E132
*EXPLOIT*
| 07DF268C-467E-54A3-B713-057BA19C72F7 9.3
https://vulners.com/githubexploit/07DF268C-467E-54A3-B713-057BA19C72F7
*EXPLOIT*
| 06BAC40D-74DF-5994-909F-3A87FC3B76C8 9.3
https://vulners.com/githubexploit/06BAC40D-74DF-5994-909F-3A87FC3B76C8
*EXPLOIT*
| 04BCA9BC-E3AD-5234-A5F0-7A1ED826F600 9.3
https://vulners.com/githubexploit/04BCA9BC-E3AD-5234-A5F0-7A1ED826F600
*EXPLOIT*
| 042AB58A-C86A-5A8B-AED3-2FF3624E97E3 9.3
https://vulners.com/githubexploit/042AB58A-C86A-5A8B-AED3-2FF3624E97E3
*EXPLOIT*
*EXPLOIT*
*EXPLOIT*
512/tcp open exec?
513/tcp open login
514/tcp open tcpwrapped
1099/tcp open java-rmi GNU Classpath grmiregistry
| rmi-vuln-classloader:
| VULNERABLE:
| RMI registry default configuration remote code execution vulnerability
| State: VULNERABLE
| Default configuration of RMI registry allows loading classes from remote
URLs which can lead to remote code execution.
|
| References:
|_ https://github.com/rapid7/metasploit-framework/blob/master/modules/
exploits/multi/misc/java_rmi_server.rb
1524/tcp open bindshell Metasploitable root shell
2049/tcp open nfs 2-4 (RPC #100003)
2121/tcp open ftp ProFTPD 1.3.1
| vulners:
| cpe:/a:proftpd:proftpd:1.3.1:
| SAINT:FD1752E124A72FD3A26EEB9B315E8382 10.0
https://vulners.com/saint/SAINT:FD1752E124A72FD3A26EEB9B315E8382 *EXPLOIT*
| SAINT:950EB68D408A40399926A4CCAD3CC62E 10.0
https://vulners.com/saint/SAINT:950EB68D408A40399926A4CCAD3CC62E *EXPLOIT*
| SAINT:63FB77B9136D48259E4F0D4CDA35E957 10.0
https://vulners.com/saint/SAINT:63FB77B9136D48259E4F0D4CDA35E957 *EXPLOIT*
| SAINT:1B08F4664C428B180EEC9617B41D9A2C 10.0
https://vulners.com/saint/SAINT:1B08F4664C428B180EEC9617B41D9A2C *EXPLOIT*
| PROFTPD_MOD_COPY 10.0 https://vulners.com/canvas/PROFTPD_MOD_COPY
*EXPLOIT*
*EXPLOIT*
*EXPLOIT*
*EXPLOIT*
*EXPLOIT*
4130
0542
| 739FE495-4675-5A2A-BB93-EEF94AC07632 7.5
https://vulners.com/githubexploit/739FE495-4675-5A2A-BB93-EEF94AC07632
*EXPLOIT*
3867
4652
0543
4242
*EXPLOIT*
3639
19272
19271
19270
18217
3125
1137
7265
7418
6095
3306/tcp open mysql MySQL 5.0.51a-3ubuntu5
| vulners:
| cpe:/a:mysql:mysql:5.0.51a-3ubuntu5:
2446
| SAINT:D505D53863BE216621FDAECA22896071 7.5
https://vulners.com/saint/SAINT:D505D53863BE216621FDAECA22896071 *EXPLOIT*
| SAINT:A9E0BE0CEF71F1F98D3CB3E95173B3D0 7.5
https://vulners.com/saint/SAINT:A9E0BE0CEF71F1F98D3CB3E95173B3D0 *EXPLOIT*
| SAINT:79BA92A57C28E796ADD04A6A8AE158CE 7.5
https://vulners.com/saint/SAINT:79BA92A57C28E796ADD04A6A8AE158CE *EXPLOIT*
| SAINT:3101D21E4D8017EA5B14AF668DC39CAD 7.5
https://vulners.com/saint/SAINT:3101D21E4D8017EA5B14AF668DC39CAD *EXPLOIT*
4484
0226
5026
4028
1848
1850
7247
3833
1849
4098
2079
0490
0484
0102
0101
0087
3838
3837
3836
3834
3682
3677
4019
3963
1626
0114
4452
0075
|_mysql-vuln-cve2012-2122: ERROR: Script execution failed (use -d to debug)
|_ssl-ccs-injection: No reply from server (TIMEOUT)
5432/tcp open postgresql PostgreSQL DB 8.3.0 - 8.3.7
| ssl-dh-params:
| VULNERABLE:
| Diffie-Hellman Key Exchange Insufficient Group Strength
| State: VULNERABLE
| Transport Layer Security (TLS) services that use Diffie-Hellman groups
| of insufficient strength, especially those using one of a few commonly
| shared groups, may be susceptible to passive eavesdropping attacks.
| Check results:
| WEAK DH GROUP 1
| Cipher Suite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
| References:
|_ https://weakdh.org
| ssl-ccs-injection:
| VULNERABLE:
| SSL/TLS MITM vulnerability (CCS Injection)
| State: VULNERABLE
| Risk factor: High
| OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h
| does not properly restrict processing of ChangeCipherSpec messages,
| which allows man-in-the-middle attackers to trigger use of a zero
| length master key in certain OpenSSL-to-OpenSSL communications, and
| consequently hijack sessions or obtain sensitive information, via
| a crafted TLS handshake, aka the "CCS Injection" vulnerability.
|
| References:
| http://www.openssl.org/news/secadv_20140605.txt
|_ http://www.cvedetails.com/cve/2014-0224
| ssl-poodle:
| VULNERABLE:
| SSL POODLE information leak
| State: VULNERABLE
| IDs: CVE:CVE-2014-3566 BID:70574
| The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other
| products, uses nondeterministic CBC padding, which makes it easier
| for man-in-the-middle attackers to obtain cleartext data via a
| padding-oracle attack, aka the "POODLE" issue.
| Check results:
| TLS_RSA_WITH_AES_128_CBC_SHA
| References:
| https://www.openssl.org/~bodo/ssl-poodle.pdf
| https://www.imperialviolet.org/2014/10/14/poodle.html
| vulners:
| cpe:/a:postgresql:postgresql:8.3:
1903
1902
1447
1169
| POSTGRESQL:CVE-2013-1900 8.5
https://vulners.com/postgresql/POSTGRESQL:CVE-2013-1900
0255
0868
3231
0065
0064
0063
0061
0866
4015
0442
3433
1170
1975
2483
0062
3488
0067
2143
0066
0060
3489
2655
3229
0733
5900/tcp open vnc VNC (protocol 3.3)
6000/tcp open X11 (access denied)
6667/tcp open irc UnrealIRCd
|_irc-unrealircd-backdoor: Looks like trojaned version of unrealircd. See
http://seclists.org/fulldisclosure/2010/Jun/277
8009/tcp open ajp13 Apache Jserv (Protocol v1.3)
8180/tcp open http Apache Tomcat/Coyote JSP engine 1.1
| http-csrf:
| Spidering limited to: maxdepth=3; maxpagecount=20; withinhost=192.168.213.130
| Found the following possible CSRF vulnerabilities:
|
| Path: http://192.168.213.130:8180/admin/
| Form id: username
|_ Form action: j_security_check;jsessionid=20364626B26D03516783AE7DBEF71B83
|_http-server-header: Apache-Coyote/1.1
| http-slowloris-check:
| VULNERABLE:
| Slowloris DOS attack
| State: LIKELY VULNERABLE
| IDs: CVE:CVE-2007-6750
| Slowloris tries to keep many connections to the target web server open and
hold
| them open as long as possible. It accomplishes this by opening connections
to
| the target web server and sending a partial request. By doing so, it
starves
| the http server's resources causing Denial Of Service.
|
| References:
| http://ha.ckers.org/slowloris/
|_ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6750
| vulners:
| cpe:/a:apache:coyote_http_connector:1.1:
26044
36032
| OSV:CVE-2023-26044 5.0 https://vulners.com/osv/OSV:CVE-2023-
26044
| OSV:CVE-2022-36032 5.0 https://vulners.com/osv/OSV:CVE-2022-
36032
|_ OSV:BIT-APACHE-2021-31618 5.0 https://vulners.com/osv/OSV:BIT-
APACHE-2021-31618
| http-cookie-flags:
| /admin/:
| JSESSIONID:
| httponly flag not set
| /admin/index.html:
| JSESSIONID:
| /admin/login.html:
| JSESSIONID:
| /admin/admin.html:
| JSESSIONID:
| /admin/account.html:
| JSESSIONID:
| /admin/admin_login.html:
| JSESSIONID:
| /admin/home.html:
| JSESSIONID:
| /admin/admin-login.html:
| JSESSIONID:
| /admin/adminLogin.html:
| JSESSIONID:
| /admin/controlpanel.html:
| JSESSIONID:
| /admin/cp.html:
| JSESSIONID:
| /admin/index.jsp:
| JSESSIONID:
| /admin/login.jsp:
| JSESSIONID:
| /admin/admin.jsp:
| JSESSIONID:
| /admin/home.jsp:
| JSESSIONID:
| /admin/controlpanel.jsp:
| JSESSIONID:
| /admin/admin-login.jsp:
| JSESSIONID:
| /admin/cp.jsp:
| JSESSIONID:
| /admin/account.jsp:
| JSESSIONID:
| /admin/admin_login.jsp:
| JSESSIONID:
| /admin/adminLogin.jsp:
| JSESSIONID:
| /admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html:
| JSESSIONID:
| /admin/includes/FCKeditor/editor/filemanager/upload/test.html:
| JSESSIONID:
| /admin/jscript/upload.html:
| JSESSIONID:
|_ httponly flag not set
|_http-dombased-xss: Couldn't find any DOM based XSS.
|_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
| http-enum:
| /admin/: Possible admin folder
| /admin/index.html: Possible admin folder
| /admin/login.html: Possible admin folder
| /admin/admin.html: Possible admin folder
| /admin/account.html: Possible admin folder
| /admin/admin_login.html: Possible admin folder
| /admin/home.html: Possible admin folder
| /admin/admin-login.html: Possible admin folder
| /admin/adminLogin.html: Possible admin folder
| /admin/controlpanel.html: Possible admin folder
| /admin/cp.html: Possible admin folder
| /admin/index.jsp: Possible admin folder
| /admin/login.jsp: Possible admin folder
| /admin/admin.jsp: Possible admin folder
| /admin/home.jsp: Possible admin folder
| /admin/controlpanel.jsp: Possible admin folder
| /admin/admin-login.jsp: Possible admin folder
| /admin/cp.jsp: Possible admin folder
| /admin/account.jsp: Possible admin folder
| /admin/admin_login.jsp: Possible admin folder
| /admin/adminLogin.jsp: Possible admin folder
| /manager/html/upload: Apache Tomcat (401 Unauthorized)
| /manager/html: Apache Tomcat (401 Unauthorized)
| /admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html:
OpenCart/FCKeditor File upload
| /admin/includes/FCKeditor/editor/filemanager/upload/test.html: ASP Simple
Blog / FCKeditor File Upload
| /admin/jscript/upload.html: Lizard Cart/Remote File upload
|_ /webdav/: Potentially interesting folder
Service Info: Hosts: metasploitable.localdomain, irc.Metasploitable.LAN; OSs:
Unix, Linux; CPE: cpe:/o:linux:linux_kernel
Host script results:

|_smb-vuln-ms10-054: false
|_smb-vuln-regsvc-dos: ERROR: Script execution failed (use -d to debug)
|_smb-vuln-ms10-061: false
Service detection performed. Please report any incorrect results at

https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 387.95 seconds

result

Uploaded by

Copyright:

Available Formats

result

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

result

Uploaded by

Copyright:

Available Formats

Starting Nmap 7.94SVN ( https://nmap.

org ) at 2024-05-11 15:34 CDT

Host script results:

Service detection performed. Please report any incorrect results at

You might also like