Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Greetings!
- In the following list below, I did a scan on Petsex.com. I believe it has found MANY vulnerabilities, but that's for you to decide. The network is protected by cloudflare, so it seems it won't let me see a file I have been going to, but it really displays it. I also included the reverse IP check and Whois info.
- Scan:
- ---------------------------------------------------------------------------
- + Target IP: 173.245.61.114
- + Target Hostname: cf-173-245-61-114.cloudflare.com
- + Target Port: 80
- + Start Time: 2012-09-25 17:30:11
- ---------------------------------------------------------------------------
- + Server: cloudflare-nginx
- + No CGI Directories found (use '-C all' to force check all possible dirs)
- + robots.txt retrieved but it does not contain any 'disallow' entries (which is odd).
- + /kboard/: KBoard Forum 0.3.0 and prior have a security problem in forum_edit_post.php, forum_post.php and forum_reply.php
- + /lists/admin/: PHPList pre 2.6.4 contains a number of vulnerabilities including remote administrative access, harvesting user info and more. Default login to admin interface is admin/phplist
- + /splashAdmin.php: Cobalt Qube 3 admin is running. This may have multiple security problems as described by www.scan-associates.net. These could not be tested remotely.
- + /ssdefs/: Siteseed pre 1.4.2 has 'major' security problems.
- + /sshome/: Siteseed pre 1.4.2 has 'major' security problems.
- + /tiki/: Tiki 1.7.2 and previous allowed restricted Wiki pages to be viewed via a 'URL trick'. Default login/pass could be admin/admin
- + /tiki/tiki-install.php: Tiki 1.7.2 and previous allowed restricted Wiki pages to be viewed via a 'URL trick'. Default login/pass could be admin/admin
- + /scripts/samples/details.idc: See RFP 9901; www.wiretrip.net
- + OSVDB-396: /_vti_bin/shtml.exe: Attackers may be able to crash FrontPage by requesting a DOS device, like shtml.exe/aux.htm -- a DoS was not attempted.
- + OSVDB-637: /~root/: Allowed to browse root's home directory.
- + /cgi-bin/wrap: comes with IRIX 6.2; allows to view directories
- + /forums//admin/config.php: PHP Config file may contain database IDs and passwords.
- + /forums//adm/config.php: PHP Config file may contain database IDs and passwords.
- + /forums//administrator/config.php: PHP Config file may contain database IDs and passwords.
- + /forums/config.php: PHP Config file may contain database IDs and passwords.
- + /guestbook/guestbookdat: PHP-Gastebuch 1.60 Beta reveals sensitive information about its configuration.
- + /guestbook/pwd: PHP-Gastebuch 1.60 Beta reveals the md5 hash of the admin password.
- + /help/: Help directory should not be accessible
- + OSVDB-2411: /hola/admin/cms/htmltags.php?datei=./sec/data.php: hola-cms-1.2.9-10 may reveal the administrator ID and password.
- + OSVDB-8103: /global.inc: PHP-Survey's include file should not be available via the web. Configure the web server to ignore .inc files or change this to global.inc.php
- + OSVDB-59620: /inc/common.load.php: Bookmark4U v1.8.3 include files are not protected and may contain remote source injection by using the 'prefix' variable.
- + OSVDB-59619: /inc/config.php: Bookmark4U v1.8.3 include files are not protected and may contain remote source injection by using the 'prefix' variable.
- + OSVDB-59618: /inc/dbase.php: Bookmark4U v1.8.3 include files are not protected and may contain remote source injection by using the 'prefix' variable.
- + OSVDB-2703: /geeklog/users.php: Geeklog prior to 1.3.8-1sr2 contains a SQL injection vulnerability that lets a remote attacker reset admin password.
- + OSVDB-8204: /gb/index.php?login=true: gBook may allow admin login by setting the value 'login' equal to 'true'.
- + /guestbook/admin.php: Guestbook admin page available without authentication.
- + /getaccess: This may be an indication that the server is running getAccess for SSO
- + /cfdocs/expeval/openfile.cfm: Can use to expose the system/server path.
- + /tsweb/: Microsoft TSAC found. http://www.dslwebserver.com/main/fr_index.html?/main/sbs-Terminal-Services-Advanced-Client-Configuration.html
- + /vgn/performance/TMT: Vignette CMS admin/maintenance script available.
- + /vgn/performance/TMT/Report: Vignette CMS admin/maintenance script available.
- + /vgn/performance/TMT/Report/XML: Vignette CMS admin/maintenance script available.
- + /vgn/performance/TMT/reset: Vignette CMS admin/maintenance script available.
- + /vgn/ppstats: Vignette CMS admin/maintenance script available.
- + /vgn/previewer: Vignette CMS admin/maintenance script available.
- + /vgn/record/previewer: Vignette CMS admin/maintenance script available.
- + /vgn/stylepreviewer: Vignette CMS admin/maintenance script available.
- + /vgn/vr/Deleting: Vignette CMS admin/maintenance script available.
- + /vgn/vr/Editing: Vignette CMS admin/maintenance script available.
- + /vgn/vr/Saving: Vignette CMS admin/maintenance script available.
- + /vgn/vr/Select: Vignette CMS admin/maintenance script available.
- + /scripts/iisadmin/bdir.htr: This default script shows host info, may allow file browsing and buffer a overrun in the Chunked Encoding data transfer mechanism, request /scripts/iisadmin/bdir.htr??c:\<dirs> . http://www.microsoft.com/technet/security/bulletin/MS02-028.asp. http://www.cert.org/advisories/CA-2002-09.html.
- + /scripts/iisadmin/ism.dll: Allows you to mount a brute force attack on passwords
- + /scripts/tools/ctss.idc: This CGI allows remote users to view and modify SQL DB contents, server paths, docroot and more.
- + /bigconf.cgi: BigIP Configuration CGI
- + /blah_badfile.shtml: Allaire ColdFusion allows JSP source viewed through a vulnerable SSI call.
- + OSVDB-4910: /vgn/style: Vignette server may reveal system information through this file.
- + OSVDB-17653: /SiteServer/Admin/commerce/foundation/domain.asp: Displays known domains of which that server is involved.
- + OSVDB-17654: /SiteServer/Admin/commerce/foundation/driver.asp: Displays a list of installed ODBC drivers.
- + OSVDB-17655: /SiteServer/Admin/commerce/foundation/DSN.asp: Displays all DSNs configured for selected ODBC drivers.
- + OSVDB-17652: /SiteServer/admin/findvserver.asp: Gives a list of installed Site Server components.
- + /SiteServer/Admin/knowledge/dsmgr/default.asp: Used to view current search catalog configurations
- + /basilix/mbox-list.php3: BasiliX webmail application prior to 1.1.1 contains a XSS issue in 'message list' function/page
- + /basilix/message-read.php3: BasiliX webmail application prior to 1.1.1 contains a XSS issue in 'read message' function/page
- + /clusterframe.jsp: Macromedia JRun 4 build 61650 remote administration interface is vulnerable to several XSS attacks.
- + /IlohaMail/blank.html: IlohaMail 0.8.10 contains a XSS vulnerability. Previous versions contain other non-descript vulnerabilities.
- + /bb-dnbd/faxsurvey: This may allow arbitrary command execution.
- + /cartcart.cgi: If this is Dansie Shopping Cart 3.0.8 or earlier, it contains a backdoor to allow attackers to execute arbitrary commands.
- + OSVDB-6591: /scripts/Carello/Carello.dll: Carello 1.3 may allow commands to be executed on the server by replacing hidden form elements. This could not be tested by Nikto.
- + /scripts/tools/dsnform.exe: Allows creation of ODBC Data Source
- + /scripts/tools/dsnform: Allows creation of ODBC Data Source
- + OSVDB-17656: /SiteServer/Admin/knowledge/dsmgr/users/GroupManager.asp: Used to create, modify, and potentially delete LDAP users and groups.
- + OSVDB-17657: /SiteServer/Admin/knowledge/dsmgr/users/UserManager.asp: Used to create, modify, and potentially delete LDAP users and groups.
- + /prd.i/pgen/: Has MS Merchant Server 1.0
- + /readme.eml: Remote server may be infected with the Nimda virus.
- + /scripts/httpodbc.dll: Possible IIS backdoor found.
- + /scripts/proxy/w3proxy.dll: MSProxy v1.0 installed
- + /SiteServer/admin/: Site Server components admin. Default account may be 'LDAP_Anonymous', pass is 'LdapPassword_1'. see http://www.wiretrip.net/rfp/p/doc.asp/i1/d69.htm
- + /siteseed/: Siteseed pre 1.4.2 has 'major' security problems.
- + /pccsmysqladm/incs/dbconnect.inc: This file should not be accessible, as it contains database connectivity information. Upgrade to version 1.2.5 or higher.
- + /iisadmin/: Access to /iisadmin should be restricted to localhost or allowed hosts only.
- + /PDG_Cart/oder.log: Shopping cart software log
- + /ows/restricted%2eshow: OWS may allow restricted files to be viewed by replacing a character with its encoded equivalent.
- + /WEB-INF./web.xml: Multiple implementations of j2ee servlet containers allow files to be retrieved from WEB-INF by appending a '.' to the directory name. Products include Sybase EA Service, Oracle Containers, Orion, JRun, HPAS, Pramati and others. See http://www.westpoint.l
- + /view_source.jsp: Resin 2.1.2 view_source.jsp allows any file on the system to be viewed by using \..\ directory traversal. This script may be vulnerable.
- + /w-agora/: w-agora pre 4.1.4 may allow a remote user to execute arbitrary PHP scripts via URL includes in include/*.php and user/*.php files. Default account is 'admin' but password set during install.
- + OSVDB-42680: /vider.php3: MySimpleNews may allow deleting of news items without authentication.
- + OSVDB-6181: /officescan/cgi/cgiChkMasterPwd.exe: Trend Micro Officescan allows you to skip the login page and access some CGI programs directly.
- + /pbserver/pbserver.dll: This may contain a buffer overflow. http://www.microsoft.com/technet/security/bulletin/http://www.microsoft.com/technet/security/bulletin/ms00-094.asp.asp
- + /administrator/gallery/uploadimage.php: Mambo PHP Portal/Server 4.0.12 BETA and below may allow upload of any file type simply putting '.jpg' before the real file extension.
- + /pafiledb/includes/team/file.php: paFileDB 3.1 and below may allow file upload without authentication.
- + /phpEventCalendar/file_upload.php: phpEventCalendar 1.1 and prior are vulnerable to file upload bug.
- + /servlet/com.unify.servletexec.UploadServlet: This servlet allows attackers to upload files to the server.
- + /scripts/cpshost.dll: Posting acceptor possibly allows you to upload files
- + /upload.asp: An ASP page that allows attackers to upload files to server
- + /uploadn.asp: An ASP page that allows attackers to upload files to server
- + /uploadx.asp: An ASP page that allows attackers to upload files to server
- + /wa.exe: An ASP page that allows attackers to upload files to server
- + /basilix/compose-attach.php3: BasiliX webmail application prior to 1.1.1 contains a non-descript security vulnerability in compose-attach.php3 related to attachment uploads
- + /server/: If port 8000, Macromedia JRun 4 build 61650 remote administration interface is vulnerable to several XSS attacks.
- + /vgn/ac/data: Vignette CMS admin/maintenance script available.
- + /vgn/ac/delete: Vignette CMS admin/maintenance script available.
- + /vgn/ac/edit: Vignette CMS admin/maintenance script available.
- + /vgn/ac/esave: Vignette CMS admin/maintenance script available.
- + /vgn/ac/fsave: Vignette CMS admin/maintenance script available.
- + /vgn/ac/index: Vignette CMS admin/maintenance script available.
- + /vgn/asp/MetaDataUpdate: Vignette CMS admin/maintenance script available.
- + /vgn/asp/previewer: Vignette CMS admin/maintenance script available.
- + /vgn/asp/status: Vignette CMS admin/maintenance script available.
- + /vgn/asp/style: Vignette CMS admin/maintenance script available.
- + /vgn/errors: Vignette CMS admin/maintenance script available.
- + /vgn/jsp/controller: Vignette CMS admin/maintenance script available.
- + /vgn/jsp/errorpage: Vignette CMS admin/maintenance script available.
- + /vgn/jsp/initialize: Vignette CMS admin/maintenance script available.
- + /vgn/jsp/jspstatus: Vignette CMS admin/maintenance script available.
- + /vgn/jsp/jspstatus56: Vignette CMS admin/maintenance script available.
- + /vgn/jsp/metadataupdate: Vignette CMS admin/maintenance script available.
- + /vgn/jsp/previewer: Vignette CMS admin/maintenance script available.
- + /vgn/jsp/style: Vignette CMS admin/maintenance script available.
- + /vgn/legacy/edit: Vignette CMS admin/maintenance script available.
- + /vgn/login: Vignette server may allow user enumeration based on the login attempts to this file.
- + OSVDB-35707: /forum/admin/wwforum.mdb: Web Wiz Forums password database found.
- + /fpdb/shop.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web.
- + OSVDB-52975: /guestbook/admin/o12guest.mdb: Ocean12 ASP Guestbook Manager allows download of SQL database which contains admin password.
- + OSVDB-15971: /midicart.mdb: MIDICART database is available for browsing. This should not be allowed via the web server.
- + OSVDB-15971: /MIDICART/midicart.mdb: MIDICART database is available for browsing. This should not be allowed via the web server.
- + OSVDB-41850: /mpcsoftweb_guestbook/database/mpcsoftweb_guestdata.mdb: MPCSoftWeb Guest Book passwords retrieved.
- + /news/news.mdb: Web Wiz Site News release v3.06 admin password database is available and unencrypted.
- + OSVDB-53413: /shopping300.mdb: VP-ASP shopping cart application allows .mdb files (which may include customer data) to be downloaded via the web. These should not be available.
- + OSVDB-53413: /shopping400.mdb: VP-ASP shopping cart application allows .mdb files (which may include customer data) to be downloaded via the web. These should not be available.
- + OSVDB-15971: /shoppingdirectory/midicart.mdb: MIDICART database is available for browsing. This should not be allowed via the web server.
- + OSVDB-4398: /database/db2000.mdb: Max Web Portal database is available remotely. It should be moved from the default location to a directory outside the web root.
- + /admin/config.php: PHP Config file may contain database IDs and passwords.
- + /adm/config.php: PHP Config file may contain database IDs and passwords.
- + /administrator/config.php: PHP Config file may contain database IDs and passwords.
- + /contents.php?new_language=elvish&mode=select: Requesting a file with an invalid language selection from DC Portal may reveal the system path.
- + OSVDB-6467: /pw/storemgr.pw: Encrypted ID/Pass for Mercantec's SoftCart, http://www.mercantec.com/, see http://www.mindsec.com/advisories/post2.txt for more information.
- + /servlet/com.livesoftware.jrun.plugins.ssi.SSIFilter: Allaire ColdFusion allows JSP source viewed through a vulnerable SSI call.
- + /shopa_sessionlist.asp: VP-ASP shopping cart test application is available from the web. This page may give the location of .mdb files which may also be available.
- + OSVDB-53303: /simplebbs/users/users.php: Simple BBS 1.0.6 allows user information and passwords to be viewed remotely.
- + /typo3conf/: This may contain sensitive Typo3 files.
- + /typo3conf/database.sql: Typo3 SQL file found.
- + /typo3conf/localconf.php: Typo3 config file found.
- + OSVDB-53386: /vchat/msg.txt: VChat allows user information to be retrieved.
- + OSVDB-4907: /vgn/license: Vignette server license file found.
- + /webcart-lite/config/import.txt: This may allow attackers to read credit card data. Reconfigure to make this file not accessible via the web.
- + /webcart-lite/orders/import.txt: This may allow attackers to read credit card data. Reconfigure to make this file not accessible via the web.
- + /webcart/carts/: This may allow attackers to read credit card data. Reconfigure to make this dir not accessible via the web.
- + /webcart/config/: This may allow attackers to read credit card data. Reconfigure to make this dir not accessible via the web.
- + /webcart/config/clients.txt: This may allow attackers to read credit card data. Reconfigure to make this file not accessible via the web.
- + /webcart/orders/: This may allow attackers to read credit card data. Reconfigure to make this dir not accessible via the web.
- + /webcart/orders/import.txt: This may allow attackers to read credit card data. Reconfigure to make this file not accessible via the web.
- + /ws_ftp.ini: Can contain saved passwords for FTP sites
- + /WS_FTP.ini: Can contain saved passwords for FTP sites
- + /_mem_bin/auoconfig.asp: Displays the default AUO (LDAP) schema, including host and port.
- + OSVDB-17659: /SiteServer/Admin/knowledge/persmbr/vs.asp: Expose various LDAP service and backend configuration parameters
- + OSVDB-17661: /SiteServer/Admin/knowledge/persmbr/VsLsLpRd.asp: Expose various LDAP service and backend configuration parameters
- + OSVDB-17662: /SiteServer/Admin/knowledge/persmbr/VsPrAuoEd.asp: Expose various LDAP service and backend configuration parameters
- + OSVDB-17660: /SiteServer/Admin/knowledge/persmbr/VsTmPr.asp: Expose various LDAP service and backend configuration parameters
- + /tvcs/getservers.exe?action=selects1: Following steps 2-4 of this page may reveal a zip file that contains passwords and system details.
- + /whatever.htr: May reveal physical path. htr files may also be vulnerable to an off-by-one overflow that allows remote command execution (see http://www.microsoft.com/technet/security/bulletin/MS02-018.asp)
- + /nsn/fdir.bas:ShowVolume: You can use ShowVolume and ShowDirectory directly on the Novell server (NW5.1) to view the filesystem without having to log in
- + /nsn/fdir.bas: You can use fdir to ShowVolume and ShowDirectory.
- + /forum/admin/database/wwForum.mdb: Web Wiz Forums pre 7.5 is vulnerable to Cross-Site Scripting attacks. Default login/pass is Administrator/letmein
- + /webmail/blank.html: IlohaMail 0.8.10 contains an XSS vulnerability. Previous versions contain other non-descript vulnerabilities.
- + /jamdb/: JamDB pre 0.9.2 mp3.php and image.php can allow user to read arbitrary file out of docroot.
- + OSVDB-1201: /cgi/cgiproc?: It may be possible to crash Nortel Contivity VxWorks by requesting '/cgi/cgiproc?$' (not attempted!). Upgrade to version 2.60 or later.
- + OSVDB-6196: /servlet/SchedulerTransfer: PeopleSoft SchedulerTransfer servlet found, which may allow remote command execution. See http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21999
- + /servlet/sunexamples.BBoardServlet: This default servlet lets attackers execute arbitrary commands.
- + OSVDB-6196: /servlets/SchedulerTransfer: PeopleSoft SchedulerTransfer servlet found, which may allow remote command execution. See http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21999
- + /perl/-e%20print%20Hello: The Perl interpreter on the Novell system may allow any command to be executed. See http://www.securityfocus.com/bid/5520. Installing Perl 5.6 might fix this issue.
- + /vgn/legacy/save: Vignette Legacy Tool may be unprotected. To access this resource, set a cookie called 'vgn_creds' with any value.
- + /IDSWebApp/IDSjsp/Login.jsp: Tivoli Directory Server Web Administration.
- + OSVDB-6466: /quikstore.cfg: Shopping cart config file, http://www.quikstore.com/, http://www.mindsec.com/advisories/post2.txt
- + /quikstore.cgi: A shopping cart.
- + /securecontrolpanel/: Web Server Control Panel
- + /siteminder: This may be an indication that the server is running Siteminder for SSO
- + /webmail/: Web based mail package installed.
- + /_cti_pvt/: FrontPage directory found.
- + /smg_Smxcfg30.exe?vcc=3560121183d3: This may be a Trend Micro Officescan 'backdoor'.
- + /nsn/..%5Cutil/attrib.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
- + /nsn/..%5Cutil/chkvol.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
- + /nsn/..%5Cutil/copy.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
- + /nsn/..%5Cutil/del.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
- + /nsn/..%5Cutil/dir.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
- + /nsn/..%5Cutil/dsbrowse.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
- + /nsn/..%5Cutil/glist.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
- + /nsn/..%5Cutil/lancard.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
- + /nsn/..%5Cutil/md.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
- + /nsn/..%5Cutil/rd.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
- + /nsn/..%5Cutil/ren.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
- + /nsn/..%5Cutil/send.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
- + /nsn/..%5Cutil/set.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
- + /nsn/..%5Cutil/slist.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
- + /nsn/..%5Cutil/type.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
- + /nsn/..%5Cutil/userlist.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
- + /nsn/..%5Cweb/env.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
- + /nsn/..%5Cweb/fdir.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
- + /nsn/..%5Cwebdemo/env.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
- + /nsn/..%5Cwebdemo/fdir.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
- + /upd/: WASD Server can allow directory listings by requesting /upd/directory/. Upgrade to a later version and secure according to the documents on the WASD web site.
- + /CVS/Entries: CVS Entries file may contain directory listing information.
- + OSVDB-8450: /phpmyadmin/db_details_importdocsql.php?submit_show=true&do=import&docpath=../: phpMyAdmin allows directory listings remotely. Upgrade to version 2.5.3 or higher. http://www.securityfocus.com/bid/7963.
- + OSVDB-8450: /db_details_importdocsql.php?submit_show=true&do=import&docpath=../: phpMyAdmin allows directory listings remotely. Upgrade to version 2.5.3 or higher. http://www.securityfocus.com/bid/7963.
- + OSVDB-8450: /3rdparty/phpMyAdmin/db_details_importdocsql.php?submit_show=true&do=import&docpath=../: phpMyAdmin allows directory listings remotely. Upgrade to version 2.5.3 or higher. http://www.securityfocus.com/bid/7963.
- + OSVDB-8450: /phpMyAdmin/db_details_importdocsql.php?submit_show=true&do=import&docpath=../: phpMyAdmin allows directory listings remotely. Upgrade to version 2.5.3 or higher. http://www.securityfocus.com/bid/7963.
- + OSVDB-8450: /3rdparty/phpmyadmin/db_details_importdocsql.php?submit_show=true&do=import&docpath=../: phpMyAdmin allows directory listings remotely. Upgrade to version 2.5.3 or higher. http://www.securityfocus.com/bid/7963.
- + OSVDB-8450: /phpmyadmindb_details_importdocsql.php?submit_show=true&do=import&docpath=../: phpMyAdmin allows directory listings remotely. Upgrade to version 2.5.3 or higher. http://www.securityfocus.com/bid/7963.
- + OSVDB-8450: /pmadb_details_importdocsql.php?submit_show=true&do=import&docpath=../: phpMyAdmin allows directory listings remotely. Upgrade to version 2.5.3 or higher. http://www.securityfocus.com/bid/7963.
- + /catalog.nsf: A list of server databases can be retrieved, as well as a list of ACLs.
- + /cersvr.nsf: Server certificate data can be accessed remotely.
- + /domlog.nsf: The domain server logs can be accessed remotely.
- + /events4.nsf: The events log can be accessed remotely.
- + /log.nsf: The server log is remotely accessible.
- + /names.nsf: User names and groups can be accessed remotely (possibly password hashes as well)
- + OSVDB-31150: /LOGIN.PWD: MIPCD password file (passwords are not encrypted). MIPDCD should not have the web interface enabled.
- + OSVDB-31150: /USER/CONFIG.AP: MIPCD configuration information. MIPCD should not have the web interface enabled.
- + /admin-serv/config/admpw: This file contains the encrypted Netscape admin password. It should not be accessible via the web.
- + /cgi-bin/cgi_process: WASD reveals a lot of system information in this script. It should be removed.
- + /ht_root/wwwroot/-/local/httpd$map.conf: WASD reveals the http configuration file. Upgrade to a later version and secure according to the documents on the WASD web site.
- + /local/httpd$map.conf: WASD reveals the http configuration file. Upgrade to a later version and secure according to the documents on the WASD web site.
- + /tree: WASD Server reveals the entire web root structure and files via this URL. Upgrade to a later version and secure according to the documents on the WASD web site.
- + /852566C90012664F: This database can be read using the replica ID without authentication.
- + /hidden.nsf: This database can be read without authentication. Common database name.
- + /mail.box: The mail database can be read without authentication.
- + /setup.nsf: The server can be configured remotely, or current setup can be downloaded.
- + /statrep.nsf: Any reports generated by the admins can be retrieved.
- + /webadmin.nsf: The server admin database can be accessed remotely.
- + /examples/servlet/AUX: Apache Tomcat versions below 4.1 may be vulnerable to DoS by repeatedly requesting this file.
- + /Config1.htm: This may be a D-Link. Some devices have a DoS condition if an oversized POST request is sent. This DoS was not tested. See http://www.phenoelit.de/stuff/dp-300.txt for info.
- + /contents/extensions/asp/1: The IIS system may be vulnerable to a DOS, see http://www.microsoft.com/technet/security/bulletin/MS02-018.asp for details.
- + /WebAdmin.dll?View=Logon: Some versions of WebAdmin are vulnerable to a remote DoS (not tested). See http://www.ngssoftware.com.
- + /cgi-win/cgitest.exe: This CGI may allow the server to be crashed remotely, see http://www.securityoffice.net/ for details. Remove this default CGI.
- + /cgi-shl/win-c-sample.exe: win-c-sample.exe has a buffer overflow
- + /.nsf/../winnt/win.ini: This win.ini file can be downloaded.
- + /................../config.sys: PWS allows files to be read by prepending multiple '.' characters. At worst, IIS, not PWS, should be used.
- + ///etc/hosts: The server install allows reading of any system file by adding an extra '/' to the URL.
- + /contents/extensions/asp/1: The IIS system may be vulnerable to a DOS, see http://www.microsoft.com/technet/security/bulletin/MS02-018.asp for details.
- + /WebAdmin.dll?View=Logon: Some versions of WebAdmin are vulnerable to a remote DoS (not tested). See http://www.ngssoftware.com.
- + /cgi-win/cgitest.exe: This CGI may allow the server to be crashed remotely, see http://www.securityoffice.net/ for details. Remove this default CGI.
- + /cgi-shl/win-c-sample.exe: win-c-sample.exe has a buffer overflow
- + /.nsf/../winnt/win.ini: This win.ini file can be downloaded.
- + /................../config.sys: PWS allows files to be read by prepending multiple '.' characters. At worst, IIS, not PWS, should be used.
- + ///etc/hosts: The server install allows reading of any system file by adding an extra '/' to the URL.
- + /nph-showlogs.pl?files=../../../../../../../../etc/&filter=.*&submit=Go&linecnt=500&refresh=0: nCUBE Server Manage 1.0 allows directory listings of any location on the remote system.
- + OSVDB-2829: /phpwebfilemgr/index.php?f=../../../../../../../../../etc: phpWebFileManager v2.0.0 and prior are vulnerable to a directory traversal bug.
- + /..\..\..\..\..\..\temp\temp.class: Cisco ACS 2.6.x and 3.0.1 (build 40) allows authenticated remote users to retrieve any file from the system. Upgrade to the latest version.
- + OSVDB-728: /admentor/adminadmin.asp: Version 2.11 of AdMentor is vulnerable to SQL injection during login, in the style of: ' or =
- + OSVDB-10107: /author.asp: May be FactoSystem CMS, which could include SQL injection problems that could not be tested remotely.
- + OSVDB-2767: /openautoclassifieds/friendmail.php?listing=<script>alert(document.domain);</script>: OpenAutoClassifieds 1.0 is vulnerable to a XSS attack
- + /modules.php?letter=%22%3E%3Cimg%20src=javascript:alert(document.cookie);%3E&op=modload&name=Members_List&file=index: Post Nuke 0.7.2.3-Phoenix is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
- + OSVDB-4015: /jigsaw/: Jigsaw server may be installed. Versions lower than 2.2.1 are vulnerable to Cross Site Scripting (XSS) in the error page.
- + OSVDB-2754: /guestbook/?number=5&lng=%3Cscript%3Ealert(document.domain);%3C/script%3E: MPM Guestbook 1.2 and previous are vulnreable to XSS attacks.
- + /anthill/login.php: Anthill bug tracking system may be installed. Versions lower than 0.1.6.1 allow XSS/HTML injection and may allow users to bypass login requirements. http://anthill.vmlinuz.ca/ and http://www.cert.org/advisories/CA-2000-02.html
- + /cfdocs/expeval/sendmail.cfm: Can be used to send email; go to the page and fill in the form
- + OSVDB-22: /cgi-bin/bigconf.cgi: BigIP Configuration CGI
- + /ammerum/: Ammerum pre 0.6-1 had several security issues.
- + /ariadne/: Ariadne pre 2.1.2 has several vulnerabilities. The default login/pass to the admin page is admin/muze.
- + /cbms/cbmsfoot.php: CBMS Billing Management has had many vulnerabilities in versions 0.7.1 and below. None could be confirmed here, but they should be manually checked if possible. http://freshmeat.net/projects/cbms/
- + /cbms/changepass.php: CBMS Billing Management has had many vulnerabilities in versions 0.7.1 and below. None could be confirmed here, but they should be manually checked if possible. http://freshmeat.net/projects/cbms/
- + /cbms/editclient.php: CBMS Billing Management has had many vulnerabilities in versions 0.7.1 and below. None could be confirmed here, but they should be manually checked if possible. http://freshmeat.net/projects/cbms/
- + /cbms/passgen.php: CBMS Billing Management has had many vulnerabilities in versions 0.7.1 and below. None could be confirmed here, but they should be manually checked if possible. http://freshmeat.net/projects/cbms/
- + /cbms/realinv.php: CBMS Billing Management has had many vulnerabilities in versions 0.7.1 and below. None could be confirmed here, but they should be manually checked if possible. http://freshmeat.net/projects/cbms/
- + /cbms/usersetup.php: CBMS Billing Management has had many vulnerabilities in versions 0.7.1 and below. None could be confirmed here, but they should be manually checked if possible. http://freshmeat.net/projects/cbms/
- + /ext.dll?MfcIsapiCommand=LoadPage&page=admin.hts%20&a0=add&a1=root&a2=%5C: This check (A) sets up the next bad blue test (B) for possible exploit. See http://www.badblue.com/down.htm
- + OSVDB-59412: /db/users.dat: upb PB allows the user database to be retrieved remotely.
- + /Admin_files/order.log: Selena Sol's WebStore 1.0 exposes order information, http://www.extropia.com/, http://www.mindsec.com/advisories/post2.txt.
- + /admin/cplogfile.log: DevBB 1.0 final (http://www.mybboard.com) log file is readable remotely. Upgrade to the latest version.
- + /admin/system_footer.php: myphpnuke version 1.8.8_final_7 reveals detailed system information.
- + /cfdocs/snippets/fileexists.cfm: Can be used to verify the existance of files (on the same drive info as the web tree/file)
- + /cgi-bin/MachineInfo: Gives out information on the machine (IRIX), including hostname
- + OSVDB-59646: /chat/!nicks.txt: WF-Chat 1.0 Beta allows retrieval of user information.
- + OSVDB-59645: /chat/!pwds.txt: WF-Chat 1.0 Beta allows retrieval of user information.
- + OSVDB-53304: /chat/data/usr: SimpleChat! 1.3 allows retrieval of user information.
- + /config.php: PHP Config file may contain database IDs and passwords.
- + /config/: Configuration information may be available remotely.
- + /cplogfile.log: XMB Magic Lantern forum 1.6b final (http://www.xmbforum.com) log file is readable remotely. Upgrade to the latest version.
- + /examples/jsp/snp/anything.snp: Tomcat servlet gives lots of host information.
- + /cfdocs/snippets/evaluate.cfm: Can enter CF code to be evaluated, or create denial of service see www.allaire.com/security/ technical papers and advisories for info
- + /cfide/Administrator/startstop.html: Can start/stop the server
- + OSVDB-10598: /cd-cgi/sscd_suncourier.pl: Sunsolve CD script may allow users to execute arbitrary commands. The script was confirmed to exist, but the test was not done.
- + /cgi-bin/handler: Comes with IRIX 5.3 - 6.4; allows to run arbitrary commands
- + OSVDB-235: /cgi-bin/webdist.cgi: Comes with IRIX 5.0 - 6.3; allows to run arbitrary commands
- + OSVDB-55: /ews/ews/architext_query.pl: Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands. http://www.securityfocus.com/bid/2665.
- + OSVDB-5280: /instantwebmail/message.php: Instant Web Mail (http://understroem.kdc/instantwebmail/) is installed. Versions 0.59 and lower can allow remote users to embed POP3 commands in URLs contained in email.
- + OSVDB-29786: /admin.php?en_log_id=0&action=config: EasyNews from http://www.webrc.ca version 4.3 allows remote admin access. This PHP file should be protected.
- + OSVDB-29786: /admin.php?en_log_id=0&action=users: EasyNews from http://www.webrc.ca version 4.3 allows remote admin access. This PHP file should be protected.
- + /admin.php4?reg_login=1: Mon Album from http://www.3dsrc.com version 0.6.2d allows remote admin access. This should be protected.
- + OSVDB-3233: /admin/admin_phpinfo.php4: Mon Album from http://www.3dsrc.com version 0.6.2d allows remote admin access. This should be protected.
- + OSVDB-5034: /admin/login.php?action=insert&username=test&password=test: phpAuction may allow user admin accounts to be inserted without proper authentication. Attempt to log in with user 'test' password 'test' to verify.
- + OSVDB-5178: /dostuff.php?action=modify_user: Blahz-DNS allows unauthorized users to edit user information. Upgrade to version 0.25 or higher. http://blahzdns.sourceforge.net/
- + OSVDB-5088: /accounts/getuserdesc.asp: Hosting Controller 2002 administration page is available. This should be protected.
- + OSVDB-35876: /agentadmin.php: Immobilier agentadmin.php contains multiple SQL injection vulnerabilities.
- + /sqldump.sql: Database SQL?
- + /structure.sql: Database SQL?
- + /servlet/SessionManager: IBM WebSphere reconfigure servlet (user=servlet, password=manager). All default code should be removed from servers.
- + /ip.txt: This may be User Online from http://www.elpar.net version 2.0, which has a remotely accessible log file.
- + /level/42/exec/show%20conf: Retrieved Cisco configuration file.
- + /livehelp/: LiveHelp may reveal system information.
- + /LiveHelp/: LiveHelp may reveal system information.
- + OSVDB-59536: /logicworks.ini: web-erp 0.1.4 and earlier allow .ini files to be read remotely.
- + /logs/str_err.log: Bmedia error log, contains invalid login attempts which include the invalid usernames and passwords entered (could just be typos & be very close to the right entries).
- + OSVDB-6465: /mall_log_files/order.log: EZMall2000 exposes order information, http://www.ezmall2000.com/, see http://www.mindsec.com/advisories/post2.txt for details.
- + OSVDB-3204: /megabook/files/20/setup.db: Megabook guestbook configuration available remotely.
- + OSVDB-6161: /officescan/hotdownload/ofscan.ini: OfficeScan from Trend Micro allows anyone to read the ofscan.ini file, which may contain passwords.
- + /order/order_log_v12.dat: Web shopping system from http://www.io.com/~rga/scripts/cgiorder.html exposes order information, see http://www.mindsec.com/advisories/post2.txt
- + /order/order_log.dat: Web shopping system from http://www.io.com/~rga/scripts/cgiorder.html exposes order information, see http://www.mindsec.com/advisories/post2.txt
- + /orders/order_log_v12.dat: Web shopping system from http://www.io.com/~rga/scripts/cgiorder.html exposes order information, see http://www.mindsec.com/advisories/post2.txt
- + /Orders/order_log_v12.dat: Web shopping system from http://www.io.com/~rga/scripts/cgiorder.html exposes order information, see http://www.mindsec.com/advisories/post2.txt
- + /orders/order_log.dat: Web shopping system from http://www.io.com/~rga/scripts/cgiorder.html exposes order information, see http://www.mindsec.com/advisories/post2.txt
- + /Orders/order_log.dat: Web shopping system from http://www.io.com/~rga/scripts/cgiorder.html exposes order information, see http://www.mindsec.com/advisories/post2.txt
- + /pmlite.php: A Xoops CMS script was found. Version RC3 and below allows all users to view all messages (untested). See http://www.phpsecure.org/?zone=pComment&d=101 for details.
- + /session/admnlogin: SessionServlet Output, has session cookie info.
- + OSVDB-613: /SiteScope/htdocs/SiteScope.html: The SiteScope install may allow remote users to get sensitive information about the hosts being monitored.
- + /servlet/allaire.jrun.ssi.SSIFilter: Allaire ColdFusion allows JSP source viewed through a vulnerable SSI call, see MPSB01-12 http://www.macromedia.com/devnet/security/security_zone/mpsb01-12.html.
- + OSVDB-2881: /pp.php?action=login: Pieterpost 0.10.6 allows anyone to access the 'virtual' account which can be used to relay/send e-mail.
- + /isapi/count.pl?: AN HTTPd default script may allow writing over arbitrary files with a new content of '1', which could allow a trivial DoS. Append /../../../../../ctr.dll to replace this file's contents, for example.
- + /krysalis/: Krysalis pre 1.0.3 may allow remote users to read arbitrary files outside docroot
- + /logjam/showhits.php: Logjam may possibly allow remote command execution via showhits.php page.
- + /manual.php: Does not filter input before passing to shell command. Try 'ls -l' as the man page entry.
- + OSVDB-14329: /smssend.php: PhpSmssend may allow system calls if a ' is passed to it. http://zekiller.skytech.org/smssend.php
- + OSVDB-113: /ncl_items.html: This may allow attackers to reconfigure your Tektronix printer.
- + OSVDB-551: /ncl_items.shtml?SUBJECT=1: This may allow attackers to reconfigure your Tektronix printer.
- + /photo/manage.cgi: My Photo Gallery management interface. May allow full access to photo galleries and more.
- + /photodata/manage.cgi: My Photo Gallery management interface. May allow full access to photo galleries and more.
- + OSVDB-5374: /pub/english.cgi?op=rmail: BSCW self-registration may be enabled. This could allow untrusted users semi-trusted access to the software. 3.x version (and probably some 4.x) allow arbitrary commands to be executed remotely.
- + /pvote/ch_info.php?newpass=password&confirm=password%20: PVote administration page is available. Versions 1.5b and lower do not require authentication to reset the administration password.
- + OSVDB-240: /scripts/wsisa.dll/WService=anything?WSMadmin: Allows Webspeed to be remotely administered. Edit unbroker.properties and set AllowMsngrCmds to 0.
- + OSVDB-3092: /SetSecurity.shm: Cisco System's My Access for Wireless. This resource should be password protected.
- + OSVDB-3126: /submit?setoption=q&option=allowed_ips&value=255.255.255.255: MLdonkey 2.x allows administrative interface access to be access from any IP. This is typically only found on port 4080.
- + OSVDB-2225: /thebox/admin.php?act=write&username=admin&password=admin&aduser=admin&adpass=admin: paBox 1.6 may allow remote users to set the admin password. If successful, the 'admin' password is now 'admin'.
- + OSVDB-3092: /shopadmin.asp: VP-ASP shopping cart admin may be available via the web. Default ID/PW are vpasp/vpasp and admin/admin.
- + OSVDB-3299: /vbulletincalendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22: Vbulletin allows remote command execution. See http://www.securiteam.com/securitynews/5IP0B203PI.html
- + OSVDB-3396: /mlog.html: Remote file read vulnerability 1999-0068
- + OSVDB-3396: /mlog.phtml: Remote file read vulnerability 1999-0068
- + OSVDB-3396: /php/mlog.html: Remote file read vulnerability 1999-0346
- + OSVDB-3396: /php/mlog.phtml: Remote file read vulnerability 1999-0346
- + OSVDB-3411: /soapConfig.xml: Oracle 9iAS configuration file found - see bugtraq #4290.
- + OSVDB-3423: /XSQLConfig.xml: Oracle 9iAS configuration file found - see bugtraq #4290.
- + OSVDB-3489: /surf/scwebusers: SurfControl SuperScout Web Reports Server user and password file is available. CVE-2002-0705.
- + OSVDB-3501: /_private/form_results.htm: This file may contain information submitted by other web users via forms. CVE-1999-1052.
- + OSVDB-3501: /_private/form_results.html: This file may contain information submitted by other web users via forms. CVE-1999-1052.
- + OSVDB-3501: /_private/form_results.txt: This file may contain information submitted by other web users via forms. CVE-1999-1052.
- + OSVDB-3512: /scripts/tools/getdrvrs.exe: MS Jet database engine can be used to make DSNs, useful with an ODBC exploit and the RDS exploit (with msadcs.dll) which mail allow command execution. RFP9901 (http://www.wiretrip.net/rfp/p/doc.asp/i2/d3.htm).
- + OSVDB-3591: /project/index.php?m=projects&user_cookie=1: dotProject 0.2.1.5 may allow admin login bypass by adding the user_cookie=1 to the URL.
- + OSVDB-379: /site/eg/source.asp: This ASP (installed with Apache::ASP) allows attackers to upload files to the server. Upgrade to 1.95 or higher. CVE-2000-0628.
- + OSVDB-4: /iissamples/exair/search/advsearch.asp: Scripts within the Exair package on IIS 4 can be used for a DoS against the server. CVE-1999-0449. BID-193.
- + OSVDB-4013: /isqlplus: Oracle iSQL*Plus is installed. This may be vulnerable to a buffer overflow in the user ID field. http://www.ngssoftware.com/advisories/ora-isqlplus.txt
- + OSVDB-4161: /data/member_log.txt: Teekai's forum full 1.2 member's log can be retrieved remotely.
- + OSVDB-4161: /data/userlog/log.txt: Teekai's Tracking Online 1.0 log can be retrieved remotely.
- + OSVDB-4161: /userlog.php: Teekai's Tracking Online 1.0 log can be retrieved remotely.
- + OSVDB-4171: /ASP/cart/database/metacart.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web.
- + OSVDB-4171: /database/metacart.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web.
- + OSVDB-4171: /mcartfree/database/metacart.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web.
- + OSVDB-4171: /metacart/database/metacart.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web.
- + OSVDB-4171: /shop/database/metacart.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web.
- + OSVDB-4171: /shoponline/fpdb/shop.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web.
- + OSVDB-4171: /shopping/database/metacart.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web.
- + OSVDB-4237: /ban.bak: Bannermatic versions 1-3 reveal sensitive information from unprotected files. These files should be protected.
- + OSVDB-4237: /ban.dat: Bannermatic versions 1-3 reveal sensitive information from unprotected files. These files should be protected.
- + OSVDB-4237: /ban.log: Bannermatic versions 1-3 reveal sensitive information from unprotected files. These files should be protected.
- + OSVDB-4237: /banmat.pwd: Bannermatic versions 1-3 reveal sensitive information from unprotected files. These files should be protected.
- + OSVDB-4238: /admin/adminproc.asp: Xpede administration page may be available. The /admin directory should be protected.
- + OSVDB-4239: /admin/datasource.asp: Xpede page reveals SQL account name. The /admin directory should be protected.
- + OSVDB-4240: /utils/sprc.asp: Xpede page may allow SQL injection.
- + OSVDB-4314: /texis.exe/?-dump: Texis installation may reveal sensitive information.
- + OSVDB-4314: /texis.exe/?-version: Texis installation may reveal sensitive information.
- + OSVDB-4360: /acart2_0/acart2_0.mdb: Alan Ward A-Cart 2.0 allows remote user to read customer database file which may contain usernames, passwords, credit cards and more.
- + OSVDB-4361: /acart2_0/admin/category.asp: Alan Ward A-Cart 2.0 is vulnerable to an XSS attack which may cause the administrator to delete database information.
- + OSVDB-474: /Sites/Knowledge/Membership/Inspired/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. CVE-1999-0737. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
- + OSVDB-474: /Sites/Knowledge/Membership/Inspiredtutorial/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. CVE-1999-0737. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
- + OSVDB-474: /Sites/Samples/Knowledge/Membership/Inspired/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. CVE-1999-0737. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
- + OSVDB-474: /Sites/Samples/Knowledge/Membership/Inspiredtutorial/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. CVE-1999-0737. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
- + OSVDB-474: /Sites/Samples/Knowledge/Push/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. CVE-1999-0737. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
- + OSVDB-474: /Sites/Samples/Knowledge/Search/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. CVE-1999-0737. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
- + OSVDB-474: /SiteServer/Publishing/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. CVE-1999-0737. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
- + OSVDB-17671: /siteserver/publishing/viewcode.asp?source=/default.asp: May be able to view source code using Site Server vulnerability.
- + OSVDB-4908: /securelogin/1,2345,A,00.html: Vignette Story Server v4.1, 6, may disclose sensitive information via a buffer overflow.
- + OSVDB-5092: /config.inc: DotBr 0.1 configuration file includes usernames and passwords.
- + OSVDB-5095: /sysuser/docmgr/ieedit.stm?url=../: Sambar default file may allow directory listings.
- + OSVDB-5096: /sysuser/docmgr/iecreate.stm?template=../: Sambar default file may allow directory listings.
- + OSVDB-539: /catinfo: May be vulnerable to a buffer overflow. Request '/catinfo?' and add on 2048 of garbage to test.
- + OSVDB-5407: /soap/servlet/soaprouter: Oracle 9iAS SOAP components allow anonymous users to deploy applications by default.
- + OSVDB-5523: /MWS/HandleSearch.html?searchTarget=test&B1=Submit: MyWebServer 1.0.2 may be vulnerable to a buffer overflow (untested). Upgrade to a later version if 990b of searched data crashes the server.
- + OSVDB-562: /server-info: This gives a lot of Apache information. Comment out appropriate line in httpd.conf or restrict access to allowed hosts.
- + OSVDB-5709: /.nsconfig: Contains authorization information
- + OSVDB-596: /dc/auth_data/auth_user_file.txt: The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information.
- + OSVDB-596: /dc/orders/orders.txt: The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information.
- + OSVDB-596: /dcshop/auth_data/auth_user_file.txt: The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information.
- + OSVDB-596: /dcshop/orders/orders.txt: The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information.
- + OSVDB-6666: /cgi-bin/hpnst.exe?c=p+i=SrvSystemInfo.html: HP Instant TopTools GoAhead WebServer hpnst.exe may be vulnerable to a DoS.
- + OSVDB-6670: /applist.asp: Citrix server may allow remote users to view applications installed without authenticating.
- + OSVDB-6671: /launch.asp?NFuse_Application=LookOut&NFuse_MIMEExtension=.ica: Citrix server may reveal sensitive information by accessing the 'advanced' tab on hte login screen.
- + OSVDB-6672: /_layouts/alllibs.htm: Microsoft SharePoint Portal and Team Services vulnerable to NT or NTLM authentication bypass on Win2000 SP4 using IE 6.x. Bugtraq 03-11-19 post by arkanian@hacker.am
- + OSVDB-6672: /_layouts/settings.htm: Microsoft SharePoint Portal and Team Services vulnerable to NT or NTLM authentication bypass on Win2000 SP4 using IE 6.x. Bugtraq 03-11-19 post by arkanian@hacker.am
- + OSVDB-6672: /_layouts/userinfo.htm: Microsoft SharePoint Portal and Team Services vulnerable to NT or NTLM authentication bypass on Win2000 SP4 using IE 6.x. Bugtraq 03-11-19 post by arkanian@hacker.am
- + OSVDB-670: /stronghold-info: Redhat Stronghold from versions 2.3 up to 3.0 discloses sensitive information. This gives information on configuration. CVE-2001-0868.
- + OSVDB-670: /stronghold-status: Redhat Stronghold from versions 2.3 up to 3.0 discloses sensitive information. CVE-2001-0868.
- + OSVDB-7: /iissamples/exair/howitworks/Code.asp: Scripts within the Exair package on IIS 4 can be used for a DoS against the server. CVE-1999-0449. BID-193.
- + OSVDB-7: /iissamples/exair/howitworks/Codebrw1.asp: This is a default IIS script/file which should be removed, it may allow a DoS against the server. CVE-1999-0738. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp. CVE-1999-0449. BID-193.
- + OSVDB-707: /globals.jsa: Oracle globals.jsa file
- + OSVDB-721: /..%252f..%252f..%252f..%252f..%252f../windows/repair/sam: BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.
- + OSVDB-721: /..%252f..%252f..%252f..%252f..%252f../winnt/repair/sam: BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.
- + OSVDB-721: /..%252f..%252f..%252f..%252f..%252f../winnt/repair/sam._: BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.
- + OSVDB-721: /..%255c..%255c..%255c..%255c..%255c../windows/repair/sam: BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.
- + OSVDB-721: /..%255c..%255c..%255c..%255c..%255c../winnt/repair/sam: BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.
- + OSVDB-721: /..%255c..%255c..%255c..%255c..%255c../winnt/repair/sam._: BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.
- + OSVDB-724: /ans.pl?p=../../../../../usr/bin/id|&blah: Avenger's News System allows commands to be issued remotely. http://ans.gq.nu/ default admin string 'admin:aaLR8vE.jjhss:root@127.0.0.1', password file location 'ans_data/ans.passwd'
- + OSVDB-724: /ans/ans.pl?p=../../../../../usr/bin/id|&blah: Avenger's News System allows commands to be issued remotely.
- + OSVDB-789: /iissamples/sdk/asp/docs/CodeBrws.asp?Source=/IISSAMPLES/%c0%ae%c0%ae/default.asp: IIS may be vulnerable to source code viewing via the example CodeBrws.asp file. Remove all default files from the web root. CVE-1999-0739. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
- + OSVDB-9624: /pass_done.php: PY-Membres 4.2 may allow users to execute a query which generates a list of usernames and passwords.
- + OSVDB-9624: /admin/admin.php?adminpy=1: PY-Membres 4.2 may allow administrator access.
- + OSVDB-3092: /README: README file found.
- + OSVDB-3233: /j2ee/: j2ee directory found--possibly an Oracle app server directory.
- + OSVDB-3233: /WebCacheDemo.html: Oracle WebCache Demo
- + OSVDB-32333: /webcache/: Oracle WebCache Demo
- + OSVDB-3233: /webcache/webcache.xml: Oracle WebCache Demo
- + OSVDB-3233: /bmp/: SQLJ Demo Application
- + OSVDB-3233: /bmp/global-web-application.xml: SQLJ Demo Application
- + OSVDB-3233: /bmp/JSPClient.java: SQLJ Demo Application
- + OSVDB-3233: /bmp/mime.types: SQLJ Demo Application
- + OSVDB-3233: /bmp/README.txt: SQLJ Demo Application
- + OSVDB-3233: /bmp/sqljdemo.jsp: SQLJ Demo Application
- + OSVDB-3233: /bmp/setconn.jsp: SQLJ Demo Application
- + OSVDB-3233: /ptg_upgrade_pkg.log: Oracle log files.
- + OSVDB-3233: /OA_HTML/oam/weboam.log: Oracle log files.
- + OSVDB-3233: /webapp/admin/_pages/_bc4jadmin/: Oracle JSP files
- + OSVDB-3233: /_pages/_webapp/_admin/_showpooldetails.java: Oracle JSP files
- + OSVDB-3233: /_pages/_webapp/_admin/_showjavartdetails.java: Oracle JSP file
- + OSVDB-3233: /_pages/_demo/: Oracle JSP file
- + OSVDB-3233: /_pages/_webapp/_jsp/: Oracle JSP file.
- + OSVDB-3233: /_pages/_demo/_sql/: Oracle JSP file.
- + OSVDB-3233: //OA_HTML/_pages/: Oracle JSP file.
- + OSVDB-3233: /OA_HTML/webtools/doc/index.html: Cabo DHTML Components Help Page
- + OSVDB-18114: /reports/rwservlet?server=repserv+report=/tmp/hacker.rdf+destype=cache+desformat=PDF: Oracle Reports rwservlet report Variable Arbitrary Report Executable Execution
- + OSVDB-3233: /apex/: Oracle Application Express login screen.
- + OSVDB-3233: /OA_JAVA/: Oracle Applications Portal Page
- + OSVDB-3233: /OA_HTML/: Oracle Applications Portal Page
- + OSVDB-3233: /aplogon.html: Oracle Applications Portal Page
- + OSVDB-3233: /appdet.html: Oracle Applications Portal Pages
- + OSVDB-3233: /servlets/weboam/oam/oamLogin: Oracle Application Manager
- + OSVDB-3233: /OA_HTML/PTB/mwa_readme.htm: Oracle Mobile Applications Industrial Server administration and configuration inerface
- + OSVDB-3233: /reports/rwservlet: Oracle Reports
- + OSVDB-3233: /reports/rwservlet/showenv: Oracle Reports
- + OSVDB-3233: /reports/rwservlet/showmap: Oracle Reports
- + OSVDB-3233: /reports/rwservlet/showjobs: Oracle Reports
- + OSVDB-3233: /reports/rwservlet/getjobid7?server=myrep: Oracle Reports
- + OSVDB-3233: /reports/rwservlet/getjobid4?server=myrep: Oracle Reports
- + OSVDB-3233: /reports/rwservlet/showmap?server=myserver: Oracle Reports
- + OSVDB-3093: /pls/portal/owa_util.cellsprint?p_theQuery=select: Direct access to Oracle packages could have an unkown impact.
- + OSVDB-3093: /pls/portal/owa_util.listprint?p_theQuery=select: Access to Oracle pages could have an unknown impact.
- + OSVDB-3093: /pls/portal/owa_util.show_query_columns?ctable=sys.dba_users: Access to Oracle pages could have an unknown impact.
- + OSVDB-3093: /pls/portal/owa_util.showsource?cname=owa_util: Access to Oracle pages could have an unknown impact.
- + OSVDB-3093: /pls/portal/owa_util.cellsprint?p_theQuery=select+*+from+sys.dba_users: Access to Oracle pages could have an unknown impact.
- + OSVDB-3093: /pls/portal/owa_util.signature: Access to Oracle pages could have an unknown impact.
- + OSVDB-3093: /pls/portal/HTP.PRINT: Access to Oracle pages could have an unknown impact.
- + OSVDB-3093: /pls/portal/CXTSYS.DRILOAD.VALIDATE_STMT: Access to Oracle pages could have an unknown impact.
- + OSVDB-3093: /pls/portal/PORTAL_DEMO.ORG_CHART.SHOW: Access to Oracle pages could have an unknown impact.
- + OSVDB-3093: /pls/portal/PORTAL.wwv_form.genpopuplist: Access to Oracle pages cold have an unknown impact.
- + OSVDB-3093: /pls/portal/PORTAL.wwv_ui_lovf.show: Access to Oracle pages could have an unknown impact.
- + OSVDB-3093: /pls/portal/PORTAL.wwa_app_module.link: Access to Oracle pages could have an unknown impact.
- + OSVDB-3093: /pls/portal/PORTAL.wwv_dynxml_generator.show: Access to Oracle pages could have an unknown impact.
- + OSVDB-3093: /pls/portal/PORTAL.home: Access to Oracle pages could have an unknown impact.
- + OSVDB-3093: /pls/portal/PORTAL.wwv_setting.render_css: Access to Oracle pages could have an unknown impact.
- + OSVDB-3093: /pls/portal/PORTAL.wwv_main.render_warning_screen?p_oldurl=inTellectPRO&p_newurl=inTellectPRO: Access to Oracle pages could have an unknown impact.
- + OSVDB-3093: /pls/portal/SELECT: Access to Oracle pages could have an unknown impact.
- + OSVDB-3093: /pls/portal/null: Access to Oracle pages could have an unknown impact.
- + OSVDB-3093: /OA_MEDIA/: Oracle Applications portal pages found.
- + OSVDB-3093: /OA_HTML/META-INF/: Oracle Applications portal pages found.
- + OSVDB-3093: /OA_HTML/jsp/por/services/login.jsp: Oracle Applications portal pages found.
- + OSVDB-3093: /OA_HTML/PTB/ICXINDEXBASECASE.htm: Oracle Applications portal pages found.
- + OSVDB-3093: /OA_HTML/PTB/ECXOTAPing.htm: Oracle Applications portal pages found.
- + OSVDB-3093: /OA_HTML/PTB/xml_sample1.htm: Oracle Applications portal pages found.
- + OSVDB-3093: /OA_HTML/jsp/wf/WFReassign.jsp: Oracle Applications portal pages found.
- + OSVDB-3093: /OA_JAVA/Oracle/: Oracle Applications portal pages found.
- + OSVDB-3093: /OA_JAVA/servlet.zip: Oracle Applications portal pages found.
- + OSVDB-3093: /OA_JAVA/oracle/forms/registry/Registry.dat: Oracle Applications portal pages found.
- + OSVDB-3093: /OA_HTML/oam/: Oracle Applications portal pages found.
- + OSVDB-3233: /OA_HTML/jsp/: Oracle Applications portal page found
- + OSVDB-3233: /OA_HTML/jsp/fnd/fndversion.jsp: Oracle Applications help page found.
- + OSVDB-3233: /OA_HTML/jsp/fnd/fndhelp.jsp?dbc=/u01/oracle/prodappl/fnd/11.5.0/secure/dbprod2_prod.dbc: Oracle Applications help page found.
- + OSVDB-3233: /OA_HTML/jsp/fnd/fndhelputil.jsp: Oracle Applications help page found.
- + OSVDB-3092: /install/install.php: Install file found.
- + OSVDB-3092: /cehttp/trace: Sterling Commerce Connect Direct trace log file may contain user ID information.
- + OSVDB-3092: /cehttp/property/: Sterling Commerce Connect Direct configuration files.
- + OSVDB-3233: /nps/iManager.html: Novell iManager found.
- + OSVDB-3233: /nps/version.jsp: Novell iManager version found.
- + OSVDB-3233: /nps/servlet/webacc?taskId=dev.Empty&merge=fw.About: Novell iManager version found.
- + OSVDB-3233: /doc/icodUserGuide.pdf: Instant Capacity on Demand (iCOD) Userís Guide.
- + OSVDB-3233: /doc/planning_SuperDome_configs.pdf: Planning HP SuperDome Configurations
- + OSVDB-3233: /doc/vxvm/pitc_ag.pdf: VERITAS FlashSnapTM Point-In-Time Copy Solutions documentation.
- + OSVDB-3233: /doc/Judy/Judy_tech_book.pdf: HP Judy documentation found.
- + OSVDB-3233: /doc/vxvm/vxvm_ag.pdf: Veritas Volume Manager documentation.
- + OSVDB-3233: /doc/vxvm/vxvm_hwnotes.pdf: Veritas Volume Manager documentation.
- + OSVDB-3233: /doc/vxvm/vxvm_ig.pdf: Veritas Volume Manager documentation.
- + OSVDB-3233: /doc/vxvm/vxvm_mig.pdf: Veritas Volume Manager documentation.
- + OSVDB-3233: /doc/vxvm/vxvm_tshoot.pdf: Veritas Volume Manager documentation.
- + OSVDB-3233: /doc/vxvm/vxvm_notes.pdf: Veritas Volume Manager documentation.
- + OSVDB-3233: /doc/vxvm/vxvm_ug.pdf: Veritas Volume Manager documentation.
- + OSVDB-3092: /staging/: This may be interesting...
- + OSVDB-3092: /_archive/: Archive found.
- + OSVDB-3092: /INSTALL.txt: Default file found.
- + OSVDB-3092: /UPGRADE.txt: Default file found.
- + OSVDB-3092: /install.php: install.php file found.
- + OSVDB-3092: /LICENSE.txt: License file found may identify site software.
- + OSVDB-3092: /upgrade.php: upgrade.php was found.
- + OSVDB-3092: /xmlrpc.php: xmlrpc.php was found.
- + OSVDB-3092: /CHANGELOG.txt: A changelog was found.
- + OSVDB-3092: /sitemap.gz: The sitemap.gz file, used for Google indexing, contains an xml representation of the web site's structure.
- + OSVDB-3092: /content/sitemap.gz: The sitemap.gz file, used for Google indexing, contains an xml representation of the web site\'s structure.
- + /webservices/IlaWebServices: Host has the Oracle iLearning environment installed.
- + /phone/: This may be interesting...
- + /aspnet_files/: .NET client side script files indicate .NET may be running. See http://msdn.microsoft.com/en-us/library/aa479045.aspx#aspplusvalid_clientside
- + OSVDB-3092: /Admin/: This might be interesting...
- + OSVDB-3092: /af/: This might be interesting... potential country code (Afghanistan)
- + OSVDB-3092: /ax/: This might be interesting... potential country code (Aland Islands)
- + OSVDB-3092: /al/: This might be interesting... potential country code (Albania)
- + OSVDB-3092: /dz/: This might be interesting... potential country code (Algeria)
- + OSVDB-3092: /as/: This might be interesting... potential country code (American Samoa)
- + OSVDB-3092: /ad/: This might be interesting... potential country code (Andorra)
- + OSVDB-3092: /ao/: This might be interesting... potential country code (Angola)
- + OSVDB-3092: /ai/: This might be interesting... potential country code (Anguilla)
- + OSVDB-3092: /aq/: This might be interesting... potential country code (Antarctica)
- + OSVDB-3092: /ag/: This might be interesting... potential country code (Antigua And Barbuda)
- + OSVDB-3092: /ar/: This might be interesting... potential country code (Argentina)
- + OSVDB-3092: /am/: This might be interesting... potential country code (Armenia)
- + OSVDB-3092: /aw/: This might be interesting... potential country code (Aruba)
- + OSVDB-3092: /au/: This might be interesting... potential country code (Australia)
- + OSVDB-3092: /at/: This might be interesting... potential country code (Austria)
- + OSVDB-3092: /az/: This might be interesting... potential country code (Azerbaijan)
- + OSVDB-3092: /bs/: This might be interesting... potential country code (Bahamas)
- + OSVDB-3092: /bh/: This might be interesting... potential country code (Bahrain)
- + OSVDB-3092: /bd/: This might be interesting... potential country code (Bangladesh)
- + OSVDB-3092: /bb/: This might be interesting... potential country code (Barbados)
- + OSVDB-3092: /by/: This might be interesting... potential country code (Belarus)
- + OSVDB-3092: /be/: This might be interesting... potential country code (Belgium)
- + OSVDB-3092: /bz/: This might be interesting... potential country code (Belize)
- + OSVDB-3092: /bj/: This might be interesting... potential country code (Benin)
- + OSVDB-3092: /bm/: This might be interesting... potential country code (Bermuda)
- + OSVDB-3092: /bt/: This might be interesting... potential country code (Bhutan)
- + OSVDB-3092: /bo/: This might be interesting... potential country code (Bolivia)
- + OSVDB-3092: /ba/: This might be interesting... potential country code (Bosnia And Herzegovina)
- + OSVDB-3092: /bw/: This might be interesting... potential country code (Botswana)
- + OSVDB-3092: /bv/: This might be interesting... potential country code (Bouvet Island)
- + OSVDB-3092: /br/: This might be interesting... potential country code (Brazil)
- + OSVDB-3092: /io/: This might be interesting... potential country code (British Indian Ocean Territory)
- + OSVDB-3092: /bn/: This might be interesting... potential country code (Brunei Darussalam)
- + OSVDB-3092: /bg/: This might be interesting... potential country code (Bulgaria)
- + OSVDB-3092: /bf/: This might be interesting... potential country code (Burkina Faso)
- + OSVDB-3092: /bi/: This might be interesting... potential country code (Burundi)
- + OSVDB-3092: /kh/: This might be interesting... potential country code (Cambodia)
- + OSVDB-3092: /cm/: This might be interesting... potential country code (Cameroon)
- + OSVDB-3092: /ca/: This might be interesting... potential country code (Canada)
- + OSVDB-3092: /cv/: This might be interesting... potential country code (Cape Verde)
- + OSVDB-3092: /ky/: This might be interesting... potential country code (Cayman Islands)
- + OSVDB-3092: /cf/: This might be interesting... potential country code (Central African Republic)
- + OSVDB-3092: /td/: This might be interesting... potential country code (Chad)
- + OSVDB-3092: /cl/: This might be interesting... potential country code (Chile)
- + OSVDB-3092: /cn/: This might be interesting... potential country code (China)
- + OSVDB-3092: /cx/: This might be interesting... potential country code (Christmas Island)
- + OSVDB-3092: /cc/: This might be interesting... potential country code (Cocos (keeling) Islands)
- + OSVDB-3092: /co/: This might be interesting... potential country code (Colombia)
- + OSVDB-3092: /km/: This might be interesting... potential country code (Comoros)
- + OSVDB-3092: /cg/: This might be interesting... potential country code (Congo)
- + OSVDB-3092: /cd/: This might be interesting... potential country code (The Democratic Republic Of The Congo)
- + OSVDB-3092: /ck/: This might be interesting... potential country code (Cook Islands)
- + OSVDB-3092: /cr/: This might be interesting... potential country code (Costa Rica)
- + OSVDB-3092: /ci/: This might be interesting... potential country code (CÔte D'ivoire)
- + OSVDB-3092: /hr/: This might be interesting... potential country code (Croatia)
- + OSVDB-3092: /cu/: This might be interesting... potential country code (Cuba)
- + OSVDB-3092: /cy/: This might be interesting... potential country code (Cyprus)
- + OSVDB-3092: /cz/: This might be interesting... potential country code (Czech Republic)
- + OSVDB-3092: /dk/: This might be interesting... potential country code (Denmark)
- + OSVDB-3092: /dj/: This might be interesting... potential country code (Djibouti)
- + OSVDB-3092: /dm/: This might be interesting... potential country code (Dominica)
- + OSVDB-3092: /do/: This might be interesting... potential country code (Dominican Republic)
- + OSVDB-3092: /ec/: This might be interesting... potential country code (Ecuador)
- + OSVDB-3092: /eg/: This might be interesting... potential country code (Egypt)
- + OSVDB-3092: /sv/: This might be interesting... potential country code (El Salvador)
- + OSVDB-3092: /gq/: This might be interesting... potential country code (Equatorial Guinea)
- + OSVDB-3092: /er/: This might be interesting... potential country code (Eritrea)
- + OSVDB-3092: /ee/: This might be interesting... potential country code (Estonia)
- + OSVDB-3092: /et/: This might be interesting... potential country code (Ethiopia)
- + OSVDB-3092: /fk/: This might be interesting... potential country code (Falkland Islands (malvinas))
- + OSVDB-3092: /fo/: This might be interesting... potential country code (Faroe Islands)
- + OSVDB-3092: /fj/: This might be interesting... potential country code (Fiji)
- + OSVDB-3092: /fi/: This might be interesting... potential country code (Finland)
- + OSVDB-3092: /fr/: This might be interesting... potential country code (France)
- + OSVDB-3092: /gf/: This might be interesting... potential country code (French Guiana)
- + OSVDB-3092: /pf/: This might be interesting... potential country code (French Polynesia)
- + OSVDB-3092: /tf/: This might be interesting... potential country code (French Southern Territories)
- + OSVDB-3092: /ga/: This might be interesting... potential country code (Gabon)
- + OSVDB-3092: /gm/: This might be interesting... potential country code (Gambia)
- + OSVDB-3092: /ge/: This might be interesting... potential country code (Georgia)
- + OSVDB-3092: /de/: This might be interesting... potential country code (Germany)
- + OSVDB-3092: /gh/: This might be interesting... potential country code (Ghana)
- + OSVDB-3092: /gi/: This might be interesting... potential country code (Gibraltar)
- + OSVDB-3092: /gr/: This might be interesting... potential country code (Greece)
- + OSVDB-3092: /gl/: This might be interesting... potential country code (Greenland)
- + OSVDB-3092: /gd/: This might be interesting... potential country code (Grenada)
- + OSVDB-3092: /gp/: This might be interesting... potential country code (Guadeloupe)
- + OSVDB-3092: /gu/: This might be interesting... potential country code (Guam)
- + OSVDB-3092: /gt/: This might be interesting... potential country code (Guatemala)
- + OSVDB-3092: /gg/: This might be interesting... potential country code (Guernsey)
- + OSVDB-3092: /gn/: This might be interesting... potential country code (Guinea)
- + OSVDB-3092: /gw/: This might be interesting... potential country code (Guinea-bissau)
- + OSVDB-3092: /gy/: This might be interesting... potential country code (Guyana)
- + OSVDB-3092: /ht/: This might be interesting... potential country code (Haiti)
- + OSVDB-3092: /hm/: This might be interesting... potential country code (Heard Island And Mcdonald Islands)
- + OSVDB-3092: /va/: This might be interesting... potential country code (Holy See (vatican City State))
- + OSVDB-3092: /hn/: This might be interesting... potential country code (Honduras)
- + OSVDB-3092: /hk/: This might be interesting... potential country code (Hong Kong)
- + OSVDB-3092: /hu/: This might be interesting... potential country code (Hungary)
- + OSVDB-3092: /is/: This might be interesting... potential country code (Iceland)
- + OSVDB-3092: /in/: This might be interesting... potential country code (India)
- + OSVDB-3092: /id/: This might be interesting... potential country code (Indonesia)
- + OSVDB-3092: /ir/: This might be interesting... potential country code (Islamic Republic Of Iran)
- + OSVDB-3092: /iq/: This might be interesting... potential country code (Iraq)
- + OSVDB-3092: /ie/: This might be interesting... potential country code (Ireland)
- + OSVDB-3092: /im/: This might be interesting... potential country code (Isle Of Man)
- + OSVDB-3092: /il/: This might be interesting... potential country code (Israel)
- + OSVDB-3092: /it/: This might be interesting... potential country code (Italy)
- + OSVDB-3092: /jm/: This might be interesting... potential country code (Jamaica)
- + OSVDB-3092: /jp/: This might be interesting... potential country code (Japan)
- + OSVDB-3092: /je/: This might be interesting... potential country code (Jersey)
- + OSVDB-3092: /jo/: This might be interesting... potential country code (Jordan)
- + OSVDB-3092: /kz/: This might be interesting... potential country code (Kazakhstan)
- + OSVDB-3092: /ke/: This might be interesting... potential country code (Kenya)
- + OSVDB-3092: /ki/: This might be interesting... potential country code (Kiribati)
- + OSVDB-3092: /kp/: This might be interesting... potential country code (Democratic People's Republic Of Korea)
- + OSVDB-3092: /kr/: This might be interesting... potential country code (Republic Of Korea)
- + OSVDB-3092: /kw/: This might be interesting... potential country code (Kuwait)
- + OSVDB-3092: /kg/: This might be interesting... potential country code (Kyrgyzstan)
- + OSVDB-3092: /la/: This might be interesting... potential country code (Lao People's Democratic Republic)
- + OSVDB-3092: /lv/: This might be interesting... potential country code (Latvia)
- + OSVDB-3092: /lb/: This might be interesting... potential country code (Lebanon)
- + OSVDB-3092: /ls/: This might be interesting... potential country code (Lesotho)
- + OSVDB-3092: /lr/: This might be interesting... potential country code (Liberia)
- + OSVDB-3092: /ly/: This might be interesting... potential country code (Libyan Arab Jamahiriya)
- + OSVDB-3092: /li/: This might be interesting... potential country code (Liechtenstein)
- + OSVDB-3092: /lt/: This might be interesting... potential country code (Lithuania)
- + OSVDB-3092: /lu/: This might be interesting... potential country code (Luxembourg)
- + OSVDB-3092: /mo/: This might be interesting... potential country code (Macao)
- + OSVDB-3092: /mk/: This might be interesting... potential country code (Macedonia)
- + OSVDB-3092: /mg/: This might be interesting... potential country code (Madagascar)
- + OSVDB-3092: /mw/: This might be interesting... potential country code (Malawi)
- + OSVDB-3092: /my/: This might be interesting... potential country code (Malaysia)
- + OSVDB-3092: /mv/: This might be interesting... potential country code (Maldives)
- + OSVDB-3092: /ml/: This might be interesting... potential country code (Mali)
- + OSVDB-3092: /mt/: This might be interesting... potential country code (Malta)
- + OSVDB-3092: /mh/: This might be interesting... potential country code (Marshall Islands)
- + OSVDB-3092: /mq/: This might be interesting... potential country code (Martinique)
- + OSVDB-3092: /mr/: This might be interesting... potential country code (Mauritania)
- + OSVDB-3092: /mu/: This might be interesting... potential country code (Mauritius)
- + OSVDB-3092: /yt/: This might be interesting... potential country code (Mayotte)
- + OSVDB-3092: /mx/: This might be interesting... potential country code (Mexico)
- + OSVDB-3092: /fm/: This might be interesting... potential country code (Federated States Of Micronesia)
- + OSVDB-3092: /md/: This might be interesting... potential country code (Republic Of Moldova)
- + OSVDB-3092: /mc/: This might be interesting... potential country code (Monaco)
- + OSVDB-3092: /mn/: This might be interesting... potential country code (Mongolia)
- + OSVDB-3092: /me/: This might be interesting... potential country code (Montenegro)
- + OSVDB-3092: /ms/: This might be interesting... potential country code (Montserrat)
- + OSVDB-3092: /ma/: This might be interesting... potential country code (Morocco)
- + OSVDB-3092: /mz/: This might be interesting... potential country code (Mozambique)
- + OSVDB-3092: /mm/: This might be interesting... potential country code (Myanmar)
- + OSVDB-3092: /na/: This might be interesting... potential country code (Namibia)
- + OSVDB-3092: /nr/: This might be interesting... potential country code (Nauru)
- + OSVDB-3092: /np/: This might be interesting... potential country code (Nepal)
- + OSVDB-3092: /nl/: This might be interesting... potential country code (Netherlands)
- + OSVDB-3092: /an/: This might be interesting... potential country code (Netherlands Antilles)
- + OSVDB-3092: /nc/: This might be interesting... potential country code (New Caledonia)
- + OSVDB-3092: /nz/: This might be interesting... potential country code (New Zealand)
- + OSVDB-3092: /ni/: This might be interesting... potential country code (Nicaragua)
- + OSVDB-3092: /ne/: This might be interesting... potential country code (Niger)
- + OSVDB-3092: /ng/: This might be interesting... potential country code (Nigeria)
- + OSVDB-3092: /nu/: This might be interesting... potential country code (Niue)
- + OSVDB-3092: /nf/: This might be interesting... potential country code (Norfolk Island)
- + OSVDB-3092: /mp/: This might be interesting... potential country code (Northern Mariana Islands)
- + OSVDB-3092: /no/: This might be interesting... potential country code (Norway)
- + OSVDB-3092: /om/: This might be interesting... potential country code (Oman)
- + OSVDB-3092: /pk/: This might be interesting... potential country code (Pakistan)
- + OSVDB-3092: /pw/: This might be interesting... potential country code (Palau)
- + OSVDB-3092: /ps/: This might be interesting... potential country code (Palestinian Territory)
- + OSVDB-3092: /pa/: This might be interesting... potential country code (Panama)
- + OSVDB-3092: /pg/: This might be interesting... potential country code (Papua New Guinea)
- + OSVDB-3092: /py/: This might be interesting... potential country code (Paraguay)
- + OSVDB-3092: /pe/: This might be interesting... potential country code (Peru)
- + OSVDB-3092: /ph/: This might be interesting... potential country code (Philippines)
- + OSVDB-3092: /pn/: This might be interesting... potential country code (Pitcairn)
- + OSVDB-3092: /pl/: This might be interesting... potential country code (Poland)
- + OSVDB-3092: /pt/: This might be interesting... potential country code (Portugal)
- + OSVDB-3092: /pr/: This might be interesting... potential country code (Puerto Rico)
- + OSVDB-3092: /qa/: This might be interesting... potential country code (Qatar)
- + OSVDB-3092: /re/: This might be interesting... potential country code (RÉunion)
- + OSVDB-3092: /ro/: This might be interesting... potential country code (Romania)
- + OSVDB-3092: /ru/: This might be interesting... potential country code (Russian Federation)
- + OSVDB-3092: /rw/: This might be interesting... potential country code (Rwanda)
- + OSVDB-3092: /bl/: This might be interesting... potential country code (Saint BarthÉlemy)
- + OSVDB-3092: /sh/: This might be interesting... potential country code (Saint Helena)
- + OSVDB-3092: /kn/: This might be interesting... potential country code (Saint Kitts And Nevis)
- + OSVDB-3092: /lc/: This might be interesting... potential country code (Saint Lucia)
- + OSVDB-3092: /mf/: This might be interesting... potential country code (Saint Martin)
- + OSVDB-3092: /pm/: This might be interesting... potential country code (Saint Pierre And Miquelon)
- + OSVDB-3092: /vc/: This might be interesting... potential country code (Saint Vincent And The Grenadines)
- + OSVDB-3092: /ws/: This might be interesting... potential country code (Samoa)
- + OSVDB-3092: /sm/: This might be interesting... potential country code (San Marino)
- + OSVDB-3092: /st/: This might be interesting... potential country code (Sao Tome And Principe)
- + OSVDB-3092: /sa/: This might be interesting... potential country code (Saudi Arabia)
- + OSVDB-3092: /sn/: This might be interesting... potential country code (Senegal)
- + OSVDB-3092: /rs/: This might be interesting... potential country code (Serbia)
- + OSVDB-3092: /sc/: This might be interesting... potential country code (Seychelles)
- + OSVDB-3092: /sl/: This might be interesting... potential country code (Sierra Leone)
- + OSVDB-3092: /sg/: This might be interesting... potential country code (Singapore)
- + OSVDB-3092: /sk/: This might be interesting... potential country code (Slovakia)
- + OSVDB-3092: /si/: This might be interesting... potential country code (Slovenia)
- + OSVDB-3092: /sb/: This might be interesting... potential country code (Solomon Islands)
- + OSVDB-3092: /so/: This might be interesting... potential country code (Somalia)
- + OSVDB-3092: /za/: This might be interesting... potential country code (South Africa)
- + OSVDB-3092: /gs/: This might be interesting... potential country code (South Georgia And The South Sandwich Islands)
- + OSVDB-3092: /es/: This might be interesting... potential country code (Spain)
- + OSVDB-3092: /lk/: This might be interesting... potential country code (Sri Lanka)
- + OSVDB-3092: /sd/: This might be interesting... potential country code (Sudan)
- + OSVDB-3092: /sr/: This might be interesting... potential country code (Suriname)
- + OSVDB-3092: /sj/: This might be interesting... potential country code (Svalbard And Jan Mayen)
- + OSVDB-3092: /sz/: This might be interesting... potential country code (Swaziland)
- + OSVDB-3092: /se/: This might be interesting... potential country code (Sweden)
- + OSVDB-3092: /ch/: This might be interesting... potential country code (Switzerland)
- + OSVDB-3092: /sy/: This might be interesting... potential country code (Syrian Arab Republic)
- + OSVDB-3092: /tw/: This might be interesting... potential country code (Taiwan)
- + OSVDB-3092: /tj/: This might be interesting... potential country code (Tajikistan)
- + OSVDB-3092: /tz/: This might be interesting... potential country code (United Republic Of Tanzania)
- + OSVDB-3092: /th/: This might be interesting... potential country code (Thailand)
- + OSVDB-3092: /tl/: This might be interesting... potential country code (Timor-leste)
- + OSVDB-3092: /tg/: This might be interesting... potential country code (Togo)
- + OSVDB-3092: /tk/: This might be interesting... potential country code (Tokelau)
- + OSVDB-3092: /to/: This might be interesting... potential country code (Tonga)
- + OSVDB-3092: /tt/: This might be interesting... potential country code (Trinidad And Tobago)
- + OSVDB-3092: /tn/: This might be interesting... potential country code (Tunisia)
- + OSVDB-3092: /tr/: This might be interesting... potential country code (Turkey)
- + OSVDB-3092: /tm/: This might be interesting... potential country code (Turkmenistan)
- + OSVDB-3092: /tc/: This might be interesting... potential country code (Turks And Caicos Islands)
- + OSVDB-3092: /tv/: This might be interesting... potential country code (Tuvalu)
- + OSVDB-3092: /ug/: This might be interesting... potential country code (Uganda)
- + OSVDB-3092: /ua/: This might be interesting... potential country code (Ukraine)
- + OSVDB-3092: /ae/: This might be interesting... potential country code (United Arab Emirates)
- + OSVDB-3092: /gb/: This might be interesting... potential country code (United Kingdom)
- + OSVDB-3092: /us/: This might be interesting... potential country code (United States)
- + OSVDB-3092: /um/: This might be interesting... potential country code (United States Minor Outlying Islands)
- + OSVDB-3092: /uy/: This might be interesting... potential country code (Uruguay)
- + OSVDB-3092: /uz/: This might be interesting... potential country code (Uzbekistan)
- + OSVDB-3092: /vu/: This might be interesting... potential country code (Vanuatu)
- + OSVDB-3092: /ve/: This might be interesting... potential country code (Venezuela)
- + OSVDB-3092: /vn/: This might be interesting... potential country code (Viet Nam)
- + OSVDB-3092: /vg/: This might be interesting... potential country code (British Virgin Islands)
- + OSVDB-3092: /vi/: This might be interesting... potential country code (U.S. Virgin Islands)
- + OSVDB-3092: /wf/: This might be interesting... potential country code (Wallis And Futuna)
- + OSVDB-3092: /eh/: This might be interesting... potential country code (Western Sahara)
- + OSVDB-3092: /ye/: This might be interesting... potential country code (Yemen)
- + OSVDB-3092: /zm/: This might be interesting... potential country code (Zambia)
- + OSVDB-3092: /zw/: This might be interesting... potential country code (Zimbabwe)
- + OSVDB-3092: /www/2: This might be interesting...
- + OSVDB-3093: /includes/db.inc: Include files (.inc) should not be served in plain text.
- + OSVDB-3093: /includes/sendmail.inc: Include files (.inc) should not be served in plain text.
- + OSVDB-3092: /license.txt: License file found may identify site software.
- + OSVDB-3092: /install.txt: Install file found may identify site software.
- + OSVDB-3092: /LICENSE.TXT: License file found may identify site software.
- + OSVDB-3092: /INSTALL.TXT: Install file found may identify site software.
- + /config/config.txt: Configuration file found.
- + /config/readme.txt: Readme file found.
- + /data/readme.txt: Readme file found.
- + /log/readme.txt: Readme file found.
- + /logs/readme.txt: Readme file found.
- + /uploads/readme.txt: Readme file found.
- + /admin1.php: Admin login page found.
- + /admin.asp: Admin login page/section found.
- + /admin/account.asp: Admin login page/section found.
- + /admin/account.html: Admin login page/section found.
- + /admin/account.php: Admin login page/section found.
- + /admin/controlpanel.asp: Admin login page/section found.
- + /admin/controlpanel.html: Admin login page/section found.
- + /admin/controlpanel.php: Admin login page/section found.
- + /admin/cp.asp: Admin login page/section found.
- + /admin/cp.html: Admin login page/section found.
- + /admin/cp.php: Admin login page/section found.
- + /admin/home.asp: Admin login page/section found.
- + /admin/home.php: Admin login page/section found.
- + /admin/index.asp: Admin login page/section found.
- + /admin/index.html: Admin login page/section found.
- + /admin/login.asp: Admin login page/section found.
- + /admin/login.html: Admin login page/section found.
- + /admin/login.php: Admin login page/section found.
- + /admin1.asp: Admin login page/section found.
- + /admin1.html: Admin login page/section found.
- + /admin1/: Admin login page/section found.
- + /admin2.asp: Admin login page/section found.
- + /admin2.html: Admin login page/section found.
- + /admin2.php: Admin login page/section found.
- + /admin4_account/: Admin login page/section found.
- + /admin4_colon/: Admin login page/section found.
- + /admincontrol.asp: Admin login page/section found.
- + /admincontrol.html: Admin login page/section found.
- + /admincontrol.php: Admin login page/section found.
- + /administer/: Admin login page/section found.
- + /administr8.asp: Admin login page/section found.
- + /administr8.html: Admin login page/section found.
- + /administr8.php: Admin login page/section found.
- + /administr8/: Admin login page/section found.
- + /administracao.php: Admin login page/section found.
- + /administraçao.php: Admin login page/section found.
- + /administracao/: Admin login page/section found.
- + /administraçao/: Admin login page/section found.
- + /administracion.php: Admin login page/section found.
- + /administracion/: Admin login page/section found.
- + /administrateur.php: Admin login page/section found.
- + /administrateur/: Admin login page/section found.
- + /administratie/: Admin login page/section found.
- + /administration.html: Admin login page/section found.
- + /administration.php: Admin login page/section found.
- + /administration/: Admin login page/section found.
- + /administrator.asp: Admin login page/section found.
- + /administrator.html: Admin login page/section found.
- + /administrator.php: Admin login page/section found.
- + /administrator/account.asp: Admin login page/section found.
- + /administrator/account.html: Admin login page/section found.
- + /administrator/account.php: Admin login page/section found.
- + /administrator/index.asp: Admin login page/section found.
- + /administrator/index.html: Admin login page/section found.
- + /administrator/index.php: Admin login page/section found.
- + /administrator/login.asp: Admin login page/section found.
- + /administrator/login.html: Admin login page/section found.
- + /administrator/login.php: Admin login page/section found.
- + /administratoraccounts/: Admin login page/section found.
- + /administrators/: Admin login page/section found.
- + /administrivia/: Admin login page/section found.
- + /adminisztrátora.php: Admin login page/section found.
- + /adminisztrátora/: Admin login page/section found.
- + /adminpanel.asp: Admin login page/section found.
- + /adminpanel.html: Admin login page/section found.
- + /adminpanel.php: Admin login page/section found.
- + /adminpro/: Admin login page/section found.
- + /admins.asp: Admin login page/section found.
- + /admins.html: Admin login page/section found.
- + /admins.php: Admin login page/section found.
- + /admins/: Admin login page/section found.
- + /AdminTools/: Admin login page/section found.
- + /amministratore.php: Admin login page/section found.
- + /amministratore/: Admin login page/section found.
- + /autologin/: Admin login page/section found.
- + /banneradmin/: Admin login page/section found.
- + /bbadmin/: Admin login page/section found.
- + /beheerder.php: Admin login page/section found.
- + /beheerder/: Admin login page/section found.
- + /bigadmin/: Admin login page/section found.
- + /blogindex/: Admin login page/section found.
- + /cadmins/: Admin login page/section found.
- + /ccms/: Admin login page/section found.
- + /ccms/index.php: Admin login page/section found.
- + /ccms/login.php: Admin login page/section found.
- + /ccp14admin/: Admin login page/section found.
- + /cmsadmin/: Admin login page/section found.
- + /configuration/: Admin login page/section found.
- + /configure/: Admin login page/section found.
- + /controlpanel.asp: Admin login page/section found.
- + /controlpanel.html: Admin login page/section found.
- + /controlpanel.php: Admin login page/section found.
- + /controlpanel/: Admin login page/section found.
- + /cp.asp: Admin login page/section found.
- + /cp.html: Admin login page/section found.
- + /cp.php: Admin login page/section found.
- + /cpanel_file/: Admin login page/section found.
- + /customer_login/: Admin login page/section found.
- + /database_administration/: Admin login page/section found.
- + /Database_Administration/: Admin login page/section found.
- + /dir-login/: Admin login page/section found.
- + /directadmin/: Admin login page/section found.
- + /ezsqliteadmin/: Admin login page/section found.
- + /fileadmin.asp: Admin login page/section found.
- + /fileadmin.html: Admin login page/section found.
- + /fileadmin.php: Admin login page/section found.
- + /formslogin/: Admin login page/section found.
- + /globes_admin/: Admin login page/section found.
- + /hpwebjetadmin/: Admin login page/section found.
- + /Indy_admin/: Admin login page/section found.
- + /irc-macadmin/: Admin login page/section found.
- + /LiveUser_Admin/: Admin login page/section found.
- + /login_db/: Admin login page/section found.
- + /login-redirect/: Admin login page/section found.
- + /login-us/: Admin login page/section found.
- + /login.asp: Admin login page/section found.
- + /login.html: Admin login page/section found.
- + /login.php: Admin login page/section found.
- + /login1/: Admin login page/section found.
- + /loginflat/: Admin login page/section found.
- + /logo_sysadmin/: Admin login page/section found.
- + /Lotus_Domino_Admin/: Admin login page/section found.
- + /macadmin/: Admin login page/section found.
- + /maintenance/: Admin login page/section found.
- + /manuallogin/: Admin login page/section found.
- + /memlogin/: Admin login page/section found.
- + /meta_login/: Admin login page/section found.
- + /modelsearch/login.asp: Admin login page/section found.
- + /modelsearch/login.php: Admin login page/section found.
- + /moderator.asp: Admin login page/section found.
- + /moderator.html: Admin login page/section found.
- + /moderator.php: Admin login page/section found.
- + /moderator/: Admin login page/section found.
- + /moderator/admin.asp: Admin login page/section found.
- + /moderator/admin.html: Admin login page/section found.
- + /moderator/admin.php: Admin login page/section found.
- + /moderator/login.asp: Admin login page/section found.
- + /moderator/login.html: Admin login page/section found.
- + /moderator/login.php: Admin login page/section found.
- + /myadmin/: Admin login page/section found.
- + /navSiteAdmin/: Admin login page/section found.
- + /newsadmin/: Admin login page/section found.
- + /openvpnadmin/: Admin login page/section found.
- + /painel/: Admin login page/section found.
- + /panel/: Admin login page/section found.
- + /pgadmin/: Admin login page/section found.
- + /phpldapadmin/: Admin login page/section found.
- + /phppgadmin/: Admin login page/section found.
- + /phpSQLiteAdmin/: Admin login page/section found.
- + /platz_login/: Admin login page/section found.
- + /power_user/: Admin login page/section found.
- + /project-admins/: Admin login page/section found.
- + /pureadmin/: Admin login page/section found.
- + /radmind-1/: Admin login page/section found.
- + /radmind/: Admin login page/section found.
- + /rcLogin/: Admin login page/section found.
- + /server_admin_small/: Admin login page/section found.
- + /Server.asp: Admin login page/section found.
- + /Server.html: Admin login page/section found.
- + /Server.php: Admin login page/section found.
- + /ServerAdministrator/: Admin login page/section found.
- + /showlogin/: Admin login page/section found.
- + /simpleLogin/: Admin login page/section found.
- + /smblogin/: Admin login page/section found.
- + /sql-admin/: Admin login page/section found.
- + /ss_vms_admin_sm/: Admin login page/section found.
- + /sshadmin/: Admin login page/section found.
- + /staradmin/: Admin login page/section found.
- + /sub-login/: Admin login page/section found.
- + /Super-Admin/: Admin login page/section found.
- + /support_login/: Admin login page/section found.
- + /sys-admin/: Admin login page/section found.
- + /sysadmin.asp: Admin login page/section found.
- + /sysadmin.html: Admin login page/section found.
- + /sysadmin.php: Admin login page/section found.
- + /sysadmin/: Admin login page/section found.
- + /SysAdmin/: Admin login page/section found.
- + /SysAdmin2/: Admin login page/section found.
- + /sysadmins/: Admin login page/section found.
- + /system_administration/: Admin login page/section found.
- + /system-administration/: Admin login page/section found.
- + /ur-admin.asp: Admin login page/section found.
- + /ur-admin.html: Admin login page/section found.
- + /ur-admin.php: Admin login page/section found.
- + /ur-admin/: Admin login page/section found.
- + /useradmin/: Admin login page/section found.
- + /UserLogin/: Admin login page/section found.
- + /utility_login/: Admin login page/section found.
- + /v2/painel/: Admin login page/section found.
- + /vadmind/: Admin login page/section found.
- + /vmailadmin/: Admin login page/section found.
- + /webadmin.asp: Admin login page/section found.
- + /webadmin.html: Admin login page/section found.
- + /webadmin.php: Admin login page/section found.
- + /webmaster/: Admin login page/section found.
- + /websvn/: Admin login page/section found.
- + /wizmysqladmin/: Admin login page/section found.
- + /wp-admin/: Admin login page/section found.
- + /wp-login/: Admin login page/section found.
- + /xlogin/: Admin login page/section found.
- + /yonetici.asp: Admin login page/section found.
- + /yonetici.html: Admin login page/section found.
- + /yonetici.php: Admin login page/section found.
- + /yonetim.asp: Admin login page/section found.
- + /yonetim.html: Admin login page/section found.
- + /yonetim.php: Admin login page/section found.
- + OSVDB-3092: /test.asp: This might be interesting...
- + OSVDB-3092: /test.aspx: This might be interesting...
- + OSVDB-3092: /test.php: This might be interesting...
- + /maintenance.asp: This might be interesting...
- + /maintenance.aspx: This might be interesting...
- + /maint/: This might be interesting...
- + /maint.asp: This might be interesting...
- + /maint.aspx: This might be interesting...
- + /jk-status: mod_jk status page is visible.
- + /balancer-manager: mod_proxy_balancer management page is visible.
- + /servlets-examples/: Tomcat servlets examples are visible.
- + /admin-console: JBoss admin console is visible.
- + /help.php: A help file was found.
- + /gif/hp_invent_logo.gif: This device may be an HP printer/scanner and allow retrieval of previously scanned images.
- + /gif/tricolor_ink_guage.gif: This device may be an HP printer/scanner and allow retrieval of previously scanned images.
- + OSVDB-3092: /messages/: This might be interesting...
- + 6448 items checked: 9 error(s) and 2137 item(s) reported on remote host
- + End Time: 2012-09-25 07:34:47 (4368 seconds)
- ---------------------------------------------------------------------------
- + 1 host(s) tested
- Whois Information:
- Registrant:
- Alegria Enterprises Limited
- Trust Company Complex,
- Ajeltake Road
- PO Box 1405
- Ajeltake Island, 96960
- MH
- Domain name: PETSEX.COM
- Administrative Contact:
- Administrator, Domain
- Trust Company Complex,
- Ajeltake Road
- PO Box 1405
- Ajeltake Island, 96960
- MH
- +44 1624-617-050
- Technical Contact:
- Administrator, Domain
- Trust Company Complex,
- Ajeltake Road
- PO Box 1405
- Ajeltake Island, 96960
- MH
- +44 1624-617-050
- Registration Service Provider:
- Netgroup A/S,
- +45 70252686
- +45 70252687 (fax)
- http://www.netgroup.dk
- This company may be contacted for domain login/passwords,
- DNS/Nameserver changes, and general domain support questions.
- Registrar of Record: TUCOWS, INC.
- Record last updated on 20-Sep-2012.
- Record expires on 14-Jan-2013.
- Record created on 15-Jan-1998.
- Registrar Domain Name Help Center:
- http://tucowsdomains.com
- Domain servers in listed order:
- NS1.OXYGEN.NET
- NS2.OXYGEN.NET
- Domain status: clientTransferProhibited
- clientUpdateProhibited
- Reverse IP:
- he hostname petsex.com resolves to the following IP addresses:
- IPv4 address:199.27.135.40
- Reverse DNS:cf-199-27-135-40.cloudflare.com
- RIR:ARIN
- Country:United States
- City:San Francisco, CA
- RBL Status:Clear
- IPv4 address:173.245.61.114
- Reverse DNS:cf-173-245-61-114.cloudflare.com
- RIR:ARIN
- Country:United States
- City:San Francisco, CA
- RBL Status:Clear
- Whois information on 199.27.135.40:
- #
- # Query terms are ambiguous. The query is assumed to be:
- # "n 199.27.135.40"
- #
- # Use "?" to get help.
- #
- #
- # The following results may also be obtained via:
- # http://whois.arin.net/rest/nets;q=199.27.135.40?showDetails=true&showARIN=false&ext=netref2
- #
- NetRange:199.27.128.0 - 199.27.135.255
- CIDR:199.27.128.0/21
- OriginAS:AS13335
- NetName:CLOUDFLARENET
- NetHandle:NET-199-27-128-0-1
- Parent:NET-199-0-0-0-0
- NetType:Direct Assignment
- RegDate:2010-08-19
- Updated:2012-03-02
- OrgName:CloudFlare, Inc.
- OrgId:CLOUD14
- Address:665 Third Street #207
- City:San Francisco
- StateProv:CA
- PostalCode:94107
- Country:US
- RegDate:2010-07-09
- Updated:2011-11-03
- Comment:http://www.cloudflare.com/
- OrgAbuseHandle:ABUSE2916-ARIN
- OrgAbuseName:Abuse
- OrgAbusePhone:+1-650-319-8930
- OrgAbuseEmail:abuse@cloudflare.com
- OrgNOCHandle:NOC11962-ARIN
- OrgNOCName:NOC
- OrgNOCPhone:+1-650-319-8930
- OrgNOCEmail:noc@cloudflare.com
- OrgTechHandle:ADMIN2521-ARIN
- OrgTechName:Admin
- OrgTechPhone:+1-650-319-8930
- OrgTechEmail:admin@cloudflare.com
- RAbuseHandle:ABUSE2916-ARIN
- RAbuseName:Abuse
- RAbusePhone:+1-650-319-8930
- RAbuseEmail:abuse@cloudflare.com
- RNOCHandle:NOC11962-ARIN
- RNOCName:NOC
- RNOCPhone:+1-650-319-8930
- RNOCEmail:noc@cloudflare.com
- RTechHandle:ADMIN2521-ARIN
- RTechName:Admin
- RTechPhone:+1-650-319-8930
- RTechEmail:admin@cloudflare.com
- #
- # ARIN WHOIS data and services are subject to the Terms of Use
- # available at: https://www.arin.net/whois_tou.html
- #
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement