Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- 111.1.3.135,
- Apache/2.2.15 (CentOS) DAV/2
- Out-of-date Version (Apache)
- Privilege Escalation
- Medium (4 ~ 6.9)
- Identified Version 2.2.15 (contains 4 important and 10 other vulnerabilities)
- Vulnerability Details
- Link identified you are using an out-of-date version of Apache.
- Impact
- Since this is an old version of the software, it may be vulnerable to attacks.
- Remedy
- Please upgrade your installation of Apache to the latest stable version.
- Remedy References
- •Downloading the Apache HTTP Server
- Known Vulnerabilities in this Version
- Apache mod_cache and mod_dav Request Handling Denial of Service Vulnerability
- The mod_cache and mod_dav modules in the Apache HTTP Server allow remote attackers to cause a denial of service (process crash) via a request that lacks a path.
- Important Apache HTTP Server 'mod_proxy' Reverse Proxy Information Disclosure Vulnerability
- The mod_proxy module in the Apache HTTP Server does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character.
- Apache Multiple XSS Vulnerability
- Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via a crafted string.
- Apache Code Execution Vulnerability
- mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator.
- EFFECTED WEBSITES
- blnews.cnnb.com.cn
- cate.cnnb.com.cn
- cbs.cnnb.com.cn
- dialog.cnnb.com.cn
- dongman.cnnb.com.cn
- ekan.cnnb.com.cn
- hd.cnnb.com.cn
- js.cnnb.com.cn
- nbgz.cnnb.com.cn
- nbjx.cnnb.com.cn
- nh.cnnb.com.cn
- opinion.cnnb.com.cn
- sports.cnnb.com.cn
- travel.cnnb.com.cn
- yuedu.cnnb.com.cn
- zjunb.cnnb.com.cn
- #GhostSec
- #EyePhuckBitches
Add Comment
Please, Sign In to add comment