API tools faq
paste
Advertisement
Deerenaros

vulkan report

Deerenaros
Apr 9th, 2021
41
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 32.05 KB | None | 0 0
raw download clone embed print report
  1. yuri@yuri-server:~$ nmap -sV --script=vulscan/vulscan.nse -Pn XX.XX.XX.XX -p80-3400
  2. Starting Nmap 7.80 ( https://nmap.org ) at 2021-04-09 14:04 MSK
  3. Nmap scan report for 77-244-18-226.westcall.net (XX.XX.XX.XX)
  4. Host is up (0.0037s latency).
  5. Not shown: 3313 closed ports
  6. PORT STATE SERVICE VERSION
  7. 80/tcp open http nginx
  8. | vulscan: VulDB - https://vuldb.com:
  9. | [155282] nginx up to 1.18.0 HTTP Request Request Smuggling privilege escalation
  10. | [154857] Nginx Controller up to 3.3.0 Web Server Session Token Logout weak authentication
  11. | [154326] Nginx Controller up to 3.2.x Agent Installer Script install.sh weak encryption
  12. | [154324] Nginx Controller up to 3.2.x Postgres Database Server Man-in-the-Middle weak encryption
  13. | [154323] Nginx Controller up to 3.1.x TLS weak encryption
  14. | [152728] strong-nginx-controller up to 1.0.2 _nginxCmd() command injection
  15. | [152416] Nginx Controller up to 3.1.x Controller API privilege escalation
  16. | [148519] nginx up to 1.17.6 Error Page HTTP Request Request Smuggling privilege escalation
  17. | [145942] nginx 0.8.40 HTTP Proxy Module Man-in-the-Middle weak authentication
  18. | [144114] Xiaomi Mi WiFi R3G up to 2.28.22 Nginx Alias account directory traversal
  19. | [133852] Sangfor Sundray WLAN Controller up to 3.7.4.2 Cookie Header nginx_webconsole.php Code Execution
  20. | [132132] SoftNAS Cloud 4.2.0/4.2.1 Nginx privilege escalation
  21. | [131858] Puppet Discovery up to 1.3.x Nginx Container weak authentication
  22. | [130644] Nginx Unit up to 1.7.0 Router Process Request Heap-based memory corruption
  23. | [127759] VeryNginx 0.3.3 Web Application Firewall privilege escalation
  24. | [126525] nginx up to 1.14.0/1.15.5 ngx_http_mp4_module Loop denial of service
  25. | [126524] nginx up to 1.14.0/1.15.5 HTTP2 CPU Exhaustion denial of service
  26. | [126523] nginx up to 1.14.0/1.15.5 HTTP2 Memory Consumption denial of service
  27. | [119845] Pivotal Operations Manager up to 2.0.13/2.1.5 Nginx privilege escalation
  28. | [114368] SuSE Portus 2.3 Nginx Certificate weak authentication
  29. | [103517] nginx up to 1.13.2 Range Filter Request Integer Overflow memory corruption
  30. | [89849] nginx RFC 3875 Namespace Conflict Environment Variable Open Redirect
  31. | [87719] nginx up to 1.11.0 ngx_files.c ngx_chain_to_iovec denial of service
  32. | [80760] nginx 0.6.18/1.9.9 DNS CNAME Record Crash denial of service
  33. | [80759] nginx 0.6.18/1.9.9 DNS CNAME Record Use-After-Free denial of service
  34. | [80758] nginx 0.6.18/1.9.9 DNS UDP Packet Crash denial of service
  35. | [67677] nginx up to 1.7.3 SSL weak authentication
  36. | [67296] nginx up to 1.7.3 SMTP Proxy ngx_mail_smtp_starttls privilege escalation
  37. | [12822] nginx up to 1.5.11 SPDY SPDY Request Heap-based memory corruption
  38. | [12824] nginx 1.5.10 on 32-bit SPDY memory corruption
  39. | [11237] nginx up to 1.5.6 URI String Bypass privilege escalation
  40. | [65364] nginx up to 1.1.13 Default Configuration information disclosure
  41. | [8671] nginx up to 1.4 proxy_pass denial of service
  42. | [8618] nginx 1.3.9/1.4.0 http/ngx_http_parse.c ngx_http_parse_chunked() memory corruption
  43. | [7247] nginx 1.2.6 Proxy Function spoofing
  44. | [61434] nginx 1.2.0/1.3.0 on Windows Access Restriction privilege escalation
  45. | [5293] nginx up to 1.1.18 ngx_http_mp4_module MP4 File memory corruption
  46. | [4843] nginx up to 1.0.13/1.1.16 HTTP Header Response Parser ngx_http_parse.c information disclosure
  47. | [59645] nginx up to 0.8.9 Heap-based memory corruption
  48. | [53592] nginx 0.8.36 memory corruption
  49. | [53590] nginx up to 0.8.9 unknown vulnerability
  50. | [51533] nginx 0.7.64 Terminal privilege escalation
  51. | [50905] nginx up to 0.8.9 directory traversal
  52. | [50903] nginx up to 0.8.10 NULL Pointer Dereference denial of service
  53. | [50043] nginx up to 0.8.10 memory corruption
  54. |
  55. | MITRE CVE - https://cve.mitre.org:
  56. | [CVE-2013-2070] http/modules/ngx_http_proxy_module.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when proxy_pass is used with untrusted HTTP servers, allows remote attackers to cause a denial of service (crash) and obtain sensitive information from worker process memory via a crafted proxy response, a similar vulnerability to CVE-2013-2028.
  57. | [CVE-2013-2028] The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based buffer overflow.
  58. | [CVE-2012-3380] Directory traversal vulnerability in naxsi-ui/nx_extract.py in the Naxsi module before 0.46-1 for Nginx allows local users to read arbitrary files via unspecified vectors.
  59. | [CVE-2012-2089] Buffer overflow in ngx_http_mp4_module.c in the ngx_http_mp4_module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted MP4 file.
  60. | [CVE-2012-1180] Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1.1.17 allows remote HTTP servers to obtain sensitive information from process memory via a crafted backend response, in conjunction with a client request.
  61. | [CVE-2011-4963] nginx/Windows 1.3.x before 1.3.1 and 1.2.x before 1.2.1 allows remote attackers to bypass intended access restrictions and access restricted files via (1) a trailing . (dot) or (2) certain "$index_allocation" sequences in a request.
  62. | [CVE-2011-4315] Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response.
  63. | [CVE-2010-2266] nginx 0.8.36 allows remote attackers to cause a denial of service (crash) via certain encoded directory traversal sequences that trigger memory corruption, as demonstrated using the "%c0.%c0." sequence.
  64. | [CVE-2010-2263] nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to obtain source code or unparsed content of arbitrary files under the web document root by appending ::$DATA to the URI.
  65. | [CVE-2009-4487] nginx 0.7.64 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.
  66. | [CVE-2009-3898] Directory traversal vulnerability in src/http/modules/ngx_http_dav_module.c in nginx (aka Engine X) before 0.7.63, and 0.8.x before 0.8.17, allows remote authenticated users to create or overwrite arbitrary files via a .. (dot dot) in the Destination HTTP header for the WebDAV (1) COPY or (2) MOVE method.
  67. | [CVE-2009-3896] src/http/ngx_http_parse.c in nginx (aka Engine X) 0.1.0 through 0.4.14, 0.5.x before 0.5.38, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.14 allows remote attackers to cause a denial of service (NULL pointer dereference and worker process crash) via a long URI.
  68. | [CVE-2009-2629] Buffer underflow in src/http/ngx_http_parse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests.
  69. |
  70. | SecurityFocus - https://www.securityfocus.com/bid/:
  71. | [99534] Nginx CVE-2017-7529 Remote Integer Overflow Vulnerability
  72. | [93903] Nginx CVE-2016-1247 Remote Privilege Escalation Vulnerability
  73. | [91819] Nginx CVE-2016-1000105 Security Bypass Vulnerability
  74. | [90967] nginx CVE-2016-4450 Denial of Service Vulnerability
  75. | [82230] nginx Multiple Denial of Service Vulnerabilities
  76. | [78928] Nginx CVE-2010-2266 Denial-Of-Service Vulnerability
  77. | [70025] nginx CVE-2014-3616 SSL Session Fixation Vulnerability
  78. | [69111] nginx SMTP Proxy Remote Command Injection Vulnerability
  79. | [67507] nginx SPDY Implementation CVE-2014-0088 Arbitrary Code Execution Vulnerability
  80. | [66537] nginx SPDY Implementation Heap Based Buffer Overflow Vulnerability
  81. | [63814] nginx CVE-2013-4547 URI Processing Security Bypass Vulnerability
  82. | [59824] Nginx CVE-2013-2070 Remote Security Vulnerability
  83. | [59699] nginx 'ngx_http_parse.c' Stack Buffer Overflow Vulnerability
  84. | [59496] nginx 'ngx_http_close_connection()' Remote Integer Overflow Vulnerability
  85. | [59323] nginx NULL-Byte Arbitrary Code Execution Vulnerability
  86. | [58105] Nginx 'access.log' Insecure File Permissions Vulnerability
  87. | [57139] nginx CVE-2011-4968 Man in The Middle Vulnerability
  88. | [55920] nginx CVE-2011-4963 Security Bypass Vulnerability
  89. | [54331] Nginx Naxsi Module 'nx_extract.py' Script Remote File Disclosure Vulnerability
  90. | [52999] nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability
  91. | [52578] nginx 'ngx_cpystrn()' Information Disclosure Vulnerability
  92. | [50710] nginx DNS Resolver Remote Heap Buffer Overflow Vulnerability
  93. | [40760] nginx Remote Source Code Disclosure and Denial of Service Vulnerabilities
  94. | [40434] nginx Space String Remote Source Code Disclosure Vulnerability
  95. | [40420] nginx Directory Traversal Vulnerability
  96. | [37711] nginx Terminal Escape Sequence in Logs Command Injection Vulnerability
  97. | [36839] nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability
  98. | [36490] nginx WebDAV Multiple Directory Traversal Vulnerabilities
  99. | [36438] nginx Proxy DNS Cache Domain Spoofing Vulnerability
  100. | [36384] nginx HTTP Request Remote Buffer Overflow Vulnerability
  101. |
  102. | IBM X-Force - https://exchange.xforce.ibmcloud.com:
  103. | [84623] Phusion Passenger gem for Ruby with nginx configuration insecure permissions
  104. | [84172] nginx denial of service
  105. | [84048] nginx buffer overflow
  106. | [83923] nginx ngx_http_close_connection() integer overflow
  107. | [83688] nginx null byte code execution
  108. | [83103] Naxsi module for Nginx naxsi_unescape_uri() function security bypass
  109. | [82319] nginx access.log information disclosure
  110. | [80952] nginx SSL spoofing
  111. | [77244] nginx and Microsoft Windows request security bypass
  112. | [76778] Naxsi module for Nginx nx_extract.py directory traversal
  113. | [74831] nginx ngx_http_mp4_module.c buffer overflow
  114. | [74191] nginx ngx_cpystrn() information disclosure
  115. | [74045] nginx header response information disclosure
  116. | [71355] nginx ngx_resolver_copy() buffer overflow
  117. | [59370] nginx characters denial of service
  118. | [59369] nginx DATA source code disclosure
  119. | [59047] nginx space source code disclosure
  120. | [58966] nginx unspecified directory traversal
  121. | [54025] nginx ngx_http_parse.c denial of service
  122. | [53431] nginx WebDAV component directory traversal
  123. | [53328] Nginx CRC-32 cached domain name spoofing
  124. | [53250] Nginx ngx_http_parse_complex_uri() function code execution
  125. |
  126. | Exploit-DB - https://www.exploit-db.com:
  127. | [26737] nginx 1.3.9/1.4.0 x86 Brute Force Remote Exploit
  128. | [25775] Nginx HTTP Server 1.3.9-1.4.0 Chuncked Encoding Stack Buffer Overflow
  129. | [25499] nginx 1.3.9-1.4.0 DoS PoC
  130. | [24967] nginx 0.6.x Arbitrary Code Execution NullByte Injection
  131. | [14830] nginx 0.6.38 - Heap Corruption Exploit
  132. | [13822] Nginx <= 0.7.65 / 0.8.39 (dev) Source Disclosure / Download Vulnerability
  133. | [13818] Nginx 0.8.36 Source Disclosure and DoS Vulnerabilities
  134. | [12804] nginx [engine x] http server <= 0.6.36 Path Draversal
  135. | [9901] nginx 0.7.0-0.7.61, 0.6.0-0.6.38, 0.5.0-0.5.37, 0.4.0-0.4.14 PoC
  136. | [9829] nginx 0.7.61 WebDAV directory traversal
  137. |
  138. | OpenVAS (Nessus) - http://www.openvas.org:
  139. | [864418] Fedora Update for nginx FEDORA-2012-3846
  140. | [864310] Fedora Update for nginx FEDORA-2012-6238
  141. | [864209] Fedora Update for nginx FEDORA-2012-6411
  142. | [864204] Fedora Update for nginx FEDORA-2012-6371
  143. | [864121] Fedora Update for nginx FEDORA-2012-4006
  144. | [864115] Fedora Update for nginx FEDORA-2012-3991
  145. | [864065] Fedora Update for nginx FEDORA-2011-16075
  146. | [863654] Fedora Update for nginx FEDORA-2011-16110
  147. | [861232] Fedora Update for nginx FEDORA-2007-1158
  148. | [850180] SuSE Update for nginx openSUSE-SU-2012:0237-1 (nginx)
  149. | [831680] Mandriva Update for nginx MDVSA-2012:043 (nginx)
  150. | [802045] 64-bit Debian Linux Rootkit with nginx Doing iFrame Injection
  151. | [801636] nginx HTTP Request Remote Buffer Overflow Vulnerability
  152. | [103470] nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability
  153. | [103469] nginx 'ngx_cpystrn()' Information Disclosure Vulnerability
  154. | [103344] nginx DNS Resolver Remote Heap Buffer Overflow Vulnerability
  155. | [100676] nginx Remote Source Code Disclosure and Denial of Service Vulnerabilities
  156. | [100659] nginx Directory Traversal Vulnerability
  157. | [100658] nginx Space String Remote Source Code Disclosure Vulnerability
  158. | [100441] nginx Terminal Escape Sequence in Logs Command Injection Vulnerability
  159. | [100321] nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability
  160. | [100277] nginx Proxy DNS Cache Domain Spoofing Vulnerability
  161. | [100276] nginx HTTP Request Remote Buffer Overflow Vulnerability
  162. | [100275] nginx WebDAV Multiple Directory Traversal Vulnerabilities
  163. | [71574] Gentoo Security Advisory GLSA 201206-07 (nginx)
  164. | [71308] Gentoo Security Advisory GLSA 201203-22 (nginx)
  165. | [71297] FreeBSD Ports: nginx
  166. | [71276] FreeBSD Ports: nginx
  167. | [71239] Debian Security Advisory DSA 2434-1 (nginx)
  168. | [66451] Fedora Core 11 FEDORA-2009-12782 (nginx)
  169. | [66450] Fedora Core 10 FEDORA-2009-12775 (nginx)
  170. | [66449] Fedora Core 12 FEDORA-2009-12750 (nginx)
  171. | [64924] Gentoo Security Advisory GLSA 200909-18 (nginx)
  172. | [64912] Fedora Core 10 FEDORA-2009-9652 (nginx)
  173. | [64911] Fedora Core 11 FEDORA-2009-9630 (nginx)
  174. | [64894] FreeBSD Ports: nginx
  175. | [64869] Debian Security Advisory DSA 1884-1 (nginx)
  176. |
  177. | SecurityTracker - https://www.securitytracker.com:
  178. | [1028544] nginx Bug Lets Remote Users Deny Service or Obtain Potentially Sensitive Information
  179. | [1028519] nginx Stack Overflow Lets Remote Users Execute Arbitrary Code
  180. | [1026924] nginx Buffer Overflow in ngx_http_mp4_module Lets Remote Users Execute Arbitrary Code
  181. | [1026827] nginx HTTP Response Processing Lets Remote Users Obtain Portions of Memory Contents
  182. |
  183. | OSVDB - http://www.osvdb.org:
  184. | [94864] cPnginx Plugin for cPanel nginx Configuration Manipulation Arbitrary File Access
  185. | [93282] nginx proxy_pass Crafted Upstream Proxied Server Response Handling Worker Process Memory Disclosure
  186. | [93037] nginx /http/ngx_http_parse.c Worker Process Crafted Request Handling Remote Overflow
  187. | [92796] nginx ngx_http_close_connection Function Crafted r-&gt
  188. | [92634] nginx ngx_http_request.h zero_in_uri URL Null Byte Handling Remote Code Execution
  189. | [90518] nginx Log Directory Permission Weakness Local Information Disclosure
  190. | [88910] nginx Proxy Functionality SSL Certificate Validation MitM Spoofing Weakness
  191. | [84339] nginx/Windows Multiple Request Sequence Parsing Arbitrary File Access
  192. | [83617] Naxsi Module for Nginx naxsi-ui/ nx_extract.py Traversal Arbitrary File Access
  193. | [81339] nginx ngx_http_mp4_module Module Atom MP4 File Handling Remote Overflow
  194. | [80124] nginx HTTP Header Response Parsing Freed Memory Information Disclosure
  195. | [77184] nginx ngx_resolver.c ngx_resolver_copy() Function DNS Response Parsing Remote Overflow
  196. | [65531] nginx on Windows URI ::$DATA Append Arbitrary File Access
  197. | [65530] nginx Encoded Traversal Sequence Memory Corruption Remote DoS
  198. | [65294] nginx on Windows Encoded Space Request Remote Source Disclosure
  199. | [63136] nginx on Windows 8.3 Filename Alias Request Access Rules / Authentication Bypass
  200. | [62617] nginx Internal DNS Cache Poisoning Weakness
  201. | [61779] nginx HTTP Request Escape Sequence Terminal Command Injection
  202. | [59278] nginx src/http/ngx_http_parse.c ngx_http_process_request_headers() Function URL Handling NULL Dereference DoS
  203. | [58328] nginx WebDAV Multiple Method Traversal Arbitrary File Write
  204. | [58128] nginx ngx_http_parse_complex_uri() Function Underflow
  205. | [44447] nginx (engine x) msie_refresh Directive Unspecified XSS
  206. | [44446] nginx (engine x) ssl_verify_client Directive HTTP/0.9 Protocol Bypass
  207. | [44445] nginx (engine x) ngx_http_realip_module satisfy_any Directive Unspecified Access Bypass
  208. | [44444] nginx (engine x) X-Accel-Redirect Header Unspecified Traversal
  209. | [44443] nginx (engine x) rtsig Method Signal Queue Overflow
  210. | [44442] nginx (engine x) Worker Process Millisecond Timers Unspecified Overflow
  211. |_
  212. 135/tcp filtered msrpc
  213. 136/tcp filtered profile
  214. 137/tcp filtered netbios-ns
  215. 138/tcp filtered netbios-dgm
  216. 139/tcp filtered netbios-ssn
  217. 443/tcp open ssl/http nginx
  218. | vulscan: VulDB - https://vuldb.com:
  219. | [155282] nginx up to 1.18.0 HTTP Request Request Smuggling privilege escalation
  220. | [154857] Nginx Controller up to 3.3.0 Web Server Session Token Logout weak authentication
  221. | [154326] Nginx Controller up to 3.2.x Agent Installer Script install.sh weak encryption
  222. | [154324] Nginx Controller up to 3.2.x Postgres Database Server Man-in-the-Middle weak encryption
  223. | [154323] Nginx Controller up to 3.1.x TLS weak encryption
  224. | [152728] strong-nginx-controller up to 1.0.2 _nginxCmd() command injection
  225. | [152416] Nginx Controller up to 3.1.x Controller API privilege escalation
  226. | [148519] nginx up to 1.17.6 Error Page HTTP Request Request Smuggling privilege escalation
  227. | [145942] nginx 0.8.40 HTTP Proxy Module Man-in-the-Middle weak authentication
  228. | [144114] Xiaomi Mi WiFi R3G up to 2.28.22 Nginx Alias account directory traversal
  229. | [133852] Sangfor Sundray WLAN Controller up to 3.7.4.2 Cookie Header nginx_webconsole.php Code Execution
  230. | [132132] SoftNAS Cloud 4.2.0/4.2.1 Nginx privilege escalation
  231. | [131858] Puppet Discovery up to 1.3.x Nginx Container weak authentication
  232. | [130644] Nginx Unit up to 1.7.0 Router Process Request Heap-based memory corruption
  233. | [127759] VeryNginx 0.3.3 Web Application Firewall privilege escalation
  234. | [126525] nginx up to 1.14.0/1.15.5 ngx_http_mp4_module Loop denial of service
  235. | [126524] nginx up to 1.14.0/1.15.5 HTTP2 CPU Exhaustion denial of service
  236. | [126523] nginx up to 1.14.0/1.15.5 HTTP2 Memory Consumption denial of service
  237. | [119845] Pivotal Operations Manager up to 2.0.13/2.1.5 Nginx privilege escalation
  238. | [114368] SuSE Portus 2.3 Nginx Certificate weak authentication
  239. | [103517] nginx up to 1.13.2 Range Filter Request Integer Overflow memory corruption
  240. | [89849] nginx RFC 3875 Namespace Conflict Environment Variable Open Redirect
  241. | [87719] nginx up to 1.11.0 ngx_files.c ngx_chain_to_iovec denial of service
  242. | [80760] nginx 0.6.18/1.9.9 DNS CNAME Record Crash denial of service
  243. | [80759] nginx 0.6.18/1.9.9 DNS CNAME Record Use-After-Free denial of service
  244. | [80758] nginx 0.6.18/1.9.9 DNS UDP Packet Crash denial of service
  245. | [67677] nginx up to 1.7.3 SSL weak authentication
  246. | [67296] nginx up to 1.7.3 SMTP Proxy ngx_mail_smtp_starttls privilege escalation
  247. | [12822] nginx up to 1.5.11 SPDY SPDY Request Heap-based memory corruption
  248. | [12824] nginx 1.5.10 on 32-bit SPDY memory corruption
  249. | [11237] nginx up to 1.5.6 URI String Bypass privilege escalation
  250. | [65364] nginx up to 1.1.13 Default Configuration information disclosure
  251. | [8671] nginx up to 1.4 proxy_pass denial of service
  252. | [8618] nginx 1.3.9/1.4.0 http/ngx_http_parse.c ngx_http_parse_chunked() memory corruption
  253. | [7247] nginx 1.2.6 Proxy Function spoofing
  254. | [61434] nginx 1.2.0/1.3.0 on Windows Access Restriction privilege escalation
  255. | [5293] nginx up to 1.1.18 ngx_http_mp4_module MP4 File memory corruption
  256. | [4843] nginx up to 1.0.13/1.1.16 HTTP Header Response Parser ngx_http_parse.c information disclosure
  257. | [59645] nginx up to 0.8.9 Heap-based memory corruption
  258. | [53592] nginx 0.8.36 memory corruption
  259. | [53590] nginx up to 0.8.9 unknown vulnerability
  260. | [51533] nginx 0.7.64 Terminal privilege escalation
  261. | [50905] nginx up to 0.8.9 directory traversal
  262. | [50903] nginx up to 0.8.10 NULL Pointer Dereference denial of service
  263. | [50043] nginx up to 0.8.10 memory corruption
  264. |
  265. | MITRE CVE - https://cve.mitre.org:
  266. | [CVE-2013-2070] http/modules/ngx_http_proxy_module.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when proxy_pass is used with untrusted HTTP servers, allows remote attackers to cause a denial of service (crash) and obtain sensitive information from worker process memory via a crafted proxy response, a similar vulnerability to CVE-2013-2028.
  267. | [CVE-2013-2028] The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based buffer overflow.
  268. | [CVE-2012-3380] Directory traversal vulnerability in naxsi-ui/nx_extract.py in the Naxsi module before 0.46-1 for Nginx allows local users to read arbitrary files via unspecified vectors.
  269. | [CVE-2012-2089] Buffer overflow in ngx_http_mp4_module.c in the ngx_http_mp4_module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted MP4 file.
  270. | [CVE-2012-1180] Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1.1.17 allows remote HTTP servers to obtain sensitive information from process memory via a crafted backend response, in conjunction with a client request.
  271. | [CVE-2011-4963] nginx/Windows 1.3.x before 1.3.1 and 1.2.x before 1.2.1 allows remote attackers to bypass intended access restrictions and access restricted files via (1) a trailing . (dot) or (2) certain "$index_allocation" sequences in a request.
  272. | [CVE-2011-4315] Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response.
  273. | [CVE-2010-2266] nginx 0.8.36 allows remote attackers to cause a denial of service (crash) via certain encoded directory traversal sequences that trigger memory corruption, as demonstrated using the "%c0.%c0." sequence.
  274. | [CVE-2010-2263] nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to obtain source code or unparsed content of arbitrary files under the web document root by appending ::$DATA to the URI.
  275. | [CVE-2009-4487] nginx 0.7.64 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.
  276. | [CVE-2009-3898] Directory traversal vulnerability in src/http/modules/ngx_http_dav_module.c in nginx (aka Engine X) before 0.7.63, and 0.8.x before 0.8.17, allows remote authenticated users to create or overwrite arbitrary files via a .. (dot dot) in the Destination HTTP header for the WebDAV (1) COPY or (2) MOVE method.
  277. | [CVE-2009-3896] src/http/ngx_http_parse.c in nginx (aka Engine X) 0.1.0 through 0.4.14, 0.5.x before 0.5.38, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.14 allows remote attackers to cause a denial of service (NULL pointer dereference and worker process crash) via a long URI.
  278. | [CVE-2009-2629] Buffer underflow in src/http/ngx_http_parse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests.
  279. |
  280. | SecurityFocus - https://www.securityfocus.com/bid/:
  281. | [99534] Nginx CVE-2017-7529 Remote Integer Overflow Vulnerability
  282. | [93903] Nginx CVE-2016-1247 Remote Privilege Escalation Vulnerability
  283. | [91819] Nginx CVE-2016-1000105 Security Bypass Vulnerability
  284. | [90967] nginx CVE-2016-4450 Denial of Service Vulnerability
  285. | [82230] nginx Multiple Denial of Service Vulnerabilities
  286. | [78928] Nginx CVE-2010-2266 Denial-Of-Service Vulnerability
  287. | [70025] nginx CVE-2014-3616 SSL Session Fixation Vulnerability
  288. | [69111] nginx SMTP Proxy Remote Command Injection Vulnerability
  289. | [67507] nginx SPDY Implementation CVE-2014-0088 Arbitrary Code Execution Vulnerability
  290. | [66537] nginx SPDY Implementation Heap Based Buffer Overflow Vulnerability
  291. | [63814] nginx CVE-2013-4547 URI Processing Security Bypass Vulnerability
  292. | [59824] Nginx CVE-2013-2070 Remote Security Vulnerability
  293. | [59699] nginx 'ngx_http_parse.c' Stack Buffer Overflow Vulnerability
  294. | [59496] nginx 'ngx_http_close_connection()' Remote Integer Overflow Vulnerability
  295. | [59323] nginx NULL-Byte Arbitrary Code Execution Vulnerability
  296. | [58105] Nginx 'access.log' Insecure File Permissions Vulnerability
  297. | [57139] nginx CVE-2011-4968 Man in The Middle Vulnerability
  298. | [55920] nginx CVE-2011-4963 Security Bypass Vulnerability
  299. | [54331] Nginx Naxsi Module 'nx_extract.py' Script Remote File Disclosure Vulnerability
  300. | [52999] nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability
  301. | [52578] nginx 'ngx_cpystrn()' Information Disclosure Vulnerability
  302. | [50710] nginx DNS Resolver Remote Heap Buffer Overflow Vulnerability
  303. | [40760] nginx Remote Source Code Disclosure and Denial of Service Vulnerabilities
  304. | [40434] nginx Space String Remote Source Code Disclosure Vulnerability
  305. | [40420] nginx Directory Traversal Vulnerability
  306. | [37711] nginx Terminal Escape Sequence in Logs Command Injection Vulnerability
  307. | [36839] nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability
  308. | [36490] nginx WebDAV Multiple Directory Traversal Vulnerabilities
  309. | [36438] nginx Proxy DNS Cache Domain Spoofing Vulnerability
  310. | [36384] nginx HTTP Request Remote Buffer Overflow Vulnerability
  311. |
  312. | IBM X-Force - https://exchange.xforce.ibmcloud.com:
  313. | [84623] Phusion Passenger gem for Ruby with nginx configuration insecure permissions
  314. | [84172] nginx denial of service
  315. | [84048] nginx buffer overflow
  316. | [83923] nginx ngx_http_close_connection() integer overflow
  317. | [83688] nginx null byte code execution
  318. | [83103] Naxsi module for Nginx naxsi_unescape_uri() function security bypass
  319. | [82319] nginx access.log information disclosure
  320. | [80952] nginx SSL spoofing
  321. | [77244] nginx and Microsoft Windows request security bypass
  322. | [76778] Naxsi module for Nginx nx_extract.py directory traversal
  323. | [74831] nginx ngx_http_mp4_module.c buffer overflow
  324. | [74191] nginx ngx_cpystrn() information disclosure
  325. | [74045] nginx header response information disclosure
  326. | [71355] nginx ngx_resolver_copy() buffer overflow
  327. | [59370] nginx characters denial of service
  328. | [59369] nginx DATA source code disclosure
  329. | [59047] nginx space source code disclosure
  330. | [58966] nginx unspecified directory traversal
  331. | [54025] nginx ngx_http_parse.c denial of service
  332. | [53431] nginx WebDAV component directory traversal
  333. | [53328] Nginx CRC-32 cached domain name spoofing
  334. | [53250] Nginx ngx_http_parse_complex_uri() function code execution
  335. |
  336. | Exploit-DB - https://www.exploit-db.com:
  337. | [26737] nginx 1.3.9/1.4.0 x86 Brute Force Remote Exploit
  338. | [25775] Nginx HTTP Server 1.3.9-1.4.0 Chuncked Encoding Stack Buffer Overflow
  339. | [25499] nginx 1.3.9-1.4.0 DoS PoC
  340. | [24967] nginx 0.6.x Arbitrary Code Execution NullByte Injection
  341. | [14830] nginx 0.6.38 - Heap Corruption Exploit
  342. | [13822] Nginx <= 0.7.65 / 0.8.39 (dev) Source Disclosure / Download Vulnerability
  343. | [13818] Nginx 0.8.36 Source Disclosure and DoS Vulnerabilities
  344. | [12804] nginx [engine x] http server <= 0.6.36 Path Draversal
  345. | [9901] nginx 0.7.0-0.7.61, 0.6.0-0.6.38, 0.5.0-0.5.37, 0.4.0-0.4.14 PoC
  346. | [9829] nginx 0.7.61 WebDAV directory traversal
  347. |
  348. | OpenVAS (Nessus) - http://www.openvas.org:
  349. | [864418] Fedora Update for nginx FEDORA-2012-3846
  350. | [864310] Fedora Update for nginx FEDORA-2012-6238
  351. | [864209] Fedora Update for nginx FEDORA-2012-6411
  352. | [864204] Fedora Update for nginx FEDORA-2012-6371
  353. | [864121] Fedora Update for nginx FEDORA-2012-4006
  354. | [864115] Fedora Update for nginx FEDORA-2012-3991
  355. | [864065] Fedora Update for nginx FEDORA-2011-16075
  356. | [863654] Fedora Update for nginx FEDORA-2011-16110
  357. | [861232] Fedora Update for nginx FEDORA-2007-1158
  358. | [850180] SuSE Update for nginx openSUSE-SU-2012:0237-1 (nginx)
  359. | [831680] Mandriva Update for nginx MDVSA-2012:043 (nginx)
  360. | [802045] 64-bit Debian Linux Rootkit with nginx Doing iFrame Injection
  361. | [801636] nginx HTTP Request Remote Buffer Overflow Vulnerability
  362. | [103470] nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability
  363. | [103469] nginx 'ngx_cpystrn()' Information Disclosure Vulnerability
  364. | [103344] nginx DNS Resolver Remote Heap Buffer Overflow Vulnerability
  365. | [100676] nginx Remote Source Code Disclosure and Denial of Service Vulnerabilities
  366. | [100659] nginx Directory Traversal Vulnerability
  367. | [100658] nginx Space String Remote Source Code Disclosure Vulnerability
  368. | [100441] nginx Terminal Escape Sequence in Logs Command Injection Vulnerability
  369. | [100321] nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability
  370. | [100277] nginx Proxy DNS Cache Domain Spoofing Vulnerability
  371. | [100276] nginx HTTP Request Remote Buffer Overflow Vulnerability
  372. | [100275] nginx WebDAV Multiple Directory Traversal Vulnerabilities
  373. | [71574] Gentoo Security Advisory GLSA 201206-07 (nginx)
  374. | [71308] Gentoo Security Advisory GLSA 201203-22 (nginx)
  375. | [71297] FreeBSD Ports: nginx
  376. | [71276] FreeBSD Ports: nginx
  377. | [71239] Debian Security Advisory DSA 2434-1 (nginx)
  378. | [66451] Fedora Core 11 FEDORA-2009-12782 (nginx)
  379. | [66450] Fedora Core 10 FEDORA-2009-12775 (nginx)
  380. | [66449] Fedora Core 12 FEDORA-2009-12750 (nginx)
  381. | [64924] Gentoo Security Advisory GLSA 200909-18 (nginx)
  382. | [64912] Fedora Core 10 FEDORA-2009-9652 (nginx)
  383. | [64911] Fedora Core 11 FEDORA-2009-9630 (nginx)
  384. | [64894] FreeBSD Ports: nginx
  385. | [64869] Debian Security Advisory DSA 1884-1 (nginx)
  386. |
  387. | SecurityTracker - https://www.securitytracker.com:
  388. | [1028544] nginx Bug Lets Remote Users Deny Service or Obtain Potentially Sensitive Information
  389. | [1028519] nginx Stack Overflow Lets Remote Users Execute Arbitrary Code
  390. | [1026924] nginx Buffer Overflow in ngx_http_mp4_module Lets Remote Users Execute Arbitrary Code
  391. | [1026827] nginx HTTP Response Processing Lets Remote Users Obtain Portions of Memory Contents
  392. |
  393. | OSVDB - http://www.osvdb.org:
  394. | [94864] cPnginx Plugin for cPanel nginx Configuration Manipulation Arbitrary File Access
  395. | [93282] nginx proxy_pass Crafted Upstream Proxied Server Response Handling Worker Process Memory Disclosure
  396. | [93037] nginx /http/ngx_http_parse.c Worker Process Crafted Request Handling Remote Overflow
  397. | [92796] nginx ngx_http_close_connection Function Crafted r-&gt
  398. | [92634] nginx ngx_http_request.h zero_in_uri URL Null Byte Handling Remote Code Execution
  399. | [90518] nginx Log Directory Permission Weakness Local Information Disclosure
  400. | [88910] nginx Proxy Functionality SSL Certificate Validation MitM Spoofing Weakness
  401. | [84339] nginx/Windows Multiple Request Sequence Parsing Arbitrary File Access
  402. | [83617] Naxsi Module for Nginx naxsi-ui/ nx_extract.py Traversal Arbitrary File Access
  403. | [81339] nginx ngx_http_mp4_module Module Atom MP4 File Handling Remote Overflow
  404. | [80124] nginx HTTP Header Response Parsing Freed Memory Information Disclosure
  405. | [77184] nginx ngx_resolver.c ngx_resolver_copy() Function DNS Response Parsing Remote Overflow
  406. | [65531] nginx on Windows URI ::$DATA Append Arbitrary File Access
  407. | [65530] nginx Encoded Traversal Sequence Memory Corruption Remote DoS
  408. | [65294] nginx on Windows Encoded Space Request Remote Source Disclosure
  409. | [63136] nginx on Windows 8.3 Filename Alias Request Access Rules / Authentication Bypass
  410. | [62617] nginx Internal DNS Cache Poisoning Weakness
  411. | [61779] nginx HTTP Request Escape Sequence Terminal Command Injection
  412. | [59278] nginx src/http/ngx_http_parse.c ngx_http_process_request_headers() Function URL Handling NULL Dereference DoS
  413. | [58328] nginx WebDAV Multiple Method Traversal Arbitrary File Write
  414. | [58128] nginx ngx_http_parse_complex_uri() Function Underflow
  415. | [44447] nginx (engine x) msie_refresh Directive Unspecified XSS
  416. | [44446] nginx (engine x) ssl_verify_client Directive HTTP/0.9 Protocol Bypass
  417. | [44445] nginx (engine x) ngx_http_realip_module satisfy_any Directive Unspecified Access Bypass
  418. | [44444] nginx (engine x) X-Accel-Redirect Header Unspecified Traversal
  419. | [44443] nginx (engine x) rtsig Method Signal Queue Overflow
  420. | [44442] nginx (engine x) Worker Process Millisecond Timers Unspecified Overflow
  421. |_
  422. 445/tcp filtered microsoft-ds
  423.  
  424. Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  425. Nmap done: 1 IP address (1 host up) scanned in 26.60 seconds
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!