API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 24th, 2017
74
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.63 KB | None | 0 0
raw download clone embed print report
  1. + Server: Apache/1.3.33 (Darwin) mod_ssl/2.8.24 OpenSSL/0.9.7l PHP/4.4.7
  2. + robots.txt contains 1 entry which should be manually viewed.
  3. + OSVDB-27487: Apache is vulnerable to XSS via the Expect header
  4. + Apache/1.3.33 appears to be outdated (current is at least Apache/2.2.14). Apache 1.3.41 and 2.0.63 are also current.
  5. + mod_ssl/2.8.24 appears to be outdated (current is at least 2.8.31) (may depend on server version)
  6. + OpenSSL/0.9.7l appears to be outdated (current is at least 0.9.8i) (may depend on server version)
  7. + Number of sections in the version string differ from those in the database, the server reports: php/4.4.7 while the database has: 5.2.11. This may cause false positives.
  8. + PHP/4.4.7 appears to be outdated (current is at least 5.2.11)
  9. + Allowed HTTP Methods: GET, HEAD, OPTIONS, TRACE, POST, PUT, DELETE, CONNECT, PATCH, PROPFIND, PROPPATCH, MKCOL, COPY, MOVE, LOCK, UNLOCK
  10. + OSVDB-397: HTTP method ('Allow' Header): 'PUT' method could allow clients to save files on the web server.
  11. + OSVDB-5646: HTTP method ('Allow' Header): 'DELETE' may allow clients to remove files on the web server.
  12. + HTTP method ('Allow' Header): 'CONNECT' may allow server to proxy client requests.
  13. + HTTP method ('Allow' Header): 'PROPFIND' may indicate DAV/WebDAV is installed. This may be used to get directory listings if indexing is allow but a default page exists.
  14. + HTTP method ('Allow' Header): 'PROPPATCH' indicates WebDAV is installed.
  15. + OSVDB-5647: HTTP method ('Allow' Header): 'MOVE' may allow clients to change file locations on the web server.
  16. + OSVDB-637: Enumeration of users is possible by requesting ~username (responds with 'Forbidden' for users, 'not found' for non-existent users).
  17. + ETag header found on server, inode: 14713395, size: 312, mtime: 0x47681d8e
  18. + ERROR: /cgi.cgi/fpsrvadm.exe returned an error: error reading HTTP response
  19. + ERROR: /index.php?download=/winnt/win.ini returned an error: error reading HTTP response
  20. + ERROR: /put/cgi-bin/putport.exe?SWAP&BOM&OP=none&Lang=en-US&PutHtml=../../../../../../../../etc/passwd returned an error: error reading HTTP response
  21. + ERROR: /openautoclassifieds/friendmail.php?listing=<script>alert(document.domain);</script> returned an error: error reading HTTP response
  22. + ERROR: /cgi.cgi/probecontrol.cgi?command=enable&username=cancer&password=killer returned an error: error reading HTTP response
  23. + OSVDB-3233: /mailman/listinfo: Mailman was found on the server.
  24. + OSVDB-3093: /webmail/src/read_body.php: This might be interesting... has been seen in web logs from an unknown scanner.
  25. + OSVDB-3268: /icons/: Directory indexing is enabled: /icons
  26. + OSVDB-3233: /icons/README: Apache default file found.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!