2018-02-19T19:36:41Z2018-02-19T19:36:41Z2018-02-19T19:51:39Z00openvas_lib_scan_192.168.222.131_Kb9vIzyOrCTpHWgOjbV4XML6.0severitydescendinghmlgsort-reverse=severity result_hosts_only=1 min_cvss_base= min_qod=70 levels=hmlg autofp=0 notes=1 overrides=1 first=1 rows=133 delta_states=gn0111170HighMediumLowLognistNVD Vulnerability Severity RatingsNone0.00.0Low0.13.9Medium4.06.9High7.010.00Done113211142openvas_lib_scan_192.168.222.131_Kb9vIzyOrCTpHWgOjbV4scan from OpenVAS lib00Network Source Interfacesource_iface2018-02-19T19:36:33Z2018-02-19T19:36:41ZCoordinated Universal TimeUTC23general/tcp192.168.222.13110.0High8787/tcp192.168.222.13110.0High80/tcp192.168.222.13110.0High512/tcp192.168.222.13110.0High1524/tcp192.168.222.13110.0High1099/tcp192.168.222.13110.0High3632/tcp192.168.222.1319.3High5432/tcp192.168.222.1319.0High3306/tcp192.168.222.1319.0High22/tcp192.168.222.1319.0High25/tcp192.168.222.1316.8Medium21/tcp192.168.222.1316.4Medium445/tcp192.168.222.1316.0Mediumgeneral/icmp192.168.222.1310.0Loggeneral/SMBClient192.168.222.1310.0Loggeneral/CPE-T192.168.222.1310.0Log8009/tcp192.168.222.1310.0Log6667/tcp192.168.222.1310.0Log6000/tcp192.168.222.1310.0Log5900/tcp192.168.222.1310.0Log53/tcp192.168.222.1310.0Log514/tcp192.168.222.1310.0Log513/tcp192.168.222.1310.0Log23/tcp192.168.222.1310.0Log2121/tcp192.168.222.1310.0Log139/tcp192.168.222.1310.0Log111/tcp192.168.222.1310.0LogOS End Of Life Detectionadmin2018-02-19T19:50:20Z2018-02-19T19:50:20Z0192.168.222.131general/tcpOS End Of Life DetectionGeneral10.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:C/I:C/A:C|summary=OS End Of Life Detection
The Operating System on the remote host has reached the end of life and should
not be used anymore|qod_type=remote_banner$Revision: 7633 $High10.080remote_bannerThe "Ubuntu" Operating System on the remote host has reached the end of life.
CPE: cpe:/o:canonical:ubuntu_linux:8.04
Installed version,
build or SP: 8.04
EOL date: 2013-05-09
EOL info: https://wiki.ubuntu.com/ReleasesHigh10.0TWiki XSS and Command Execution Vulnerabilitiesadmin2018-02-19T19:48:55Z2018-02-19T19:48:55Z0productcpe:/a:twiki:twiki:01.Feb.2003location/twiki/binsource_oid1.3.6.1.4.1.25623.1.0.800399source_nameTWiki Version Detection192.168.222.13180/tcpTWiki XSS and Command Execution VulnerabilitiesWeb application abuses10.0CVE-2008-5304, CVE-2008-530532668, 32669URL:http://twiki.org/cgi-bin/view/Codev.SecurityAlert-CVE-2008-5304, URL:http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2008-5305cvss_base_vector=AV:N/AC:L/Au:N/C:C/I:C/A:C|impact=Successful exploitation could allow execution of arbitrary script code or
commands. This could let attackers steal cookie-based authentication
credentials or compromise the affected application.
Impact Level: Application|affected=TWiki, TWiki version prior to 4.2.4.|insight=The flaws are due to,
- %URLPARAM{}% variable is not properly sanitized which lets attackers
conduct cross-site scripting attack.
- %SEARCH{}% variable is not properly sanitised before being used in an
eval() call which lets the attackers execute perl code through eval
injection attack.|solution=Upgrade to version 4.2.4 or later,
http://twiki.org/cgi-bin/view/Codev/TWikiRelease04x02x04|summary=The host is running TWiki and is prone to Cross-Site Scripting
(XSS) and Command Execution Vulnerabilities.|solution_type=VendorFix|qod_type=remote_banner$Revision: 4227 $High10.080remote_bannerInstalled version: 01.Feb.2003
Fixed version: 4.2.4High10.0Check for rexecd Serviceadmin2018-02-19T19:40:17Z2018-02-19T19:40:17Z0192.168.222.131512/tcpCheck for rexecd ServiceUseless services10.0NOCVENOBIDURL:https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-1999-0618cvss_base_vector=AV:N/AC:L/Au:N/C:C/I:C/A:C|solution=Disable rexec Service.|summary=Rexecd Service is running at this Host.
Rexecd (Remote Process Execution) has the same kind of functionality
that rsh has : you can execute shell commands on a remote computer.
The main difference is that rexecd authenticate by reading the
username and password *unencrypted* from the socket.|solution_type=Mitigation|qod_type=remote_banner$Revision: 6849 $High10.080remote_bannerThe rexecd Service is not allowing connections from this host.High10.0Java RMI Server Insecure Default Configuration Remote Code Execution Vulnerabilityadmin2018-02-19T19:41:56Z2018-02-19T19:41:56Z0192.168.222.1311099/tcpJava RMI Server Insecure Default Configuration Remote Code Execution VulnerabilityGeneral10.0NOCVENOBIDURL:https://tools.cisco.com/security/center/viewAlert.x?alertId=23665cvss_base_vector=AV:N/AC:L/Au:N/C:C/I:C/A:C|impact=|vuldetect=Check if the target tries to load a Java class via a remote HTTP URL.|insight=The vulnerability exists because of an incorrect default configuration of the Remote Method Invocation (RMI) Server in the affected software. An unauthenticated, remote attacker could exploit the vulnerability by transmitting crafted packets to the affected software. When the packets are processed, the attacker could execute arbitrary code on the system with elevated privileges.|solution=Disable class-loading.|summary=Multiple Java products that implement the RMI Server contain a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system with elevated privileges.|solution_type=Workaround|qod_type=remote_active$Revision: 4422 $High10.095remote_activeHigh10.0Possible Backdoor: Ingreslockadmin2018-02-19T19:43:14Z2018-02-19T19:43:14Z0192.168.222.1311524/tcpPossible Backdoor: IngreslockGain a shell remotely10.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:C/I:C/A:C|summary=A backdoor is installed on the remote host|impact=Attackers can exploit this issue to execute arbitrary commands in the
context of the application. Successful attacks will compromise the affected isystem.|qod_type=remote_vul|solution_type=Workaround$Revision: 7293 $High10.099remote_vulHigh10.0Distributed Ruby (dRuby/DRb) Multiple Remote Code Execution Vulnerabilitiesadmin2018-02-19T19:41:56Z2018-02-19T19:41:56Z0192.168.222.1318787/tcpDistributed Ruby (dRuby/DRb) Multiple Remote Code Execution VulnerabilitiesGain a shell remotely10.0NOCVE47071URL:https://tools.cisco.com/security/center/viewAlert.x?alertId=22750, URL:http://www.securityfocus.com/bid/47071, URL:http://blog.recurity-labs.com/archives/2011/05/12/druby_for_penetration_testers/, URL:http://www.ruby-doc.org/stdlib-1.9.3/libdoc/drb/rdoc/DRb.htmlcvss_base_vector=AV:N/AC:L/Au:N/C:C/I:C/A:C|summary=Systems using Distributed Ruby (dRuby/DRb), which is available in Ruby versions 1.6
and later, may permit unauthorized systems to execute distributed commands.|vuldetect=Send a crafted command to the service and check for a remote command execution
via the instance_eval or syscall requests.|impact=By default, Distributed Ruby does not impose restrictions on allowed hosts or set the
$SAFE environment variable to prevent privileged activities. If other controls are not in place, especially if the
Distributed Ruby process runs with elevated privileges, an attacker could execute arbitrary system commands or Ruby
scripts on the Distributed Ruby server. An attacker may need to know only the URI of the listening Distributed Ruby
server to submit Ruby commands.|solution=Administrators of environments that rely on Distributed Ruby should ensure that
appropriate controls are in place. Code-level controls may include:
- Implementing taint on untrusted input
- Setting $SAFE levels appropriately (>=2 is recommended if untrusted hosts are allowed to submit Ruby commands, and >=3 may be appropriate)
- Including drb/acl.rb to set ACLEntry to restrict access to trusted hosts|solution_type=Mitigation|qod_type=remote_vul$Revision: 4387 $High10.099remote_vulThe service is running in $SAFE >= 1 mode. However it is still possible to run arbitrary syscall commands on the remote host. Sending an invalid syscall the service returned the following response:
Flo:Errno::ENOSYS:bt["3/usr/lib/ruby/1.8/drb/drb.rb:1555:in `syscall'"0/usr/lib/ruby/1.8/drb/drb.rb:1555:in `send'"4/usr/lib/ruby/1.8/drb/drb.rb:1555:in `__send__'"A/usr/lib/ruby/1.8/drb/drb.rb:1555:in `perform_without_block'"3/usr/lib/ruby/1.8/drb/drb.rb:1515:in `perform'"5/usr/lib/ruby/1.8/drb/drb.rb:1589:in `main_loop'"0/usr/lib/ruby/1.8/drb/drb.rb:1585:in `loop'"5/usr/lib/ruby/1.8/drb/drb.rb:1585:in `main_loop'"1/usr/lib/ruby/1.8/drb/drb.rb:1581:in `start'"5/usr/lib/ruby/1.8/drb/drb.rb:1581:in `main_loop'"//usr/lib/ruby/1.8/drb/drb.rb:1430:in `run'"1/usr/lib/ruby/1.8/drb/drb.rb:1427:in `start'"//usr/lib/ruby/1.8/drb/drb.rb:1427:in `run'"6/usr/lib/ruby/1.8/drb/drb.rb:1347:in `initialize'"//usr/lib/ruby/1.8/drb/drb.rb:1627:in `new'"9/usr/lib/ruby/1.8/drb/drb.rb:1627:in `start_service'"%/usr/sbin/druby_timeserver.rb:12:errnoi+:mesg"Function not implementedHigh10.0DistCC Remote Code Execution Vulnerabilityadmin2018-02-19T19:42:13Z2018-02-19T19:42:13Z0192.168.222.1313632/tcpDistCC Remote Code Execution VulnerabilityGeneral9.3CVE-2004-2687NOBIDURL:http://distcc.samba.org/security.html, URL:http://archives.neohapsis.com/archives/bugtraq/2005-03/0183.htmlcvss_base_vector=AV:N/AC:M/Au:N/C:C/I:C/A:C|solution=Vendor updates are available. Please see the references for more
information.|summary=DistCC 2.x, as used in XCode 1.5 and others, when not configured to restrict
access to the server port, allows remote attackers to execute arbitrary commands via compilation jobs, which
are executed by the server without authorization checks.|solution_type=VendorFix|qod_type=remote_vul$Revision: 5120 $High9.399remote_vulIt was possible to execute the "id" command.
Result: uid=1(daemon) gid=1(daemon)High9.3SSH Brute Force Logins With Default Credentials Reportingadmin2018-02-19T19:50:19Z2018-02-19T19:50:19Z0192.168.222.13122/tcpSSH Brute Force Logins With Default Credentials ReportingDefault Accounts9.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:C/I:P/A:P|summary=It was possible to login into the remote SSH server using default credentials.
As the NVT 'SSH Brute Force Logins with default Credentials' (OID: 1.3.6.1.4.1.25623.1.0.108013) might run into a
timeout the actual reporting of this vulnerability takes place in this NVT instead. The script preference 'Report timeout'
allows you to configure if such an timeout is reported.|solution=Change the password as soon as possible.|vuldetect=Try to login with a number of known default credentials via the SSH protocol.|solution_type=Mitigation|qod_type=remote_active$Revision: 5467 $High9.095remote_activeIt was possible to login with the following credentials <User>:<Password>
msfadmin:msfadmin
user:userHigh9.0MySQL / MariaDB weak passwordadmin2018-02-19T19:42:09Z2018-02-19T19:42:09Z0192.168.222.1313306/tcpMySQL / MariaDB weak passwordDefault Accounts9.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:C/I:P/A:P|solution=Change the password as soon as possible.|summary=It was possible to login into the remote MySQL as root using weak credentials.|solution_type=Mitigation|qod_type=remote_active$Revision: 6788 $High9.095remote_activeIt was possible to login as root with an empty password.High9.0PostgreSQL weak passwordadmin2018-02-19T19:42:16Z2018-02-19T19:42:16Z0192.168.222.1315432/tcpPostgreSQL weak passwordDefault Accounts9.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:C/I:P/A:P|qod_type=remote_vul|solution=Change the password as soon as possible.|summary=It was possible to login into the remote PostgreSQL as user postgres using weak credentials.$Revision: 5888 $High9.099remote_vulIt was possible to login as user postgres with password "postgres".High9.0DistCC Detectionadmin2018-02-19T19:41:22Z2018-02-19T19:41:22Z0192.168.222.1313632/tcpDistCC DetectionService detection8.5NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:P/I:N/A:C|summary=DistCC is a program to distribute builds of C, C++, Objective C or
Objective C++ code across several machines on a network. DistCC should always generate the same results
as a local build, is simple to install and use, and is often two or more times faster than a local compile.|impact=DistCC by default trusts its clients completely that in turn could
allow a malicious client to execute arbitrary commands on the server.|solution=For more information about DistCC's security see:
http://distcc.samba.org/security.html|solution_type=Mitigation|qod_type=remote_active$Revision: 5420 $High8.595remote_activeHigh8.5phpMyAdmin Code Injection and XSS Vulnerabilityadmin2018-02-19T19:47:38Z2018-02-19T19:47:38Z0productcpe:/a:phpmyadmin:phpmyadmin:3.1.1location/phpMyAdminsource_oid1.3.6.1.4.1.25623.1.0.900129source_namephpMyAdmin Detection192.168.222.13180/tcpphpMyAdmin Code Injection and XSS VulnerabilityWeb application abuses7.5CVE-2009-115134236, 34251URL:http://www.securityfocus.com/bid/34236, URL:http://www.securityfocus.com/bid/34251cvss_base_vector=AV:N/AC:L/Au:N/C:P/I:P/A:P|qod_type=remote_banner|solution=Vendor updates are available. Please see http://www.phpmyadmin.net for more
Information.|summary=phpMyAdmin is prone to a remote PHP code-injection vulnerability and
to a cross-site scripting vulnerability.
An attacker can exploit this issue to inject and execute arbitrary
malicious PHP code in the context of the webserver process. This may
facilitate a compromise of the application and the underlying
system
other attacks are also possible.
Versions prior to phpMyAdmin 2.11.9.5 and 3.1.3.1 are vulnerable.$Revision: 6704 $High7.580remote_bannerHigh7.5phpMyAdmin BLOB Streaming Multiple Input Validation Vulnerabilitiesadmin2018-02-19T19:47:45Z2018-02-19T19:47:45Z0productcpe:/a:phpmyadmin:phpmyadmin:3.1.1location/phpMyAdminsource_oid1.3.6.1.4.1.25623.1.0.900129source_namephpMyAdmin Detection192.168.222.13180/tcpphpMyAdmin BLOB Streaming Multiple Input Validation VulnerabilitiesWeb application abuses7.5NOCVE34253URL:http://www.securityfocus.com/bid/34253cvss_base_vector=AV:N/AC:L/Au:N/C:P/I:P/A:P|qod_type=remote_banner|solution=Vendor updates are available. Please see http://www.phpmyadmin.net for more
Information.|summary=phpMyAdmin is prone to multiple input-validation vulnerabilities,
including an HTTP response-splitting vulnerability and a
local file-include vulnerability.
These issues can be leveraged to view or execute arbitrary local
scripts, or misrepresent how web content is served, cached, or
interpreted. This could aid in various attacks that try to entice
client users into a false sense of trust. Other attacks are also
possible.
Versions prior to phpMyAdmin 3.1.3.1 are vulnerable.$Revision: 6704 $High7.580remote_bannerHigh7.5phpMyAdmin Configuration File PHP Code Injection Vulnerabilityadmin2018-02-19T19:47:45Z2018-02-19T19:47:45Z0productcpe:/a:phpmyadmin:phpmyadmin:3.1.1location/phpMyAdminsource_oid1.3.6.1.4.1.25623.1.0.900129source_namephpMyAdmin Detection192.168.222.13180/tcpphpMyAdmin Configuration File PHP Code Injection VulnerabilityWeb application abuses7.5CVE-2009-128534526URL:http://www.securityfocus.com/bid/34526cvss_base_vector=AV:N/AC:L/Au:N/C:P/I:P/A:P|qod_type=remote_banner|solution=Vendor updates are available. Please see http://www.phpmyadmin.net for more
Information.|summary=According to its version number, the remote version of phpMyAdmin is
prone to a remote PHP code-injection vulnerability.
An attacker can exploit this issue to inject and execute arbitrary
malicious PHP code in the context of the webserver process. This may
facilitate a compromise of the application and the underlying
system
other attacks are also possible.
phpMyAdmin 3.x versions prior to 3.1.3.2 are vulnerable.$Revision: 6704 $High7.580remote_bannerHigh7.5phpMyAdmin Unspecified SQL Injection and Cross Site Scripting Vulnerabilitiesadmin2018-02-19T19:47:39Z2018-02-19T19:47:39Z0productcpe:/a:phpmyadmin:phpmyadmin:3.1.1location/phpMyAdminsource_oid1.3.6.1.4.1.25623.1.0.900129source_namephpMyAdmin Detection192.168.222.13180/tcpphpMyAdmin Unspecified SQL Injection and Cross Site Scripting VulnerabilitiesWeb application abuses7.5CVE-2009-3696, CVE-2009-369736658URL:http://www.securityfocus.com/bid/36658, URL:http://www.phpmyadmin.net/, URL:http://freshmeat.net/projects/phpmyadmin/releases/306669, URL:http://freshmeat.net/projects/phpmyadmin/releases/306667cvss_base_vector=AV:N/AC:L/Au:N/C:P/I:P/A:P|qod_type=remote_banner|solution=Vendor updates are available. Please see the references for details.|summary=phpMyAdmin is prone to SQL-injection and cross-site scripting
vulnerabilities because it fails to sufficiently sanitize user-
supplied data.
Exploiting these issues could allow an attacker to steal cookie-
based authentication credentials, compromise the application,
access or modify data, or exploit latent vulnerabilities in the
underlying database.
Versions prior to phpMyAdmin 2.11.9.6 and 3.2.2.1 are affected.$Revision: 6948 $High7.580remote_bannerHigh7.5Tiki Wiki CMS Groupware < 4.2 Multiple Unspecified Vulnerabilitiesadmin2018-02-19T19:48:39Z2018-02-19T19:48:39Z0productcpe:/a:tiki:tikiwiki_cms/groupware:1.9.5location/tikiwikisource_oid1.3.6.1.4.1.25623.1.0.901001source_nameTiki Wiki CMS Groupware Version Detection192.168.222.13180/tcpTiki Wiki CMS Groupware < 4.2 Multiple Unspecified VulnerabilitiesWeb application abuses7.5CVE-2010-1135, CVE-2010-1134, CVE-2010-1133, CVE-2010-113638608URL:http://www.securityfocus.com/bid/38608, URL:http://tikiwiki.svn.sourceforge.net/viewvc/tikiwiki?view=rev&revision=24734, URL:http://tikiwiki.svn.sourceforge.net/viewvc/tikiwiki?view=rev&revision=25046, URL:http://tikiwiki.svn.sourceforge.net/viewvc/tikiwiki?view=rev&revision=25424, URL:http://tikiwiki.svn.sourceforge.net/viewvc/tikiwiki?view=rev&revision=25435, URL:http://info.tikiwiki.org/article86-Tiki-Announces-3-5-and-4-2-Releases, URL:http://info.tikiwiki.org/tiki-index.php?page=homepagecvss_base_vector=AV:N/AC:L/Au:N/C:P/I:P/A:P|impact=Exploiting these issues could allow an attacker to compromise the
application, access or modify data, exploit latent vulnerabilities in
the underlying database, and gain unauthorized access to the affected
application. Other attacks are also possible.|affected=Versions prior to Tiki Wiki CMS Groupware 4.2 are vulnerable.|solution=The vendor has released an advisory and fixes. Please see the
references for details.|summary=Tiki Wiki CMS Groupware is prone to multiple unspecified vulnerabilities, including:
- An unspecified SQL-injection vulnerability
- An unspecified authentication-bypass vulnerability
- An unspecified vulnerability|solution_type=VendorFix|qod_type=remote_banner$Revision: 5144 $High7.580remote_bannerInstalled version: 1.9.5
Fixed version: 4.2High7.5PHP-CGI-based setups vulnerability when parsing query string parameters from php files.admin2018-02-19T19:49:28Z2018-02-19T19:49:28Z0192.168.222.13180/tcpPHP-CGI-based setups vulnerability when parsing query string parameters from php files.Web application abuses7.5CVE-2012-1823, CVE-2012-2311, CVE-2012-2336, CVE-2012-233553388URL:http://www.h-online.com/open/news/item/Critical-open-hole-in-PHP-creates-risks-Update-1567532.html, URL:http://www.kb.cert.org/vuls/id/520827, URL:http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/, URL:https://bugs.php.net/bug.php?id=61910, URL:http://www.php.net/manual/en/security.cgi-bin.php, URL:http://www.securityfocus.com/bid/53388cvss_base_vector=AV:N/AC:L/Au:N/C:P/I:P/A:P|summary=PHP is prone to an information-disclosure vulnerability.|insight=When PHP is used in a CGI-based setup (such as Apache's mod_cgid), the
php-cgi receives a processed query string parameter as command line
arguments which allows command-line switches, such as -s, -d or -c to be
passed to the php-cgi binary, which can be exploited to disclose source
code and obtain arbitrary code execution.
An example of the -s command, allowing an attacker to view the source code
of index.php is below:
http://localhost/index.php?-s|impact=Exploiting this issue allows remote attackers to view the source code of files in the
context of the server process. This may allow the attacker to obtain sensitive information and to run arbitrary PHP code
on the affected computer
other attacks are also possible.|solution=PHP has released version 5.4.3 and 5.3.13 to address this vulnerability.
PHP is recommending that users upgrade to the latest version of PHP.|qod_type=remote_active|solution_type=VendorFix$Revision: 5958 $High7.595remote_activeVulnerable url: http://192.168.222.131/cgi-bin/phpHigh7.5Test HTTP dangerous methodsadmin2018-02-19T19:50:14Z2018-02-19T19:50:14Z0192.168.222.13180/tcpTest HTTP dangerous methodsRemote file access7.5NOCVE12141OWASP:OWASP-CM-001cvss_base_vector=AV:N/AC:L/Au:N/C:P/I:P/A:P|solution=Use access restrictions to these dangerous HTTP methods
or disable them completely.|summary=Misconfigured web servers allows remote clients to perform
dangerous HTTP methods such as PUT and DELETE. This script
checks if they are enabled and can be misused to upload or delete files.|impact=- Enabled PUT method: This might allow an attacker to upload and run arbitrary code on this web server.
- Enabled DELETE method: This might allow an attacker to delete additional files on this web server.|solution_type=Mitigation|qod_type=remote_vul$Revision: 4295 $High7.599remote_vulWe could upload the following files via the PUT method at this web server:
http://192.168.222.131/dav/puttest1482502572.html
We could delete the following files via the DELETE method at this web server:
http://192.168.222.131/dav/puttest1482502572.htmlHigh7.5phpinfo() output accessibleadmin2018-02-19T19:47:42Z2018-02-19T19:47:42Z0192.168.222.13180/tcpphpinfo() output accessibleWeb application abuses7.5NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:P/I:P/A:P|solution=Delete them or restrict access to the listened files.|summary=Many PHP installation tutorials instruct the user to create
a file called phpinfo.php or similar containing the phpinfo() statement. Such a file is often times
left in webserver directory after completion.|impact=Some of the information that can be gathered from this file includes:
The username of the user who installed php, if they are a SUDO user, the IP address of the host, the web server
version, the system version(unix / linux), and the root directory of the web server.|qod_type=remote_banner|solution_type=Workaround$Revision: 6355 $High7.580remote_bannerThe following files are calling the function phpinfo() which disclose potentially sensitive information to the remote attacker:
http://192.168.222.131/phpinfo.php
http://192.168.222.131/mutillidae/phpinfo.phpHigh7.5Multiple Vendors STARTTLS Implementation Plaintext Arbitrary Command Injection Vulnerabilityadmin2018-02-19T19:42:26Z2018-02-19T19:42:26Z0192.168.222.13125/tcpMultiple Vendors STARTTLS Implementation Plaintext Arbitrary Command Injection VulnerabilitySMTP problems6.8CVE-2011-0411, CVE-2011-1430, CVE-2011-1431, CVE-2011-1432, CVE-2011-1575, CVE-2011-1926, CVE-2011-216546767URL:http://www.securityfocus.com/bid/46767, URL:http://kolab.org/pipermail/kolab-announce/2011/000101.html, URL:http://bugzilla.cyrusimap.org/show_bug.cgi?id=3424, URL:http://cyrusimap.org/mediawiki/index.php/Bugs_Resolved_in_2.4.7, URL:http://www.kb.cert.org/vuls/id/MAPG-8D9M4P, URL:http://files.kolab.org/server/release/kolab-server-2.3.2/sources/release-notes.txt, URL:http://www.postfix.org/CVE-2011-0411.html, URL:http://www.pureftpd.org/project/pure-ftpd/news, URL:http://www.watchguard.com/support/release-notes/xcs/9/en-US/EN_ReleaseNotes_XCS_9_1_1/EN_ReleaseNotes_WG_XCS_9_1_TLS_Hotfix.pdf, URL:http://www.spamdyke.org/documentation/Changelog.txt, URL:http://datatracker.ietf.org/doc/draft-josefsson-kerberos5-starttls/?include_text=1, URL:http://www.securityfocus.com/archive/1/516901, URL:http://support.avaya.com/css/P8/documents/100134676, URL:http://support.avaya.com/css/P8/documents/100141041, URL:http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html, URL:http://inoa.net/qmail-tls/vu555316.patch, URL:http://www.kb.cert.org/vuls/id/555316cvss_base_vector=AV:N/AC:M/Au:N/C:P/I:P/A:P|qod_type=remote_vul|impact=An attacker can exploit this issue to execute arbitrary commands in
the context of the user running the application. Successful exploits
can allow attackers to obtain email usernames and passwords.|vuldetect=Send a special crafted STARTTLS request and check the response.|solution=Updates are available.|summary=Multiple vendors' implementations of STARTTLS are prone to a
vulnerability that lets attackers inject arbitrary commands.|affected=The following vendors are affected:
Ipswitch
Kerio
Postfix
Qmail-TLS
Oracle
SCO Group
spamdyke
ISC$Revision: 6769 $Medium6.899remote_vulMedium6.8TWiki Cross-Site Request Forgery Vulnerability - Sep10admin2018-02-19T19:48:38Z2018-02-19T19:48:38Z0productcpe:/a:twiki:twiki:01.Feb.2003location/twiki/binsource_oid1.3.6.1.4.1.25623.1.0.800399source_nameTWiki Version Detection192.168.222.13180/tcpTWiki Cross-Site Request Forgery Vulnerability - Sep10Web application abuses6.8CVE-2009-4898NOBIDURL:http://www.openwall.com/lists/oss-security/2010/08/03/8, URL:http://www.openwall.com/lists/oss-security/2010/08/02/17, URL:http://twiki.org/cgi-bin/view/Codev/SecurityAuditTokenBasedCsrfFixcvss_base_vector=AV:N/AC:M/Au:N/C:P/I:P/A:P|impact=Successful exploitation will allow attacker to gain administrative
privileges on the target application and can cause CSRF attack.
Impact Level: Application|affected=TWiki version prior to 4.3.2|insight=Attack can be done by tricking an authenticated TWiki user into visiting
a static HTML page on another side, where a Javascript enabled browser will send an HTTP POST request
to TWiki, which in turn will process the request as the TWiki user.|solution=Upgrade to TWiki version 4.3.2 or later,
For updates refer to http://twiki.org/cgi-bin/view/Codev/DownloadTWiki|summary=The host is running TWiki and is prone to Cross-Site Request
Forgery vulnerability.|solution_type=VendorFix|qod_type=remote_banner$Revision: 4293 $Medium6.880remote_bannerInstalled version: 01.Feb.2003
Fixed version: 4.3.2Medium6.8SSL/TLS: OpenSSL CCS Man in the Middle Security Bypass Vulnerabilityadmin2018-02-19T19:42:27Z2018-02-19T19:42:27Z0192.168.222.1315432/tcpSSL/TLS: OpenSSL CCS Man in the Middle Security Bypass VulnerabilitySSL and TLS6.8CVE-2014-022467899URL:http://www.securityfocus.com/bid/67899, URL:http://openssl.org/cvss_base_vector=AV:N/AC:M/Au:N/C:P/I:P/A:P|impact=Successfully exploiting this issue may allow attackers to obtain
sensitive information by conducting a man-in-the-middle attack. This
may lead to other attacks.|vuldetect=Send two SSL ChangeCipherSpec request and check the response.|insight=OpenSSL does not properly restrict processing of ChangeCipherSpec
messages, which allows man-in-the-middle attackers to trigger use of a
zero-length master key in certain OpenSSL-to-OpenSSL communications, and
consequently hijack sessions or obtain sensitive information, via a crafted
TLS handshake, aka the 'CCS Injection' vulnerability.|solution=Updates are available.|summary=OpenSSL is prone to security-bypass vulnerability.|affected=OpenSSL before 0.9.8za,
1.0.0 before 1.0.0m and
1.0.1 before 1.0.1h|qod_type=remote_analysis|solution_type=VendorFix$Revision: 7578 $Medium6.870remote_analysisMedium6.8phpMyAdmin Bookmark Security Bypass Vulnerabilityadmin2018-02-19T19:48:42Z2018-02-19T19:48:42Z0productcpe:/a:phpmyadmin:phpmyadmin:3.1.1location/phpMyAdminsource_oid1.3.6.1.4.1.25623.1.0.900129source_namephpMyAdmin Detection192.168.222.13180/tcpphpMyAdmin Bookmark Security Bypass VulnerabilityWeb application abuses6.5CVE-2011-0986, CVE-2011-098746359URL:https://www.securityfocus.com/bid/46359, URL:http://www.phpmyadmin.net/, URL:http://www.phpmyadmin.net/home_page/security/PMASA-2011-2.phpcvss_base_vector=AV:N/AC:L/Au:S/C:P/I:P/A:P|qod_type=remote_banner|solution=Updates are available. Please see the references for details.|summary=phpMyAdmin is prone to a security-bypass vulnerability that affects
bookmarks.
Successfully exploiting this issue allows a remote attacker to bypass
certain security restrictions and perform unauthorized actions.
Versions prior to phpMyAdmin 3.3.9.2 and 2.11.11.3 are vulnerable.$Revision: 7006 $Medium6.580remote_bannerMedium6.5Check for Anonymous FTP Loginadmin2018-02-19T19:39:05Z2018-02-19T19:39:05Z0192.168.222.13121/tcpCheck for Anonymous FTP LoginFTP6.4NOCVENOBIDURL:https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-1999-0497cvss_base_vector=AV:N/AC:L/Au:N/C:P/I:P/A:N|solution=If you do not want to share files, you should disable anonymous logins.|insight=A host that provides an FTP service may additionally provide Anonymous FTP
access as well. Under this arrangement, users do not strictly need an account
on the host. Instead the user typically enters 'anonymous' or 'ftp' when
prompted for username. Although users are commonly asked to send their email
address as their password, little to no verification is actually performed on
the supplied data.|impact=Based on the files accessible via this anonymous FTP login and the permissions
of this account an attacker might be able to:
- gain access to sensitive files
- upload or delete files|summary=This FTP Server allows anonymous logins.|vuldetect=Try to login with an anonymous account at the remove FTP service.|solution_type=Mitigation|qod_type=remote_banner$Revision: 7297 $Medium6.480remote_bannerIt was possible to login to the remote FTP service with the following anonymous account:
anonymous:openvas@example.com
ftp:openvas@example.comMedium6.4TWiki Cross-Site Request Forgery Vulnerabilityadmin2018-02-19T19:47:49Z2018-02-19T19:47:49Z0productcpe:/a:twiki:twiki:01.Feb.2003location/twiki/binsource_oid1.3.6.1.4.1.25623.1.0.800399source_nameTWiki Version Detection192.168.222.13180/tcpTWiki Cross-Site Request Forgery VulnerabilityWeb application abuses6.0CVE-2009-1339NOBIDURL:http://secunia.com/advisories/34880, URL:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526258, URL:http://twiki.org/p/pub/Codev/SecurityAlert-CVE-2009-1339/TWiki-4.3.0-c-diff-cve-2009-1339.txtcvss_base_vector=AV:N/AC:M/Au:S/C:P/I:P/A:P|impact=Successful exploitation will allow attacker to gain administrative
privileges on the target application and can cause CSRF attack.
Impact Level: Application|affected=TWiki version prior to 4.3.1|insight=Remote authenticated user can create a specially crafted image tag that,
when viewed by the target user, will update pages on the target system
with the privileges of the target user via HTTP requests.|solution=Upgrade to version 4.3.1 or later,
http://twiki.org/cgi-bin/view/Codev/DownloadTWiki|summary=The host is running TWiki and is prone to Cross-Site Request
Forgery Vulnerability.|solution_type=VendorFix|qod_type=remote_banner$Revision: 4892 $Medium6.080remote_bannerInstalled version: 01.Feb.2003
Fixed version: 4.3.1Medium6.0Samba MS-RPC Remote Shell Command Execution Vulnerability (Active Check)admin2018-02-19T19:42:03Z2018-02-19T19:42:03Z0productcpe:/a:samba:samba:3.0.20location445/tcpsource_oid1.3.6.1.4.1.25623.1.0.102011source_nameSMB NativeLanMan192.168.222.131445/tcpSamba MS-RPC Remote Shell Command Execution Vulnerability (Active Check)Gain a shell remotely6.0CVE-2007-244723972URL:http://www.securityfocus.com/bid/23972, URL:https://www.samba.org/samba/security/CVE-2007-2447.htmlcvss_base_vector=AV:N/AC:M/Au:S/C:P/I:P/A:P|summary=Samba is prone to a vulnerability that allows attackers to execute arbitrary shell
commands because the software fails to sanitize user-supplied input.|vuldetect=Send a crafted command to the samba server and check for a remote command execution.|impact=An attacker may leverage this issue to execute arbitrary shell commands on an affected
system with the privileges of the application.|solution=Updates are available. Please see the referenced vendor advisory.|affected=This issue affects Samba 3.0.0 to 3.0.25rc3.|solution_type=VendorFix|qod_type=remote_vul$Revision: 4401 $Medium6.099remote_vulMedium6.0http TRACE XSS attackadmin2018-02-19T19:49:02Z2018-02-19T19:49:02Z0192.168.222.13180/tcphttp TRACE XSS attackWeb application abuses5.8CVE-2004-2320, CVE-2003-15679506, 9561, 11604URL:http://www.kb.cert.org/vuls/id/867593cvss_base_vector=AV:N/AC:M/Au:N/C:P/I:P/A:N|qod_type=remote_vul|summary=Debugging functions are enabled on the remote HTTP server.
The remote webserver supports the TRACE and/or TRACK methods. TRACE and TRACK
are HTTP methods which are used to debug web server connections.
It has been shown that servers supporting this method are subject to
cross-site-scripting attacks, dubbed XST for Cross-Site-Tracing, when
used in conjunction with various weaknesses in browsers.
An attacker may use this flaw to trick your legitimate web users to give
him their credentials.|solution=Disable these methods.$Revision: 6063 $Medium5.899remote_vulSolution:
Add the following lines for each virtual host in your configuration file :
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]
See also http://httpd.apache.org/docs/current/de/mod/core.html#traceenableMedium5.8Check if Mailserver answer to VRFY and EXPN requestsadmin2018-02-19T19:39:15Z2018-02-19T19:39:15Z0192.168.222.13125/tcpCheck if Mailserver answer to VRFY and EXPN requestsSMTP problems5.0NOCVENOBIDURL:http://cr.yp.to/smtp/vrfy.htmlcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:P|solution=Disable VRFY and/or EXPN on your Mailserver.
For postfix add 'disable_vrfy_command=yes' in 'main.cf'.
For Sendmail add the option 'O PrivacyOptions=goaway'.|summary=The Mailserver on this host answers to VRFY and/or EXPN requests.
VRFY and EXPN ask the server for information about an address. They are inherently unusable through
firewalls, gateways, mail exchangers for part-time hosts, etc. OpenVAS suggests that, if you really
want to publish this type of information, you use a mechanism that legitimate users actually know
about, such as Finger or HTTP.|solution_type=Workaround|qod_type=remote_vul$Revision: 5899 $Medium5.099remote_vul'VRFY root' produces the following answer: 252 2.0.0 root Medium5.0SSL/TLS: Certificate Expiredadmin2018-02-19T19:43:52Z2018-02-19T19:43:52Z0192.168.222.13125/tcpSSL/TLS: Certificate ExpiredSSL and TLS5.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:P/A:N|insight=This script checks expiry dates of certificates associated with
SSL/TLS-enabled services on the target and reports whether any have already expired.|solution=Replace the SSL/TLS certificate by a new one.|summary=The remote server's SSL/TLS certificate has already expired.|solution_type=Mitigation|qod_type=remote_vul$Revision: 7248 $Medium5.099remote_vulThe certificate of the remote service expired on 2010-04-16 14:07:45.
Certificate details:
subject ...: 1.2.840.113549.1.9.1=#726F6F74407562756E74753830342D626173652E6C6F63616C646F6D61696E,CN=ubuntu804-base.localdomain,OU=Office for Complication of Otherwise Simple Affairs,O=OCOSA,L=Everywhere,ST=There is no such thing outside US,C=XX
subject alternative names (SAN):
None
issued by .: 1.2.840.113549.1.9.1=#726F6F74407562756E74753830342D626173652E6C6F63616C646F6D61696E,CN=ubuntu804-base.localdomain,OU=Office for Complication of Otherwise Simple Affairs,O=OCOSA,L=Everywhere,ST=There is no such thing outside US,C=XX
serial ....: 00FAF93A4C7FB6B9CC
valid from : 2010-03-17 14:07:45 UTC
valid until: 2010-04-16 14:07:45 UTC
fingerprint (SHA-1): ED093088706603BFD5DC237399B498DA2D4D31C6
fingerprint (SHA-256): E7A7FA0D63E457C7C4A59B38B70849C6A70BDA6F830C7AF1E32DEE436DE813CCMedium5.0/doc directory browsableadmin2018-02-19T19:48:55Z2018-02-19T19:48:55Z0192.168.222.13180/tcp/doc directory browsableWeb application abuses5.0CVE-1999-0678318NOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:P/I:N/A:N|solution=Use access restrictions for the /doc directory.
If you use Apache you might use this in your access.conf:
<Directory /usr/doc>
AllowOverride None
order deny,allow
deny from all
allow from localhost
</Directory>|summary=The /doc directory is browsable.
/doc shows the content of the /usr/doc directory and therefore it shows which programs and - important! - the version of the installed programs.|solution_type=Mitigation|qod_type=remote_banner$Revision: 4288 $Medium5.080remote_bannerVulnerable url: http://192.168.222.131/doc/Medium5.0awiki Multiple Local File Include Vulnerabilitiesadmin2018-02-19T19:49:40Z2018-02-19T19:49:40Z0192.168.222.13180/tcpawiki Multiple Local File Include VulnerabilitiesWeb application abuses5.0NOCVE49187URL:http://www.securityfocus.com/bid/49187, URL:http://www.kobaonline.com/awiki/cvss_base_vector=AV:N/AC:L/Au:N/C:P/I:N/A:N|impact=An attacker can exploit this vulnerability to obtain potentially
sensitive information and execute arbitrary local scripts in the context of
the webserver process. This may allow the attacker to compromise the
application and the host
other attacks are also possible.|affected=awiki 20100125 is vulnerable
other versions may also be affected.|summary=awiki is prone to multiple local file-include vulnerabilities because
it fails to properly sanitize user-supplied input.|solution=No solution or patch was made available for at least one year since
disclosure of this vulnerability. Likely none will be provided anymore. General
solution options are to upgrade to a newer release, disable respective features,
remove the product or replace the product by another one.|solution_type=WillNotFix|qod_type=remote_vul$Revision: 7577 $Medium5.099remote_vulVulnerable url: http://192.168.222.131/mutillidae/index.php?page=/etc/passwdMedium5.0Tiki Wiki CMS Groupware 'fixedURLData' Local File Inclusion Vulnerabilityadmin2018-02-19T19:48:21Z2018-02-19T19:48:21Z0productcpe:/a:tiki:tikiwiki_cms/groupware:1.9.5location/tikiwikisource_oid1.3.6.1.4.1.25623.1.0.901001source_nameTiki Wiki CMS Groupware Version Detection192.168.222.13180/tcpTiki Wiki CMS Groupware 'fixedURLData' Local File Inclusion VulnerabilityWeb application abuses5.0CVE-2016-10143NOBIDURL:http://tiki.org/article445-Security-updates-Tiki-16-2-15-4-and-Tiki-12-11-released, URL:https://sourceforge.net/p/tikiwiki/code/60308/cvss_base_vector=AV:N/AC:L/Au:N/C:P/I:N/A:N|summary=The host is installed with Tiki Wiki CMS Groupware
and is prone to a local file inclusion vulnerability.|vuldetect=Get the installed version with the help of the detect NVT
and check the version is vulnerable or not.|insight=The Flaw is due to improper sanitization
of input passed to the 'fixedURLData' parameter of the 'display_banner.php' script.|impact=Successful exploitation will allow an user having access to the
admin backend to gain access to arbitrary files and to compromise the application.
Impact Level: System/Application|affected=Tiki Wiki CMS Groupware versions:
- below 12.11 LTS
- 13.x, 14.x and 15.x below 15.4|solution=Upgrade to Tiki Wiki CMS Groupware version 12.11 LTS, 15.4 or
later. For updates refer to https://tiki.org|solution_type=VendorFix|qod_type=remote_banner$Revision: 5144 $Medium5.080remote_bannerInstalled version: 1.9.5
Fixed version: 12.11Medium5.0Tiki Wiki CMS Groupware Input Sanitation Weakness Vulnerabilityadmin2018-02-19T19:48:55Z2018-02-19T19:48:55Z0productcpe:/a:tiki:tikiwiki_cms/groupware:1.9.5location/tikiwikisource_oid1.3.6.1.4.1.25623.1.0.901001source_nameTiki Wiki CMS Groupware Version Detection192.168.222.13180/tcpTiki Wiki CMS Groupware Input Sanitation Weakness VulnerabilityWeb application abuses5.0CVE-2008-5318, CVE-2008-5319NOBIDURL:http://secunia.com/advisories/32341, URL:http://info.tikiwiki.org/tiki-read_article.php?articleId=41cvss_base_vector=AV:N/AC:L/Au:N/C:N/I:P/A:N|impact=Successful exploitation could allow arbitrary code execution in the context
of an affected site.
Impact Level: Application|affected=Tiki Wiki CMS Groupware version prior to 2.2 on all running platform|insight=The vulnerability is due to input validation error in tiki-error.php
which fails to sanitise before being returned to the user.|solution=Upgrade to version 2.2 or latest
http://info.tikiwiki.org/tiki-index.php?page=Get+Tiki&bl|summary=The host is installed with Tiki Wiki CMS Groupware and is prone to input sanitation
weakness vulnerability.|solution_type=VendorFix|qod_type=remote_banner$Revision: 5144 $Medium5.080remote_bannerInstalled version: 1.9.5
Fixed version: 2.2Medium5.0SSL/TLS: Certificate Expiredadmin2018-02-19T19:43:52Z2018-02-19T19:43:52Z0192.168.222.1315432/tcpSSL/TLS: Certificate ExpiredSSL and TLS5.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:P/A:N|insight=This script checks expiry dates of certificates associated with
SSL/TLS-enabled services on the target and reports whether any have already expired.|solution=Replace the SSL/TLS certificate by a new one.|summary=The remote server's SSL/TLS certificate has already expired.|solution_type=Mitigation|qod_type=remote_vul$Revision: 7248 $Medium5.099remote_vulThe certificate of the remote service expired on 2010-04-16 14:07:45.
Certificate details:
subject ...: 1.2.840.113549.1.9.1=#726F6F74407562756E74753830342D626173652E6C6F63616C646F6D61696E,CN=ubuntu804-base.localdomain,OU=Office for Complication of Otherwise Simple Affairs,O=OCOSA,L=Everywhere,ST=There is no such thing outside US,C=XX
subject alternative names (SAN):
None
issued by .: 1.2.840.113549.1.9.1=#726F6F74407562756E74753830342D626173652E6C6F63616C646F6D61696E,CN=ubuntu804-base.localdomain,OU=Office for Complication of Otherwise Simple Affairs,O=OCOSA,L=Everywhere,ST=There is no such thing outside US,C=XX
serial ....: 00FAF93A4C7FB6B9CC
valid from : 2010-03-17 14:07:45 UTC
valid until: 2010-04-16 14:07:45 UTC
fingerprint (SHA-1): ED093088706603BFD5DC237399B498DA2D4D31C6
fingerprint (SHA-256): E7A7FA0D63E457C7C4A59B38B70849C6A70BDA6F830C7AF1E32DEE436DE813CCMedium5.0SSH Weak Encryption Algorithms Supportedadmin2018-02-19T19:39:41Z2018-02-19T19:39:41Z0192.168.222.13122/tcpSSH Weak Encryption Algorithms SupportedGeneral4.3NOCVENOBIDURL:https://tools.ietf.org/html/rfc4253#section-6.3, URL:https://www.kb.cert.org/vuls/id/958563cvss_base_vector=AV:N/AC:M/Au:N/C:P/I:N/A:N|insight=The `arcfour` cipher is the Arcfour stream cipher with 128-bit keys.
The Arcfour cipher is believed to be compatible with the RC4 cipher [SCHNEIER]. Arcfour (and RC4) has problems
with weak keys, and should not be used anymore.
The `none` algorithm specifies that no encryption is to be done.
Note that this method provides no confidentiality protection, and it
is NOT RECOMMENDED to use it.
A vulnerability exists in SSH messages that employ CBC mode that may allow an attacker to recover plaintext from a block of ciphertext.|vuldetect=Check if remote ssh service supports Arcfour, none or CBC ciphers.|summary=The remote SSH server is configured to allow weak encryption algorithms.|solution=Disable the weak encryption algorithms.|solution_type=Mitigation|qod_type=remote_active$Revision: 4490 $Medium4.395remote_activeThe following weak client-to-server encryption algorithms are supported by the remote service:
3des-cbc
aes128-cbc
aes192-cbc
aes256-cbc
arcfour
arcfour128
arcfour256
blowfish-cbc
cast128-cbc
rijndael-cbc@lysator.liu.se
The following weak server-to-client encryption algorithms are supported by the remote service:
3des-cbc
aes128-cbc
aes192-cbc
aes256-cbc
arcfour
arcfour128
arcfour256
blowfish-cbc
cast128-cbc
rijndael-cbc@lysator.liu.seMedium4.3SSL/TLS: Deprecated SSLv2 and SSLv3 Protocol Detectionadmin2018-02-19T19:41:50Z2018-02-19T19:41:50Z0192.168.222.13125/tcpSSL/TLS: Deprecated SSLv2 and SSLv3 Protocol DetectionSSL and TLS4.3CVE-2016-0800, CVE-2014-3566NOBIDURL:https://www.enisa.europa.eu/activities/identity-and-trust/library/deliverables/algorithms-key-sizes-and-parameters-report, URL:https://bettercrypto.org/, URL:https://mozilla.github.io/server-side-tls/ssl-config-generator/, URL:https://drownattack.com/, URL:https://www.imperialviolet.org/2014/10/14/poodle.htmlcvss_base_vector=AV:N/AC:M/Au:N/C:P/I:N/A:N|summary=It was possible to detect the usage of the
deprecated SSLv2 and/or SSLv3 protocol on this system.|vuldetect=Check the used protocols of the services
provided by this system.|insight=The SSLv2 and SSLv3 protocols containing
known cryptographic flaws like:
- Padding Oracle On Downgraded Legacy Encryption (POODLE, CVE-2014-3566)
- Decrypting RSA with Obsolete and Weakened eNcryption (DROWN, CVE-2016-0800)|impact=An attacker might be able to use the known
cryptographic flaws to eavesdrop the connection between clients and the service
to get access to sensitive data transferred within the secured connection.|affected=All services providing an encrypted communication
using the SSLv2 and/or SSLv3 protocols.|solution=It is recommended to disable the deprecated
SSLv2 and/or SSLv3 protocols in favor of the TLSv1+ protocols. Please see the
references for more information.|qod_type=remote_app|solution_type=Mitigation$Revision: 5547 $Medium4.398remote_appIn addition to TLSv1.0+ the service is also providing the deprecated SSLv2 and SSLv3 protocols and supports one or more ciphers. Those supported ciphers can be found in the 'SSL/TLS: Report Weak and Supported Ciphers' (OID: 1.3.6.1.4.1.25623.1.0.802067) NVT.Medium4.3SSL/TLS: SSLv3 Protocol CBC Cipher Suites Information Disclosure Vulnerability (POODLE)admin2018-02-19T19:43:49Z2018-02-19T19:43:49Z0192.168.222.13125/tcpSSL/TLS: SSLv3 Protocol CBC Cipher Suites Information Disclosure Vulnerability (POODLE)SSL and TLS4.3CVE-2014-356670574URL:https://www.openssl.org/~bodo/ssl-poodle.pdf, URL:https://www.imperialviolet.org/2014/10/14/poodle.html, URL:https://www.dfranke.us/posts/2014-10-14-how-poodle-happened.html, URL:http://googleonlinesecurity.blogspot.in/2014/10/this-poodle-bites-exploiting-ssl-30.htmlcvss_base_vector=AV:N/AC:M/Au:N/C:P/I:N/A:N|summary=This host is prone to an information disclosure vulnerability.|vuldetect=Evaluate previous collected information about this service.|insight=The flaw is due to the block cipher padding not being deterministic and not covered by the Message Authentication Code|impact=Successful exploitation will allow a man-in-the-middle attackers gain access to the plain text data stream.
Impact Level: Application|solution=Possible Mitigations are:
- Disable SSLv3
- Disable cipher suites supporting CBC cipher modes
- Enable TLS_FALLBACK_SCSV if the service is providing TLSv1.0+|qod_type=remote_banner|solution_type=Mitigation$Revision: 4749 $Medium4.380remote_bannerMedium4.3SSL/TLS: RSA Temporary Key Handling 'RSA_EXPORT' Downgrade Issue (FREAK)admin2018-02-19T19:43:48Z2018-02-19T19:43:48Z0192.168.222.13125/tcpSSL/TLS: RSA Temporary Key Handling 'RSA_EXPORT' Downgrade Issue (FREAK)SSL and TLS4.3CVE-2015-020471936URL:https://freakattack.com, URL:http://secpod.org/blog/?p=3818, URL:http://blog.cryptographyengineering.com/2015/03/attack-of-week-freak-or-factoring-nsa.htmlcvss_base_vector=AV:N/AC:M/Au:N/C:N/I:P/A:N|summary=This host is accepting 'RSA_EXPORT' cipher suites
and is prone to man in the middle attack.|vuldetect=Check previous collected cipher suites saved in the KB.|insight=Flaw is due to improper handling RSA
temporary keys in a non-export RSA key exchange cipher suite.|impact=Successful exploitation will allow remote
attacker to downgrade the security of a session to use 'RSA_EXPORT' cipher suites,
which are significantly weaker than non-export cipher suites. This may allow a
man-in-the-middle attacker to more easily break the encryption and monitor
or tamper with the encrypted stream.
Impact Level: Application|affected=- Hosts accepting 'RSA_EXPORT' cipher suites
- OpenSSL version before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k.|solution=- Remove support for 'RSA_EXPORT' cipher
suites from the service.
- If running OpenSSL update to version 0.9.8zd or 1.0.0p
or 1.0.1k or later For updates refer to https://www.openssl.org|qod_type=remote_banner|solution_type=VendorFix$Revision: 4781 $Medium4.380remote_banner'RSA_EXPORT' cipher suites accepted by this service via the SSLv3 protocol:
TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
TLS_RSA_EXPORT_WITH_DES40_CBC_SHA
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
TLS_RSA_EXPORT_WITH_RC4_40_MD5
'RSA_EXPORT' cipher suites accepted by this service via the TLSv1.0 protocol:
TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
TLS_RSA_EXPORT_WITH_DES40_CBC_SHA
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
TLS_RSA_EXPORT_WITH_RC4_40_MD5Medium4.3SSL/TLS: 'DHE_EXPORT' Man in the Middle Security Bypass Vulnerability (LogJam)admin2018-02-19T19:43:48Z2018-02-19T19:43:48Z0192.168.222.13125/tcpSSL/TLS: 'DHE_EXPORT' Man in the Middle Security Bypass Vulnerability (LogJam)SSL and TLS4.3CVE-2015-400074733URL:https://weakdh.org, URL:https://weakdh.org/imperfect-forward-secrecy.pdf, URL:http://openwall.com/lists/oss-security/2015/05/20/8, URL:https://blog.cloudflare.com/logjam-the-latest-tls-vulnerability-explained, URL:https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changescvss_base_vector=AV:N/AC:M/Au:N/C:N/I:P/A:N|summary=This host is accepting 'DHE_EXPORT' cipher suites
and is prone to man in the middle attack.|vuldetect=Check previous collected cipher suites saved in the KB.|insight=Flaw is triggered when handling
Diffie-Hellman key exchanges defined in the 'DHE_EXPORT' cipher suites.|impact=Successful exploitation will allow a
man-in-the-middle attacker to downgrade the security of a TLS session to
512-bit export-grade cryptography, which is significantly weaker, allowing
the attacker to more easily break the encryption and monitor or tamper with
the encrypted stream.
Impact Level: Application|affected=- Hosts accepting 'DHE_EXPORT' cipher suites
- OpenSSL version before 1.0.2b and 1.0.1n|solution=- Remove support for 'DHE_EXPORT' cipher
suites from the service
- If running OpenSSL updateto version 1.0.2b or 1.0.1n or later,
For updates refer to https://www.openssl.org|solution_type=VendorFix|qod_type=remote_banner$Revision: 4781 $Medium4.380remote_banner'DHE_EXPORT' cipher suites accepted by this service via the SSLv3 protocol:
TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA
TLS_DH_anon_EXPORT_WITH_RC4_40_MD5
'DHE_EXPORT' cipher suites accepted by this service via the TLSv1.0 protocol:
TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA
TLS_DH_anon_EXPORT_WITH_RC4_40_MD5Medium4.3phpMyAdmin Multiple Cross Site Scripting Vulnerabilitiesadmin2018-02-19T19:48:39Z2018-02-19T19:48:39Z0productcpe:/a:phpmyadmin:phpmyadmin:3.1.1location/phpMyAdminsource_oid1.3.6.1.4.1.25623.1.0.900129source_namephpMyAdmin Detection192.168.222.13180/tcpphpMyAdmin Multiple Cross Site Scripting VulnerabilitiesWeb application abuses4.3CVE-2010-305642584URL:https://www.securityfocus.com/bid/42584, URL:http://www.phpmyadmin.net/, URL:http://www.phpmyadmin.net/home_page/security/PMASA-2010-5.phpcvss_base_vector=AV:N/AC:M/Au:N/C:N/I:P/A:N|qod_type=remote_banner|solution=Updates are available. Please see the references for details.|summary=phpMyAdmin is prone to multiple cross-site scripting vulnerabilities
because it fails to properly sanitize user-supplied input.
An attacker may leverage these issues to execute arbitrary script code
in the browser of an unsuspecting user in the context of the affected
site. This can allow the attacker to steal cookie-based authentication
credentials and launch other attacks.
The following versions are vulnerable:
phpMyAdmin 2.11.x prior to 2.11.10.1 phpMyAdmin 3.x prior to 3.3.5.1$Revision: 6705 $Medium4.380remote_bannerMedium4.3phpMyAdmin Debug Backtrace Cross Site Scripting Vulnerabilityadmin2018-02-19T19:48:40Z2018-02-19T19:48:40Z0productcpe:/a:phpmyadmin:phpmyadmin:3.1.1location/phpMyAdminsource_oid1.3.6.1.4.1.25623.1.0.900129source_namephpMyAdmin Detection192.168.222.13180/tcpphpMyAdmin Debug Backtrace Cross Site Scripting VulnerabilityWeb application abuses4.3CVE-2010-295842874URL:https://www.securityfocus.com/bid/42874, URL:http://www.phpmyadmin.net/, URL:http://www.phpmyadmin.net/home_page/security/PMASA-2010-6.php, URL:http://www.phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=133a77fac7d31a38703db2099a90c1b49de62e37cvss_base_vector=AV:N/AC:M/Au:N/C:N/I:P/A:N|qod_type=remote_banner|solution=Vendor updates are available. Please see the references for more
information.|summary=phpMyAdmin is prone to a cross-site scripting vulnerability because it
fails to sufficiently sanitize user-supplied data.
An attacker may leverage this issue to execute arbitrary script code
in the browser of an unsuspecting user in the context of the affected
site. This may allow the attacker to steal cookie-based authentication
credentials and to launch other attacks.
Versions prior to phpMyAdmin 3.3.6 are vulnerable
other versions may
also be affected.$Revision: 6705 $Medium4.380remote_bannerMedium4.3phpMyAdmin Database Search Cross Site Scripting Vulnerabilityadmin2018-02-19T19:48:36Z2018-02-19T19:48:36Z0productcpe:/a:phpmyadmin:phpmyadmin:3.1.1location/phpMyAdminsource_oid1.3.6.1.4.1.25623.1.0.900129source_namephpMyAdmin Detection192.168.222.13180/tcpphpMyAdmin Database Search Cross Site Scripting VulnerabilityWeb application abuses4.3CVE-2010-432945100URL:https://www.securityfocus.com/bid/45100, URL:http://www.phpmyadmin.net/, URL:http://www.phpmyadmin.net/home_page/security/PMASA-2010-8.phpcvss_base_vector=AV:N/AC:M/Au:N/C:N/I:P/A:N|qod_type=remote_banner|solution=Vendor updates are available. Please see the references for more
information.|summary=phpMyAdmin is prone to a cross-site scripting vulnerability because it
fails to sufficiently sanitize user-supplied data.
An attacker may leverage this issue to execute arbitrary script code
in the browser of an unsuspecting user in the context of the affected
site. This may allow the attacker to steal cookie-based authentication
credentials and to launch other attacks.
Versions prior to phpMyAdmin 3.3.8.1 and 2.11.11.1 are vulnerable.$Revision: 6705 $Medium4.380remote_bannerMedium4.3phpMyAdmin SQL bookmark XSS Vulnerabilityadmin2018-02-19T19:47:44Z2018-02-19T19:47:44Z0productcpe:/a:phpmyadmin:phpmyadmin:3.1.1location/phpMyAdminsource_oid1.3.6.1.4.1.25623.1.0.900129source_namephpMyAdmin Detection192.168.222.13180/tcpphpMyAdmin SQL bookmark XSS VulnerabilityWeb application abuses4.3CVE-2009-228435543URL:http://secunia.com/advisories/35649, URL:http://www.phpmyadmin.net/home_page/security/PMASA-2009-5.phpcvss_base_vector=AV:N/AC:M/Au:N/C:N/I:P/A:N|qod_type=remote_banner|impact=Successful exploitation will let the attacker cause XSS attacks and
inject malicious web script or HTML code via a crafted SQL bookmarks.|affected=phpMyAdmin version 3.0.x to 3.2.0.rc1|insight=This flaw arises because the input passed into SQL bookmarks is not
adequately sanitised before using it in dynamically generated content.|summary=This host is running phpMyAdmin and is prone to Cross Site
Scripting vulnerability.|solution=Apply the respective patches or upgrade to version 3.2.0.1
http://www.phpmyadmin.net/home_page/downloads.php
http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=12608
*****
Note: Ignore the warning if above mentioned patches are applied.
*****$Revision: 4869 $Medium4.380remote_bannerMedium4.3phpMyAdmin Setup Script Request Cross Site Scripting Vulnerabilityadmin2018-02-19T19:48:33Z2018-02-19T19:48:33Z0productcpe:/a:phpmyadmin:phpmyadmin:3.1.1location/phpMyAdminsource_oid1.3.6.1.4.1.25623.1.0.900129source_namephpMyAdmin Detection192.168.222.13180/tcpphpMyAdmin Setup Script Request Cross Site Scripting VulnerabilityWeb application abuses4.3CVE-2010-3263NOBIDURL:http://secunia.com/advisories/41210, URL:http://xforce.iss.net/xforce/xfdb/61675, URL:http://www.phpmyadmin.net/home_page/security/PMASA-2010-7.phpcvss_base_vector=AV:N/AC:M/Au:N/C:N/I:P/A:N|qod_type=remote_banner|impact=Successful exploitation will allow attackers to execute arbitrary web
script or HTML in a user's browser session in the context of an affected
site.
Impact Level: Application|affected=phpMyAdmin versions 3.x before 3.3.7|insight=The flaw is caused by an unspecified input validation error when processing
spoofed requests sent to setup script, which could be exploited by attackers
to cause arbitrary scripting code to be executed on the user's browser session
in the security context of an affected site.|solution=Upgrade to phpMyAdmin version 3.3.7 or later,
For updates refer to http://www.phpmyadmin.net/home_page/downloads.php|summary=The host is running phpMyAdmin and is prone to Cross-Site Scripting
Vulnerability.$Revision: 5373 $Medium4.380remote_bannerMedium4.3phpMyAdmin 'error.php' Cross Site Scripting Vulnerabilityadmin2018-02-19T19:49:15Z2018-02-19T19:49:15Z0productcpe:/a:phpmyadmin:phpmyadmin:3.1.1location/phpMyAdminsource_oid1.3.6.1.4.1.25623.1.0.900129source_namephpMyAdmin Detection192.168.222.13180/tcpphpMyAdmin 'error.php' Cross Site Scripting VulnerabilityWeb application abuses4.3CVE-2010-4480NOBIDURL:http://www.exploit-db.com/exploits/15699/, URL:http://www.vupen.com/english/advisories/2010/3133cvss_base_vector=AV:N/AC:M/Au:N/C:N/I:P/A:N|qod_type=remote_vul|impact=Successful exploitation will allow attackers to inject arbitrary
HTML code within the error page and conduct phishing attacks.
Impact Level: Application|affected=phpMyAdmin version 3.3.8.1 and prior.|insight=The flaw is caused by input validation errors in the 'error.php'
script when processing crafted BBcode tags containing '@' characters, which
could allow attackers to inject arbitrary HTML code within the error page
and conduct phishing attacks.|solution=No solution or patch was made available for at least one year
since disclosure of this vulnerability. Likely none will be provided anymore.
General solution options are to upgrade to a newer release, disable respective
features, remove the product or replace the product by another one.|summary=The host is running phpMyAdmin and is prone to Cross-Site
Scripting Vulnerability.|solution_type=WillNotFix$Revision: 5323 $Medium4.399remote_vulMedium4.3Apache HTTP Server 'httpOnly' Cookie Information Disclosure Vulnerabilityadmin2018-02-19T19:49:27Z2018-02-19T19:49:27Z0192.168.222.13180/tcpApache HTTP Server 'httpOnly' Cookie Information Disclosure VulnerabilityWeb Servers4.3CVE-2012-005351706URL:http://secunia.com/advisories/47779, URL:http://www.exploit-db.com/exploits/18442, URL:http://rhn.redhat.com/errata/RHSA-2012-0128.html, URL:http://httpd.apache.org/security/vulnerabilities_22.html, URL:http://svn.apache.org/viewvc?view=revision&revision=1235454, URL:http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00026.htmlcvss_base_vector=AV:N/AC:M/Au:N/C:P/I:N/A:N|impact=Successful exploitation will allow attackers to obtain sensitive information
that may aid in further attacks.
Impact Level: Application|affected=Apache HTTP Server versions 2.2.0 through 2.2.21|insight=The flaw is due to an error within the default error response for
status code 400 when no custom ErrorDocument is configured, which can be
exploited to expose 'httpOnly' cookies.|solution=Upgrade to Apache HTTP Server version 2.2.22 or later,
For updates refer to http://httpd.apache.org/|summary=This host is running Apache HTTP Server and is prone to cookie
information disclosure vulnerability.|solution_type=VendorFix|qod_type=remote_vul$Revision: 6720 $Medium4.399remote_vulMedium4.3SSL/TLS: Report Weak Cipher Suitesadmin2018-02-19T19:43:48Z2018-02-19T19:43:48Z0192.168.222.1315432/tcpSSL/TLS: Report Weak Cipher SuitesSSL and TLS4.3CVE-2013-2566, CVE-2015-2808, CVE-2015-4000NOBIDURL:https://www.bsi.bund.de/SharedDocs/Warnmeldungen/DE/CB/warnmeldung_cb-k16-1465_update_6.html, URL:https://bettercrypto.org/, URL:https://mozilla.github.io/server-side-tls/ssl-config-generator/cvss_base_vector=AV:N/AC:M/Au:N/C:P/I:N/A:N|summary=This routine reports all Weak SSL/TLS cipher suites accepted by a service.
NOTE: No severity for SMTP services with 'Opportunistic TLS' and weak cipher suites on port 25/tcp is reported.
If too strong cipher suites are configured for this service the alternative would be to fall back to an even more insecure
cleartext communication.|solution=The configuration of this services should be changed so
that it does not accept the listed weak cipher suites anymore.
Please see the references for more resources supporting you with this task.|insight=These rules are applied for the evaluation of the cryptographic strength:
- RC4 is considered to be weak (CVE-2013-2566, CVE-2015-2808).
- Ciphers using 64 bit or less are considered to be vulnerable to brute force methods
and therefore considered as weak (CVE-2015-4000).
- 1024 bit RSA authentication is considered to be insecure and therefore as weak.
- Any cipher considered to be secure for only the next 10 years is considered as medium
- Any other cipher is considered as strong|solution_type=Mitigation|qod_type=remote_app$Revision: 5525 $Medium4.398remote_app'Weak' cipher suites accepted by this service via the SSLv3 protocol:
TLS_RSA_WITH_RC4_128_SHA
'Weak' cipher suites accepted by this service via the TLSv1.0 protocol:
TLS_RSA_WITH_RC4_128_SHAMedium4.3SSL/TLS: Deprecated SSLv2 and SSLv3 Protocol Detectionadmin2018-02-19T19:41:44Z2018-02-19T19:41:44Z0192.168.222.1315432/tcpSSL/TLS: Deprecated SSLv2 and SSLv3 Protocol DetectionSSL and TLS4.3CVE-2016-0800, CVE-2014-3566NOBIDURL:https://www.enisa.europa.eu/activities/identity-and-trust/library/deliverables/algorithms-key-sizes-and-parameters-report, URL:https://bettercrypto.org/, URL:https://mozilla.github.io/server-side-tls/ssl-config-generator/, URL:https://drownattack.com/, URL:https://www.imperialviolet.org/2014/10/14/poodle.htmlcvss_base_vector=AV:N/AC:M/Au:N/C:P/I:N/A:N|summary=It was possible to detect the usage of the
deprecated SSLv2 and/or SSLv3 protocol on this system.|vuldetect=Check the used protocols of the services
provided by this system.|insight=The SSLv2 and SSLv3 protocols containing
known cryptographic flaws like:
- Padding Oracle On Downgraded Legacy Encryption (POODLE, CVE-2014-3566)
- Decrypting RSA with Obsolete and Weakened eNcryption (DROWN, CVE-2016-0800)|impact=An attacker might be able to use the known
cryptographic flaws to eavesdrop the connection between clients and the service
to get access to sensitive data transferred within the secured connection.|affected=All services providing an encrypted communication
using the SSLv2 and/or SSLv3 protocols.|solution=It is recommended to disable the deprecated
SSLv2 and/or SSLv3 protocols in favor of the TLSv1+ protocols. Please see the
references for more information.|qod_type=remote_app|solution_type=Mitigation$Revision: 5547 $Medium4.398remote_appIn addition to TLSv1.0+ the service is also providing the deprecated SSLv3 protocol and supports one or more ciphers. Those supported ciphers can be found in the 'SSL/TLS: Report Weak and Supported Ciphers' (OID: 1.3.6.1.4.1.25623.1.0.802067) NVT.Medium4.3SSL/TLS: SSLv3 Protocol CBC Cipher Suites Information Disclosure Vulnerability (POODLE)admin2018-02-19T19:43:49Z2018-02-19T19:43:49Z0192.168.222.1315432/tcpSSL/TLS: SSLv3 Protocol CBC Cipher Suites Information Disclosure Vulnerability (POODLE)SSL and TLS4.3CVE-2014-356670574URL:https://www.openssl.org/~bodo/ssl-poodle.pdf, URL:https://www.imperialviolet.org/2014/10/14/poodle.html, URL:https://www.dfranke.us/posts/2014-10-14-how-poodle-happened.html, URL:http://googleonlinesecurity.blogspot.in/2014/10/this-poodle-bites-exploiting-ssl-30.htmlcvss_base_vector=AV:N/AC:M/Au:N/C:P/I:N/A:N|summary=This host is prone to an information disclosure vulnerability.|vuldetect=Evaluate previous collected information about this service.|insight=The flaw is due to the block cipher padding not being deterministic and not covered by the Message Authentication Code|impact=Successful exploitation will allow a man-in-the-middle attackers gain access to the plain text data stream.
Impact Level: Application|solution=Possible Mitigations are:
- Disable SSLv3
- Disable cipher suites supporting CBC cipher modes
- Enable TLS_FALLBACK_SCSV if the service is providing TLSv1.0+|qod_type=remote_banner|solution_type=Mitigation$Revision: 4749 $Medium4.380remote_bannerMedium4.3SSL/TLS: Certificate Signed Using A Weak Signature Algorithmadmin2018-02-19T19:41:51Z2018-02-19T19:41:51Z0192.168.222.13125/tcpSSL/TLS: Certificate Signed Using A Weak Signature AlgorithmSSL and TLS4.0NOCVENOBIDURL:https://blog.mozilla.org/security/2014/09/23/phasing-out-certificates-with-sha-1-based-signature-algorithms/cvss_base_vector=AV:N/AC:H/Au:N/C:P/I:P/A:N|insight=Secure Hash Algorithm 1 (SHA-1) is considered cryptographically weak and not secure enough for ongoing use. Beginning as late as January 2017
and as early as June 2016, browser developers such as Microsoft and Google will begin warning users when users visit web sites that use SHA-1 signed Secure Socket Layer (SSL)
certificates.|solution=Servers that use SSL/TLS certificates signed using an SHA-1 signature will need to obtain new SHA-2 signed SSL/TLS certificates to avoid these
web browser SSL/TLS certificate warnings.|vuldetect=Check which algorithm was used to sign the remote SSL/TLS Certificate.|summary=The remote service is using a SSL/TLS certificate chain that has been signed using a cryptographically weak hashing algorithm.|solution_type=Mitigation|qod_type=remote_banner$Revision: 4781 $Medium4.080remote_bannerThe following certificates are part of the certificate chain but using insecure signature algorithms:
Subject: 1.2.840.113549.1.9.1=#726F6F74407562756E74753830342D626173652E6C6F63616C646F6D61696E,CN=ubuntu804-base.localdomain,OU=Office for Complication of Otherwise Simple Affairs,O=OCOSA,L=Everywhere,ST=There is no such thing outside US,C=XX
Signature Algorithm: sha1WithRSAEncryptionMedium4.0SSL/TLS: Diffie-Hellman Key Exchange Insufficient DH Group Strength Vulnerabilityadmin2018-02-19T19:43:55Z2018-02-19T19:43:55Z0192.168.222.13125/tcpSSL/TLS: Diffie-Hellman Key Exchange Insufficient DH Group Strength VulnerabilitySSL and TLS4.0NOCVENOBIDURL:https://weakdh.org/, URL:https://weakdh.org/sysadmin.htmlcvss_base_vector=AV:N/AC:H/Au:N/C:P/I:P/A:N|summary=The SSL/TLS service uses Diffie-Hellman groups with insufficient strength
(key size < 2048).|insight=The Diffie-Hellman group are some big numbers that are used as base for
the DH computations. They can be, and often are, fixed. The security of the final secret depends on the size
of these parameters. It was found that 512 and 768 bits to be weak, 1024 bits to be breakable by really
powerful attackers like governments.|impact=An attacker might be able to decrypt the SSL/TLS communication offline.|solution=Deploy (Ephemeral) Elliptic-Curve Diffie-Hellman (ECDHE) or use
a 2048-bit or stronger Diffie-Hellman group. (see https://weakdh.org/sysadmin.html).
For Apache Web Servers:
Beginning with version 2.4.7, mod_ssl will use DH parameters which include primes with lengths of more than 1024 bits.|vuldetect=Checks the DHE temporary public key size.|qod_type=remote_banner|solution_type=Workaround$Revision: 7578 $Medium4.080remote_bannerServer Temporary Key Size: 1024 bitsMedium4.0SSL/TLS: Certificate Signed Using A Weak Signature Algorithmadmin2018-02-19T19:41:51Z2018-02-19T19:41:51Z0192.168.222.1315432/tcpSSL/TLS: Certificate Signed Using A Weak Signature AlgorithmSSL and TLS4.0NOCVENOBIDURL:https://blog.mozilla.org/security/2014/09/23/phasing-out-certificates-with-sha-1-based-signature-algorithms/cvss_base_vector=AV:N/AC:H/Au:N/C:P/I:P/A:N|insight=Secure Hash Algorithm 1 (SHA-1) is considered cryptographically weak and not secure enough for ongoing use. Beginning as late as January 2017
and as early as June 2016, browser developers such as Microsoft and Google will begin warning users when users visit web sites that use SHA-1 signed Secure Socket Layer (SSL)
certificates.|solution=Servers that use SSL/TLS certificates signed using an SHA-1 signature will need to obtain new SHA-2 signed SSL/TLS certificates to avoid these
web browser SSL/TLS certificate warnings.|vuldetect=Check which algorithm was used to sign the remote SSL/TLS Certificate.|summary=The remote service is using a SSL/TLS certificate chain that has been signed using a cryptographically weak hashing algorithm.|solution_type=Mitigation|qod_type=remote_banner$Revision: 4781 $Medium4.080remote_bannerThe following certificates are part of the certificate chain but using insecure signature algorithms:
Subject: 1.2.840.113549.1.9.1=#726F6F74407562756E74753830342D626173652E6C6F63616C646F6D61696E,CN=ubuntu804-base.localdomain,OU=Office for Complication of Otherwise Simple Affairs,O=OCOSA,L=Everywhere,ST=There is no such thing outside US,C=XX
Signature Algorithm: sha1WithRSAEncryptionMedium4.0SSL/TLS: Diffie-Hellman Key Exchange Insufficient DH Group Strength Vulnerabilityadmin2018-02-19T19:43:52Z2018-02-19T19:43:52Z0192.168.222.1315432/tcpSSL/TLS: Diffie-Hellman Key Exchange Insufficient DH Group Strength VulnerabilitySSL and TLS4.0NOCVENOBIDURL:https://weakdh.org/, URL:https://weakdh.org/sysadmin.htmlcvss_base_vector=AV:N/AC:H/Au:N/C:P/I:P/A:N|summary=The SSL/TLS service uses Diffie-Hellman groups with insufficient strength
(key size < 2048).|insight=The Diffie-Hellman group are some big numbers that are used as base for
the DH computations. They can be, and often are, fixed. The security of the final secret depends on the size
of these parameters. It was found that 512 and 768 bits to be weak, 1024 bits to be breakable by really
powerful attackers like governments.|impact=An attacker might be able to decrypt the SSL/TLS communication offline.|solution=Deploy (Ephemeral) Elliptic-Curve Diffie-Hellman (ECDHE) or use
a 2048-bit or stronger Diffie-Hellman group. (see https://weakdh.org/sysadmin.html).
For Apache Web Servers:
Beginning with version 2.4.7, mod_ssl will use DH parameters which include primes with lengths of more than 1024 bits.|vuldetect=Checks the DHE temporary public key size.|qod_type=remote_banner|solution_type=Workaround$Revision: 7578 $Medium4.080remote_bannerServer Temporary Key Size: 1024 bitsMedium4.0TCP timestampsadmin2018-02-19T19:37:27Z2018-02-19T19:37:27Z0192.168.222.131general/tcpTCP timestampsGeneral2.6NOCVENOBIDURL:http://www.ietf.org/rfc/rfc1323.txtcvss_base_vector=AV:N/AC:H/Au:N/C:P/I:N/A:N|summary=The remote host implements TCP timestamps and therefore allows to compute
the uptime.|vuldetect=Special IP packets are forged and sent with a little delay in between to the
target IP. The responses are searched for a timestamps. If found, the timestamps are reported.|solution=To disable TCP timestamps on linux add the line 'net.ipv4.tcp_timestamps = 0' to
/etc/sysctl.conf. Execute 'sysctl -p' to apply the settings at runtime.
To disable TCP timestamps on Windows execute 'netsh int tcp set global timestamps=disabled'
Starting with Windows Server 2008 and Vista, the timestamp can not be completely disabled.
The default behavior of the TCP/IP stack on this Systems is to not use the
Timestamp options when initiating TCP connections, but use them if the TCP peer
that is initiating communication includes them in their synchronize (SYN) segment.
See also: http://www.microsoft.com/en-us/download/details.aspx?id=9152|affected=TCP/IPv4 implementations that implement RFC1323.|insight=The remote host implements TCP timestamps, as defined by RFC1323.|impact=A side effect of this feature is that the uptime of the remote
host can sometimes be computed.|solution_type=Mitigation|qod_type=remote_banner$Revision: 7277 $Low2.680remote_bannerIt was detected that the host implements RFC1323.
The following timestamps were retrieved with a delay of 1 seconds in-between:
Packet 1: 14616
Packet 2: 14723Low2.6SSH Weak MAC Algorithms Supportedadmin2018-02-19T19:39:41Z2018-02-19T19:39:41Z0192.168.222.13122/tcpSSH Weak MAC Algorithms SupportedGeneral2.6NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:H/Au:N/C:P/I:N/A:N|summary=The remote SSH server is configured to allow weak MD5 and/or 96-bit MAC algorithms.|solution=Disable the weak MAC algorithms.|solution_type=Mitigation|qod_type=remote_active$Revision: 4490 $Low2.695remote_activeThe following weak client-to-server MAC algorithms are supported by the remote service:
hmac-md5
hmac-md5-96
hmac-sha1-96
The following weak server-to-client MAC algorithms are supported by the remote service:
hmac-md5
hmac-md5-96
hmac-sha1-96Low2.6ICMP Timestamp Detectionadmin2018-02-19T19:37:26Z2018-02-19T19:37:26Z0192.168.222.131general/icmpICMP Timestamp DetectionService detection0.0CVE-1999-0524NOBIDURL:http://www.ietf.org/rfc/rfc0792.txtcvss_base_vector=AV:L/AC:L/Au:N/C:N/I:N/A:N|summary=The remote host responded to an ICMP timestamp request.
The Timestamp Reply is an ICMP message which replies to a Timestamp message. It consists
of the originating timestamp sent by the sender of the Timestamp as well as a receive
timestamp and a transmit timestamp. This information could theoretically be used to
exploit weak time-based random number generators in other services.|qod_type=remote_banner$Revision: 7559 $Log0.080remote_bannerLog0.0OS Detection Consolidation and Reportingadmin2018-02-19T19:47:35Z2018-02-19T19:47:35Z0192.168.222.131general/tcpOS Detection Consolidation and ReportingProduct detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This script consolidates the OS information detected by several NVTs and tries to find the best matching OS.
Furthermore it reports all previously collected information leading to this best matching OS. It also reports possible additional informations
which might help to improve the OS detection.
If any of this information is wrong or could be improved please consider to report these to openvas-plugins@wald.intevation.org.|qod_type=remote_banner$Revision: 7600 $Log0.080remote_bannerBest matching OS:
OS: Ubuntu 8.04
Version: 8.04
CPE: cpe:/o:canonical:ubuntu_linux:8.04
Found by NVT: 1.3.6.1.4.1.25623.1.0.105586 (SSH OS Identification)
Concluded from SSH banner on port 22/tcp: SSH-2.0-OpenSSH_4.7p1 Debian-8ubuntu1
Setting key "Host/runs_unixoide" based on this information
Other OS detections (in order of reliability):
OS: Linux/Unix
CPE: cpe:/o:linux:kernel
Found by NVT: 1.3.6.1.4.1.25623.1.0.105355 (FTP OS Identification)
Concluded from FTP banner on port 21/tcp: 220 (vsFTPd 2.3.4)
OS: Debian GNU/Linux
CPE: cpe:/o:debian:debian_linux
Found by NVT: 1.3.6.1.4.1.25623.1.0.105355 (FTP OS Identification)
Concluded from FTP banner on port 2121/tcp: 220 ProFTPD 1.3.1 Server (Debian) [::ffff:192.168.222.131]
OS: Debian GNU/Linux
CPE: cpe:/o:debian:debian_linux
Found by NVT: 1.3.6.1.4.1.25623.1.0.102011 (SMB NativeLanMan)
Concluded from SMB/Samba banner on port 445/tcp: OS String: Debian GNU/Linux; SMB String: Samba 3.0.20-Debian
OS: Ubuntu
CPE: cpe:/o:canonical:ubuntu_linux
Found by NVT: 1.3.6.1.4.1.25623.1.0.111067 (HTTP OS Identification)
Concluded from HTTP Server banner on port 80/tcp: Server: Apache/2.2.8 (Ubuntu) DAV/2
OS: Ubuntu
CPE: cpe:/o:canonical:ubuntu_linux
Found by NVT: 1.3.6.1.4.1.25623.1.0.111068 (SMTP/POP3/IMAP Server OS Identification)
Concluded from SMTP banner on port 25/tcp: 220 metasploitable.localdomain ESMTP Postfix (Ubuntu)
OS: Ubuntu
CPE: cpe:/o:canonical:ubuntu_linux
Found by NVT: 1.3.6.1.4.1.25623.1.0.108192 (MySQL/MariaDB Server OS Identification)
Concluded from MySQL/MariaDB server banner on port 3306/tcp: 5.0.51a-3ubuntu5
OS: Linux 2.6.9 - 2.6.33
CPE: cpe:/o:linux:linux_kernel:2.6
Found by NVT: 1.3.6.1.4.1.25623.1.0.108021 (Nmap OS Identification (NASL wrapper))
Concluded from Nmap TCP/IP fingerprinting:
OS details: Linux 2.6.9 - 2.6.33
OS CPE: cpe:/o:linux:linux_kernel:2.6
OS: Linux Kernel
CPE: cpe:/o:linux:kernel
Found by NVT: 1.3.6.1.4.1.25623.1.0.102002 (ICMP based OS Fingerprinting)
Concluded from ICMP based OS fingerprint
Unknown banners have been collected which might help to identify the OS running on this host. If these banners containing information about the host OS please report the following information to openvas-plugins@wald.intevation.org:
Banner: _ _ _ _ _ _ ____
_ __ ___ ___| |_ __ _ ___ _ __ | | ___ (_) |_ __ _| |__ | | ___|___ \
| '_ ` _ \ / _ \ __/ _` / __| '_ \| |/ _ \| | __/ _` | '_ \| |/ _ \ __) |
| | | | | | __/ || (_| \__ \ |_) | | (_) | | || (_| | |_) | | __// __/
|_| |_| |_|\___|\__\__,_|___/ .__/|_|\___/|_|\__\__,_|_.__/|_|\___|_____|
|_|
Warning: Never expose this VM to an untrusted network!
Contact: msfdev[at]metasploit.com
Login with msfadmin/msfadmin to get started
metasploitable login:
Identified from: Telnet banner on port 23/tcpLog0.0SSL/TLS: Hostname discovery from server certificateadmin2018-02-19T19:43:53Z2018-02-19T19:43:53Z0192.168.222.131general/tcpSSL/TLS: Hostname discovery from server certificateSSL and TLS0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=It was possible to discover an additional hostname
of this server from its certificate Common or Subject Alt Name.|qod_type=remote_app$Revision: 7393 $Log0.098remote_appThe following additional but not resolvable hostnames were detected:
ubuntu804-base.localdomainLog0.0Tracerouteadmin2018-02-19T19:37:25Z2018-02-19T19:37:25Z0192.168.222.131general/tcpTracerouteGeneral0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|solution=Block unwanted packets from escaping your network.|summary=A traceroute from the scanning server to the target system was
conducted. This traceroute is provided primarily for informational
value only. In the vast majority of cases, it does not represent a
vulnerability. However, if the displayed traceroute contains any
private addresses that should not have been publicly visible, then you
have an issue you need to correct.|qod_type=remote_banner$Revision: 7278 $Log0.080remote_bannerHere is the route from 192.168.222.133 to 192.168.222.131:
192.168.222.133
192.168.222.131Log0.0CPE Inventoryadmin2018-02-19T19:50:19Z2018-02-19T19:50:19Z0192.168.222.131general/CPE-TCPE InventoryService detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This routine uses information collected by other routines about
CPE identities (http://cpe.mitre.org/) of operating systems, services and
applications detected during the scan.|qod_type=remote_banner$Revision: 5458 $Log0.080remote_banner192.168.222.131|cpe:/a:apache:http_server:2.2.8
192.168.222.131|cpe:/a:beasts:vsftpd:2.3.4
192.168.222.131|cpe:/a:isc:bind:9.4.2
192.168.222.131|cpe:/a:mysql:mysql:5.0.51a
192.168.222.131|cpe:/a:openbsd:openssh:4.7p1
192.168.222.131|cpe:/a:php:php:5.2.4
192.168.222.131|cpe:/a:phpmyadmin:phpmyadmin:3.1.1
192.168.222.131|cpe:/a:postfix:postfix
192.168.222.131|cpe:/a:postgresql:postgresql:8.3.1
192.168.222.131|cpe:/a:proftpd:proftpd:1.3.1
192.168.222.131|cpe:/a:samba:samba:3.0.20
192.168.222.131|cpe:/a:tiki:tikiwiki_cms/groupware:1.9.5
192.168.222.131|cpe:/a:twiki:twiki:01.Feb.2003
192.168.222.131|cpe:/a:x.org:x11:11.0
192.168.222.131|cpe:/o:canonical:ubuntu_linux:8.04Log0.0SMB Test with 'smbclient'admin2018-02-19T19:41:26Z2018-02-19T19:41:26Z0192.168.222.131general/SMBClientSMB Test with 'smbclient'Windows0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This script tests the remote host SMB Functions with the 'smbclient' tool.|qod_type=remote_banner$Revision: 6841 $Log0.080remote_bannerThe tool "smbclient" is not available for OpenVAS.
Therefore none of the tests using smbclient are executed.Log0.0FTP Banner Detectionadmin2018-02-19T19:38:55Z2018-02-19T19:38:55Z0192.168.222.13121/tcpFTP Banner DetectionProduct detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This Plugin detects the FTP Server Banner and the Banner
of the 'HELP' command.|qod_type=remote_banner$Revision: 4780 $Log0.080remote_bannerRemote FTP server banner :
220 (vsFTPd 2.3.4) Log0.0Servicesadmin2018-02-19T19:38:28Z2018-02-19T19:38:28Z0192.168.222.13121/tcpServicesService detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This routine attempts to guess which service is running on the
remote ports. For instance, it searches for a web server which could listen on another port than
80 or 443 and makes this information available for other check routines.|qod_type=remote_banner$Revision: 6821 $Log0.080remote_bannerAn FTP server is running on this port.
Here is its banner :
220 (vsFTPd 2.3.4) Log0.0vsFTPd FTP Server Detectionadmin2018-02-19T19:39:48Z2018-02-19T19:39:48Z0192.168.222.13121/tcpvsFTPd FTP Server DetectionProduct detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=The script is grabbing the
banner of a FTP server and attempts to identify a vsFTPd FTP Server
and its version from the reply.|qod_type=remote_banner$Revision: 4777 $Log0.080remote_bannerDetected vsFTPd
Version: 2.3.4
Location: 21/tcp
CPE: cpe:/a:beasts:vsftpd:2.3.4
Concluded from version/product identification result:
220 (vsFTPd 2.3.4) Log0.0SSH Protocol Versions Supportedadmin2018-02-19T19:39:41Z2018-02-19T19:39:41Z0192.168.222.13122/tcpSSH Protocol Versions SupportedService detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=Identification of SSH protocol versions supported by the remote
SSH Server. Also reads the corresponding fingerprints from the service.
The following versions are tried: 1.33, 1.5, 1.99 and 2.0|qod_type=remote_active$Revision: 4484 $Log0.095remote_activeThe remote SSH Server supports the following SSH Protocol Versions:
1.99
2.0Log0.0SSH Server type and versionadmin2018-02-19T19:39:40Z2018-02-19T19:39:40Z0192.168.222.13122/tcpSSH Server type and versionProduct detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This detects the SSH Server's type and version by connecting to the server
and processing the buffer received.
This information gives potential attackers additional information about the system they are attacking.
Versions and Types should be omitted where possible.|qod_type=remote_banner$Revision: 4947 $Log0.080remote_bannerDetected SSH server version: SSH-2.0-OpenSSH_4.7p1 Debian-8ubuntu1
Remote SSH supported authentication: password,publickey
Remote SSH banner:
(not available)
CPE: cpe:/a:openbsd:openssh:4.7p1
Concluded from remote connection attempt with credentials:
Login: VulnScan
Password: VulnScanLog0.0Servicesadmin2018-02-19T19:38:11Z2018-02-19T19:38:11Z0192.168.222.13122/tcpServicesService detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This routine attempts to guess which service is running on the
remote ports. For instance, it searches for a web server which could listen on another port than
80 or 443 and makes this information available for other check routines.|qod_type=remote_banner$Revision: 6821 $Log0.080remote_bannerAn ssh server is running on this portLog0.0SSH Protocol Algorithms Supportedadmin2018-02-19T19:39:41Z2018-02-19T19:39:41Z0192.168.222.13122/tcpSSH Protocol Algorithms SupportedService detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|qod_type=remote_active|summary=This script detects which algorithms and languages are supported by the remote SSH Service$Revision: 7000 $Log0.095remote_activeThe following options are supported by the remote ssh service:
kex_algorithms:
diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
server_host_key_algorithms:
ssh-rsa,ssh-dss
encryption_algorithms_client_to_server:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
encryption_algorithms_server_to_client:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
mac_algorithms_client_to_server:
hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
mac_algorithms_server_to_client:
hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
compression_algorithms_client_to_server:
none,zlib@openssh.com
compression_algorithms_server_to_client:
none,zlib@openssh.comLog0.0Servicesadmin2018-02-19T19:37:53Z2018-02-19T19:37:53Z0192.168.222.13123/tcpServicesService detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This routine attempts to guess which service is running on the
remote ports. For instance, it searches for a web server which could listen on another port than
80 or 443 and makes this information available for other check routines.|qod_type=remote_banner$Revision: 6821 $Log0.080remote_bannerA telnet server seems to be running on this portLog0.0SSL/TLS: Report Weak Cipher Suitesadmin2018-02-19T19:43:49Z2018-02-19T19:43:49Z0192.168.222.13125/tcpSSL/TLS: Report Weak Cipher SuitesSSL and TLS4.3CVE-2013-2566, CVE-2015-2808, CVE-2015-4000NOBIDURL:https://www.bsi.bund.de/SharedDocs/Warnmeldungen/DE/CB/warnmeldung_cb-k16-1465_update_6.html, URL:https://bettercrypto.org/, URL:https://mozilla.github.io/server-side-tls/ssl-config-generator/cvss_base_vector=AV:N/AC:M/Au:N/C:P/I:N/A:N|summary=This routine reports all Weak SSL/TLS cipher suites accepted by a service.
NOTE: No severity for SMTP services with 'Opportunistic TLS' and weak cipher suites on port 25/tcp is reported.
If too strong cipher suites are configured for this service the alternative would be to fall back to an even more insecure
cleartext communication.|solution=The configuration of this services should be changed so
that it does not accept the listed weak cipher suites anymore.
Please see the references for more resources supporting you with this task.|insight=These rules are applied for the evaluation of the cryptographic strength:
- RC4 is considered to be weak (CVE-2013-2566, CVE-2015-2808).
- Ciphers using 64 bit or less are considered to be vulnerable to brute force methods
and therefore considered as weak (CVE-2015-4000).
- 1024 bit RSA authentication is considered to be insecure and therefore as weak.
- Any cipher considered to be secure for only the next 10 years is considered as medium
- Any other cipher is considered as strong|solution_type=Mitigation|qod_type=remote_app$Revision: 5525 $Log0.098remote_appNOTE: No severity for SMTP services with 'Opportunistic TLS' and weak cipher suites on port 25/tcp is reported. If too strong cipher suites are configured for this service the alternative would be to fall back to an even more insecure cleartext communication.
'Weak' cipher suites accepted by this service via the SSLv3 protocol:
TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA
TLS_DH_anon_EXPORT_WITH_RC4_40_MD5
TLS_DH_anon_WITH_RC4_128_MD5
TLS_RSA_EXPORT_WITH_DES40_CBC_SHA
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
TLS_RSA_EXPORT_WITH_RC4_40_MD5
TLS_RSA_WITH_RC4_128_MD5
TLS_RSA_WITH_RC4_128_SHA
'Weak' cipher suites accepted by this service via the TLSv1.0 protocol:
TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA
TLS_DH_anon_EXPORT_WITH_RC4_40_MD5
TLS_DH_anon_WITH_RC4_128_MD5
TLS_RSA_EXPORT_WITH_DES40_CBC_SHA
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
TLS_RSA_EXPORT_WITH_RC4_40_MD5
TLS_RSA_WITH_RC4_128_MD5
TLS_RSA_WITH_RC4_128_SHALog0.0SMTP Server type and versionadmin2018-02-19T19:38:55Z2018-02-19T19:38:55Z0192.168.222.13125/tcpSMTP Server type and versionService detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This detects the SMTP Server's type and version by connecting to
the server and processing the buffer received.|solution=Change the login banner to something generic.|summary=This information gives potential
attackers additional information about the system they are attacking. Versions
and Types should be omitted where possible.|qod_type=remote_banner$Revision: 7133 $Log0.080remote_bannerRemote SMTP server banner :
220 metasploitable.localdomain ESMTP Postfix (Ubuntu) Log0.0SMTP STARTTLS Detectionadmin2018-02-19T19:39:06Z2018-02-19T19:39:06Z0192.168.222.13125/tcpSMTP STARTTLS DetectionService detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=Check if the remote Mailserver supports the STARTTLS command.|qod_type=remote_banner$Revision: 4683 $Log0.080remote_bannerThe remote Mailserver supports the STARTTLS command.Log0.0SSL/TLS: Certificate - Self-Signed Certificate Detectionadmin2018-02-19T19:43:52Z2018-02-19T19:43:52Z0192.168.222.13125/tcpSSL/TLS: Certificate - Self-Signed Certificate DetectionSSL and TLS0.0NOCVENOBIDURL:http://en.wikipedia.org/wiki/Self-signed_certificatecvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=The SSL/TLS certificate on this port is self-signed.|qod_type=remote_app$Revision: 4765 $Log0.098remote_appThe certificate of the remote service is self signed.
Certificate details:
subject ...: 1.2.840.113549.1.9.1=#726F6F74407562756E74753830342D626173652E6C6F63616C646F6D61696E,CN=ubuntu804-base.localdomain,OU=Office for Complication of Otherwise Simple Affairs,O=OCOSA,L=Everywhere,ST=There is no such thing outside US,C=XX
subject alternative names (SAN):
None
issued by .: 1.2.840.113549.1.9.1=#726F6F74407562756E74753830342D626173652E6C6F63616C646F6D61696E,CN=ubuntu804-base.localdomain,OU=Office for Complication of Otherwise Simple Affairs,O=OCOSA,L=Everywhere,ST=There is no such thing outside US,C=XX
serial ....: 00FAF93A4C7FB6B9CC
valid from : 2010-03-17 14:07:45 UTC
valid until: 2010-04-16 14:07:45 UTC
fingerprint (SHA-1): ED093088706603BFD5DC237399B498DA2D4D31C6
fingerprint (SHA-256): E7A7FA0D63E457C7C4A59B38B70849C6A70BDA6F830C7AF1E32DEE436DE813CCLog0.0Servicesadmin2018-02-19T19:37:23Z2018-02-19T19:37:23Z0192.168.222.13125/tcpServicesService detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This routine attempts to guess which service is running on the
remote ports. For instance, it searches for a web server which could listen on another port than
80 or 443 and makes this information available for other check routines.|qod_type=remote_banner$Revision: 6821 $Log0.080remote_bannerAn SMTP server is running on this port
Here is its banner :
220 metasploitable.localdomain ESMTP Postfix (Ubuntu) Log0.0SSL/TLS: Report Non Weak Cipher Suitesadmin2018-02-19T19:43:48Z2018-02-19T19:43:48Z0192.168.222.13125/tcpSSL/TLS: Report Non Weak Cipher SuitesSSL and TLS0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This routine reports all Non Weak SSL/TLS cipher suites accepted by a service.|qod_type=remote_app$Revision: 4736 $Log0.098remote_app'Non Weak' cipher suites accepted by this service via the SSLv3 protocol:
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_DES_CBC_SHA
TLS_DH_anon_WITH_3DES_EDE_CBC_SHA
TLS_DH_anon_WITH_AES_128_CBC_SHA
TLS_DH_anon_WITH_AES_256_CBC_SHA
TLS_DH_anon_WITH_DES_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_DES_CBC_SHA
'Non Weak' cipher suites accepted by this service via the TLSv1.0 protocol:
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_DES_CBC_SHA
TLS_DH_anon_WITH_3DES_EDE_CBC_SHA
TLS_DH_anon_WITH_AES_128_CBC_SHA
TLS_DH_anon_WITH_AES_256_CBC_SHA
TLS_DH_anon_WITH_DES_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_DES_CBC_SHALog0.0SSL/TLS: Collect and Report Certificate Detailsadmin2018-02-19T19:43:52Z2018-02-19T19:43:52Z0192.168.222.13125/tcpSSL/TLS: Collect and Report Certificate DetailsSSL and TLS0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This script collects and reports the details of all SSL/TLS certificates.
This data will be used by other tests to verify server certificates.|qod_type=remote_app$Revision: 6090 $Log0.098remote_appThe following certificate details of the remote service were collected.
Certificate details:
subject ...: 1.2.840.113549.1.9.1=#726F6F74407562756E74753830342D626173652E6C6F63616C646F6D61696E,CN=ubuntu804-base.localdomain,OU=Office for Complication of Otherwise Simple Affairs,O=OCOSA,L=Everywhere,ST=There is no such thing outside US,C=XX
subject alternative names (SAN):
None
issued by .: 1.2.840.113549.1.9.1=#726F6F74407562756E74753830342D626173652E6C6F63616C646F6D61696E,CN=ubuntu804-base.localdomain,OU=Office for Complication of Otherwise Simple Affairs,O=OCOSA,L=Everywhere,ST=There is no such thing outside US,C=XX
serial ....: 00FAF93A4C7FB6B9CC
valid from : 2010-03-17 14:07:45 UTC
valid until: 2010-04-16 14:07:45 UTC
fingerprint (SHA-1): ED093088706603BFD5DC237399B498DA2D4D31C6
fingerprint (SHA-256): E7A7FA0D63E457C7C4A59B38B70849C6A70BDA6F830C7AF1E32DEE436DE813CCLog0.0SSL/TLS: Report Perfect Forward Secrecy (PFS) Cipher Suitesadmin2018-02-19T19:43:49Z2018-02-19T19:43:49Z0192.168.222.13125/tcpSSL/TLS: Report Perfect Forward Secrecy (PFS) Cipher SuitesSSL and TLS0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This routine reports all SSL/TLS cipher suites accepted by a service which are supporting Perfect Forward Secrecy (PFS).|qod_type=remote_app$Revision: 4771 $Log0.098remote_appCipher suites supporting Perfect Forward Secrecy (PFS) are accepted by this service via the SSLv3 protocol:
TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_DES_CBC_SHA
Cipher suites supporting Perfect Forward Secrecy (PFS) are accepted by this service via the TLSv1.0 protocol:
TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_DES_CBC_SHALog0.0Postfix SMTP Server Detectionadmin2018-02-19T19:39:57Z2018-02-19T19:39:57Z0192.168.222.13125/tcpPostfix SMTP Server DetectionProduct detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=The script checks the SMTP server
banner for the presence of Postfix.|qod_type=remote_banner$Revision: 6065 $Log0.080remote_bannerDetected Postfix
Version: unknown
Location: 25/tcp
CPE: cpe:/a:postfix:postfix
Concluded from version/product identification result:
220 metasploitable.localdomain ESMTP Postfix (Ubuntu) Log0.0SSL/TLS: Report Supported Cipher Suitesadmin2018-02-19T19:43:50Z2018-02-19T19:43:50Z0192.168.222.13125/tcpSSL/TLS: Report Supported Cipher SuitesSSL and TLS0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This routine reports all SSL/TLS cipher suites accepted by a service.
As the NVT 'SSL/TLS: Check Supported Cipher Suites' (OID: 1.3.6.1.4.1.25623.1.0.900234) might run into a
timeout the actual reporting of all accepted cipher suites takes place in this NVT instead. The script preference 'Report timeout'
allows you to configure if such an timeout is reported.|qod_type=remote_app$Revision: 5987 $Log0.098remote_app'Strong' cipher suites accepted by this service via the SSLv3 protocol:
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_DH_anon_WITH_AES_256_CBC_SHA
'Medium' cipher suites accepted by this service via the SSLv3 protocol:
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_DES_CBC_SHA
TLS_DH_anon_WITH_3DES_EDE_CBC_SHA
TLS_DH_anon_WITH_AES_128_CBC_SHA
TLS_DH_anon_WITH_DES_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_DES_CBC_SHA
'Weak' cipher suites accepted by this service via the SSLv3 protocol:
TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA
TLS_DH_anon_EXPORT_WITH_RC4_40_MD5
TLS_DH_anon_WITH_RC4_128_MD5
TLS_RSA_EXPORT_WITH_DES40_CBC_SHA
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
TLS_RSA_EXPORT_WITH_RC4_40_MD5
TLS_RSA_WITH_RC4_128_MD5
TLS_RSA_WITH_RC4_128_SHA
No 'Null' cipher suites accepted by this service via the SSLv3 protocol.
'Anonymous' cipher suites accepted by this service via the SSLv3 protocol:
TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA
TLS_DH_anon_EXPORT_WITH_RC4_40_MD5
TLS_DH_anon_WITH_3DES_EDE_CBC_SHA
TLS_DH_anon_WITH_AES_128_CBC_SHA
TLS_DH_anon_WITH_AES_256_CBC_SHA
TLS_DH_anon_WITH_DES_CBC_SHA
TLS_DH_anon_WITH_RC4_128_MD5
'Strong' cipher suites accepted by this service via the TLSv1.0 protocol:
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_DH_anon_WITH_AES_256_CBC_SHA
'Medium' cipher suites accepted by this service via the TLSv1.0 protocol:
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_DES_CBC_SHA
TLS_DH_anon_WITH_3DES_EDE_CBC_SHA
TLS_DH_anon_WITH_AES_128_CBC_SHA
TLS_DH_anon_WITH_DES_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_DES_CBC_SHA
'Weak' cipher suites accepted by this service via the TLSv1.0 protocol:
TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA
TLS_DH_anon_EXPORT_WITH_RC4_40_MD5
TLS_DH_anon_WITH_RC4_128_MD5
TLS_RSA_EXPORT_WITH_DES40_CBC_SHA
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
TLS_RSA_EXPORT_WITH_RC4_40_MD5
TLS_RSA_WITH_RC4_128_MD5
TLS_RSA_WITH_RC4_128_SHA
No 'Null' cipher suites accepted by this service via the TLSv1.0 protocol.
'Anonymous' cipher suites accepted by this service via the TLSv1.0 protocol:
TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA
TLS_DH_anon_EXPORT_WITH_RC4_40_MD5
TLS_DH_anon_WITH_3DES_EDE_CBC_SHA
TLS_DH_anon_WITH_AES_128_CBC_SHA
TLS_DH_anon_WITH_AES_256_CBC_SHA
TLS_DH_anon_WITH_DES_CBC_SHA
TLS_DH_anon_WITH_RC4_128_MD5Log0.0SSL/TLS: Report Medium Cipher Suitesadmin2018-02-19T19:43:49Z2018-02-19T19:43:49Z0192.168.222.13125/tcpSSL/TLS: Report Medium Cipher SuitesSSL and TLS0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This routine reports all Medium SSL/TLS cipher suites accepted by a service.|insight=Any cipher suite considered to be secure for only the next 10 years is considered as medium|qod_type=remote_app$Revision: 4743 $Log0.098remote_app'Medium' cipher suites accepted by this service via the SSLv3 protocol:
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_DES_CBC_SHA
TLS_DH_anon_WITH_3DES_EDE_CBC_SHA
TLS_DH_anon_WITH_AES_128_CBC_SHA
TLS_DH_anon_WITH_DES_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_DES_CBC_SHA
'Medium' cipher suites accepted by this service via the TLSv1.0 protocol:
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_DES_CBC_SHA
TLS_DH_anon_WITH_3DES_EDE_CBC_SHA
TLS_DH_anon_WITH_AES_128_CBC_SHA
TLS_DH_anon_WITH_DES_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_DES_CBC_SHALog0.0Determine which version of BIND name daemon is runningadmin2018-02-19T19:39:42Z2018-02-19T19:39:42Z0192.168.222.13153/tcpDetermine which version of BIND name daemon is runningProduct detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=BIND 'NAMED' is an open-source DNS server from ISC.org. Many proprietary
DNS servers are based on BIND source code.|insight=The BIND based NAMED servers (or DNS servers) allow remote users
to query for version and type information. The query of the CHAOS TXT record 'version.bind', will
typically prompt the server to send the information back to the querying source.|solution=Using the 'version' directive in the 'options' section will block
the 'version.bind' query, but it will not log such attempts.|qod_type=remote_banner$Revision: 6485 $Log0.080remote_bannerDetected Bind
Version: 9.4.2
Location: 53/tcp
CPE: cpe:/a:isc:bind:9.4.2
Concluded from version/product identification result:
9.4.2Log0.0DNS Server Detection (TCP)admin2018-02-19T19:39:42Z2018-02-19T19:39:42Z0192.168.222.13153/tcpDNS Server Detection (TCP)Service detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=A DNS Server is running at this Host.
A Name Server translates domain names into IP addresses. This makes it
possible for a user to access a website by typing in the domain name instead of
the website's actual IP address.|qod_type=remote_banner$Revision: 6786 $Log0.080remote_bannerThe remote DNS server banner is:
9.4.2Log0.0HTTP Server type and versionadmin2018-02-19T19:47:28Z2018-02-19T19:47:28Z0192.168.222.13180/tcpHTTP Server type and versionWeb Servers0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|solution=Configure your server to use an alternate name like
'Wintendo httpD w/Dotmatrix display'
Be sure to remove common logos like apache_pb.gif.
With Apache, you can set the directive 'ServerTokens Prod' to limit
the information emanating from the server in its response headers.|summary=This detects the HTTP Server's type and version.|qod_type=remote_banner$Revision: 6760 $Log0.080remote_bannerThe remote web server type is :
Apache/2.2.8 (Ubuntu) DAV/2
Solution : You can set the directive "ServerTokens Prod" to limit
the information emanating from the server in its response headers.Log0.0Servicesadmin2018-02-19T19:37:27Z2018-02-19T19:37:27Z0192.168.222.13180/tcpServicesService detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This routine attempts to guess which service is running on the
remote ports. For instance, it searches for a web server which could listen on another port than
80 or 443 and makes this information available for other check routines.|qod_type=remote_banner$Revision: 6821 $Log0.080remote_bannerA web server is running on this portLog0.0CGI Scanning Consolidationadmin2018-02-19T19:48:55Z2018-02-19T19:48:55Z0192.168.222.13180/tcpCGI Scanning ConsolidationWeb application abuses0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=The script consolidates various information for CGI scanning.
This information is based on the following scripts / settings:
- HTTP-Version Detection (OID: 1.3.6.1.4.1.25623.1.0.100034)
- No 404 check (OID: 1.3.6.1.4.1.25623.1.0.10386)
- Web mirroring / webmirror.nasl (OID: 1.3.6.1.4.1.25623.1.0.10662)
- Directory Scanner / DDI_Directory_Scanner.nasl (OID: 1.3.6.1.4.1.25623.1.0.11032)
- The configured 'cgi_path' within the 'Scanner Preferences' of the scan config in use
- The configured 'Enable CGI scanning' and 'Enable generic web application scanning' within the 'Global variable settings'
of the scan config in use
If you think any of these are wrong please report openvas-plugins@wald.intevation.org|qod_type=remote_banner$Revision: 7428 $Log0.080remote_bannerGeneric web application scanning is disabled for this host via the "Enable generic web application scanning" option within the "Global variable settings" of the scan config in use.
Requests to this service are done via HTTP/1.1.
This service seems to be able to host PHP scripts.
This service seems to be NOT able to host ASP scripts.
The following directories were used for CGI scanning:
http://192.168.222.131/
http://192.168.222.131/cgi-bin
http://192.168.222.131/dav
http://192.168.222.131/doc
http://192.168.222.131/dvwa
http://192.168.222.131/mutillidae
http://192.168.222.131/mutillidae/documentation
http://192.168.222.131/oops/TWiki
http://192.168.222.131/phpMyAdmin
http://192.168.222.131/rdiff/TWiki
http://192.168.222.131/scripts
http://192.168.222.131/test
http://192.168.222.131/test/testoutput
http://192.168.222.131/tikiwiki
http://192.168.222.131/tikiwiki/lib
http://192.168.222.131/twiki
http://192.168.222.131/twiki/pub
http://192.168.222.131/twiki/pub/TWiki/FileAttachment
http://192.168.222.131/twiki/pub/TWiki/TWikiDocGraphics
http://192.168.222.131/twiki/pub/TWiki/TWikiLogos
http://192.168.222.131/twiki/pub/TWiki/TWikiPreferences
http://192.168.222.131/twiki/pub/TWiki/TWikiTemplates
http://192.168.222.131/twiki/pub/icn
http://192.168.222.131/view/TWiki
While this is not, in and of itself, a bug, you should manually inspect these directories to ensure that they are in compliance with company security standards
The following directories were excluded from CGI scanning because of the "Regex pattern to exclude directories from CGI scanning" setting of the NVT "Global variable settings" (OID: 1.3.6.1.4.1.25623.1.0.12288):
http://192.168.222.131/icons
http://192.168.222.131/mutillidae/images
http://192.168.222.131/mutillidae/javascript
http://192.168.222.131/mutillidae/javascript/ddsmoothmenu
http://192.168.222.131/mutillidae/styles
http://192.168.222.131/mutillidae/styles/ddsmoothmenu
http://192.168.222.131/phpMyAdmin/themes/original/img
http://192.168.222.131/tikiwiki/img/icons
http://192.168.222.131/tikiwiki/styles
http://192.168.222.131/tikiwiki/styles/transitions
Directory index found at:
http://192.168.222.131/dav/
http://192.168.222.131/mutillidae/documentation/
http://192.168.222.131/test/
http://192.168.222.131/test/testoutput/
http://192.168.222.131/twiki/TWikiDocumentation.html
http://192.168.222.131/twiki/bin/view/TWiki/TWikiDocumentation
http://192.168.222.131/twiki/bin/view/TWiki/TWikiInstallationGuide
PHP script discloses physical path at:
http://192.168.222.131/tikiwiki/tiki-install.php (/var/www/tikiwiki/lib/adodb/drivers/adodb-mysql.inc.php)
The "Number of pages to mirror" setting of the NVT "Web mirroring" (OID: 1.3.6.1.4.1.25623.1.0.10662) was reached. Raising this limit allows to mirror this host more thoroughly but might increase the scanning time.
The following CGIs were discovered:
Syntax : cginame (arguments [default value])
http://192.168.222.131/dav/ (C=S;O [A] C=N;O [D] C=M;O [A] C=D;O [A] )
http://192.168.222.131/mutillidae/ (page [add-to-your-blog.php] )
http://192.168.222.131/mutillidae/documentation/ (C=S;O [A] C=N;O [D] C=M;O [A] C=D;O [A] )
http://192.168.222.131/mutillidae/index.php (username [anonymous] do [toggle-hints] page [home.php] )
http://192.168.222.131/oops/TWiki/TWikiHistory (template [oopsrev] param1 [1.10] )
http://192.168.222.131/phpMyAdmin/index.php (phpMyAdmin [664ba0efa019261db66bc8d8d8249ac314e2f76b] token [70255508dd06a043586b1b6413abe3b1] pma_username [] table [] lang [] server [1] db [] convcharset [utf-8] pma_password [] )
http://192.168.222.131/phpMyAdmin/phpmyadmin.css.php (token [70255508dd06a043586b1b6413abe3b1] js_frame [right] lang [en-utf-8] nocache [2457687151] convcharset [utf-8] )
http://192.168.222.131/rdiff/TWiki/TWikiHistory (rev1 [1.10] rev2 [1.9] )
http://192.168.222.131/test/ (C=S;O [A] C=N;O [D] C=M;O [A] C=D;O [A] )
http://192.168.222.131/test/testoutput/ (C=S;O [A] C=N;O [D] C=M;O [A] C=D;O [A] )
http://192.168.222.131/tikiwiki/tiki-install.php (host [localhost] dbinfo [] pass [] name [] db [] restart [1] resetdb [] user [] )
http://192.168.222.131/twiki/bin/attach/TWiki/FileAttachment (filename [Sample.txt] revInfo [1] )
http://192.168.222.131/twiki/bin/edit/Know/ReadmeFirst (t [1519058736] )
http://192.168.222.131/twiki/bin/edit/Know/WebChanges (t [1519058415] )
http://192.168.222.131/twiki/bin/edit/Know/WebHome (t [1519058347] )
http://192.168.222.131/twiki/bin/edit/Know/WebIndex (t [1519058738] )
http://192.168.222.131/twiki/bin/edit/Know/WebNotify (t [1519058741] )
http://192.168.222.131/twiki/bin/edit/Know/WebPreferences (t [1519058429] )
http://192.168.222.131/twiki/bin/edit/Know/WebSearch (t [1519058428] )
http://192.168.222.131/twiki/bin/edit/Know/WebStatistics (t [1519058742] )
http://192.168.222.131/twiki/bin/edit/Know/WebTopicList (t [1519058740] )
http://192.168.222.131/twiki/bin/edit/Main/BillClinton (topicparent [Main.TWikiUsers] )
http://192.168.222.131/twiki/bin/edit/Main/CccCcc (t [1519058773] )
http://192.168.222.131/twiki/bin/edit/Main/CharleytheHorse (t [1519058775] )
http://192.168.222.131/twiki/bin/edit/Main/ChristopheVermeulen (topicparent [Main.TWikiUsers] )
http://192.168.222.131/twiki/bin/edit/Main/DavidWarman (topicparent [Main.TWikiUsers] )
http://192.168.222.131/twiki/bin/edit/Main/EngineeringGroup (topicparent [Main.TWikiGroups] )
http://192.168.222.131/twiki/bin/edit/Main/GoodStyle (topicparent [Main.WebHome] )
http://192.168.222.131/twiki/bin/edit/Main/JohnAltstadt (topicparent [Main.TWikiUsers] )
http://192.168.222.131/twiki/bin/edit/Main/JohnTalintyre (t [1519058777] )
http://192.168.222.131/twiki/bin/edit/Main/LondonOffice (t [1519058807] )
http://192.168.222.131/twiki/bin/edit/Main/MartinRaabe (topicparent [TWiki.TWikiUpgradeGuide] )
http://192.168.222.131/twiki/bin/edit/Main/NicholasLee (t [1519058779] )
http://192.168.222.131/twiki/bin/edit/Main/OfficeLocations (t [1519058366] )
http://192.168.222.131/twiki/bin/edit/Main/PeterFokkinga (topicparent [Main.TWikiUsers] )
http://192.168.222.131/twiki/bin/edit/Main/PeterThoeny (t [1519058750] )
http://192.168.222.131/twiki/bin/edit/Main/SanJoseOffice (t [1519058803] )
http://192.168.222.131/twiki/bin/edit/Main/SupportGroup (topicparent [Main.TWikiGroups] )
http://192.168.222.131/twiki/bin/edit/Main/TWikiAdminGroup (t [1519058792] )
http://192.168.222.131/twiki/bin/edit/Main/TWikiGroups (t [1519058362] )
http://192.168.222.131/twiki/bin/edit/Main/TWikiGuest (t [1519058570] )
http://192.168.222.131/twiki/bin/edit/Main/TWikiPreferences (topicparent [Main.WebHome] )
http://192.168.222.131/twiki/bin/edit/Main/TWikiRegistration (topicparent [Main.TWikiUsers] )
http://192.168.222.131/twiki/bin/edit/Main/TWikiUsers (t [1519058359] )
http://192.168.222.131/twiki/bin/edit/Main/TWikiWeb (topicparent [Main.WebHome] )
http://192.168.222.131/twiki/bin/edit/Main/TestArea (topicparent [Main.WebHome] )
http://192.168.222.131/twiki/bin/edit/Main/TextFormattingFAQ (topicparent [Main.WebHome] )
http://192.168.222.131/twiki/bin/edit/Main/TextFormattingRules (topicparent [Main.WebHome] )
http://192.168.222.131/twiki/bin/edit/Main/TokyoOffice (t [1519058810] )
http://192.168.222.131/twiki/bin/edit/Main/WebChanges (t [1519058370] )
http://192.168.222.131/twiki/bin/edit/Main/WebHome (t [1519058320] )
http://192.168.222.131/twiki/bin/edit/Main/WebIndex (t [1519058382] )
http://192.168.222.131/twiki/bin/edit/Main/WebNotify (t [1519058440] )
http://192.168.222.131/twiki/bin/edit/Main/WebPreferences (t [1519058389] )
http://192.168.222.131/twiki/bin/edit/Main/WebSearch (t [1519058384] )
http://192.168.222.131/twiki/bin/edit/Main/WebStatistics (t [1519058442] )
http://192.168.222.131/twiki/bin/edit/Main/WebTopicEditTemplate (topicparent [Main.WebPreferences] )
http://192.168.222.131/twiki/bin/edit/Main/WebTopicList (t [1519058438] )
http://192.168.222.131/twiki/bin/edit/Main/WelcomeGuest (topicparent [Main.WebHome] )
http://192.168.222.131/twiki/bin/edit/Main/WikiName (topicparent [Main.TWikiUsers] )
http://192.168.222.131/twiki/bin/edit/Main/WikiNotation (topicparent [Main.TWikiUsers] )
http://192.168.222.131/twiki/bin/edit/Sandbox/TestTopic1 (topicparent [Sandbox.WebHome] )
http://192.168.222.131/twiki/bin/edit/Sandbox/TestTopic2 (topicparent [Sandbox.WebHome] )
http://192.168.222.131/twiki/bin/edit/Sandbox/TestTopic3 (topicparent [Sandbox.WebHome] )
http://192.168.222.131/twiki/bin/edit/Sandbox/TestTopic4 (topicparent [Sandbox.WebHome] )
http://192.168.222.131/twiki/bin/edit/Sandbox/TestTopic5 (topicparent [Sandbox.WebHome] )
http://192.168.222.131/twiki/bin/edit/Sandbox/TestTopic6 (topicparent [Sandbox.WebHome] )
http://192.168.222.131/twiki/bin/edit/Sandbox/TestTopic7 (topicparent [Sandbox.WebHome] )
http://192.168.222.131/twiki/bin/edit/Sandbox/TestTopic8 (topicparent [Sandbox.WebHome] )
http://192.168.222.131/twiki/bin/edit/Sandbox/WebChanges (t [1519058431] )
http://192.168.222.131/twiki/bin/edit/Sandbox/WebHome (t [1519058351] )
http://192.168.222.131/twiki/bin/edit/Sandbox/WebIndex (t [1519058751] )
http://192.168.222.131/twiki/bin/edit/Sandbox/WebNotify (t [1519058762] )
http://192.168.222.131/twiki/bin/edit/Sandbox/WebPreferences (t [1519058436] )
http://192.168.222.131/twiki/bin/edit/Sandbox/WebSearch (t [1519058434] )
http://192.168.222.131/twiki/bin/edit/Sandbox/WebStatistics (t [1519058765] )
http://192.168.222.131/twiki/bin/edit/Sandbox/WebTopicEditTemplate (topicparent [Sandbox.WebPreferences] )
http://192.168.222.131/twiki/bin/edit/Sandbox/WebTopicList (t [1519058761] )
http://192.168.222.131/twiki/bin/edit/TWiki/ (topic [] topicparent [TWikiFAQ] onlywikiname [on] templatetopic [TWikiFaqTemplate] )
http://192.168.222.131/twiki/bin/edit/TWiki/AppendixFileSystem (t [1519058715] )
http://192.168.222.131/twiki/bin/edit/TWiki/DefaultPlugin (t [1519058619] )
http://192.168.222.131/twiki/bin/edit/TWiki/FileAttachment (t [1519058610] )
http://192.168.222.131/twiki/bin/edit/TWiki/FormattedSearch (t [1519058679] )
http://192.168.222.131/twiki/bin/edit/TWiki/GnuGeneralPublicLicense (t [1519058727] )
http://192.168.222.131/twiki/bin/edit/TWiki/GoodStyle (t [1519058548] )
http://192.168.222.131/twiki/bin/edit/TWiki/InstalledPlugins (t [1519058723] )
http://192.168.222.131/twiki/bin/edit/TWiki/InstantEnhancements (t [1519058630] )
http://192.168.222.131/twiki/bin/edit/TWiki/InterWikis (t [1519058623] )
http://192.168.222.131/twiki/bin/edit/TWiki/InterwikiPlugin (t [1519058621] )
http://192.168.222.131/twiki/bin/edit/TWiki/ManagingTopics (t [1519058709] )
http://192.168.222.131/twiki/bin/edit/TWiki/ManagingWebs (t [1519058712] )
http://192.168.222.131/twiki/bin/edit/TWiki/MeaningfulTitle (topicparent [TWiki.TextFormattingFAQ] )
http://192.168.222.131/twiki/bin/edit/TWiki/NewTopic (topicparent [TWiki.TWikiShorthand] )
http://192.168.222.131/twiki/bin/edit/TWiki/NotExistingYet (topicparent [TWiki.TextFormattingRules] )
http://192.168.222.131/twiki/bin/edit/TWiki/PeterThoeny (t [1519058725] )
http://192.168.222.131/twiki/bin/edit/TWiki/SiteMap (t [1519058724] )
http://192.168.222.131/twiki/bin/edit/TWiki/StartingPoints (t [1519058394] )
http://192.168.222.131/twiki/bin/edit/TWiki/TWikiAccessControl (t [1519058658] )
http://192.168.222.131/twiki/bin/edit/TWiki/TWikiAdminCookBook (t [1519058625] )
http://192.168.222.131/twiki/bin/edit/TWiki/TWikiCourseOutlineExample (topicparent [TWiki.WebHome] )
http://192.168.222.131/twiki/bin/edit/TWiki/TWikiFAQ (t [1519058453] )
http://192.168.222.131/twiki/bin/edit/TWiki/TWikiFormTemplate (t [1519058664] )
http://192.168.222.131/twiki/bin/edit/TWiki/TWikiForms (topicparent [Main.WebHome] )
http://192.168.222.131/twiki/bin/edit/TWiki/TWikiFuncModule (t [1519058693] )
http://192.168.222.131/twiki/bin/edit/TWiki/TWikiGlossary (t [1519058617] )
http://192.168.222.131/twiki/bin/edit/TWiki/TWikiHistory (t [1519058538] )
http://192.168.222.131/twiki/bin/edit/TWiki/TWikiImplementationNotes (topicparent [TWiki.WebHome] )
http://192.168.222.131/twiki/bin/edit/TWiki/TWikiInstallationGuide (t [1519058639] )
http://192.168.222.131/twiki/bin/edit/TWiki/TWikiMetaData (t [1519058683] )
http://192.168.222.131/twiki/bin/edit/TWiki/TWikiPages (topicparent [TWiki.WebHome] )
http://192.168.222.131/twiki/bin/edit/TWiki/TWikiPlugins (t [1519058687] )
http://192.168.222.131/twiki/bin/edit/TWiki/TWikiPreferences (t [1519058444] )
http://192.168.222.131/twiki/bin/edit/TWiki/TWikiRegistration (t [1519058392] )
http://192.168.222.131/twiki/bin/edit/TWiki/TWikiShorthand (t [1519058604] )
http://192.168.222.131/twiki/bin/edit/TWiki/TWikiSite (t [1519058450] )
http://192.168.222.131/twiki/bin/edit/TWiki/TWikiSiteTools (t [1519058705] )
http://192.168.222.131/twiki/bin/edit/TWiki/TWikiSkins (t [1519058675] )
http://192.168.222.131/twiki/bin/edit/TWiki/TWikiSystemRequirements (t [1519058636] )
http://192.168.222.131/twiki/bin/edit/TWiki/TWikiTemplates (t [1519058669] )
http://192.168.222.131/twiki/bin/edit/TWiki/TWikiTopic (topicparent [TWiki.TWikiTopics] )
http://192.168.222.131/twiki/bin/edit/TWiki/TWikiTopics (t [1519058599] )
http://192.168.222.131/twiki/bin/edit/TWiki/TWikiTutorial (t [1519058595] )
http://192.168.222.131/twiki/bin/edit/TWiki/TWikiUpgradeGuide (t [1519058652] )
http://192.168.222.131/twiki/bin/edit/TWiki/TWikiUserAuthentication (t [1519058655] )
http://192.168.222.131/twiki/bin/edit/TWiki/TWikiVariables (t [1519058606] )
http://192.168.222.131/twiki/bin/edit/TWiki/TWikiVariablesExamples (topicparent [TWiki.WebHome] )
http://192.168.222.131/twiki/bin/edit/TWiki/TWikiWeb (topicparent [Main.WebHome] )
http://192.168.222.131/twiki/bin/edit/TWiki/TextFormattingFAQ (t [1519058556] )
http://192.168.222.131/twiki/bin/edit/TWiki/TextFormattingRules (t [1519058550] )
http://192.168.222.131/twiki/bin/edit/TWiki/WebChanges (t [1519058396] )
http://192.168.222.131/twiki/bin/edit/TWiki/WebChangesAlert (t [1519058615] )
http://192.168.222.131/twiki/bin/edit/TWiki/WebHome (t [1519058333] )
http://192.168.222.131/twiki/bin/edit/TWiki/WebIndex (t [1519058580] )
http://192.168.222.131/twiki/bin/edit/TWiki/WebNotify (t [1519058720] )
http://192.168.222.131/twiki/bin/edit/TWiki/WebPreferences (t [1519058412] )
http://192.168.222.131/twiki/bin/edit/TWiki/WebSearch (t [1519058411] )
http://192.168.222.131/twiki/bin/edit/TWiki/WebStatistics (t [1519058721] )
http://192.168.222.131/twiki/bin/edit/TWiki/WebTopicList (t [1519058572] )
http://192.168.222.131/twiki/bin/edit/TWiki/WelcomeGuest (t [1519058386] )
http://192.168.222.131/twiki/bin/edit/TWiki/WikiCulture (t [1519058797] )
http://192.168.222.131/twiki/bin/edit/TWiki/WikiName (t [1519058753] )
http://192.168.222.131/twiki/bin/edit/TWiki/WikiOrg (topicparent [TWiki.TWikiAdminCookBook] )
http://192.168.222.131/twiki/bin/edit/TWiki/WikiStyleWord (topicparent [TWiki.TextFormattingFAQ] )
http://192.168.222.131/twiki/bin/edit/TWiki/WindowsInstallCookbook (t [1519058643] )
http://192.168.222.131/twiki/bin/manage/TWiki/ManagingWebs (newweb [] baseweb [] webbgcolor [#D0D0D0] sitemapwhat [] sitemapuseto [...collaborate on] nosearchall [] nosearchall [on] newtopic [] action [createweb] )
http://192.168.222.131/twiki/bin/oops/Know/ReadmeFirst (template [oopsmore] param1 [1.6] param2 [1.6] )
http://192.168.222.131/twiki/bin/oops/Know/WebChanges (template [oopsmore] param1 [1.2] param2 [1.2] )
http://192.168.222.131/twiki/bin/oops/Know/WebHome (param1 [1.10] param2 [1.10] template [oopsmore] )
http://192.168.222.131/twiki/bin/oops/Know/WebIndex (template [oopsmore] param1 [1.2] param2 [1.2] )
http://192.168.222.131/twiki/bin/oops/Know/WebNotify (template [oopsmore] param1 [1.7] param2 [1.7] )
http://192.168.222.131/twiki/bin/oops/Know/WebPreferences (template [oopsmore] param1 [1.11] param2 [1.11] )
http://192.168.222.131/twiki/bin/oops/Know/WebSearch (template [oopsmore] param1 [1.9] param2 [1.9] )
http://192.168.222.131/twiki/bin/oops/Know/WebStatistics (template [oopsmore] param1 [1.5] param2 [1.5] )
http://192.168.222.131/twiki/bin/oops/Know/WebTopicList (template [oopsmore] param1 [1.1] param2 [1.1] )
http://192.168.222.131/twiki/bin/oops/Main/CccCcc (template [oopsmore] param1 [1.1] param2 [1.1] )
http://192.168.222.131/twiki/bin/oops/Main/CharleytheHorse (template [oopsmore] param1 [1.1] param2 [1.1] )
http://192.168.222.131/twiki/bin/oops/Main/JohnTalintyre (template [oopsmore] param1 [1.3] param2 [1.3] )
http://192.168.222.131/twiki/bin/oops/Main/LondonOffice (template [oopsmore] param1 [1.3] param2 [1.3] )
http://192.168.222.131/twiki/bin/oops/Main/NicholasLee (template [oopsmore] param1 [1.2] param2 [1.2] )
http://192.168.222.131/twiki/bin/oops/Main/OfficeLocations (template [oopsmore] param1 [1.4] param2 [1.4] )
http://192.168.222.131/twiki/bin/oops/Main/PeterThoeny (template [oopsmore] param1 [1.8] param2 [1.8] )
http://192.168.222.131/twiki/bin/oops/Main/SanJoseOffice (template [oopsmore] param1 [1.3] param2 [1.3] )
http://192.168.222.131/twiki/bin/oops/Main/TWikiAdminGroup (template [oopsmore] param1 [1.7] param2 [1.7] )
http://192.168.222.131/twiki/bin/oops/Main/TWikiGroups (param1 [1.3] param2 [1.3] template [oopsmore] )
http://192.168.222.131/twiki/bin/oops/Main/TWikiGuest (template [oopsmore] param1 [1.5] param2 [1.5] )
http://192.168.222.131/twiki/bin/oops/Main/TWikiUsers (param1 [1.16] param2 [1.16] template [oopsmore] )
http://192.168.222.131/twiki/bin/oops/Main/TokyoOffice (template [oopsmore] param1 [1.3] param2 [1.3] )
http://192.168.222.131/twiki/bin/oops/Main/WebChanges (template [oopsmore] param1 [1.2] param2 [1.2] )
http://192.168.222.131/twiki/bin/oops/Main/WebHome (param1 [1.21] param2 [1.21] template [oopsmore] )
http://192.168.222.131/twiki/bin/oops/Main/WebIndex (template [oopsmore] param1 [1.2] param2 [1.2] )
http://192.168.222.131/twiki/bin/oops/Main/WebNotify (template [oopsmore] param1 [1.7] param2 [1.7] )
http://192.168.222.131/twiki/bin/oops/Main/WebPreferences (template [oopsmore] param1 [1.13] param2 [1.13] )
http://192.168.222.131/twiki/bin/oops/Main/WebSearch (template [oopsmore] param1 [1.8] param2 [1.8] )
http://192.168.222.131/twiki/bin/oops/Main/WebStatistics (template [oopsmore] param1 [1.5] param2 [1.5] )
http://192.168.222.131/twiki/bin/oops/Main/WebTopicList (template [oopsmore] param1 [1.1] param2 [1.1] )
http://192.168.222.131/twiki/bin/oops/Sandbox/WebChanges (template [oopsmore] param1 [1.2] param2 [1.2] )
http://192.168.222.131/twiki/bin/oops/Sandbox/WebHome (param1 [1.7] param2 [1.7] template [oopsmore] )
http://192.168.222.131/twiki/bin/oops/Sandbox/WebIndex (template [oopsmore] param1 [1.2] param2 [1.2] )
http://192.168.222.131/twiki/bin/oops/Sandbox/WebNotify (template [oopsmore] param1 [1.5] param2 [1.5] )
http://192.168.222.131/twiki/bin/oops/Sandbox/WebPreferences (template [oopsmore] param1 [1.10] param2 [1.10] )
http://192.168.222.131/twiki/bin/oops/Sandbox/WebSearch (template [oopsmore] param1 [1.6] param2 [1.6] )
http://192.168.222.131/twiki/bin/oops/Sandbox/WebStatistics (template [oopsmore] param1 [1.4] param2 [1.4] )
http://192.168.222.131/twiki/bin/oops/Sandbox/WebTopicList (template [oopsmore] param1 [1.1] param2 [1.1] )
http://192.168.222.131/twiki/bin/oops/TWiki/AppendixFileSystem (template [oopsmore] param1 [1.12] param2 [1.12] )
http://192.168.222.131/twiki/bin/oops/TWiki/DefaultPlugin (template [oopsmore] param1 [1.5] param2 [1.5] )
http://192.168.222.131/twiki/bin/oops/TWiki/FileAttachment (template [oopsmore] param1 [1.11] param2 [1.11] )
http://192.168.222.131/twiki/bin/oops/TWiki/FormattedSearch (template [oopsmore] param1 [1.10] param2 [1.10] )
http://192.168.222.131/twiki/bin/oops/TWiki/GnuGeneralPublicLicense (template [oopsmore] param1 [1.2] param2 [1.2] )
http://192.168.222.131/twiki/bin/oops/TWiki/GoodStyle (template [oopsmore] param1 [1.6] param2 [1.6] )
http://192.168.222.131/twiki/bin/oops/TWiki/InstalledPlugins (template [oopsmore] param1 [1.1] param2 [1.1] )
http://192.168.222.131/twiki/bin/oops/TWiki/InstantEnhancements (template [oopsmore] param1 [1.2] param2 [1.2] )
http://192.168.222.131/twiki/bin/oops/TWiki/InterWikis (template [oopsmore] param1 [1.3] param2 [1.3] )
http://192.168.222.131/twiki/bin/oops/TWiki/InterwikiPlugin (template [oopsmore] param1 [1.6] param2 [1.6] )
http://192.168.222.131/twiki/bin/oops/TWiki/ManagingTopics (template [oopsmore] param1 [1.17] param2 [1.17] )
http://192.168.222.131/twiki/bin/oops/TWiki/ManagingWebs (template [oopsmore] param1 [1.24] param2 [1.24] )
http://192.168.222.131/twiki/bin/oops/TWiki/PeterThoeny (template [oopsmore] param1 [1.4] param2 [1.4] )
http://192.168.222.131/twiki/bin/oops/TWiki/SiteMap (template [oopsmore] param1 [1.2] param2 [1.2] )
http://192.168.222.131/twiki/bin/oops/TWiki/StartingPoints (template [oopsmore] param1 [1.3] param2 [1.3] )
http://192.168.222.131/twiki/bin/oops/TWiki/TWikiAccessControl (template [oopsmore] param1 [1.27] param2 [1.27] )
http://192.168.222.131/twiki/bin/oops/TWiki/TWikiAdminCookBook (template [oopsmore] param1 [1.2] param2 [1.2] )
http://192.168.222.131/twiki/bin/oops/TWiki/TWikiFAQ (template [oopsmore] param1 [1.12] param2 [1.12] )
http://192.168.222.131/twiki/bin/oops/TWiki/TWikiFormTemplate (template [oopsmore] param1 [1.17] param2 [1.17] )
http://192.168.222.131/twiki/bin/oops/TWiki/TWikiFuncModule (template [oopsmore] param1 [1.3] param2 [1.3] )
http://192.168.222.131/twiki/bin/oops/TWiki/TWikiGlossary (template [oopsmore] param1 [1.3] param2 [1.3] )
http://192.168.222.131/twiki/bin/oops/TWiki/TWikiHistory (param1 [1.10] param2 [1.62] template [oopsrev] )
http://192.168.222.131/twiki/bin/oops/TWiki/TWikiInstallationGuide (template [oopsmore] param1 [1.54] param2 [1.54] )
http://192.168.222.131/twiki/bin/oops/TWiki/TWikiMetaData (template [oopsmore] param1 [1.12] param2 [1.12] )
http://192.168.222.131/twiki/bin/oops/TWiki/TWikiPlugins (template [oopsmore] param1 [1.21] param2 [1.21] )
http://192.168.222.131/twiki/bin/oops/TWiki/TWikiPreferences (template [oopsmore] param1 [1.47] param2 [1.47] )
http://192.168.222.131/twiki/bin/oops/TWiki/TWikiRegistration (template [oopsmore] param1 [1.8] param2 [1.8] )
http://192.168.222.131/twiki/bin/oops/TWiki/TWikiShorthand (template [oopsmore] param1 [1.1] param2 [1.1] )
http://192.168.222.131/twiki/bin/oops/TWiki/TWikiSite (template [oopsmore] param1 [1.21] param2 [1.21] )
http://192.168.222.131/twiki/bin/oops/TWiki/TWikiSiteTools (template [oopsmore] param1 [1.7] param2 [1.7] )
http://192.168.222.131/twiki/bin/oops/TWiki/TWikiSkins (template [oopsmore] param1 [1.12] param2 [1.12] )
http://192.168.222.131/twiki/bin/oops/TWiki/TWikiSystemRequirements (template [oopsmore] param1 [1.28] param2 [1.28] )
http://192.168.222.131/twiki/bin/oops/TWiki/TWikiTemplates (template [oopsmore] param1 [1.18] param2 [1.18] )
http://192.168.222.131/twiki/bin/oops/TWiki/TWikiTopics (template [oopsmore] param1 [1.12] param2 [1.12] )
http://192.168.222.131/twiki/bin/oops/TWiki/TWikiTutorial (template [oopsmore] param1 [1.12] param2 [1.12] )
http://192.168.222.131/twiki/bin/oops/TWiki/TWikiUpgradeGuide (template [oopsmore] param1 [1.3] param2 [1.3] )
http://192.168.222.131/twiki/bin/oops/TWiki/TWikiUserAuthentication (template [oopsmore] param1 [1.15] param2 [1.15] )
http://192.168.222.131/twiki/bin/oops/TWiki/TWikiVariables (template [oopsmore] param1 [1.63] param2 [1.63] )
http://192.168.222.131/twiki/bin/oops/TWiki/TextFormattingFAQ (template [oopsmore] param1 [1.14] param2 [1.14] )
http://192.168.222.131/twiki/bin/oops/TWiki/TextFormattingRules (template [oopsmore] param1 [1.37] param2 [1.37] )
http://192.168.222.131/twiki/bin/oops/TWiki/WebChanges (template [oopsmore] param1 [1.3] param2 [1.3] )
http://192.168.222.131/twiki/bin/oops/TWiki/WebChangesAlert (template [oopsmore] param1 [1.13] param2 [1.13] )
http://192.168.222.131/twiki/bin/oops/TWiki/WebHome (param1 [1.79] param2 [1.79] template [oopsmore] )
http://192.168.222.131/twiki/bin/oops/TWiki/WebIndex (template [oopsmore] param1 [1.2] param2 [1.2] )
http://192.168.222.131/twiki/bin/oops/TWiki/WebNotify (template [oopsmore] param1 [1.5] param2 [1.5] )
http://192.168.222.131/twiki/bin/oops/TWiki/WebPreferences (template [oopsmore] param1 [1.18] param2 [1.18] )
http://192.168.222.131/twiki/bin/oops/TWiki/WebSearch (template [oopsmore] param1 [1.12] param2 [1.12] )
http://192.168.222.131/twiki/bin/oops/TWiki/WebStatistics (template [oopsmore] param1 [1.4] param2 [1.4] )
http://192.168.222.131/twiki/bin/oops/TWiki/WebTopicList (template [oopsmore] param1 [1.1] param2 [1.1] )
http://192.168.222.131/twiki/bin/oops/TWiki/WelcomeGuest (template [oopsmore] param1 [1.21] param2 [1.21] )
http://192.168.222.131/twiki/bin/oops/TWiki/WikiCulture (template [oopsmore] param1 [1.8] param2 [1.8] )
http://192.168.222.131/twiki/bin/oops/TWiki/WikiName (template [oopsmore] param1 [1.3] param2 [1.3] )
http://192.168.222.131/twiki/bin/oops/TWiki/WindowsInstallCookbook (template [oopsmore] param1 [1.3] param2 [1.3] )
http://192.168.222.131/twiki/bin/passwd/Main/WebHome (username [] password [] passwordA [] TopicName [ResetPassword] )
http://192.168.222.131/twiki/bin/passwd/TWiki/WebHome (username [] oldpassword [] password [] passwordA [] TopicName [ChangePassword] change [on] )
http://192.168.222.131/twiki/bin/preview/Know/WebHome (formtemplate [] topicparent [] cmd [] submitChangeForm [ Add form ] )
http://192.168.222.131/twiki/bin/preview/Main/EngineeringGroup (formtemplate [] topicparent [] cmd [] )
http://192.168.222.131/twiki/bin/preview/Main/SupportGroup (formtemplate [] topicparent [] cmd [] )
http://192.168.222.131/twiki/bin/preview/Main/TWikiGroups (formtemplate [] topicparent [] cmd [] )
http://192.168.222.131/twiki/bin/preview/Main/TWikiUsers (formtemplate [] topicparent [] cmd [] )
http://192.168.222.131/twiki/bin/preview/Main/WebHome (formtemplate [] topicparent [] cmd [] )
http://192.168.222.131/twiki/bin/preview/Sandbox/TestTopic1 (formtemplate [] topicparent [] cmd [] )
http://192.168.222.131/twiki/bin/preview/Sandbox/TestTopic2 (formtemplate [] topicparent [] cmd [] )
http://192.168.222.131/twiki/bin/preview/Sandbox/TestTopic3 (formtemplate [] topicparent [] cmd [] )
http://192.168.222.131/twiki/bin/preview/Sandbox/TestTopic4 (formtemplate [] topicparent [] cmd [] )
http://192.168.222.131/twiki/bin/preview/Sandbox/TestTopic5 (formtemplate [] topicparent [] cmd [] )
http://192.168.222.131/twiki/bin/preview/Sandbox/TestTopic6 (formtemplate [] topicparent [] cmd [] )
http://192.168.222.131/twiki/bin/preview/Sandbox/TestTopic7 (formtemplate [] topicparent [] cmd [] )
http://192.168.222.131/twiki/bin/preview/Sandbox/TestTopic8 (formtemplate [] topicparent [] cmd [] )
http://192.168.222.131/twiki/bin/preview/Sandbox/WebHome (formtemplate [] topicparent [] cmd [] )
http://192.168.222.131/twiki/bin/preview/TWiki/TWikiForms (formtemplate [] topicparent [] cmd [] )
http://192.168.222.131/twiki/bin/preview/TWiki/WebHome (formtemplate [] topicparent [] cmd [] )
http://192.168.222.131/twiki/bin/rdiff/Know/ReadmeFirst (rev1 [1.6] rev2 [1.5] )
http://192.168.222.131/twiki/bin/rdiff/Know/WebChanges (rev1 [1.2] rev2 [1.1] )
http://192.168.222.131/twiki/bin/rdiff/Know/WebHome (rev1 [1.10] rev2 [1.9] )
http://192.168.222.131/twiki/bin/rdiff/Know/WebIndex (rev1 [1.2] rev2 [1.1] )
http://192.168.222.131/twiki/bin/rdiff/Know/WebNotify (rev1 [1.7] rev2 [1.6] )
http://192.168.222.131/twiki/bin/rdiff/Know/WebPreferences (rev1 [1.11] rev2 [1.10] )
http://192.168.222.131/twiki/bin/rdiff/Know/WebSearch (rev1 [1.9] rev2 [1.8] )
http://192.168.222.131/twiki/bin/rdiff/Know/WebStatistics (rev1 [1.5] rev2 [1.4] )
http://192.168.222.131/twiki/bin/rdiff/Main/JohnTalintyre (rev1 [1.3] rev2 [1.2] )
http://192.168.222.131/twiki/bin/rdiff/Main/LondonOffice (rev1 [1.3] rev2 [1.2] )
http://192.168.222.131/twiki/bin/rdiff/Main/NicholasLee (rev1 [1.2] rev2 [1.1] )
http://192.168.222.131/twiki/bin/rdiff/Main/OfficeLocations (rev1 [1.4] rev2 [1.3] )
http://192.168.222.131/twiki/bin/rdiff/Main/PeterThoeny (rev1 [1.8] rev2 [1.7] )
http://192.168.222.131/twiki/bin/rdiff/Main/SanJoseOffice (rev1 [1.3] rev2 [1.2] )
http://192.168.222.131/twiki/bin/rdiff/Main/TWikiAdminGroup (rev1 [1.7] rev2 [1.6] )
http://192.168.222.131/twiki/bin/rdiff/Main/TWikiGroups (rev1 [1.3] rev2 [1.2] )
http://192.168.222.131/twiki/bin/rdiff/Main/TWikiGuest (rev1 [1.5] rev2 [1.4] )
http://192.168.222.131/twiki/bin/rdiff/Main/TWikiUsers (rev1 [1.16] rev2 [1.15] )
http://192.168.222.131/twiki/bin/rdiff/Main/TokyoOffice (rev1 [1.3] rev2 [1.2] )
http://192.168.222.131/twiki/bin/rdiff/Main/WebChanges (rev1 [1.2] rev2 [1.1] )
http://192.168.222.131/twiki/bin/rdiff/Main/WebHome (rev1 [1.21] rev2 [1.20] )
http://192.168.222.131/twiki/bin/rdiff/Main/WebIndex (rev1 [1.2] rev2 [1.1] )
http://192.168.222.131/twiki/bin/rdiff/Main/WebNotify (rev1 [1.7] rev2 [1.6] )
http://192.168.222.131/twiki/bin/rdiff/Main/WebPreferences (rev1 [1.13] rev2 [1.12] )
http://192.168.222.131/twiki/bin/rdiff/Main/WebSearch (rev1 [1.8] rev2 [1.7] )
http://192.168.222.131/twiki/bin/rdiff/Main/WebStatistics (rev1 [1.5] rev2 [1.4] )
http://192.168.222.131/twiki/bin/rdiff/Sandbox/WebChanges (rev1 [1.2] rev2 [1.1] )
http://192.168.222.131/twiki/bin/rdiff/Sandbox/WebHome (rev1 [1.7] rev2 [1.6] )
http://192.168.222.131/twiki/bin/rdiff/Sandbox/WebIndex (rev1 [1.2] rev2 [1.1] )
http://192.168.222.131/twiki/bin/rdiff/Sandbox/WebNotify (rev1 [1.5] rev2 [1.4] )
http://192.168.222.131/twiki/bin/rdiff/Sandbox/WebPreferences (rev1 [1.10] rev2 [1.9] )
http://192.168.222.131/twiki/bin/rdiff/Sandbox/WebSearch (rev1 [1.6] rev2 [1.5] )
http://192.168.222.131/twiki/bin/rdiff/Sandbox/WebStatistics (rev1 [1.4] rev2 [1.3] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/AppendixFileSystem (rev1 [1.12] rev2 [1.11] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/DefaultPlugin (rev1 [1.5] rev2 [1.4] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/FileAttachment (rev1 [1.11] rev2 [1.10] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/FormattedSearch (rev1 [1.10] rev2 [1.9] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/GnuGeneralPublicLicense (rev1 [1.2] rev2 [1.1] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/GoodStyle (rev1 [1.6] rev2 [1.5] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/InstantEnhancements (rev1 [1.2] rev2 [1.1] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/InterWikis (rev1 [1.3] rev2 [1.2] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/InterwikiPlugin (rev1 [1.6] rev2 [1.5] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/ManagingTopics (rev1 [1.17] rev2 [1.16] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/ManagingWebs (rev1 [1.24] rev2 [1.23] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/PeterThoeny (rev1 [1.4] rev2 [1.3] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/SiteMap (rev1 [1.2] rev2 [1.1] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/StartingPoints (rev1 [1.3] rev2 [1.2] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/TWikiAccessControl (rev1 [1.27] rev2 [1.26] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/TWikiAdminCookBook (rev1 [1.2] rev2 [1.1] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/TWikiFAQ (rev1 [1.12] rev2 [1.11] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/TWikiFormTemplate (rev1 [1.17] rev2 [1.16] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/TWikiFuncModule (rev1 [1.3] rev2 [1.2] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/TWikiGlossary (rev1 [1.3] rev2 [1.2] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/TWikiHistory (rev1 [1.10] rev2 [1.9] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/TWikiInstallationGuide (rev1 [1.54] rev2 [1.53] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/TWikiMetaData (rev1 [1.12] rev2 [1.11] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/TWikiPlugins (rev1 [1.21] rev2 [1.20] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/TWikiPreferences (rev1 [1.47] rev2 [1.46] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/TWikiRegistration (rev1 [1.8] rev2 [1.7] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/TWikiSite (rev1 [1.21] rev2 [1.20] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/TWikiSiteTools (rev1 [1.7] rev2 [1.6] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/TWikiSkins (rev1 [1.12] rev2 [1.11] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/TWikiSystemRequirements (rev1 [1.28] rev2 [1.27] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/TWikiTemplates (rev1 [1.18] rev2 [1.17] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/TWikiTopics (rev1 [1.12] rev2 [1.11] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/TWikiTutorial (rev1 [1.12] rev2 [1.11] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/TWikiUpgradeGuide (rev1 [1.3] rev2 [1.2] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/TWikiUserAuthentication (rev1 [1.15] rev2 [1.14] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/TWikiVariables (rev1 [1.63] rev2 [1.62] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/TextFormattingFAQ (rev1 [1.14] rev2 [1.13] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/TextFormattingRules (rev1 [1.37] rev2 [1.36] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/WebChanges (rev1 [1.3] rev2 [1.2] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/WebChangesAlert (rev1 [1.13] rev2 [1.12] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/WebHome (rev1 [1.79] rev2 [1.78] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/WebIndex (rev1 [1.2] rev2 [1.1] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/WebNotify (rev1 [1.5] rev2 [1.4] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/WebPreferences (rev1 [1.18] rev2 [1.17] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/WebSearch (rev1 [1.12] rev2 [1.11] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/WebStatistics (rev1 [1.4] rev2 [1.3] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/WelcomeGuest (rev1 [1.21] rev2 [1.20] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/WikiCulture (rev1 [1.8] rev2 [1.7] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/WikiName (rev1 [1.3] rev2 [1.2] )
http://192.168.222.131/twiki/bin/rdiff/TWiki/WindowsInstallCookbook (rev1 [1.3] rev2 [1.2] )
http://192.168.222.131/twiki/bin/register/Main/WebHome (Twk1Name [] Twk1WikiName [] Twk1LoginName [] Twk1Email [] Twk0Phone [] Twk0Department [] Twk1Location [] TopicName [TWikiRegistration] )
http://192.168.222.131/twiki/bin/rename/TWiki/AppendixFileSystem (newweb [TWiki] newtopic [DocsATWikiFileSystem] confirm [on] )
http://192.168.222.131/twiki/bin/rename/TWiki/FileAttachment (attachment [Sample.txt] )
http://192.168.222.131/twiki/bin/rename/TWiki/ManagingTopics (newweb [TWiki] newtopic [RenameTopic] confirm [on] )
http://192.168.222.131/twiki/bin/rename/TWiki/TWikiFormTemplate (newweb [TWiki] newtopic [TWikiForms] confirm [on] )
http://192.168.222.131/twiki/bin/rename/TWiki/TWikiInstallationGuide (newweb [TWiki] newtopic [TWikiInstallationNotes] confirm [on] )
http://192.168.222.131/twiki/bin/rename/TWiki/TWikiSystemRequirements (newweb [TWiki] newtopic [TWikiImplementationNotes] confirm [on] )
http://192.168.222.131/twiki/bin/rename/TWiki/TWikiTemplates (newweb [TWiki] newtopic [TWikiTemplateSystem] confirm [on] )
http://192.168.222.131/twiki/bin/rename/TWiki/TWikiTopics (newweb [TWiki] newtopic [TWikiPages] confirm [on] )
http://192.168.222.131/twiki/bin/rename/TWiki/TWikiUserAuthentication (newweb [TWiki] newtopic [TWikiAuthentication] confirm [on] )
http://192.168.222.131/twiki/bin/rename/TWiki/WebChangesAlert (newweb [TWiki] newtopic [WebChangesNotify] confirm [on] )
http://192.168.222.131/twiki/bin/search/Know/ (showlock [] search [%5C.*] web [] nosearch [on] scope [topic] reverse [on] regex [on] limit [100] order [modified] nototal [] bookview [] nosummary [] casesensitive [] ignorecase [on] )
http://192.168.222.131/twiki/bin/search/Know/SearchResult (search [] scope [text] nosearch [on] reverse [on] regex [on] order [modified] )
http://192.168.222.131/twiki/bin/search/Main/ (showlock [] search [%5C.*] web [] scope [topic] nosearch [on] reverse [on] regex [on] order [modified] limit [100] nototal [] bookview [] nosummary [] casesensitive [] ignorecase [on] )
http://192.168.222.131/twiki/bin/search/Main/SearchResult (search [] nosearch [on] scope [text] reverse [on] regex [on] order [modified] )
http://192.168.222.131/twiki/bin/search/Sandbox/ (showlock [] search [%5C.*] web [] nosearch [on] scope [topic] reverse [on] regex [on] nototal [] limit [100] order [modified] nosummary [] bookview [] casesensitive [] )
http://192.168.222.131/twiki/bin/search/Sandbox/SearchResult (search [] nosearch [on] scope [text] reverse [on] regex [on] order [modified] )
http://192.168.222.131/twiki/bin/search/TWiki/ (showlock [] search [] web [] scope [topic] nosearch [on] reverse [on] regex [on] nototal [] order [modified] limit [100] nosummary [] bookview [] casesensitive [] )
http://192.168.222.131/twiki/bin/search/TWiki/SearchResult (search [] nosearch [on] scope [text] reverse [on] regex [on] order [modified] )
http://192.168.222.131/twiki/bin/upload/Know/WebHome (filename [] filepath [] filecomment [] createlink [] hidefile [] )
http://192.168.222.131/twiki/bin/upload/Main/TWikiGroups (filename [] filepath [] filecomment [] createlink [] hidefile [] )
http://192.168.222.131/twiki/bin/upload/Main/TWikiUsers (filename [] filepath [] filecomment [] createlink [] hidefile [] )
http://192.168.222.131/twiki/bin/upload/Main/WebHome (filename [] filepath [] filecomment [] createlink [] hidefile [] )
http://192.168.222.131/twiki/bin/upload/Sandbox/WebHome (filename [] filepath [] filecomment [] createlink [] hidefile [] )
http://192.168.222.131/twiki/bin/upload/TWiki/WebHome (filename [] filepath [] filecomment [] createlink [] hidefile [] )
http://192.168.222.131/twiki/bin/view/Know/ReadmeFirst (topic [] skin [print] rev [1.5] )
http://192.168.222.131/twiki/bin/view/Know/WebChanges (topic [] skin [print] rev [1.1] )
http://192.168.222.131/twiki/bin/view/Know/WebHome (topic [] skin [print] rev [1.9] unlock [on] )
http://192.168.222.131/twiki/bin/view/Know/WebIndex (topic [] skin [print] rev [1.1] )
http://192.168.222.131/twiki/bin/view/Know/WebNotify (topic [] skin [print] rev [1.6] )
http://192.168.222.131/twiki/bin/view/Know/WebPreferences (topic [] skin [print] rev [1.10] )
http://192.168.222.131/twiki/bin/view/Know/WebSearch (topic [] skin [print] rev [1.8] )
http://192.168.222.131/twiki/bin/view/Know/WebStatistics (topic [] skin [print] rev [1.4] )
http://192.168.222.131/twiki/bin/view/Know/WebTopicList (topic [] skin [print] )
http://192.168.222.131/twiki/bin/view/Main/CccCcc (topic [] skin [print] )
http://192.168.222.131/twiki/bin/view/Main/CharleytheHorse (topic [] skin [print] )
http://192.168.222.131/twiki/bin/view/Main/EngineeringGroup (unlock [on] )
http://192.168.222.131/twiki/bin/view/Main/JohnTalintyre (topic [] skin [print] rev [1.2] )
http://192.168.222.131/twiki/bin/view/Main/LondonOffice (topic [] skin [print] rev [1.2] )
http://192.168.222.131/twiki/bin/view/Main/NicholasLee (topic [] skin [print] rev [1.1] )
http://192.168.222.131/twiki/bin/view/Main/OfficeLocations (topic [] skin [print] rev [1.3] )
http://192.168.222.131/twiki/bin/view/Main/PeterThoeny (topic [] skin [print] rev [1.7] )
http://192.168.222.131/twiki/bin/view/Main/SanJoseOffice (topic [] skin [print] rev [1.2] )
http://192.168.222.131/twiki/bin/view/Main/SupportGroup (unlock [on] )
http://192.168.222.131/twiki/bin/view/Main/TWikiAdminGroup (topic [] skin [print] rev [1.6] )
http://192.168.222.131/twiki/bin/view/Main/TWikiGroups (topic [] skin [print] rev [1.2] unlock [on] )
http://192.168.222.131/twiki/bin/view/Main/TWikiGuest (topic [] skin [print] rev [1.4] )
http://192.168.222.131/twiki/bin/view/Main/TWikiUsers (topic [] skin [print] rev [1.15] unlock [on] )
http://192.168.222.131/twiki/bin/view/Main/TokyoOffice (topic [] skin [print] rev [1.2] )
http://192.168.222.131/twiki/bin/view/Main/WebChanges (topic [] skin [print] rev [1.1] )
http://192.168.222.131/twiki/bin/view/Main/WebHome (topic [] skin [print] rev [1.20] unlock [on] )
http://192.168.222.131/twiki/bin/view/Main/WebIndex (topic [] skin [print] rev [1.1] )
http://192.168.222.131/twiki/bin/view/Main/WebNotify (topic [] skin [print] rev [1.6] )
http://192.168.222.131/twiki/bin/view/Main/WebPreferences (topic [] skin [print] rev [1.12] )
http://192.168.222.131/twiki/bin/view/Main/WebSearch (topic [] skin [print] rev [1.7] )
http://192.168.222.131/twiki/bin/view/Main/WebStatistics (topic [] skin [print] rev [1.4] )
http://192.168.222.131/twiki/bin/view/Main/WebTopicList (topic [] skin [print] )
http://192.168.222.131/twiki/bin/view/Sandbox/TestTopic1 (unlock [on] )
http://192.168.222.131/twiki/bin/view/Sandbox/TestTopic2 (unlock [on] )
http://192.168.222.131/twiki/bin/view/Sandbox/TestTopic3 (unlock [on] )
http://192.168.222.131/twiki/bin/view/Sandbox/TestTopic4 (unlock [on] )
http://192.168.222.131/twiki/bin/view/Sandbox/TestTopic5 (unlock [on] )
http://192.168.222.131/twiki/bin/view/Sandbox/TestTopic6 (unlock [on] )
http://192.168.222.131/twiki/bin/view/Sandbox/TestTopic7 (unlock [on] )
http://192.168.222.131/twiki/bin/view/Sandbox/TestTopic8 (unlock [on] )
http://192.168.222.131/twiki/bin/view/Sandbox/WebChanges (topic [] skin [print] rev [1.1] )
http://192.168.222.131/twiki/bin/view/Sandbox/WebHome (topic [] skin [print] rev [1.6] unlock [on] )
http://192.168.222.131/twiki/bin/view/Sandbox/WebIndex (topic [] skin [print] rev [1.1] )
http://192.168.222.131/twiki/bin/view/Sandbox/WebNotify (topic [] skin [print] rev [1.4] )
http://192.168.222.131/twiki/bin/view/Sandbox/WebPreferences (topic [] skin [print] rev [1.9] )
http://192.168.222.131/twiki/bin/view/Sandbox/WebSearch (topic [] skin [print] rev [1.5] )
http://192.168.222.131/twiki/bin/view/Sandbox/WebStatistics (topic [] skin [print] rev [1.3] )
http://192.168.222.131/twiki/bin/view/Sandbox/WebTopicList (topic [] skin [print] )
http://192.168.222.131/twiki/bin/view/TWiki/AppendixFileSystem (topic [] skin [print] rev [1.11] )
http://192.168.222.131/twiki/bin/view/TWiki/DefaultPlugin (topic [] skin [print] rev [1.4] )
http://192.168.222.131/twiki/bin/view/TWiki/FileAttachment (topic [] skin [print] rev [1.10] )
http://192.168.222.131/twiki/bin/view/TWiki/FormattedSearch (topic [] skin [print] rev [1.9] )
http://192.168.222.131/twiki/bin/view/TWiki/GnuGeneralPublicLicense (topic [] skin [print] rev [1.1] )
http://192.168.222.131/twiki/bin/view/TWiki/GoodStyle (topic [] skin [print] rev [1.5] )
http://192.168.222.131/twiki/bin/view/TWiki/InstalledPlugins (topic [] skin [print] )
http://192.168.222.131/twiki/bin/view/TWiki/InstantEnhancements (topic [] skin [print] rev [1.1] )
http://192.168.222.131/twiki/bin/view/TWiki/InterWikis (topic [] skin [print] rev [1.2] )
http://192.168.222.131/twiki/bin/view/TWiki/InterwikiPlugin (topic [] skin [print] rev [1.5] )
http://192.168.222.131/twiki/bin/view/TWiki/ManagingTopics (topic [] skin [print] rev [1.16] )
http://192.168.222.131/twiki/bin/view/TWiki/ManagingWebs (topic [] skin [print] rev [1.23] )
http://192.168.222.131/twiki/bin/view/TWiki/PeterThoeny (topic [] skin [print] rev [1.3] )
http://192.168.222.131/twiki/bin/view/TWiki/SiteMap (topic [] skin [print] rev [1.1] )
http://192.168.222.131/twiki/bin/view/TWiki/StartingPoints (topic [] skin [print] rev [1.2] )
http://192.168.222.131/twiki/bin/view/TWiki/TWikiAccessControl (topic [] skin [print] rev [1.26] )
http://192.168.222.131/twiki/bin/view/TWiki/TWikiAdminCookBook (topic [] skin [print] rev [1.1] )
http://192.168.222.131/twiki/bin/view/TWiki/TWikiDocumentation (topic [] )
http://192.168.222.131/twiki/bin/view/TWiki/TWikiFAQ (topic [] skin [print] rev [1.11] )
http://192.168.222.131/twiki/bin/view/TWiki/TWikiFormTemplate (topic [] skin [print] rev [1.16] )
http://192.168.222.131/twiki/bin/view/TWiki/TWikiForms (unlock [on] )
http://192.168.222.131/twiki/bin/view/TWiki/TWikiFuncModule (topic [] skin [print] rev [1.2] )
http://192.168.222.131/twiki/bin/view/TWiki/TWikiGlossary (topic [] skin [print] rev [1.2] )
http://192.168.222.131/twiki/bin/view/TWiki/TWikiHistory (topic [] skin [print] rev [1.9] )
http://192.168.222.131/twiki/bin/view/TWiki/TWikiInstallationGuide (topic [] skin [print] rev [1.53] )
http://192.168.222.131/twiki/bin/view/TWiki/TWikiMetaData (topic [] skin [print] rev [1.11] raw [debug] )
http://192.168.222.131/twiki/bin/view/TWiki/TWikiPlugins (topic [] skin [print] rev [1.20] )
http://192.168.222.131/twiki/bin/view/TWiki/TWikiPreferences (topic [] skin [print] rev [1.46] )
http://192.168.222.131/twiki/bin/view/TWiki/TWikiRegistration (topic [] skin [print] rev [1.7] )
http://192.168.222.131/twiki/bin/view/TWiki/TWikiShorthand (topic [] skin [print] )
http://192.168.222.131/twiki/bin/view/TWiki/TWikiSite (topic [] skin [print] rev [1.20] )
http://192.168.222.131/twiki/bin/view/TWiki/TWikiSiteTools (topic [] skin [print] rev [1.6] )
http://192.168.222.131/twiki/bin/view/TWiki/TWikiSkins (topic [] skin [print] rev [1.11] sel [] )
http://192.168.222.131/twiki/bin/view/TWiki/TWikiSystemRequirements (topic [] skin [print] rev [1.27] )
http://192.168.222.131/twiki/bin/view/TWiki/TWikiTemplates (topic [] skin [print] rev [1.17] )
http://192.168.222.131/twiki/bin/view/TWiki/TWikiTopics (topic [] skin [print] rev [1.11] )
http://192.168.222.131/twiki/bin/view/TWiki/TWikiTutorial (topic [] skin [print] rev [1.11] )
http://192.168.222.131/twiki/bin/view/TWiki/TWikiUpgradeGuide (topic [] skin [print] rev [1.2] )
http://192.168.222.131/twiki/bin/view/TWiki/TWikiUserAuthentication (topic [] skin [print] rev [1.14] )
http://192.168.222.131/twiki/bin/view/TWiki/TWikiVariables (topic [] skin [print] rev [1.62] )
http://192.168.222.131/twiki/bin/view/TWiki/TextFormattingFAQ (topic [] skin [print] rev [1.13] )
http://192.168.222.131/twiki/bin/view/TWiki/TextFormattingRules (topic [] skin [print] rev [1.36] )
http://192.168.222.131/twiki/bin/view/TWiki/WebChanges (topic [] skin [print] rev [1.2] )
http://192.168.222.131/twiki/bin/view/TWiki/WebChangesAlert (topic [] skin [print] rev [1.12] )
http://192.168.222.131/twiki/bin/view/TWiki/WebHome (topic [] skin [print] rev [1.78] unlock [on] )
http://192.168.222.131/twiki/bin/view/TWiki/WebIndex (topic [] skin [print] rev [1.1] )
http://192.168.222.131/twiki/bin/view/TWiki/WebNotify (topic [] skin [print] rev [1.4] )
http://192.168.222.131/twiki/bin/view/TWiki/WebPreferences (topic [] skin [print] rev [1.17] )
http://192.168.222.131/twiki/bin/view/TWiki/WebSearch (topic [] skin [print] rev [1.11] )
http://192.168.222.131/twiki/bin/view/TWiki/WebStatistics (topic [] skin [print] rev [1.3] )
http://192.168.222.131/twiki/bin/view/TWiki/WebTopicList (topic [] skin [print] )
http://192.168.222.131/twiki/bin/view/TWiki/WelcomeGuest (topic [] skin [print] rev [1.20] )
http://192.168.222.131/twiki/bin/view/TWiki/WikiCulture (topic [] skin [print] rev [1.7] )
http://192.168.222.131/twiki/bin/view/TWiki/WikiName (topic [] skin [print] rev [1.2] )
http://192.168.222.131/twiki/bin/view/TWiki/WindowsInstallCookbook (topic [] skin [print] rev [1.2] )
http://192.168.222.131/twiki/bin/viewfile/TWiki/FileAttachment (filename [Sample.txt] rev [] )
http://192.168.222.131/twiki/bin/viewfile/TWiki/TWiki/FileAttachment (rev [] filename [Sample.txt] )
http://192.168.222.131/view/TWiki/TWikiHistory (rev [1.9] )Log0.0HTTP Security Headers Detectionadmin2018-02-19T19:39:57Z2018-02-19T19:39:57Z0192.168.222.13180/tcpHTTP Security Headers DetectionGeneral0.0NOCVENOBIDURL:https://www.owasp.org/index.php/OWASP_Secure_Headers_Project, URL:https://www.owasp.org/index.php/OWASP_Secure_Headers_Project#tab=Headers, URL:https://securityheaders.io/cvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=All known security headers are being checked on the host. On completion a report will hand back whether a specific security header
has been implemented (including its value) or is missing on the target.|qod_type=remote_banner$Revision: 7484 $Log0.080remote_bannerMissing Headers
---------------
Content-Security-Policy
Referrer-Policy
X-Content-Type-Options
X-Frame-Options
X-Permitted-Cross-Domain-Policies
X-XSS-ProtectionLog0.0Fingerprint web server with favicon.icoadmin2018-02-19T19:48:56Z2018-02-19T19:48:56Z0192.168.222.13180/tcpFingerprint web server with favicon.icoWeb application abuses0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|solution=Remove the 'favicon.ico' file or create a custom one for your site.|impact=The 'favicon.ico' file found on the remote web server belongs to a
popular webserver/application. This may be used to fingerprint the webserver/application.|summary=The remote web server contains a graphic image that is prone to
information disclosure.|qod_type=remote_banner|solution_type=Mitigation$Revision: 7208 $Log0.080remote_bannerThe following apps/services were identified:
"phpmyadmin (2.11.8.1 - 4.2.x)" fingerprinted by the file: "http://192.168.222.131/phpMyAdmin/favicon.ico"Log0.0PHP Version Detection (Remote)admin2018-02-19T19:47:43Z2018-02-19T19:47:43Z0192.168.222.13180/tcpPHP Version Detection (Remote)Product detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=Detection of installed version of PHP.
This script sends HTTP GET request and try to get the version from the
response, and sets the result in KB.|qod_type=remote_banner$Revision: 4724 $Log0.080remote_bannerDetected PHP
Version: 5.2.4
Location: tcp/80
CPE: cpe:/a:php:php:5.2.4
Concluded from version/product identification result:
X-Powered-By: PHP/5.2.4-2ubuntu5.10 Log0.0TWiki Version Detectionadmin2018-02-19T19:47:47Z2018-02-19T19:47:47Z0192.168.222.13180/tcpTWiki Version DetectionProduct detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=Detection of installed version of
TWiki.
This script sends HTTP GET request and try to get the version from the
response, and sets the result in KB.|qod_type=remote_banner$Revision: 4427 $Log0.080remote_bannerDetected TWiki
Version: 01.Feb.2003
Location: /twiki/bin
CPE: cpe:/a:twiki:twiki:01.Feb.2003
Concluded from version/product identification result:
This site is running TWiki version <strong>01 Feb 2003</strong>Log0.0phpMyAdmin Detectionadmin2018-02-19T19:47:38Z2018-02-19T19:47:38Z0192.168.222.13180/tcpphpMyAdmin DetectionProduct detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=Detection of phpMyAdmin.
The script sends a connection request to the server and attempts to
extract the version number from the reply.|qod_type=remote_banner$Revision: 7000 $Log0.080remote_bannerDetected phpMyAdmin
Version: 3.1.1
Location: /phpMyAdmin
CPE: cpe:/a:phpmyadmin:phpmyadmin:3.1.1
Concluded from version/product identification result:
Version 3.1.1Log0.0Apache Web Server Version Detectionadmin2018-02-19T19:47:37Z2018-02-19T19:47:37Z0192.168.222.13180/tcpApache Web Server Version DetectionProduct detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=Detection of installed version of Apache Web Server
The script detects the version of Apache HTTP Server on remote host and sets the KB.|qod_type=remote_banner$Revision: 6411 $Log0.080remote_bannerDetected Apache
Version: 2.2.8
Location: 80/tcp
CPE: cpe:/a:apache:http_server:2.2.8
Concluded from version/product identification result:
Server: Apache/2.2.8Log0.0Tiki Wiki CMS Groupware Version Detectionadmin2018-02-19T19:47:42Z2018-02-19T19:47:42Z0192.168.222.13180/tcpTiki Wiki CMS Groupware Version DetectionProduct detection0.0NOCVENOBIDURL:http://tiki.org/cvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=Detection of Tiki Wiki CMS Groupware, a open source web application
is a wiki-based CMS.
The script sends a connection request to the web server and attempts to
extract the version number from the reply.|qod_type=remote_banner$Revision: 5144 $Log0.080remote_bannerDetected Tiki Wiki CMS Groupware
Version: 1.9.5
Location: /tikiwiki
CPE: cpe:/a:tiki:tikiwiki_cms/groupware:1.9.5
Concluded from version/product identification result:
version 1.9.5
Concluded from version/product identification location:
http://192.168.222.131/tikiwiki/READMELog0.0RPC portmapper (TCP)admin2018-02-19T19:37:24Z2018-02-19T19:37:24Z0192.168.222.131111/tcpRPC portmapper (TCP)RPC0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This script performs detection of RPC portmapper on TCP.|qod_type=remote_banner$Revision: 5487 $Log0.080remote_bannerRPC portmapper is running on this portLog0.0Obtain list of all port mapper registered programs via RPCadmin2018-02-19T19:37:27Z2018-02-19T19:37:27Z0192.168.222.131111/tcpObtain list of all port mapper registered programs via RPCRPC0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This script calls the DUMP RPC on the port mapper, to obtain the
list of all registered programs.|qod_type=remote_banner$Revision: 4827 $Log0.080remote_bannerThese are the registered RPC programs:
RPC program #100000 version 2 'portmapper' (portmap sunrpc rpcbind) on port 111/TCP
RPC program #100003 version 2 'nfs' (nfsprog) on port 2049/TCP
RPC program #100003 version 3 'nfs' (nfsprog) on port 2049/TCP
RPC program #100003 version 4 'nfs' (nfsprog) on port 2049/TCP
RPC program #100021 version 1 'nlockmgr' on port 43519/TCP
RPC program #100021 version 3 'nlockmgr' on port 43519/TCP
RPC program #100021 version 4 'nlockmgr' on port 43519/TCP
RPC program #100005 version 1 'mountd' (mount showmount) on port 45636/TCP
RPC program #100005 version 2 'mountd' (mount showmount) on port 45636/TCP
RPC program #100005 version 3 'mountd' (mount showmount) on port 45636/TCP
RPC program #100024 version 1 'status' on port 48778/TCP
RPC program #100000 version 2 'portmapper' (portmap sunrpc rpcbind) on port 111/UDP
RPC program #100003 version 2 'nfs' (nfsprog) on port 2049/UDP
RPC program #100003 version 3 'nfs' (nfsprog) on port 2049/UDP
RPC program #100003 version 4 'nfs' (nfsprog) on port 2049/UDP
RPC program #100005 version 1 'mountd' (mount showmount) on port 33614/UDP
RPC program #100005 version 2 'mountd' (mount showmount) on port 33614/UDP
RPC program #100005 version 3 'mountd' (mount showmount) on port 33614/UDP
RPC program #100021 version 1 'nlockmgr' on port 47433/UDP
RPC program #100021 version 3 'nlockmgr' on port 47433/UDP
RPC program #100021 version 4 'nlockmgr' on port 47433/UDP
RPC program #100024 version 1 'status' on port 55642/UDPLog0.0SMB/CIFS Server Detectionadmin2018-02-19T19:38:53Z2018-02-19T19:38:53Z0192.168.222.131139/tcpSMB/CIFS Server DetectionWindows0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This script detects wether port 445 and 139 are open and
if they are running a CIFS/SMB server.|qod_type=remote_banner$Revision: 4261 $Log0.080remote_bannerA SMB server is running on this portLog0.0SMB NativeLanManadmin2018-02-19T19:38:55Z2018-02-19T19:38:55Z0192.168.222.131445/tcpSMB NativeLanManService detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=It is possible to extract OS, domain and SMB server information
from the Session Setup AndX Response packet which is generated during NTLM authentication.|qod_type=remote_active$Revision: 7732 $Log0.095remote_activeDetected SMB workgroup: WORKGROUP
Detected SMB server: Samba 3.0.20-Debian
Detected OS: Debian GNU/LinuxLog0.0SMB NativeLanManadmin2018-02-19T19:38:55Z2018-02-19T19:38:55Z0192.168.222.131445/tcpSMB NativeLanManService detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=It is possible to extract OS, domain and SMB server information
from the Session Setup AndX Response packet which is generated during NTLM authentication.|qod_type=remote_active$Revision: 7732 $Log0.095remote_activeDetected Samba
Version: 3.0.20
Location: 445/tcp
CPE: cpe:/a:samba:samba:3.0.20
Concluded from version/product identification result:
Samba 3.0.20-Debian
Extra information:
Detected SMB workgroup: WORKGROUP
Detected SMB server: Samba 3.0.20-DebianLog0.0SMB log inadmin2018-02-19T19:38:55Z2018-02-19T19:38:55Z0192.168.222.131445/tcpSMB log inWindows0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This script attempts to logon into the remote host using
login/password credentials.|qod_type=registry$Revision: 6859 $Log0.097registryIt was possible to log into the remote host using the SMB protocol.Log0.0SMB/CIFS Server Detectionadmin2018-02-19T19:38:53Z2018-02-19T19:38:53Z0192.168.222.131445/tcpSMB/CIFS Server DetectionWindows0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This script detects wether port 445 and 139 are open and
if they are running a CIFS/SMB server.|qod_type=remote_banner$Revision: 4261 $Log0.080remote_bannerA CIFS server is running on this portLog0.0Microsoft SMB Signing Disabledadmin2018-02-19T19:40:46Z2018-02-19T19:40:46Z0192.168.222.131445/tcpMicrosoft SMB Signing DisabledWindows0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=Checking for SMB signing is disabled.
The script logs in via smb, checks the SMB Negotiate Protocol response to
confirm SMB signing is disabled.|qod_type=remote_vul$Revision: 5958 $Log0.099remote_vulSMB signing is disabled on this hostLog0.0SMB Remote Version Detectionadmin2018-02-19T19:39:18Z2018-02-19T19:39:18Z0192.168.222.131445/tcpSMB Remote Version DetectionService detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=Detection of Server Message Block(SMB).
This script sends SMB Negotiation request and try to get the version from the
response.|qod_type=remote_banner$Revision: 5438 $Log0.080remote_bannerOnly SMBv1 is enabled on remote targetLog0.0Microsoft Windows SMB Accessible Sharesadmin2018-02-19T19:40:18Z2018-02-19T19:40:18Z0192.168.222.131445/tcpMicrosoft Windows SMB Accessible SharesWindows0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|qod_type=remote_banner|summary=The script detects the Windows SMB Accessible Shares and sets the
result into KB.$Revision: 6125 $Log0.080remote_bannerThe following shares were found
IPC$Log0.0Report banner of unknown servicesadmin2018-02-19T19:37:27Z2018-02-19T19:37:27Z0192.168.222.131512/tcpReport banner of unknown servicesService detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This plugin reports the banner from unknown/unidentified services
so that the OpenVAS team can take them into account.
If you know this service, please send the reported banner to openvas-plugins@wald.intevation.org.|qod_type=remote_banner$Revision: 6849 $Log0.080remote_bannerAn unknown service is running on this port. If you know this service, please send the following banner to openvas-plugins@wald.intevation.org:
Method: get_http
0x00: 01 57 68 65 72 65 20 61 72 65 20 79 6F 75 3F 0A .Where are you?.
0x10:Log0.0Service Detection with nmapadmin2018-02-19T19:37:39Z2018-02-19T19:37:39Z0192.168.222.131512/tcpService Detection with nmapService detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This plugin performs service detection by launching nmap's
service probe (nmap -sV) against ports that are running unidentified services.
Note: This plugin is started at the end of a scan to register all remaining unknown services.|qod_type=remote_banner$Revision: 6846 $Log0.080remote_bannerNmap service detection result for this port: execLog0.0Service Detection with nmapadmin2018-02-19T19:37:38Z2018-02-19T19:37:38Z0192.168.222.131513/tcpService Detection with nmapService detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This plugin performs service detection by launching nmap's
service probe (nmap -sV) against ports that are running unidentified services.
Note: This plugin is started at the end of a scan to register all remaining unknown services.|qod_type=remote_banner$Revision: 6846 $Log0.080remote_bannerNmap service detection result for this port: login
This is a guess. A confident identification of the service was not possible.
Hint: If you're running a recent nmap version try to run nmap with the following command: 'nmap -sV -Pn -p 513 192.168.222.131' and submit a possible collected fingerprint to the nmap database.Log0.0Service Detection with nmapadmin2018-02-19T19:37:30Z2018-02-19T19:37:30Z0192.168.222.131514/tcpService Detection with nmapService detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This plugin performs service detection by launching nmap's
service probe (nmap -sV) against ports that are running unidentified services.
Note: This plugin is started at the end of a scan to register all remaining unknown services.|qod_type=remote_banner$Revision: 6846 $Log0.080remote_bannerNmap service detection result for this port: tcpwrappedLog0.0RMI-Registry Detectionadmin2018-02-19T19:41:22Z2018-02-19T19:41:22Z0192.168.222.1311099/tcpRMI-Registry DetectionService detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This Script detects the RMI-Registry Service|qod_type=remote_banner$Revision: 6032 $Log0.080remote_bannerThe RMI-Registry Service is running at this portLog0.0Report banner of unknown servicesadmin2018-02-19T19:37:27Z2018-02-19T19:37:27Z0192.168.222.1311524/tcpReport banner of unknown servicesService detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This plugin reports the banner from unknown/unidentified services
so that the OpenVAS team can take them into account.
If you know this service, please send the reported banner to openvas-plugins@wald.intevation.org.|qod_type=remote_banner$Revision: 6849 $Log0.080remote_bannerAn unknown service is running on this port. If you know this service, please send the following banner to openvas-plugins@wald.intevation.org:
Method: get_http
0x0000: 72 6F 6F 74 40 6D 65 74 61 73 70 6C 6F 69 74 61 root@metasploita
0x0010: 62 6C 65 3A 2F 23 20 3C 48 54 4D 4C 3E 0A 3C 48 ble:/# <HTML>.<H
0x0020: 45 41 44 3E 0A 3C 54 49 54 4C 45 3E 44 69 72 65 EAD>.<TITLE>Dire
0x0030: 63 74 6F 72 79 20 2F 3C 2F 54 49 54 4C 45 3E 0A ctory /</TITLE>.
0x0040: 3C 42 41 53 45 20 48 52 45 46 3D 22 66 69 6C 65 <BASE HREF="file
0x0050: 3A 2F 22 3E 0A 3C 2F 48 45 41 44 3E 0A 3C 42 4F :/">.</HEAD>.<BO
0x0060: 44 59 3E 0A 3C 48 31 3E 44 69 72 65 63 74 6F 72 DY>.<H1>Director
0x0070: 79 20 6C 69 73 74 69 6E 67 20 6F 66 20 2F 3C 2F y listing of /</
0x0080: 48 31 3E 0A 3C 55 4C 3E 0A 3C 4C 49 3E 3C 41 20 H1>.<UL>.<LI><A
0x0090: 48 52 45 46 3D 22 2E 2F 22 3E 2E 2F 3C 2F 41 3E HREF="./">./</A>
0x00A0: 0A 3C 4C 49 3E 3C 41 20 48 52 45 46 3D 22 2E 2E .<LI><A HREF="..
0x00B0: 2F 22 3E 2E 2E 2F 3C 2F 41 3E 0A 3C 4C 49 3E 3C /">../</A>.<LI><
0x00C0: 41 20 48 52 45 46 3D 22 47 22 3E 47 3C 2F 41 3E A HREF="G">G</A>
0x00D0: 0A 3C 4C 49 3E 3C 41 20 48 52 45 46 3D 22 61 64 .<LI><A HREF="ad
0x00E0: 4E 46 76 34 51 51 79 61 34 6D 52 51 4B 7A 35 53 NFv4QQya4mRQKz5S
0x00F0: 6A 79 66 6A 4E 67 76 67 6A 49 22 3E 61 64 4E 46 jyfjNgvgjI">adNF
0x0100: 76 34 51 51 79 61 34 6D 52 51 4B 7A 35 53 6A 79 v4QQya4mRQKz5Sjy
0x0110: 66 6A 4E 67 76 67 6A 49 3C 2F 41 3E 0A 3C 4C 49 fjNgvgjI</A>.<LI
0x0120: 3E 3C 41 20 48 52 45 46 3D 22 62 69 6E 2F 22 3E ><A HREF="bin/">
0x0130: 62 69 6E 2F 3C 2F 41 3E 0A 3C 4C 49 3E 3C 41 20 bin/</A>.<LI><A
0x0140: 48 52 45 46 3D 22 62 6F 6F 74 2F 22 3E 62 6F 6F HREF="boot/">boo
0x0150: 74 2F 3C 2F 41 3E 0A 3C 4C 49 3E 3C 41 20 48 52 t/</A>.<LI><A HR
0x0160: 45 46 3D 22 63 64 72 6F 6D 2F 22 3E 63 64 72 6F EF="cdrom/">cdro
0x0170: 6D 2F 3C 2F 41 3E 0A 3C 4C 49 3E 3C 41 20 48 52 m/</A>.<LI><A HR
0x0180: 45 46 3D 22 64 65 76 2F 22 3E 64 65 76 2F 3C 2F EF="dev/">dev/</
0x0190: 41 3E 0A 3C 4C 49 3E 3C 41 20 48 52 45 46 3D 22 A>.<LI><A HREF="
0x01A0: 65 74 63 2F 22 3E 65 74 63 2F 3C 2F 41 3E 0A 3C etc/">etc/</A>.<
0x01B0: 4C 49 3E 3C 41 20 48 52 45 46 3D 22 68 6F 6D 65 LI><A HREF="home
0x01C0: 2F 22 3E 68 6F 6D 65 2F 3C 2F 41 3E 0A 3C 4C 49 /">home/</A>.<LI
0x01D0: 3E 3C 41 20 48 52 45 46 3D 22 69 6E 69 74 72 64 ><A HREF="initrd
0x01E0: 2F 22 3E 69 6E 69 74 72 64 2F 3C 2F 41 3E 0A 3C /">initrd/</A>.<
0x01F0: 4C 49 3E 3C 41 20 48 52 45 46 3D 22 69 6E 69 74 LI><A HREF="init
0x0200: 72 64 2E 69 6D 67 22 3E 69 6E 69 74 72 64 2E 69 rd.img">initrd.i
0x0210: 6D 67 3C 2F 41 3E 0A 3C 4C 49 3E 3C 41 20 48 52 mg</A>.<LI><A HR
0x0220: 45 46 3D 22 6C 69 62 2F 22 3E 6C 69 62 2F 3C 2F EF="lib/">lib/</
0x0230: 41 3E 0A 3C 4C 49 3E 3C 41 20 48 52 45 46 3D 22 A>.<LI><A HREF="
0x0240: 6C 6F 73 74 25 32 42 66 6F 75 6E 64 2F 22 3E 6C lost%2Bfound/">l
0x0250: 6F 73 74 2B 66 6F 75 6E 64 2F 3C 2F 41 3E 0A 3C ost+found/</A>.<
0x0260: 4C 49 3E 3C 41 20 48 52 45 46 3D 22 6D 65 64 69 LI><A HREF="medi
0x0270: 61 2F 22 3E 6D 65 64 69 61 2F 3C 2F 41 3E 0A 3C a/">media/</A>.<
0x0280: 4C 49 3E 3C 41 20 48 52 45 46 3D 22 6D 6E 74 2F LI><A HREF="mnt/
0x0290: 22 3E 6D 6E 74 2F 3C 2F 41 3E 0A 3C 4C 49 3E 3C ">mnt/</A>.<LI><
0x02A0: 41 20 48 52 45 46 3D 22 6E 6F 68 75 70 2E 6F 75 A HREF="nohup.ou
0x02B0: 74 22 3E 6E 6F 68 75 70 2E 6F 75 74 3C 2F 41 3E t">nohup.out</A>
0x02C0: 0A 3C 4C 49 3E 3C 41 20 48 52 45 46 3D 22 6F 70 .<LI><A HREF="op
0x02D0: 74 2F 22 3E 6F 70 74 2F 3C 2F 41 3E 0A 3C 4C 49 t/">opt/</A>.<LI
0x02E0: 3E 3C 41 20 48 52 45 46 3D 22 70 72 6F 63 2F 22 ><A HREF="proc/"
0x02F0: 3E 70 72 6F 63 2F 3C 2F 41 3E 0A 3C 4C 49 3E 3C >proc/</A>.<LI><
0x0300: 41 20 48 52 45 46 3D 22 72 6F 6F 74 2F 22 3E 72 A HREF="root/">r
0x0310: 6F 6F 74 2F 3C 2F 41 3E 0A 3C 4C 49 3E 3C 41 20 oot/</A>.<LI><A
0x0320: 48 52 45 46 3D 22 73 62 69 6E 2F 22 3E 73 62 69 HREF="sbin/">sbi
0x0330: 6E 2F 3C 2F 41 3E 0A 3C 4C 49 3E 3C 41 20 48 52 n/</A>.<LI><A HR
0x0340: 45 46 3D 22 73 72 76 2F 22 3E 73 72 76 2F 3C 2F EF="srv/">srv/</
0x0350: 41 3E 0A 3C 4C 49 3E 3C 41 20 48 52 45 46 3D 22 A>.<LI><A HREF="
0x0360: 73 79 73 2F 22 3E 73 79 73 2F 3C 2F 41 3E 0A 3C sys/">sys/</A>.<
0x0370: 4C 49 3E 3C 41 20 48 52 45 46 3D 22 74 6D 70 2F LI><A HREF="tmp/
0x0380: 22 3E 74 6D 70 2F 3C 2F 41 3E 0A 3C 4C 49 3E 3C ">tmp/</A>.<LI><
0x0390: 41 20 48 52 45 46 3D 22 75 73 72 2F 22 3E 75 73 A HREF="usr/">us
0x03A0: 72 2F 3C 2F 41 3E 0A 3C 4C 49 3E 3C 41 20 48 52 r/</A>.<LI><A HR
0x03B0: 45 46 3D 22 76 61 72 2F 22 3E 76 61 72 2F 3C 2F EF="var/">var/</
0x03C0: 41 3E 0A 3C 4C 49 3E 3C 41 20 48 52 45 46 3D 22 A>.<LI><A HREF="
0x03D0: 76 6D 6C 69 6E 75 7A 22 3E 76 6D 6C 69 6E 75 7A vmlinuz">vmlinuz
0x03E0: 3C 2F 41 3E 0A 3C 4C 49 3E 3C 41 20 48 52 45 46 </A>.<LI><A HREF
0x03F0: 3D 22 78 22 3E 78 3C 2F 41 3E 0A 3C 4C 49 3E 3C ="x">x</A>.<LI><
0x0400: 41 20 48 52 45 46 3D 22 25 37 44 22 3E 7D 3C 2F A HREF="%7D">}</
0x0410: 41 3E 0A 3C 2F 55 4C 3E 0A 3C 2F 42 4F 44 59 3E A>.</UL>.</BODY>
0x0420: 0A 3C 2F 48 54 4D 4C 3E 0A 3C 68 74 6D 6C 3E 3C .</HTML>.<html><
0x0430: 68 65 61 64 3E 3C 6D 65 74 61 20 68 74 74 70 2D head><meta http-
0x0440: 65 71 75 69 76 3D 22 72 65 66 72 65 73 68 22 20 equiv="refresh"
0x0450: 63 6F 6E 74 65 6E 74 3D 22 30 3B 75 72 6C 3D 68 content="0;url=h
0x0460: 74 74 70 3A 2F 2F 77 77 38 2E 68 74 74 70 2E 63 ttp://ww8.http.c
0x0470: 6F 6D 22 20 2F 3E 3C 4D 45 54 41 20 48 54 54 50 om" /><META HTTP
0x0480: 2D 45 51 55 49 56 3D 22 43 41 43 48 45 2D 43 4F -EQUIV="CACHE-CO
0x0490: 4E 54 52 4F 4C 22 20 43 4F 4E 54 45 4E 54 3D 22 NTROL" CONTENT="
0x04A0: 4E 4F 2D 43 41 43 48 45 2C 4E 4F 5F 53 54 4F 52 NO-CACHE,NO_STOR
0x04B0: 45 22 3E 3C 4D 45 54 41 20 48 54 54 50 2D 45 51 E"><META HTTP-EQ
0x04C0: 55 49 56 3D 22 50 52 41 47 4D 41 22 20 43 4F 4E UIV="PRAGMA" CON
0x04D0: 54 45 4E 54 3D 22 4E 4F 2D 43 41 43 48 45 22 2F TENT="NO-CACHE"/
0x04E0: 3E 0A 09 09 09 3C 4D 45 54 41 20 48 54 54 50 2D >....<META HTTP-
0x04F0: 45 51 55 49 56 3D 22 45 58 50 49 52 45 53 22 20 EQUIV="EXPIRES"
0x0500: 43 4F 4E 54 45 4E 54 3D 22 4D 6F 6E 2C 20 32 32 CONTENT="Mon, 22
0x0510: 20 4A 75 6C 20 32 30 30 32 20 31 31 3A 31 32 3A Jul 2002 11:12:
0x0520: 30 31 20 47 4D 54 22 2F 3E 3C 2F 68 65 61 64 3E 01 GMT"/></head>
0x0530: 3C 62 6F 64 79 20 6F 6E 62 65 66 6F 72 65 75 6E <body onbeforeun
0x0540: 6C 6F 61 64 3D 22 22 20 6F 6E 75 6E 6C 6F 61 64 load="" onunload
0x0550: 3D 22 22 3E 3C 73 63 72 69 70 74 20 74 79 70 65 =""><script type
0x0560: 3D 22 74 65 78 74 2F 6A 61 76 61 73 63 72 69 70 ="text/javascrip
0x0570: 74 22 20 73 72 63 3D 22 68 74 74 70 3A 2F 2F 64 t" src="http://d
0x0580: 33 75 6A 62 32 74 38 78 38 61 6C 78 64 2E 63 6C 3ujb2t8x8alxd.cl
0x0590: 6F 75 64 66 72 6F 6E 74 2E 6E 65 74 2F 72 6D 67 oudfront.net/rmg
0x05A0: 6A 73 63 2F 7A 63 46 69 6C 74 65 72 73 2E 6A 73 jsc/zcFilters.js
0x05B0: 22 3E 3C 2F 73 63 72 69 70 74 3E 3C 73 63 72 69 "></script><scri
0x05C0: 70 74 20 6C 61 6E 67 75 61 67 65 3D 27 6A 61 76 pt language='jav
0x05D0: 61 73 63 72 69 70 74 27 20 74 79 70 65 3D 27 74 ascript' type='t
0x05E0: 65 78 74 2F 6A 61 76 61 73 63 72 69 70 74 27 3E ext/javascript'>
0x05F0: 74 72 79 0A 09 09 09 09 7B 0A 09 09 09 09 20 20 try.....{.....
0x0600: 20 20 76 61 72 20 72 75 72 6C 20 3D 20 27 68 74 var rurl = 'ht
0x0610: 74 70 3A 2F 2F 77 77 38 2E 68 74 74 70 2E 63 6F tp://ww8.http.co
0x0620: 6D 27 3B 0A 09 09 09 09 09 77 69 6E 64 6F 77 2E m';......window.
0x0630: 74 6F 70 2E 6C 6F 63 61 74 69 6F 6E 2E 72 65 70 top.location.rep
0x0640: 6C 61 63 65 28 72 75 72 6C 29 3B 0A 09 09 09 09 lace(rurl);.....
0x0650: 7D 20 63 61 74 63 68 28 65 78 63 65 70 74 69 6F } catch(exceptio
0x0660: 6E 29 20 7B 0A 09 09 09 09 09 64 6F 63 75 6D 65 n) {......docume
0x0670: 6E 74 2E 77 72 69 74 65 28 22 54 68 69 73 20 70 nt.write("This p
0x0680: 61 67 65 20 68 61 73 20 6D 6F 76 65 64 2C 20 3C age has moved, <
0x0690: 41 20 48 52 45 46 3D 27 68 74 74 70 3A 2F 2F 77 A HREF='http://w
0x06A0: 77 38 2E 68 74 74 70 2E 63 6F 6D 27 3E 43 6C 69 w8.http.com'>Cli
0x06B0: 63 6B 20 68 65 72 65 3C 2F 41 3E 20 74 6F 20 67 ck here</A> to g
0x06C0: 6F 20 74 68 65 72 65 2E 22 29 3B 0A 09 09 09 09 o there.");.....
0x06D0: 7D 3C 2F 73 63 72 69 70 74 3E 3C 6E 6F 73 63 72 }</script><noscr
0x06E0: 69 70 74 3E 54 68 69 73 20 70 61 67 65 20 68 61 ipt>This page ha
0x06F0: 73 20 6D 6F 76 65 64 2C 20 3C 41 20 48 52 45 46 s moved, <A HREF
0x0700: 3D 27 68 74 74 70 3A 2F 2F 77 77 38 2E 68 74 74 ='http://ww8.htt
0x0710: 70 2E 63 6F 6D 27 3E 43 6C 69 63 6B 20 68 65 72 p.com'>Click her
0x0720: 65 3C 2F 41 3E 20 74 6F 20 67 6F 20 74 68 65 72 e</A> to go ther
0x0730: 65 2E 3C 2F 6E 6F 73 63 72 69 70 74 3E 3C 2F 62 e.</noscript></b
0x0740: 6F 64 79 3E 3C 2F 68 74 6D 6C 3E 72 6F 6F 74 40 ody></html>root@
0x0750: 6D 65 74 61 73 70 6C 6F 69 74 61 62 6C 65 3A 2F metasploitable:/
0x0760: 23 20 72 6F 6F 74 40 6D 65 74 61 73 70 6C 6F 69 # root@metasploi
0x0770: 74 61 62 6C 65 3A 2F 23 20 62 61 73 68 3A 20 48 table:/# bash: H
0x0780: 6F 73 74 3A 3A 20 63 6F 6D 6D 61 6E 64 20 6E 6F ost:: command no
0x0790: 74 20 66 6F 75 6E 64 0A 72 6F 6F 74 40 6D 65 74 t found.root@met
0x07A0: 61 73 70 6C 6F 69 74 61 62 6C 65 3A 2F 23 20 72 asploitable:/# r
0x07B0: 6F 6F 74 40 6D 65 74 61 73 70 6C 6F 69 74 61 62 oot@metasploitab
0x07C0: 6C 65 3A 2F 23 20 72 6F 6F 74 40 6D 65 74 61 73 le:/# root@metas
0x07D0: 70 6C 6F 69 74 61 62 6C 65 3A 2F 23 20 72 6F 6F ploitable:/# roo
0x07E0: 74 40 6D 65 74 61 73 70 6C 6F 69 74 61 62 6C 65 t@metasploitable
0x07F0: 3A 2F 23 20 :/#Log0.0Service Detection with nmapadmin2018-02-19T19:37:29Z2018-02-19T19:37:29Z0192.168.222.1311524/tcpService Detection with nmapService detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This plugin performs service detection by launching nmap's
service probe (nmap -sV) against ports that are running unidentified services.
Note: This plugin is started at the end of a scan to register all remaining unknown services.|qod_type=remote_banner$Revision: 6846 $Log0.080remote_bannerNmap service detection result for this port: shellLog0.0FTP Banner Detectionadmin2018-02-19T19:38:55Z2018-02-19T19:38:55Z0192.168.222.1312121/tcpFTP Banner DetectionProduct detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This Plugin detects the FTP Server Banner and the Banner
of the 'HELP' command.|qod_type=remote_banner$Revision: 4780 $Log0.080remote_bannerRemote FTP server banner :
220 ProFTPD 1.3.1 Server (Debian) [::ffff:192.168.222.131] Log0.0Servicesadmin2018-02-19T19:37:25Z2018-02-19T19:37:25Z0192.168.222.1312121/tcpServicesService detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This routine attempts to guess which service is running on the
remote ports. For instance, it searches for a web server which could listen on another port than
80 or 443 and makes this information available for other check routines.|qod_type=remote_banner$Revision: 6821 $Log0.080remote_bannerAn FTP server is running on this port.
Here is its banner :
220 ProFTPD 1.3.1 Server (Debian) [::ffff:192.168.222.131] Log0.0ProFTPD Server Version Detection (Remote)admin2018-02-19T19:39:06Z2018-02-19T19:39:06Z0192.168.222.1312121/tcpProFTPD Server Version Detection (Remote)Product detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This script detects the installed version of ProFTP Server
and sets the version in KB.|qod_type=remote_banner$Revision: 4777 $Log0.080remote_bannerDetected ProFTPD
Version: 1.3.1
Location: 2121/tcp
CPE: cpe:/a:proftpd:proftpd:1.3.1
Concluded from version/product identification result:
ProFTPD 1.3.1Log0.0MySQL/MariaDB Detectionadmin2018-02-19T19:39:06Z2018-02-19T19:39:06Z0192.168.222.1313306/tcpMySQL/MariaDB DetectionProduct detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=Detection of installed version of
MySQL/MariaDB.
Detect a running MySQL/MariaDB by getting the banner, extract the version
from the banner and store the information in KB.|qod_type=remote_banner$Revision: 6788 $Log0.080remote_bannerDetected MySQL
Version: 5.0.51a-3ubuntu5
Location: 3306/tcp
CPE: cpe:/a:mysql:mysql:5.0.51a
Concluded from version/product identification result:
5.0.51a-3ubuntu5Log0.0Servicesadmin2018-02-19T19:38:11Z2018-02-19T19:38:11Z0192.168.222.1313306/tcpServicesService detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This routine attempts to guess which service is running on the
remote ports. For instance, it searches for a web server which could listen on another port than
80 or 443 and makes this information available for other check routines.|qod_type=remote_banner$Revision: 6821 $Log0.080remote_bannerAn unknown service is running on this port.
It is usually reserved for MySQLLog0.0Database Open Access Vulnerabilityadmin2018-02-19T19:40:45Z2018-02-19T19:40:45Z0192.168.222.1313306/tcpDatabase Open Access VulnerabilityDatabases0.0NOCVENOBIDURL:https://www.pcisecuritystandards.org/security_standards/index.php?id=pci_dss_v1-2.pdfcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|impact=Successful exploitation could allow an attacker to obtain the sensitive
information of the database.
Impact Level: Application|insight=Do not restricting direct access of databases to the remote systems.|summary=The host is running a Database server and is prone to information
disclosure vulnerability.|affected=MySQL
IBM DB2
PostgreSQL
IBM solidDB
Oracle Database
Microsoft SQL Server|solution=Restrict Database access to remote systems.|solution_type=Workaround|qod_type=remote_banner$Revision: 5988 $Log0.080remote_bannerMySQL can be accessed by remote attackersLog0.0PostgreSQL Detectionadmin2018-02-19T19:39:06Z2018-02-19T19:39:06Z0192.168.222.1315432/tcpPostgreSQL DetectionProduct detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=Detection of PostgreSQL, a open source object-relational
database system (http://www.postgresql.org).
The script sends a connection request to the server (user:postgres, DB:postgres)
and attempts to extract the version number from the reply.|qod_type=remote_banner$Revision: 4688 $Log0.080remote_bannerDetected PostgreSQL
Version: 8.3.1
Location: 5432/tcp
CPE: cpe:/a:postgresql:postgresql:8.3.1
Concluded from version/product identification result:
8.3.1Log0.0SSL/TLS: Certificate - Self-Signed Certificate Detectionadmin2018-02-19T19:43:52Z2018-02-19T19:43:52Z0192.168.222.1315432/tcpSSL/TLS: Certificate - Self-Signed Certificate DetectionSSL and TLS0.0NOCVENOBIDURL:http://en.wikipedia.org/wiki/Self-signed_certificatecvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=The SSL/TLS certificate on this port is self-signed.|qod_type=remote_app$Revision: 4765 $Log0.098remote_appThe certificate of the remote service is self signed.
Certificate details:
subject ...: 1.2.840.113549.1.9.1=#726F6F74407562756E74753830342D626173652E6C6F63616C646F6D61696E,CN=ubuntu804-base.localdomain,OU=Office for Complication of Otherwise Simple Affairs,O=OCOSA,L=Everywhere,ST=There is no such thing outside US,C=XX
subject alternative names (SAN):
None
issued by .: 1.2.840.113549.1.9.1=#726F6F74407562756E74753830342D626173652E6C6F63616C646F6D61696E,CN=ubuntu804-base.localdomain,OU=Office for Complication of Otherwise Simple Affairs,O=OCOSA,L=Everywhere,ST=There is no such thing outside US,C=XX
serial ....: 00FAF93A4C7FB6B9CC
valid from : 2010-03-17 14:07:45 UTC
valid until: 2010-04-16 14:07:45 UTC
fingerprint (SHA-1): ED093088706603BFD5DC237399B498DA2D4D31C6
fingerprint (SHA-256): E7A7FA0D63E457C7C4A59B38B70849C6A70BDA6F830C7AF1E32DEE436DE813CCLog0.0Servicesadmin2018-02-19T19:37:50Z2018-02-19T19:37:50Z0192.168.222.1315432/tcpServicesService detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This routine attempts to guess which service is running on the
remote ports. For instance, it searches for a web server which could listen on another port than
80 or 443 and makes this information available for other check routines.|qod_type=remote_banner$Revision: 6821 $Log0.080remote_bannerAn unknown service is running on this port.
It is usually reserved for PostgresLog0.0SSL/TLS: Report Non Weak Cipher Suitesadmin2018-02-19T19:43:48Z2018-02-19T19:43:48Z0192.168.222.1315432/tcpSSL/TLS: Report Non Weak Cipher SuitesSSL and TLS0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This routine reports all Non Weak SSL/TLS cipher suites accepted by a service.|qod_type=remote_app$Revision: 4736 $Log0.098remote_app'Non Weak' cipher suites accepted by this service via the SSLv3 protocol:
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
'Non Weak' cipher suites accepted by this service via the TLSv1.0 protocol:
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHALog0.0SSL/TLS: Collect and Report Certificate Detailsadmin2018-02-19T19:43:52Z2018-02-19T19:43:52Z0192.168.222.1315432/tcpSSL/TLS: Collect and Report Certificate DetailsSSL and TLS0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This script collects and reports the details of all SSL/TLS certificates.
This data will be used by other tests to verify server certificates.|qod_type=remote_app$Revision: 6090 $Log0.098remote_appThe following certificate details of the remote service were collected.
Certificate details:
subject ...: 1.2.840.113549.1.9.1=#726F6F74407562756E74753830342D626173652E6C6F63616C646F6D61696E,CN=ubuntu804-base.localdomain,OU=Office for Complication of Otherwise Simple Affairs,O=OCOSA,L=Everywhere,ST=There is no such thing outside US,C=XX
subject alternative names (SAN):
None
issued by .: 1.2.840.113549.1.9.1=#726F6F74407562756E74753830342D626173652E6C6F63616C646F6D61696E,CN=ubuntu804-base.localdomain,OU=Office for Complication of Otherwise Simple Affairs,O=OCOSA,L=Everywhere,ST=There is no such thing outside US,C=XX
serial ....: 00FAF93A4C7FB6B9CC
valid from : 2010-03-17 14:07:45 UTC
valid until: 2010-04-16 14:07:45 UTC
fingerprint (SHA-1): ED093088706603BFD5DC237399B498DA2D4D31C6
fingerprint (SHA-256): E7A7FA0D63E457C7C4A59B38B70849C6A70BDA6F830C7AF1E32DEE436DE813CCLog0.0PostgreSQL TLS Detectionadmin2018-02-19T19:39:06Z2018-02-19T19:39:06Z0192.168.222.1315432/tcpPostgreSQL TLS DetectionService detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=The remote PostgreSQL Server supports TLS.|qod_type=remote_banner$Revision: 4682 $Log0.080remote_bannerLog0.0SSL/TLS: Report Perfect Forward Secrecy (PFS) Cipher Suitesadmin2018-02-19T19:43:48Z2018-02-19T19:43:48Z0192.168.222.1315432/tcpSSL/TLS: Report Perfect Forward Secrecy (PFS) Cipher SuitesSSL and TLS0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This routine reports all SSL/TLS cipher suites accepted by a service which are supporting Perfect Forward Secrecy (PFS).|qod_type=remote_app$Revision: 4771 $Log0.098remote_appCipher suites supporting Perfect Forward Secrecy (PFS) are accepted by this service via the SSLv3 protocol:
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
Cipher suites supporting Perfect Forward Secrecy (PFS) are accepted by this service via the TLSv1.0 protocol:
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHALog0.0SSL/TLS: Report Supported Cipher Suitesadmin2018-02-19T19:43:49Z2018-02-19T19:43:49Z0192.168.222.1315432/tcpSSL/TLS: Report Supported Cipher SuitesSSL and TLS0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This routine reports all SSL/TLS cipher suites accepted by a service.
As the NVT 'SSL/TLS: Check Supported Cipher Suites' (OID: 1.3.6.1.4.1.25623.1.0.900234) might run into a
timeout the actual reporting of all accepted cipher suites takes place in this NVT instead. The script preference 'Report timeout'
allows you to configure if such an timeout is reported.|qod_type=remote_app$Revision: 5987 $Log0.098remote_app'Strong' cipher suites accepted by this service via the SSLv3 protocol:
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
'Medium' cipher suites accepted by this service via the SSLv3 protocol:
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
'Weak' cipher suites accepted by this service via the SSLv3 protocol:
TLS_RSA_WITH_RC4_128_SHA
No 'Null' cipher suites accepted by this service via the SSLv3 protocol.
No 'Anonymous' cipher suites accepted by this service via the SSLv3 protocol.
'Strong' cipher suites accepted by this service via the TLSv1.0 protocol:
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
'Medium' cipher suites accepted by this service via the TLSv1.0 protocol:
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
'Weak' cipher suites accepted by this service via the TLSv1.0 protocol:
TLS_RSA_WITH_RC4_128_SHA
No 'Null' cipher suites accepted by this service via the TLSv1.0 protocol.
No 'Anonymous' cipher suites accepted by this service via the TLSv1.0 protocol.Log0.0Database Open Access Vulnerabilityadmin2018-02-19T19:40:32Z2018-02-19T19:40:32Z0192.168.222.1315432/tcpDatabase Open Access VulnerabilityDatabases0.0NOCVENOBIDURL:https://www.pcisecuritystandards.org/security_standards/index.php?id=pci_dss_v1-2.pdfcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|impact=Successful exploitation could allow an attacker to obtain the sensitive
information of the database.
Impact Level: Application|insight=Do not restricting direct access of databases to the remote systems.|summary=The host is running a Database server and is prone to information
disclosure vulnerability.|affected=MySQL
IBM DB2
PostgreSQL
IBM solidDB
Oracle Database
Microsoft SQL Server|solution=Restrict Database access to remote systems.|solution_type=Workaround|qod_type=remote_banner$Revision: 5988 $Log0.080remote_bannerPostgresql database can be accessed by remote attackersLog0.0SSL/TLS: Report Medium Cipher Suitesadmin2018-02-19T19:43:48Z2018-02-19T19:43:48Z0192.168.222.1315432/tcpSSL/TLS: Report Medium Cipher SuitesSSL and TLS0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This routine reports all Medium SSL/TLS cipher suites accepted by a service.|insight=Any cipher suite considered to be secure for only the next 10 years is considered as medium|qod_type=remote_app$Revision: 4743 $Log0.098remote_app'Medium' cipher suites accepted by this service via the SSLv3 protocol:
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
'Medium' cipher suites accepted by this service via the TLSv1.0 protocol:
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHALog0.0VNC Server and Protocol Version Detectionadmin2018-02-19T19:41:24Z2018-02-19T19:41:24Z0192.168.222.1315900/tcpVNC Server and Protocol Version DetectionService detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|solution=Make sure the use of this software is done in accordance with your
corporate security policy, filter incoming traffic to this port.|summary=The remote host is running a remote display software (VNC)
which permits a console to be displayed remotely.
This allows authenticated users of the remote host to take its
control remotely.|qod_type=remote_banner$Revision: 4944 $Log0.080remote_bannerA VNC server seems to be running on this port.
The version of the VNC protocol is : RFB 003.003Log0.0VNC security typesadmin2018-02-19T19:41:25Z2018-02-19T19:41:25Z0192.168.222.1315900/tcpVNC security typesService detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|qod_type=remote_active|summary=This script checks the remote VNC protocol version
and the available 'security types'.$Revision: 4469 $Log0.095remote_activeThe remote VNC server chose security type #2 (VNC authentication)Log0.0X Server Detectionadmin2018-02-19T19:39:43Z2018-02-19T19:39:43Z0192.168.222.1316000/tcpX Server DetectionService detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This plugin detects X Window servers.
X11 is a client - server protocol. Basically, the server is in charge of the
screen, and the clients connect to it and send several requests like drawing
a window or a menu, and the server sends events back to the clients, such as
mouse clicks, key strokes, and so on...
An improperly configured X server will accept connections from clients from
anywhere. This allows an attacker to make a client connect to the X server to
record the keystrokes of the user, which may contain sensitive information,
such as account passwords.
This can be prevented by using xauth, MIT cookies, or preventing
the X server from listening on TCP (a Unix sock is used for local
connections)|qod_type=remote_banner$Revision: 7422 $Log0.080remote_bannerDetected X Windows Server
Version: 11.0
Location: 6000/tcp
CPE: cpe:/a:x.org:x11:11.0
Concluded from version/product identification result:
11.0
Extra information:
Server answered with: Client is not authorizedLog0.0Report banner of unknown servicesadmin2018-02-19T19:37:25Z2018-02-19T19:37:25Z0192.168.222.1316667/tcpReport banner of unknown servicesService detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This plugin reports the banner from unknown/unidentified services
so that the OpenVAS team can take them into account.
If you know this service, please send the reported banner to openvas-plugins@wald.intevation.org.|qod_type=remote_banner$Revision: 6849 $Log0.080remote_bannerAn unknown service is running on this port. If you know this service, please send the following banner to openvas-plugins@wald.intevation.org:
Method: get_http
0x00: 45 52 52 4F 52 20 3A 43 6C 6F 73 69 6E 67 20 4C ERROR :Closing L
0x10: 69 6E 6B 3A 20 5B 31 39 32 2E 31 36 38 2E 32 32 ink: [192.168.22
0x20: 32 2E 31 33 33 5D 20 28 54 68 72 6F 74 74 6C 65 2.133] (Throttle
0x30: 64 3A 20 52 65 63 6F 6E 6E 65 63 74 69 6E 67 20 d: Reconnecting
0x40: 74 6F 6F 20 66 61 73 74 29 20 2D 45 6D 61 69 6C too fast) -Email
0x50: 20 61 64 6D 69 6E 40 4D 65 74 61 73 70 6C 6F 69 admin@Metasploi
0x60: 74 61 62 6C 65 2E 4C 41 4E 20 66 6F 72 20 6D 6F table.LAN for mo
0x70: 72 65 20 69 6E 66 6F 72 6D 61 74 69 6F 6E 2E 0D re information..
0x80: 0A .Log0.0IRC daemon identificationadmin2018-02-19T19:39:41Z2018-02-19T19:39:41Z0192.168.222.1316667/tcpIRC daemon identificationService detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This script determines the version of the IRC daemon.|qod_type=remote_banner$Revision: 5433 $Log0.080remote_bannerUnable to get the version of this service due to the error:
ERROR :Closing Link: [192.168.222.133] (Throttled: Reconnecting too fast) -Email admin@Metasploitable.LAN for more information. Log0.0Service Detection with nmapadmin2018-02-19T19:37:28Z2018-02-19T19:37:28Z0192.168.222.1316667/tcpService Detection with nmapService detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This plugin performs service detection by launching nmap's
service probe (nmap -sV) against ports that are running unidentified services.
Note: This plugin is started at the end of a scan to register all remaining unknown services.|qod_type=remote_banner$Revision: 6846 $Log0.080remote_bannerNmap service detection result for this port: ircLog0.0Apache JServ Protocol v1.3 Detectionadmin2018-02-19T19:40:18Z2018-02-19T19:40:18Z0192.168.222.1318009/tcpApache JServ Protocol v1.3 DetectionService detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=The script detects a service running the
Apache JServ Protocol version 1.3.|qod_type=remote_banner$Revision: 5264 $Log0.080remote_bannerA service supporting the Apache JServ Protocol v1.3 seems to be running on this port.Log0.0Service Detection with 'GET' Requestadmin2018-02-19T19:38:55Z2018-02-19T19:38:55Z0192.168.222.1318787/tcpService Detection with 'GET' RequestService detection0.0NOCVENOBIDNOXREFcvss_base_vector=AV:N/AC:L/Au:N/C:N/I:N/A:N|summary=This plugin performs service detection.
This plugin is a complement of find_service.nasl. It sends a 'GET' request
to the remaining unknown services and tries to identify them.|qod_type=remote_banner$Revision: 7414 $Log0.080remote_bannerA Distributed Ruby (dRuby/DRb) service seems to be running on this port.Log0.035035013300191922787834340010.010.0192.168.222.1312018-02-19T19:37:05Z2018-02-19T19:51:38ZClosed CVECVE-2009-2526, CVE-2009-2532, CVE-2009-310310.0Cert:E7A7FA0D63E457C7C4A59B38B70849C6A70BDA6F830C7AF1E32DEE436DE813CCx509:MIIDWzCCAsQCCQD6+TpMf7a5zDANBgkqhkiG9w0BAQUFADCB8TELMAkGA1UEBhMCWFgxKjAoBgNVBAgTIVRoZXJlIGlzIG5vIHN1Y2ggdGhpbmcgb3V0c2lkZSBVUzETMBEGA1UEBxMKRXZlcnl3aGVyZTEOMAwGA1UEChMFT0NPU0ExPDA6BgNVBAsTM09mZmljZSBmb3IgQ29tcGxpY2F0aW9uIG9mIE90aGVyd2lzZSBTaW1wbGUgQWZmYWlyczEjMCEGA1UEAxMadWJ1bnR1ODA0LWJhc2UubG9jYWxkb21haW4xLjAsBgkqhkiG9w0BCQEWH3Jvb3RAdWJ1bnR1ODA0LWJhc2UubG9jYWxkb21haW4wHhcNMTAwMzE3MTQwNzQ1WhcNMTAwNDE2MTQwNzQ1WjCB8TELMAkGA1UEBhMCWFgxKjAoBgNVBAgTIVRoZXJlIGlzIG5vIHN1Y2ggdGhpbmcgb3V0c2lkZSBVUzETMBEGA1UEBxMKRXZlcnl3aGVyZTEOMAwGA1UEChMFT0NPU0ExPDA6BgNVBAsTM09mZmljZSBmb3IgQ29tcGxpY2F0aW9uIG9mIE90aGVyd2lzZSBTaW1wbGUgQWZmYWlyczEjMCEGA1UEAxMadWJ1bnR1ODA0LWJhc2UubG9jYWxkb21haW4xLjAsBgkqhkiG9w0BCQEWH3Jvb3RAdWJ1bnR1ODA0LWJhc2UubG9jYWxkb21haW4wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANa0EzYzmpVxexvefIN12nGxPKl//q1kG3fpT66+ytT4y++uu0N5JHP/POWeO238yLGs+kxNXptMmVQL16hKULqp3h0f9ORrAqP0a0XNTK+NiWIzj2W7NmGfxCxzwU4uoKgUTphwRmG70bkx34yZ7nVreTxAoK6XAJCd3JkNM6S1AgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAkqS0uBRVYyVRSgvDKiLPOvgXagzPZqqnZS9Ibc3jPlyfd2zURFQfHoRPjtSN3awtiAkhqNpWLKkFPEloNRl1DNpTI4iIGS10JsEiZe4RaINqU0qcJ8ugtOmNKQyyPBhcZ8xTph4w0Komex6uQLkpAWwuvKIZlHwVbo0wOPbKLnU=SSLDetails:E7A7FA0D63E457C7C4A59B38B70849C6A70BDA6F830C7AF1E32DEE436DE813CCissuer:1.2.840.113549.1.9.1=#726F6F74407562756E74753830342D626173652E6C6F63616C646F6D61696E,CN=ubuntu804-base.localdomain,OU=Office for Complication of Otherwise Simple Affairs,O=OCOSA,L=Everywhere,ST=There is no such thing outside US,C=XX|serial:00FAF93A4C7FB6B9CC|notBefore:20100317T140745|notAfter:20100416T140745SSLInfo25::E7A7FA0D63E457C7C4A59B38B70849C6A70BDA6F830C7AF1E32DEE436DE813CCSSLInfo5432::E7A7FA0D63E457C7C4A59B38B70849C6A70BDA6F830C7AF1E32DEE436DE813CCEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNServices8009,tcp,ajp13EXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNcpe:/a:proftpd:proftpd:1.3.12121/tcpAppcpe:/a:proftpd:proftpd:1.3.1EXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNcpe:/a:apache:http_server:2.2.880/tcpAppcpe:/a:apache:http_server:2.2.8EXIT_CODEEXIT_NOTVULNscanned_with_scanner8.0.3scanned_with_feedversion201711171027scanned_with_feedtypeGreenbone Community FeedEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNServices5900,tcp,vnc,A VNC server seems to be running on this port.
The version of the VNC protocol is : RFB 003.003
EXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNcpe:/a:isc:bind:9.4.253/tcpAppcpe:/a:isc:bind:9.4.2EXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNServices1099,tcp,rmi_registryEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNtraceroute192.168.222.133,192.168.222.131EXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNcpe:/a:postfix:postfix25/tcpAppcpe:/a:postfix:postfixEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNcpe:/a:php:php:5.2.4tcp/80Appcpe:/a:php:php:5.2.4EXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNServices8787,tcp,drb,A Distributed Ruby (dRuby/DRb) service seems to be running on this port.EXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNAppcpe:/a:phpmyadmin:phpmyadmin:3.1.1cpe:/a:phpmyadmin:phpmyadmin:3.1.1/phpMyAdminEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNServices3632,tcp,distccEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNServices512,tcp,execServices514,tcp,tcpwrappedServices6667,tcp,ircServices513,tcp,loginServices1524,tcp,shellEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNOScpe:/o:linux:kernelOSLinux KernelEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNAppcpe:/a:mysql:mysql:5.0.51acpe:/a:mysql:mysql:5.0.51a3306/tcpServices3306,tcp,mysqlEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNOScpe:/o:linux:linux_kernel:2.6OSLinux 2.6.9 - 2.6.33EXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNTLS/25SSLv3TLS/25TLSv1.0TLS/25SSLv2TLS/port5432TLS/port25TLS/5432SSLv3TLS/5432TLSv1.0EXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNServices139,tcp,smbServices445,tcp,cifsEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNServices111,tcp,rpc-portmapEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNcpe:/a:postgresql:postgresql:8.3.15432/tcpAppcpe:/a:postgresql:postgresql:8.3.1Services5432,tcp,postgresqlEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNtcp_ports80,3632,5900,8009,8787,6667,445,111,2049,21,6000,22,23,512,513,514,25,1099,3306,2121,139,1524,5432,53ports80,3632,5900,8009,8787,6667,445,111,2049,21,6000,22,23,512,513,514,25,1099,3306,2121,139,1524,5432,53EXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNOScpe:/o:canonical:ubuntu_linuxOSUbuntuEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNcpe:/a:beasts:vsftpd:2.3.421/tcpAppcpe:/a:beasts:vsftpd:2.3.4EXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNServices512,tcp,rexec,A rexec service seems to be running on this port.EXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNAppcpe:/a:twiki:twiki:01.Feb.2003cpe:/a:twiki:twiki:01.Feb.2003/twiki/bincpe:/a:tiki:tikiwiki_cms/groupware:1.9.5/tikiwikiAppcpe:/a:tiki:tikiwiki_cms/groupware:1.9.5EXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNMAC00:0C:29:FA:DD:2AEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNcpe:/a:openbsd:openssh:4.7p122/tcpAppcpe:/a:openbsd:openssh:4.7p1Services22,tcp,ssh,Detected SSH server version: SSH-2.0-OpenSSH_4.7p1 Debian-8ubuntu1
Remote SSH supported authentication: password,publickey
Remote SSH banner:
(not available)
CPE: cpe:/a:openbsd:openssh:4.7p1
Concluded from remote connection attempt with credentials:
Login: VulnScan
Password: VulnScan
EXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNServices53,tcp,domain,The remote DNS server banner is:
9.4.2Services48778,tcp,RPC/statusServices2049,tcp,RPC/nfsServices43519,tcp,RPC/nlockmgrServices111,tcp,RPC/portmapperServices45636,tcp,RPC/mountdEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNOScpe:/o:canonical:ubuntu_linuxOSUbuntuEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNcpe:/a:x.org:x11:11.06000/tcpAppcpe:/a:x.org:x11:11.0Services6000,tcp,X11EXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNAuth-SMB-SuccessProtocol SMB, Port 445, User EXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNOScpe:/o:debian:debian_linuxOScpe:/o:linux:kernelOSDebian GNU/LinuxOSLinux/UnixEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNOScpe:/o:canonical:ubuntu_linuxOSUbuntuEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNOScpe:/o:debian:debian_linuxOSDebian GNU/Linuxcpe:/a:samba:samba:3.0.20445/tcpAppcpe:/a:samba:samba:3.0.20EXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNOSUbuntu 8.04OScpe:/o:canonical:ubuntu_linux:8.04EXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNEXIT_CODEEXIT_NOTVULNbest_os_cpecpe:/o:canonical:ubuntu_linux:8.04best_os_txtUbuntu 8.042018-02-19T19:37:05Z192.168.222.1312018-02-19T19:51:38Z192.168.222.1312018-02-19T19:51:39Z0