[funsec] Cryptome: Server Comms Reporting for Research Effort gov.pk
Juha-Matti Laurio
juha-matti.laurio at netti.fi
Wed Dec 5 16:00:01 CST 2007
It is not know if this information was collected with scripts or manually via Netcraft-type databases.
Example data:
--clip--
www.academy.gov.pk 67.18.34.220
SERVER IP: 67.18.34.220
PORT/PROTOCOL: 80/tcp
TYPE: NOTE
- A web server is running on this port : Server: Microsoft-IIS/6.0
- The remote host is running a Microsoft IIS webserver
SERVER IP: 67.18.34.220
PORT/PROTOCOL: 80/tcp
TYPE: REPORT
Synopsis : The remote host is vulnerable to multiple attack vectors The remote host is running PHP less than 5.2.0. This version is vulnerable to around 180 bugs. An attacker, exploiting these flaws, would be able to impact Confidentiality, Integrity, and Availability. CVSS Base Score : 7.5 CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P Solution : Upgrade to PHP 4.4.5, 5.2.1 or newer See also : http://www.php.net/ChangeLog-5.php#5.2.1
CVE :....
--clip--
Link:
http://cryptome.org/gov-pk.htm
- Juha-Matti
More information about the funsec
mailing list