Re: Cryptome: Server Comms Reporting for Research Effort gov.pk

["Dude VanWinkle" <dudevanwinkle () gmail com>]

On Dec 5, 2007 5:00 PM, Juha-Matti Laurio <juha-matti.laurio () netti fi> wrote:
> It is not know if this information was collected with scripts or manually via Netcraft-type databases.

Looks like Nessus output to me.

So someone portscanned Pakistan.gov?  Okie dokie..

-JP

> Example data:
> --clip--
> www.academy.gov.pk      67.18.34.220
>         SERVER IP: 67.18.34.220
> PORT/PROTOCOL: 80/tcp
> TYPE: NOTE
> - A web server is running on this port : Server: Microsoft-IIS/6.0
> - The remote host is running a Microsoft IIS webserver
>
> SERVER IP: 67.18.34.220
> PORT/PROTOCOL: 80/tcp
> TYPE: REPORT
> Synopsis : The remote host is vulnerable to multiple attack vectors The remote host is running PHP less than 5.2.0. 
> This version is vulnerable to around 180 bugs. An attacker, exploiting these flaws, would be able to impact 
> Confidentiality, Integrity, and Availability. CVSS Base Score : 7.5 CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P Solution : 
> Upgrade to PHP 4.4.5, 5.2.1 or newer See also : http://www.php.net/ChangeLog-5.php#5.2.1
> CVE :....
> --clip--
>
> Link:
> http://cryptome.org/gov-pk.htm
>
> - Juha-Matti
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.