funsec mailing list archives
Re: Cryptome: Server Comms Reporting for Research Effort gov.pk
From: "Dude VanWinkle" <dudevanwinkle () gmail com>
Date: Wed, 5 Dec 2007 21:28:31 -0500
On Dec 5, 2007 5:00 PM, Juha-Matti Laurio <juha-matti.laurio () netti fi> wrote:
It is not know if this information was collected with scripts or manually via Netcraft-type databases.
Looks like Nessus output to me. So someone portscanned Pakistan.gov? Okie dokie.. -JP
Example data: --clip-- www.academy.gov.pk 67.18.34.220 SERVER IP: 67.18.34.220 PORT/PROTOCOL: 80/tcp TYPE: NOTE - A web server is running on this port : Server: Microsoft-IIS/6.0 - The remote host is running a Microsoft IIS webserver SERVER IP: 67.18.34.220 PORT/PROTOCOL: 80/tcp TYPE: REPORT Synopsis : The remote host is vulnerable to multiple attack vectors The remote host is running PHP less than 5.2.0. This version is vulnerable to around 180 bugs. An attacker, exploiting these flaws, would be able to impact Confidentiality, Integrity, and Availability. CVSS Base Score : 7.5 CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P Solution : Upgrade to PHP 4.4.5, 5.2.1 or newer See also : http://www.php.net/ChangeLog-5.php#5.2.1 CVE :.... --clip-- Link: http://cryptome.org/gov-pk.htm - Juha-Matti _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Cryptome: Server Comms Reporting for Research Effort gov.pk Juha-Matti Laurio (Dec 05)
- Re: Cryptome: Server Comms Reporting for Research Effort gov.pk Dude VanWinkle (Dec 05)
- Re: Cryptome: Server Comms Reporting for Research Effort gov.pk George A. Theall (Dec 06)
- Re: Cryptome: Server Comms Reporting for Research Effort gov.pk Eduardo Tongson (Dec 06)
- Re: Cryptome: Server Comms Reporting for Research Effort gov.pk George A. Theall (Dec 06)
- Re: Cryptome: Server Comms Reporting for Research Effort gov.pk Dude VanWinkle (Dec 05)