139.162.28.46
{
"scan_id": 1752993643,
"ip": "139.162.28.46",
"is_ipv4": true,
"is_ipv6": false,
"location": {
"network": "139.162.0.0/18",
"postal_code": "17",
"coordinates": {
"latitude": "1.2872",
"longitude": "103.8507"
},
"geo_point": "1.2872, 103.8507",
"locale_code": "en",
"continent": "Asia",
"country_code": "SG",
"country_name": "Singapore",
"city": "Singapore"
},
"location_updated_at": "2025-07-19T00:41:29Z",
"asn": {
"number": "AS63949",
"organization": "Akamai Connected Cloud",
"country_code": ""
},
"asn_updated_at": "0001-01-01T00:00:00Z",
"whois": {
"network": "",
"organization": "",
"descr": "",
"_encoding": {
"raw": ""
}
},
"whois_updated_at": "0001-01-01T00:00:00Z",
"tags": [
{
"name": "is_anonymous_proxy",
"pretty_name": "Anonymous Proxy",
"value": false,
"last_updated_at": "2025-07-19T00:41:29Z"
},
{
"name": "is_cdn",
"pretty_name": "CDN",
"value": false,
"last_updated_at": "2025-07-19T05:44:27Z"
},
{
"name": "is_satellite_provider",
"pretty_name": "Satellite Provider",
"value": false,
"last_updated_at": "2025-07-19T00:41:29Z"
}
],
"hostnames": [
{
"name": "139-162-28-46.ip.linodeusercontent.com",
"last_updated_at": "2025-07-21T19:13:40.503587735Z"
}
],
"services": [
{
"port": 21,
"protocol": "tcp",
"name": "ftp",
"version": "2.3.4",
"product": "vsftpd",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:vsftpd:vsftpd:2.3.4",
"part": "a",
"vendor": "vsftpd",
"product": "vsftpd",
"version": "2\\.3\\.4",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"ftp": {
"banner": "220 Xlight FTP Server 3.6.5 ready\r\n"
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "878F3D1E4D48F833A9E21DD5FED089C7",
"fingerprint_sha1": "AC90F7B3AAA9B7832100097FB00F0A42AB75D183",
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"jarm": "00000000000000000000000000000000000000000000000000000000000000",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "5291970371735989126",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "95c121aeddb483f62a7f51223e221a320739b415705845b7533692c5887f2d42",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "5f65c3d8ee86122b928253654eaeed01f3745062026fcda182dbf712d619b795",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:09:38",
"not_before": "2025-07-11T08:09:38"
},
"version": 2
},
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-16T16:13:00.6Z"
},
{
"port": 22,
"protocol": "tcp",
"name": "ssh",
"version": "",
"product": "Golang x/crypto/ssh server",
"extra_info": "protocol 2.0",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:golang:go",
"part": "a",
"vendor": "golang",
"product": "go",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"ssh": {
"banner": "SSH-2.0-ROSSSH",
"client_to_server_ciphers": [
"[email protected]",
"[email protected]",
"[email protected]",
"aes128-ctr",
"aes192-ctr",
"aes256-ctr"
],
"client_to_server_compression": [
"none"
],
"client_to_server_macs": [
"[email protected]",
"[email protected]",
"hmac-sha2-256",
"hmac-sha2-512",
"hmac-sha1",
"hmac-sha1-96"
],
"host_key_algorithms": [
"rsa-sha2-256",
"rsa-sha2-512",
"ssh-rsa"
],
"kex_algorithms": [
"curve25519-sha256",
"[email protected]",
"ecdh-sha2-nistp256",
"ecdh-sha2-nistp384",
"ecdh-sha2-nistp521",
"diffie-hellman-group14-sha256",
"diffie-hellman-group14-sha1",
"[email protected]"
],
"key": {
"algorithm": "ssh-rsa",
"fingerprint_sha256": "aa118e66e5219ef99ba19775b7d6d1823a9ff21e7b7c4b3ed71a64b443e6b0e1"
},
"server_to_client_ciphers": [
"[email protected]",
"[email protected]",
"[email protected]",
"aes128-ctr",
"aes192-ctr",
"aes256-ctr"
],
"server_to_client_compression": [
"none"
],
"server_to_client_macs": [
"[email protected]",
"[email protected]",
"hmac-sha2-256",
"hmac-sha2-512",
"hmac-sha1",
"hmac-sha1-96"
],
"software": "ROSSSH",
"version": "2.0"
}
},
"cve": [
{
"id": "CVE-2023-24532",
"severity": "medium"
}
],
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-16T17:44:29.494Z"
},
{
"port": 23,
"protocol": "tcp",
"name": "telnet",
"version": "",
"product": "Cowrie Honeypot telnetd",
"extra_info": "",
"tunnel": "",
"modules": {
"telnet": {
"banner": "(none) login: "
}
},
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-21T01:37:00.594Z"
},
{
"port": 25,
"protocol": "tcp",
"name": "smtp",
"version": "8.14.7/8.14.7",
"product": "Sendmail",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:sendmail:sendmail:8.14.7%2F8.14.7",
"part": "a",
"vendor": "sendmail",
"product": "sendmail",
"version": "8\\.14\\.7\\/8\\.14\\.7",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"smtp": {
"banner": "220 www.oowoo.cc ESMTP cbdev cmail smtpd; 1753002767352@a2b80c4db2958d7cbebdcf2793a6e7d0-8dcb74a64dc984fb9abe3e7c201f810d9ec90ed8e4cc75c638be87f8f9df240d27== xsm\r\n"
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "878F3D1E4D48F833A9E21DD5FED089C7",
"fingerprint_sha1": "AC90F7B3AAA9B7832100097FB00F0A42AB75D183",
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"jarm": "00000000000000000000000000000000000000000000000000000000000000",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "5291970371735989126",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "95c121aeddb483f62a7f51223e221a320739b415705845b7533692c5887f2d42",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "5f65c3d8ee86122b928253654eaeed01f3745062026fcda182dbf712d619b795",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:09:38",
"not_before": "2025-07-11T08:09:38"
},
"version": 2
},
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-20T12:51:07.804Z"
},
{
"port": 80,
"protocol": "tcp",
"name": "http",
"version": "v4.30.1161 (release)",
"product": "Tracer SC",
"extra_info": "Asterisk 15.7.4",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:sangoma:freepbx:14.0.17",
"part": "a",
"vendor": "sangoma",
"product": "freepbx",
"version": "14\\.0\\.17",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": 849963666,
"body_sha256": "c173d29510f1cc21272895197902b5c5693cd48b002054739b636455c094eab0",
"component": [
"Python",
"Ruby",
"PHP",
"Liveinternet",
"CFML",
"AngularJS",
"MySQL",
"Adobe ColdFusion",
"SPIP:4.1.11",
"BEM",
"WordPress",
"Django",
"Ruby on Rails"
],
"content_length": 146359,
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"146359"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Sun, 20 Jul 2025 13:05:48 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"bfe/1.0.8.18"
],
"set_cookie": [
"webvpnlogin=; path=/; secure;",
"SID=hBc7TxF76ERhvIw0jQQ4LZ7Z1jQUV0tQ; path=/;",
"session820/qualitor820=2ek44merar6fo67l01hdr09u0l; path=/; HttpOnly; SameSite=Lax",
"acSamlv2Error=; path=/; secure;",
"zbx_session=eyJzZXNzaW9uaWQiOiI1MDU2ZTlkYTFmZjkxZDAyMGEwMGEwMzhjNTliY2I2OCIsInNpZ24iOiJiMDVjNDJjNzQ4Y2IzZGRkNjExMWE4NDVhMDJhOWMxMWE5ODVjYTZmNDRhY2QxY2I3MjA5ZjIxZmExMDg3YjQ5In0%3D; secure; HttpOnly",
"wordpress_logged_in_7400f7aab75991b599187e939d89d69c=admin%7C1737500088%7CGAmx1zdDUU%7Cbf7a880; path=/; HttpOnly",
"fsm_login=37dfe4372f3867d7c134d618cbef137b; Path=/;",
"F5_ST=2f2f1f1665754014a-1; path=/",
"MRHSHint=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/",
"laravel_session=a0ffeb;",
"MoodleSession=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"loginName=admin",
"CLIENT_ID=7214",
"NSC_VPNERR=4007",
"zbx_sessionid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"trsidsssosessionid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"DSSignInURL=/; path=/; secure;",
"sessionNonceCookie-91c537b4-8e24-3455-8f0c-225b8fcc3641=16a09f29-a4ff-4be2-b4a5-913c7880d677; Max-Age=4800; Expires=Thu, 01-Jan-1970 00:00:01 GMT; Path=/; Secure; HttpOnly; SameSite=None"
],
"unknown": [
{
"key": "x_sucuri_id",
"value": [
"67"
]
},
{
"key": "access_control_expose_headers",
"value": [
"mcp-session-id"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_bubble_perf",
"value": [
"/"
]
},
{
"key": "x_turbo_charged_by",
"value": [
"LiteSpeed"
]
},
{
"key": "x_ibm_aspera",
"value": [
"af"
]
},
{
"key": "x_mod_pagespeed",
"value": [
"1.13.35.2-0"
]
},
{
"key": "host_header",
"value": [
"6d77dd967d63c3104bced1db0cace49c"
]
},
{
"key": "loginip",
"value": [
"46.101.198.27"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_fb_error_from",
"value": [
"fwdproxy"
]
},
{
"key": "x_cache_enabled",
"value": [
"False"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_fsc",
"value": [
"=deleteMe|rememberMe= 360wzws|CWAP-waf|zhuji.360.cn|X-Safe-Firewall AkamaiGHost Anquanbao Basic realm=\"dubbo\" BigIP|BIGipServer binarysec BlockDos.net client_param=install_active cloudflare cloudfront Cneonction|nnCoection|citrix_ns_id dotDefender ecology_JSessionid EMobileServer 华夏ERP JBoss jsluid= laravel_session linksys-vpn Mod_Security|NOYB Nagios Access nagios admin newdefend NSFocus Protected by COMODO Safe3WAF|Safe3 Web Firewall Safedog|WAF/2.0 Secure Entry Server sessioncookie= SonicWALL Sucuri/Cloudproxy ThinkPHP varnish wallarm WebKnight WebLogic webvpn X-Backside-Transport X-CDN|Incapsula X-Confluence X-Mapping- YUNDUN yunjiasu yunsuo zhuji.360.cn"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_amz_cf_id",
"value": [
"abd"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_cdn",
"value": [
"Incapsula"
]
},
{
"key": "x_adblock_key",
"value": [
"YQo="
]
},
{
"key": "x_alternate_cache_key",
"value": [
"cacheable:ba92b39be043e3c90d2fd075057dd3e5"
]
},
{
"key": "x_chromelogger_data",
"value": [
"13"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_dynatrace_js_agent",
"value": [
"ch"
]
}
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Next.js"
],
"x_ua_compatible": [
"IE=EmulateIE7"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "1NVR8P4KP8"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [
"_internal",
"web_database"
],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "878F3D1E4D48F833A9E21DD5FED089C7",
"fingerprint_sha1": "AC90F7B3AAA9B7832100097FB00F0A42AB75D183",
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "5291970371735989126",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "95c121aeddb483f62a7f51223e221a320739b415705845b7533692c5887f2d42",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "5f65c3d8ee86122b928253654eaeed01f3745062026fcda182dbf712d619b795",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:09:38",
"not_before": "2025-07-11T08:09:38"
},
"version": 2
},
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"cve": [
{
"id": "CVE-2018-15891",
"severity": "medium"
},
{
"id": "CVE-2019-19538",
"severity": "high"
},
{
"id": "CVE-2019-19851",
"severity": "medium"
}
],
"url": "https://139.162.28.46:80/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-20T16:27:08.73Z"
},
{
"port": 110,
"protocol": "tcp",
"name": "http",
"version": "",
"product": "",
"extra_info": "",
"tunnel": "",
"modules": {
"pop3": {
"banner": "+OK MailEnable Service, Version: 10.34 ready. <1753071089877@a2b80c4db2958d7cbebdcf2793a6e7d0-8dcb74a64dc984fb9abe3e7c201f810d9ec90ed8e4cf77c638be85f8f7db240824==>\r\n"
}
},
"url": "http://139.162.28.46:110/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-21T04:11:30.152Z"
},
{
"port": 143,
"protocol": "tcp",
"name": "http",
"version": "",
"product": "lighttpd",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:lighttpd:lighttpd",
"part": "a",
"vendor": "lighttpd",
"product": "lighttpd",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": 147983620,
"body_sha256": "d2373b39811161e9716d6f882f3b4745ef6ac3c2b486378c3d3cbc331598b45d",
"component": [
"Liveinternet",
"WordPress",
"SPIP:4.1.11",
"Adobe ColdFusion",
"BEM",
"Python",
"Ruby on Rails",
"AngularJS",
"MySQL",
"CFML",
"PHP",
"Django",
"Ruby"
],
"content_length": 146362,
"favicon": {
"md5_hash": "b89adb697c786ef4c9553d2caf9fc409",
"murmur_hash": -17306567,
"path": "http://139.162.28.46:143/favicon.ico",
"size": 827
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"146362"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Sun, 20 Jul 2025 03:18:01 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"mHttp 0.1.6296.32466"
],
"set_cookie": [
"acSamlv2Token=; path=/; secure;",
"roundcube_sessauth=expired; HttpOnly; domain=cpanel.custompoodles.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095",
"PHPSESSID=n91i168jps8rd856bcrln2isqe; path=/",
"zbx_sessionid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"openvpn_sess_H8jh9h5ZIWc4UupqRJqPcoH8cBuTGY4w8bl3_UBvts1XPiItuVQMxvAvN8y5RBLbLlezh0Zm2xKpNmMwSCcvTw=CMvHtVV0n6DjvP5c--JgEWS3QsIcjzA5-zwezOq1K0Vzs2WaMh_YR2h7HJIZppxqLTaCrhNv3uTg4yl2X4dMPw; Expires=Thu, 01-Jan-1970 00:00:01; Path=/; Secure; HttpOnly",
"ASPSESSIONIDSSCDTDBS=n811avhi2gnvn1mlvv7572hkc; path=/; zfoausername=admin; HttpOnly",
"F5_ST=2f2f1f1665754014a-1; path=/",
"did=A67B8F9C;",
"webvpnlogin=; path=/; secure;",
"SDPSESSIONID=AE7F18F5CE887FC885E5A1AE449D9AC1; Path=/; Secure; HttpOnly; SameSite=None;",
"jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c; path=/",
"clickedItem_tab=1; asus_token=iDOPsFa54IUYb4alEFeOP4vjZrgspDD; clock_type=1; bw_rtab=INTERNET; ASUS_TrafficMonitor_unit=1",
"SID=hBc7TxF76ERhvIw0jQQ4LZ7Z1jQUV0tQ; path=/;",
"MRHSHint=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/",
"grafana_session_expiry=1990089920; Path=/; Max-Age=2592000; SameSite=Lax",
"zentaosid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"CLIENT_ID=7214",
"SUPPORTCHROMEOS=1; path=/; secure;"
],
"unknown": [
{
"key": "x_drupal_cache",
"value": [
"HIT"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_tractor_stun",
"value": [
"4"
]
},
{
"key": "x_cache_enabled",
"value": [
"False"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_fastly_request_id",
"value": [
"135"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_dc",
"value": [
"gcp-us-east1,gcp-us-central1,gcp-us-central1"
]
},
{
"key": "x_backside_transport",
"value": [
"FAIL FAIL"
]
},
{
"key": "x_bubble_perf",
"value": [
"/"
]
},
{
"key": "x_mod_pagespeed",
"value": [
"1.13.35.2-0"
]
},
{
"key": "loginip",
"value": [
"206.81.22.187"
]
},
{
"key": "x_highwire_sessionid",
"value": [
"aaefbbcd"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "mime_version",
"value": [
"1.0"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_citrix_application",
"value": [
"Receiver for Web"
]
},
{
"key": "x_pingback",
"value": [
"https://example.com/xmlrpc.php"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
}
],
"vary": [
"RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Router-Segment-Prefetch, Accept-Encoding"
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Tomcat"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "HUAWEI ESPACE"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [
"_internal",
"web_database"
],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "878F3D1E4D48F833A9E21DD5FED089C7",
"fingerprint_sha1": "AC90F7B3AAA9B7832100097FB00F0A42AB75D183",
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "5291970371735989126",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "95c121aeddb483f62a7f51223e221a320739b415705845b7533692c5887f2d42",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "5f65c3d8ee86122b928253654eaeed01f3745062026fcda182dbf712d619b795",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:09:38",
"not_before": "2025-07-11T08:09:38"
},
"version": 2
},
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"url": "https://139.162.28.46:143/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-20T03:31:55.106Z"
},
{
"port": 443,
"protocol": "tcp",
"name": "http",
"version": "v4.30.1161 (release)",
"product": "Tracer SC",
"extra_info": "",
"tunnel": "ssl",
"softwares": [
{
"uri": "cpe:/a:influxdata:influxdb:2.7.5",
"part": "a",
"vendor": "influxdata",
"product": "influxdb",
"version": "2\\.7\\.5",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": -380496851,
"body_sha256": "06cf4ca1c5903842962048183f2377dc0d64a5140fb0ad3583cef8370be3653d",
"component": [
"WordPress",
"PHP",
"Liveinternet",
"CFML",
"Ruby on Rails",
"SPIP:4.1.11",
"Amazon CloudFront",
"MySQL",
"BEM",
"AngularJS",
"Django",
"Adobe ColdFusion",
"Amazon Web Services",
"Python",
"Ruby"
],
"content_length": 146363,
"favicon": {
"md5_hash": "b6f91b5f9cedd010741cf953500cf710",
"murmur_hash": -452848264,
"path": "http://139.162.28.46:443/favicon.ico",
"size": 4286
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"146363"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Sat, 19 Jul 2025 23:22:40 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"Web server"
],
"set_cookie": [
"UID=7400f7aab75991b599187e939d89d69c",
"clickedItem_tab=1; asus_token=iDOPsFa54IUYb4alEFeOP4vjZrgspDD; clock_type=1; bw_rtab=INTERNET; ASUS_TrafficMonitor_unit=1",
"session=eyJsb2NhbGUiOiJlbiJ9.ZZ4C4A.Yts__-iv6tJYDJFDwkciSG_z7M4; HttpOnly; Path=/;",
"Session=10.76.118.67.ff37fe7ceeca9a0ebedcf6549e8275d9; path=/",
"zbx_session=eyJzZXNzaW9uaWQiOiI1MDU2ZTlkYTFmZjkxZDAyMGEwMGEwMzhjNTliY2I2OCIsInNpZ24iOiJiMDVjNDJjNzQ4Y2IzZGRkNjExMWE4NDVhMDJhOWMxMWE5ODVjYTZmNDRhY2QxY2I3MjA5ZjIxZmExMDg3YjQ5In0%3D; secure; HttpOnly",
"cval=f337; path=/; splunkweb_csrf_token_8000=0011;",
"MRHSHint=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/",
"DSIVS=; path=/; expires=Thu, 01 Jan 1970 22:00:00 GMT; secure;",
"webvpnlogin=; path=/; secure;",
"ASPSESSIONIDQCSASBTR=HLDNOCJAHHEGLOAADJAGCLLB; path=/",
"NSC_VPNERR=4007",
"XXL_JOB_LOGIN_IDENTITY=7b226964223a312c227; Max-Age=2147483647; Expires=Thu, 01-Jan-1970 00:00:01; Path=/; HttpOnly;",
"NSC_AAAC=a29d421feecf680a560a4c47b269b38ea29d421feecf680a560a4c47b269b38ea; path=/;",
"SUPPORTCHROMEOS=1; path=/; secure;",
"TRACKID=111d130c363c6795f9897e3368d2926e; Path=/; Version=1;",
"rememberMe=deleteMe; path=/;",
"trsidsssosessionid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"zentaosid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly"
],
"unknown": [
{
"key": "x_redirect_by",
"value": [
"WordPress"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "mime_version",
"value": [
"1.0"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_nextjs_prerender",
"value": [
"1"
]
},
{
"key": "x_ac",
"value": [
"3.bur _bur"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_fastly_request_id",
"value": [
"ed15bdb8f4d9179ebe5b6b8441d6148a4a8e213f"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_backside_transport",
"value": [
"FAIL FAIL"
]
},
{
"key": "x_amz_cf_id",
"value": [
"abd"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "teamcity_node_id",
"value": [
"MAIN_SERVER"
]
},
{
"key": "x_mod_pagespeed",
"value": [
"1.13.35.2-0"
]
},
{
"key": "x_kooboocms_version",
"value": [
"23"
]
},
{
"key": "loginip",
"value": [
"167.172.162.199"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_aspnet_version",
"value": [
"4.0.30319"
]
},
{
"key": "x_citrix_application",
"value": [
"Receiver for Web"
]
},
{
"key": "x_nginx_cache_status",
"value": [
"MISS"
]
},
{
"key": "x_fastcgi_cache",
"value": [
"2"
]
},
{
"key": "x_ne_tf",
"value": [
"5"
]
}
],
"vary": [
"RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Router-Segment-Prefetch, Accept-Encoding"
],
"via": [
"1.1 51766bfb56389c696c1525db90e16f23.cloudfront.net (CloudFront)"
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Zend Core"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "IPDoor"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "878F3D1E4D48F833A9E21DD5FED089C7",
"fingerprint_sha1": "AC90F7B3AAA9B7832100097FB00F0A42AB75D183",
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "5291970371735989126",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "95c121aeddb483f62a7f51223e221a320739b415705845b7533692c5887f2d42",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "5f65c3d8ee86122b928253654eaeed01f3745062026fcda182dbf712d619b795",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:09:38",
"not_before": "2025-07-11T08:09:38"
},
"version": 2
},
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"url": "https://139.162.28.46/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-20T02:03:03.868Z"
},
{
"port": 445,
"protocol": "tcp",
"name": "http",
"version": "0.0.0",
"product": "Mbedthis-Appweb",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:mbedthis:appweb:0.0.0",
"part": "a",
"vendor": "mbedthis",
"product": "appweb",
"version": "0\\.0\\.0",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": -742173945,
"body_sha256": "41fb5afe0b97e9a931223bb194aade3ea20b0cb23f1b86975c7730403826081b",
"component": [
"CFML",
"Liveinternet",
"AngularJS",
"BEM",
"SPIP:4.1.11",
"Python",
"PHP",
"Adobe ColdFusion",
"Ruby",
"Apache HTTP Server",
"MySQL",
"Ruby on Rails",
"Django",
"WordPress"
],
"content_length": 146358,
"favicon": {
"md5_hash": "83ad768167a370db201db71c482fc9e8",
"murmur_hash": 2089307605,
"path": "http://139.162.28.46:445/favicon.ico",
"size": 6114
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"146358"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Sun, 20 Jul 2025 15:26:26 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"FN-Httpd 1.0 [HTTP/1.1]"
],
"set_cookie": [
"NSC_AAAC=a29d421feecf680a560a4c47b269b38ea29d421feecf680a560a4c47b269b38ea; path=/;",
"wordpress_7400f7aab75991b599187e939d89d69c=admin%7C1737500088%7CGAmx1zdDUU%7C70307dfb; path=/wp-admin; HttpOnly",
"acSamlv2Token=; path=/; secure;",
"zentaosid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"Session=10.76.118.67.ff37fe7ceeca9a0ebedcf6549e8275d9; path=/",
"jeesite.session.id=n811avhi2gnvn1mlvv7572hkc; path=/; i_like_gogs=; i_like_gitea=; harbor-lang=; atmail6=; a=phpMyAdmin; b=/pma_lang; HttpOnly",
"SID=hBc7TxF76ERhvIw0jQQ4LZ7Z1jQUV0tQ; path=/;",
"sessionid=24263a2bf; webvpnLang=webvpnLang; webvpn=; webvpncontext=00000@SSLContext; path=/;",
"roundcube_sessauth=expired; HttpOnly; domain=cpanel.custompoodles.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095",
"jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c; path=/",
"csrf=8t9ADqIogbjKRK6; Path=/; HttpOnly;",
"session=eyJsb2NhbGUiOiJlbiJ9.ZZ4C4A.Yts__-iv6tJYDJFDwkciSG_z7M4; HttpOnly; Path=/;",
"USGSESSID=ff37fe7ceeca9a0ebedcf6549e8275d9; path=/; HttpOnly",
"DSIVS=; path=/; expires=Thu, 01 Jan 1970 22:00:00 GMT; secure;",
"_indexVersion=2; path=/",
"id=A67B8F9C;",
"_csrf=ffd33fd2; path=/",
"CLIENT_ID=7214"
],
"unknown": [
{
"key": "x_azure_ref",
"value": [
"v23"
]
},
{
"key": "x_ibm_aspera",
"value": [
"af"
]
},
{
"key": "x_robots_tag",
"value": [
"none"
]
},
{
"key": "x_src_webcache",
"value": [
"fe05"
]
},
{
"key": "x_github_request_id",
"value": [
"2544:7F5D:24C5A8:296D36:5E2B2B7B"
]
},
{
"key": "x_pingback",
"value": [
"https://example.com/xmlrpc.php"
]
},
{
"key": "loginip",
"value": [
"164.92.197.28"
]
},
{
"key": "x_nextjs_prerender",
"value": [
"1"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_now_trace",
"value": [
"true"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_seen_by",
"value": [
"CtsEH7KQ5yf2LQM4TNLiEjUavO2mWjwAez9sPj8Ws5MUdPUz2A==,YQo=,YQo=,YQo=,YQo=,YQo=,YQo="
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_timer",
"value": [
"S1579233182.306174,VS0,VE0"
]
},
{
"key": "x_cache_miss_from",
"value": [
"parking-74c5b8d946-dhmw5"
]
},
{
"key": "x_cmd_response",
"value": [
"root"
]
},
{
"key": "x_lift_version",
"value": [
"89"
]
},
{
"key": "x_root",
"value": [
"root"
]
},
{
"key": "x_includable_version",
"value": [
"32"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_nananana",
"value": [
"Batcache"
]
},
{
"key": "x_nextjs_stale_time",
"value": [
"4294967294"
]
},
{
"key": "x_chromelogger_data",
"value": [
"13"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_redirect_by",
"value": [
"WordPress"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
}
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Servlet"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "TnT-102GE"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [
"_internal",
"web_database"
],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "878F3D1E4D48F833A9E21DD5FED089C7",
"fingerprint_sha1": "AC90F7B3AAA9B7832100097FB00F0A42AB75D183",
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "5291970371735989126",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "95c121aeddb483f62a7f51223e221a320739b415705845b7533692c5887f2d42",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "5f65c3d8ee86122b928253654eaeed01f3745062026fcda182dbf712d619b795",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:09:38",
"not_before": "2025-07-11T08:09:38"
},
"version": 2
},
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"url": "https://139.162.28.46:445/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-20T16:28:23.81Z"
},
{
"port": 465,
"protocol": "tcp",
"name": "smtp",
"version": "8.14.7/8.14.7",
"product": "Sendmail",
"extra_info": "",
"tunnel": "ssl",
"softwares": [
{
"uri": "cpe:/a:sendmail:sendmail:8.14.7%2F8.14.7",
"part": "a",
"vendor": "sendmail",
"product": "sendmail",
"version": "8\\.14\\.7\\/8\\.14\\.7",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-21T11:56:52.142Z"
},
{
"port": 587,
"protocol": "tcp",
"name": "smtp",
"version": "8.14.7/8.14.7",
"product": "Sendmail",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:sendmail:sendmail:8.14.7%2F8.14.7",
"part": "a",
"vendor": "sendmail",
"product": "sendmail",
"version": "8\\.14\\.7\\/8\\.14\\.7",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"smtp": {
"banner": "220 www.oowoo.cc ESMTP roundcube; 1752681616871@a2b80c4db2958d7cbebdcf2793a6e7d0-8dcb74a64dc984fb9abe3e7c201f810d9ec90ed8e4ce72c633be9be7fedf240e21== xsm\r\n"
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "878F3D1E4D48F833A9E21DD5FED089C7",
"fingerprint_sha1": "AC90F7B3AAA9B7832100097FB00F0A42AB75D183",
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"jarm": "00000000000000000000000000000000000000000000000000000000000000",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "5291970371735989126",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "95c121aeddb483f62a7f51223e221a320739b415705845b7533692c5887f2d42",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "5f65c3d8ee86122b928253654eaeed01f3745062026fcda182dbf712d619b795",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:09:38",
"not_before": "2025-07-11T08:09:38"
},
"version": 2
},
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-16T16:39:26.081Z"
},
{
"port": 631,
"protocol": "tcp",
"name": "http",
"version": "2.2.0",
"product": "Apache httpd",
"extra_info": "(Unix) mod_ssl/2.2.0 OpenSSL/0.9.7g PHP/5.1.1",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:apache:http_server:2.2.0",
"part": "a",
"vendor": "apache",
"product": "http_server",
"version": "2\\.2\\.0",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": -460427781,
"body_sha256": "7a6fe9daa761b492f09dcde9f1685fb666833c8ce7d7364896bdd569f85b8fec",
"component": [
"AngularJS",
"EmbedThis Appweb:2.4.2",
"Liveinternet",
"BEM",
"PHP",
"Python",
"CFML",
"MySQL",
"SPIP:4.1.11",
"Adobe ColdFusion",
"WordPress",
"Django",
"Ruby on Rails",
"Ruby"
],
"content_length": 146363,
"favicon": {
"md5_hash": "1dcc55aa6f973801b0252f6304e6dc1c",
"murmur_hash": -1750461220,
"path": "http://139.162.28.46:631/favicon.ico",
"size": 6772
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"146363"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Sun, 20 Jul 2025 05:08:36 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"p3p": [
"policyref=\"/bitrix/p3p.xml\", CP=\"NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA\""
],
"pragma": [
"private"
],
"server": [
"Mbedthis-Appweb/2.4.2"
],
"set_cookie": [
"MISESSID=22363a2bf; path=/mi;",
"__s_sessionid__=hh5rq45u9srt079v063jkb8c13; path=/",
"webvpn_as=; path=/; secure;",
"MRHSHint=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/",
"NSC_AAAC=a29d421feecf680a560a4c47b269b38ea29d421feecf680a560a4c47b269b38ea; path=/;",
"ASPSESSIONIDQCSASBTR=HLDNOCJAHHEGLOAADJAGCLLB; path=/",
"NX-ANTI-CSRF-TOKEN=7400f7aab75991b599187e939d89d69c",
"swap=vFuUpy5thP2HBPenIBJZtmjQHvBP2UiSJNhstyNXrAs; path=/; secure; HttpOnly;",
"SDPSESSIONID=AE7F18F5CE887FC885E5A1AE449D9AC1; Path=/; Secure; HttpOnly; SameSite=None;",
"SOLONID=n91i168jps8rd856bcrln2isqe; path=/",
"sessionNonceCookie-91c537b4-8e24-3455-8f0c-225b8fcc3641=16a09f29-a4ff-4be2-b4a5-913c7880d677; Max-Age=4800; Expires=Thu, 01-Jan-1970 00:00:01 GMT; Path=/; Secure; HttpOnly; SameSite=None",
"grafana_session_expiry=1990089920; Path=/; Max-Age=2592000; SameSite=Lax",
"TRACKID=111d130c363c6795f9897e3368d2926e; Path=/; Version=1;",
"ASPSESSIONIDSSCDTDBS=n811avhi2gnvn1mlvv7572hkc; path=/; zfoausername=admin; HttpOnly",
"cval=f337; path=/; splunkweb_csrf_token_8000=0011;",
"UID=7400f7aab75991b599187e939d89d69c",
"fsm_u=admin; Path=/;",
"LastMRH_Session=ffd33fd2; path=/"
],
"unknown": [
{
"key": "access_control_expose_headers",
"value": [
"mcp-session-id"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_fw_server",
"value": [
"Flywheel"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "teamcity_node_id",
"value": [
"MAIN_SERVER"
]
},
{
"key": "x_ac",
"value": [
"3.bur _bur"
]
},
{
"key": "x_cache_hits",
"value": [
"0"
]
},
{
"key": "x_highwire_sessionid",
"value": [
"aaefbbcd"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_nextjs_prerender",
"value": [
"1"
]
},
{
"key": "x_tractor_stun",
"value": [
"4"
]
},
{
"key": "x_aspnet_version",
"value": [
"4.0.30319"
]
},
{
"key": "sec_websocket_accept",
"value": [
"MIGfMA0GCSq"
]
},
{
"key": "x_generator",
"value": [
"Drupal 7 (http://drupal.org)"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_dc",
"value": [
"gcp-us-east1,gcp-us-central1,gcp-us-central1"
]
},
{
"key": "x_mod_pagespeed",
"value": [
"1.13.35.2-0"
]
},
{
"key": "x_wix_request_id",
"value": [
"1579229867.6801399"
]
},
{
"key": "loginip",
"value": [
"164.92.168.207"
]
},
{
"key": "x_nginx_cache_status",
"value": [
"MISS"
]
},
{
"key": "x_varnish",
"value": [
"336777937"
]
}
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Craft CMS"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "Wookteam"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [
"_internal",
"web_database"
],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"ipp": {
"printer_uris": null,
"versions": null
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "878F3D1E4D48F833A9E21DD5FED089C7",
"fingerprint_sha1": "AC90F7B3AAA9B7832100097FB00F0A42AB75D183",
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "5291970371735989126",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "95c121aeddb483f62a7f51223e221a320739b415705845b7533692c5887f2d42",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "5f65c3d8ee86122b928253654eaeed01f3745062026fcda182dbf712d619b795",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:09:38",
"not_before": "2025-07-11T08:09:38"
},
"version": 2
},
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"cve": [
{
"id": "CVE-2006-20001",
"severity": "high"
},
{
"id": "CVE-2006-3747",
"severity": "high"
},
{
"id": "CVE-2006-5752",
"severity": "medium"
}
],
"url": "https://139.162.28.46:631/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-20T05:09:01.748Z"
},
{
"port": 993,
"protocol": "tcp",
"name": "http",
"version": "2.7.5",
"product": "InfluxDB http admin",
"extra_info": "",
"tunnel": "ssl",
"softwares": [
{
"uri": "cpe:/a:influxdata:influxdb:2.7.5",
"part": "a",
"vendor": "influxdata",
"product": "influxdb",
"version": "2\\.7\\.5",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": 1222905595,
"body_sha256": "0dc58104c69544b8b9eba659ea53b2a346a73c014ae5ad1a24141c9084e329a7",
"component": [
"Python",
"Microsoft ASP.NET",
"MySQL",
"BEM",
"Liveinternet",
"WordPress",
"PHP",
"Django",
"Adobe ColdFusion",
"SPIP:4.1.11",
"CFML",
"AngularJS",
"Ruby on Rails",
"Ruby"
],
"content_length": 146839,
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"146839"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Mon, 21 Jul 2025 14:54:40 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"mpd web server"
],
"set_cookie": [
"SUPPORTCHROMEOS=1; path=/; secure;",
"LastMRH_Session=ffd33fd2; path=/",
"NX-ANTI-CSRF-TOKEN=7400f7aab75991b599187e939d89d69c",
"rememberMe=deleteMe; path=/;",
"CLIENT_ID=7214",
"JSESSIONID=818E3539F13611E2EA4D5BFB48AE058C.jvml; Path=/mifs; OFBiz.Visitor=10004; Secure; HttpOnly;SameSite=lax;",
"clickedItem_tab=1; asus_token=iDOPsFa54IUYb4alEFeOP4vjZrgspDD; clock_type=1; bw_rtab=INTERNET; ASUS_TrafficMonitor_unit=1",
"grafana_session=f7fbcb089c6994b7bc45775fdae1a13c; Path=/; Max-Age=2592000; HttpOnly; Secure; SameSite=Lax",
"DSSIGNIN=url_default; path=/dana-na/; expires=Thu, 31-Dec-2037 00:00:00 GMT; secure;",
"acSamlv2Error=; path=/; secure;",
"csrftoken=Pt1Guz0uK8QPbP3EV8zBKcxaRaxgrZUPbjZeCK50MLR00VR7THTsnwRPH0otS1lS; Path=/; SameSite=Lax;HttpOnly;Secure;SameSite=Strict; Strict-Transport-Security: max-age=63072000; includeSubDomains",
"_csrf=ffd33fd2; path=/",
"token=21263a2bf; path=/;",
"sesskey=21263a2bf; path=/;",
"sessionid=24263a2bf; webvpnLang=webvpnLang; webvpn=; webvpncontext=00000@SSLContext; path=/;",
"webvpn_as=; path=/; secure;",
"laravel_session=a0ffeb;",
"MRHSession=ffd33fd2; path=/"
],
"unknown": [
{
"key": "x_akaunting",
"value": [
"Free Accounting Software"
]
},
{
"key": "x_cache_enabled",
"value": [
"False"
]
},
{
"key": "x_kubernetes_pf_flowschema_uid",
"value": [
"34"
]
},
{
"key": "x_proxy_cache",
"value": [
"MISS"
]
},
{
"key": "x_runtime",
"value": [
"0.00985"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_cache_lookup",
"value": [
"NONE from ezproxies.com:3128"
]
},
{
"key": "x_fsc",
"value": [
"=deleteMe|rememberMe= 360wzws|CWAP-waf|zhuji.360.cn|X-Safe-Firewall AkamaiGHost Anquanbao Basic realm=\"dubbo\" BigIP|BIGipServer binarysec BlockDos.net client_param=install_active cloudflare cloudfront Cneonction|nnCoection|citrix_ns_id dotDefender ecology_JSessionid EMobileServer 华夏ERP JBoss jsluid= laravel_session linksys-vpn Mod_Security|NOYB Nagios Access nagios admin newdefend NSFocus Protected by COMODO Safe3WAF|Safe3 Web Firewall Safedog|WAF/2.0 Secure Entry Server sessioncookie= SonicWALL Sucuri/Cloudproxy ThinkPHP varnish wallarm WebKnight WebLogic webvpn X-Backside-Transport X-CDN|Incapsula X-Confluence X-Mapping- YUNDUN yunjiasu yunsuo zhuji.360.cn"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_dc",
"value": [
"gcp-us-east1,gcp-us-central1,gcp-us-central1"
]
},
{
"key": "teamcity_node_id",
"value": [
"MAIN_SERVER"
]
},
{
"key": "x_hacker",
"value": [
"If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header."
]
},
{
"key": "x_shopify_stage",
"value": [
"production"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_amz_cf_pop",
"value": [
"MAA50-C1"
]
},
{
"key": "x_kooboocms_version",
"value": [
"23"
]
},
{
"key": "loginip",
"value": [
"206.81.22.187"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_adblock_key",
"value": [
"23"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_aspnet_version",
"value": [
"4.0.30319"
]
},
{
"key": "x_sucuri_cache",
"value": [
"tru"
]
}
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Craft CMS"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "ZTE Gateway - webGUI IX350"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [
"_internal",
"web_database"
],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "878F3D1E4D48F833A9E21DD5FED089C7",
"fingerprint_sha1": "AC90F7B3AAA9B7832100097FB00F0A42AB75D183",
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "5291970371735989126",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "95c121aeddb483f62a7f51223e221a320739b415705845b7533692c5887f2d42",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "5f65c3d8ee86122b928253654eaeed01f3745062026fcda182dbf712d619b795",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:09:38",
"not_before": "2025-07-11T08:09:38"
},
"version": 2
},
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"url": "https://139.162.28.46:993/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-21T14:55:05.35Z"
},
{
"port": 995,
"protocol": "tcp",
"name": "http",
"version": "2.7.5",
"product": "InfluxDB http admin",
"extra_info": "",
"tunnel": "ssl",
"softwares": [
{
"uri": "cpe:/a:influxdata:influxdb:2.7.5",
"part": "a",
"vendor": "influxdata",
"product": "influxdb",
"version": "2\\.7\\.5",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": 1930558319,
"body_sha256": "b6b06c3f490ef30f4537e70e8ce09103ef0169eab5abfdc5e62d63ed9dad7d93",
"component": [
"Ruby",
"MySQL",
"Adobe ColdFusion",
"Python",
"AngularJS",
"Ruby on Rails",
"SPIP:4.1.11",
"PHP",
"Django",
"Liveinternet",
"BEM",
"WordPress",
"CFML"
],
"content_length": 146369,
"favicon": {
"md5_hash": "49a709193b56e4b0e4e8d0fabfc6311e",
"murmur_hash": -299287097,
"path": "http://139.162.28.46:995/favicon.ico",
"size": 238
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"146369"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Sat, 19 Jul 2025 22:49:00 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"Henry/1.1"
],
"set_cookie": [
"sessionid=24263a2bf; webvpnLang=webvpnLang; webvpn=; webvpncontext=00000@SSLContext; path=/;",
"_zcsr_tmp=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=Strict;Secure;priority=high;",
"fsm_u=admin; Path=/;",
"samlPreauthSessionHash=; path=/; secure;",
"grafana_session=f7fbcb089c6994b7bc45775fdae1a13c; Path=/; Max-Age=2592000; HttpOnly; Secure; SameSite=Lax",
"wordpress_logged_in_7400f7aab75991b599187e939d89d69c=admin%7C1737500088%7CGAmx1zdDUU%7Cbf7a880; path=/; HttpOnly",
"PHPSESSID=n91i168jps8rd856bcrln2isqe; path=/",
"ISMS_8700_Sessionname=A67B8F9C228E095723A97C6A977BE2B3; Path=/; HttpOnly",
"Session=10.76.118.67.ff37fe7ceeca9a0ebedcf6549e8275d9; path=/",
"wordpress_7400f7aab75991b599187e939d89d69c=admin%7C1737500088%7CGAmx1zdDUU%7C70307dfb; path=/wp-admin; HttpOnly",
"ASPSESSIONIDQCSASBTR=HLDNOCJAHHEGLOAADJAGCLLB; path=/",
"csrf=8t9ADqIogbjKRK6; Path=/; HttpOnly;",
"webvpn=A9790AFEACDEFA01FAAEAFEWFF390AE; path=/; secure;",
"_indexVersion=2; path=/",
"SOLONID=n91i168jps8rd856bcrln2isqe; path=/",
"sesskey=21263a2bf; path=/;",
"fsm_login=37dfe4372f3867d7c134d618cbef137b; Path=/;",
"roundcube_sessauth=expired; HttpOnly; domain=cpanel.custompoodles.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095"
],
"unknown": [
{
"key": "host_header",
"value": [
"6d77dd967d63c3104bced1db0cace49c"
]
},
{
"key": "x_ibm_aspera",
"value": [
"af"
]
},
{
"key": "x_aspnet_version",
"value": [
"4.0.30319"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_dynatrace_js_agent",
"value": [
"ch"
]
},
{
"key": "x_nananana",
"value": [
"Batcache"
]
},
{
"key": "x_generator",
"value": [
"Drupal 7 (http://drupal.org)"
]
},
{
"key": "x_template",
"value": [
"tpl_CleanPeppermintBlack_twoclick"
]
},
{
"key": "x_kubernetes_pf_flowschema_uid",
"value": [
"34"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_nginx_cache_status",
"value": [
"MISS"
]
},
{
"key": "x_runtime",
"value": [
"0.00985"
]
},
{
"key": "x_wix_request_id",
"value": [
"1579229867.6801399"
]
},
{
"key": "x_proxy_cache",
"value": [
"MISS"
]
},
{
"key": "x_squid_error",
"value": [
"ERR_INVALID_URL 0"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_ac",
"value": [
"3.bur _bur"
]
},
{
"key": "x_download_options",
"value": [
"noopen"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_influxdb_build",
"value": [
"OSS"
]
},
{
"key": "loginip",
"value": [
"159.89.16.175"
]
},
{
"key": "x_seen_by",
"value": [
"CtsEH7KQ5yf2LQM4TNLiEjUavO2mWjwAez9sPj8Ws5MUdPUz2A==,YQo=,YQo=,YQo=,YQo=,YQo=,YQo="
]
}
],
"www_authenticate": [
"Basic realm=\"Broadband Router\""
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Servlet/3.0; JBossAS-6"
],
"x_ua_compatible": [
"IE=EmulateIE7"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 401,
"title": "VideoIQ Camera Login"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [
"_internal",
"web_database"
],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "878F3D1E4D48F833A9E21DD5FED089C7",
"fingerprint_sha1": "AC90F7B3AAA9B7832100097FB00F0A42AB75D183",
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "5291970371735989126",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "95c121aeddb483f62a7f51223e221a320739b415705845b7533692c5887f2d42",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "5f65c3d8ee86122b928253654eaeed01f3745062026fcda182dbf712d619b795",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:09:38",
"not_before": "2025-07-11T08:09:38"
},
"version": 2
},
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"url": "https://139.162.28.46:995/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-20T01:59:13.792Z"
},
{
"port": 1433,
"protocol": "tcp",
"name": "unknown",
"version": "",
"product": "",
"extra_info": "",
"tunnel": "",
"modules": {
"mssql": {
"encrypt_mode": "ENCRYPT_NOT_SUP",
"instance_name": "",
"version": "15.0.4153"
}
},
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-20T06:46:48.993Z"
},
{
"port": 1434,
"protocol": "tcp",
"name": "sip-proxy",
"version": "14.0.17",
"product": "FreePBX",
"extra_info": "Asterisk 15.7.4",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:sangoma:freepbx:14.0.17",
"part": "a",
"vendor": "sangoma",
"product": "freepbx",
"version": "14\\.0\\.17",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": -1039438130,
"body_sha256": "038fda53f300cf07a7041c979c7054cac3412873203435758e067c4e2d36771c",
"component": [
"Adobe ColdFusion",
"BEM",
"Ruby",
"WordPress",
"PHP",
"Python",
"AngularJS",
"Liveinternet",
"SPIP:4.1.11",
"Apache HTTP Server",
"Django",
"Ruby on Rails",
"CFML",
"MySQL"
],
"content_length": 145742,
"favicon": {
"md5_hash": "1dcc55aa6f973801b0252f6304e6dc1c",
"murmur_hash": -1750461220,
"path": "http://139.162.28.46:1434/favicon.ico",
"size": 6772
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"145742"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Sat, 12 Jul 2025 19:41:19 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"httpd/3.0"
],
"set_cookie": [
"sdplogincsrfcookie=6cc9d6ad-33d5-4b5a-adc8-b5bf284cb492; Path=/; SameSite=None; Secure;",
"jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c; path=/",
"SID=hBc7TxF76ERhvIw0jQQ4LZ7Z1jQUV0tQ; path=/;",
"XXL_JOB_LOGIN_IDENTITY=7b226964223a312c227; Max-Age=2147483647; Expires=Thu, 01-Jan-1970 00:00:01; Path=/; HttpOnly;",
"NSC_AAAC=a29d421feecf680a560a4c47b269b38ea29d421feecf680a560a4c47b269b38ea; path=/;",
"ASPSESSIONIDQCSASBTR=HLDNOCJAHHEGLOAADJAGCLLB; path=/",
"SESSID=22363a2bf; path=/;",
"_zcsr_tmp=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=Strict;Secure;priority=high;",
"roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095",
"grafana_session=f7fbcb089c6994b7bc45775fdae1a13c; Path=/; Max-Age=2592000; HttpOnly; Secure; SameSite=Lax",
"trsidsssosessionid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"MoodleSession=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"laravel_session=a0ffeb;",
"fsm_login=37dfe4372f3867d7c134d618cbef137b; Path=/;",
"swap=vFuUpy5thP2HBPenIBJZtmjQHvBP2UiSJNhstyNXrAs; path=/; secure; HttpOnly;",
"sesskey=21263a2bf; path=/;",
"wordpress_7400f7aab75991b599187e939d89d69c=admin%7C1737500088%7CGAmx1zdDUU%7C70307dfb; path=/wp-admin; HttpOnly",
"MRHSession=ffd33fd2; path=/"
],
"unknown": [
{
"key": "x_cache_group",
"value": [
"normal"
]
},
{
"key": "x_chromelogger_data",
"value": [
"13"
]
},
{
"key": "x_fastcgi_cache",
"value": [
"2"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_akamai_transformed",
"value": [
"af1"
]
},
{
"key": "x_page_speed",
"value": [
"1.13.35.2-0"
]
},
{
"key": "loginip",
"value": [
"143.198.181.246"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_aspnet_version",
"value": [
"4.0.30319"
]
},
{
"key": "x_jenkins",
"value": [
"a"
]
},
{
"key": "x_contextid",
"value": [
"YQo="
]
},
{
"key": "x_cache_hits",
"value": [
"0"
]
},
{
"key": "x_fsc",
"value": [
"=deleteMe|rememberMe= 360wzws|CWAP-waf|zhuji.360.cn|X-Safe-Firewall AkamaiGHost Anquanbao Basic realm=\"dubbo\" BigIP|BIGipServer binarysec BlockDos.net client_param=install_active cloudflare cloudfront Cneonction|nnCoection|citrix_ns_id dotDefender ecology_JSessionid EMobileServer 华夏ERP JBoss jsluid= laravel_session linksys-vpn Mod_Security|NOYB Nagios Access nagios admin newdefend NSFocus Protected by COMODO Safe3WAF|Safe3 Web Firewall Safedog|WAF/2.0 Secure Entry Server sessioncookie= SonicWALL Sucuri/Cloudproxy ThinkPHP varnish wallarm WebKnight WebLogic webvpn X-Backside-Transport X-CDN|Incapsula X-Confluence X-Mapping- YUNDUN yunjiasu yunsuo zhuji.360.cn"
]
},
{
"key": "x_backside_transport",
"value": [
"FAIL FAIL"
]
},
{
"key": "x_varnish_cache",
"value": [
"Miss"
]
},
{
"key": "x_check",
"value": [
"3112dc4d54f8e22d666785b733b0052100c53444"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_gocache_cachestatus",
"value": [
"ok"
]
},
{
"key": "x_redirect_by",
"value": [
"WordPress"
]
},
{
"key": "x_cache",
"value": [
"miss"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_powered_cms",
"value": [
"Bitrix Site Manager (31ebf3fe2d1251fbd7f82a700bcc1f66)"
]
},
{
"key": "x_nananana",
"value": [
"Batcache"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
}
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"blade-"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "HFL"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "878F3D1E4D48F833A9E21DD5FED089C7",
"fingerprint_sha1": "AC90F7B3AAA9B7832100097FB00F0A42AB75D183",
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "5291970371735989126",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "95c121aeddb483f62a7f51223e221a320739b415705845b7533692c5887f2d42",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "5f65c3d8ee86122b928253654eaeed01f3745062026fcda182dbf712d619b795",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:09:38",
"not_before": "2025-07-11T08:09:38"
},
"version": 2
},
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"cve": [
{
"id": "CVE-2018-15891",
"severity": "medium"
},
{
"id": "CVE-2019-19538",
"severity": "high"
},
{
"id": "CVE-2019-19851",
"severity": "medium"
}
],
"url": "https://139.162.28.46:1434/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-20T13:47:20.738Z"
},
{
"port": 1883,
"protocol": "tcp",
"name": "echo",
"version": "",
"product": "",
"extra_info": "",
"tunnel": "",
"modules": {
"http": {
"body_murmur": -474605230,
"body_sha256": "efb61148cca12ae5950b252d09cabedb97abd268d4b5590de7816366516d17ad",
"component": [
"Ruby on Rails",
"CFML",
"Django",
"Python",
"MySQL",
"PHP",
"Liveinternet",
"Amazon CloudFront",
"Amazon Web Services",
"AngularJS",
"Adobe ColdFusion",
"WordPress",
"BEM",
"Ruby",
"SPIP:4.1.11"
],
"content_length": 145586,
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"145586"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Tue, 08 Jul 2025 10:58:44 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"Kerio WinRoute Firewall Embedded Web Server"
],
"set_cookie": [
"samlPreauthSessionHash=; path=/; secure;",
"Cacti=o6vomb0hujscvd9qh7icd0b6m6; path=/",
"rememberMe=deleteMe; path=/;",
"com.trs.idm.coSessionId=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"CLIENT_ID=7214",
"jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c; path=/",
"DSSignInURL=/; path=/; secure;",
"webvpnlogin=; path=/; secure;",
"_zcsr_tmp=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=Strict;Secure;priority=high;",
"grafana_session_expiry=1990089920; Path=/; Max-Age=2592000; SameSite=Lax",
"SESSID=22363a2bf; path=/;",
"_csrf=ffd33fd2; path=/",
"ASPSESSIONIDQCSASBTR=HLDNOCJAHHEGLOAADJAGCLLB; path=/",
"roundcube_sessauth=expired; HttpOnly; domain=cpanel.custompoodles.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095",
"csrf=8t9ADqIogbjKRK6; Path=/; HttpOnly;",
"cval=f337; path=/; splunkweb_csrf_token_8000=0011;",
"__s_sessionid__=hh5rq45u9srt079v063jkb8c13; path=/",
"metabase.DEVICE=657aec21-0f2d-4aa8-9973-172d408c3ebf;HttpOnly;Path=/;Expires=Thu, 01-Jan-1970 00:00:01;SameSite=None;Secure"
],
"unknown": [
{
"key": "cf_cache_status",
"value": [
"DYNAMIC"
]
},
{
"key": "x_confluence_request_time",
"value": [
"1698802372064"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_highwire_sessionid",
"value": [
"aaefbbcd"
]
},
{
"key": "loginip",
"value": [
"147.182.221.243"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_drupal_cache",
"value": [
"HIT"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_dc",
"value": [
"gcp-us-east1,gcp-us-central1,gcp-us-central1"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_nf_request_id",
"value": [
"39"
]
},
{
"key": "x_gocache_cachestatus",
"value": [
"ok"
]
},
{
"key": "sec_websocket_accept",
"value": [
"MIGfMA0GCSq"
]
},
{
"key": "x_syno_token",
"value": [
"MIGfMA0GCSq"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_akamai_transformed",
"value": [
"af1"
]
},
{
"key": "x_generator",
"value": [
"Drupal 7 (http://drupal.org)"
]
}
],
"via": [
"1.1 51766bfb56389c696c1525db90e16f23.cloudfront.net (CloudFront)"
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"PHP/5.6.40"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "LOGIN"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [
"_internal",
"web_database"
],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "347204D4793E698E1C0D226D9A2AE7B5",
"fingerprint_sha1": "3FEAE278C0EC825A6B673CD4C082CB6E0084C6B6",
"fingerprint_sha256": "E7C8B19C59F0D8FFB46EE68355DFD4A0C280D2BC14A277C3EF8BC75E8065F372",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"NF"
],
"domain_component": [
"vsphere",
"local"
],
"organization": [
"WJKBYIHS"
],
"organizational_unit": [
"VMware Engineering"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "5450932667304072933",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"NF"
],
"domain_component": [
"vsphere",
"local"
],
"organization": [
"WJKBYIHS"
],
"organizational_unit": [
"VMware Engineering"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "03fc314f4a90cb31e36f4610f966ecd02eb5ef5355179c82071927c7600fcf49",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "507cc7bac702c7666189ff2f3bc4d59aed4ab525b6234ffe091dfd87c70b40c1",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-04T13:04:41",
"not_before": "2025-07-04T13:04:41"
},
"version": 2
},
"fingerprint_sha256": "E7C8B19C59F0D8FFB46EE68355DFD4A0C280D2BC14A277C3EF8BC75E8065F372",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"url": "https://139.162.28.46:1883/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-20T17:48:09.508Z"
},
{
"port": 1911,
"protocol": "tcp",
"name": "http",
"version": "1.9.11",
"product": "nginx",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:igor_sysoev:nginx:1.9.11",
"part": "a",
"vendor": "igor_sysoev",
"product": "nginx",
"version": "1\\.9\\.11",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": -2028999995,
"body_sha256": "41fba927d7c7b8a689b126bd0627cd59bfff8856e16de52f0271fded5d365169",
"component": [
"AngularJS",
"Python",
"MySQL",
"Ruby",
"BEM",
"WordPress",
"Microsoft ASP.NET",
"Django",
"Ruby on Rails",
"Adobe ColdFusion",
"CFML",
"PHP",
"Liveinternet",
"SPIP:4.1.11"
],
"content_length": 146826,
"favicon": {
"md5_hash": "9b71349660a2170717ff6a84f9de12a1",
"murmur_hash": 939607277,
"path": "http://139.162.28.46:1911/favicon.ico",
"size": 2340
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"146826"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Mon, 21 Jul 2025 18:41:40 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"app07"
],
"set_cookie": [
"clickedItem_tab=1; asus_token=iDOPsFa54IUYb4alEFeOP4vjZrgspDD; clock_type=1; bw_rtab=INTERNET; ASUS_TrafficMonitor_unit=1",
"SESSID=22363a2bf; path=/;",
"token=21263a2bf; path=/;",
"USGSESSID=ff37fe7ceeca9a0ebedcf6549e8275d9; path=/; HttpOnly",
"com.trs.idm.coSessionId=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"zbx_session=eyJzZXNzaW9uaWQiOiI1MDU2ZTlkYTFmZjkxZDAyMGEwMGEwMzhjNTliY2I2OCIsInNpZ24iOiJiMDVjNDJjNzQ4Y2IzZGRkNjExMWE4NDVhMDJhOWMxMWE5ODVjYTZmNDRhY2QxY2I3MjA5ZjIxZmExMDg3YjQ5In0%3D; secure; HttpOnly",
"wordpress_logged_in_7400f7aab75991b599187e939d89d69c=admin%7C1737500088%7CGAmx1zdDUU%7Cbf7a880; path=/; HttpOnly",
"swap=vFuUpy5thP2HBPenIBJZtmjQHvBP2UiSJNhstyNXrAs; path=/; secure; HttpOnly;",
"NSC_VPNERR=4007",
"CLIENT_ID=7214",
"UICSESSION=qqhhk66ogtvugchmqfov0j4l96; path=/;",
"adscsrf=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=None;Secure;priority=high;",
"zbx_sessionid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"grafana_session_expiry=1990089920; Path=/; Max-Age=2592000; SameSite=Lax",
"fsm_u=admin; Path=/;",
"session820/qualitor820=2ek44merar6fo67l01hdr09u0l; path=/; HttpOnly; SameSite=Lax",
"acSamlv2Token=; path=/; secure;",
"MoodleSession=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly"
],
"strict_transport_security": [
"max-age=31536000"
],
"unknown": [
{
"key": "x_contextid",
"value": [
"YQo="
]
},
{
"key": "x_fsc",
"value": [
"=deleteMe|rememberMe= 360wzws|CWAP-waf|zhuji.360.cn|X-Safe-Firewall AkamaiGHost Anquanbao Basic realm=\"dubbo\" BigIP|BIGipServer binarysec BlockDos.net client_param=install_active cloudflare cloudfront Cneonction|nnCoection|citrix_ns_id dotDefender ecology_JSessionid EMobileServer 华夏ERP JBoss jsluid= laravel_session linksys-vpn Mod_Security|NOYB Nagios Access nagios admin newdefend NSFocus Protected by COMODO Safe3WAF|Safe3 Web Firewall Safedog|WAF/2.0 Secure Entry Server sessioncookie= SonicWALL Sucuri/Cloudproxy ThinkPHP varnish wallarm WebKnight WebLogic webvpn X-Backside-Transport X-CDN|Incapsula X-Confluence X-Mapping- YUNDUN yunjiasu yunsuo zhuji.360.cn"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "loginip",
"value": [
"164.92.168.207"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_generator",
"value": [
"Drupal 7 (http://drupal.org)"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_fastcgi_cache",
"value": [
"2"
]
},
{
"key": "x_fastly_request_id",
"value": [
"ed15bdb8f4d9179ebe5b6b8441d6148a4a8e213f"
]
},
{
"key": "x_clacks_overhead",
"value": [
"GNU Terry Pratchett"
]
},
{
"key": "x_powered_cms",
"value": [
"Bitrix Site Manager (31ebf3fe2d1251fbd7f82a700bcc1f66)"
]
},
{
"key": "x_hacker",
"value": [
"If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header."
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_drupal_cache",
"value": [
"HIT"
]
},
{
"key": "x_nextjs_cache",
"value": [
"HIT"
]
},
{
"key": "x_sucuri_id",
"value": [
"67"
]
},
{
"key": "x_syno_token",
"value": [
"MIGfMA0GCSq"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_cdn",
"value": [
"Incapsula"
]
}
],
"www_authenticate": [
"Basic realm=\"\""
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Xeora"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 401,
"title": "Default"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [
"_internal",
"web_database"
],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "878F3D1E4D48F833A9E21DD5FED089C7",
"fingerprint_sha1": "AC90F7B3AAA9B7832100097FB00F0A42AB75D183",
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "5291970371735989126",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "95c121aeddb483f62a7f51223e221a320739b415705845b7533692c5887f2d42",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "5f65c3d8ee86122b928253654eaeed01f3745062026fcda182dbf712d619b795",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:09:38",
"not_before": "2025-07-11T08:09:38"
},
"version": 2
},
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"url": "https://139.162.28.46:1911/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-21T18:46:59.023Z"
},
{
"port": 2181,
"protocol": "tcp",
"name": "http",
"version": "2.25b",
"product": "thttpd",
"extra_info": "PHP 20030920",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:php:php:20030920",
"part": "a",
"vendor": "php",
"product": "php",
"version": "20030920",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": 1799463280,
"body_sha256": "7aefb0a8ea7e3b30359f7c9c355af91155998828abcda16a0b104dc64c18ee37",
"component": [
"CFML",
"Python",
"BEM",
"SPIP:4.1.11",
"AngularJS",
"MySQL",
"Liveinternet",
"Ruby on Rails",
"Ruby",
"WordPress",
"Adobe ColdFusion",
"Django",
"PHP"
],
"content_length": 146362,
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"146362"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Sun, 20 Jul 2025 16:04:36 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"K3"
],
"set_cookie": [
"X-Qlik-Session=35263a2bf; path=/;",
"UICSESSION=qqhhk66ogtvugchmqfov0j4l96; path=/;",
"MRHSHint=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/",
"JSESSIONID=818E3539F13611E2EA4D5BFB48AE058C.jvml; Path=/mifs; OFBiz.Visitor=10004; Secure; HttpOnly;SameSite=lax;",
"openvpn_sess_H8jh9h5ZIWc4UupqRJqPcoH8cBuTGY4w8bl3_UBvts1XPiItuVQMxvAvN8y5RBLbLlezh0Zm2xKpNmMwSCcvTw=CMvHtVV0n6DjvP5c--JgEWS3QsIcjzA5-zwezOq1K0Vzs2WaMh_YR2h7HJIZppxqLTaCrhNv3uTg4yl2X4dMPw; Expires=Thu, 01-Jan-1970 00:00:01; Path=/; Secure; HttpOnly",
"MISESSID=22363a2bf; path=/mi;",
"DSSignInURL=/; path=/; secure;",
"RUIJIEID=A67B8F9C228E095723A97C6A977BE2B3; Path=/;",
"SOLONID=n91i168jps8rd856bcrln2isqe; path=/",
"webvpnlogin=; path=/; secure;",
"swap=vFuUpy5thP2HBPenIBJZtmjQHvBP2UiSJNhstyNXrAs; path=/; secure; HttpOnly;",
"Cacti=o6vomb0hujscvd9qh7icd0b6m6; path=/",
"did=A67B8F9C;",
"roundcube_sessauth=expired; HttpOnly; domain=cpanel.custompoodles.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095",
"webvpnaac=1; path=/; secure;",
"grafana_session_expiry=1990089920; Path=/; Max-Age=2592000; SameSite=Lax",
"loginName=admin",
"PHC_DISABLED=1; path=/; secure;"
],
"unknown": [
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_powered_by_plesk",
"value": [
"PleskWin"
]
},
{
"key": "cf_ray",
"value": [
"55611f709b975f5b-LAS"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_adblock_key",
"value": [
"23"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_t_location",
"value": [
"/iam"
]
},
{
"key": "x_dc",
"value": [
"gcp-us-east1,gcp-us-central1,gcp-us-central1"
]
},
{
"key": "x_drupal_cache",
"value": [
"HIT"
]
},
{
"key": "x_vercel_cache",
"value": [
"1"
]
},
{
"key": "x_citrix_application",
"value": [
"Receiver for Web"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_fastly_request_id",
"value": [
"135"
]
},
{
"key": "loginip",
"value": [
"161.35.110.48"
]
},
{
"key": "x_github_request_id",
"value": [
"2544:7F5D:24C5A8:296D36:5E2B2B7B"
]
},
{
"key": "teamcity_node_id",
"value": [
"MAIN_SERVER"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_flow_powered",
"value": [
"Flow"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_hacker",
"value": [
"If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header."
]
},
{
"key": "x_permitted_cross_domain_policies",
"value": [
"none"
]
},
{
"key": "x_proxy_cache",
"value": [
"MISS"
]
},
{
"key": "x_via_fastly",
"value": [
"5"
]
},
{
"key": "x_axentra_version",
"value": [
"13"
]
},
{
"key": "x_cache_hits",
"value": [
"0"
]
}
],
"www_authenticate": [
"Basic realm=\"HomeHub\""
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Kemal"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 401,
"title": "NSFOCUS NIDPS"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "878F3D1E4D48F833A9E21DD5FED089C7",
"fingerprint_sha1": "AC90F7B3AAA9B7832100097FB00F0A42AB75D183",
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "5291970371735989126",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "95c121aeddb483f62a7f51223e221a320739b415705845b7533692c5887f2d42",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "5f65c3d8ee86122b928253654eaeed01f3745062026fcda182dbf712d619b795",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:09:38",
"not_before": "2025-07-11T08:09:38"
},
"version": 2
},
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"cve": [
{
"id": "CVE-2007-3205",
"severity": "medium"
}
],
"url": "https://139.162.28.46:2181/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-20T16:05:03.114Z"
},
{
"port": 2525,
"protocol": "tcp",
"name": "smtp",
"version": "",
"product": "",
"extra_info": "",
"tunnel": "",
"modules": {
"smtp": {
"banner": "220 www.oowoo.cc ESMTP Exim smtpd/4.94.2; 1753124784494@a2b80c4db2958d7cbebdcf2793a6e7d0-8dcb74a64dc984fb9abe3e7c201f810d9ec90ed8e4cc74c633bf9be7f7db240d2b== xsm\r\n"
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "878F3D1E4D48F833A9E21DD5FED089C7",
"fingerprint_sha1": "AC90F7B3AAA9B7832100097FB00F0A42AB75D183",
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"jarm": "00000000000000000000000000000000000000000000000000000000000000",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "5291970371735989126",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "95c121aeddb483f62a7f51223e221a320739b415705845b7533692c5887f2d42",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "5f65c3d8ee86122b928253654eaeed01f3745062026fcda182dbf712d619b795",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:09:38",
"not_before": "2025-07-11T08:09:38"
},
"version": 2
},
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-21T19:11:33.869Z"
},
{
"port": 3306,
"protocol": "tcp",
"name": "mysql",
"version": "5.7.31",
"product": "MySQL",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:mysql:mysql:5.7.31",
"part": "a",
"vendor": "mysql",
"product": "mysql",
"version": "5\\.7\\.31",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"mysql": {
"capability_flags": {
"CLIENT_COMPRESS": true,
"CLIENT_CONNECT_WITH_DB": true,
"CLIENT_FOUND_ROWS": true,
"CLIENT_IGNORE_SIGPIPE": true,
"CLIENT_IGNORE_SPACE": true,
"CLIENT_INTERACTIVE": true,
"CLIENT_LOCAL_FILES": true,
"CLIENT_LONG_FLAG": true,
"CLIENT_LONG_PASSWORD": true,
"CLIENT_MULTI_RESULTS": true,
"CLIENT_MULTI_STATEMENTS": true,
"CLIENT_NO_SCHEMA": true,
"CLIENT_ODBC": true,
"CLIENT_PLUGIN_AUTH": true,
"CLIENT_PROTOCOL_41": true,
"CLIENT_PS_MULTI_RESULTS": true,
"CLIENT_RESERVED": true,
"CLIENT_SECURE_CONNECTION": true,
"CLIENT_TRANSACTIONS": true
},
"protocol_version": 10,
"version": "5.7.31"
}
},
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-20T04:13:06.53Z"
},
{
"port": 5000,
"protocol": "tcp",
"name": "http",
"version": "2.7.5",
"product": "InfluxDB http admin",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:influxdata:influxdb:2.7.5",
"part": "a",
"vendor": "influxdata",
"product": "influxdb",
"version": "2\\.7\\.5",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": -1132203978,
"body_sha256": "17e57f9176d5e081bac8695a821b977e62f7c287c134056104435e58d0efebad",
"component": [
"AngularJS",
"PHP",
"Liveinternet",
"Adobe ColdFusion",
"Ruby on Rails",
"WordPress",
"MySQL",
"Django",
"SPIP:4.1.11",
"BEM",
"Python",
"CFML",
"Ruby"
],
"content_length": 146293,
"favicon": {
"md5_hash": "77b2f4c09890ab658a72c4bad8c1077b",
"murmur_hash": 1924358485,
"path": "http://139.162.28.46:5000/favicon.ico",
"size": 1630
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"146293"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Wed, 16 Jul 2025 14:27:22 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"LANCOM"
],
"set_cookie": [
"wordpress_logged_in_7400f7aab75991b599187e939d89d69c=admin%7C1737500088%7CGAmx1zdDUU%7Cbf7a880; path=/; HttpOnly",
"roundcube_cookies=enabled; HttpOnly; expires=Tue, 01-Jan-1970 00:00:01 GMT; path=/; port=2095",
"PHC_DISABLED=1; path=/; secure;",
"csrftoken=Pt1Guz0uK8QPbP3EV8zBKcxaRaxgrZUPbjZeCK50MLR00VR7THTsnwRPH0otS1lS; Path=/; SameSite=Lax;HttpOnly;Secure;SameSite=Strict; Strict-Transport-Security: max-age=63072000; includeSubDomains",
"metabase.DEVICE=657aec21-0f2d-4aa8-9973-172d408c3ebf;HttpOnly;Path=/;Expires=Thu, 01-Jan-1970 00:00:01;SameSite=None;Secure",
"SUPPORTCHROMEOS=1; path=/; secure;",
"laravel_session=a0ffeb;",
"MISESSID=22363a2bf; path=/mi;",
"akaunting_session=7b22; Path=/;",
"PHPSESSID=n91i168jps8rd856bcrln2isqe; path=/",
"JSESSIONID=818E3539F13611E2EA4D5BFB48AE058C.jvml; Path=/mifs; OFBiz.Visitor=10004; Secure; HttpOnly;SameSite=lax;",
"webvpnlogin=; path=/; secure;",
"cval=f337; path=/; splunkweb_csrf_token_8000=0011;",
"trsidsssosessionid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"ISMS_8700_Sessionname=A67B8F9C228E095723A97C6A977BE2B3; Path=/; HttpOnly",
"SESSID=22363a2bf; path=/;",
"_zcsr_tmp=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=Strict;Secure;priority=high;",
"id=A67B8F9C;"
],
"unknown": [
{
"key": "x_flow_powered",
"value": [
"Flow"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "teamcity_node_id",
"value": [
"MAIN_SERVER"
]
},
{
"key": "x_chromelogger_data",
"value": [
"13"
]
},
{
"key": "x_includable_version",
"value": [
"32"
]
},
{
"key": "x_check",
"value": [
"3112dc4d54f8e22d666785b733b0052100c53444"
]
},
{
"key": "x_confluence_request_time",
"value": [
"1698802372064"
]
},
{
"key": "x_aspnet_version",
"value": [
"4.0.30319"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_cache_group",
"value": [
"normal"
]
},
{
"key": "x_fsc",
"value": [
"=deleteMe|rememberMe= 360wzws|CWAP-waf|zhuji.360.cn|X-Safe-Firewall AkamaiGHost Anquanbao Basic realm=\"dubbo\" BigIP|BIGipServer binarysec BlockDos.net client_param=install_active cloudflare cloudfront Cneonction|nnCoection|citrix_ns_id dotDefender ecology_JSessionid EMobileServer 华夏ERP JBoss jsluid= laravel_session linksys-vpn Mod_Security|NOYB Nagios Access nagios admin newdefend NSFocus Protected by COMODO Safe3WAF|Safe3 Web Firewall Safedog|WAF/2.0 Secure Entry Server sessioncookie= SonicWALL Sucuri/Cloudproxy ThinkPHP varnish wallarm WebKnight WebLogic webvpn X-Backside-Transport X-CDN|Incapsula X-Confluence X-Mapping- YUNDUN yunjiasu yunsuo zhuji.360.cn"
]
},
{
"key": "x_language",
"value": [
"english"
]
},
{
"key": "x_bubble_perf",
"value": [
"/"
]
},
{
"key": "x_fb_error_from",
"value": [
"fwdproxy"
]
},
{
"key": "x_graylog_node_id",
"value": [
"97"
]
},
{
"key": "x_influxdb_version",
"value": [
"v2.7.5"
]
},
{
"key": "x_alternate_cache_key",
"value": [
"cacheable:ba92b39be043e3c90d2fd075057dd3e5"
]
},
{
"key": "x_azure_ref",
"value": [
"v23"
]
},
{
"key": "x_download_options",
"value": [
"noopen"
]
},
{
"key": "x_cache_lookup",
"value": [
"NONE from ezproxies.com:3128"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "loginip",
"value": [
"46.101.98.26"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_cache_hits",
"value": [
"0"
]
}
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Red Hat"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "mitel communications director"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [
"_internal",
"web_database"
],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "878F3D1E4D48F833A9E21DD5FED089C7",
"fingerprint_sha1": "AC90F7B3AAA9B7832100097FB00F0A42AB75D183",
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "5291970371735989126",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "95c121aeddb483f62a7f51223e221a320739b415705845b7533692c5887f2d42",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "5f65c3d8ee86122b928253654eaeed01f3745062026fcda182dbf712d619b795",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:09:38",
"not_before": "2025-07-11T08:09:38"
},
"version": 2
},
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"url": "https://139.162.28.46:5000/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-17T02:08:38.95Z"
},
{
"port": 5060,
"protocol": "tcp",
"name": "sip-proxy",
"version": "14.0.17",
"product": "FreePBX",
"extra_info": "Asterisk 15.7.4",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:sangoma:freepbx:14.0.17",
"part": "a",
"vendor": "sangoma",
"product": "freepbx",
"version": "14\\.0\\.17",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"cve": [
{
"id": "CVE-2018-15891",
"severity": "medium"
},
{
"id": "CVE-2019-19538",
"severity": "high"
},
{
"id": "CVE-2019-19851",
"severity": "medium"
}
],
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-18T08:48:57.203Z"
},
{
"port": 5432,
"protocol": "tcp",
"name": "unknown",
"version": "",
"product": "",
"extra_info": "",
"tunnel": "",
"modules": {
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "878F3D1E4D48F833A9E21DD5FED089C7",
"fingerprint_sha1": "AC90F7B3AAA9B7832100097FB00F0A42AB75D183",
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"jarm": "00000000000000000000000000000000000000000000000000000000000000",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "5291970371735989126",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "95c121aeddb483f62a7f51223e221a320739b415705845b7533692c5887f2d42",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "5f65c3d8ee86122b928253654eaeed01f3745062026fcda182dbf712d619b795",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:09:38",
"not_before": "2025-07-11T08:09:38"
},
"version": 2
},
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-19T19:17:03.633Z"
},
{
"port": 5671,
"protocol": "tcp",
"name": "http",
"version": "2.7.5",
"product": "InfluxDB http admin",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:influxdata:influxdb:2.7.5",
"part": "a",
"vendor": "influxdata",
"product": "influxdb",
"version": "2\\.7\\.5",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": -686373942,
"body_sha256": "902db48b3317ce13d871e3690c7cdf8744eee6a8aefd8e6103d98089fdd13f2d",
"component": [
"PHP",
"AngularJS",
"Ruby on Rails",
"SPIP:4.1.11",
"BEM",
"MySQL",
"Python",
"Adobe ColdFusion",
"Liveinternet",
"Django",
"Ruby",
"CFML",
"WordPress"
],
"content_length": 146358,
"favicon": {
"md5_hash": "1f52cc8ce9a3ab7ea704820f5f6a185e",
"murmur_hash": -1033644073,
"path": "http://139.162.28.46:5671/favicon.ico",
"size": 3774
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"146358"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Sun, 20 Jul 2025 19:10:36 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"Safedog/4.0.0"
],
"set_cookie": [
"id=A67B8F9C;",
"swap=vFuUpy5thP2HBPenIBJZtmjQHvBP2UiSJNhstyNXrAs; path=/; secure; HttpOnly;",
"MRHSession=ffd33fd2; path=/",
"SUPPORTCHROMEOS=1; path=/; secure;",
"NSC_AAAC=a29d421feecf680a560a4c47b269b38ea29d421feecf680a560a4c47b269b38ea; path=/;",
"did=A67B8F9C;",
"webvpnlogin=; path=/; secure;",
"MoodleSession=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"CFTOKEN=f337; CFCLIENT_FOO_CORP=preflanguage%3DEN%23; CFID=1F; path=/;HttpOnly;",
"UICSESSION=qqhhk66ogtvugchmqfov0j4l96; path=/;",
"zentaosid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"Cacti=o6vomb0hujscvd9qh7icd0b6m6; path=/",
"wordpress_7400f7aab75991b599187e939d89d69c=admin%7C1737500088%7CGAmx1zdDUU%7C70307dfb; path=/wp-admin; HttpOnly",
"zbx_session=eyJzZXNzaW9uaWQiOiI1MDU2ZTlkYTFmZjkxZDAyMGEwMGEwMzhjNTliY2I2OCIsInNpZ24iOiJiMDVjNDJjNzQ4Y2IzZGRkNjExMWE4NDVhMDJhOWMxMWE5ODVjYTZmNDRhY2QxY2I3MjA5ZjIxZmExMDg3YjQ5In0%3D; secure; HttpOnly",
"_csrf=ffd33fd2; path=/",
"LastMRH_Session=ffd33fd2; path=/",
"CLIENT_ID=7214",
"PHPSESSID=n91i168jps8rd856bcrln2isqe; path=/"
],
"strict_transport_security": [
"max-age=31536000"
],
"unknown": [
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_root",
"value": [
"root"
]
},
{
"key": "host_header",
"value": [
"6d77dd967d63c3104bced1db0cace49c"
]
},
{
"key": "x_dc",
"value": [
"gcp-us-east1,gcp-us-central1,gcp-us-central1"
]
},
{
"key": "x_lift_version",
"value": [
"89"
]
},
{
"key": "x_sorting_hat_podid",
"value": [
"80"
]
},
{
"key": "x_axentra_version",
"value": [
"13"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_download_options",
"value": [
"noopen"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "loginip",
"value": [
"137.184.77.52"
]
},
{
"key": "x_adblock_key",
"value": [
"YQo="
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_litespeed_cache",
"value": [
"hit"
]
},
{
"key": "x_alternate_cache_key",
"value": [
"cacheable:ba92b39be043e3c90d2fd075057dd3e5"
]
},
{
"key": "x_citrix_application",
"value": [
"Receiver for Web"
]
},
{
"key": "x_fw_server",
"value": [
"Flywheel"
]
},
{
"key": "x_template",
"value": [
"tpl_CleanPeppermintBlack_twoclick"
]
}
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Sails"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "OpManager"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "878F3D1E4D48F833A9E21DD5FED089C7",
"fingerprint_sha1": "AC90F7B3AAA9B7832100097FB00F0A42AB75D183",
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "5291970371735989126",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "95c121aeddb483f62a7f51223e221a320739b415705845b7533692c5887f2d42",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "5f65c3d8ee86122b928253654eaeed01f3745062026fcda182dbf712d619b795",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:09:38",
"not_before": "2025-07-11T08:09:38"
},
"version": 2
},
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"url": "https://139.162.28.46:5671/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-20T19:11:03.113Z"
},
{
"port": 5984,
"protocol": "tcp",
"name": "http",
"version": "2.7.5",
"product": "InfluxDB http admin",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:influxdata:influxdb:2.7.5",
"part": "a",
"vendor": "influxdata",
"product": "influxdb",
"version": "2\\.7\\.5",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
},
{
"uri": "cpe:/o:vmware:ESXi:6.5.0",
"part": "o",
"vendor": "vmware",
"product": "esxi",
"version": "6\\.5\\.0",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"couchdb": {
"databases": [
"_replicator",
"_users",
"admin",
"passwords",
"core-configuration",
"core-locales",
"core-photos",
"core-tasks",
"fml",
"mcx",
"mlkvljnah",
"mllbqddlikk",
"mzpp",
"nsjl",
"oqulw",
"pmbt",
"qys",
"todv",
"user00230",
"user00400",
"user02030",
"user02212",
"user03200",
"user21212",
"user22100",
"user22402",
"user23122",
"user23213",
"user23421",
"user24022",
"user31210",
"user33212",
"user33233",
"user40114",
"user40430",
"user42341",
"vfl",
"wryknmigdtx",
"wtpl"
],
"version": "1.6.1"
},
"http": {
"body_murmur": 1033467107,
"body_sha256": "84c1b0de24fe7c380a9eaf1a23043033d282cce52b3143f99ba221bf5ccc95c8",
"component": [
"Erlang: otp/17",
"CouchDB:1.6.1"
],
"content_length": 32,
"favicon": {
"md5_hash": "b89adb697c786ef4c9553d2caf9fc409",
"murmur_hash": -17306567,
"path": "http://139.162.28.46:5984/favicon.ico",
"size": 827
},
"headers": {
"content_length": [
"32"
],
"content_type": [
"application/json"
],
"date": [
"Mon, 21 Jul 2025 00:40:31 GMT"
],
"server": [
"CouchDB/1.6.1 (Erlang OTP/17)"
]
},
"protocol": "HTTP/1.1",
"status_code": 200
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [
"_internal",
"web_database"
],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "878F3D1E4D48F833A9E21DD5FED089C7",
"fingerprint_sha1": "AC90F7B3AAA9B7832100097FB00F0A42AB75D183",
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "5291970371735989126",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "95c121aeddb483f62a7f51223e221a320739b415705845b7533692c5887f2d42",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "5f65c3d8ee86122b928253654eaeed01f3745062026fcda182dbf712d619b795",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:09:38",
"not_before": "2025-07-11T08:09:38"
},
"version": 2
},
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"cve": [
{
"id": "CVE-2022-31681",
"severity": "medium"
},
{
"id": "CVE-2023-29552",
"severity": "high"
}
],
"url": "https://139.162.28.46:5984/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-21T00:40:57.279Z"
},
{
"port": 6000,
"protocol": "tcp",
"name": "sip-proxy",
"version": "14.0.17",
"product": "FreePBX",
"extra_info": "Asterisk 15.7.4",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:sangoma:freepbx:14.0.17",
"part": "a",
"vendor": "sangoma",
"product": "freepbx",
"version": "14\\.0\\.17",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": -942883864,
"body_sha256": "0ac85201bc219a46cf8385637c3464b77c71a475227449cf843537118b8c1be3",
"component": [
"PHP",
"CFML",
"Django",
"Liveinternet",
"Adobe ColdFusion",
"BEM",
"Ruby",
"AngularJS",
"WordPress",
"SPIP:4.1.11",
"Python",
"Ruby on Rails",
"MySQL"
],
"content_length": 145777,
"favicon": {
"md5_hash": "b89823b3f483bdbebfa9c6ceaaefeecf",
"murmur_hash": 1089670315,
"path": "http://139.162.28.46:6000/favicon.ico",
"size": 6463
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"145777"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Mon, 14 Jul 2025 18:22:35 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"nostromo 1.9.4"
],
"set_cookie": [
"sessionid=24263a2bf; webvpnLang=webvpnLang; webvpn=; webvpncontext=00000@SSLContext; path=/;",
"zbx_session=eyJzZXNzaW9uaWQiOiI1MDU2ZTlkYTFmZjkxZDAyMGEwMGEwMzhjNTliY2I2OCIsInNpZ24iOiJiMDVjNDJjNzQ4Y2IzZGRkNjExMWE4NDVhMDJhOWMxMWE5ODVjYTZmNDRhY2QxY2I3MjA5ZjIxZmExMDg3YjQ5In0%3D; secure; HttpOnly",
"csrftoken=Pt1Guz0uK8QPbP3EV8zBKcxaRaxgrZUPbjZeCK50MLR00VR7THTsnwRPH0otS1lS; Path=/; SameSite=Lax;HttpOnly;Secure;SameSite=Strict; Strict-Transport-Security: max-age=63072000; includeSubDomains",
"grafana_session_expiry=1990089920; Path=/; Max-Age=2592000; SameSite=Lax",
"MRHSHint=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/",
"roundcube_cookies=enabled; HttpOnly; expires=Tue, 01-Jan-1970 00:00:01 GMT; path=/; port=2095",
"wordpress_7400f7aab75991b599187e939d89d69c=admin%7C1737500088%7CGAmx1zdDUU%7C70307dfb; path=/wp-admin; HttpOnly",
"SID=hBc7TxF76ERhvIw0jQQ4LZ7Z1jQUV0tQ; path=/;",
"_indexVersion=2; path=/",
"CLIENT_ID=7214",
"token=21263a2bf; path=/;",
"acSamlv2Token=; path=/; secure;",
"sessionNonceCookie-91c537b4-8e24-3455-8f0c-225b8fcc3641=16a09f29-a4ff-4be2-b4a5-913c7880d677; Max-Age=4800; Expires=Thu, 01-Jan-1970 00:00:01 GMT; Path=/; Secure; HttpOnly; SameSite=None",
"zentaosid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"com.trs.idm.coSessionId=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"grafana_session=f7fbcb089c6994b7bc45775fdae1a13c; Path=/; Max-Age=2592000; HttpOnly; Secure; SameSite=Lax",
"loginName=admin",
"csrf=8t9ADqIogbjKRK6; Path=/; HttpOnly;"
],
"unknown": [
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "loginip",
"value": [
"46.101.98.26"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_permitted_cross_domain_policies",
"value": [
"none"
]
},
{
"key": "x_shopify_stage",
"value": [
"production"
]
},
{
"key": "x_vercel_cache",
"value": [
"1"
]
},
{
"key": "cf_cache_status",
"value": [
"DYNAMIC"
]
},
{
"key": "x_kubernetes_pf_flowschema_uid",
"value": [
"34"
]
},
{
"key": "x_cdn_forward",
"value": [
"maxcdn"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_gocache_cachestatus",
"value": [
"ok"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_now_trace",
"value": [
"true"
]
},
{
"key": "mime_version",
"value": [
"1.0"
]
},
{
"key": "x_mod_pagespeed",
"value": [
"tr"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_contextid",
"value": [
"YQo="
]
},
{
"key": "x_powered_cms",
"value": [
"Bitrix Site Manager (31ebf3fe2d1251fbd7f82a700bcc1f66)"
]
},
{
"key": "x_fw_server",
"value": [
"Flywheel"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_server_powered_by",
"value": [
"Engintron"
]
},
{
"key": "x_shardid",
"value": [
"80"
]
}
],
"www_authenticate": [
"Digest realm=\"realm@easycwmp\",qop=\"auth\",nonce=\"e22f76001fa38ce36f9b69bdbd73fbfb0001c399\",opaque=\"328458fab28345ae87ab3210a8513b14eff452a2\""
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Mono"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 401,
"title": "miwi-fi router"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "878F3D1E4D48F833A9E21DD5FED089C7",
"fingerprint_sha1": "AC90F7B3AAA9B7832100097FB00F0A42AB75D183",
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "5291970371735989126",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "95c121aeddb483f62a7f51223e221a320739b415705845b7533692c5887f2d42",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "5f65c3d8ee86122b928253654eaeed01f3745062026fcda182dbf712d619b795",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:09:38",
"not_before": "2025-07-11T08:09:38"
},
"version": 2
},
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"cve": [
{
"id": "CVE-2018-15891",
"severity": "medium"
},
{
"id": "CVE-2019-19538",
"severity": "high"
},
{
"id": "CVE-2019-19851",
"severity": "medium"
}
],
"url": "https://139.162.28.46:6000/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-20T04:04:58.415Z"
},
{
"port": 6379,
"protocol": "tcp",
"name": "sip-proxy",
"version": "14.0.17",
"product": "FreePBX",
"extra_info": "Asterisk 15.7.4",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:sangoma:freepbx:14.0.17",
"part": "a",
"vendor": "sangoma",
"product": "freepbx",
"version": "14\\.0\\.17",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": 578373810,
"body_sha256": "f0008cd5e63978b7055c7183440294a547e99e48acad0e54ef9e4c35041d9edf",
"component": [
"AngularJS",
"Liveinternet",
"BEM",
"Ruby on Rails",
"CFML",
"Python",
"WordPress",
"MySQL",
"PHP",
"Adobe ColdFusion",
"Ruby",
"SPIP:4.1.11",
"Django"
],
"content_length": 145788,
"favicon": {
"md5_hash": "49a709193b56e4b0e4e8d0fabfc6311e",
"murmur_hash": -299287097,
"path": "http://139.162.28.46:6379/favicon.ico",
"size": 238
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"145788"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Tue, 15 Jul 2025 15:02:50 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"Safedog/4.0.0"
],
"set_cookie": [
"laravel_session=a0ffeb;",
"acSamlv2Token=; path=/; secure;",
"JSESSIONID=818E3539F13611E2EA4D5BFB48AE058C.jvml; Path=/mifs; OFBiz.Visitor=10004; Secure; HttpOnly;SameSite=lax;",
"MoodleSession=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"webvpn=A9790AFEACDEFA01FAAEAFEWFF390AE; path=/; secure;",
"grafana_session_expiry=1990089920; Path=/; Max-Age=2592000; SameSite=Lax",
"USGSESSID=ff37fe7ceeca9a0ebedcf6549e8275d9; path=/; HttpOnly",
"CLIENT_ID=7214",
"roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095",
"wordpress_7400f7aab75991b599187e939d89d69c=admin%7C1737500088%7CGAmx1zdDUU%7C70307dfb; path=/wp-admin; HttpOnly",
"webvpnlogin=; path=/; secure;",
"_zcsr_tmp=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=Strict;Secure;priority=high;",
"PHPSESSID=n91i168jps8rd856bcrln2isqe; path=/",
"MISESSID=22363a2bf; path=/mi;",
"sdplogincsrfcookie=6cc9d6ad-33d5-4b5a-adc8-b5bf284cb492; Path=/; SameSite=None; Secure;",
"TRACKID=111d130c363c6795f9897e3368d2926e; Path=/; Version=1;",
"loginName=admin",
"webvpnaac=1; path=/; secure;"
],
"unknown": [
{
"key": "x_language",
"value": [
"english"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_kooboocms_version",
"value": [
"23"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_accelerated_by",
"value": [
"1"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_nextjs_cache",
"value": [
"HIT"
]
},
{
"key": "x_backside_transport",
"value": [
"FAIL FAIL"
]
},
{
"key": "x_cdn_forward",
"value": [
"maxcdn"
]
},
{
"key": "x_dynatrace_js_agent",
"value": [
"ch"
]
},
{
"key": "x_amz_cf_id",
"value": [
"CtsEH7KQ5yf2LQM4TNLiEjUavO2mWjwAez9sPj8Ws5MUdPUz2A=="
]
},
{
"key": "x_confluence_request_time",
"value": [
"1698802372064"
]
},
{
"key": "x_iinfo",
"value": [
"11-40203780-0 0NNN RT(1579229728732 0) q(0 -1 -1 -1) r(0 -1)"
]
},
{
"key": "loginip",
"value": [
"159.223.149.203"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_aspnet_version",
"value": [
"4.0.30319"
]
},
{
"key": "x_shopid",
"value": [
"25693290577"
]
},
{
"key": "x_cache_miss_from",
"value": [
"parking-74c5b8d946-dhmw5"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_redirect_by",
"value": [
"WordPress"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
}
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Raspbian"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "用友U8CRM"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [
"_internal",
"web_database"
],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"redis": {
"arch_bits": "64",
"build_id": "fac228d1928e92e0",
"gcc_version": "4.4.7",
"git_sha1": "00000000",
"major": 6,
"mem_allocator": "jemalloc-3.6.0",
"minor": 0,
"mode": "standalone",
"os": "Linux 2.6.32-220.7.1.el6.x86_64 x86_64",
"patchlevel": 15,
"total_commands_processed": 9248144,
"total_connections_received": 41002,
"uptime_in_seconds": 13212977,
"used_memory": 125657656,
"version": "6.0.15"
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "878F3D1E4D48F833A9E21DD5FED089C7",
"fingerprint_sha1": "AC90F7B3AAA9B7832100097FB00F0A42AB75D183",
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "5291970371735989126",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "95c121aeddb483f62a7f51223e221a320739b415705845b7533692c5887f2d42",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "5f65c3d8ee86122b928253654eaeed01f3745062026fcda182dbf712d619b795",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:09:38",
"not_before": "2025-07-11T08:09:38"
},
"version": 2
},
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"cve": [
{
"id": "CVE-2018-15891",
"severity": "medium"
},
{
"id": "CVE-2019-19538",
"severity": "high"
},
{
"id": "CVE-2019-19851",
"severity": "medium"
}
],
"url": "https://139.162.28.46:6379/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-20T23:51:12.041Z"
},
{
"port": 6443,
"protocol": "tcp",
"name": "sip-proxy",
"version": "14.0.17",
"product": "FreePBX",
"extra_info": "Asterisk 15.7.4",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:sangoma:freepbx:14.0.17",
"part": "a",
"vendor": "sangoma",
"product": "freepbx",
"version": "14\\.0\\.17",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": 451286124,
"body_sha256": "fd79e181691c4783fd26bfe178542c9de667106cbf05b87b918b47d05914a52c",
"component": [
"Liveinternet",
"PHP",
"Ruby on Rails",
"Django",
"Python",
"Adobe ColdFusion",
"CFML",
"WordPress",
"MySQL",
"BEM",
"AngularJS",
"Ruby",
"SPIP:4.1.11"
],
"content_length": 145819,
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"145819"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Tue, 15 Jul 2025 11:45:15 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"p3p": [
"policyref=\"/bitrix/p3p.xml\", CP=\"NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA\""
],
"pragma": [
"private"
],
"server": [
"istio-envoy"
],
"set_cookie": [
"wordpress_logged_in_7400f7aab75991b599187e939d89d69c=admin%7C1737500088%7CGAmx1zdDUU%7Cbf7a880; path=/; HttpOnly",
"ASPSESSIONIDQCSASBTR=HLDNOCJAHHEGLOAADJAGCLLB; path=/",
"PHPSESSID=n91i168jps8rd856bcrln2isqe; path=/",
"webvpnaac=1; path=/; secure;",
"MRHSHint=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/",
"trsidsssosessionid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"DSIVS=; path=/; expires=Thu, 01 Jan 1970 22:00:00 GMT; secure;",
"com.trs.idm.coSessionId=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"roundcube_cookies=enabled; HttpOnly; expires=Tue, 01-Jan-1970 00:00:01 GMT; path=/; port=2095",
"SID=hBc7TxF76ERhvIw0jQQ4LZ7Z1jQUV0tQ; path=/;",
"samlPreauthSessionHash=; path=/; secure;",
"NSC_AAAC=a29d421feecf680a560a4c47b269b38ea29d421feecf680a560a4c47b269b38ea; path=/;",
"webvpn_as=; path=/; secure;",
"clickedItem_tab=1; asus_token=iDOPsFa54IUYb4alEFeOP4vjZrgspDD; clock_type=1; bw_rtab=INTERNET; ASUS_TrafficMonitor_unit=1",
"rememberMe=deleteMe; path=/;",
"zbx_sessionid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"acSamlv2Error=; path=/; secure;",
"Session=10.76.118.67.ff37fe7ceeca9a0ebedcf6549e8275d9; path=/"
],
"unknown": [
{
"key": "x_sorting_hat_podid",
"value": [
"80"
]
},
{
"key": "x_timer",
"value": [
"S1579233182.306174,VS0,VE0"
]
},
{
"key": "x_azure_ref",
"value": [
"v23"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_via_fastly",
"value": [
"5"
]
},
{
"key": "x_adblock_key",
"value": [
"23"
]
},
{
"key": "x_contextid",
"value": [
"YQo="
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_chromelogger_data",
"value": [
"13"
]
},
{
"key": "x_cocoon_version",
"value": [
"13"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "loginip",
"value": [
"164.92.185.249"
]
},
{
"key": "x_drupal_cache",
"value": [
"HIT"
]
},
{
"key": "x_influxdb_version",
"value": [
"v2.7.5"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_clacks_overhead",
"value": [
"GNU Terry Pratchett"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_fb_error_from",
"value": [
"fwdproxy"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_aspnet_version",
"value": [
"4.0.30319"
]
},
{
"key": "x_sorting_hat_shopid",
"value": [
"25693290577"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_ne_tf",
"value": [
"5"
]
}
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"CentOS"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": ".:: Welcome to the Web-Based Configurator::."
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "878F3D1E4D48F833A9E21DD5FED089C7",
"fingerprint_sha1": "AC90F7B3AAA9B7832100097FB00F0A42AB75D183",
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "5291970371735989126",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "95c121aeddb483f62a7f51223e221a320739b415705845b7533692c5887f2d42",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "5f65c3d8ee86122b928253654eaeed01f3745062026fcda182dbf712d619b795",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:09:38",
"not_before": "2025-07-11T08:09:38"
},
"version": 2
},
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"cve": [
{
"id": "CVE-2018-15891",
"severity": "medium"
},
{
"id": "CVE-2019-19538",
"severity": "high"
},
{
"id": "CVE-2019-19851",
"severity": "medium"
}
],
"url": "https://139.162.28.46:6443/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-20T20:08:59.634Z"
},
{
"port": 7574,
"protocol": "tcp",
"name": "echo",
"version": "",
"product": "",
"extra_info": "",
"tunnel": "",
"modules": {
"http": {
"body_murmur": -1142879603,
"body_sha256": "b064c325f5556fd13fac95fc1e195b77be953cb3bff1e5c217fb8f0ea5ac950d",
"component": [
"Liveinternet",
"WordPress",
"MySQL",
"Python",
"PHP",
"Django",
"AngularJS",
"Ruby on Rails",
"Ruby",
"Adobe ColdFusion",
"CFML",
"BEM",
"SPIP:4.1.11"
],
"content_length": 145218,
"favicon": {
"md5_hash": "b89adb697c786ef4c9553d2caf9fc409",
"murmur_hash": -17306567,
"path": "http://139.162.28.46:7574/favicon.ico",
"size": 827
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"145218"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Sun, 22 Jun 2025 04:20:30 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"MikrotikHttpProxy"
],
"set_cookie": [
"DSSignInURL=/; path=/; secure;",
"XXL_JOB_LOGIN_IDENTITY=7b226964223a312c227; Max-Age=2147483647; Expires=Thu, 01-Jan-1970 00:00:01; Path=/; HttpOnly;",
"rememberMe=deleteMe; path=/;",
"TRACKID=111d130c363c6795f9897e3368d2926e; Path=/; Version=1;",
"grafana_session_expiry=1990089920; Path=/; Max-Age=2592000; SameSite=Lax",
"_csrf=ffd33fd2; path=/",
"ASPSESSIONIDSSCDTDBS=n811avhi2gnvn1mlvv7572hkc; path=/; zfoausername=admin; HttpOnly",
"wordpress_logged_in_7400f7aab75991b599187e939d89d69c=admin%7C1737500088%7CGAmx1zdDUU%7Cbf7a880; path=/; HttpOnly",
"CFTOKEN=f337; CFCLIENT_FOO_CORP=preflanguage%3DEN%23; CFID=1F; path=/;HttpOnly;",
"did=A67B8F9C;",
"SUPPORTCHROMEOS=1; path=/; secure;",
"DSSIGNIN=url_default; path=/dana-na/; expires=Thu, 31-Dec-2037 00:00:00 GMT; secure;",
"trsidsssosessionid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"webvpn_as=; path=/; secure;",
"LastMRH_Session=ffd33fd2; path=/",
"__s_sessionid__=hh5rq45u9srt079v063jkb8c13; path=/",
"zbx_session=eyJzZXNzaW9uaWQiOiI1MDU2ZTlkYTFmZjkxZDAyMGEwMGEwMzhjNTliY2I2OCIsInNpZ24iOiJiMDVjNDJjNzQ4Y2IzZGRkNjExMWE4NDVhMDJhOWMxMWE5ODVjYTZmNDRhY2QxY2I3MjA5ZjIxZmExMDg3YjQ5In0%3D; secure; HttpOnly",
"csrf=8t9ADqIogbjKRK6; Path=/; HttpOnly;"
],
"unknown": [
{
"key": "x_cache_lookup",
"value": [
"NONE from ezproxies.com:3128"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_sorting_hat_podid",
"value": [
"80"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "nel",
"value": [
"{'report_to': 'network-errors', 'max_age': 2592000, 'failure_fraction': 0.01, 'success_fraction': 0.0001}"
]
},
{
"key": "x_chromelogger_data",
"value": [
"13"
]
},
{
"key": "loginip",
"value": [
"137.184.204.44"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_squid_error",
"value": [
"ERR_INVALID_URL 0"
]
},
{
"key": "x_syno_token",
"value": [
"MIGfMA0GCSq"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "report_to",
"value": [
"{'group': 'network-errors', 'max_age': 2592000, 'endpoints': [{'url': 'https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify'}]}"
]
},
{
"key": "x_contextid",
"value": [
"YQo="
]
},
{
"key": "x_vercel_cache",
"value": [
"1"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_sorting_hat_shopid",
"value": [
"25693290577"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_clacks_overhead",
"value": [
"GNU Terry Pratchett"
]
},
{
"key": "x_cache_group",
"value": [
"normal"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_nananana",
"value": [
"Batcache"
]
}
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"PbootCMS"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "Four-Faith (build 4057M) - Info"
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "85CD8450C0E67AF3D063933AFB7FD0ED",
"fingerprint_sha1": "6EB6CD6B4651C75555B37B65B5F598501D34FD44",
"fingerprint_sha256": "5C42659870015577469CB2CA0712F939C8FEC4F58D27515EF7D6A711D198751F",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"LS"
],
"domain_component": [
"TKY",
"local"
],
"organization": [
"EEPZXDLN"
],
"organizational_unit": [
"XZTGQIV"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "3339281442540475432",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"LS"
],
"domain_component": [
"TKY",
"local"
],
"organization": [
"EEPZXDLN"
],
"organizational_unit": [
"XZTGQIV"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "0152180d52c8ecfe902357e8711c616060c5291d6992fd6432699e13ccf67042",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "dc1f0d3f318bbc3f4a9de665b9b040088e808b31d805bff882081017ce5577ff",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-06-21T01:07:47",
"not_before": "2025-06-21T01:07:47"
},
"version": 2
},
"fingerprint_sha256": "5C42659870015577469CB2CA0712F939C8FEC4F58D27515EF7D6A711D198751F",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"url": "https://139.162.28.46:7574/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-19T11:39:49.877Z"
},
{
"port": 8086,
"protocol": "tcp",
"name": "sip-proxy",
"version": "14.0.17",
"product": "FreePBX",
"extra_info": "Asterisk 15.7.4",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:sangoma:freepbx:14.0.17",
"part": "a",
"vendor": "sangoma",
"product": "freepbx",
"version": "14\\.0\\.17",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": -336414732,
"body_sha256": "eeeab29296dc44e8569a407153a408016668c15b665c37c832606452e2f8189d",
"component": [
"WordPress",
"PHP",
"BEM",
"Python",
"Ruby",
"CFML",
"AngularJS",
"Ruby on Rails",
"Liveinternet",
"MySQL",
"Django",
"SPIP:4.1.11",
"Adobe ColdFusion"
],
"content_length": 145277,
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"145277"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Wed, 02 Jul 2025 17:01:54 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"nws/1.0"
],
"set_cookie": [
"webvpnlogin=; path=/; secure;",
"trsidsssosessionid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"laravel_session=a0ffeb;",
"XXL_JOB_LOGIN_IDENTITY=7b226964223a312c227; Max-Age=2147483647; Expires=Thu, 01-Jan-1970 00:00:01; Path=/; HttpOnly;",
"ISMS_8700_Sessionname=A67B8F9C228E095723A97C6A977BE2B3; Path=/; HttpOnly",
"_csrf=ffd33fd2; path=/",
"loginName=admin",
"fsm_u=admin; Path=/;",
"TRACKID=111d130c363c6795f9897e3368d2926e; Path=/; Version=1;",
"webvpn_as=; path=/; secure;",
"_zcsr_tmp=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=Strict;Secure;priority=high;",
"webvpn=A9790AFEACDEFA01FAAEAFEWFF390AE; path=/; secure;",
"cepcAdminID=25263a2bf; path=/;",
"_indexVersion=2; path=/",
"zentaosid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"swap=vFuUpy5thP2HBPenIBJZtmjQHvBP2UiSJNhstyNXrAs; path=/; secure; HttpOnly;",
"DSIVS=; path=/; expires=Thu, 01 Jan 1970 22:00:00 GMT; secure;",
"NSC_AAAC=a29d421feecf680a560a4c47b269b38ea29d421feecf680a560a4c47b269b38ea; path=/;"
],
"unknown": [
{
"key": "x_now_trace",
"value": [
"true"
]
},
{
"key": "x_language",
"value": [
"english"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_clacks_overhead",
"value": [
"GNU Terry Pratchett"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_shardid",
"value": [
"80"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_varnish",
"value": [
"336777937"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_ne_tf",
"value": [
"5"
]
},
{
"key": "x_cache",
"value": [
"miss"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_amz_cf_id",
"value": [
"CtsEH7KQ5yf2LQM4TNLiEjUavO2mWjwAez9sPj8Ws5MUdPUz2A=="
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_fastcgi_cache",
"value": [
"2"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "loginip",
"value": [
"159.65.125.111"
]
},
{
"key": "x_akaunting",
"value": [
"Free Accounting Software"
]
},
{
"key": "x_syno_token",
"value": [
"MIGfMA0GCSq"
]
},
{
"key": "x_ibm_aspera",
"value": [
"af"
]
},
{
"key": "x_bubble_perf",
"value": [
"/"
]
},
{
"key": "x_cache_miss_from",
"value": [
"parking-74c5b8d946-dhmw5"
]
},
{
"key": "teamcity_node_id",
"value": [
"MAIN_SERVER"
]
},
{
"key": "x_fastly_request_id",
"value": [
"135"
]
},
{
"key": "x_sorting_hat_podid",
"value": [
"80"
]
}
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"ASP.NET"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "Qlik Sense login page"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [
"_internal",
"web_database"
],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "045E16D9201380C920768FC95F7DD351",
"fingerprint_sha1": "BB775C708155F5E431D8EEED8CB931C6FBCE80A9",
"fingerprint_sha256": "95BCF44B4510CF4499150F8E0DA4D30E70C16FE5D4E2BFEA9D674124BCE45867",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"ZW"
],
"domain_component": [
"GUACFTDP",
"local"
],
"organization": [
"OSLJLEYL"
],
"organizational_unit": [
"YLBCMAK"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "5348158129423145959",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"ZW"
],
"domain_component": [
"GUACFTDP",
"local"
],
"organization": [
"OSLJLEYL"
],
"organizational_unit": [
"YLBCMAK"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "d92ae9ccf250c4dda6dcc1760a77d60cfc1219d2d0a80b077a30d411736bf27c",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "57a61780efb1c001a99ef1a84f7edcaf7883638fe75297f0c9bbadebbd400574",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-06-30T03:57:59",
"not_before": "2025-06-30T03:57:59"
},
"version": 2
},
"fingerprint_sha256": "95BCF44B4510CF4499150F8E0DA4D30E70C16FE5D4E2BFEA9D674124BCE45867",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"cve": [
{
"id": "CVE-2018-15891",
"severity": "medium"
},
{
"id": "CVE-2019-19538",
"severity": "high"
},
{
"id": "CVE-2019-19851",
"severity": "medium"
}
],
"url": "https://139.162.28.46:8086/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-16T17:51:09.917Z"
},
{
"port": 8087,
"protocol": "tcp",
"name": "echo",
"version": "",
"product": "",
"extra_info": "",
"tunnel": "",
"modules": {
"http": {
"body_murmur": 1091033950,
"body_sha256": "bc58b0943bdec880e294f15216bd85df642e2d78bf1cf0221fa5d442eb34224f",
"component": [
"PHP",
"Ruby on Rails",
"SPIP:4.1.11",
"AngularJS",
"Liveinternet",
"Django",
"Amazon CloudFront",
"MySQL",
"BEM",
"CFML",
"Amazon Web Services",
"WordPress",
"Adobe ColdFusion",
"Python",
"Ruby"
],
"content_length": 145194,
"favicon": {
"md5_hash": "44071663a97aa46640d124dd31fe7521",
"murmur_hash": 2091717113,
"path": "http://139.162.28.46:8087/favicon.ico",
"size": 7659
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"145194"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Tue, 24 Jun 2025 10:30:04 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"Router"
],
"set_cookie": [
"NSC_AAAC=a29d421feecf680a560a4c47b269b38ea29d421feecf680a560a4c47b269b38ea; path=/;",
"zbx_sessionid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"webvpn_as=; path=/; secure;",
"_zcsr_tmp=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=Strict;Secure;priority=high;",
"UICSESSION=qqhhk66ogtvugchmqfov0j4l96; path=/;",
"LastMRH_Session=ffd33fd2; path=/",
"ASPSESSIONIDSSCDTDBS=n811avhi2gnvn1mlvv7572hkc; path=/; zfoausername=admin; HttpOnly",
"fsm_u=admin; Path=/;",
"PHC_DISABLED=1; path=/; secure;",
"XXL_JOB_LOGIN_IDENTITY=7b226964223a312c227; Max-Age=2147483647; Expires=Thu, 01-Jan-1970 00:00:01; Path=/; HttpOnly;",
"F5_ST=2f2f1f1665754014a-1; path=/",
"DSSignInURL=/; path=/; secure;",
"sesskey=21263a2bf; path=/;",
"_csrf=ffd33fd2; path=/",
"jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c; path=/",
"CLIENT_ID=7214",
"clickedItem_tab=1; asus_token=iDOPsFa54IUYb4alEFeOP4vjZrgspDD; clock_type=1; bw_rtab=INTERNET; ASUS_TrafficMonitor_unit=1",
"jeesite.session.id=n811avhi2gnvn1mlvv7572hkc; path=/; i_like_gogs=; i_like_gitea=; harbor-lang=; atmail6=; a=phpMyAdmin; b=/pma_lang; HttpOnly"
],
"unknown": [
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "teamcity_node_id",
"value": [
"MAIN_SERVER"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_nextjs_cache",
"value": [
"HIT"
]
},
{
"key": "x_syno_token",
"value": [
"MIGfMA0GCSq"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_highwire_sessionid",
"value": [
"aaefbbcd"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_backside_transport",
"value": [
"FAIL FAIL"
]
},
{
"key": "x_t_location",
"value": [
"/iam"
]
},
{
"key": "x_turbo_charged_by",
"value": [
"LiteSpeed"
]
},
{
"key": "loginip",
"value": [
"157.230.234.124"
]
},
{
"key": "x_page_speed",
"value": [
"900"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_dynatrace_js_agent",
"value": [
"ch"
]
},
{
"key": "x_kooboocms_version",
"value": [
"23"
]
},
{
"key": "x_app_server",
"value": [
"app07"
]
},
{
"key": "x_includable_version",
"value": [
"32"
]
}
],
"via": [
"1.1 51766bfb56389c696c1525db90e16f23.cloudfront.net (CloudFront)"
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Kemal"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "March"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "B690252E3D7C184FA370A096BF20D2C6",
"fingerprint_sha1": "328EC935679106408688B8E254B27AB9E0B8520C",
"fingerprint_sha256": "D6262418A1D025EA86153C7E879E79BF53C434AEEE32683A354A0156A67F04B0",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"SB"
],
"domain_component": [
"SDEGLI",
"local"
],
"organization": [
"MPBJWPKD"
],
"organizational_unit": [
"DSFSPIP"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "8706831076806284024",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"SB"
],
"domain_component": [
"SDEGLI",
"local"
],
"organization": [
"MPBJWPKD"
],
"organizational_unit": [
"DSFSPIP"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "1b9735244bcad6a7c1707a949dc93e607b68094ebb724073090d177cbf41f3a9",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "982e19fde89bc6ae733771bd0e38fa60d6636f6a4444ffd8f44fdf5ac6baef44",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-06-23T21:55:31",
"not_before": "2025-06-23T21:55:31"
},
"version": 2
},
"fingerprint_sha256": "D6262418A1D025EA86153C7E879E79BF53C434AEEE32683A354A0156A67F04B0",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"url": "https://139.162.28.46:8087/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-21T02:00:21.411Z"
},
{
"port": 8500,
"protocol": "tcp",
"name": "http",
"version": "2.0.43",
"product": "Apache httpd",
"extra_info": "(Win32) mod_jk/1.2.2-beta-1",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:apache:http_server:2.0.43",
"part": "a",
"vendor": "apache",
"product": "http_server",
"version": "2\\.0\\.43",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"consul": {
"build_date": "2024-10-14T20:52:01Z",
"datacenter": "dc1",
"node_id": "e5ad94e9-c381-5717-4b0c-2166fc0bb30b",
"node_name": "lvmkl",
"primary_datacenter": "dc1",
"revision": "cddc6181",
"server": true,
"version": "1.20.0"
},
"http": {
"body_murmur": -199305514,
"body_sha256": "41daff5ccada26a4e6460de5780ae2db62d569d77511b994c398404b907ff98d",
"component": [
"BEM",
"WordPress",
"MySQL",
"Python",
"Ruby",
"Adobe ColdFusion",
"CFML",
"Ruby on Rails",
"SPIP:4.1.11",
"Liveinternet",
"PHP",
"Django",
"AngularJS"
],
"content_length": 145779,
"favicon": {
"md5_hash": "77b2f4c09890ab658a72c4bad8c1077b",
"murmur_hash": 1924358485,
"path": "http://139.162.28.46:8500/favicon.ico",
"size": 1630
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"145779"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Wed, 16 Jul 2025 06:09:16 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"SmartCamWebService"
],
"set_cookie": [
"ASPSESSIONIDSSCDTDBS=n811avhi2gnvn1mlvv7572hkc; path=/; zfoausername=admin; HttpOnly",
"webvpnaac=1; path=/; secure;",
"F5_ST=2f2f1f1665754014a-1; path=/",
"Cacti=o6vomb0hujscvd9qh7icd0b6m6; path=/",
"samlPreauthSessionHash=; path=/; secure;",
"rememberMe=deleteMe; path=/;",
"clickedItem_tab=1; asus_token=iDOPsFa54IUYb4alEFeOP4vjZrgspDD; clock_type=1; bw_rtab=INTERNET; ASUS_TrafficMonitor_unit=1",
"sessionid=24263a2bf; webvpnLang=webvpnLang; webvpn=; webvpncontext=00000@SSLContext; path=/;",
"webvpn_as=; path=/; secure;",
"sesskey=21263a2bf; path=/;",
"zbx_session=eyJzZXNzaW9uaWQiOiI1MDU2ZTlkYTFmZjkxZDAyMGEwMGEwMzhjNTliY2I2OCIsInNpZ24iOiJiMDVjNDJjNzQ4Y2IzZGRkNjExMWE4NDVhMDJhOWMxMWE5ODVjYTZmNDRhY2QxY2I3MjA5ZjIxZmExMDg3YjQ5In0%3D; secure; HttpOnly",
"DSSignInURL=/; path=/; secure;",
"did=A67B8F9C;",
"ISMS_8700_Sessionname=A67B8F9C228E095723A97C6A977BE2B3; Path=/; HttpOnly",
"_zcsr_tmp=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=Strict;Secure;priority=high;",
"wordpress_logged_in_7400f7aab75991b599187e939d89d69c=admin%7C1737500088%7CGAmx1zdDUU%7Cbf7a880; path=/; HttpOnly",
"CNOAOASESSID=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"_indexVersion=2; path=/"
],
"unknown": [
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "loginip",
"value": [
"159.223.27.70"
]
},
{
"key": "x_cocoon_version",
"value": [
"13"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_pingback",
"value": [
"https://example.com/xmlrpc.php"
]
},
{
"key": "x_sorting_hat_shopid",
"value": [
"25693290577"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_robots_tag",
"value": [
"none"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_cache_miss_from",
"value": [
"parking-74c5b8d946-dhmw5"
]
},
{
"key": "x_check",
"value": [
"3112dc4d54f8e22d666785b733b0052100c53444"
]
},
{
"key": "x_litespeed_cache",
"value": [
"hit"
]
},
{
"key": "x_cache_group",
"value": [
"normal"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_nextjs_prerender",
"value": [
"1"
]
},
{
"key": "x_seen_by",
"value": [
"CtsEH7KQ5yf2LQM4TNLiEjUavO2mWjwAez9sPj8Ws5MUdPUz2A==,YQo=,YQo=,YQo=,YQo=,YQo=,YQo="
]
},
{
"key": "x_turbo_charged_by",
"value": [
"LiteSpeed"
]
},
{
"key": "x_chromelogger_data",
"value": [
"13"
]
},
{
"key": "x_iinfo",
"value": [
"11-40203780-0 0NNN RT(1579229728732 0) q(0 -1 -1 -1) r(0 -1)"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_mod_pagespeed",
"value": [
"tr"
]
}
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Next.js"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "DVR Remote"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "878F3D1E4D48F833A9E21DD5FED089C7",
"fingerprint_sha1": "AC90F7B3AAA9B7832100097FB00F0A42AB75D183",
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "5291970371735989126",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "95c121aeddb483f62a7f51223e221a320739b415705845b7533692c5887f2d42",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "5f65c3d8ee86122b928253654eaeed01f3745062026fcda182dbf712d619b795",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:09:38",
"not_before": "2025-07-11T08:09:38"
},
"version": 2
},
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"cve": [
{
"id": "CVE-2001-1556",
"severity": "medium"
},
{
"id": "CVE-2003-0016",
"severity": "high"
},
{
"id": "CVE-2003-0017",
"severity": "medium"
}
],
"url": "https://139.162.28.46:8500/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-16T12:00:25.502Z"
},
{
"port": 8883,
"protocol": "tcp",
"name": "mqtt",
"version": "",
"product": "",
"extra_info": "",
"tunnel": "ssl",
"modules": {
"http": {
"body_murmur": -201205931,
"body_sha256": "bfe9f229f2464fe8df0ee4db9e462091c1a6c83dbdbe4361420bee7acafde17e",
"component": [
"Amazon CloudFront",
"BEM",
"Ruby",
"WordPress",
"SPIP:4.1.11",
"Amazon Web Services",
"CFML",
"MySQL",
"Liveinternet",
"Python",
"Adobe ColdFusion",
"AngularJS",
"PHP",
"Django",
"Ruby on Rails"
],
"content_length": 145753,
"favicon": {
"md5_hash": "77b2f4c09890ab658a72c4bad8c1077b",
"murmur_hash": 1924358485,
"path": "http://139.162.28.46:8883/favicon.ico",
"size": 1630
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"145753"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Sat, 12 Jul 2025 04:51:22 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"HFS 2.1 beta17"
],
"set_cookie": [
"token=21263a2bf; path=/;",
"MRHSession=ffd33fd2; path=/",
"wordpress_logged_in_7400f7aab75991b599187e939d89d69c=admin%7C1737500088%7CGAmx1zdDUU%7Cbf7a880; path=/; HttpOnly",
"acSamlv2Error=; path=/; secure;",
"webvpn=A9790AFEACDEFA01FAAEAFEWFF390AE; path=/; secure;",
"session820/qualitor820=2ek44merar6fo67l01hdr09u0l; path=/; HttpOnly; SameSite=Lax",
"USGSESSID=ff37fe7ceeca9a0ebedcf6549e8275d9; path=/; HttpOnly",
"samlPreauthSessionHash=; path=/; secure;",
"acSamlv2Token=; path=/; secure;",
"roundcube_sessauth=expired; HttpOnly; domain=cpanel.custompoodles.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095",
"TRACKID=111d130c363c6795f9897e3368d2926e; Path=/; Version=1;",
"LastMRH_Session=ffd33fd2; path=/",
"SUPPORTCHROMEOS=1; path=/; secure;",
"id=A67B8F9C;",
"_csrf=ffd33fd2; path=/",
"sessionNonceCookie-91c537b4-8e24-3455-8f0c-225b8fcc3641=16a09f29-a4ff-4be2-b4a5-913c7880d677; Max-Age=4800; Expires=Thu, 01-Jan-1970 00:00:01 GMT; Path=/; Secure; HttpOnly; SameSite=None",
"zbx_session=eyJzZXNzaW9uaWQiOiI1MDU2ZTlkYTFmZjkxZDAyMGEwMGEwMzhjNTliY2I2OCIsInNpZ24iOiJiMDVjNDJjNzQ4Y2IzZGRkNjExMWE4NDVhMDJhOWMxMWE5ODVjYTZmNDRhY2QxY2I3MjA5ZjIxZmExMDg3YjQ5In0%3D; secure; HttpOnly",
"CFTOKEN=f337; CFCLIENT_FOO_CORP=preflanguage%3DEN%23; CFID=1F; path=/;HttpOnly;"
],
"unknown": [
{
"key": "x_bubble_capacity_limit",
"value": [
"12"
]
},
{
"key": "x_fsc",
"value": [
"=deleteMe|rememberMe= 360wzws|CWAP-waf|zhuji.360.cn|X-Safe-Firewall AkamaiGHost Anquanbao Basic realm=\"dubbo\" BigIP|BIGipServer binarysec BlockDos.net client_param=install_active cloudflare cloudfront Cneonction|nnCoection|citrix_ns_id dotDefender ecology_JSessionid EMobileServer 华夏ERP JBoss jsluid= laravel_session linksys-vpn Mod_Security|NOYB Nagios Access nagios admin newdefend NSFocus Protected by COMODO Safe3WAF|Safe3 Web Firewall Safedog|WAF/2.0 Secure Entry Server sessioncookie= SonicWALL Sucuri/Cloudproxy ThinkPHP varnish wallarm WebKnight WebLogic webvpn X-Backside-Transport X-CDN|Incapsula X-Confluence X-Mapping- YUNDUN yunjiasu yunsuo zhuji.360.cn"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_cache_enabled",
"value": [
"False"
]
},
{
"key": "x_fb_error_from",
"value": [
"fwdproxy"
]
},
{
"key": "x_shopid",
"value": [
"25693290577"
]
},
{
"key": "x_redirect_by",
"value": [
"WordPress"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_kooboocms_version",
"value": [
"23"
]
},
{
"key": "loginip",
"value": [
"167.99.8.127"
]
},
{
"key": "x_cache_group",
"value": [
"normal"
]
},
{
"key": "x_cmd_response",
"value": [
"root"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_turbo_charged_by",
"value": [
"LiteSpeed"
]
},
{
"key": "x_vercel_id",
"value": [
"2"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "report_to",
"value": [
"{'group': 'network-errors', 'max_age': 2592000, 'endpoints': [{'url': 'https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify'}]}"
]
},
{
"key": "x_cdn_forward",
"value": [
"maxcdn"
]
},
{
"key": "x_adblock_key",
"value": [
"YQo="
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_cacheable",
"value": [
"SHORT"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
}
],
"via": [
"1.1 51766bfb56389c696c1525db90e16f23.cloudfront.net (CloudFront)"
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Raspbian"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "SMCWBR14S-N4,150 Mbps 4-Port"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "878F3D1E4D48F833A9E21DD5FED089C7",
"fingerprint_sha1": "AC90F7B3AAA9B7832100097FB00F0A42AB75D183",
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "5291970371735989126",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "95c121aeddb483f62a7f51223e221a320739b415705845b7533692c5887f2d42",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "5f65c3d8ee86122b928253654eaeed01f3745062026fcda182dbf712d619b795",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:09:38",
"not_before": "2025-07-11T08:09:38"
},
"version": 2
},
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"url": "https://139.162.28.46:8883/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-19T07:41:36.345Z"
},
{
"port": 8983,
"protocol": "tcp",
"name": "http",
"version": "2.7.5",
"product": "InfluxDB http admin",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:influxdata:influxdb:2.7.5",
"part": "a",
"vendor": "influxdata",
"product": "influxdb",
"version": "2\\.7\\.5",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": 814835232,
"body_sha256": "bd2b4dfef6f27d9269c260a407ef70bd95c734efd5bbe888a039305e4531cedd",
"component": [
"MySQL",
"PHP",
"Liveinternet",
"Adobe ColdFusion",
"Django",
"AngularJS",
"WordPress",
"Ruby",
"SPIP:4.1.11",
"CFML",
"BEM",
"Python",
"Ruby on Rails"
],
"content_length": 146366,
"favicon": {
"md5_hash": "b5c66b07a742597376263bb23fc11b15",
"murmur_hash": 444712798,
"path": "http://139.162.28.46:8983/favicon.ico",
"size": 5506
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"146366"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Sun, 20 Jul 2025 10:23:58 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"Kerio Connect 8.3.1"
],
"set_cookie": [
"USGSESSID=ff37fe7ceeca9a0ebedcf6549e8275d9; path=/; HttpOnly",
"webvpnlogin=; path=/; secure;",
"PHC_DISABLED=1; path=/; secure;",
"DSSignInURL=/; path=/; secure;",
"MoodleSession=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"grafana_session_expiry=1990089920; Path=/; Max-Age=2592000; SameSite=Lax",
"token=21263a2bf; path=/;",
"ASPSESSIONIDQCSASBTR=HLDNOCJAHHEGLOAADJAGCLLB; path=/",
"adscsrf=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=None;Secure;priority=high;",
"ISMS_8700_Sessionname=A67B8F9C228E095723A97C6A977BE2B3; Path=/; HttpOnly",
"UID=7400f7aab75991b599187e939d89d69c",
"id=A67B8F9C;",
"DSSIGNIN=url_default; path=/dana-na/; expires=Thu, 31-Dec-2037 00:00:00 GMT; secure;",
"MRHSHint=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/",
"TRACKID=111d130c363c6795f9897e3368d2926e; Path=/; Version=1;",
"zbx_session=eyJzZXNzaW9uaWQiOiI1MDU2ZTlkYTFmZjkxZDAyMGEwMGEwMzhjNTliY2I2OCIsInNpZ24iOiJiMDVjNDJjNzQ4Y2IzZGRkNjExMWE4NDVhMDJhOWMxMWE5ODVjYTZmNDRhY2QxY2I3MjA5ZjIxZmExMDg3YjQ5In0%3D; secure; HttpOnly",
"metabase.DEVICE=657aec21-0f2d-4aa8-9973-172d408c3ebf;HttpOnly;Path=/;Expires=Thu, 01-Jan-1970 00:00:01;SameSite=None;Secure",
"SESSID=22363a2bf; path=/;"
],
"unknown": [
{
"key": "x_azure_ref",
"value": [
"v23"
]
},
{
"key": "x_page_speed",
"value": [
"1.13.35.2-0"
]
},
{
"key": "x_axentra_version",
"value": [
"13"
]
},
{
"key": "x_sorting_hat_podid",
"value": [
"80"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_aspnet_version",
"value": [
"4.0.30319"
]
},
{
"key": "x_now_trace",
"value": [
"true"
]
},
{
"key": "x_proxy_cache",
"value": [
"MISS"
]
},
{
"key": "x_sucuri_cache",
"value": [
"tru"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_fsc",
"value": [
"=deleteMe|rememberMe= 360wzws|CWAP-waf|zhuji.360.cn|X-Safe-Firewall AkamaiGHost Anquanbao Basic realm=\"dubbo\" BigIP|BIGipServer binarysec BlockDos.net client_param=install_active cloudflare cloudfront Cneonction|nnCoection|citrix_ns_id dotDefender ecology_JSessionid EMobileServer 华夏ERP JBoss jsluid= laravel_session linksys-vpn Mod_Security|NOYB Nagios Access nagios admin newdefend NSFocus Protected by COMODO Safe3WAF|Safe3 Web Firewall Safedog|WAF/2.0 Secure Entry Server sessioncookie= SonicWALL Sucuri/Cloudproxy ThinkPHP varnish wallarm WebKnight WebLogic webvpn X-Backside-Transport X-CDN|Incapsula X-Confluence X-Mapping- YUNDUN yunjiasu yunsuo zhuji.360.cn"
]
},
{
"key": "x_highwire_sessionid",
"value": [
"aaefbbcd"
]
},
{
"key": "loginip",
"value": [
"137.184.77.52"
]
},
{
"key": "x_kooboocms_version",
"value": [
"23"
]
},
{
"key": "x_template",
"value": [
"tpl_CleanPeppermintBlack_twoclick"
]
},
{
"key": "x_wix_request_id",
"value": [
"1579229867.6801399"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_nginx_cache_status",
"value": [
"MISS"
]
},
{
"key": "x_alternate_cache_key",
"value": [
"cacheable:ba92b39be043e3c90d2fd075057dd3e5"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
}
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"ThinkPHP"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "Visonic PowerLink"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [
"_internal",
"web_database"
],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "878F3D1E4D48F833A9E21DD5FED089C7",
"fingerprint_sha1": "AC90F7B3AAA9B7832100097FB00F0A42AB75D183",
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"jarm": "",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "5291970371735989126",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "95c121aeddb483f62a7f51223e221a320739b415705845b7533692c5887f2d42",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "5f65c3d8ee86122b928253654eaeed01f3745062026fcda182dbf712d619b795",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:09:38",
"not_before": "2025-07-11T08:09:38"
},
"version": 2
},
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"url": "https://139.162.28.46:8983/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-20T10:25:04.021Z"
},
{
"port": 9042,
"protocol": "tcp",
"name": "http",
"version": "2.7.5",
"product": "InfluxDB http admin",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:influxdata:influxdb:2.7.5",
"part": "a",
"vendor": "influxdata",
"product": "influxdb",
"version": "2\\.7\\.5",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
},
{
"uri": "cpe:/o:vmware:Admin:nil",
"part": "o",
"vendor": "vmware",
"product": "admin",
"version": "nil",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": 1579466280,
"body_sha256": "0732058b005f4d7b436b13ee03e1ca3cf280d07095a6dd154e4e69f5c10dfd05",
"component": [
"BEM",
"CFML",
"SPIP:4.1.11",
"Amazon Web Services",
"Python:3.5.3",
"AngularJS",
"WordPress",
"PHP",
"Microsoft ASP.NET",
"Ruby",
"Amazon CloudFront",
"SimpleHTTP:0.6",
"Adobe ColdFusion",
"Django",
"MySQL",
"Liveinternet",
"Ruby on Rails"
],
"content_length": 146865,
"favicon": {
"md5_hash": "c87bab9d4a9129f7d2e97044dbae6793",
"murmur_hash": -399311436,
"path": "http://139.162.28.46:9042/favicon.ico",
"size": 4286
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"146865"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Mon, 21 Jul 2025 16:46:42 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"proxy_authenticate": [
"Basic realm=\"Tinyproxy\""
],
"server": [
"SimpleHTTP/0.6 Python/3.5.3"
],
"set_cookie": [
"zbx_sessionid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"roundcube_sessauth=expired; HttpOnly; domain=cpanel.custompoodles.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095",
"cepcAdminID=25263a2bf; path=/;",
"sessionNonceCookie-91c537b4-8e24-3455-8f0c-225b8fcc3641=16a09f29-a4ff-4be2-b4a5-913c7880d677; Max-Age=4800; Expires=Thu, 01-Jan-1970 00:00:01 GMT; Path=/; Secure; HttpOnly; SameSite=None",
"loginName=admin",
"MRHSHint=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/",
"_indexVersion=2; path=/",
"DSSIGNIN=url_default; path=/dana-na/; expires=Thu, 31-Dec-2037 00:00:00 GMT; secure;",
"CFTOKEN=f337; CFCLIENT_FOO_CORP=preflanguage%3DEN%23; CFID=1F; path=/;HttpOnly;",
"clickedItem_tab=1; asus_token=iDOPsFa54IUYb4alEFeOP4vjZrgspDD; clock_type=1; bw_rtab=INTERNET; ASUS_TrafficMonitor_unit=1",
"NSC_VPNERR=4007",
"webvpn=A9790AFEACDEFA01FAAEAFEWFF390AE; path=/; secure;",
"PHPSESSID=n91i168jps8rd856bcrln2isqe; path=/",
"JSESSIONID=818E3539F13611E2EA4D5BFB48AE058C.jvml; Path=/mifs; OFBiz.Visitor=10004; Secure; HttpOnly;SameSite=lax;",
"sdplogincsrfcookie=6cc9d6ad-33d5-4b5a-adc8-b5bf284cb492; Path=/; SameSite=None; Secure;",
"NSC_AAAC=a29d421feecf680a560a4c47b269b38ea29d421feecf680a560a4c47b269b38ea; path=/;",
"_zcsr_tmp=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=Strict;Secure;priority=high;",
"SESSID=22363a2bf; path=/;"
],
"unknown": [
{
"key": "x_via_fastly",
"value": [
"5"
]
},
{
"key": "loginip",
"value": [
"164.92.197.28"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_kubernetes_pf_flowschema_uid",
"value": [
"34"
]
},
{
"key": "x_amz_cf_id",
"value": [
"CtsEH7KQ5yf2LQM4TNLiEjUavO2mWjwAez9sPj8Ws5MUdPUz2A=="
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_wix_request_id",
"value": [
"1579229867.6801399"
]
},
{
"key": "mime_version",
"value": [
"1.0"
]
},
{
"key": "x_axentra_version",
"value": [
"13"
]
},
{
"key": "x_adblock_key",
"value": [
"YQo="
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_influxdb",
"value": [
"b"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_flow_powered",
"value": [
"Flow"
]
},
{
"key": "x_github_request_id",
"value": [
"2544:7F5D:24C5A8:296D36:5E2B2B7B"
]
},
{
"key": "x_powered_cms",
"value": [
"Bitrix Site Manager (31ebf3fe2d1251fbd7f82a700bcc1f66)"
]
},
{
"key": "x_clacks_overhead",
"value": [
"GNU Terry Pratchett"
]
},
{
"key": "x_dc",
"value": [
"gcp-us-east1,gcp-us-central1,gcp-us-central1"
]
}
],
"via": [
"1.1 51766bfb56389c696c1525db90e16f23.cloudfront.net (CloudFront)"
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Zend Core"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "SmartIMSLibrary - Remoting SDK for .NET 9.4.107.1363"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [
"_internal",
"web_database"
],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "878F3D1E4D48F833A9E21DD5FED089C7",
"fingerprint_sha1": "AC90F7B3AAA9B7832100097FB00F0A42AB75D183",
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "5291970371735989126",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "95c121aeddb483f62a7f51223e221a320739b415705845b7533692c5887f2d42",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "5f65c3d8ee86122b928253654eaeed01f3745062026fcda182dbf712d619b795",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:09:38",
"not_before": "2025-07-11T08:09:38"
},
"version": 2
},
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"url": "https://139.162.28.46:9042/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-21T16:47:07.225Z"
},
{
"port": 9092,
"protocol": "tcp",
"name": "http",
"version": "2.7.5",
"product": "InfluxDB http admin",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:influxdata:influxdb:2.7.5",
"part": "a",
"vendor": "influxdata",
"product": "influxdb",
"version": "2\\.7\\.5",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
},
{
"uri": "cpe:/o:vmware:ESXi:6.5.0",
"part": "o",
"vendor": "vmware",
"product": "esxi",
"version": "6\\.5\\.0",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": -1028036247,
"body_sha256": "cf146da114b95450233536264951a8589b645827848f1cf340e0453979eecc26",
"component": [
"gunicorn:20.0.4",
"AngularJS",
"WordPress",
"MySQL",
"Adobe ColdFusion",
"PHP",
"Liveinternet",
"SPIP:4.1.11",
"Microsoft ASP.NET",
"Django",
"Python",
"BEM",
"CFML",
"Ruby on Rails",
"Ruby"
],
"content_length": 146830,
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"146830"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Mon, 21 Jul 2025 06:57:06 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"proxy_authenticate": [
"Basic realm=\"Tinyproxy\""
],
"server": [
"gunicorn/20.0.4"
],
"set_cookie": [
"__s_sessionid__=hh5rq45u9srt079v063jkb8c13; path=/",
"_zcsr_tmp=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=Strict;Secure;priority=high;",
"id=A67B8F9C;",
"DSSIGNIN=url_default; path=/dana-na/; expires=Thu, 31-Dec-2037 00:00:00 GMT; secure;",
"zentaosid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"csrftoken=Pt1Guz0uK8QPbP3EV8zBKcxaRaxgrZUPbjZeCK50MLR00VR7THTsnwRPH0otS1lS; Path=/; SameSite=Lax;HttpOnly;Secure;SameSite=Strict; Strict-Transport-Security: max-age=63072000; includeSubDomains",
"MRHSHint=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/",
"loginName=admin",
"com.trs.idm.coSessionId=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"X-Qlik-Session=35263a2bf; path=/;",
"CFTOKEN=f337; CFCLIENT_FOO_CORP=preflanguage%3DEN%23; CFID=1F; path=/;HttpOnly;",
"webvpnlogin=; path=/; secure;",
"sessionNonceCookie-91c537b4-8e24-3455-8f0c-225b8fcc3641=16a09f29-a4ff-4be2-b4a5-913c7880d677; Max-Age=4800; Expires=Thu, 01-Jan-1970 00:00:01 GMT; Path=/; Secure; HttpOnly; SameSite=None",
"ASPSESSIONIDQCSASBTR=HLDNOCJAHHEGLOAADJAGCLLB; path=/",
"clickedItem_tab=1; asus_token=iDOPsFa54IUYb4alEFeOP4vjZrgspDD; clock_type=1; bw_rtab=INTERNET; ASUS_TrafficMonitor_unit=1",
"rememberMe=deleteMe; path=/;",
"openvpn_sess_H8jh9h5ZIWc4UupqRJqPcoH8cBuTGY4w8bl3_UBvts1XPiItuVQMxvAvN8y5RBLbLlezh0Zm2xKpNmMwSCcvTw=CMvHtVV0n6DjvP5c--JgEWS3QsIcjzA5-zwezOq1K0Vzs2WaMh_YR2h7HJIZppxqLTaCrhNv3uTg4yl2X4dMPw; Expires=Thu, 01-Jan-1970 00:00:01; Path=/; Secure; HttpOnly",
"MRHSession=ffd33fd2; path=/"
],
"unknown": [
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_fastly_request_id",
"value": [
"ed15bdb8f4d9179ebe5b6b8441d6148a4a8e213f"
]
},
{
"key": "x_varnish_cache",
"value": [
"Miss"
]
},
{
"key": "x_cache_lookup",
"value": [
"NONE from ezproxies.com:3128"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_powered_by_plesk",
"value": [
"PleskWin"
]
},
{
"key": "x_sucuri_cache",
"value": [
"tru"
]
},
{
"key": "loginip",
"value": [
"157.230.97.77"
]
},
{
"key": "x_robots_tag",
"value": [
"none"
]
},
{
"key": "x_aspnetmvc_version",
"value": [
"5.2"
]
},
{
"key": "x_influxdb",
"value": [
"b"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_t_location",
"value": [
"/iam"
]
},
{
"key": "x_ruxit_js_agent",
"value": [
"true"
]
},
{
"key": "x_accelerated_by",
"value": [
"1"
]
},
{
"key": "x_dynatrace_js_agent",
"value": [
"ch"
]
},
{
"key": "x_cache_group",
"value": [
"normal"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_backside_transport",
"value": [
"FAIL FAIL"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_src_webcache",
"value": [
"fe05"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
}
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Scala"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "Legacy Brewing Co"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "878F3D1E4D48F833A9E21DD5FED089C7",
"fingerprint_sha1": "AC90F7B3AAA9B7832100097FB00F0A42AB75D183",
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "5291970371735989126",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "95c121aeddb483f62a7f51223e221a320739b415705845b7533692c5887f2d42",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "5f65c3d8ee86122b928253654eaeed01f3745062026fcda182dbf712d619b795",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:09:38",
"not_before": "2025-07-11T08:09:38"
},
"version": 2
},
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"cve": [
{
"id": "CVE-2022-31681",
"severity": "medium"
},
{
"id": "CVE-2023-29552",
"severity": "high"
}
],
"url": "https://139.162.28.46:9092/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-21T13:52:26.809Z"
},
{
"port": 9093,
"protocol": "tcp",
"name": "http",
"version": "19.7.0",
"product": "TwistedWeb httpd",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:twistedmatrix:twistedweb:19.7.0",
"part": "a",
"vendor": "twistedmatrix",
"product": "twistedweb",
"version": "19\\.7\\.0",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
},
{
"uri": "cpe:/o:vmware:ESXi:6.5.0",
"part": "o",
"vendor": "vmware",
"product": "esxi",
"version": "6\\.5\\.0",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": -48333584,
"body_sha256": "8e5b29b9da341b5a4e686017dde26dd98d874bc2a3e585927f35d1a83c346135",
"component": [
"Django",
"WordPress",
"Ruby on Rails",
"Ruby",
"SPIP:4.1.11",
"AngularJS",
"Liveinternet",
"Adobe ColdFusion",
"CFML",
"MySQL",
"BEM",
"Python",
"PHP"
],
"content_length": 146363,
"favicon": {
"md5_hash": "b6f91b5f9cedd010741cf953500cf710",
"murmur_hash": -452848264,
"path": "http://139.162.28.46:9093/favicon.ico",
"size": 4286
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"146363"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Sun, 20 Jul 2025 10:48:31 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"httpserver1.0"
],
"set_cookie": [
"USGSESSID=ff37fe7ceeca9a0ebedcf6549e8275d9; path=/; HttpOnly",
"__s_sessionid__=hh5rq45u9srt079v063jkb8c13; path=/",
"MISESSID=22363a2bf; path=/mi;",
"roundcube_sessauth=expired; HttpOnly; domain=cpanel.custompoodles.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095",
"clickedItem_tab=1; asus_token=iDOPsFa54IUYb4alEFeOP4vjZrgspDD; clock_type=1; bw_rtab=INTERNET; ASUS_TrafficMonitor_unit=1",
"roundcube_cookies=enabled; HttpOnly; expires=Tue, 01-Jan-1970 00:00:01 GMT; path=/; port=2095",
"ISMS_8700_Sessionname=A67B8F9C228E095723A97C6A977BE2B3; Path=/; HttpOnly",
"PHPSESSID=n91i168jps8rd856bcrln2isqe; path=/",
"fsm_login=37dfe4372f3867d7c134d618cbef137b; Path=/;",
"SOLONID=n91i168jps8rd856bcrln2isqe; path=/",
"RUIJIEID=A67B8F9C228E095723A97C6A977BE2B3; Path=/;",
"MoodleSession=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"MRHSHint=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/",
"trsidsssosessionid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"session=eyJsb2NhbGUiOiJlbiJ9.ZZ4C4A.Yts__-iv6tJYDJFDwkciSG_z7M4; HttpOnly; Path=/;",
"wordpress_7400f7aab75991b599187e939d89d69c=admin%7C1737500088%7CGAmx1zdDUU%7C70307dfb; path=/wp-admin; HttpOnly",
"ASPSESSIONIDSSCDTDBS=n811avhi2gnvn1mlvv7572hkc; path=/; zfoausername=admin; HttpOnly",
"LastMRH_Session=ffd33fd2; path=/"
],
"unknown": [
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_hacker",
"value": [
"If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header."
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_alternate_cache_key",
"value": [
"cacheable:ba92b39be043e3c90d2fd075057dd3e5"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "nel",
"value": [
"{'report_to': 'network-errors', 'max_age': 2592000, 'failure_fraction': 0.01, 'success_fraction': 0.0001}"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_vercel_id",
"value": [
"2"
]
},
{
"key": "loginip",
"value": [
"137.184.77.52"
]
},
{
"key": "x_dc",
"value": [
"gcp-us-east1,gcp-us-central1,gcp-us-central1"
]
},
{
"key": "x_page_speed",
"value": [
"900"
]
},
{
"key": "x_qlik_xrfkey",
"value": [
"ef00"
]
},
{
"key": "x_cache",
"value": [
"miss"
]
},
{
"key": "x_squid_error",
"value": [
"ERR_INVALID_URL 0"
]
},
{
"key": "x_aspnet_version",
"value": [
"4.0.30319"
]
},
{
"key": "x_cacheable",
"value": [
"SHORT"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_citrix_application",
"value": [
"Receiver for Web"
]
},
{
"key": "x_highwire_sessionid",
"value": [
"aaefbbcd"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
}
],
"vary": [
"RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Router-Segment-Prefetch, Accept-Encoding"
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Perl Dancer"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "Login | CCVoip"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [
"_internal",
"web_database"
],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "878F3D1E4D48F833A9E21DD5FED089C7",
"fingerprint_sha1": "AC90F7B3AAA9B7832100097FB00F0A42AB75D183",
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "5291970371735989126",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "95c121aeddb483f62a7f51223e221a320739b415705845b7533692c5887f2d42",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "5f65c3d8ee86122b928253654eaeed01f3745062026fcda182dbf712d619b795",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:09:38",
"not_before": "2025-07-11T08:09:38"
},
"version": 2
},
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"cve": [
{
"id": "CVE-2022-31681",
"severity": "medium"
},
{
"id": "CVE-2023-29552",
"severity": "high"
}
],
"url": "https://139.162.28.46:9093/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-20T10:48:58.212Z"
},
{
"port": 9200,
"protocol": "tcp",
"name": "http",
"version": "20.3.0",
"product": "TwistedWeb httpd",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:twistedmatrix:twistedweb:20.3.0",
"part": "a",
"vendor": "twistedmatrix",
"product": "twistedweb",
"version": "20\\.3\\.0",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"elasticsearch": {
"index": [
{
"count": "16051803",
"name": "logs-2024",
"size": "4.9gb"
},
{
"count": "10248228",
"name": "logs-2023",
"size": "3.2gb"
},
{
"count": "4629250332",
"name": "data-2024",
"size": "6.4tb"
}
],
"info": {
"cluster_name": "elasticsearch",
"cluster_uuid": "",
"name": "Blob",
"tagline": "You Know, for Search",
"version": {
"build_hash": "05d4530971ef0ea46d0f4fa6ee64dbc8df659682",
"lucene_version": "4.10.4",
"number": "1.7.3"
}
}
},
"http": {
"body_murmur": 1589257397,
"body_sha256": "3db479be0c09198605e2f8c1cc34676a4954f80aacfd0c0a21aea11ef115e847",
"component": [
"Apache HTTP Server"
],
"content_length": 316,
"favicon": {
"md5_hash": "2981503b195488ac17d05dcf18615cd1",
"murmur_hash": -1439222863,
"path": "http://139.162.28.46:9200/favicon.ico",
"size": 1150
},
"headers": {
"accept_ranges": [
"bytes"
],
"content_disposition": [
"Content-Disposition"
],
"content_length": [
"316"
],
"content_type": [
"application/json"
],
"date": [
"Sun, 20 Jul 2025 17:29:09 GMT"
],
"pragma": [
"private"
],
"server": [
"httpd"
],
"set_cookie": [
"SESSID=da122263a2bd; webvpnLang=webvpnLang"
],
"unknown": [
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
}
],
"x_powered_by": [
"PHP/4.6.0"
]
},
"protocol": "HTTP/1.1",
"status_code": 200
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [
"_internal",
"web_database"
],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "878F3D1E4D48F833A9E21DD5FED089C7",
"fingerprint_sha1": "AC90F7B3AAA9B7832100097FB00F0A42AB75D183",
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "5291970371735989126",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "95c121aeddb483f62a7f51223e221a320739b415705845b7533692c5887f2d42",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "5f65c3d8ee86122b928253654eaeed01f3745062026fcda182dbf712d619b795",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:09:38",
"not_before": "2025-07-11T08:09:38"
},
"version": 2
},
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"url": "https://139.162.28.46:9200/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-20T17:29:36.148Z"
},
{
"port": 10250,
"protocol": "tcp",
"name": "sip-proxy",
"version": "14.0.17",
"product": "FreePBX",
"extra_info": "Asterisk 15.7.4",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:sangoma:freepbx:14.0.17",
"part": "a",
"vendor": "sangoma",
"product": "freepbx",
"version": "14\\.0\\.17",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": -1910573168,
"body_sha256": "6c770d0123d478582816f521caa313508bd3f23681dbdd313561459d4401d5f9",
"component": [
"Liveinternet",
"BEM",
"Django",
"AngularJS",
"Ruby",
"MySQL",
"PHP",
"Adobe ColdFusion",
"CFML",
"SPIP:4.1.11",
"WordPress",
"Python",
"Ruby on Rails"
],
"content_length": 145580,
"favicon": {
"md5_hash": "1f52cc8ce9a3ab7ea704820f5f6a185e",
"murmur_hash": -1033644073,
"path": "http://139.162.28.46:10250/favicon.ico",
"size": 3774
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"145580"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Sun, 06 Jul 2025 04:01:47 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"ZLMediaKit-5.0(build in Apr 8 2021 03:17:35)"
],
"set_cookie": [
"com.trs.idm.coSessionId=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"acSamlv2Token=; path=/; secure;",
"grafana_session=f7fbcb089c6994b7bc45775fdae1a13c; Path=/; Max-Age=2592000; HttpOnly; Secure; SameSite=Lax",
"id=A67B8F9C;",
"zbx_sessionid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"CLIENT_ID=7214",
"sessionid=24263a2bf; webvpnLang=webvpnLang; webvpn=; webvpncontext=00000@SSLContext; path=/;",
"fsm_u=admin; Path=/;",
"csrftoken=Pt1Guz0uK8QPbP3EV8zBKcxaRaxgrZUPbjZeCK50MLR00VR7THTsnwRPH0otS1lS; Path=/; SameSite=Lax;HttpOnly;Secure;SameSite=Strict; Strict-Transport-Security: max-age=63072000; includeSubDomains",
"laravel_session=a0ffeb;",
"csrf=8t9ADqIogbjKRK6; Path=/; HttpOnly;",
"PHPSESSID=n91i168jps8rd856bcrln2isqe; path=/",
"session820/qualitor820=2ek44merar6fo67l01hdr09u0l; path=/; HttpOnly; SameSite=Lax",
"grafana_session_expiry=1990089920; Path=/; Max-Age=2592000; SameSite=Lax",
"rememberMe=deleteMe; path=/;",
"_csrf=ffd33fd2; path=/",
"fsm_login=37dfe4372f3867d7c134d618cbef137b; Path=/;",
"ASPSESSIONIDQCSASBTR=HLDNOCJAHHEGLOAADJAGCLLB; path=/"
],
"unknown": [
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_shardid",
"value": [
"80"
]
},
{
"key": "x_cache",
"value": [
"miss"
]
},
{
"key": "x_tractor_stun",
"value": [
"4"
]
},
{
"key": "x_cdn",
"value": [
"Incapsula"
]
},
{
"key": "x_now_trace",
"value": [
"true"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "loginip",
"value": [
"64.226.67.151"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_cmd_response",
"value": [
"root"
]
},
{
"key": "x_jenkins",
"value": [
"a"
]
},
{
"key": "x_template",
"value": [
"tpl_CleanPeppermintBlack_twoclick"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_powered_cms",
"value": [
"Bitrix Site Manager (31ebf3fe2d1251fbd7f82a700bcc1f66)"
]
},
{
"key": "mime_version",
"value": [
"1.0"
]
},
{
"key": "x_gocache_cachestatus",
"value": [
"ok"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_clacks_overhead",
"value": [
"GNU Terry Pratchett"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_ne_tf",
"value": [
"5"
]
},
{
"key": "x_chromelogger_data",
"value": [
"13"
]
},
{
"key": "x_nextjs_cache",
"value": [
"HIT"
]
}
],
"www_authenticate": [
"Basic realm=\"Video Server\""
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"blade-"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 401,
"title": "瑞友应用虚拟化系统"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "045E16D9201380C920768FC95F7DD351",
"fingerprint_sha1": "BB775C708155F5E431D8EEED8CB931C6FBCE80A9",
"fingerprint_sha256": "95BCF44B4510CF4499150F8E0DA4D30E70C16FE5D4E2BFEA9D674124BCE45867",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"ZW"
],
"domain_component": [
"GUACFTDP",
"local"
],
"organization": [
"OSLJLEYL"
],
"organizational_unit": [
"YLBCMAK"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "5348158129423145959",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"ZW"
],
"domain_component": [
"GUACFTDP",
"local"
],
"organization": [
"OSLJLEYL"
],
"organizational_unit": [
"YLBCMAK"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "d92ae9ccf250c4dda6dcc1760a77d60cfc1219d2d0a80b077a30d411736bf27c",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "57a61780efb1c001a99ef1a84f7edcaf7883638fe75297f0c9bbadebbd400574",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-06-30T03:57:59",
"not_before": "2025-06-30T03:57:59"
},
"version": 2
},
"fingerprint_sha256": "95BCF44B4510CF4499150F8E0DA4D30E70C16FE5D4E2BFEA9D674124BCE45867",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"cve": [
{
"id": "CVE-2018-15891",
"severity": "medium"
},
{
"id": "CVE-2019-19538",
"severity": "high"
},
{
"id": "CVE-2019-19851",
"severity": "medium"
}
],
"url": "https://139.162.28.46:10250/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-21T08:48:51.895Z"
},
{
"port": 11211,
"protocol": "tcp",
"name": "http",
"version": "2.7.5",
"product": "InfluxDB http admin",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:influxdata:influxdb:2.7.5",
"part": "a",
"vendor": "influxdata",
"product": "influxdb",
"version": "2\\.7\\.5",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": 1986442063,
"body_sha256": "2dafbbea9c6ba93f4f8e73fa158d7602fdca92a1d7f689818daaa08aa8f32e47",
"component": [
"SPIP:4.1.11",
"Flask:0.14.1",
"Python",
"WordPress",
"PHP",
"Liveinternet",
"CFML",
"MySQL",
"Adobe ColdFusion",
"BEM",
"Django",
"Ruby on Rails",
"Ruby",
"AngularJS"
],
"content_length": 146370,
"favicon": {
"md5_hash": "2981503b195488ac17d05dcf18615cd1",
"murmur_hash": -1439222863,
"path": "http://139.162.28.46:11211/favicon.ico",
"size": 1150
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"146370"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Sun, 20 Jul 2025 00:24:27 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"Werkzeug/0.14.1Python/3.7.3"
],
"set_cookie": [
"SUPPORTCHROMEOS=1; path=/; secure;",
"NX-ANTI-CSRF-TOKEN=7400f7aab75991b599187e939d89d69c",
"MISESSID=22363a2bf; path=/mi;",
"id=A67B8F9C;",
"XXL_JOB_LOGIN_IDENTITY=7b226964223a312c227; Max-Age=2147483647; Expires=Thu, 01-Jan-1970 00:00:01; Path=/; HttpOnly;",
"rememberMe=deleteMe; path=/;",
"JSESSIONID=818E3539F13611E2EA4D5BFB48AE058C.jvml; Path=/mifs; OFBiz.Visitor=10004; Secure; HttpOnly;SameSite=lax;",
"cval=f337; path=/; splunkweb_csrf_token_8000=0011;",
"did=A67B8F9C;",
"webvpnaac=1; path=/; secure;",
"NSC_VPNERR=4007",
"CFTOKEN=f337; CFCLIENT_FOO_CORP=preflanguage%3DEN%23; CFID=1F; path=/;HttpOnly;",
"_indexVersion=2; path=/",
"Cacti=o6vomb0hujscvd9qh7icd0b6m6; path=/",
"com.trs.idm.coSessionId=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"fsm_u=admin; Path=/;",
"webvpnlogin=; path=/; secure;",
"ASPSESSIONIDSSCDTDBS=n811avhi2gnvn1mlvv7572hkc; path=/; zfoausername=admin; HttpOnly"
],
"unknown": [
{
"key": "x_fw_server",
"value": [
"Flywheel"
]
},
{
"key": "x_ibm_aspera",
"value": [
"af"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_nananana",
"value": [
"Batcache"
]
},
{
"key": "x_cache_lookup",
"value": [
"NONE from ezproxies.com:3128"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "mime_version",
"value": [
"1.0"
]
},
{
"key": "sec_websocket_accept",
"value": [
"MIGfMA0GCSq"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_alternate_cache_key",
"value": [
"cacheable:ba92b39be043e3c90d2fd075057dd3e5"
]
},
{
"key": "x_powered_cms",
"value": [
"Bitrix Site Manager (31ebf3fe2d1251fbd7f82a700bcc1f66)"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_download_options",
"value": [
"noopen"
]
},
{
"key": "x_iinfo",
"value": [
"11-40203780-0 0NNN RT(1579229728732 0) q(0 -1 -1 -1) r(0 -1)"
]
},
{
"key": "x_kubernetes_pf_flowschema_uid",
"value": [
"34"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_hacker",
"value": [
"If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header."
]
},
{
"key": "loginip",
"value": [
"137.184.130.74"
]
},
{
"key": "x_cache_hits",
"value": [
"0"
]
},
{
"key": "x_shardid",
"value": [
"80"
]
},
{
"key": "x_lift_version",
"value": [
"89"
]
}
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"php"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "Dingtalk Server"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"memcached": {
"settings": {
"accepting_conns": "1",
"auth_cmds": "0",
"auth_errors": "0",
"bytes": "29828",
"bytes_read": "286857265",
"bytes_written": "129670828957",
"cas_badval": "0",
"cas_hits": "0",
"cas_misses": "0",
"cmd_flush": "3",
"cmd_get": "22076096",
"cmd_set": "21",
"cmd_touch": "0",
"conn_yields": "0",
"connection_structures": "55",
"curr_connections": "8",
"curr_items": "5",
"decr_hits": "0",
"decr_misses": "0",
"delete_hits": "0",
"delete_misses": "0",
"evicted_unfetched": "0",
"evictions": "0",
"expired_unfetched": "0",
"get_hits": "22076066",
"get_misses": "30",
"hash_bytes": "524288",
"hash_power_level": "16",
"incr_hits": "0",
"incr_misses": "0",
"libevent": "2.0.16-stable",
"limit_maxbytes": "67108864",
"listen_disabled_num": "0",
"pid": "2080",
"pointer_size": "64",
"reclaimed": "3",
"reserved_fds": "20",
"rusage_system": "1839.982991",
"rusage_user": "371.247201",
"threads": "4",
"time": "1520550684",
"total_connections": "5547233",
"total_items": "21",
"touch_hits": "0",
"touch_misses": "0",
"uptime": "3151236",
"version": "1.4.13"
},
"stats": {
"accepting_conns": "1",
"auth_cmds": "0",
"auth_errors": "0",
"bytes": "29828",
"bytes_read": "286857265",
"bytes_written": "129670828957",
"cas_badval": "0",
"cas_hits": "0",
"cas_misses": "0",
"cmd_flush": "3",
"cmd_get": "22076096",
"cmd_set": "21",
"cmd_touch": "0",
"conn_yields": "0",
"connection_structures": "55",
"curr_connections": "8",
"curr_items": "5",
"decr_hits": "0",
"decr_misses": "0",
"delete_hits": "0",
"delete_misses": "0",
"evicted_unfetched": "0",
"evictions": "0",
"expired_unfetched": "0",
"get_hits": "22076066",
"get_misses": "30",
"hash_bytes": "524288",
"hash_power_level": "16",
"incr_hits": "0",
"incr_misses": "0",
"libevent": "2.0.16-stable",
"limit_maxbytes": "67108864",
"listen_disabled_num": "0",
"pid": "2080",
"pointer_size": "64",
"reclaimed": "3",
"reserved_fds": "20",
"rusage_system": "1839.982991",
"rusage_user": "371.247201",
"threads": "4",
"time": "1520550684",
"total_connections": "5547233",
"total_items": "21",
"touch_hits": "0",
"touch_misses": "0",
"uptime": "3151236",
"version": "1.4.13"
}
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "878F3D1E4D48F833A9E21DD5FED089C7",
"fingerprint_sha1": "AC90F7B3AAA9B7832100097FB00F0A42AB75D183",
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "5291970371735989126",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "95c121aeddb483f62a7f51223e221a320739b415705845b7533692c5887f2d42",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "5f65c3d8ee86122b928253654eaeed01f3745062026fcda182dbf712d619b795",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:09:38",
"not_before": "2025-07-11T08:09:38"
},
"version": 2
},
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"url": "https://139.162.28.46:11211/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-20T00:24:53.919Z"
},
{
"port": 15671,
"protocol": "tcp",
"name": "sip-proxy",
"version": "14.0.17",
"product": "FreePBX",
"extra_info": "Asterisk 15.7.4",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:sangoma:freepbx:14.0.17",
"part": "a",
"vendor": "sangoma",
"product": "freepbx",
"version": "14\\.0\\.17",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": -812635022,
"body_sha256": "bee83badc0a7c54cdcb91eb322d056bcc40421ced8887b18fc8c66194ba62dc1",
"component": [
"CFML",
"PHP",
"BEM",
"Adobe ColdFusion",
"AngularJS",
"MySQL",
"Django",
"Liveinternet",
"Ruby",
"Ruby on Rails",
"SPIP:4.1.11",
"WordPress",
"Python"
],
"content_length": 146302,
"favicon": {
"md5_hash": "b6f91b5f9cedd010741cf953500cf710",
"murmur_hash": -452848264,
"path": "http://139.162.28.46:15671/favicon.ico",
"size": 4286
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"146302"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Thu, 17 Jul 2025 09:33:27 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"p3p": [
"CP=CAO PSA OUR"
],
"pragma": [
"private"
],
"server": [
"Tomcat"
],
"set_cookie": [
"did=A67B8F9C;",
"cepcAdminID=25263a2bf; path=/;",
"SDPSESSIONID=AE7F18F5CE887FC885E5A1AE449D9AC1; Path=/; Secure; HttpOnly; SameSite=None;",
"samlPreauthSessionHash=; path=/; secure;",
"session=eyJsb2NhbGUiOiJlbiJ9.ZZ4C4A.Yts__-iv6tJYDJFDwkciSG_z7M4; HttpOnly; Path=/;",
"ASPSESSIONIDSSCDTDBS=n811avhi2gnvn1mlvv7572hkc; path=/; zfoausername=admin; HttpOnly",
"F5_ST=2f2f1f1665754014a-1; path=/",
"session820/qualitor820=2ek44merar6fo67l01hdr09u0l; path=/; HttpOnly; SameSite=Lax",
"MRHSession=ffd33fd2; path=/",
"CFTOKEN=f337; CFCLIENT_FOO_CORP=preflanguage%3DEN%23; CFID=1F; path=/;HttpOnly;",
"roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095",
"webvpnlogin=; path=/; secure;",
"sdplogincsrfcookie=6cc9d6ad-33d5-4b5a-adc8-b5bf284cb492; Path=/; SameSite=None; Secure;",
"NSC_VPNERR=4007",
"MoodleSession=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"USGSESSID=ff37fe7ceeca9a0ebedcf6549e8275d9; path=/; HttpOnly",
"LastMRH_Session=ffd33fd2; path=/",
"wordpress_logged_in_7400f7aab75991b599187e939d89d69c=admin%7C1737500088%7CGAmx1zdDUU%7Cbf7a880; path=/; HttpOnly"
],
"strict_transport_security": [
"max-age=31536000"
],
"unknown": [
{
"key": "x_nginx_cache_status",
"value": [
"MISS"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_generator",
"value": [
"Drupal 7 (http://drupal.org)"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_tractor_stun",
"value": [
"4"
]
},
{
"key": "x_pingback",
"value": [
"https://example.com/xmlrpc.php"
]
},
{
"key": "x_qlik_xrfkey",
"value": [
"ef00"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "loginip",
"value": [
"137.184.130.74"
]
},
{
"key": "x_iinfo",
"value": [
"11-40203780-0 0NNN RT(1579229728732 0) q(0 -1 -1 -1) r(0 -1)"
]
},
{
"key": "x_mod_pagespeed",
"value": [
"tr"
]
},
{
"key": "x_t_location",
"value": [
"/iam"
]
},
{
"key": "x_includable_version",
"value": [
"32"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_cache",
"value": [
"miss"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "access_control_expose_headers",
"value": [
"mcp-session-id"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_graylog_node_id",
"value": [
"97"
]
},
{
"key": "x_wix_request_id",
"value": [
"1579229867.6801399"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_aspnet_version",
"value": [
"4.0.30319"
]
},
{
"key": "x_dc",
"value": [
"gcp-us-east1,gcp-us-central1,gcp-us-central1"
]
}
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Next.js"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "Router (build 3770) - Info"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [
"_internal",
"web_database"
],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "878F3D1E4D48F833A9E21DD5FED089C7",
"fingerprint_sha1": "AC90F7B3AAA9B7832100097FB00F0A42AB75D183",
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "5291970371735989126",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "95c121aeddb483f62a7f51223e221a320739b415705845b7533692c5887f2d42",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "5f65c3d8ee86122b928253654eaeed01f3745062026fcda182dbf712d619b795",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:09:38",
"not_before": "2025-07-11T08:09:38"
},
"version": 2
},
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"cve": [
{
"id": "CVE-2018-15891",
"severity": "medium"
},
{
"id": "CVE-2019-19538",
"severity": "high"
},
{
"id": "CVE-2019-19851",
"severity": "medium"
}
],
"url": "https://139.162.28.46:15671/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-20T18:01:39.203Z"
},
{
"port": 15672,
"protocol": "tcp",
"name": "http",
"version": "2.7.5",
"product": "InfluxDB http admin",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:influxdata:influxdb:2.7.5",
"part": "a",
"vendor": "influxdata",
"product": "influxdb",
"version": "2\\.7\\.5",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": -910848244,
"body_sha256": "23d4ccf13dc720fd9182cdd57c42916e66ca7d0b1a164d4dfed98795fcc39d7e",
"component": [
"Django",
"Adobe ColdFusion",
"CFML",
"Liveinternet",
"BEM",
"AngularJS",
"SPIP:4.1.11",
"Monkey HTTP Server",
"WordPress",
"MySQL",
"Python",
"Ruby on Rails",
"PHP",
"Ruby"
],
"content_length": 146368,
"favicon": {
"md5_hash": "83ad768167a370db201db71c482fc9e8",
"murmur_hash": 2089307605,
"path": "http://139.162.28.46:15672/favicon.ico",
"size": 6114
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"146368"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Sat, 19 Jul 2025 23:40:23 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"p3p": [
"policyref=\"/bitrix/p3p.xml\", CP=\"NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA\""
],
"pragma": [
"private"
],
"server": [
"Monkey"
],
"set_cookie": [
"csrf=8t9ADqIogbjKRK6; Path=/; HttpOnly;",
"grafana_session=f7fbcb089c6994b7bc45775fdae1a13c; Path=/; Max-Age=2592000; HttpOnly; Secure; SameSite=Lax",
"MRHSession=ffd33fd2; path=/",
"samlPreauthSessionHash=; path=/; secure;",
"AUTHSID=7400f7aab75991b599187e939d89d69c",
"NSC_VPNERR=4007",
"fsm_u=admin; Path=/;",
"NX-ANTI-CSRF-TOKEN=7400f7aab75991b599187e939d89d69c",
"fsm_login=37dfe4372f3867d7c134d618cbef137b; Path=/;",
"USGSESSID=ff37fe7ceeca9a0ebedcf6549e8275d9; path=/; HttpOnly",
"RUIJIEID=A67B8F9C228E095723A97C6A977BE2B3; Path=/;",
"MRHSHint=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/",
"jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c; path=/",
"akaunting_session=7b22; Path=/;",
"rememberMe=deleteMe; path=/;",
"webvpnlogin=; path=/; secure;",
"jeesite.session.id=n811avhi2gnvn1mlvv7572hkc; path=/; i_like_gogs=; i_like_gitea=; harbor-lang=; atmail6=; a=phpMyAdmin; b=/pma_lang; HttpOnly",
"acSamlv2Token=; path=/; secure;"
],
"unknown": [
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_redirect_by",
"value": [
"WordPress"
]
},
{
"key": "x_lift_version",
"value": [
"89"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_clacks_overhead",
"value": [
"GNU Terry Pratchett"
]
},
{
"key": "loginip",
"value": [
"24.144.109.15"
]
},
{
"key": "x_cmd_response",
"value": [
"root"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_nextjs_stale_time",
"value": [
"4294967294"
]
},
{
"key": "x_cdn",
"value": [
"Incapsula"
]
},
{
"key": "x_fsc",
"value": [
"=deleteMe|rememberMe= 360wzws|CWAP-waf|zhuji.360.cn|X-Safe-Firewall AkamaiGHost Anquanbao Basic realm=\"dubbo\" BigIP|BIGipServer binarysec BlockDos.net client_param=install_active cloudflare cloudfront Cneonction|nnCoection|citrix_ns_id dotDefender ecology_JSessionid EMobileServer 华夏ERP JBoss jsluid= laravel_session linksys-vpn Mod_Security|NOYB Nagios Access nagios admin newdefend NSFocus Protected by COMODO Safe3WAF|Safe3 Web Firewall Safedog|WAF/2.0 Secure Entry Server sessioncookie= SonicWALL Sucuri/Cloudproxy ThinkPHP varnish wallarm WebKnight WebLogic webvpn X-Backside-Transport X-CDN|Incapsula X-Confluence X-Mapping- YUNDUN yunjiasu yunsuo zhuji.360.cn"
]
},
{
"key": "x_bubble_perf",
"value": [
"/"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_iinfo",
"value": [
"11-40203780-0 0NNN RT(1579229728732 0) q(0 -1 -1 -1) r(0 -1)"
]
},
{
"key": "x_axentra_version",
"value": [
"13"
]
},
{
"key": "teamcity_node_id",
"value": [
"MAIN_SERVER"
]
},
{
"key": "x_amz_cf_pop",
"value": [
"MAA50-C1"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_page_speed",
"value": [
"1.13.35.2-0"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_hacker",
"value": [
"If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header."
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_adblock_key",
"value": [
"23"
]
}
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Phusion Passenger"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "Surveillance Device"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "878F3D1E4D48F833A9E21DD5FED089C7",
"fingerprint_sha1": "AC90F7B3AAA9B7832100097FB00F0A42AB75D183",
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "5291970371735989126",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "95c121aeddb483f62a7f51223e221a320739b415705845b7533692c5887f2d42",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "5f65c3d8ee86122b928253654eaeed01f3745062026fcda182dbf712d619b795",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:09:38",
"not_before": "2025-07-11T08:09:38"
},
"version": 2
},
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"url": "https://139.162.28.46:15672/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-19T23:40:49.474Z"
},
{
"port": 20000,
"protocol": "tcp",
"name": "java-rmi",
"version": "",
"product": "Java RMI",
"extra_info": "",
"tunnel": "",
"modules": {
"dnp3": {
"raw": "BWQFyQAAAAA2TAVkBckBAAAA3o4FZAXJAgAAAJ+EBWQFyQMAAAB3RgVkBckEAAAAHZAFZAXJBQAAAPVSBWQFyQYAAAC0WAVkBckHAAAAXJoFZAXJCAAAABm5BWQFyQkAAADxewVkBckKAAAAsHEFZAXJCwAAAFizBWQFyQwAAAAyZQVkBckNAAAA2qcFZAXJDgAAAJutBWQFyQ8AAABzbwVkBckQAAAAEesFZAXJEQAAAPkpBWQFyRIAAAC4IwVkBckTAAAAUOEFZAXJFAAAADo3BWQFyRUAAADS9QVkBckWAAAAk/8FZAXJFwAAAHs9BWQFyRgAAAA+HgVkBckZAAAA1twFZAXJGgAAAJfWBWQFyRsAAAB/FAVkBckcAAAAFcIFZAXJHQAAAP0ABWQFyR4AAAC8CgVkBckfAAAAVMgFZAXJIAAAAAFPBWQFySEAAADpjQVkBckiAAAAqIcFZAXJIwAAAEBFBWQFySQAAAAqkwVkBcklAAAAwlEFZAXJJgAAAINbBWQFyScAAABrmQVkBckoAAAALroFZAXJKQAAAMZ4BWQFySoAAACHcgVkBckrAAAAb7AFZAXJLAAAAAVmBWQFyS0AAADtpAVkBckuAAAArK4FZAXJLwAAAERsBWQFyTAAAAAm6AVkBckxAAAAzioFZAXJMgAAAI8gBWQFyTMAAABn4gVkBck0AAAADTQFZAXJNQAAAOX2BWQFyTYAAACk/AVkBck3AAAATD4FZAXJOAAAAAkdBWQFyTkAAADh3wVkBck6AAAAoNUFZAXJOwAAAEgXBWQFyTwAAAAiwQVkBck9AAAAygMFZAXJPgAAAIsJBWQFyT8AAABjywVkBclAAAAAWEoFZAXJQQAAALCIBWQFyUIAAADxggVkBclDAAAAGUAFZAXJRAAAAHOWBWQFyUUAAACbVAVkBclGAAAA2l4FZAXJRwAAADKcBWQFyUgAAAB3vwVkBclJAAAAn30FZAXJSgAAAN53BWQFyUsAAAA2tQVkBclMAAAAXGMFZAXJTQAAALShBWQFyU4AAAD1qwVkBclPAAAAHWkFZAXJUAAAAH/tBWQFyVEAAACXLwVkBclSAAAA1iUFZAXJUwAAAD7nBWQFyVQAAABUMQVkBclVAAAAvPMFZAXJVgAAAP35BWQFyVcAAAAVOwVkBclYAAAAUBgFZAXJWQAAALjaBWQFyVoAAAD50AVkBclbAAAAERIFZAXJXAAAAHvEBWQFyV0AAACTBgVkBcleAAAA0gwFZAXJXwAAADrOBWQFyWAAAABvSQVkBclhAAAAh4sFZAXJYgAAAMaBBWQFyWMAAAAuQw=="
}
},
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-18T14:54:18.933Z"
},
{
"port": 27017,
"protocol": "tcp",
"name": "http",
"version": "v4.30.1161 (release)",
"product": "Tracer SC",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:microsoft:internet_information_services:6.0",
"part": "a",
"vendor": "microsoft",
"product": "internet_information_services",
"version": "6\\.0",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
},
{
"uri": "cpe:/o:microsoft:windows",
"part": "o",
"vendor": "microsoft",
"product": "windows",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": -1709808412,
"body_sha256": "354f255b09dc6111bbb492499674661560577e9ffc026f4898ff0536e183141e",
"component": [
"WordPress",
"PHP",
"Adobe ColdFusion",
"Ruby on Rails",
"Python",
"CFML",
"AngularJS",
"Liveinternet",
"Django",
"BEM",
"SPIP:4.1.11",
"MySQL",
"Ruby"
],
"content_length": 146374,
"favicon": {
"md5_hash": "2981503b195488ac17d05dcf18615cd1",
"murmur_hash": -1439222863,
"path": "http://139.162.28.46:27017/favicon.ico",
"size": 1150
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"146374"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Sat, 19 Jul 2025 06:31:14 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"Linux/#33 SMP PREEMPT Mon Mar 21 11:19:42 CST 2022 UPnP/1.0 Broadcom UPNP/0.9"
],
"set_cookie": [
"wordpress_logged_in_7400f7aab75991b599187e939d89d69c=admin%7C1737500088%7CGAmx1zdDUU%7Cbf7a880; path=/; HttpOnly",
"DSIVS=; path=/; expires=Thu, 01 Jan 1970 22:00:00 GMT; secure;",
"zbx_sessionid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"sessionid=24263a2bf; webvpnLang=webvpnLang; webvpn=; webvpncontext=00000@SSLContext; path=/;",
"roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095",
"sessionNonceCookie-91c537b4-8e24-3455-8f0c-225b8fcc3641=16a09f29-a4ff-4be2-b4a5-913c7880d677; Max-Age=4800; Expires=Thu, 01-Jan-1970 00:00:01 GMT; Path=/; Secure; HttpOnly; SameSite=None",
"USGSESSID=ff37fe7ceeca9a0ebedcf6549e8275d9; path=/; HttpOnly",
"acSamlv2Token=; path=/; secure;",
"JSESSIONID=818E3539F13611E2EA4D5BFB48AE058C.jvml; Path=/mifs; OFBiz.Visitor=10004; Secure; HttpOnly;SameSite=lax;",
"wordpress_7400f7aab75991b599187e939d89d69c=admin%7C1737500088%7CGAmx1zdDUU%7C70307dfb; path=/wp-admin; HttpOnly",
"webvpn=A9790AFEACDEFA01FAAEAFEWFF390AE; path=/; secure;",
"_csrf=ffd33fd2; path=/",
"jeesite.session.id=n811avhi2gnvn1mlvv7572hkc; path=/; i_like_gogs=; i_like_gitea=; harbor-lang=; atmail6=; a=phpMyAdmin; b=/pma_lang; HttpOnly",
"_zcsr_tmp=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=Strict;Secure;priority=high;",
"jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c; path=/",
"SDPSESSIONID=AE7F18F5CE887FC885E5A1AE449D9AC1; Path=/; Secure; HttpOnly; SameSite=None;",
"ASPSESSIONIDQCSASBTR=HLDNOCJAHHEGLOAADJAGCLLB; path=/",
"csrf=8t9ADqIogbjKRK6; Path=/; HttpOnly;"
],
"unknown": [
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_highwire_sessionid",
"value": [
"aaefbbcd"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_graylog_node_id",
"value": [
"97"
]
},
{
"key": "x_ac",
"value": [
"3.bur _bur"
]
},
{
"key": "x_cocoon_version",
"value": [
"13"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_ne_tf",
"value": [
"5"
]
},
{
"key": "x_nextjs_prerender",
"value": [
"1"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_app_server",
"value": [
"app07"
]
},
{
"key": "x_shopify_generated_cart_token",
"value": [
"aa1b6d68e41056d2955ae9e6fb516372"
]
},
{
"key": "x_dynatrace_js_agent",
"value": [
"ch"
]
},
{
"key": "x_page_speed",
"value": [
"900"
]
},
{
"key": "report_to",
"value": [
"{'group': 'network-errors', 'max_age': 2592000, 'endpoints': [{'url': 'https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify'}]}"
]
},
{
"key": "x_fb_error_from",
"value": [
"fwdproxy"
]
},
{
"key": "x_generator",
"value": [
"Drupal 7 (http://drupal.org)"
]
},
{
"key": "x_varnish_cache",
"value": [
"Miss"
]
},
{
"key": "loginip",
"value": [
"137.184.130.74"
]
},
{
"key": "nel",
"value": [
"{'report_to': 'network-errors', 'max_age': 2592000, 'failure_fraction': 0.01, 'success_fraction': 0.0001}"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_dc",
"value": [
"gcp-us-east1,gcp-us-central1,gcp-us-central1"
]
}
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Mono"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "OpenNMS Web Console"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [
"_internal",
"web_database"
],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"mongodb": {
"allocator": "tcmalloc",
"bits": 64,
"databases": [
{
"empty": false,
"name": "admin",
"size_on_disk": 1201002
},
{
"empty": false,
"name": "local",
"size_on_disk": 2201002
},
{
"empty": false,
"name": "xdatnlab",
"size_on_disk": 22900002
}
],
"dist_arch": "x86_64",
"dist_mod": "",
"git_version": "a2d97db8fe449d15eb8e275bbf318491781472bf",
"is_master": true,
"javascript_engine": "mozjs",
"logical_session_timeout_minutes": 0,
"max_bson_object_size": 16777216,
"max_message_size_bytes": 48000000,
"max_wire_version": 5,
"max_write_batch_size": 1000,
"read_only": false,
"storage_engines": [
"devnull",
"ephemeralForTest",
"mmapv1",
"wiredTiger"
],
"sys_info": "deprecated",
"target_arch": "x86_64",
"target_os": "linux",
"total_size": 26302006,
"version": "2.2.3"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "878F3D1E4D48F833A9E21DD5FED089C7",
"fingerprint_sha1": "AC90F7B3AAA9B7832100097FB00F0A42AB75D183",
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "5291970371735989126",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "95c121aeddb483f62a7f51223e221a320739b415705845b7533692c5887f2d42",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "5f65c3d8ee86122b928253654eaeed01f3745062026fcda182dbf712d619b795",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:09:38",
"not_before": "2025-07-11T08:09:38"
},
"version": 2
},
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"cve": [
{
"id": "CVE-2005-2089",
"severity": "medium"
},
{
"id": "CVE-2008-1446",
"severity": "high"
},
{
"id": "CVE-2009-1535",
"severity": "high"
}
],
"url": "https://139.162.28.46:27017/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-19T06:31:40.264Z"
},
{
"port": 27018,
"protocol": "tcp",
"name": "http",
"version": "2.0.1",
"product": "Werkzeug httpd",
"extra_info": "Python 3.6.9",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:python:python:3.6.9",
"part": "a",
"vendor": "python",
"product": "python",
"version": "3\\.6\\.9",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": -103202585,
"body_sha256": "514c373a34989e6777e77bed56e319eb490b62252876ed84268316685fdbdfab",
"component": [
"Amazon Web Services",
"Liveinternet",
"Ruby",
"Adobe ColdFusion",
"CFML",
"Django",
"Python",
"Ruby on Rails",
"WordPress",
"MySQL",
"PHP",
"SPIP:4.1.11",
"Amazon CloudFront",
"BEM",
"AngularJS"
],
"content_length": 146375,
"favicon": {
"md5_hash": "b5c66b07a742597376263bb23fc11b15",
"murmur_hash": 444712798,
"path": "http://139.162.28.46:27018/favicon.ico",
"size": 5506
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"146375"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Mon, 21 Jul 2025 03:11:58 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"VIAWEB system/1.0.0 (http://www.viawebsystem.com.br)"
],
"set_cookie": [
"SID=hBc7TxF76ERhvIw0jQQ4LZ7Z1jQUV0tQ; path=/;",
"CFTOKEN=f337; CFCLIENT_FOO_CORP=preflanguage%3DEN%23; CFID=1F; path=/;HttpOnly;",
"JSESSIONID=818E3539F13611E2EA4D5BFB48AE058C.jvml; Path=/mifs; OFBiz.Visitor=10004; Secure; HttpOnly;SameSite=lax;",
"NSC_VPNERR=4007",
"zentaosid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"csrf=8t9ADqIogbjKRK6; Path=/; HttpOnly;",
"loginName=admin",
"wordpress_logged_in_7400f7aab75991b599187e939d89d69c=admin%7C1737500088%7CGAmx1zdDUU%7Cbf7a880; path=/; HttpOnly",
"ASPSESSIONIDQCSASBTR=HLDNOCJAHHEGLOAADJAGCLLB; path=/",
"SOLONID=n91i168jps8rd856bcrln2isqe; path=/",
"sdplogincsrfcookie=6cc9d6ad-33d5-4b5a-adc8-b5bf284cb492; Path=/; SameSite=None; Secure;",
"Session=10.76.118.67.ff37fe7ceeca9a0ebedcf6549e8275d9; path=/",
"metabase.DEVICE=657aec21-0f2d-4aa8-9973-172d408c3ebf;HttpOnly;Path=/;Expires=Thu, 01-Jan-1970 00:00:01;SameSite=None;Secure",
"cepcAdminID=25263a2bf; path=/;",
"_zcsr_tmp=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=Strict;Secure;priority=high;",
"rememberMe=deleteMe; path=/;",
"XXL_JOB_LOGIN_IDENTITY=7b226964223a312c227; Max-Age=2147483647; Expires=Thu, 01-Jan-1970 00:00:01; Path=/; HttpOnly;",
"samlPreauthSessionHash=; path=/; secure;"
],
"unknown": [
{
"key": "x_alternate_cache_key",
"value": [
"cacheable:ba92b39be043e3c90d2fd075057dd3e5"
]
},
{
"key": "x_app_server",
"value": [
"app07"
]
},
{
"key": "x_cache",
"value": [
"miss"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_adblock_key",
"value": [
"YQo="
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_confluence_request_time",
"value": [
"1698802372064"
]
},
{
"key": "x_drupal_cache",
"value": [
"HIT"
]
},
{
"key": "x_azure_ref",
"value": [
"v23"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_vercel_cache",
"value": [
"1"
]
},
{
"key": "cf_cache_status",
"value": [
"DYNAMIC"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_robots_tag",
"value": [
"none"
]
},
{
"key": "report_to",
"value": [
"{'group': 'network-errors', 'max_age': 2592000, 'endpoints': [{'url': 'https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify'}]}"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_cdn",
"value": [
"Incapsula"
]
},
{
"key": "x_page_speed",
"value": [
"900"
]
},
{
"key": "loginip",
"value": [
"161.35.110.48"
]
},
{
"key": "x_gocache_cachestatus",
"value": [
"ok"
]
},
{
"key": "x_sorting_hat_shopid",
"value": [
"25693290577"
]
},
{
"key": "x_aspnetmvc_version",
"value": [
"5.2"
]
}
],
"vary": [
"RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Router-Segment-Prefetch, Accept-Encoding"
],
"via": [
"1.1 51766bfb56389c696c1525db90e16f23.cloudfront.net (CloudFront)"
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"PHP/5.6.40"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "Teltonika Networks - Diofa"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [
"_internal",
"web_database"
],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "878F3D1E4D48F833A9E21DD5FED089C7",
"fingerprint_sha1": "AC90F7B3AAA9B7832100097FB00F0A42AB75D183",
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "5291970371735989126",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "95c121aeddb483f62a7f51223e221a320739b415705845b7533692c5887f2d42",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "5f65c3d8ee86122b928253654eaeed01f3745062026fcda182dbf712d619b795",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:09:38",
"not_before": "2025-07-11T08:09:38"
},
"version": 2
},
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"cve": [
{
"id": "CVE-2007-4559",
"severity": "medium"
},
{
"id": "CVE-2013-0340",
"severity": "medium"
},
{
"id": "CVE-2018-20406",
"severity": "high"
}
],
"url": "https://139.162.28.46:27018/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-21T03:12:24.353Z"
},
{
"port": 27019,
"protocol": "tcp",
"name": "http",
"version": "2.7.5",
"product": "InfluxDB http admin",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:influxdata:influxdb:2.7.5",
"part": "a",
"vendor": "influxdata",
"product": "influxdb",
"version": "2\\.7\\.5",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": 2001955421,
"body_sha256": "6ab4a2d0ab794a1089456581387656968e7db338b7893911a2d2ea8b9d1d4049",
"component": [
"Ruby on Rails",
"WordPress",
"AngularJS",
"MySQL",
"PHP",
"Adobe ColdFusion",
"Python",
"Ruby",
"Liveinternet",
"CFML",
"BEM",
"Django",
"SPIP:4.1.11",
"Envoy"
],
"content_length": 146356,
"favicon": {
"md5_hash": "9b71349660a2170717ff6a84f9de12a1",
"murmur_hash": 939607277,
"path": "http://139.162.28.46:27019/favicon.ico",
"size": 2340
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"146356"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Sun, 20 Jul 2025 23:09:01 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"envoy"
],
"set_cookie": [
"CNOAOASESSID=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"zentaosid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"__s_sessionid__=hh5rq45u9srt079v063jkb8c13; path=/",
"TRACKID=111d130c363c6795f9897e3368d2926e; Path=/; Version=1;",
"sdplogincsrfcookie=6cc9d6ad-33d5-4b5a-adc8-b5bf284cb492; Path=/; SameSite=None; Secure;",
"csrf=8t9ADqIogbjKRK6; Path=/; HttpOnly;",
"roundcube_sessauth=expired; HttpOnly; domain=cpanel.custompoodles.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095",
"DSSIGNIN=url_default; path=/dana-na/; expires=Thu, 31-Dec-2037 00:00:00 GMT; secure;",
"token=21263a2bf; path=/;",
"MISESSID=22363a2bf; path=/mi;",
"NSC_AAAC=a29d421feecf680a560a4c47b269b38ea29d421feecf680a560a4c47b269b38ea; path=/;",
"csrftoken=Pt1Guz0uK8QPbP3EV8zBKcxaRaxgrZUPbjZeCK50MLR00VR7THTsnwRPH0otS1lS; Path=/; SameSite=Lax;HttpOnly;Secure;SameSite=Strict; Strict-Transport-Security: max-age=63072000; includeSubDomains",
"session=eyJsb2NhbGUiOiJlbiJ9.ZZ4C4A.Yts__-iv6tJYDJFDwkciSG_z7M4; HttpOnly; Path=/;",
"wordpress_logged_in_7400f7aab75991b599187e939d89d69c=admin%7C1737500088%7CGAmx1zdDUU%7Cbf7a880; path=/; HttpOnly",
"NX-ANTI-CSRF-TOKEN=7400f7aab75991b599187e939d89d69c",
"Session=10.76.118.67.ff37fe7ceeca9a0ebedcf6549e8275d9; path=/",
"MRHSHint=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/",
"SID=hBc7TxF76ERhvIw0jQQ4LZ7Z1jQUV0tQ; path=/;"
],
"strict_transport_security": [
"max-age=31536000"
],
"unknown": [
{
"key": "loginip",
"value": [
"137.184.77.52"
]
},
{
"key": "x_iinfo",
"value": [
"11-40203780-0 0NNN RT(1579229728732 0) q(0 -1 -1 -1) r(0 -1)"
]
},
{
"key": "x_page_speed",
"value": [
"900"
]
},
{
"key": "x_shardid",
"value": [
"80"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_clacks_overhead",
"value": [
"GNU Terry Pratchett"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_runtime",
"value": [
"0.00985"
]
},
{
"key": "x_amz_cf_id",
"value": [
"abd"
]
},
{
"key": "x_bubble_perf",
"value": [
"/"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "x_permitted_cross_domain_policies",
"value": [
"none"
]
},
{
"key": "x_turbo_charged_by",
"value": [
"LiteSpeed"
]
},
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_citrix_application",
"value": [
"Receiver for Web"
]
},
{
"key": "x_aspnetmvc_version",
"value": [
"5.2"
]
},
{
"key": "x_generator",
"value": [
"Drupal 8 (https://www.drupal.org)"
]
},
{
"key": "x_sorting_hat_shopid",
"value": [
"25693290577"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_fsc",
"value": [
"=deleteMe|rememberMe= 360wzws|CWAP-waf|zhuji.360.cn|X-Safe-Firewall AkamaiGHost Anquanbao Basic realm=\"dubbo\" BigIP|BIGipServer binarysec BlockDos.net client_param=install_active cloudflare cloudfront Cneonction|nnCoection|citrix_ns_id dotDefender ecology_JSessionid EMobileServer 华夏ERP JBoss jsluid= laravel_session linksys-vpn Mod_Security|NOYB Nagios Access nagios admin newdefend NSFocus Protected by COMODO Safe3WAF|Safe3 Web Firewall Safedog|WAF/2.0 Secure Entry Server sessioncookie= SonicWALL Sucuri/Cloudproxy ThinkPHP varnish wallarm WebKnight WebLogic webvpn X-Backside-Transport X-CDN|Incapsula X-Confluence X-Mapping- YUNDUN yunjiasu yunsuo zhuji.360.cn"
]
}
],
"vary": [
"RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Router-Segment-Prefetch, Accept-Encoding"
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Servlet/3.0; JBossAS-6"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "Jackett"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "878F3D1E4D48F833A9E21DD5FED089C7",
"fingerprint_sha1": "AC90F7B3AAA9B7832100097FB00F0A42AB75D183",
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "5291970371735989126",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "95c121aeddb483f62a7f51223e221a320739b415705845b7533692c5887f2d42",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "5f65c3d8ee86122b928253654eaeed01f3745062026fcda182dbf712d619b795",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:09:38",
"not_before": "2025-07-11T08:09:38"
},
"version": 2
},
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"url": "https://139.162.28.46:27019/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-20T23:09:27.843Z"
},
{
"port": 29092,
"protocol": "tcp",
"name": "sip-proxy",
"version": "14.0.17",
"product": "FreePBX",
"extra_info": "Asterisk 15.7.4",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:sangoma:freepbx:14.0.17",
"part": "a",
"vendor": "sangoma",
"product": "freepbx",
"version": "14\\.0\\.17",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": 768143568,
"body_sha256": "016b3baf49649386714e82e4d529742a50afd68f6073b1754af996bc37a7cb25",
"component": [
"BEM",
"Ruby",
"SPIP:4.1.11",
"TornadoServer:5.0.2",
"Adobe ColdFusion",
"WordPress",
"Python",
"Amazon CloudFront",
"CFML",
"MySQL",
"Liveinternet",
"Django",
"Ruby on Rails",
"Amazon Web Services",
"PHP",
"AngularJS"
],
"content_length": 146363,
"favicon": {
"md5_hash": "2981503b195488ac17d05dcf18615cd1",
"murmur_hash": -1439222863,
"path": "http://139.162.28.46:29092/favicon.ico",
"size": 1150
},
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"146363"
],
"content_type": [
"text/html;charset=utf-8"
],
"date": [
"Sun, 20 Jul 2025 03:19:20 GMT"
],
"last_modified": [
"Fri, 29 Jul 2022 16:53:01 GMT"
],
"pragma": [
"private"
],
"server": [
"TornadoServer/5.0.2"
],
"set_cookie": [
"wordpress_7400f7aab75991b599187e939d89d69c=admin%7C1737500088%7CGAmx1zdDUU%7C70307dfb; path=/wp-admin; HttpOnly",
"zbx_sessionid=n811avhi2gnvn1mlvv7572hkc; path=/; HttpOnly",
"roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095",
"PHPSESSID=n91i168jps8rd856bcrln2isqe; path=/",
"akaunting_session=7b22; Path=/;",
"adscsrf=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=None;Secure;priority=high;",
"jeesite.session.id=n811avhi2gnvn1mlvv7572hkc; path=/; i_like_gogs=; i_like_gitea=; harbor-lang=; atmail6=; a=phpMyAdmin; b=/pma_lang; HttpOnly",
"PHC_DISABLED=1; path=/; secure;",
"sdplogincsrfcookie=6cc9d6ad-33d5-4b5a-adc8-b5bf284cb492; Path=/; SameSite=None; Secure;",
"DSSIGNIN=url_default; path=/dana-na/; expires=Thu, 31-Dec-2037 00:00:00 GMT; secure;",
"_csrf=ffd33fd2; path=/",
"LastMRH_Session=ffd33fd2; path=/",
"CFTOKEN=f337; CFCLIENT_FOO_CORP=preflanguage%3DEN%23; CFID=1F; path=/;HttpOnly;",
"webvpnlogin=; path=/; secure;",
"ISMS_8700_Sessionname=A67B8F9C228E095723A97C6A977BE2B3; Path=/; HttpOnly",
"MRHSession=ffd33fd2; path=/",
"NSC_AAAC=a29d421feecf680a560a4c47b269b38ea29d421feecf680a560a4c47b269b38ea; path=/;",
"_indexVersion=2; path=/"
],
"unknown": [
{
"key": "x_drupal_dynamic_cache",
"value": [
"MISS"
]
},
{
"key": "x_page_speed",
"value": [
"900"
]
},
{
"key": "x_cache_lookup",
"value": [
"MISS from Hello:8080"
]
},
{
"key": "x_jenkins",
"value": [
"2.121.3"
]
},
{
"key": "composed_by",
"value": [
"SPIP 4.1.11 @ www.spip.net"
]
},
{
"key": "x_t_location",
"value": [
"/iam"
]
},
{
"key": "nel",
"value": [
"{'report_to': 'network-errors', 'max_age': 2592000, 'failure_fraction': 0.01, 'success_fraction': 0.0001}"
]
},
{
"key": "x_cache",
"value": [
"MISS from Hello"
]
},
{
"key": "x_clacks_overhead",
"value": [
"GNU Terry Pratchett"
]
},
{
"key": "x_drupal_cache",
"value": [
"xHIT"
]
},
{
"key": "x_request_id",
"value": [
"ecff8573-23ca-4dbc-a0a9-e8af7876c4ae"
]
},
{
"key": "x_varnish_cache",
"value": [
"Miss"
]
},
{
"key": "x_shopid",
"value": [
"25693290577"
]
},
{
"key": "x_gocache_cachestatus",
"value": [
"ok"
]
},
{
"key": "x_sucuri_cache",
"value": [
"tru"
]
},
{
"key": "loginip",
"value": [
"137.184.130.74"
]
},
{
"key": "x_jenkins_session",
"value": [
"f72d6619"
]
},
{
"key": "x_mod_pagespeed",
"value": [
"1.13.35.2-0"
]
},
{
"key": "x_vercel_cache",
"value": [
"1"
]
},
{
"key": "x_generator",
"value": [
"Drupal 7 (http://drupal.org)"
]
},
{
"key": "x_fastly_request_id",
"value": [
"ed15bdb8f4d9179ebe5b6b8441d6148a4a8e213f"
]
},
{
"key": "x_content_powered_by",
"value": [
"K2 v2.8.0 (by JoomlaWor"
]
},
{
"key": "x_aspnet_version",
"value": [
"4.0.30319"
]
},
{
"key": "x_nf_request_id",
"value": [
"39"
]
}
],
"via": [
"1.1 51766bfb56389c696c1525db90e16f23.cloudfront.net (CloudFront)"
],
"www_authenticate": [
"Basic realm=\"TP-LINK Wireless N Router IPC223(P)-6\""
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_powered_by": [
"Scala"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 401,
"title": "EG8245H5"
},
"influxdb": {
"bind_address": "0.0.0.0:8088",
"build_commit": "489de31b961831defa9f4173173337d4a6293909",
"config": {
"access_log_path": "/var/log/influxdb.access.log",
"data_dir": "/usr/local/var/influxdb/data",
"meta_dir": "/usr/local/var/influxdb/meta",
"wal_dir": "/usr/local/var/influxdb/wal"
},
"databases": [],
"go": {
"arch": "amd64",
"max_process": 8,
"os": "darwin",
"version": "1.8.3"
},
"https_enabled": false,
"network": {
"host": "influxdb-2.local"
},
"version": "v2.1.1"
},
"qnap": {
"config": {
"firmware_build": "20190531",
"firmware_version": "4.3.6",
"force_ssl": "0",
"msv2_supported": "0",
"msv2web_enabled": "1",
"nvr_enabled": "0",
"qdownload_enabled": "2",
"qmultimedia_enabled": "2",
"qmusic_enabled": "0",
"qphotos_enabled": "0",
"qvideos_enabled": "0",
"qweb_enabled": "1",
"qweb_ssl_enabled": "1",
"webfs_enabled": "1",
"wfm2": "1"
},
"internal_model_name": "TS-X41",
"qweb_port": 80,
"qweb_ssl_port": 8081,
"ssl_port": 443
},
"solrdb": {
"directory": "D:\\Websites\\CrownSupply\\Solr\\Solr\\server\\solr",
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:47:52",
"index": [
"Products"
],
"jvm": {
"stats": "Oracle Corporation Java HotSpot(TM) 64-Bit Server VM",
"version": "1.8.0_361 25.361-b09"
},
"lucene": {
"impl_version": "7.6.0 719cde97f84640faa1e3525690d262946571245f - nknize - 2018-12-07 14:44:20",
"spec_version": "7.6.0"
},
"system": {
"arch": "amd64",
"name": "Windows Server 2022",
"uname": "admin",
"version": "8.12"
},
"version": "7.6.0",
"vm": {
"name": "Java HotSpot(TM) 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "25.361-b09"
}
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": false
}
},
"fingerprint_md5": "878F3D1E4D48F833A9E21DD5FED089C7",
"fingerprint_sha1": "AC90F7B3AAA9B7832100097FB00F0A42AB75D183",
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"jarm": "3fd3fd00000000000043d3fd3fd43dabbd511bda998fb779b8208e926c4a0b",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "5291970371735989126",
"signature": {
"algorithm": {
"name": "SHA512-RSA",
"oid": "1.2.840.113549.1.1.13"
},
"self_signed": true
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"TK"
],
"domain_component": [
"SK",
"local"
],
"organization": [
"CXZJXRIX"
],
"organizational_unit": [
"EPHQFTQ"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "95c121aeddb483f62a7f51223e221a320739b415705845b7533692c5887f2d42",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "5f65c3d8ee86122b928253654eaeed01f3745062026fcda182dbf712d619b795",
"validation_level": "OV",
"validity": {
"length_seconds": 315532800,
"not_after": "2035-07-11T08:09:38",
"not_before": "2025-07-11T08:09:38"
},
"version": 2
},
"fingerprint_sha256": "921012756F666C8773496A9E4BC54F6C80D5B625255E5684AFB7E1DA732001A4",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"cve": [
{
"id": "CVE-2018-15891",
"severity": "medium"
},
{
"id": "CVE-2019-19538",
"severity": "high"
},
{
"id": "CVE-2019-19851",
"severity": "medium"
}
],
"url": "https://139.162.28.46:29092/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-20T08:21:41.691Z"
}
],
"services_hash": "ccd2cecdc60d33a32e05f36eed43cd4a114d0698dfca616dfdbb2256e0821174",
"last_updated_at": "2025-07-21T19:11:33.869Z",
"banner": [
"http",
"influxdb",
"qnap",
"solrdb",
"tls",
"couchdb",
"redis",
"elasticsearch",
"telnet",
"smtp",
"pop3",
"ipp",
"dnp3",
"mysql",
"memcached",
"mongodb",
"ftp",
"ssh",
"consul",
"mssql"
],
"is_vuln": true,
"cveDetails": {
"CVE-2001-1556": {
"id": "CVE-2001-1556",
"references": [
"http://archives.neohapsis.com/archives/bugtraq/2001-10/0231.html",
"http://httpd.apache.org/docs/logs.html",
"http://www.iss.net/security_center/static/7363.php",
"http://archives.neohapsis.com/archives/bugtraq/2001-10/0231.html",
"http://httpd.apache.org/docs/logs.html",
"http://www.iss.net/security_center/static/7363.php"
],
"score": 5,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "The log files in Apache web server contain information directly supplied by clients and does not filter or quote control characters, which could allow remote attackers to hide HTTP requests and spoof source IP addresses when logs are viewed with UNIX programs such as cat, tail, and grep.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"weakness": "CWE-532"
},
"CVE-2003-0016": {
"id": "CVE-2003-0016",
"references": [
"http://marc.info/?l=apache-httpd-announce&m=104313442901017&w=2",
"http://www.apacheweek.com/issues/03-01-24#security",
"http://www.kb.cert.org/vuls/id/825177",
"http://www.kb.cert.org/vuls/id/979793",
"http://www.securityfocus.com/bid/6659",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/11124",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/11125",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7035b7c9091c4b665a3b7205364775410646f12125d48e74e395f2ce%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd00b45b93fda4a5bd013b28587207d0e00f99f6e3308dbb6025f3b01%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re028d61fe612b0908595d658b9b39e74bca56f2a1ed3c5f06b5ab571%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
],
"score": 7.5,
"services": [
"8500/http"
],
"severity": "high",
"summary": "Apache before 2.0.44, when running on unpatched Windows 9x and Me operating systems, allows remote attackers to cause a denial of service or execute arbitrary code via an HTTP request containing MS-DOS device names.",
"vector_string": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"weakness": "NVD-CWE-Other"
},
"CVE-2003-0017": {
"id": "CVE-2003-0017",
"references": [
"http://marc.info/?l=apache-httpd-announce&m=104313442901017&w=2",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7035b7c9091c4b665a3b7205364775410646f12125d48e74e395f2ce%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd00b45b93fda4a5bd013b28587207d0e00f99f6e3308dbb6025f3b01%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re028d61fe612b0908595d658b9b39e74bca56f2a1ed3c5f06b5ab571%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
],
"score": 5,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "Apache 2.0 before 2.0.44 on Windows platforms allows remote attackers to obtain certain files via an HTTP request that ends in certain illegal characters such as \">\", which causes a different filename to be processed and served.",
"vector_string": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"weakness": "NVD-CWE-Other"
},
"CVE-2003-0020": {
"id": "CVE-2003-0020",
"references": [
"http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html",
"http://frontal2.mandriva.com/security/advisories?name=MDKSA-2004:046",
"http://marc.info/?l=bugtraq&m=104612710031920&w=2",
"http://marc.info/?l=bugtraq&m=108369640424244&w=2",
"http://marc.info/?l=bugtraq&m=108437852004207&w=2",
"http://marc.info/?l=bugtraq&m=108731648532365&w=2",
"http://security.gentoo.org/glsa/glsa-200405-22.xml",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1",
"http://www.iss.net/security_center/static/11412.php",
"http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:050",
"http://www.redhat.com/support/errata/RHSA-2003-082.html",
"http://www.redhat.com/support/errata/RHSA-2003-083.html",
"http://www.redhat.com/support/errata/RHSA-2003-104.html",
"http://www.redhat.com/support/errata/RHSA-2003-139.html",
"http://www.redhat.com/support/errata/RHSA-2003-243.html",
"http://www.redhat.com/support/errata/RHSA-2003-244.html",
"http://www.securityfocus.com/bid/9930",
"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.529643",
"http://www.trustix.org/errata/2004/0017",
"http://www.trustix.org/errata/2004/0027",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7035b7c9091c4b665a3b7205364775410646f12125d48e74e395f2ce%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd00b45b93fda4a5bd013b28587207d0e00f99f6e3308dbb6025f3b01%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re028d61fe612b0908595d658b9b39e74bca56f2a1ed3c5f06b5ab571%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100109",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A150",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4114",
"http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html",
"http://frontal2.mandriva.com/security/advisories?name=MDKSA-2004:046",
"http://marc.info/?l=bugtraq&m=104612710031920&w=2",
"http://marc.info/?l=bugtraq&m=108369640424244&w=2",
"http://marc.info/?l=bugtraq&m=108437852004207&w=2",
"http://marc.info/?l=bugtraq&m=108731648532365&w=2",
"http://security.gentoo.org/glsa/glsa-200405-22.xml",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1",
"http://www.iss.net/security_center/static/11412.php",
"http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:050",
"http://www.redhat.com/support/errata/RHSA-2003-082.html",
"http://www.redhat.com/support/errata/RHSA-2003-083.html",
"http://www.redhat.com/support/errata/RHSA-2003-104.html",
"http://www.redhat.com/support/errata/RHSA-2003-139.html",
"http://www.redhat.com/support/errata/RHSA-2003-243.html",
"http://www.redhat.com/support/errata/RHSA-2003-244.html",
"http://www.securityfocus.com/bid/9930",
"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.529643",
"http://www.trustix.org/errata/2004/0017",
"http://www.trustix.org/errata/2004/0027",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7035b7c9091c4b665a3b7205364775410646f12125d48e74e395f2ce%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd00b45b93fda4a5bd013b28587207d0e00f99f6e3308dbb6025f3b01%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re028d61fe612b0908595d658b9b39e74bca56f2a1ed3c5f06b5ab571%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100109",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A150",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4114"
],
"score": 5,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"weakness": "NVD-CWE-Other"
},
"CVE-2003-0083": {
"id": "CVE-2003-0083",
"references": [
"http://cvs.apache.org/viewcvs.cgi/apache-1.3/src/modules/standard/mod_log_config.c?only_with_tag=APACHE_1_3_25",
"http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/loggers/mod_log_config.c?only_with_tag=APACHE_2_0_BRANCH",
"http://marc.info/?l=bugtraq&m=108024081011678&w=2",
"http://marc.info/?l=bugtraq&m=108034113406858&w=2",
"http://secunia.com/advisories/8146",
"http://www.redhat.com/support/errata/RHSA-2003-139.html",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7035b7c9091c4b665a3b7205364775410646f12125d48e74e395f2ce%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd00b45b93fda4a5bd013b28587207d0e00f99f6e3308dbb6025f3b01%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re028d61fe612b0908595d658b9b39e74bca56f2a1ed3c5f06b5ab571%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A151",
"http://cvs.apache.org/viewcvs.cgi/apache-1.3/src/modules/standard/mod_log_config.c?only_with_tag=APACHE_1_3_25",
"http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/loggers/mod_log_config.c?only_with_tag=APACHE_2_0_BRANCH",
"http://marc.info/?l=bugtraq&m=108024081011678&w=2",
"http://marc.info/?l=bugtraq&m=108034113406858&w=2",
"http://secunia.com/advisories/8146",
"http://www.redhat.com/support/errata/RHSA-2003-139.html",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7035b7c9091c4b665a3b7205364775410646f12125d48e74e395f2ce%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd00b45b93fda4a5bd013b28587207d0e00f99f6e3308dbb6025f3b01%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re028d61fe612b0908595d658b9b39e74bca56f2a1ed3c5f06b5ab571%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A151"
],
"score": 5,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences, a different vulnerability than CVE-2003-0020.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"weakness": "NVD-CWE-Other"
},
"CVE-2003-0132": {
"id": "CVE-2003-0132",
"references": [
"http://lists.apple.com/mhonarc/security-announce/msg00028.html",
"http://marc.info/?l=bugtraq&m=104931360606484&w=2",
"http://marc.info/?l=bugtraq&m=104982175321731&w=2",
"http://marc.info/?l=bugtraq&m=104994239010517&w=2",
"http://marc.info/?l=bugtraq&m=104994309010974&w=2",
"http://marc.info/?l=bugtraq&m=105001663120995&w=2",
"http://marc.info/?l=bugtraq&m=105013378320711&w=2",
"http://secunia.com/advisories/34920",
"http://secunia.com/advisories/8499",
"http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=205147",
"http://www.idefense.com/advisory/04.08.03.txt",
"http://www.kb.cert.org/vuls/id/206537",
"http://www.redhat.com/support/errata/RHSA-2003-139.html",
"http://www.vupen.com/english/advisories/2009/1233",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7035b7c9091c4b665a3b7205364775410646f12125d48e74e395f2ce%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd00b45b93fda4a5bd013b28587207d0e00f99f6e3308dbb6025f3b01%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re028d61fe612b0908595d658b9b39e74bca56f2a1ed3c5f06b5ab571%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A156"
],
"score": 5,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "A memory leak in Apache 2.0 through 2.0.44 allows remote attackers to cause a denial of service (memory consumption) via large chunks of linefeed characters, which causes Apache to allocate 80 bytes for each linefeed.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "CWE-772"
},
"CVE-2003-0134": {
"id": "CVE-2003-0134",
"references": [
"http://cvs.apache.org/viewcvs/apr/file_io/os2/filestat.c.diff?r1=1.34&r2=1.35",
"http://marc.info/?l=bugtraq&m=104931360606484&w=2",
"http://marc.info/?l=bugtraq&m=105418115512559&w=2",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7035b7c9091c4b665a3b7205364775410646f12125d48e74e395f2ce%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/raa117ef183f0da9b3f46efbeaa66f7622bd68868a450cae4fd8ed594%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re028d61fe612b0908595d658b9b39e74bca56f2a1ed3c5f06b5ab571%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
],
"score": 5,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "Unknown vulnerability in filestat.c for Apache running on OS2, versions 2.0 through 2.0.45, allows unknown attackers to cause a denial of service via requests related to device names.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "NVD-CWE-Other"
},
"CVE-2003-0189": {
"id": "CVE-2003-0189",
"references": [
"http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000661",
"http://marc.info/?l=bugtraq&m=105418115512559&w=2",
"http://secunia.com/advisories/8881",
"http://www.apache.org/dist/httpd/Announcement2.html",
"http://www.kb.cert.org/vuls/id/479268",
"http://www.redhat.com/support/errata/RHSA-2003-186.html",
"http://www.securityfocus.com/bid/7725",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/12091",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7035b7c9091c4b665a3b7205364775410646f12125d48e74e395f2ce%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/raa117ef183f0da9b3f46efbeaa66f7622bd68868a450cae4fd8ed594%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re028d61fe612b0908595d658b9b39e74bca56f2a1ed3c5f06b5ab571%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
],
"score": 5,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "The authentication module for Apache 2.0.40 through 2.0.45 on Unix does not properly handle threads safely when using the crypt_r or crypt functions, which allows remote attackers to cause a denial of service (failed Basic authentication with valid usernames and passwords) when a threaded MPM is used.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "NVD-CWE-Other"
},
"CVE-2003-0192": {
"id": "CVE-2003-0192",
"references": [
"ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.6/SCOSA-2004.6.txt",
"http://marc.info/?l=bugtraq&m=105776593602600&w=2",
"http://www.mandriva.com/security/advisories?name=MDKSA-2003:075",
"http://www.redhat.com/support/errata/RHSA-2003-240.html",
"http://www.redhat.com/support/errata/RHSA-2003-243.html",
"http://www.redhat.com/support/errata/RHSA-2003-244.html",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7035b7c9091c4b665a3b7205364775410646f12125d48e74e395f2ce%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/raa117ef183f0da9b3f46efbeaa66f7622bd68868a450cae4fd8ed594%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re028d61fe612b0908595d658b9b39e74bca56f2a1ed3c5f06b5ab571%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A169"
],
"score": 6.4,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "Apache 2 before 2.0.47, and certain versions of mod_ssl for Apache 1.3, do not properly handle \"certain sequences of per-directory renegotiations and the SSLCipherSuite directive being used to upgrade from a weak ciphersuite to a strong one,\" which could cause Apache to use the weak ciphersuite.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"weakness": "NVD-CWE-Other"
},
"CVE-2003-0245": {
"id": "CVE-2003-0245",
"references": [
"http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0095.html",
"http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000661",
"http://marc.info/?l=bugtraq&m=105418115512559&w=2",
"http://www.apache.org/dist/httpd/Announcement2.html",
"http://www.idefense.com/advisory/05.30.03.txt",
"http://www.kb.cert.org/vuls/id/757612",
"http://www.mandriva.com/security/advisories?name=MDKSA-2003:063",
"http://www.redhat.com/support/errata/RHSA-2003-186.html",
"http://www.securityfocus.com/bid/7723",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/12090",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7035b7c9091c4b665a3b7205364775410646f12125d48e74e395f2ce%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/raa117ef183f0da9b3f46efbeaa66f7622bd68868a450cae4fd8ed594%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re028d61fe612b0908595d658b9b39e74bca56f2a1ed3c5f06b5ab571%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
],
"score": 5,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "Vulnerability in the apr_psprintf function in the Apache Portable Runtime (APR) library for Apache 2.0.37 through 2.0.45 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long strings, as demonstrated using XML objects to mod_dav, and possibly other vectors.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "NVD-CWE-Other"
},
"CVE-2003-0253": {
"id": "CVE-2003-0253",
"references": [
"http://marc.info/?l=bugtraq&m=105776593602600&w=2",
"http://www.mandriva.com/security/advisories?name=MDKSA-2003:075",
"http://www.redhat.com/support/errata/RHSA-2003-240.html",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7035b7c9091c4b665a3b7205364775410646f12125d48e74e395f2ce%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/raa117ef183f0da9b3f46efbeaa66f7622bd68868a450cae4fd8ed594%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re028d61fe612b0908595d658b9b39e74bca56f2a1ed3c5f06b5ab571%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A173"
],
"score": 5,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "The prefork MPM in Apache 2 before 2.0.47 does not properly handle certain errors from accept, which could lead to a denial of service.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "NVD-CWE-Other"
},
"CVE-2003-0254": {
"id": "CVE-2003-0254",
"references": [
"http://marc.info/?l=bugtraq&m=105776593602600&w=2",
"http://www.mandriva.com/security/advisories?name=MDKSA-2003:075",
"http://www.redhat.com/support/errata/RHSA-2003-240.html",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7035b7c9091c4b665a3b7205364775410646f12125d48e74e395f2ce%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/raa117ef183f0da9b3f46efbeaa66f7622bd68868a450cae4fd8ed594%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re028d61fe612b0908595d658b9b39e74bca56f2a1ed3c5f06b5ab571%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A183"
],
"score": 5,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "Apache 2 before 2.0.47, when running on an IPv6 host, allows attackers to cause a denial of service (CPU consumption by infinite loop) when the FTP proxy server fails to create an IPv6 socket.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "NVD-CWE-Other"
},
"CVE-2003-0542": {
"id": "CVE-2003-0542",
"references": [
"ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.6/SCOSA-2004.6.txt",
"ftp://patches.sgi.com/support/free/security/advisories/20031203-01-U.asc",
"ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc",
"http://docs.info.apple.com/article.html?artnum=61798",
"http://httpd.apache.org/dist/httpd/Announcement2.html",
"http://lists.apple.com/archives/security-announce/2004/Jan/msg00000.html",
"http://lists.apple.com/mhonarc/security-announce/msg00045.html",
"http://marc.info/?l=bugtraq&m=106761802305141&w=2",
"http://marc.info/?l=bugtraq&m=130497311408250&w=2",
"http://secunia.com/advisories/10096",
"http://secunia.com/advisories/10098",
"http://secunia.com/advisories/10102",
"http://secunia.com/advisories/10112",
"http://secunia.com/advisories/10114",
"http://secunia.com/advisories/10153",
"http://secunia.com/advisories/10260",
"http://secunia.com/advisories/10264",
"http://secunia.com/advisories/10463",
"http://secunia.com/advisories/10580",
"http://secunia.com/advisories/10593",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-101444-1",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-101841-1",
"http://www.kb.cert.org/vuls/id/434566",
"http://www.kb.cert.org/vuls/id/549142",
"http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:103",
"http://www.redhat.com/support/errata/RHSA-2003-320.html",
"http://www.redhat.com/support/errata/RHSA-2003-360.html",
"http://www.redhat.com/support/errata/RHSA-2003-405.html",
"http://www.redhat.com/support/errata/RHSA-2004-015.html",
"http://www.redhat.com/support/errata/RHSA-2005-816.html",
"http://www.securityfocus.com/advisories/6079",
"http://www.securityfocus.com/archive/1/342674",
"http://www.securityfocus.com/bid/8911",
"http://www.securityfocus.com/bid/9504",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/13400",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7035b7c9091c4b665a3b7205364775410646f12125d48e74e395f2ce%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/raa117ef183f0da9b3f46efbeaa66f7622bd68868a450cae4fd8ed594%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re028d61fe612b0908595d658b9b39e74bca56f2a1ed3c5f06b5ab571%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3799",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A863",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A864",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9458"
],
"score": 7.2,
"services": [
"8500/http"
],
"severity": "high",
"summary": "Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service (crash) or execute arbitrary code via a regular expression with more than 9 captures.",
"vector_string": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"weakness": "CWE-119"
},
"CVE-2003-0789": {
"id": "CVE-2003-0789",
"references": [
"http://apache.secsup.org/dist/httpd/Announcement2.html",
"http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000775",
"http://docs.info.apple.com/article.html?artnum=61798",
"http://lists.apple.com/archives/security-announce/2004/Jan/msg00000.html",
"http://lists.apple.com/mhonarc/security-announce/msg00045.html",
"http://marc.info/?l=bugtraq&m=106761802305141&w=2",
"http://security.gentoo.org/glsa/glsa-200310-04.xml",
"http://www.ciac.org/ciac/bulletins/o-015.shtml",
"http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:103",
"http://www.redhat.com/support/errata/RHSA-2003-320.html",
"http://www.securityfocus.com/advisories/6079",
"http://www.securityfocus.com/bid/8926",
"http://www.securityfocus.com/bid/9504",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/13552",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7035b7c9091c4b665a3b7205364775410646f12125d48e74e395f2ce%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/raa117ef183f0da9b3f46efbeaa66f7622bd68868a450cae4fd8ed594%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re028d61fe612b0908595d658b9b39e74bca56f2a1ed3c5f06b5ab571%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
],
"score": 10,
"services": [
"8500/http"
],
"severity": "high",
"summary": "mod_cgid in Apache before 2.0.48, when using a threaded MPM, does not properly handle CGI redirect paths, which could cause Apache to send the output of a CGI program to the wrong client.",
"vector_string": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2003-1307": {
"id": "CVE-2003-1307",
"references": [
"http://bugs.php.net/38915",
"http://hackerdom.ru/~dimmo/phpexpl.c",
"http://www.securityfocus.com/archive/1/348368",
"http://www.securityfocus.com/archive/1/449234/100/0/threaded",
"http://www.securityfocus.com/archive/1/449298/100/0/threaded",
"http://www.securityfocus.com/bid/9302"
],
"score": 4.3,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "The mod_php module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server's process group and use the server's file descriptors, as demonstrated by sending a STOP signal, then intercepting incoming connections on the server's TCP port. NOTE: the PHP developer has disputed this vulnerability, saying \"The opened file descriptors are opened by Apache. It is the job of Apache to protect them ... Not a bug in PHP.",
"vector_string": "AV:L/AC:L/Au:S/C:P/I:P/A:P",
"weakness": "NVD-CWE-Other"
},
"CVE-2004-0113": {
"id": "CVE-2004-0113",
"references": [
"http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000839",
"http://issues.apache.org/bugzilla/show_bug.cgi?id=27106",
"http://marc.info/?l=apache-cvs&m=107869699329638",
"http://marc.info/?l=bugtraq&m=108034113406858&w=2",
"http://marc.info/?l=bugtraq&m=108369640424244&w=2",
"http://marc.info/?l=bugtraq&m=108731648532365&w=2",
"http://security.gentoo.org/glsa/glsa-200403-04.xml",
"http://www.apacheweek.com/features/security-20",
"http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:043",
"http://www.osvdb.org/4182",
"http://www.redhat.com/support/errata/RHSA-2004-084.html",
"http://www.redhat.com/support/errata/RHSA-2004-182.html",
"http://www.securityfocus.com/bid/9826",
"http://www.trustix.org/errata/2004/0017",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/15419",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7035b7c9091c4b665a3b7205364775410646f12125d48e74e395f2ce%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/raa117ef183f0da9b3f46efbeaa66f7622bd68868a450cae4fd8ed594%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re028d61fe612b0908595d658b9b39e74bca56f2a1ed3c5f06b5ab571%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A876"
],
"score": 5,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "Memory leak in ssl_engine_io.c for mod_ssl in Apache 2 before 2.0.49 allows remote attackers to cause a denial of service (memory consumption) via plain HTTP requests to the SSL port of an SSL-enabled server.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "NVD-CWE-Other"
},
"CVE-2004-0174": {
"id": "CVE-2004-0174",
"references": [
"http://marc.info/?l=bugtraq&m=107973894328806&w=2",
"http://marc.info/?l=bugtraq&m=108066914830552&w=2",
"http://marc.info/?l=bugtraq&m=108369640424244&w=2",
"http://marc.info/?l=bugtraq&m=108437852004207&w=2",
"http://marc.info/?l=bugtraq&m=108731648532365&w=2",
"http://secunia.com/advisories/11170",
"http://security.gentoo.org/glsa/glsa-200405-22.xml",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1",
"http://www.apache.org/dist/httpd/CHANGES_1.3",
"http://www.kb.cert.org/vuls/id/132110",
"http://www.mandriva.com/security/advisories?name=MDKSA-2004:046",
"http://www.redhat.com/support/errata/RHSA-2004-405.html",
"http://www.securityfocus.com/bid/9921",
"http://www.securitytracker.com/alerts/2004/Mar/1009495.html",
"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.529643",
"http://www.trustix.org/errata/2004/0027",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/15540",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/raa117ef183f0da9b3f46efbeaa66f7622bd68868a450cae4fd8ed594%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100110",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1982",
"http://marc.info/?l=bugtraq&m=107973894328806&w=2",
"http://marc.info/?l=bugtraq&m=108066914830552&w=2",
"http://marc.info/?l=bugtraq&m=108369640424244&w=2",
"http://marc.info/?l=bugtraq&m=108437852004207&w=2",
"http://marc.info/?l=bugtraq&m=108731648532365&w=2",
"http://secunia.com/advisories/11170",
"http://security.gentoo.org/glsa/glsa-200405-22.xml",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1",
"http://www.apache.org/dist/httpd/CHANGES_1.3",
"http://www.kb.cert.org/vuls/id/132110",
"http://www.mandriva.com/security/advisories?name=MDKSA-2004:046",
"http://www.redhat.com/support/errata/RHSA-2004-405.html",
"http://www.securityfocus.com/bid/9921",
"http://www.securitytracker.com/alerts/2004/Mar/1009495.html",
"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.529643",
"http://www.trustix.org/errata/2004/0027",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/15540",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/raa117ef183f0da9b3f46efbeaa66f7622bd68868a450cae4fd8ed594%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100110",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1982"
],
"score": 7.5,
"services": [
"8500/http"
],
"severity": "high",
"summary": "Apache 1.4.x before 1.3.30, and 2.0.x before 2.0.49, when using multiple listening sockets on certain platforms, allows remote attackers to cause a denial of service (blocked new connections) via a \"short-lived connection on a rarely-accessed listening socket.\"",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-667"
},
"CVE-2004-0263": {
"id": "CVE-2004-0263",
"references": [
"http://security.gentoo.org/glsa/glsa-200402-01.xml",
"http://www.osvdb.org/3878",
"http://www.securityfocus.com/bid/9599",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/15072"
],
"score": 5,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "PHP 4.3.4 and earlier in Apache 1.x and 2.x (mod_php) can leak global variables between virtual hosts that are handled by the same Apache child process but have different settings, which could allow remote attackers to obtain sensitive information.",
"vector_string": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"weakness": "NVD-CWE-Other"
},
"CVE-2004-0488": {
"id": "CVE-2004-0488",
"references": [
"ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc",
"http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021610.html",
"http://marc.info/?l=bugtraq&m=108567431823750&w=2",
"http://marc.info/?l=bugtraq&m=108619129727620&w=2",
"http://marc.info/?l=bugtraq&m=109181600614477&w=2",
"http://marc.info/?l=bugtraq&m=109215056218824&w=2",
"http://rhn.redhat.com/errata/RHSA-2004-245.html",
"http://security.gentoo.org/glsa/glsa-200406-05.xml",
"http://www.debian.org/security/2004/dsa-532",
"http://www.mandriva.com/security/advisories?name=MDKSA-2004:054",
"http://www.mandriva.com/security/advisories?name=MDKSA-2004:055",
"http://www.redhat.com/support/errata/RHSA-2004-342.html",
"http://www.redhat.com/support/errata/RHSA-2004-405.html",
"http://www.redhat.com/support/errata/RHSA-2005-816.html",
"http://www.securityfocus.com/bid/10355",
"http://www.trustix.net/errata/2004/0031/",
"https://bugzilla.fedora.us/show_bug.cgi?id=1888",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/16214",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/raa117ef183f0da9b3f46efbeaa66f7622bd68868a450cae4fd8ed594%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11458"
],
"score": 7.5,
"services": [
"8500/http"
],
"severity": "high",
"summary": "Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN.",
"vector_string": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"weakness": "CWE-787"
},
"CVE-2004-0747": {
"id": "CVE-2004-0747",
"references": [
"http://secunia.com/advisories/12540",
"http://secunia.com/advisories/34920",
"http://securitytracker.com/id?1011303",
"http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=205147",
"http://www.gentoo.org/security/en/glsa/glsa-200409-21.xml",
"http://www.kb.cert.org/vuls/id/481998",
"http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:096",
"http://www.novell.com/linux/security/advisories/2004_32_apache2.html",
"http://www.redhat.com/support/errata/RHSA-2004-463.html",
"http://www.trustix.org/errata/2004/0047/",
"http://www.vupen.com/english/advisories/2009/1233",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/17384",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11561"
],
"score": 7.8,
"services": [
"8500/http"
],
"severity": "high",
"summary": "Buffer overflow in Apache 2.0.50 and earlier allows local users to gain apache privileges via a .htaccess file that causes the overflow during expansion of environment variables.",
"vector_string": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-131"
},
"CVE-2004-0748": {
"id": "CVE-2004-0748",
"references": [
"http://www.gentoo.org/security/en/glsa/glsa-200409-21.xml",
"http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:096",
"http://www.novell.com/linux/security/advisories/2004_30_apache2.html",
"http://www.redhat.com/support/errata/RHSA-2004-349.html",
"http://www.trustix.org/errata/2004/0047/",
"https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=130750",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/17200",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11126"
],
"score": 5,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "mod_ssl in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (CPU consumption) by aborting an SSL connection in a way that causes an Apache child process to enter an infinite loop.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "CWE-835"
},
"CVE-2004-0786": {
"id": "CVE-2004-0786",
"references": [
"http://secunia.com/advisories/12540",
"http://www.gentoo.org/security/en/glsa/glsa-200409-21.xml",
"http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:096",
"http://www.novell.com/linux/security/advisories/2004_32_apache2.html",
"http://www.redhat.com/support/errata/RHSA-2004-463.html",
"http://www.trustix.org/errata/2004/0047/",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/17382",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11380"
],
"score": 5,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "The IPv6 URI parsing routines in the apr-util library for Apache 2.0.50 and earlier allow remote attackers to cause a denial of service (child process crash) via a certain URI, as demonstrated using the Codenomicon HTTP Test Tool.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2004-0809": {
"id": "CVE-2004-0809",
"references": [
"http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/dav/fs/lock.c?r1=1.32&r2=1.33",
"http://www.debian.org/security/2004/dsa-558",
"http://www.gentoo.org/security/en/glsa/glsa-200409-21.xml",
"http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:096",
"http://www.redhat.com/support/errata/RHSA-2004-463.html",
"http://www.trustix.org/errata/2004/0047/",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/17366",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9588"
],
"score": 5,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2004-0885": {
"id": "CVE-2004-0885",
"references": [
"http://issues.apache.org/bugzilla/show_bug.cgi?id=31505",
"http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html",
"http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html",
"http://marc.info/?l=bugtraq&m=109786159119069&w=2",
"http://secunia.com/advisories/19072",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1",
"http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm",
"http://www.apacheweek.com/features/security-20",
"http://www.redhat.com/support/errata/RHSA-2004-562.html",
"http://www.redhat.com/support/errata/RHSA-2004-600.html",
"http://www.redhat.com/support/errata/RHSA-2005-816.html",
"http://www.redhat.com/support/errata/RHSA-2008-0261.html",
"http://www.securityfocus.com/bid/11360",
"http://www.ubuntu.com/usn/usn-177-1",
"http://www.vupen.com/english/advisories/2006/0789",
"http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01123",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/17671",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10384"
],
"score": 7.5,
"services": [
"8500/http"
],
"severity": "high",
"summary": "The mod_ssl module in Apache 2.0.35 through 2.0.52, when using the \"SSLCipherSuite\" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration.",
"vector_string": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"weakness": "NVD-CWE-Other"
},
"CVE-2004-0942": {
"id": "CVE-2004-0942",
"references": [
"http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html",
"http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html",
"http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/028248.html",
"http://marc.info/?l=bugtraq&m=110384374213596&w=2",
"http://secunia.com/advisories/19072",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1",
"http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm",
"http://www.mandriva.com/security/advisories?name=MDKSA-2004:135",
"http://www.redhat.com/support/errata/RHSA-2004-562.html",
"http://www.trustix.org/errata/2004/0061/",
"http://www.vupen.com/english/advisories/2006/0789",
"http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01123",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/17930",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10962",
"http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html",
"http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html",
"http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/028248.html",
"http://marc.info/?l=bugtraq&m=110384374213596&w=2",
"http://secunia.com/advisories/19072",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1",
"http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm",
"http://www.mandriva.com/security/advisories?name=MDKSA-2004:135",
"http://www.redhat.com/support/errata/RHSA-2004-562.html",
"http://www.trustix.org/errata/2004/0061/",
"http://www.vupen.com/english/advisories/2006/0789",
"http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01123",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/17930",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10962"
],
"score": 5,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "Apache webserver 2.0.52 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an HTTP GET request with a MIME header containing multiple lines with a large number of space characters.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "NVD-CWE-Other"
},
"CVE-2004-1834": {
"id": "CVE-2004-1834",
"references": [
"http://marc.info/?l=bugtraq&m=107981737322495&w=2",
"http://secunia.com/advisories/11176",
"http://secunia.com/advisories/19072",
"http://securitytracker.com/id?1009509",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1",
"http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm",
"http://www.osvdb.org/4446",
"http://www.redhat.com/support/errata/RHSA-2004-562.html",
"http://www.securityfocus.com/bid/9933",
"http://www.vupen.com/english/advisories/2006/0789",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/15547",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11133"
],
"score": 2.1,
"services": [
"8500/http"
],
"severity": "low",
"summary": "mod_disk_cache in Apache 2.0 through 2.0.49 stores client headers, including authentication information, on the hard disk, which could allow local users to gain sensitive information.",
"vector_string": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"weakness": "NVD-CWE-Other"
},
"CVE-2004-2343": {
"id": "CVE-2004-2343",
"references": [
"http://archives.neohapsis.com/archives/bugtraq/2004-02/0043.html",
"http://archives.neohapsis.com/archives/bugtraq/2004-02/0064.html",
"http://archives.neohapsis.com/archives/bugtraq/2004-02/0120.html",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/15015",
"http://archives.neohapsis.com/archives/bugtraq/2004-02/0043.html",
"http://archives.neohapsis.com/archives/bugtraq/2004-02/0064.html",
"http://archives.neohapsis.com/archives/bugtraq/2004-02/0120.html",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/15015"
],
"score": 7.2,
"services": [
"8500/http"
],
"severity": "high",
"summary": "Apache HTTP Server 2.0.47 and earlier allows local users to bypass .htaccess file restrictions, as specified in httpd.conf with directives such as Deny From All, by using an ErrorDocument directive. NOTE: the vendor has disputed this issue, since the .htaccess mechanism is only intended to restrict external web access, and a local user already has the privileges to perform the same operations without using ErrorDocument",
"vector_string": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"weakness": "NVD-CWE-Other"
},
"CVE-2005-1268": {
"id": "CVE-2005-1268",
"references": [
"http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html",
"http://rhn.redhat.com/errata/RHSA-2005-582.html",
"http://secunia.com/advisories/19072",
"http://secunia.com/advisories/19185",
"http://securityreason.com/securityalert/604",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1",
"http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm",
"http://www.debian.org/security/2005/dsa-805",
"http://www.mandriva.com/security/advisories?name=MDKSA-2005:129",
"http://www.novell.com/linux/security/advisories/2005_18_sr.html",
"http://www.novell.com/linux/security/advisories/2005_46_apache.html",
"http://www.securityfocus.com/archive/1/428138/100/0/threaded",
"http://www.securityfocus.com/bid/14366",
"http://www.vupen.com/english/advisories/2006/0789",
"https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=163013",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1346",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1714",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1747",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9589"
],
"score": 5,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one null byte.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "CWE-193"
},
"CVE-2005-2088": {
"id": "CVE-2005-2088",
"references": [
"http://docs.info.apple.com/article.html?artnum=302847",
"http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html",
"http://marc.info/?l=apache-httpd-announce&m=112931556417329&w=3",
"http://seclists.org/lists/bugtraq/2005/Jun/0025.html",
"http://secunia.com/advisories/14530",
"http://secunia.com/advisories/17319",
"http://secunia.com/advisories/17487",
"http://secunia.com/advisories/17813",
"http://secunia.com/advisories/19072",
"http://secunia.com/advisories/19073",
"http://secunia.com/advisories/19185",
"http://secunia.com/advisories/19317",
"http://secunia.com/advisories/23074",
"http://securityreason.com/securityalert/604",
"http://securitytracker.com/id?1014323",
"http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.600000",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102197-1",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1",
"http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm",
"http://www-1.ibm.com/support/search.wss?rs=0&q=PK13959&apar=only",
"http://www-1.ibm.com/support/search.wss?rs=0&q=PK16139&apar=only",
"http://www.apache.org/dist/httpd/CHANGES_1.3",
"http://www.apache.org/dist/httpd/CHANGES_2.0",
"http://www.debian.org/security/2005/dsa-803",
"http://www.debian.org/security/2005/dsa-805",
"http://www.mandriva.com/security/advisories?name=MDKSA-2005:130",
"http://www.novell.com/linux/security/advisories/2005_18_sr.html",
"http://www.novell.com/linux/security/advisories/2005_46_apache.html",
"http://www.redhat.com/support/errata/RHSA-2005-582.html",
"http://www.securiteam.com/securityreviews/5GP0220G0U.html",
"http://www.securityfocus.com/archive/1/428138/100/0/threaded",
"http://www.securityfocus.com/bid/14106",
"http://www.securityfocus.com/bid/15647",
"http://www.ubuntu.com/usn/usn-160-2",
"http://www.vupen.com/english/advisories/2005/2140",
"http://www.vupen.com/english/advisories/2005/2659",
"http://www.vupen.com/english/advisories/2006/0789",
"http://www.vupen.com/english/advisories/2006/1018",
"http://www.vupen.com/english/advisories/2006/4680",
"http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf",
"http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00612828",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11452",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1237",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1526",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1629",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A840",
"https://secure-support.novell.com/KanisaPlatform/Publishing/741/3222109_f.SAL_Public.html"
],
"score": 4.3,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "The Apache HTTP server before 1.3.34, and 2.0.x before 2.0.55, when acting as an HTTP proxy, allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a \"Transfer-Encoding: chunked\" header and a Content-Length header, which causes Apache to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka \"HTTP Request Smuggling.\"",
"vector_string": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"weakness": "CWE-444"
},
"CVE-2005-2089": {
"id": "CVE-2005-2089",
"references": [
"http://seclists.org/lists/bugtraq/2005/Jun/0025.html",
"http://www.securiteam.com/securityreviews/5GP0220G0U.html",
"http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/42899"
],
"score": 4.3,
"services": [
"27017/http"
],
"severity": "medium",
"summary": "Microsoft IIS 5.0 and 6.0 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a \"Transfer-Encoding: chunked\" header and a Content-Length header, which causes IIS to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka \"HTTP Request Smuggling.\"",
"vector_string": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"weakness": "CWE-444"
},
"CVE-2005-2700": {
"id": "CVE-2005-2700",
"references": [
"http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html",
"http://marc.info/?l=apache-modssl&m=112569517603897&w=2",
"http://marc.info/?l=bugtraq&m=112604765028607&w=2",
"http://marc.info/?l=bugtraq&m=112870296926652&w=2",
"http://people.apache.org/~jorton/CAN-2005-2700.diff",
"http://secunia.com/advisories/16700",
"http://secunia.com/advisories/16705",
"http://secunia.com/advisories/16714",
"http://secunia.com/advisories/16743",
"http://secunia.com/advisories/16746",
"http://secunia.com/advisories/16748",
"http://secunia.com/advisories/16753",
"http://secunia.com/advisories/16754",
"http://secunia.com/advisories/16769",
"http://secunia.com/advisories/16771",
"http://secunia.com/advisories/16789",
"http://secunia.com/advisories/16864",
"http://secunia.com/advisories/16956",
"http://secunia.com/advisories/17088",
"http://secunia.com/advisories/17288",
"http://secunia.com/advisories/17311",
"http://secunia.com/advisories/17813",
"http://secunia.com/advisories/19072",
"http://secunia.com/advisories/19073",
"http://secunia.com/advisories/21848",
"http://secunia.com/advisories/22523",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102197-1",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1",
"http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm",
"http://www.debian.org/security/2005/dsa-805",
"http://www.debian.org/security/2005/dsa-807",
"http://www.gentoo.org/security/en/glsa/glsa-200509-12.xml",
"http://www.kb.cert.org/vuls/id/744929",
"http://www.mandriva.com/security/advisories?name=MDKSA-2005:161",
"http://www.novell.com/linux/security/advisories/2005_51_apache2.html",
"http://www.novell.com/linux/security/advisories/2005_52_apache2.html",
"http://www.osvdb.org/19188",
"http://www.redhat.com/support/errata/RHSA-2005-608.html",
"http://www.redhat.com/support/errata/RHSA-2005-773.html",
"http://www.redhat.com/support/errata/RHSA-2005-816.html",
"http://www.securityfocus.com/bid/14721",
"http://www.ubuntu.com/usn/usn-177-1",
"http://www.vupen.com/english/advisories/2005/1625",
"http://www.vupen.com/english/advisories/2005/2659",
"http://www.vupen.com/english/advisories/2006/0789",
"http://www.vupen.com/english/advisories/2006/4207",
"http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117",
"https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=167195",
"https://lists.apache.org/thread.html/117bc3f09847ebf020b1bb70301ebcc105ddc446856150b63f37f8eb%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5b1e7d66c5adf286f14f6cc0f857b6fca107444f68aed9e70eedab47%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.opensuse.org/opensuse-security-announce/2006-09/msg00016.html",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10416"
],
"score": 10,
"services": [
"8500/http"
],
"severity": "high",
"summary": "ssl_engine_kernel.c in mod_ssl before 2.8.24, when using \"SSLVerifyClient optional\" in the global virtual host configuration, does not properly enforce \"SSLVerifyClient require\" in a per-location context, which allows remote attackers to bypass intended access restrictions.",
"vector_string": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2005-2728": {
"id": "CVE-2005-2728",
"references": [
"ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U",
"http://issues.apache.org/bugzilla/show_bug.cgi?id=29962",
"http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html",
"http://secunia.com/advisories/16559/",
"http://secunia.com/advisories/16705",
"http://secunia.com/advisories/16714",
"http://secunia.com/advisories/16743",
"http://secunia.com/advisories/16746",
"http://secunia.com/advisories/16753",
"http://secunia.com/advisories/16754",
"http://secunia.com/advisories/16769",
"http://secunia.com/advisories/16789",
"http://secunia.com/advisories/16956",
"http://secunia.com/advisories/17036",
"http://secunia.com/advisories/17288",
"http://secunia.com/advisories/17600",
"http://secunia.com/advisories/17831",
"http://secunia.com/advisories/17923",
"http://secunia.com/advisories/18161",
"http://secunia.com/advisories/18333",
"http://secunia.com/advisories/18517",
"http://secunia.com/advisories/19072",
"http://securityreason.com/securityalert/604",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1",
"http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm",
"http://www.debian.org/security/2005/dsa-805",
"http://www.gentoo.org/security/en/glsa/glsa-200508-15.xml",
"http://www.mandriva.com/security/advisories?name=MDKSA-2005:161",
"http://www.novell.com/linux/security/advisories/2005_51_apache2.html",
"http://www.novell.com/linux/security/advisories/2005_52_apache2.html",
"http://www.redhat.com/support/errata/RHSA-2005-608.html",
"http://www.securityfocus.com/archive/1/428138/100/0/threaded",
"http://www.securityfocus.com/bid/14660",
"http://www.ubuntu.com/usn/usn-177-1",
"http://www.vupen.com/english/advisories/2006/0789",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/22006",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10017",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1246",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1727",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A760"
],
"score": 5,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "The byte-range filter in Apache 2.0 before 2.0.54 allows remote attackers to cause a denial of service (memory consumption) via an HTTP header with a large Range field.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "NVD-CWE-Other"
},
"CVE-2005-2970": {
"id": "CVE-2005-2970",
"references": [
"http://mail-archives.apache.org/mod_mbox/httpd-cvs/200509.mbox/%3C20051001110218.40692.qmail%40minotaur.apache.org%3E",
"http://rhn.redhat.com/errata/RHSA-2006-0159.html",
"http://secunia.com/advisories/16559",
"http://secunia.com/advisories/17923",
"http://secunia.com/advisories/18161",
"http://secunia.com/advisories/18333",
"http://secunia.com/advisories/18585",
"http://securitytracker.com/id?1015093",
"http://svn.apache.org/viewcvs?rev=292949&view=rev",
"http://www.mandriva.com/security/advisories?name=MDKSA-2005:233",
"http://www.novell.com/linux/security/advisories/2005_28_sr.html",
"http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00060.html",
"http://www.securityfocus.com/archive/1/425399/100/0/threaded",
"http://www.securityfocus.com/bid/15762",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10043",
"https://www.ubuntu.com/usn/usn-225-1/"
],
"score": 5,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused for other connections.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "CWE-770"
},
"CVE-2005-3352": {
"id": "CVE-2005-3352",
"references": [
"ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U",
"http://docs.info.apple.com/article.html?artnum=307562",
"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449",
"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449",
"http://issues.apache.org/bugzilla/show_bug.cgi?id=37874",
"http://lists.apple.com/archives/security-announce/2008//May/msg00001.html",
"http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html",
"http://lists.suse.com/archive/suse-security-announce/2007-May/0005.html",
"http://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html",
"http://marc.info/?l=bugtraq&m=130497311408250&w=2",
"http://marc.info/?l=bugtraq&m=130497311408250&w=2",
"http://rhn.redhat.com/errata/RHSA-2006-0159.html",
"http://rhn.redhat.com/errata/RHSA-2006-0692.html",
"http://secunia.com/advisories/17319",
"http://secunia.com/advisories/18008",
"http://secunia.com/advisories/18333",
"http://secunia.com/advisories/18339",
"http://secunia.com/advisories/18340",
"http://secunia.com/advisories/18429",
"http://secunia.com/advisories/18517",
"http://secunia.com/advisories/18526",
"http://secunia.com/advisories/18585",
"http://secunia.com/advisories/18743",
"http://secunia.com/advisories/19012",
"http://secunia.com/advisories/20046",
"http://secunia.com/advisories/20670",
"http://secunia.com/advisories/21744",
"http://secunia.com/advisories/22140",
"http://secunia.com/advisories/22368",
"http://secunia.com/advisories/22388",
"http://secunia.com/advisories/22669",
"http://secunia.com/advisories/23260",
"http://secunia.com/advisories/25239",
"http://secunia.com/advisories/29420",
"http://secunia.com/advisories/29849",
"http://secunia.com/advisories/30430",
"http://securitytracker.com/id?1015344",
"http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.470158",
"http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.685483",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1",
"http://www-1.ibm.com/support/search.wss?rs=0&q=PK16139&apar=only",
"http://www-1.ibm.com/support/search.wss?rs=0&q=PK25355&apar=only",
"http://www.debian.org/security/2006/dsa-1167",
"http://www.gentoo.org/security/en/glsa/glsa-200602-03.xml",
"http://www.novell.com/linux/security/advisories/2006_43_apache.html",
"http://www.openpkg.org/security/OpenPKG-SA-2005.029-apache.txt",
"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html",
"http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00060.html",
"http://www.redhat.com/support/errata/RHSA-2006-0158.html",
"http://www.securityfocus.com/archive/1/425399/100/0/threaded",
"http://www.securityfocus.com/archive/1/445206/100/0/threaded",
"http://www.securityfocus.com/archive/1/445206/100/0/threaded",
"http://www.securityfocus.com/archive/1/450315/100/0/threaded",
"http://www.securityfocus.com/archive/1/450315/100/0/threaded",
"http://www.securityfocus.com/archive/1/450321/100/0/threaded",
"http://www.securityfocus.com/archive/1/450321/100/0/threaded",
"http://www.securityfocus.com/bid/15834",
"http://www.trustix.org/errata/2005/0074/",
"http://www.ubuntulinux.org/usn/usn-241-1",
"http://www.us-cert.gov/cas/techalerts/TA08-150A.html",
"http://www.vupen.com/english/advisories/2005/2870",
"http://www.vupen.com/english/advisories/2006/2423",
"http://www.vupen.com/english/advisories/2006/3995",
"http://www.vupen.com/english/advisories/2006/4015",
"http://www.vupen.com/english/advisories/2006/4300",
"http://www.vupen.com/english/advisories/2006/4868",
"http://www.vupen.com/english/advisories/2008/0924/references",
"http://www.vupen.com/english/advisories/2008/1246/references",
"http://www.vupen.com/english/advisories/2008/1697",
"http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:007",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10480",
"ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U",
"http://docs.info.apple.com/article.html?artnum=307562",
"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449",
"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449",
"http://issues.apache.org/bugzilla/show_bug.cgi?id=37874",
"http://lists.apple.com/archives/security-announce/2008//May/msg00001.html",
"http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html",
"http://lists.suse.com/archive/suse-security-announce/2007-May/0005.html",
"http://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html",
"http://marc.info/?l=bugtraq&m=130497311408250&w=2",
"http://marc.info/?l=bugtraq&m=130497311408250&w=2",
"http://rhn.redhat.com/errata/RHSA-2006-0159.html",
"http://rhn.redhat.com/errata/RHSA-2006-0692.html",
"http://secunia.com/advisories/17319",
"http://secunia.com/advisories/18008",
"http://secunia.com/advisories/18333",
"http://secunia.com/advisories/18339",
"http://secunia.com/advisories/18340",
"http://secunia.com/advisories/18429",
"http://secunia.com/advisories/18517",
"http://secunia.com/advisories/18526",
"http://secunia.com/advisories/18585",
"http://secunia.com/advisories/18743",
"http://secunia.com/advisories/19012",
"http://secunia.com/advisories/20046",
"http://secunia.com/advisories/20670",
"http://secunia.com/advisories/21744",
"http://secunia.com/advisories/22140",
"http://secunia.com/advisories/22368",
"http://secunia.com/advisories/22388",
"http://secunia.com/advisories/22669",
"http://secunia.com/advisories/23260",
"http://secunia.com/advisories/25239",
"http://secunia.com/advisories/29420",
"http://secunia.com/advisories/29849",
"http://secunia.com/advisories/30430",
"http://securitytracker.com/id?1015344",
"http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.470158",
"http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.685483",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1",
"http://www-1.ibm.com/support/search.wss?rs=0&q=PK16139&apar=only",
"http://www-1.ibm.com/support/search.wss?rs=0&q=PK25355&apar=only",
"http://www.debian.org/security/2006/dsa-1167",
"http://www.gentoo.org/security/en/glsa/glsa-200602-03.xml",
"http://www.novell.com/linux/security/advisories/2006_43_apache.html",
"http://www.openpkg.org/security/OpenPKG-SA-2005.029-apache.txt",
"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html",
"http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00060.html",
"http://www.redhat.com/support/errata/RHSA-2006-0158.html",
"http://www.securityfocus.com/archive/1/425399/100/0/threaded",
"http://www.securityfocus.com/archive/1/445206/100/0/threaded",
"http://www.securityfocus.com/archive/1/445206/100/0/threaded",
"http://www.securityfocus.com/archive/1/450315/100/0/threaded",
"http://www.securityfocus.com/archive/1/450315/100/0/threaded",
"http://www.securityfocus.com/archive/1/450321/100/0/threaded",
"http://www.securityfocus.com/archive/1/450321/100/0/threaded",
"http://www.securityfocus.com/bid/15834",
"http://www.trustix.org/errata/2005/0074/",
"http://www.ubuntulinux.org/usn/usn-241-1",
"http://www.us-cert.gov/cas/techalerts/TA08-150A.html",
"http://www.vupen.com/english/advisories/2005/2870",
"http://www.vupen.com/english/advisories/2006/2423",
"http://www.vupen.com/english/advisories/2006/3995",
"http://www.vupen.com/english/advisories/2006/4015",
"http://www.vupen.com/english/advisories/2006/4300",
"http://www.vupen.com/english/advisories/2006/4868",
"http://www.vupen.com/english/advisories/2008/0924/references",
"http://www.vupen.com/english/advisories/2008/1246/references",
"http://www.vupen.com/english/advisories/2008/1697",
"http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:007",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10480"
],
"score": 4.3,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.",
"vector_string": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"weakness": "CWE-79"
},
"CVE-2005-3357": {
"id": "CVE-2005-3357",
"references": [
"ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U",
"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449",
"http://issues.apache.org/bugzilla/show_bug.cgi?id=37791",
"http://lists.apple.com/archives/security-announce/2008//May/msg00001.html",
"http://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html",
"http://marc.info/?l=bugtraq&m=130497311408250&w=2",
"http://rhn.redhat.com/errata/RHSA-2006-0159.html",
"http://secunia.com/advisories/18307",
"http://secunia.com/advisories/18333",
"http://secunia.com/advisories/18339",
"http://secunia.com/advisories/18340",
"http://secunia.com/advisories/18429",
"http://secunia.com/advisories/18517",
"http://secunia.com/advisories/18585",
"http://secunia.com/advisories/18743",
"http://secunia.com/advisories/19012",
"http://secunia.com/advisories/21848",
"http://secunia.com/advisories/22233",
"http://secunia.com/advisories/22368",
"http://secunia.com/advisories/22523",
"http://secunia.com/advisories/22669",
"http://secunia.com/advisories/22992",
"http://secunia.com/advisories/23260",
"http://secunia.com/advisories/29849",
"http://secunia.com/advisories/30430",
"http://securitytracker.com/id?1015447",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102640-1",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1",
"http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm",
"http://svn.apache.org/viewcvs?rev=358026&view=rev",
"http://www.gentoo.org/security/en/glsa/glsa-200602-03.xml",
"http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00060.html",
"http://www.securityfocus.com/archive/1/425399/100/0/threaded",
"http://www.securityfocus.com/archive/1/445206/100/0/threaded",
"http://www.securityfocus.com/archive/1/450315/100/0/threaded",
"http://www.securityfocus.com/bid/16152",
"http://www.trustix.org/errata/2005/0074/",
"http://www.ubuntulinux.org/usn/usn-241-1",
"http://www.us-cert.gov/cas/techalerts/TA08-150A.html",
"http://www.vupen.com/english/advisories/2006/0056",
"http://www.vupen.com/english/advisories/2006/3920",
"http://www.vupen.com/english/advisories/2006/3995",
"http://www.vupen.com/english/advisories/2006/4207",
"http://www.vupen.com/english/advisories/2006/4300",
"http://www.vupen.com/english/advisories/2006/4868",
"http://www.vupen.com/english/advisories/2008/1246/references",
"http://www.vupen.com/english/advisories/2008/1697",
"http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.opensuse.org/opensuse-security-announce/2006-09/msg00016.html",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11467"
],
"score": 5.4,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service (application crash) via a non-SSL request to an SSL port, which triggers a NULL pointer dereference.",
"vector_string": "AV:N/AC:H/Au:N/C:N/I:N/A:C",
"weakness": "CWE-399"
},
"CVE-2006-20001": {
"id": "CVE-2006-20001",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.gentoo.org/glsa/202309-01",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.gentoo.org/glsa/202309-01",
"https://security.netapp.com/advisory/ntap-20230316-0005/"
],
"score": 7.5,
"services": [
"631/http"
],
"severity": "high",
"summary": "A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the header value sent. This could cause the process to crash.\n\nThis issue affects Apache HTTP Server 2.4.54 and earlier.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-787"
},
"CVE-2006-3747": {
"id": "CVE-2006-3747",
"references": [
"http://docs.info.apple.com/article.html?artnum=307562",
"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771",
"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449",
"http://kbase.redhat.com/faq/FAQ_68_8653.shtm",
"http://lists.apple.com/archives/security-announce/2008//May/msg00001.html",
"http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html",
"http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048267.html",
"http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048271.html",
"http://lwn.net/Alerts/194228/",
"http://marc.info/?l=bugtraq&m=130497311408250&w=2",
"http://secunia.com/advisories/21197",
"http://secunia.com/advisories/21241",
"http://secunia.com/advisories/21245",
"http://secunia.com/advisories/21247",
"http://secunia.com/advisories/21266",
"http://secunia.com/advisories/21273",
"http://secunia.com/advisories/21284",
"http://secunia.com/advisories/21307",
"http://secunia.com/advisories/21313",
"http://secunia.com/advisories/21315",
"http://secunia.com/advisories/21346",
"http://secunia.com/advisories/21478",
"http://secunia.com/advisories/21509",
"http://secunia.com/advisories/22262",
"http://secunia.com/advisories/22368",
"http://secunia.com/advisories/22388",
"http://secunia.com/advisories/22523",
"http://secunia.com/advisories/23028",
"http://secunia.com/advisories/23260",
"http://secunia.com/advisories/26329",
"http://secunia.com/advisories/29420",
"http://secunia.com/advisories/29849",
"http://secunia.com/advisories/30430",
"http://security.gentoo.org/glsa/glsa-200608-01.xml",
"http://securityreason.com/securityalert/1312",
"http://securitytracker.com/id?1016601",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1",
"http://svn.apache.org/viewvc?view=rev&revision=426144",
"http://www-1.ibm.com/support/docview.wss?uid=swg1PK29154",
"http://www-1.ibm.com/support/docview.wss?uid=swg1PK29156",
"http://www-1.ibm.com/support/docview.wss?uid=swg24013080",
"http://www-1.ibm.com/support/docview.wss?uid=swg27007951",
"http://www.apache.org/dist/httpd/Announcement2.0.html",
"http://www.debian.org/security/2006/dsa-1131",
"http://www.debian.org/security/2006/dsa-1132",
"http://www.kb.cert.org/vuls/id/395412",
"http://www.mandriva.com/security/advisories?name=MDKSA-2006:133",
"http://www.novell.com/linux/security/advisories/2006_43_apache.html",
"http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.015-apache.html",
"http://www.osvdb.org/27588",
"http://www.securityfocus.com/archive/1/441485/100/0/threaded",
"http://www.securityfocus.com/archive/1/441487/100/0/threaded",
"http://www.securityfocus.com/archive/1/441526/100/200/threaded",
"http://www.securityfocus.com/archive/1/443870/100/0/threaded",
"http://www.securityfocus.com/archive/1/445206/100/0/threaded",
"http://www.securityfocus.com/archive/1/450321/100/0/threaded",
"http://www.securityfocus.com/bid/19204",
"http://www.ubuntu.com/usn/usn-328-1",
"http://www.us-cert.gov/cas/techalerts/TA08-150A.html",
"http://www.vupen.com/english/advisories/2006/3017",
"http://www.vupen.com/english/advisories/2006/3264",
"http://www.vupen.com/english/advisories/2006/3282",
"http://www.vupen.com/english/advisories/2006/3884",
"http://www.vupen.com/english/advisories/2006/3995",
"http://www.vupen.com/english/advisories/2006/4015",
"http://www.vupen.com/english/advisories/2006/4207",
"http://www.vupen.com/english/advisories/2006/4300",
"http://www.vupen.com/english/advisories/2006/4868",
"http://www.vupen.com/english/advisories/2007/2783",
"http://www.vupen.com/english/advisories/2008/0924/references",
"http://www.vupen.com/english/advisories/2008/1246/references",
"http://www.vupen.com/english/advisories/2008/1697",
"http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/28063",
"https://issues.rpath.com/browse/RPL-538",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
],
"score": 7.6,
"services": [
"631/http"
],
"severity": "high",
"summary": "Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules.",
"vector_string": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"weakness": "CWE-189"
},
"CVE-2006-4154": {
"id": "CVE-2006-4154",
"references": [
"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=421",
"http://secunia.com/advisories/22458",
"http://secunia.com/advisories/22549",
"http://security.gentoo.org/glsa/glsa-200610-12.xml",
"http://securitytracker.com/id?1017062",
"http://www.kb.cert.org/vuls/id/366020",
"http://www.osvdb.org/29536",
"http://www.securityfocus.com/bid/20527",
"http://www.vupen.com/english/advisories/2006/4033",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/29550"
],
"score": 6.8,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "Format string vulnerability in the mod_tcl module 1.0 for Apache 2.x allows context-dependent attackers to execute arbitrary code via format string specifiers that are not properly handled in a set_var function call in (1) tcl_cmds.c and (2) tcl_core.c.",
"vector_string": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"weakness": "NVD-CWE-Other"
},
"CVE-2006-5752": {
"id": "CVE-2006-5752",
"references": [
"http://bugs.gentoo.org/show_bug.cgi?id=186219",
"http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245112",
"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795",
"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795",
"http://httpd.apache.org/security/vulnerabilities_13.html",
"http://httpd.apache.org/security/vulnerabilities_20.html",
"http://httpd.apache.org/security/vulnerabilities_22.html",
"http://lists.vmware.com/pipermail/security-announce/2009/000062.html",
"http://osvdb.org/37052",
"http://rhn.redhat.com/errata/RHSA-2007-0534.html",
"http://rhn.redhat.com/errata/RHSA-2007-0556.html",
"http://secunia.com/advisories/25827",
"http://secunia.com/advisories/25830",
"http://secunia.com/advisories/25873",
"http://secunia.com/advisories/25920",
"http://secunia.com/advisories/26273",
"http://secunia.com/advisories/26443",
"http://secunia.com/advisories/26458",
"http://secunia.com/advisories/26508",
"http://secunia.com/advisories/26822",
"http://secunia.com/advisories/26842",
"http://secunia.com/advisories/26993",
"http://secunia.com/advisories/27037",
"http://secunia.com/advisories/27563",
"http://secunia.com/advisories/27732",
"http://secunia.com/advisories/28212",
"http://secunia.com/advisories/28224",
"http://secunia.com/advisories/28606",
"http://security.gentoo.org/glsa/glsa-200711-06.xml",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-103179-1",
"http://sunsolve.sun.com/search/document.do?assetkey=1-66-200032-1",
"http://support.avaya.com/elmodocs2/security/ASA-2007-353.htm",
"http://svn.apache.org/viewvc?view=rev&revision=549159",
"http://www-1.ibm.com/support/docview.wss?uid=swg1PK52702",
"http://www-1.ibm.com/support/search.wss?rs=0&q=PK49295&apar=only",
"http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html",
"http://www.mandriva.com/security/advisories?name=MDKSA-2007:140",
"http://www.mandriva.com/security/advisories?name=MDKSA-2007:141",
"http://www.mandriva.com/security/advisories?name=MDKSA-2007:142",
"http://www.novell.com/linux/security/advisories/2007_61_apache2.html",
"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html",
"http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html",
"http://www.redhat.com/support/errata/RHSA-2007-0532.html",
"http://www.redhat.com/support/errata/RHSA-2007-0557.html",
"http://www.redhat.com/support/errata/RHSA-2008-0261.html",
"http://www.securityfocus.com/archive/1/505990/100/0/threaded",
"http://www.securityfocus.com/bid/24645",
"http://www.securitytracker.com/id?1018302",
"http://www.trustix.org/errata/2007/0026/",
"http://www.ubuntu.com/usn/usn-499-1",
"http://www.vupen.com/english/advisories/2007/2727",
"http://www.vupen.com/english/advisories/2007/3283",
"http://www.vupen.com/english/advisories/2007/3386",
"http://www.vupen.com/english/advisories/2007/4305",
"http://www.vupen.com/english/advisories/2008/0233",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/35097",
"https://issues.rpath.com/browse/RPL-1500",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10154",
"https://rhn.redhat.com/errata/RHSA-2007-0533.html",
"http://bugs.gentoo.org/show_bug.cgi?id=186219",
"http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245112",
"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795",
"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795",
"http://httpd.apache.org/security/vulnerabilities_13.html",
"http://httpd.apache.org/security/vulnerabilities_20.html",
"http://httpd.apache.org/security/vulnerabilities_22.html",
"http://lists.vmware.com/pipermail/security-announce/2009/000062.html",
"http://osvdb.org/37052",
"http://rhn.redhat.com/errata/RHSA-2007-0534.html",
"http://rhn.redhat.com/errata/RHSA-2007-0556.html",
"http://secunia.com/advisories/25827",
"http://secunia.com/advisories/25830",
"http://secunia.com/advisories/25873",
"http://secunia.com/advisories/25920",
"http://secunia.com/advisories/26273",
"http://secunia.com/advisories/26443",
"http://secunia.com/advisories/26458",
"http://secunia.com/advisories/26508",
"http://secunia.com/advisories/26822",
"http://secunia.com/advisories/26842",
"http://secunia.com/advisories/26993",
"http://secunia.com/advisories/27037",
"http://secunia.com/advisories/27563",
"http://secunia.com/advisories/27732",
"http://secunia.com/advisories/28212",
"http://secunia.com/advisories/28224",
"http://secunia.com/advisories/28606",
"http://security.gentoo.org/glsa/glsa-200711-06.xml",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-103179-1",
"http://sunsolve.sun.com/search/document.do?assetkey=1-66-200032-1",
"http://support.avaya.com/elmodocs2/security/ASA-2007-353.htm",
"http://svn.apache.org/viewvc?view=rev&revision=549159",
"http://www-1.ibm.com/support/docview.wss?uid=swg1PK52702",
"http://www-1.ibm.com/support/search.wss?rs=0&q=PK49295&apar=only",
"http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html",
"http://www.mandriva.com/security/advisories?name=MDKSA-2007:140",
"http://www.mandriva.com/security/advisories?name=MDKSA-2007:141",
"http://www.mandriva.com/security/advisories?name=MDKSA-2007:142",
"http://www.novell.com/linux/security/advisories/2007_61_apache2.html",
"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html",
"http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html",
"http://www.redhat.com/support/errata/RHSA-2007-0532.html",
"http://www.redhat.com/support/errata/RHSA-2007-0557.html",
"http://www.redhat.com/support/errata/RHSA-2008-0261.html",
"http://www.securityfocus.com/archive/1/505990/100/0/threaded",
"http://www.securityfocus.com/bid/24645",
"http://www.securitytracker.com/id?1018302",
"http://www.trustix.org/errata/2007/0026/",
"http://www.ubuntu.com/usn/usn-499-1",
"http://www.vupen.com/english/advisories/2007/2727",
"http://www.vupen.com/english/advisories/2007/3283",
"http://www.vupen.com/english/advisories/2007/3386",
"http://www.vupen.com/english/advisories/2007/4305",
"http://www.vupen.com/english/advisories/2008/0233",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/35097",
"https://issues.rpath.com/browse/RPL-1500",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10154",
"https://rhn.redhat.com/errata/RHSA-2007-0533.html"
],
"score": 4.3,
"services": [
"631/http"
],
"severity": "medium",
"summary": "Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browsers that perform \"charset detection\" when the content-type is not specified.",
"vector_string": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"weakness": "NVD-CWE-Other"
},
"CVE-2007-1863": {
"id": "CVE-2007-1863",
"references": [
"http://bugs.gentoo.org/show_bug.cgi?id=186219",
"http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=244658",
"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795",
"http://httpd.apache.org/security/vulnerabilities_20.html",
"http://httpd.apache.org/security/vulnerabilities_22.html",
"http://lists.apple.com/archives/security-announce/2008//May/msg00001.html",
"http://lists.vmware.com/pipermail/security-announce/2009/000062.html",
"http://osvdb.org/37079",
"http://rhn.redhat.com/errata/RHSA-2007-0534.html",
"http://rhn.redhat.com/errata/RHSA-2007-0556.html",
"http://secunia.com/advisories/25830",
"http://secunia.com/advisories/25873",
"http://secunia.com/advisories/25920",
"http://secunia.com/advisories/26273",
"http://secunia.com/advisories/26443",
"http://secunia.com/advisories/26508",
"http://secunia.com/advisories/26822",
"http://secunia.com/advisories/26842",
"http://secunia.com/advisories/26993",
"http://secunia.com/advisories/27037",
"http://secunia.com/advisories/27563",
"http://secunia.com/advisories/27732",
"http://secunia.com/advisories/28606",
"http://secunia.com/advisories/30430",
"http://security.gentoo.org/glsa/glsa-200711-06.xml",
"http://support.avaya.com/elmodocs2/security/ASA-2007-353.htm",
"http://svn.apache.org/viewvc?view=rev&revision=535617",
"http://www-1.ibm.com/support/docview.wss?uid=swg1PK49355",
"http://www-1.ibm.com/support/docview.wss?uid=swg1PK52702",
"http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html",
"http://www.mandriva.com/security/advisories?name=MDKSA-2007:140",
"http://www.mandriva.com/security/advisories?name=MDKSA-2007:141",
"http://www.novell.com/linux/security/advisories/2007_61_apache2.html",
"http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html",
"http://www.redhat.com/support/errata/RHSA-2007-0557.html",
"http://www.securityfocus.com/archive/1/505990/100/0/threaded",
"http://www.securityfocus.com/bid/24649",
"http://www.securitytracker.com/id?1018303",
"http://www.trustix.org/errata/2007/0026/",
"http://www.ubuntu.com/usn/usn-499-1",
"http://www.us-cert.gov/cas/techalerts/TA08-150A.html",
"http://www.vupen.com/english/advisories/2007/2727",
"http://www.vupen.com/english/advisories/2007/3283",
"http://www.vupen.com/english/advisories/2007/3386",
"http://www.vupen.com/english/advisories/2008/0233",
"http://www.vupen.com/english/advisories/2008/1697",
"https://issues.rpath.com/browse/RPL-1500",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9824",
"https://rhn.redhat.com/errata/RHSA-2007-0533.html"
],
"score": 5,
"services": [
"631/http"
],
"severity": "medium",
"summary": "cache_util.c in the mod_cache module in Apache HTTP Server (httpd), when caching is enabled and a threaded Multi-Processing Module (MPM) is used, allows remote attackers to cause a denial of service (child processing handler crash) via a request with the (1) s-maxage, (2) max-age, (3) min-fresh, or (4) max-stale Cache-Control headers without a value.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "NVD-CWE-Other"
},
"CVE-2007-3205": {
"id": "CVE-2007-3205",
"references": [
"http://osvdb.org/39834",
"http://securityreason.com/securityalert/2800",
"http://www.acid-root.new.fr/advisories/14070612.txt",
"http://www.securityfocus.com/archive/1/471178/100/0/threaded",
"http://www.securityfocus.com/archive/1/471204/100/0/threaded",
"http://www.securityfocus.com/archive/1/471275/100/0/threaded",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/34836",
"http://osvdb.org/39834",
"http://securityreason.com/securityalert/2800",
"http://www.acid-root.new.fr/advisories/14070612.txt",
"http://www.securityfocus.com/archive/1/471178/100/0/threaded",
"http://www.securityfocus.com/archive/1/471204/100/0/threaded",
"http://www.securityfocus.com/archive/1/471275/100/0/threaded",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/34836"
],
"score": 5,
"services": [
"2181/http"
],
"severity": "medium",
"summary": "The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"weakness": "NVD-CWE-Other"
},
"CVE-2007-3304": {
"id": "CVE-2007-3304",
"references": [
"ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc",
"http://bugs.gentoo.org/show_bug.cgi?id=186219",
"http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245111",
"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01182588",
"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01182588",
"http://httpd.apache.org/security/vulnerabilities_13.html",
"http://httpd.apache.org/security/vulnerabilities_20.html",
"http://httpd.apache.org/security/vulnerabilities_22.html",
"http://lists.vmware.com/pipermail/security-announce/2009/000062.html",
"http://mail-archives.apache.org/mod_mbox/httpd-dev/200706.mbox/%3c20070629141032.GA15192%40redhat.com%3e",
"http://marc.info/?l=apache-httpd-dev&m=118252946632447&w=2",
"http://osvdb.org/38939",
"http://rhn.redhat.com/errata/RHSA-2007-0556.html",
"http://secunia.com/advisories/25827",
"http://secunia.com/advisories/25830",
"http://secunia.com/advisories/25920",
"http://secunia.com/advisories/26211",
"http://secunia.com/advisories/26273",
"http://secunia.com/advisories/26443",
"http://secunia.com/advisories/26508",
"http://secunia.com/advisories/26611",
"http://secunia.com/advisories/26759",
"http://secunia.com/advisories/26790",
"http://secunia.com/advisories/26822",
"http://secunia.com/advisories/26842",
"http://secunia.com/advisories/26993",
"http://secunia.com/advisories/27121",
"http://secunia.com/advisories/27209",
"http://secunia.com/advisories/27563",
"http://secunia.com/advisories/27732",
"http://secunia.com/advisories/28212",
"http://secunia.com/advisories/28224",
"http://secunia.com/advisories/28606",
"http://security.gentoo.org/glsa/glsa-200711-06.xml",
"http://security.psnc.pl/files/apache_report.pdf",
"http://securityreason.com/securityalert/2814",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-103179-1",
"http://sunsolve.sun.com/search/document.do?assetkey=1-66-200032-1",
"http://support.avaya.com/elmodocs2/security/ASA-2007-353.htm",
"http://support.avaya.com/elmodocs2/security/ASA-2007-363.htm",
"http://svn.apache.org/viewvc?view=rev&revision=547987",
"http://www-1.ibm.com/support/docview.wss?uid=swg1PK52702",
"http://www-1.ibm.com/support/docview.wss?uid=swg1PK53984",
"http://www-1.ibm.com/support/search.wss?rs=0&q=PK50467&apar=only",
"http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html",
"http://www.mandriva.com/security/advisories?name=MDKSA-2007:140",
"http://www.mandriva.com/security/advisories?name=MDKSA-2007:142",
"http://www.novell.com/linux/security/advisories/2007_61_apache2.html",
"http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html",
"http://www.redhat.com/errata/RHSA-2007-0532.html",
"http://www.redhat.com/support/errata/RHSA-2007-0557.html",
"http://www.redhat.com/support/errata/RHSA-2007-0662.html",
"http://www.redhat.com/support/errata/RHSA-2008-0261.html",
"http://www.securityfocus.com/archive/1/469899/100/0/threaded",
"http://www.securityfocus.com/archive/1/471832/100/0/threaded",
"http://www.securityfocus.com/archive/1/505990/100/0/threaded",
"http://www.securityfocus.com/bid/24215",
"http://www.securitytracker.com/id?1018304",
"http://www.trustix.org/errata/2007/0026/",
"http://www.ubuntu.com/usn/usn-499-1",
"http://www.vupen.com/english/advisories/2007/2727",
"http://www.vupen.com/english/advisories/2007/3100",
"http://www.vupen.com/english/advisories/2007/3283",
"http://www.vupen.com/english/advisories/2007/3420",
"http://www.vupen.com/english/advisories/2007/3494",
"http://www.vupen.com/english/advisories/2007/4305",
"http://www.vupen.com/english/advisories/2008/0233",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/35095",
"https://issues.rpath.com/browse/RPL-1710",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11589",
"ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc",
"http://bugs.gentoo.org/show_bug.cgi?id=186219",
"http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245111",
"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01182588",
"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01182588",
"http://httpd.apache.org/security/vulnerabilities_13.html",
"http://httpd.apache.org/security/vulnerabilities_20.html",
"http://httpd.apache.org/security/vulnerabilities_22.html",
"http://lists.vmware.com/pipermail/security-announce/2009/000062.html",
"http://mail-archives.apache.org/mod_mbox/httpd-dev/200706.mbox/%3c20070629141032.GA15192%40redhat.com%3e",
"http://marc.info/?l=apache-httpd-dev&m=118252946632447&w=2",
"http://osvdb.org/38939",
"http://rhn.redhat.com/errata/RHSA-2007-0556.html",
"http://secunia.com/advisories/25827",
"http://secunia.com/advisories/25830",
"http://secunia.com/advisories/25920",
"http://secunia.com/advisories/26211",
"http://secunia.com/advisories/26273",
"http://secunia.com/advisories/26443",
"http://secunia.com/advisories/26508",
"http://secunia.com/advisories/26611",
"http://secunia.com/advisories/26759",
"http://secunia.com/advisories/26790",
"http://secunia.com/advisories/26822",
"http://secunia.com/advisories/26842",
"http://secunia.com/advisories/26993",
"http://secunia.com/advisories/27121",
"http://secunia.com/advisories/27209",
"http://secunia.com/advisories/27563",
"http://secunia.com/advisories/27732",
"http://secunia.com/advisories/28212",
"http://secunia.com/advisories/28224",
"http://secunia.com/advisories/28606",
"http://security.gentoo.org/glsa/glsa-200711-06.xml",
"http://security.psnc.pl/files/apache_report.pdf",
"http://securityreason.com/securityalert/2814",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-103179-1",
"http://sunsolve.sun.com/search/document.do?assetkey=1-66-200032-1",
"http://support.avaya.com/elmodocs2/security/ASA-2007-353.htm",
"http://support.avaya.com/elmodocs2/security/ASA-2007-363.htm",
"http://svn.apache.org/viewvc?view=rev&revision=547987",
"http://www-1.ibm.com/support/docview.wss?uid=swg1PK52702",
"http://www-1.ibm.com/support/docview.wss?uid=swg1PK53984",
"http://www-1.ibm.com/support/search.wss?rs=0&q=PK50467&apar=only",
"http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html",
"http://www.mandriva.com/security/advisories?name=MDKSA-2007:140",
"http://www.mandriva.com/security/advisories?name=MDKSA-2007:142",
"http://www.novell.com/linux/security/advisories/2007_61_apache2.html",
"http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html",
"http://www.redhat.com/errata/RHSA-2007-0532.html",
"http://www.redhat.com/support/errata/RHSA-2007-0557.html",
"http://www.redhat.com/support/errata/RHSA-2007-0662.html",
"http://www.redhat.com/support/errata/RHSA-2008-0261.html",
"http://www.securityfocus.com/archive/1/469899/100/0/threaded",
"http://www.securityfocus.com/archive/1/471832/100/0/threaded",
"http://www.securityfocus.com/archive/1/505990/100/0/threaded",
"http://www.securityfocus.com/bid/24215",
"http://www.securitytracker.com/id?1018304",
"http://www.trustix.org/errata/2007/0026/",
"http://www.ubuntu.com/usn/usn-499-1",
"http://www.vupen.com/english/advisories/2007/2727",
"http://www.vupen.com/english/advisories/2007/3100",
"http://www.vupen.com/english/advisories/2007/3283",
"http://www.vupen.com/english/advisories/2007/3420",
"http://www.vupen.com/english/advisories/2007/3494",
"http://www.vupen.com/english/advisories/2007/4305",
"http://www.vupen.com/english/advisories/2008/0233",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/35095",
"https://issues.rpath.com/browse/RPL-1710",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11589"
],
"score": 4.7,
"services": [
"631/http"
],
"severity": "medium",
"summary": "Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka \"SIGUSR1 killer.\"",
"vector_string": "AV:L/AC:M/Au:N/C:N/I:N/A:C",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2007-3847": {
"id": "CVE-2007-3847",
"references": [
"http://bugs.gentoo.org/show_bug.cgi?id=186219",
"http://docs.info.apple.com/article.html?artnum=307562",
"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01182588",
"http://httpd.apache.org/security/vulnerabilities_20.html",
"http://httpd.apache.org/security/vulnerabilities_22.html",
"http://lists.apple.com/archives/security-announce/2008//May/msg00001.html",
"http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html",
"http://lists.vmware.com/pipermail/security-announce/2009/000062.html",
"http://marc.info/?l=apache-cvs&m=118592992309395&w=2",
"http://marc.info/?l=apache-httpd-dev&m=118595556504202&w=2",
"http://marc.info/?l=apache-httpd-dev&m=118595953217856&w=2",
"http://secunia.com/advisories/26636",
"http://secunia.com/advisories/26722",
"http://secunia.com/advisories/26790",
"http://secunia.com/advisories/26842",
"http://secunia.com/advisories/26952",
"http://secunia.com/advisories/26993",
"http://secunia.com/advisories/27209",
"http://secunia.com/advisories/27563",
"http://secunia.com/advisories/27593",
"http://secunia.com/advisories/27732",
"http://secunia.com/advisories/27882",
"http://secunia.com/advisories/27971",
"http://secunia.com/advisories/28467",
"http://secunia.com/advisories/28606",
"http://secunia.com/advisories/28749",
"http://secunia.com/advisories/28922",
"http://secunia.com/advisories/29420",
"http://secunia.com/advisories/30430",
"http://security.gentoo.org/glsa/glsa-200711-06.xml",
"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.595748",
"http://support.avaya.com/elmodocs2/security/ASA-2007-500.htm",
"http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27007951",
"http://www-1.ibm.com/support/docview.wss?uid=swg1PK50469",
"http://www-1.ibm.com/support/docview.wss?uid=swg1PK52702",
"http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html",
"http://www.mandriva.com/security/advisories?name=MDKSA-2007:235",
"http://www.novell.com/linux/security/advisories/2007_61_apache2.html",
"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html",
"http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html",
"http://www.redhat.com/support/errata/RHSA-2007-0746.html",
"http://www.redhat.com/support/errata/RHSA-2007-0747.html",
"http://www.redhat.com/support/errata/RHSA-2007-0911.html",
"http://www.redhat.com/support/errata/RHSA-2008-0005.html",
"http://www.securityfocus.com/archive/1/505990/100/0/threaded",
"http://www.securityfocus.com/bid/25489",
"http://www.securitytracker.com/id?1018633",
"http://www.ubuntu.com/usn/usn-575-1",
"http://www.us-cert.gov/cas/techalerts/TA08-150A.html",
"http://www.vupen.com/english/advisories/2007/3020",
"http://www.vupen.com/english/advisories/2007/3095",
"http://www.vupen.com/english/advisories/2007/3283",
"http://www.vupen.com/english/advisories/2007/3494",
"http://www.vupen.com/english/advisories/2007/3955",
"http://www.vupen.com/english/advisories/2008/0233",
"http://www.vupen.com/english/advisories/2008/0924/references",
"http://www.vupen.com/english/advisories/2008/1697",
"https://issues.rpath.com/browse/RPL-1710",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10525",
"https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00353.html"
],
"score": 5,
"services": [
"631/http"
],
"severity": "medium",
"summary": "The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "CWE-125"
},
"CVE-2007-4465": {
"id": "CVE-2007-4465",
"references": [
"http://bugs.gentoo.org/show_bug.cgi?id=186219",
"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01539432",
"http://lists.apple.com/archives/security-announce/2008//May/msg00001.html",
"http://marc.info/?l=bugtraq&m=124654546101607&w=2",
"http://marc.info/?l=bugtraq&m=125631037611762&w=2",
"http://secunia.com/advisories/26842",
"http://secunia.com/advisories/26952",
"http://secunia.com/advisories/27563",
"http://secunia.com/advisories/27732",
"http://secunia.com/advisories/28467",
"http://secunia.com/advisories/28471",
"http://secunia.com/advisories/28607",
"http://secunia.com/advisories/28749",
"http://secunia.com/advisories/30430",
"http://secunia.com/advisories/31651",
"http://secunia.com/advisories/33105",
"http://secunia.com/advisories/35650",
"http://security.gentoo.org/glsa/glsa-200711-06.xml",
"http://securityreason.com/achievement_securityalert/46",
"http://securityreason.com/securityalert/3113",
"http://securitytracker.com/id?1019194",
"http://support.avaya.com/elmodocs2/security/ASA-2008-032.htm",
"http://www.apache.org/dist/httpd/CHANGES_2.2.6",
"http://www.fujitsu.com/global/support/software/security/products-f/interstage-200807e.html",
"http://www.mandriva.com/security/advisories?name=MDVSA-2008:014",
"http://www.novell.com/linux/security/advisories/2007_61_apache2.html",
"http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html",
"http://www.redhat.com/support/errata/RHSA-2007-0911.html",
"http://www.redhat.com/support/errata/RHSA-2008-0004.html",
"http://www.redhat.com/support/errata/RHSA-2008-0005.html",
"http://www.redhat.com/support/errata/RHSA-2008-0006.html",
"http://www.redhat.com/support/errata/RHSA-2008-0008.html",
"http://www.redhat.com/support/errata/RHSA-2008-0261.html",
"http://www.securityfocus.com/archive/1/479237/100/0/threaded",
"http://www.securityfocus.com/bid/25653",
"http://www.ubuntu.com/usn/usn-575-1",
"http://www.us-cert.gov/cas/techalerts/TA08-150A.html",
"http://www.vupen.com/english/advisories/2008/1697",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/36586",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10929",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6089",
"https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00353.html"
],
"score": 4.3,
"services": [
"631/http"
],
"severity": "medium",
"summary": "Cross-site scripting (XSS) vulnerability in mod_autoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that this issue is due to a design limitation of browsers that attempt to perform automatic content type detection.",
"vector_string": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"weakness": "CWE-79"
},
"CVE-2007-4559": {
"id": "CVE-2007-4559",
"references": [
"http://mail.python.org/pipermail/python-dev/2007-August/074290.html",
"http://mail.python.org/pipermail/python-dev/2007-August/074292.html",
"http://secunia.com/advisories/26623",
"http://www.vupen.com/english/advisories/2007/3022",
"https://bugzilla.redhat.com/show_bug.cgi?id=263261",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CVBB7NU3YIRRDOKLYVN647WPRR3IAKR6/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FI55PGL47ES3OU2FQPGEHOI2EK3S2OBH/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KA4Z44ZAI4SY7THCFBUDNT5EEFO4XQ3A/",
"https://security.gentoo.org/glsa/202309-06",
"http://mail.python.org/pipermail/python-dev/2007-August/074290.html",
"http://mail.python.org/pipermail/python-dev/2007-August/074292.html",
"http://secunia.com/advisories/26623",
"http://www.vupen.com/english/advisories/2007/3022",
"https://bugzilla.redhat.com/show_bug.cgi?id=263261",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CVBB7NU3YIRRDOKLYVN647WPRR3IAKR6/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FI55PGL47ES3OU2FQPGEHOI2EK3S2OBH/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KA4Z44ZAI4SY7THCFBUDNT5EEFO4XQ3A/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/CVBB7NU3YIRRDOKLYVN647WPRR3IAKR6/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/FI55PGL47ES3OU2FQPGEHOI2EK3S2OBH/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/KA4Z44ZAI4SY7THCFBUDNT5EEFO4XQ3A/",
"https://security.gentoo.org/glsa/202309-06"
],
"score": 9.8,
"services": [
"27018/http"
],
"severity": "critical",
"summary": "Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-22"
},
"CVE-2007-5000": {
"id": "CVE-2007-5000",
"references": [
"http://docs.info.apple.com/article.html?artnum=307562",
"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01345501",
"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01345501",
"http://httpd.apache.org/security/vulnerabilities_13.html",
"http://httpd.apache.org/security/vulnerabilities_20.html",
"http://httpd.apache.org/security/vulnerabilities_22.html",
"http://lists.apple.com/archives/security-announce/2008//May/msg00001.html",
"http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html",
"http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html",
"http://lists.vmware.com/pipermail/security-announce/2009/000062.html",
"http://marc.info/?l=bugtraq&m=130497311408250&w=2",
"http://marc.info/?l=bugtraq&m=130497311408250&w=2",
"http://secunia.com/advisories/28046",
"http://secunia.com/advisories/28073",
"http://secunia.com/advisories/28081",
"http://secunia.com/advisories/28196",
"http://secunia.com/advisories/28375",
"http://secunia.com/advisories/28467",
"http://secunia.com/advisories/28471",
"http://secunia.com/advisories/28525",
"http://secunia.com/advisories/28526",
"http://secunia.com/advisories/28607",
"http://secunia.com/advisories/28749",
"http://secunia.com/advisories/28750",
"http://secunia.com/advisories/28922",
"http://secunia.com/advisories/28977",
"http://secunia.com/advisories/29420",
"http://secunia.com/advisories/29640",
"http://secunia.com/advisories/29806",
"http://secunia.com/advisories/29988",
"http://secunia.com/advisories/30356",
"http://secunia.com/advisories/30430",
"http://secunia.com/advisories/30732",
"http://secunia.com/advisories/31142",
"http://secunia.com/advisories/32800",
"http://securitytracker.com/id?1019093",
"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.595748",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-233623-1",
"http://support.avaya.com/elmodocs2/security/ASA-2008-032.htm",
"http://www-1.ibm.com/support/docview.wss?uid=swg1PK58024",
"http://www-1.ibm.com/support/docview.wss?uid=swg1PK58074",
"http://www-1.ibm.com/support/docview.wss?uid=swg1PK63273",
"http://www-1.ibm.com/support/docview.wss?uid=swg24019245",
"http://www.fujitsu.com/global/support/software/security/products-f/interstage-200801e.html",
"http://www.mandriva.com/security/advisories?name=MDVSA-2008:014",
"http://www.mandriva.com/security/advisories?name=MDVSA-2008:015",
"http://www.mandriva.com/security/advisories?name=MDVSA-2008:016",
"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html",
"http://www.osvdb.org/39134",
"http://www.redhat.com/support/errata/RHSA-2008-0004.html",
"http://www.redhat.com/support/errata/RHSA-2008-0005.html",
"http://www.redhat.com/support/errata/RHSA-2008-0006.html",
"http://www.redhat.com/support/errata/RHSA-2008-0007.html",
"http://www.redhat.com/support/errata/RHSA-2008-0008.html",
"http://www.redhat.com/support/errata/RHSA-2008-0009.html",
"http://www.redhat.com/support/errata/RHSA-2008-0261.html",
"http://www.securityfocus.com/archive/1/494428/100/0/threaded",
"http://www.securityfocus.com/archive/1/498523/100/0/threaded",
"http://www.securityfocus.com/archive/1/498523/100/0/threaded",
"http://www.securityfocus.com/archive/1/505990/100/0/threaded",
"http://www.securityfocus.com/bid/26838",
"http://www.ubuntu.com/usn/usn-575-1",
"http://www.us-cert.gov/cas/techalerts/TA08-150A.html",
"http://www.vupen.com/english/advisories/2007/4201",
"http://www.vupen.com/english/advisories/2007/4202",
"http://www.vupen.com/english/advisories/2007/4301",
"http://www.vupen.com/english/advisories/2008/0084",
"http://www.vupen.com/english/advisories/2008/0178",
"http://www.vupen.com/english/advisories/2008/0398",
"http://www.vupen.com/english/advisories/2008/0809/references",
"http://www.vupen.com/english/advisories/2008/0924/references",
"http://www.vupen.com/english/advisories/2008/1224/references",
"http://www.vupen.com/english/advisories/2008/1623/references",
"http://www.vupen.com/english/advisories/2008/1697",
"http://www.vupen.com/english/advisories/2008/1875/references",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/39001",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/39002",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9539",
"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00541.html",
"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00562.html",
"http://docs.info.apple.com/article.html?artnum=307562",
"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01345501",
"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01345501",
"http://httpd.apache.org/security/vulnerabilities_13.html",
"http://httpd.apache.org/security/vulnerabilities_20.html",
"http://httpd.apache.org/security/vulnerabilities_22.html",
"http://lists.apple.com/archives/security-announce/2008//May/msg00001.html",
"http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html",
"http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html",
"http://lists.vmware.com/pipermail/security-announce/2009/000062.html",
"http://marc.info/?l=bugtraq&m=130497311408250&w=2",
"http://marc.info/?l=bugtraq&m=130497311408250&w=2",
"http://secunia.com/advisories/28046",
"http://secunia.com/advisories/28073",
"http://secunia.com/advisories/28081",
"http://secunia.com/advisories/28196",
"http://secunia.com/advisories/28375",
"http://secunia.com/advisories/28467",
"http://secunia.com/advisories/28471",
"http://secunia.com/advisories/28525",
"http://secunia.com/advisories/28526",
"http://secunia.com/advisories/28607",
"http://secunia.com/advisories/28749",
"http://secunia.com/advisories/28750",
"http://secunia.com/advisories/28922",
"http://secunia.com/advisories/28977",
"http://secunia.com/advisories/29420",
"http://secunia.com/advisories/29640",
"http://secunia.com/advisories/29806",
"http://secunia.com/advisories/29988",
"http://secunia.com/advisories/30356",
"http://secunia.com/advisories/30430",
"http://secunia.com/advisories/30732",
"http://secunia.com/advisories/31142",
"http://secunia.com/advisories/32800",
"http://securitytracker.com/id?1019093",
"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.595748",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-233623-1",
"http://support.avaya.com/elmodocs2/security/ASA-2008-032.htm",
"http://www-1.ibm.com/support/docview.wss?uid=swg1PK58024",
"http://www-1.ibm.com/support/docview.wss?uid=swg1PK58074",
"http://www-1.ibm.com/support/docview.wss?uid=swg1PK63273",
"http://www-1.ibm.com/support/docview.wss?uid=swg24019245",
"http://www.fujitsu.com/global/support/software/security/products-f/interstage-200801e.html",
"http://www.mandriva.com/security/advisories?name=MDVSA-2008:014",
"http://www.mandriva.com/security/advisories?name=MDVSA-2008:015",
"http://www.mandriva.com/security/advisories?name=MDVSA-2008:016",
"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html",
"http://www.osvdb.org/39134",
"http://www.redhat.com/support/errata/RHSA-2008-0004.html",
"http://www.redhat.com/support/errata/RHSA-2008-0005.html",
"http://www.redhat.com/support/errata/RHSA-2008-0006.html",
"http://www.redhat.com/support/errata/RHSA-2008-0007.html",
"http://www.redhat.com/support/errata/RHSA-2008-0008.html",
"http://www.redhat.com/support/errata/RHSA-2008-0009.html",
"http://www.redhat.com/support/errata/RHSA-2008-0261.html",
"http://www.securityfocus.com/archive/1/494428/100/0/threaded",
"http://www.securityfocus.com/archive/1/498523/100/0/threaded",
"http://www.securityfocus.com/archive/1/498523/100/0/threaded",
"http://www.securityfocus.com/archive/1/505990/100/0/threaded",
"http://www.securityfocus.com/bid/26838",
"http://www.ubuntu.com/usn/usn-575-1",
"http://www.us-cert.gov/cas/techalerts/TA08-150A.html",
"http://www.vupen.com/english/advisories/2007/4201",
"http://www.vupen.com/english/advisories/2007/4202",
"http://www.vupen.com/english/advisories/2007/4301",
"http://www.vupen.com/english/advisories/2008/0084",
"http://www.vupen.com/english/advisories/2008/0178",
"http://www.vupen.com/english/advisories/2008/0398",
"http://www.vupen.com/english/advisories/2008/0809/references",
"http://www.vupen.com/english/advisories/2008/0924/references",
"http://www.vupen.com/english/advisories/2008/1224/references",
"http://www.vupen.com/english/advisories/2008/1623/references",
"http://www.vupen.com/english/advisories/2008/1697",
"http://www.vupen.com/english/advisories/2008/1875/references",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/39001",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/39002",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9539",
"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00541.html",
"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00562.html"
],
"score": 4.3,
"services": [
"631/http"
],
"severity": "medium",
"summary": "Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.",
"vector_string": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"weakness": "CWE-79"
},
"CVE-2007-6203": {
"id": "CVE-2007-6203",
"references": [
"http://docs.info.apple.com/article.html?artnum=307562",
"http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html",
"http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html",
"http://marc.info/?l=bugtraq&m=125631037611762&w=2",
"http://marc.info/?l=bugtraq&m=129190899612998&w=2",
"http://procheckup.com/Vulnerability_PR07-37.php",
"http://secunia.com/advisories/27906",
"http://secunia.com/advisories/28196",
"http://secunia.com/advisories/29348",
"http://secunia.com/advisories/29420",
"http://secunia.com/advisories/29640",
"http://secunia.com/advisories/30356",
"http://secunia.com/advisories/30732",
"http://secunia.com/advisories/33105",
"http://secunia.com/advisories/34219",
"http://security.gentoo.org/glsa/glsa-200803-19.xml",
"http://securityreason.com/securityalert/3411",
"http://www-1.ibm.com/support/docview.wss?uid=swg1PK57952",
"http://www-1.ibm.com/support/docview.wss?uid=swg24019245",
"http://www.fujitsu.com/global/support/software/security/products-f/interstage-200807e.html",
"http://www.securityfocus.com/archive/1/484410/100/0/threaded",
"http://www.securityfocus.com/bid/26663",
"http://www.securitytracker.com/id?1019030",
"http://www.ubuntu.com/usn/USN-731-1",
"http://www.vupen.com/english/advisories/2007/4060",
"http://www.vupen.com/english/advisories/2007/4301",
"http://www.vupen.com/english/advisories/2008/0924/references",
"http://www.vupen.com/english/advisories/2008/1623/references",
"http://www.vupen.com/english/advisories/2008/1875/references",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/38800",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12166"
],
"score": 4.3,
"services": [
"631/http"
],
"severity": "medium",
"summary": "Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a \"413 Request Entity Too Large\" error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated via an HTTP request containing an invalid Content-length value, a similar issue to CVE-2006-3918.",
"vector_string": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"weakness": "CWE-79"
},
"CVE-2007-6388": {
"id": "CVE-2007-6388",
"references": [
"http://docs.info.apple.com/article.html?artnum=307562",
"http://httpd.apache.org/security/vulnerabilities_13.html",
"http://httpd.apache.org/security/vulnerabilities_20.html",
"http://httpd.apache.org/security/vulnerabilities_22.html",
"http://lists.apple.com/archives/security-announce/2008//May/msg00001.html",
"http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html",
"http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html",
"http://lists.vmware.com/pipermail/security-announce/2009/000062.html",
"http://marc.info/?l=bugtraq&m=130497311408250&w=2",
"http://marc.info/?l=bugtraq&m=130497311408250&w=2",
"http://secunia.com/advisories/28467",
"http://secunia.com/advisories/28471",
"http://secunia.com/advisories/28526",
"http://secunia.com/advisories/28607",
"http://secunia.com/advisories/28749",
"http://secunia.com/advisories/28922",
"http://secunia.com/advisories/28965",
"http://secunia.com/advisories/28977",
"http://secunia.com/advisories/29420",
"http://secunia.com/advisories/29504",
"http://secunia.com/advisories/29640",
"http://secunia.com/advisories/29806",
"http://secunia.com/advisories/29988",
"http://secunia.com/advisories/30356",
"http://secunia.com/advisories/30430",
"http://secunia.com/advisories/30732",
"http://secunia.com/advisories/31142",
"http://secunia.com/advisories/32800",
"http://secunia.com/advisories/33200",
"http://securityreason.com/securityalert/3541",
"http://securitytracker.com/id?1019154",
"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.595748",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-233623-1",
"http://support.avaya.com/elmodocs2/security/ASA-2008-032.htm",
"http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=689039",
"http://www-1.ibm.com/support/docview.wss?uid=swg1PK62966",
"http://www-1.ibm.com/support/docview.wss?uid=swg1PK63273",
"http://www-1.ibm.com/support/docview.wss?uid=swg24019245",
"http://www-1.ibm.com/support/search.wss?rs=0&q=PK59667&apar=only",
"http://www.fujitsu.com/global/support/software/security/products-f/interstage-200808e.html",
"http://www.mandriva.com/security/advisories?name=MDVSA-2008:014",
"http://www.mandriva.com/security/advisories?name=MDVSA-2008:015",
"http://www.mandriva.com/security/advisories?name=MDVSA-2008:016",
"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html",
"http://www.redhat.com/support/errata/RHSA-2008-0004.html",
"http://www.redhat.com/support/errata/RHSA-2008-0005.html",
"http://www.redhat.com/support/errata/RHSA-2008-0006.html",
"http://www.redhat.com/support/errata/RHSA-2008-0007.html",
"http://www.redhat.com/support/errata/RHSA-2008-0008.html",
"http://www.redhat.com/support/errata/RHSA-2008-0009.html",
"http://www.redhat.com/support/errata/RHSA-2008-0261.html",
"http://www.securityfocus.com/archive/1/488082/100/0/threaded",
"http://www.securityfocus.com/archive/1/488082/100/0/threaded",
"http://www.securityfocus.com/archive/1/494428/100/0/threaded",
"http://www.securityfocus.com/archive/1/498523/100/0/threaded",
"http://www.securityfocus.com/archive/1/498523/100/0/threaded",
"http://www.securityfocus.com/archive/1/505990/100/0/threaded",
"http://www.securityfocus.com/bid/27237",
"http://www.ubuntu.com/usn/usn-575-1",
"http://www.us-cert.gov/cas/techalerts/TA08-150A.html",
"http://www.vupen.com/english/advisories/2008/0047",
"http://www.vupen.com/english/advisories/2008/0447/references",
"http://www.vupen.com/english/advisories/2008/0554",
"http://www.vupen.com/english/advisories/2008/0809/references",
"http://www.vupen.com/english/advisories/2008/0924/references",
"http://www.vupen.com/english/advisories/2008/0986/references",
"http://www.vupen.com/english/advisories/2008/1224/references",
"http://www.vupen.com/english/advisories/2008/1623/references",
"http://www.vupen.com/english/advisories/2008/1697",
"http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2008/05/023342-01.pdf",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/39472",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10272",
"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00541.html",
"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00562.html",
"http://docs.info.apple.com/article.html?artnum=307562",
"http://httpd.apache.org/security/vulnerabilities_13.html",
"http://httpd.apache.org/security/vulnerabilities_20.html",
"http://httpd.apache.org/security/vulnerabilities_22.html",
"http://lists.apple.com/archives/security-announce/2008//May/msg00001.html",
"http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html",
"http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html",
"http://lists.vmware.com/pipermail/security-announce/2009/000062.html",
"http://marc.info/?l=bugtraq&m=130497311408250&w=2",
"http://marc.info/?l=bugtraq&m=130497311408250&w=2",
"http://secunia.com/advisories/28467",
"http://secunia.com/advisories/28471",
"http://secunia.com/advisories/28526",
"http://secunia.com/advisories/28607",
"http://secunia.com/advisories/28749",
"http://secunia.com/advisories/28922",
"http://secunia.com/advisories/28965",
"http://secunia.com/advisories/28977",
"http://secunia.com/advisories/29420",
"http://secunia.com/advisories/29504",
"http://secunia.com/advisories/29640",
"http://secunia.com/advisories/29806",
"http://secunia.com/advisories/29988",
"http://secunia.com/advisories/30356",
"http://secunia.com/advisories/30430",
"http://secunia.com/advisories/30732",
"http://secunia.com/advisories/31142",
"http://secunia.com/advisories/32800",
"http://secunia.com/advisories/33200",
"http://securityreason.com/securityalert/3541",
"http://securitytracker.com/id?1019154",
"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.595748",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-233623-1",
"http://support.avaya.com/elmodocs2/security/ASA-2008-032.htm",
"http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=689039",
"http://www-1.ibm.com/support/docview.wss?uid=swg1PK62966",
"http://www-1.ibm.com/support/docview.wss?uid=swg1PK63273",
"http://www-1.ibm.com/support/docview.wss?uid=swg24019245",
"http://www-1.ibm.com/support/search.wss?rs=0&q=PK59667&apar=only",
"http://www.fujitsu.com/global/support/software/security/products-f/interstage-200808e.html",
"http://www.mandriva.com/security/advisories?name=MDVSA-2008:014",
"http://www.mandriva.com/security/advisories?name=MDVSA-2008:015",
"http://www.mandriva.com/security/advisories?name=MDVSA-2008:016",
"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html",
"http://www.redhat.com/support/errata/RHSA-2008-0004.html",
"http://www.redhat.com/support/errata/RHSA-2008-0005.html",
"http://www.redhat.com/support/errata/RHSA-2008-0006.html",
"http://www.redhat.com/support/errata/RHSA-2008-0007.html",
"http://www.redhat.com/support/errata/RHSA-2008-0008.html",
"http://www.redhat.com/support/errata/RHSA-2008-0009.html",
"http://www.redhat.com/support/errata/RHSA-2008-0261.html",
"http://www.securityfocus.com/archive/1/488082/100/0/threaded",
"http://www.securityfocus.com/archive/1/488082/100/0/threaded",
"http://www.securityfocus.com/archive/1/494428/100/0/threaded",
"http://www.securityfocus.com/archive/1/498523/100/0/threaded",
"http://www.securityfocus.com/archive/1/498523/100/0/threaded",
"http://www.securityfocus.com/archive/1/505990/100/0/threaded",
"http://www.securityfocus.com/bid/27237",
"http://www.ubuntu.com/usn/usn-575-1",
"http://www.us-cert.gov/cas/techalerts/TA08-150A.html",
"http://www.vupen.com/english/advisories/2008/0047",
"http://www.vupen.com/english/advisories/2008/0447/references",
"http://www.vupen.com/english/advisories/2008/0554",
"http://www.vupen.com/english/advisories/2008/0809/references",
"http://www.vupen.com/english/advisories/2008/0924/references",
"http://www.vupen.com/english/advisories/2008/0986/references",
"http://www.vupen.com/english/advisories/2008/1224/references",
"http://www.vupen.com/english/advisories/2008/1623/references",
"http://www.vupen.com/english/advisories/2008/1697",
"http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2008/05/023342-01.pdf",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/39472",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10272",
"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00541.html",
"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00562.html"
],
"score": 4.3,
"services": [
"631/http"
],
"severity": "medium",
"summary": "Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.",
"vector_string": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"weakness": "CWE-79"
},
"CVE-2007-6420": {
"id": "CVE-2007-6420",
"references": [
"http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html",
"http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html",
"http://marc.info/?l=bugtraq&m=123376588623823&w=2",
"http://secunia.com/advisories/31026",
"http://secunia.com/advisories/32222",
"http://secunia.com/advisories/33797",
"http://secunia.com/advisories/34219",
"http://security.gentoo.org/glsa/glsa-200807-06.xml",
"http://securityreason.com/securityalert/3523",
"http://support.apple.com/kb/HT3216",
"http://www.redhat.com/support/errata/RHSA-2008-0966.html",
"http://www.securityfocus.com/archive/1/486169/100/0/threaded",
"http://www.securityfocus.com/archive/1/494858/100/0/threaded",
"http://www.securityfocus.com/bid/27236",
"http://www.securityfocus.com/bid/31681",
"http://www.ubuntu.com/usn/USN-731-1",
"http://www.vupen.com/english/advisories/2008/2780",
"http://www.vupen.com/english/advisories/2009/0320",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8371"
],
"score": 4.3,
"services": [
"631/http"
],
"severity": "medium",
"summary": "Cross-site request forgery (CSRF) vulnerability in the balancer-manager in mod_proxy_balancer for Apache HTTP Server 2.2.x allows remote attackers to gain privileges via unspecified vectors.",
"vector_string": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"weakness": "CWE-352"
},
"CVE-2007-6750": {
"id": "CVE-2007-6750",
"references": [
"http://archives.neohapsis.com/archives/bugtraq/2007-01/0229.html",
"http://ha.ckers.org/slowloris/",
"http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00026.html",
"http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00002.html",
"http://marc.info/?l=bugtraq&m=136612293908376&w=2",
"http://marc.info/?l=bugtraq&m=136612293908376&w=2",
"http://www.securityfocus.com/bid/21865",
"http://www.securitytracker.com/id/1038144",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/72345",
"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017",
"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19481",
"http://archives.neohapsis.com/archives/bugtraq/2007-01/0229.html",
"http://ha.ckers.org/slowloris/",
"http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00026.html",
"http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00002.html",
"http://marc.info/?l=bugtraq&m=136612293908376&w=2",
"http://marc.info/?l=bugtraq&m=136612293908376&w=2",
"http://www.securityfocus.com/bid/21865",
"http://www.securitytracker.com/id/1038144",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/72345",
"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017",
"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19481"
],
"score": 5,
"services": [
"631/http"
],
"severity": "medium",
"summary": "The Apache HTTP Server 1.x and 2.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris, related to the lack of the mod_reqtimeout module in versions before 2.2.15.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "CWE-399"
},
"CVE-2008-0005": {
"id": "CVE-2008-0005",
"references": [
"http://docs.info.apple.com/article.html?artnum=307562",
"http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html",
"http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html",
"http://lists.vmware.com/pipermail/security-announce/2009/000062.html",
"http://marc.info/?l=bugtraq&m=124654546101607&w=2",
"http://marc.info/?l=bugtraq&m=125631037611762&w=2",
"http://marc.info/?l=bugtraq&m=130497311408250&w=2",
"http://secunia.com/advisories/28467",
"http://secunia.com/advisories/28471",
"http://secunia.com/advisories/28526",
"http://secunia.com/advisories/28607",
"http://secunia.com/advisories/28749",
"http://secunia.com/advisories/28977",
"http://secunia.com/advisories/29348",
"http://secunia.com/advisories/29420",
"http://secunia.com/advisories/29640",
"http://secunia.com/advisories/30732",
"http://secunia.com/advisories/35650",
"http://security.gentoo.org/glsa/glsa-200803-19.xml",
"http://securityreason.com/achievement_securityalert/49",
"http://securityreason.com/securityalert/3526",
"http://support.avaya.com/elmodocs2/security/ASA-2008-032.htm",
"http://www.mandriva.com/security/advisories?name=MDVSA-2008:014",
"http://www.mandriva.com/security/advisories?name=MDVSA-2008:015",
"http://www.mandriva.com/security/advisories?name=MDVSA-2008:016",
"http://www.redhat.com/support/errata/RHSA-2008-0004.html",
"http://www.redhat.com/support/errata/RHSA-2008-0005.html",
"http://www.redhat.com/support/errata/RHSA-2008-0006.html",
"http://www.redhat.com/support/errata/RHSA-2008-0007.html",
"http://www.redhat.com/support/errata/RHSA-2008-0008.html",
"http://www.redhat.com/support/errata/RHSA-2008-0009.html",
"http://www.securityfocus.com/archive/1/486167/100/0/threaded",
"http://www.securityfocus.com/archive/1/505990/100/0/threaded",
"http://www.securityfocus.com/bid/27234",
"http://www.securitytracker.com/id?1019185",
"http://www.ubuntu.com/usn/usn-575-1",
"http://www.vupen.com/english/advisories/2008/0924/references",
"http://www.vupen.com/english/advisories/2008/1875/references",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/39615",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10812",
"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00541.html",
"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00562.html"
],
"score": 4.3,
"services": [
"631/http"
],
"severity": "medium",
"summary": "mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting (XSS) attacks using UTF-7 encoding.",
"vector_string": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"weakness": "CWE-79"
},
"CVE-2008-0455": {
"id": "CVE-2008-0455",
"references": [
"http://rhn.redhat.com/errata/RHSA-2012-1591.html",
"http://rhn.redhat.com/errata/RHSA-2012-1592.html",
"http://rhn.redhat.com/errata/RHSA-2012-1594.html",
"http://rhn.redhat.com/errata/RHSA-2013-0130.html",
"http://secunia.com/advisories/29348",
"http://secunia.com/advisories/51607",
"http://security.gentoo.org/glsa/glsa-200803-19.xml",
"http://securityreason.com/securityalert/3575",
"http://securitytracker.com/id?1019256",
"http://www.mindedsecurity.com/MSA01150108.html",
"http://www.securityfocus.com/archive/1/486847/100/0/threaded",
"http://www.securityfocus.com/bid/27409",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/39867",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
],
"score": 4.3,
"services": [
"631/http"
],
"severity": "medium",
"summary": "Cross-site scripting (XSS) vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary web script or HTML by uploading a file with a name containing XSS sequences and a file extension, which leads to injection within a (1) \"406 Not Acceptable\" or (2) \"300 Multiple Choices\" HTTP response when the extension is omitted in a request for the file.",
"vector_string": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"weakness": "CWE-79"
},
"CVE-2008-0456": {
"id": "CVE-2008-0456",
"references": [
"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html",
"http://rhn.redhat.com/errata/RHSA-2013-0130.html",
"http://secunia.com/advisories/29348",
"http://secunia.com/advisories/35074",
"http://security.gentoo.org/glsa/glsa-200803-19.xml",
"http://securityreason.com/securityalert/3575",
"http://securitytracker.com/id?1019256",
"http://support.apple.com/kb/HT3549",
"http://www.mindedsecurity.com/MSA01150108.html",
"http://www.securityfocus.com/archive/1/486847/100/0/threaded",
"http://www.securityfocus.com/bid/27409",
"http://www.us-cert.gov/cas/techalerts/TA09-133A.html",
"http://www.vupen.com/english/advisories/2009/1297",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/39893",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
],
"score": 2.6,
"services": [
"631/http"
],
"severity": "low",
"summary": "CRLF injection vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks by uploading a file with a multi-line name containing HTTP header sequences and a file extension, which leads to injection within a (1) \"406 Not Acceptable\" or (2) \"300 Multiple Choices\" HTTP response when the extension is omitted in a request for the file.",
"vector_string": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"weakness": "CWE-74"
},
"CVE-2008-1446": {
"id": "CVE-2008-1446",
"references": [
"http://marc.info/?l=bugtraq&m=122479227205998&w=2",
"http://marc.info/?l=bugtraq&m=122479227205998&w=2",
"http://secunia.com/advisories/32248",
"http://www.kb.cert.org/vuls/id/793233",
"http://www.securityfocus.com/bid/31682",
"http://www.securitytracker.com/id?1021048",
"http://www.us-cert.gov/cas/techalerts/TA08-288A.html",
"http://www.vupen.com/english/advisories/2008/2813",
"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-062",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/45545",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/45548",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5764",
"http://marc.info/?l=bugtraq&m=122479227205998&w=2",
"http://marc.info/?l=bugtraq&m=122479227205998&w=2",
"http://secunia.com/advisories/32248",
"http://www.kb.cert.org/vuls/id/793233",
"http://www.securityfocus.com/bid/31682",
"http://www.securitytracker.com/id?1021048",
"http://www.us-cert.gov/cas/techalerts/TA08-288A.html",
"http://www.vupen.com/english/advisories/2008/2813",
"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-062",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/45545",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/45548",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5764"
],
"score": 9,
"services": [
"27017/http"
],
"severity": "high",
"summary": "Integer overflow in the Internet Printing Protocol (IPP) ISAPI extension in Microsoft Internet Information Services (IIS) 5.0 through 7.0 on Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, and Server 2008 allows remote authenticated users to execute arbitrary code via an HTTP POST request that triggers an outbound IPP connection from a web server to a machine operated by the attacker, aka \"Integer Overflow in IPP Service Vulnerability.\"",
"vector_string": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"weakness": "CWE-190"
},
"CVE-2008-2168": {
"id": "CVE-2008-2168",
"references": [
"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01539432",
"http://marc.info/?l=bugtraq&m=124654546101607&w=2",
"http://marc.info/?l=bugtraq&m=125631037611762&w=2",
"http://secunia.com/advisories/31651",
"http://secunia.com/advisories/34219",
"http://secunia.com/advisories/35650",
"http://securityreason.com/securityalert/3889",
"http://www.securityfocus.com/archive/1/491862/100/0/threaded",
"http://www.securityfocus.com/archive/1/491901/100/0/threaded",
"http://www.securityfocus.com/archive/1/491930/100/0/threaded",
"http://www.securityfocus.com/archive/1/491967/100/0/threaded",
"http://www.securityfocus.com/bid/29112",
"http://www.ubuntu.com/usn/USN-731-1",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/42303",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5143"
],
"score": 4.3,
"services": [
"8500/http"
],
"severity": "medium",
"summary": "Cross-site scripting (XSS) vulnerability in Apache 2.2.6 and earlier allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded URLs that are not properly handled when displaying the 403 Forbidden error page.",
"vector_string": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"weakness": "CWE-79"
},
"CVE-2008-2364": {
"id": "CVE-2008-2364",
"references": [
"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01539432",
"http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html",
"http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html",
"http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html",
"http://marc.info/?l=bugtraq&m=123376588623823&w=2",
"http://marc.info/?l=bugtraq&m=125631037611762&w=2",
"http://rhn.redhat.com/errata/RHSA-2008-0967.html",
"http://secunia.com/advisories/30621",
"http://secunia.com/advisories/31026",
"http://secunia.com/advisories/31404",
"http://secunia.com/advisories/31416",
"http://secunia.com/advisories/31651",
"http://secunia.com/advisories/31904",
"http://secunia.com/advisories/32222",
"http://secunia.com/advisories/32685",
"http://secunia.com/advisories/32838",
"http://secunia.com/advisories/33156",
"http://secunia.com/advisories/33797",
"http://secunia.com/advisories/34219",
"http://secunia.com/advisories/34259",
"http://secunia.com/advisories/34418",
"http://security.gentoo.org/glsa/glsa-200807-06.xml",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-247666-1",
"http://support.apple.com/kb/HT3216",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c?r1=666154&r2=666153&pathrev=666154",
"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0328",
"http://www-01.ibm.com/support/docview.wss?uid=swg27008517",
"http://www-1.ibm.com/support/docview.wss?uid=swg1PK67579",
"http://www.mandriva.com/security/advisories?name=MDVSA-2008:195",
"http://www.mandriva.com/security/advisories?name=MDVSA-2008:237",
"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html",
"http://www.redhat.com/support/errata/RHSA-2008-0966.html",
"http://www.securityfocus.com/archive/1/494858/100/0/threaded",
"http://www.securityfocus.com/archive/1/498567/100/0/threaded",
"http://www.securityfocus.com/bid/29653",
"http://www.securityfocus.com/bid/31681",
"http://www.securitytracker.com/id?1020267",
"http://www.ubuntu.com/usn/USN-731-1",
"http://www.vupen.com/english/advisories/2008/1798",
"http://www.vupen.com/english/advisories/2008/2780",
"http://www.vupen.com/english/advisories/2009/0320",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/42987",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11713",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6084",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9577",
"https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00055.html",
"https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00153.html"
],
"score": 5,
"services": [
"631/http"
],
"severity": "medium",
"summary": "The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service (memory consumption) via a large number of interim responses.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "CWE-770"
},
"CVE-2008-2939": {
"id": "CVE-2008-2939",
"references": [
"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html",
"http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html",
"http://marc.info/?l=bugtraq&m=123376588623823&w=2",
"http://marc.info/?l=bugtraq&m=123376588623823&w=2",
"http://marc.info/?l=bugtraq&m=125631037611762&w=2",
"http://marc.info/?l=bugtraq&m=125631037611762&w=2",
"http://rhn.redhat.com/errata/RHSA-2008-0967.html",
"http://secunia.com/advisories/31384",
"http://secunia.com/advisories/31673",
"http://secunia.com/advisories/32685",
"http://secunia.com/advisories/32838",
"http://secunia.com/advisories/33156",
"http://secunia.com/advisories/33797",
"http://secunia.com/advisories/34219",
"http://secunia.com/advisories/35074",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-247666-1",
"http://support.apple.com/kb/HT3549",
"http://svn.apache.org/viewvc?view=rev&revision=682868",
"http://svn.apache.org/viewvc?view=rev&revision=682870",
"http://svn.apache.org/viewvc?view=rev&revision=682871",
"http://wiki.rpath.com/Advisories:rPSA-2008-0327",
"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0328",
"http://www-1.ibm.com/support/docview.wss?uid=swg1PK70197",
"http://www-1.ibm.com/support/docview.wss?uid=swg1PK70937",
"http://www.kb.cert.org/vuls/id/663763",
"http://www.mandriva.com/security/advisories?name=MDVSA-2008:194",
"http://www.mandriva.com/security/advisories?name=MDVSA-2008:195",
"http://www.mandriva.com/security/advisories?name=MDVSA-2009:124",
"http://www.rapid7.com/advisories/R7-0033",
"http://www.redhat.com/support/errata/RHSA-2008-0966.html",
"http://www.securityfocus.com/archive/1/495180/100/0/threaded",
"http://www.securityfocus.com/archive/1/498566/100/0/threaded",
"http://www.securityfocus.com/archive/1/498567/100/0/threaded",
"http://www.securityfocus.com/bid/30560",
"http://www.securitytracker.com/id?1020635",
"http://www.ubuntu.com/usn/USN-731-1",
"http://www.us-cert.gov/cas/techalerts/TA09-133A.html",
"http://www.vupen.com/english/advisories/2008/2315",
"http://www.vupen.com/english/advisories/2008/2461",
"http://www.vupen.com/english/advisories/2009/0320",
"http://www.vupen.com/english/advisories/2009/1297",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/44223",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11316",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7716",
"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html",
"http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html",
"http://marc.info/?l=bugtraq&m=123376588623823&w=2",
"http://marc.info/?l=bugtraq&m=123376588623823&w=2",
"http://marc.info/?l=bugtraq&m=125631037611762&w=2",
"http://marc.info/?l=bugtraq&m=125631037611762&w=2",
"http://rhn.redhat.com/errata/RHSA-2008-0967.html",
"http://secunia.com/advisories/31384",
"http://secunia.com/advisories/31673",
"http://secunia.com/advisories/32685",
"http://secunia.com/advisories/32838",
"http://secunia.com/advisories/33156",
"http://secunia.com/advisories/33797",
"http://secunia.com/advisories/34219",
"http://secunia.com/advisories/35074",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-247666-1",
"http://support.apple.com/kb/HT3549",
"http://svn.apache.org/viewvc?view=rev&revision=682868",
"http://svn.apache.org/viewvc?view=rev&revision=682870",
"http://svn.apache.org/viewvc?view=rev&revision=682871",
"http://wiki.rpath.com/Advisories:rPSA-2008-0327",
"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0328",
"http://www-1.ibm.com/support/docview.wss?uid=swg1PK70197",
"http://www-1.ibm.com/support/docview.wss?uid=swg1PK70937",
"http://www.kb.cert.org/vuls/id/663763",
"http://www.mandriva.com/security/advisories?name=MDVSA-2008:194",
"http://www.mandriva.com/security/advisories?name=MDVSA-2008:195",
"http://www.mandriva.com/security/advisories?name=MDVSA-2009:124",
"http://www.rapid7.com/advisories/R7-0033",
"http://www.redhat.com/support/errata/RHSA-2008-0966.html",
"http://www.securityfocus.com/archive/1/495180/100/0/threaded",
"http://www.securityfocus.com/archive/1/498566/100/0/threaded",
"http://www.securityfocus.com/archive/1/498567/100/0/threaded",
"http://www.securityfocus.com/bid/30560",
"http://www.securitytracker.com/id?1020635",
"http://www.ubuntu.com/usn/USN-731-1",
"http://www.us-cert.gov/cas/techalerts/TA09-133A.html",
"http://www.vupen.com/english/advisories/2008/2315",
"http://www.vupen.com/english/advisories/2008/2461",
"http://www.vupen.com/english/advisories/2009/0320",
"http://www.vupen.com/english/advisories/2009/1297",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/44223",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11316",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7716"
],
"score": 4.3,
"services": [
"631/http"
],
"severity": "medium",
"summary": "Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web script or HTML via a wildcard in the last directory component in the pathname in an FTP URI.",
"vector_string": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"weakness": "CWE-79"
},
"CVE-2009-0023": {
"id": "CVE-2009-0023",
"references": [
"http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html",
"http://marc.info/?l=bugtraq&m=129190899612998&w=2",
"http://secunia.com/advisories/34724",
"http://secunia.com/advisories/35284",
"http://secunia.com/advisories/35360",
"http://secunia.com/advisories/35395",
"http://secunia.com/advisories/35444",
"http://secunia.com/advisories/35487",
"http://secunia.com/advisories/35565",
"http://secunia.com/advisories/35710",
"http://secunia.com/advisories/35797",
"http://secunia.com/advisories/35843",
"http://secunia.com/advisories/37221",
"http://security.gentoo.org/glsa/glsa-200907-03.xml",
"http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.538210",
"http://support.apple.com/kb/HT3937",
"http://svn.apache.org/viewvc?view=rev&revision=779880",
"http://wiki.rpath.com/Advisories:rPSA-2009-0144",
"http://www-01.ibm.com/support/docview.wss?uid=swg1PK88341",
"http://www-01.ibm.com/support/docview.wss?uid=swg1PK91241",
"http://www-01.ibm.com/support/docview.wss?uid=swg1PK99478",
"http://www-01.ibm.com/support/docview.wss?uid=swg27014463",
"http://www.apache.org/dist/apr/CHANGES-APR-UTIL-1.3",
"http://www.debian.org/security/2009/dsa-1812",
"http://www.mandriva.com/security/advisories?name=MDVSA-2009:131",
"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150",
"http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html",
"http://www.redhat.com/support/errata/RHSA-2009-1107.html",
"http://www.redhat.com/support/errata/RHSA-2009-1108.html",
"http://www.securityfocus.com/archive/1/507855/100/0/threaded",
"http://www.securityfocus.com/bid/35221",
"http://www.ubuntu.com/usn/usn-786-1",
"http://www.ubuntu.com/usn/usn-787-1",
"http://www.vupen.com/english/advisories/2009/1907",
"http://www.vupen.com/english/advisories/2009/3184",
"https://bugzilla.redhat.com/show_bug.cgi?id=503928",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/50964",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10968",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12321",
"https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01173.html",
"https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01201.html",
"https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01228.html"
],
"score": 4.3,
"services": [
"631/http"
],
"severity": "medium",
"summary": "The apr_strmatch_precompile function in strmatch/apr_strmatch.c in Apache APR-util before 1.3.5 allows remote attackers to cause a denial of service (daemon crash) via crafted input involving (1) a .htaccess file used with the Apache HTTP Server, (2) the SVNMasterURI directive in the mod_dav_svn module in the Apache HTTP Server, (3) the mod_apreq2 module for the Apache HTTP Server, or (4) an application that uses the libapreq2 library, which triggers a heap-based buffer underflow.",
"vector_string": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"weakness": "CWE-119"
},
"CVE-2009-1195": {
"id": "CVE-2009-1195",
"references": [
"http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html",
"http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00006.html",
"http://marc.info/?l=apache-httpd-dev&m=124048996106302&w=2",
"http://marc.info/?l=bugtraq&m=129190899612998&w=2",
"http://osvdb.org/54733",
"http://secunia.com/advisories/35261",
"http://secunia.com/advisories/35264",
"http://secunia.com/advisories/35395",
"http://secunia.com/advisories/35453",
"http://secunia.com/advisories/35721",
"http://secunia.com/advisories/37152",
"http://security.gentoo.org/glsa/glsa-200907-04.xml",
"http://support.apple.com/kb/HT3937",
"http://svn.apache.org/viewvc?view=rev&revision=772997",
"http://wiki.rpath.com/Advisories:rPSA-2009-0142",
"http://www.debian.org/security/2009/dsa-1816",
"http://www.mandriva.com/security/advisories?name=MDVSA-2009:124",
"http://www.redhat.com/support/errata/RHSA-2009-1075.html",
"http://www.redhat.com/support/errata/RHSA-2009-1156.html",
"http://www.securityfocus.com/archive/1/507852/100/0/threaded",
"http://www.securityfocus.com/archive/1/507857/100/0/threaded",
"http://www.securityfocus.com/bid/35115",
"http://www.securitytracker.com/id?1022296",
"http://www.ubuntu.com/usn/usn-787-1",
"http://www.vupen.com/english/advisories/2009/1444",
"http://www.vupen.com/english/advisories/2009/3184",
"https://bugzilla.redhat.com/show_bug.cgi?id=489436",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/50808",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11094",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12377",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8704",
"https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01363.html"
],
"score": 4.9,
"services": [
"631/http"
],
"severity": "medium",
"summary": "The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not properly handle Options=IncludesNOEXEC in the AllowOverride directive, which allows local users to gain privileges by configuring (1) Options Includes, (2) Options +Includes, or (3) Options +IncludesNOEXEC in a .htaccess file, and then inserting an exec element in a .shtml file.",
"vector_string": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"weakness": "CWE-16"
},
"CVE-2009-1535": {
"id": "CVE-2009-1535",
"references": [
"http://archives.neohapsis.com/archives/fulldisclosure/2009-05/0135.html",
"http://archives.neohapsis.com/archives/fulldisclosure/2009-05/0139.html",
"http://archives.neohapsis.com/archives/fulldisclosure/2009-05/0144.html",
"http://archives.neohapsis.com/archives/fulldisclosure/2009-05/att-0135/IIS_Advisory.pdf",
"http://blog.zoller.lu/2009/05/iis-6-webdac-auth-bypass-and-data.html",
"http://isc.sans.org/diary.html?n&storyid=6397",
"http://view.samurajdata.se/psview.php?id=023287d6&page=1",
"http://www.attrition.org/pipermail/vim/2009-June/002192.html",
"http://www.us-cert.gov/cas/techalerts/TA09-160A.html",
"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-020",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6029"
],
"score": 7.5,
"services": [
"27017/http"
],
"severity": "high",
"summary": "The WebDAV extension in Microsoft Internet Information Services (IIS) 5.1 and 6.0 allows remote attackers to bypass URI-based protection mechanisms, and list folders or read, create, or modify files, via a %c0%af (Unicode / character) at an arbitrary position in the URI, as demonstrated by inserting %c0%af into a \"/protected/\" initial pathname component to bypass the password protection on the protected\\ folder, aka \"IIS 5.1 and 6.0 WebDAV Authentication Bypass Vulnerability,\" a different vulnerability than CVE-2009-1122.",
"vector_string": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"weakness": "CWE-287"
},
"CVE-2009-1890": {
"id": "CVE-2009-1890",
"references": [
"http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html",
"http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00006.html",
"http://marc.info/?l=bugtraq&m=129190899612998&w=2",
"http://osvdb.org/55553",
"http://secunia.com/advisories/35691",
"http://secunia.com/advisories/35721",
"http://secunia.com/advisories/35793",
"http://secunia.com/advisories/35865",
"http://secunia.com/advisories/37152",
"http://secunia.com/advisories/37221",
"http://security.gentoo.org/glsa/glsa-200907-04.xml",
"http://support.apple.com/kb/HT3937",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?r1=790587&r2=790586&pathrev=790587",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?revision=790587",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c?r1=790587&r2=790586&pathrev=790587",
"http://svn.apache.org/viewvc?view=rev&revision=790587",
"http://wiki.rpath.com/Advisories:rPSA-2009-0142",
"http://www-01.ibm.com/support/docview.wss?uid=swg1PK91259",
"http://www-01.ibm.com/support/docview.wss?uid=swg1PK99480",
"http://www.debian.org/security/2009/dsa-1834",
"http://www.mandriva.com/security/advisories?name=MDVSA-2009:149",
"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150",
"http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html",
"http://www.redhat.com/support/errata/RHSA-2009-1156.html",
"http://www.securityfocus.com/archive/1/507852/100/0/threaded",
"http://www.securityfocus.com/archive/1/507857/100/0/threaded",
"http://www.securityfocus.com/bid/35565",
"http://www.securitytracker.com/id?1022509",
"http://www.ubuntu.com/usn/USN-802-1",
"http://www.vupen.com/english/advisories/2009/3184",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb33be0aa9bd8cac9536293e3821dcd4cf8180ad95a8036eedd46365e%40%3Cusers.mina.apache.org%3E",
"https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12330",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8616",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9403",
"https://rhn.redhat.com/errata/RHSA-2009-1148.html",
"https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01363.html"
],
"score": 7.1,
"services": [
"631/http"
],
"severity": "high",
"summary": "The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which allows remote attackers to cause a denial of service (CPU consumption) via crafted requests.",
"vector_string": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"weakness": "CWE-400"
},
"CVE-2009-1891": {
"id": "CVE-2009-1891",
"references": [
"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534712",
"http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html",
"http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00006.html",
"http://marc.info/?l=apache-httpd-dev&m=124621326524824&w=2",
"http://marc.info/?l=apache-httpd-dev&m=124661528519546&w=2",
"http://marc.info/?l=bugtraq&m=129190899612998&w=2",
"http://marc.info/?l=bugtraq&m=130497311408250&w=2",
"http://osvdb.org/55782",
"http://secunia.com/advisories/35721",
"http://secunia.com/advisories/35781",
"http://secunia.com/advisories/35793",
"http://secunia.com/advisories/35865",
"http://secunia.com/advisories/37152",
"http://secunia.com/advisories/37221",
"http://security.gentoo.org/glsa/glsa-200907-04.xml",
"http://support.apple.com/kb/HT3937",
"http://wiki.rpath.com/Advisories:rPSA-2009-0142",
"http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0142",
"http://www-01.ibm.com/support/docview.wss?uid=swg1PK91361",
"http://www-01.ibm.com/support/docview.wss?uid=swg1PK99480",
"http://www.debian.org/security/2009/dsa-1834",
"http://www.mandriva.com/security/advisories?name=MDVSA-2009:149",
"http://www.redhat.com/support/errata/RHSA-2009-1156.html",
"http://www.securityfocus.com/archive/1/507857/100/0/threaded",
"http://www.securitytracker.com/id?1022529",
"http://www.ubuntu.com/usn/USN-802-1",
"http://www.vupen.com/english/advisories/2009/1841",
"http://www.vupen.com/english/advisories/2009/3184",
"https://bugzilla.redhat.com/show_bug.cgi?id=509125",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12361",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8632",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9248",
"https://rhn.redhat.com/errata/RHSA-2009-1148.html",
"https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01363.html"
],
"score": 7.1,
"services": [
"631/http"
],
"severity": "high",
"summary": "The mod_deflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service (CPU consumption).",
"vector_string": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"weakness": "CWE-400"
},
"CVE-2009-1955": {
"id": "CVE-2009-1955",
"references": [
"http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html",
"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html",
"http://marc.info/?l=apr-dev&m=124396021826125&w=2",
"http://marc.info/?l=bugtraq&m=129190899612998&w=2",
"http://marc.info/?l=bugtraq&m=129190899612998&w=2",
"http://secunia.com/advisories/34724",
"http://secunia.com/advisories/35284",
"http://secunia.com/advisories/35360",
"http://secunia.com/advisories/35395",
"http://secunia.com/advisories/35444",
"http://secunia.com/advisories/35487",
"http://secunia.com/advisories/35565",
"http://secunia.com/advisories/35710",
"http://secunia.com/advisories/35797",
"http://secunia.com/advisories/35843",
"http://secunia.com/advisories/36473",
"http://secunia.com/advisories/37221",
"http://security.gentoo.org/glsa/glsa-200907-03.xml",
"http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.538210",
"http://support.apple.com/kb/HT3937",
"http://svn.apache.org/viewvc?view=rev&revision=781403",
"http://wiki.rpath.com/Advisories:rPSA-2009-0123",
"http://www-01.ibm.com/support/docview.wss?uid=swg1PK88342",
"http://www-01.ibm.com/support/docview.wss?uid=swg1PK91241",
"http://www-01.ibm.com/support/docview.wss?uid=swg1PK99478",
"http://www-01.ibm.com/support/docview.wss?uid=swg27014463",
"http://www.apache.org/dist/apr/CHANGES-APR-UTIL-1.3",
"http://www.debian.org/security/2009/dsa-1812",
"http://www.mandriva.com/security/advisories?name=MDVSA-2009:131",
"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150",
"http://www.openwall.com/lists/oss-security/2009/06/03/4",
"http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html",
"http://www.redhat.com/support/errata/RHSA-2009-1107.html",
"http://www.redhat.com/support/errata/RHSA-2009-1108.html",
"http://www.securityfocus.com/archive/1/506053/100/0/threaded",
"http://www.securityfocus.com/bid/35253",
"http://www.ubuntu.com/usn/usn-786-1",
"http://www.ubuntu.com/usn/usn-787-1",
"http://www.vupen.com/english/advisories/2009/1907",
"http://www.vupen.com/english/advisories/2009/3184",
"http://www.vupen.com/english/advisories/2010/1107",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10270",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12473",
"https://www.exploit-db.com/exploits/8842",
"https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01173.html",
"https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01201.html",
"https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01228.html",
"http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html",
"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html",
"http://marc.info/?l=apr-dev&m=124396021826125&w=2",
"http://marc.info/?l=bugtraq&m=129190899612998&w=2",
"http://marc.info/?l=bugtraq&m=129190899612998&w=2",
"http://secunia.com/advisories/34724",
"http://secunia.com/advisories/35284",
"http://secunia.com/advisories/35360",
"http://secunia.com/advisories/35395",
"http://secunia.com/advisories/35444",
"http://secunia.com/advisories/35487",
"http://secunia.com/advisories/35565",
"http://secunia.com/advisories/35710",
"http://secunia.com/advisories/35797",
"http://secunia.com/advisories/35843",
"http://secunia.com/advisories/36473",
"http://secunia.com/advisories/37221",
"http://security.gentoo.org/glsa/glsa-200907-03.xml",
"http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.538210",
"http://support.apple.com/kb/HT3937",
"http://svn.apache.org/viewvc?view=rev&revision=781403",
"http://wiki.rpath.com/Advisories:rPSA-2009-0123",
"http://www-01.ibm.com/support/docview.wss?uid=swg1PK88342",
"http://www-01.ibm.com/support/docview.wss?uid=swg1PK91241",
"http://www-01.ibm.com/support/docview.wss?uid=swg1PK99478",
"http://www-01.ibm.com/support/docview.wss?uid=swg27014463",
"http://www.apache.org/dist/apr/CHANGES-APR-UTIL-1.3",
"http://www.debian.org/security/2009/dsa-1812",
"http://www.mandriva.com/security/advisories?name=MDVSA-2009:131",
"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150",
"http://www.openwall.com/lists/oss-security/2009/06/03/4",
"http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html",
"http://www.redhat.com/support/errata/RHSA-2009-1107.html",
"http://www.redhat.com/support/errata/RHSA-2009-1108.html",
"http://www.securityfocus.com/archive/1/506053/100/0/threaded",
"http://www.securityfocus.com/bid/35253",
"http://www.ubuntu.com/usn/usn-786-1",
"http://www.ubuntu.com/usn/usn-787-1",
"http://www.vupen.com/english/advisories/2009/1907",
"http://www.vupen.com/english/advisories/2009/3184",
"http://www.vupen.com/english/advisories/2010/1107",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10270",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12473",
"https://www.exploit-db.com/exploits/8842",
"https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01173.html",
"https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01201.html",
"https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01228.html"
],
"score": 7.5,
"services": [
"631/http"
],
"severity": "high",
"summary": "The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, as demonstrated by a PROPFIND request, a similar issue to CVE-2003-1564.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-776"
},
"CVE-2009-1956": {
"id": "CVE-2009-1956",
"references": [
"http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html",
"http://marc.info/?l=bugtraq&m=129190899612998&w=2",
"http://secunia.com/advisories/34724",
"http://secunia.com/advisories/35284",
"http://secunia.com/advisories/35395",
"http://secunia.com/advisories/35487",
"http://secunia.com/advisories/35565",
"http://secunia.com/advisories/35710",
"http://secunia.com/advisories/35797",
"http://secunia.com/advisories/35843",
"http://secunia.com/advisories/37221",
"http://security.gentoo.org/glsa/glsa-200907-03.xml",
"http://support.apple.com/kb/HT3937",
"http://svn.apache.org/viewvc?view=rev&revision=768417",
"http://www-01.ibm.com/support/docview.wss?uid=swg1PK88341",
"http://www-01.ibm.com/support/docview.wss?uid=swg1PK91241",
"http://www-01.ibm.com/support/docview.wss?uid=swg1PK99478",
"http://www-01.ibm.com/support/docview.wss?uid=swg27014463",
"http://www.apache.org/dist/apr/CHANGES-APR-UTIL-1.3",
"http://www.mail-archive.com/dev%40apr.apache.org/msg21591.html",
"http://www.mail-archive.com/dev%40apr.apache.org/msg21592.html",
"http://www.mandriva.com/security/advisories?name=MDVSA-2009:131",
"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150",
"http://www.openwall.com/lists/oss-security/2009/06/06/1",
"http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html",
"http://www.redhat.com/support/errata/RHSA-2009-1107.html",
"http://www.redhat.com/support/errata/RHSA-2009-1108.html",
"http://www.securityfocus.com/bid/35251",
"http://www.ubuntu.com/usn/usn-786-1",
"http://www.ubuntu.com/usn/usn-787-1",
"http://www.vupen.com/english/advisories/2009/1907",
"http://www.vupen.com/english/advisories/2009/3184",
"https://bugzilla.redhat.com/show_bug.cgi?id=504390",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11567",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12237",
"https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01173.html",
"https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01201.html",
"https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01228.html"
],
"score": 6.4,
"services": [
"631/http"
],
"severity": "medium",
"summary": "Off-by-one error in the apr_brigade_vprintf function in Apache APR-util before 1.3.5 on big-endian platforms allows remote attackers to obtain sensitive information or cause a denial of service (application crash) via crafted input.",
"vector_string": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"weakness": "CWE-189"
},
"CVE-2009-2521": {
"id": "CVE-2009-2521",
"references": [
"http://archives.neohapsis.com/archives/fulldisclosure/2009-09/0040.html",
"http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ975191",
"http://www.us-cert.gov/cas/techalerts/TA09-286A.html",
"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-053",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6508",
"http://archives.neohapsis.com/archives/fulldisclosure/2009-09/0040.html",
"http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ975191",
"http://www.us-cert.gov/cas/techalerts/TA09-286A.html",
"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-053",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6508"
],
"score": 5,
"services": [
"27017/http"
],
"severity": "medium",
"summary": "Stack consumption vulnerability in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 7.0 allows remote authenticated users to cause a denial of service (daemon crash) via a list (ls) -R command containing a wildcard that references a subdirectory, followed by a .. (dot dot), aka \"IIS FTP Service DoS Vulnerability.\"",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "CWE-400"
},
"CVE-2009-2699": {
"id": "CVE-2009-2699",
"references": [
"http://marc.info/?l=bugtraq&m=133355494609819&w=2",
"http://securitytracker.com/id?1022988",
"http://www.apache.org/dist/httpd/CHANGES_2.2.14",
"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150",
"http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html",
"http://www.securityfocus.com/bid/36596",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/53666",
"https://issues.apache.org/bugzilla/show_bug.cgi?id=47645",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
],
"score": 7.5,
"services": [
"631/http"
],
"severity": "high",
"summary": "The Solaris pollset feature in the Event Port backend in poll/unix/port.c in the Apache Portable Runtime (APR) library before 1.3.9, as used in the Apache HTTP Server before 2.2.14 and other products, does not properly handle errors, which allows remote attackers to cause a denial of service (daemon hang) via unspecified HTTP requests, related to the prefork and event MPMs.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-667"
},
"CVE-2009-3094": {
"id": "CVE-2009-3094",
"references": [
"http://intevydis.com/vd-list.shtml",
"http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00006.html",
"http://marc.info/?l=bugtraq&m=126998684522511&w=2",
"http://marc.info/?l=bugtraq&m=127557640302499&w=2",
"http://marc.info/?l=bugtraq&m=133355494609819&w=2",
"http://secunia.com/advisories/36549",
"http://secunia.com/advisories/37152",
"http://wiki.rpath.com/Advisories:rPSA-2009-0155",
"http://www-01.ibm.com/support/docview.wss?uid=swg1PK96858",
"http://www-01.ibm.com/support/docview.wss?uid=swg1PM09161",
"http://www.debian.org/security/2009/dsa-1934",
"http://www.intevydis.com/blog/?p=59",
"http://www.securityfocus.com/archive/1/508075/100/0/threaded",
"http://www.vupen.com/english/advisories/2010/0609",
"https://bugzilla.redhat.com/show_bug.cgi?id=521619",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10981",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8087",
"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html",
"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html"
],
"score": 2.6,
"services": [
"631/http"
],
"severity": "low",
"summary": "The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command.",
"vector_string": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"weakness": "CWE-476"
},
"CVE-2009-3095": {
"id": "CVE-2009-3095",
"references": [
"http://intevydis.com/vd-list.shtml",
"http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html",
"http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00006.html",
"http://marc.info/?l=bugtraq&m=126998684522511&w=2",
"http://marc.info/?l=bugtraq&m=126998684522511&w=2",
"http://marc.info/?l=bugtraq&m=127557640302499&w=2",
"http://marc.info/?l=bugtraq&m=127557640302499&w=2",
"http://marc.info/?l=bugtraq&m=130497311408250&w=2",
"http://marc.info/?l=bugtraq&m=130497311408250&w=2",
"http://marc.info/?l=bugtraq&m=133355494609819&w=2",
"http://marc.info/?l=bugtraq&m=133355494609819&w=2",
"http://secunia.com/advisories/37152",
"http://support.apple.com/kb/HT4077",
"http://wiki.rpath.com/Advisories:rPSA-2009-0155",
"http://www.debian.org/security/2009/dsa-1934",
"http://www.securityfocus.com/archive/1/508075/100/0/threaded",
"https://bugzilla.redhat.com/show_bug.cgi?id=522209",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8662",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9363",
"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html",
"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html",
"http://intevydis.com/vd-list.shtml",
"http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html",
"http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00006.html",
"http://marc.info/?l=bugtraq&m=126998684522511&w=2",
"http://marc.info/?l=bugtraq&m=126998684522511&w=2",
"http://marc.info/?l=bugtraq&m=127557640302499&w=2",
"http://marc.info/?l=bugtraq&m=127557640302499&w=2",
"http://marc.info/?l=bugtraq&m=130497311408250&w=2",
"http://marc.info/?l=bugtraq&m=130497311408250&w=2",
"http://marc.info/?l=bugtraq&m=133355494609819&w=2",
"http://marc.info/?l=bugtraq&m=133355494609819&w=2",
"http://secunia.com/advisories/37152",
"http://support.apple.com/kb/HT4077",
"http://wiki.rpath.com/Advisories:rPSA-2009-0155",
"http://www.debian.org/security/2009/dsa-1934",
"http://www.securityfocus.com/archive/1/508075/100/0/threaded",
"https://bugzilla.redhat.com/show_bug.cgi?id=522209",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8662",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9363",
"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html",
"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html"
],
"score": 5,
"services": [
"631/http"
],
"severity": "medium",
"summary": "The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pack Professional 8.11.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"weakness": "NVD-CWE-Other"
},
"CVE-2009-3555": {
"id": "CVE-2009-3555",
"references": [
"http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html",
"http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html",
"http://blogs.iss.net/archive/sslmitmiscsrf.html",
"http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during",
"http://clicky.me/tlsvuln",
"http://extendedsubset.com/?p=8",
"http://extendedsubset.com/Renegotiating_TLS.pdf",
"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686",
"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686",
"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041",
"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751",
"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751",
"http://kbase.redhat.com/faq/docs/DOC-20491",
"http://lists.apple.com/archives/security-announce/2010//May/msg00001.html",
"http://lists.apple.com/archives/security-announce/2010//May/msg00002.html",
"http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html",
"http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html",
"http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html",
"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html",
"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html",
"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html",
"http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html",
"http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html",
"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html",
"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html",
"http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html",
"http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html",
"http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2",
"http://marc.info/?l=bugtraq&m=126150535619567&w=2",
"http://marc.info/?l=bugtraq&m=126150535619567&w=2",
"http://marc.info/?l=bugtraq&m=127128920008563&w=2",
"http://marc.info/?l=bugtraq&m=127128920008563&w=2",
"http://marc.info/?l=bugtraq&m=127419602507642&w=2",
"http://marc.info/?l=bugtraq&m=127419602507642&w=2",
"http://marc.info/?l=bugtraq&m=127557596201693&w=2",
"http://marc.info/?l=bugtraq&m=127557596201693&w=2",
"http://marc.info/?l=bugtraq&m=130497311408250&w=2",
"http://marc.info/?l=bugtraq&m=130497311408250&w=2",
"http://marc.info/?l=bugtraq&m=132077688910227&w=2",
"http://marc.info/?l=bugtraq&m=132077688910227&w=2",
"http://marc.info/?l=bugtraq&m=133469267822771&w=2",
"http://marc.info/?l=bugtraq&m=133469267822771&w=2",
"http://marc.info/?l=bugtraq&m=134254866602253&w=2",
"http://marc.info/?l=bugtraq&m=142660345230545&w=2",
"http://marc.info/?l=bugtraq&m=142660345230545&w=2",
"http://marc.info/?l=cryptography&m=125752275331877&w=2",
"http://openbsd.org/errata45.html#010_openssl",
"http://openbsd.org/errata46.html#004_openssl",
"http://osvdb.org/60521",
"http://osvdb.org/60972",
"http://osvdb.org/62210",
"http://osvdb.org/65202",
"http://seclists.org/fulldisclosure/2009/Nov/139",
"http://secunia.com/advisories/37291",
"http://secunia.com/advisories/37292",
"http://secunia.com/advisories/37320",
"http://secunia.com/advisories/37383",
"http://secunia.com/advisories/37399",
"http://secunia.com/advisories/37453",
"http://secunia.com/advisories/37501",
"http://secunia.com/advisories/37504",
"http://secunia.com/advisories/37604",
"http://secunia.com/advisories/37640",
"http://secunia.com/advisories/37656",
"http://secunia.com/advisories/37675",
"http://secunia.com/advisories/37859",
"http://secunia.com/advisories/38003",
"http://secunia.com/advisories/38020",
"http://secunia.com/advisories/38056",
"http://secunia.com/advisories/38241",
"http://secunia.com/advisories/38484",
"http://secunia.com/advisories/38687",
"http://secunia.com/advisories/38781",
"http://secunia.com/advisories/39127",
"http://secunia.com/advisories/39136",
"http://secunia.com/advisories/39242",
"http://secunia.com/advisories/39243",
"http://secunia.com/advisories/39278",
"http://secunia.com/advisories/39292",
"http://secunia.com/advisories/39317",
"http://secunia.com/advisories/39461",
"http://secunia.com/advisories/39500",
"http://secunia.com/advisories/39628",
"http://secunia.com/advisories/39632",
"http://secunia.com/advisories/39713",
"http://secunia.com/advisories/39819",
"http://secunia.com/advisories/40070",
"http://secunia.com/advisories/40545",
"http://secunia.com/advisories/40747",
"http://secunia.com/advisories/40866",
"http://secunia.com/advisories/41480",
"http://secunia.com/advisories/41490",
"http://secunia.com/advisories/41818",
"http://secunia.com/advisories/41967",
"http://secunia.com/advisories/41972",
"http://secunia.com/advisories/42377",
"http://secunia.com/advisories/42379",
"http://secunia.com/advisories/42467",
"http://secunia.com/advisories/42724",
"http://secunia.com/advisories/42733",
"http://secunia.com/advisories/42808",
"http://secunia.com/advisories/42811",
"http://secunia.com/advisories/42816",
"http://secunia.com/advisories/43308",
"http://secunia.com/advisories/44183",
"http://secunia.com/advisories/44954",
"http://secunia.com/advisories/48577",
"http://security.gentoo.org/glsa/glsa-200912-01.xml",
"http://security.gentoo.org/glsa/glsa-201203-22.xml",
"http://security.gentoo.org/glsa/glsa-201406-32.xml",
"http://securitytracker.com/id?1023148",
"http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1",
"http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1",
"http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1",
"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1",
"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1",
"http://support.apple.com/kb/HT4004",
"http://support.apple.com/kb/HT4170",
"http://support.apple.com/kb/HT4171",
"http://support.avaya.com/css/P8/documents/100070150",
"http://support.avaya.com/css/P8/documents/100081611",
"http://support.avaya.com/css/P8/documents/100114315",
"http://support.avaya.com/css/P8/documents/100114327",
"http://support.citrix.com/article/CTX123359",
"http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES",
"http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released",
"http://sysoev.ru/nginx/patch.cve-2009-3555.txt",
"http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html",
"http://ubuntu.com/usn/usn-923-1",
"http://wiki.rpath.com/Advisories:rPSA-2009-0155",
"http://www-01.ibm.com/support/docview.wss?uid=swg1IC67848",
"http://www-01.ibm.com/support/docview.wss?uid=swg1IC68054",
"http://www-01.ibm.com/support/docview.wss?uid=swg1IC68055",
"http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247",
"http://www-01.ibm.com/support/docview.wss?uid=swg21426108",
"http://www-01.ibm.com/support/docview.wss?uid=swg21432298",
"http://www-01.ibm.com/support/docview.wss?uid=swg24006386",
"http://www-01.ibm.com/support/docview.wss?uid=swg24025312",
"http://www-1.ibm.com/support/search.wss?rs=0&q=PM00675&apar=only",
"http://www.arubanetworks.com/support/alerts/aid-020810.txt",
"http://www.betanews.com/article/1257452450",
"http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml",
"http://www.debian.org/security/2009/dsa-1934",
"http://www.debian.org/security/2011/dsa-2141",
"http://www.debian.org/security/2015/dsa-3253",
"http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html",
"http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html",
"http://www.ietf.org/mail-archive/web/tls/current/msg03928.html",
"http://www.ietf.org/mail-archive/web/tls/current/msg03948.html",
"http://www.ingate.com/Relnote.php?ver=481",
"http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995",
"http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995",
"http://www.kb.cert.org/vuls/id/120541",
"http://www.links.org/?p=780",
"http://www.links.org/?p=786",
"http://www.links.org/?p=789",
"http://www.mandriva.com/security/advisories?name=MDVSA-2010:076",
"http://www.mandriva.com/security/advisories?name=MDVSA-2010:084",
"http://www.mandriva.com/security/advisories?name=MDVSA-2010:089",
"http://www.mozilla.org/security/announce/2010/mfsa2010-22.html",
"http://www.openoffice.org/security/cves/CVE-2009-3555.html",
"http://www.openssl.org/news/secadv_20091111.txt",
"http://www.openwall.com/lists/oss-security/2009/11/05/3",
"http://www.openwall.com/lists/oss-security/2009/11/05/5",
"http://www.openwall.com/lists/oss-security/2009/11/06/3",
"http://www.openwall.com/lists/oss-security/2009/11/07/3",
"http://www.openwall.com/lists/oss-security/2009/11/20/1",
"http://www.openwall.com/lists/oss-security/2009/11/23/10",
"http://www.opera.com/docs/changelogs/unix/1060/",
"http://www.opera.com/support/search/view/944/",
"http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html",
"http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html",
"http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html",
"http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c",
"http://www.redhat.com/support/errata/RHSA-2010-0119.html",
"http://www.redhat.com/support/errata/RHSA-2010-0130.html",
"http://www.redhat.com/support/errata/RHSA-2010-0155.html",
"http://www.redhat.com/support/errata/RHSA-2010-0165.html",
"http://www.redhat.com/support/errata/RHSA-2010-0167.html",
"http://www.redhat.com/support/errata/RHSA-2010-0337.html",
"http://www.redhat.com/support/errata/RHSA-2010-0338.html",
"http://www.redhat.com/support/errata/RHSA-2010-0339.html",
"http://www.redhat.com/support/errata/RHSA-2010-0768.html",
"http://www.redhat.com/support/errata/RHSA-2010-0770.html",
"http://www.redhat.com/support/errata/RHSA-2010-0786.html",
"http://www.redhat.com/support/errata/RHSA-2010-0807.html",
"http://www.redhat.com/support/errata/RHSA-2010-0865.html",
"http://www.redhat.com/support/errata/RHSA-2010-0986.html",
"http://www.redhat.com/support/errata/RHSA-2010-0987.html",
"http://www.redhat.com/support/errata/RHSA-2011-0880.html",
"http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html",
"http://www.securityfocus.com/archive/1/507952/100/0/threaded",
"http://www.securityfocus.com/archive/1/508075/100/0/threaded",
"http://www.securityfocus.com/archive/1/508130/100/0/threaded",
"http://www.securityfocus.com/archive/1/515055/100/0/threaded",
"http://www.securityfocus.com/archive/1/516397/100/0/threaded",
"http://www.securityfocus.com/archive/1/522176",
"http://www.securityfocus.com/archive/1/522176",
"http://www.securityfocus.com/bid/36935",
"http://www.securitytracker.com/id?1023163",
"http://www.securitytracker.com/id?1023204",
"http://www.securitytracker.com/id?1023205",
"http://www.securitytracker.com/id?1023206",
"http://www.securitytracker.com/id?1023207",
"http://www.securitytracker.com/id?1023208",
"http://www.securitytracker.com/id?1023209",
"http://www.securitytracker.com/id?1023210",
"http://www.securitytracker.com/id?1023211",
"http://www.securitytracker.com/id?1023212",
"http://www.securitytracker.com/id?1023213",
"http://www.securitytracker.com/id?1023214",
"http://www.securitytracker.com/id?1023215",
"http://www.securitytracker.com/id?1023216",
"http://www.securitytracker.com/id?1023217",
"http://www.securitytracker.com/id?1023218",
"http://www.securitytracker.com/id?1023219",
"http://www.securitytracker.com/id?1023224",
"http://www.securitytracker.com/id?1023243",
"http://www.securitytracker.com/id?1023270",
"http://www.securitytracker.com/id?1023271",
"http://www.securitytracker.com/id?1023272",
"http://www.securitytracker.com/id?1023273",
"http://www.securitytracker.com/id?1023274",
"http://www.securitytracker.com/id?1023275",
"http://www.securitytracker.com/id?1023411",
"http://www.securitytracker.com/id?1023426",
"http://www.securitytracker.com/id?1023427",
"http://www.securitytracker.com/id?1023428",
"http://www.securitytracker.com/id?1024789",
"http://www.tombom.co.uk/blog/?p=85",
"http://www.ubuntu.com/usn/USN-1010-1",
"http://www.ubuntu.com/usn/USN-927-1",
"http://www.ubuntu.com/usn/USN-927-4",
"http://www.ubuntu.com/usn/USN-927-5",
"http://www.us-cert.gov/cas/techalerts/TA10-222A.html",
"http://www.us-cert.gov/cas/techalerts/TA10-287A.html",
"http://www.vmware.com/security/advisories/VMSA-2010-0019.html",
"http://www.vmware.com/security/advisories/VMSA-2011-0003.html",
"http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html",
"http://www.vupen.com/english/advisories/2009/3164",
"http://www.vupen.com/english/advisories/2009/3165",
"http://www.vupen.com/english/advisories/2009/3205",
"http://www.vupen.com/english/advisories/2009/3220",
"http://www.vupen.com/english/advisories/2009/3310",
"http://www.vupen.com/english/advisories/2009/3313",
"http://www.vupen.com/english/advisories/2009/3353",
"http://www.vupen.com/english/advisories/2009/3354",
"http://www.vupen.com/english/advisories/2009/3484",
"http://www.vupen.com/english/advisories/2009/3521",
"http://www.vupen.com/english/advisories/2009/3587",
"http://www.vupen.com/english/advisories/2010/0086",
"http://www.vupen.com/english/advisories/2010/0173",
"http://www.vupen.com/english/advisories/2010/0748",
"http://www.vupen.com/english/advisories/2010/0848",
"http://www.vupen.com/english/advisories/2010/0916",
"http://www.vupen.com/english/advisories/2010/0933",
"http://www.vupen.com/english/advisories/2010/0982",
"http://www.vupen.com/english/advisories/2010/0994",
"http://www.vupen.com/english/advisories/2010/1054",
"http://www.vupen.com/english/advisories/2010/1107",
"http://www.vupen.com/english/advisories/2010/1191",
"http://www.vupen.com/english/advisories/2010/1350",
"http://www.vupen.com/english/advisories/2010/1639",
"http://www.vupen.com/english/advisories/2010/1673",
"http://www.vupen.com/english/advisories/2010/1793",
"http://www.vupen.com/english/advisories/2010/2010",
"http://www.vupen.com/english/advisories/2010/2745",
"http://www.vupen.com/english/advisories/2010/3069",
"http://www.vupen.com/english/advisories/2010/3086",
"http://www.vupen.com/english/advisories/2010/3126",
"http://www.vupen.com/english/advisories/2011/0032",
"http://www.vupen.com/english/advisories/2011/0033",
"http://www.vupen.com/english/advisories/2011/0086",
"http://xss.cx/examples/plesk-reports/plesk-parallels-controlpanel-psa.v.10.3.1_build1013110726.09%20os_redhat.el6-billing-system-plugin-javascript-injection-example-poc-report.html",
"https://bugzilla.mozilla.org/show_bug.cgi?id=526689",
"https://bugzilla.mozilla.org/show_bug.cgi?id=545755",
"https://bugzilla.redhat.com/show_bug.cgi?id=533125",
"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/54158",
"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888",
"https://kb.bluecoat.com/index?page=content&id=SA50",
"https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E",
"https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E",
"https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E",
"https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10088",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11578",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11617",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7315",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7478",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7973",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8366",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8535",
"https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html",
"https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt",
"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html",
"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html",
"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html",
"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.html",
"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html",
"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html",
"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.html",
"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.html",
"http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html",
"http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html",
"http://blogs.iss.net/archive/sslmitmiscsrf.html",
"http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during",
"http://clicky.me/tlsvuln",
"http://extendedsubset.com/?p=8",
"http://extendedsubset.com/Renegotiating_TLS.pdf",
"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686",
"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686",
"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041",
"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751",
"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751",
"http://kbase.redhat.com/faq/docs/DOC-20491",
"http://lists.apple.com/archives/security-announce/2010//May/msg00001.html",
"http://lists.apple.com/archives/security-announce/2010//May/msg00002.html",
"http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html",
"http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html",
"http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html",
"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html",
"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html",
"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html",
"http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html",
"http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html",
"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html",
"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html",
"http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html",
"http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html",
"http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2",
"http://marc.info/?l=bugtraq&m=126150535619567&w=2",
"http://marc.info/?l=bugtraq&m=126150535619567&w=2",
"http://marc.info/?l=bugtraq&m=127128920008563&w=2",
"http://marc.info/?l=bugtraq&m=127128920008563&w=2",
"http://marc.info/?l=bugtraq&m=127419602507642&w=2",
"http://marc.info/?l=bugtraq&m=127419602507642&w=2",
"http://marc.info/?l=bugtraq&m=127557596201693&w=2",
"http://marc.info/?l=bugtraq&m=127557596201693&w=2",
"http://marc.info/?l=bugtraq&m=130497311408250&w=2",
"http://marc.info/?l=bugtraq&m=130497311408250&w=2",
"http://marc.info/?l=bugtraq&m=132077688910227&w=2",
"http://marc.info/?l=bugtraq&m=132077688910227&w=2",
"http://marc.info/?l=bugtraq&m=133469267822771&w=2",
"http://marc.info/?l=bugtraq&m=133469267822771&w=2",
"http://marc.info/?l=bugtraq&m=134254866602253&w=2",
"http://marc.info/?l=bugtraq&m=142660345230545&w=2",
"http://marc.info/?l=bugtraq&m=142660345230545&w=2",
"http://marc.info/?l=cryptography&m=125752275331877&w=2",
"http://openbsd.org/errata45.html#010_openssl",
"http://openbsd.org/errata46.html#004_openssl",
"http://osvdb.org/60521",
"http://osvdb.org/60972",
"http://osvdb.org/62210",
"http://osvdb.org/65202",
"http://seclists.org/fulldisclosure/2009/Nov/139",
"http://secunia.com/advisories/37291",
"http://secunia.com/advisories/37292",
"http://secunia.com/advisories/37320",
"http://secunia.com/advisories/37383",
"http://secunia.com/advisories/37399",
"http://secunia.com/advisories/37453",
"http://secunia.com/advisories/37501",
"http://secunia.com/advisories/37504",
"http://secunia.com/advisories/37604",
"http://secunia.com/advisories/37640",
"http://secunia.com/advisories/37656",
"http://secunia.com/advisories/37675",
"http://secunia.com/advisories/37859",
"http://secunia.com/advisories/38003",
"http://secunia.com/advisories/38020",
"http://secunia.com/advisories/38056",
"http://secunia.com/advisories/38241",
"http://secunia.com/advisories/38484",
"http://secunia.com/advisories/38687",
"http://secunia.com/advisories/38781",
"http://secunia.com/advisories/39127",
"http://secunia.com/advisories/39136",
"http://secunia.com/advisories/39242",
"http://secunia.com/advisories/39243",
"http://secunia.com/advisories/39278",
"http://secunia.com/advisories/39292",
"http://secunia.com/advisories/39317",
"http://secunia.com/advisories/39461",
"http://secunia.com/advisories/39500",
"http://secunia.com/advisories/39628",
"http://secunia.com/advisories/39632",
"http://secunia.com/advisories/39713",
"http://secunia.com/advisories/39819",
"http://secunia.com/advisories/40070",
"http://secunia.com/advisories/40545",
"http://secunia.com/advisories/40747",
"http://secunia.com/advisories/40866",
"http://secunia.com/advisories/41480",
"http://secunia.com/advisories/41490",
"http://secunia.com/advisories/41818",
"http://secunia.com/advisories/41967",
"http://secunia.com/advisories/41972",
"http://secunia.com/advisories/42377",
"http://secunia.com/advisories/42379",
"http://secunia.com/advisories/42467",
"http://secunia.com/advisories/42724",
"http://secunia.com/advisories/42733",
"http://secunia.com/advisories/42808",
"http://secunia.com/advisories/42811",
"http://secunia.com/advisories/42816",
"http://secunia.com/advisories/43308",
"http://secunia.com/advisories/44183",
"http://secunia.com/advisories/44954",
"http://secunia.com/advisories/48577",
"http://security.gentoo.org/glsa/glsa-200912-01.xml",
"http://security.gentoo.org/glsa/glsa-201203-22.xml",
"http://security.gentoo.org/glsa/glsa-201406-32.xml",
"http://securitytracker.com/id?1023148",
"http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446",
"http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1",
"http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1",
"http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1",
"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1",
"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1",
"http://support.apple.com/kb/HT4004",
"http://support.apple.com/kb/HT4170",
"http://support.apple.com/kb/HT4171",
"http://support.avaya.com/css/P8/documents/100070150",
"http://support.avaya.com/css/P8/documents/100081611",
"http://support.avaya.com/css/P8/documents/100114315",
"http://support.avaya.com/css/P8/documents/100114327",
"http://support.citrix.com/article/CTX123359",
"http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES",
"http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released",
"http://sysoev.ru/nginx/patch.cve-2009-3555.txt",
"http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html",
"http://ubuntu.com/usn/usn-923-1",
"http://wiki.rpath.com/Advisories:rPSA-2009-0155",
"http://www-01.ibm.com/support/docview.wss?uid=swg1IC67848",
"http://www-01.ibm.com/support/docview.wss?uid=swg1IC68054",
"http://www-01.ibm.com/support/docview.wss?uid=swg1IC68055",
"http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247",
"http://www-01.ibm.com/support/docview.wss?uid=swg21426108",
"http://www-01.ibm.com/support/docview.wss?uid=swg21432298",
"http://www-01.ibm.com/support/docview.wss?uid=swg24006386",
"http://www-01.ibm.com/support/docview.wss?uid=swg24025312",
"http://www-1.ibm.com/support/search.wss?rs=0&q=PM00675&apar=only",
"http://www.arubanetworks.com/support/alerts/aid-020810.txt",
"http://www.betanews.com/article/1257452450",
"http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml",
"http://www.debian.org/security/2009/dsa-1934",
"http://www.debian.org/security/2011/dsa-2141",
"http://www.debian.org/security/2015/dsa-3253",
"http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html",
"http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html",
"http://www.ietf.org/mail-archive/web/tls/current/msg03928.html",
"http://www.ietf.org/mail-archive/web/tls/current/msg03948.html",
"http://www.ingate.com/Relnote.php?ver=481",
"http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995",
"http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995",
"http://www.kb.cert.org/vuls/id/120541",
"http://www.links.org/?p=780",
"http://www.links.org/?p=786",
"http://www.links.org/?p=789",
"http://www.mandriva.com/security/advisories?name=MDVSA-2010:076",
"http://www.mandriva.com/security/advisories?name=MDVSA-2010:084",
"http://www.mandriva.com/security/advisories?name=MDVSA-2010:089",
"http://www.mozilla.org/security/announce/2010/mfsa2010-22.html",
"http://www.openoffice.org/security/cves/CVE-2009-3555.html",
"http://www.openssl.org/news/secadv_20091111.txt",
"http://www.openwall.com/lists/oss-security/2009/11/05/3",
"http://www.openwall.com/lists/oss-security/2009/11/05/5",
"http://www.openwall.com/lists/oss-security/2009/11/06/3",
"http://www.openwall.com/lists/oss-security/2009/11/07/3",
"http://www.openwall.com/lists/oss-security/2009/11/20/1",
"http://www.openwall.com/lists/oss-security/2009/11/23/10",
"http://www.opera.com/docs/changelogs/unix/1060/",
"http://www.opera.com/support/search/view/944/",
"http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html",
"http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html",
"http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html",
"http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c",
"http://www.redhat.com/support/errata/RHSA-2010-0119.html",
"http://www.redhat.com/support/errata/RHSA-2010-0130.html",
"http://www.redhat.com/support/errata/RHSA-2010-0155.html",
"http://www.redhat.com/support/errata/RHSA-2010-0165.html",
"http://www.redhat.com/support/errata/RHSA-2010-0167.html",
"http://www.redhat.com/support/errata/RHSA-2010-0337.html",
"http://www.redhat.com/support/errata/RHSA-2010-0338.html",
"http://www.redhat.com/support/errata/RHSA-2010-0339.html",
"http://www.redhat.com/support/errata/RHSA-2010-0768.html",
"http://www.redhat.com/support/errata/RHSA-2010-0770.html",
"http://www.redhat.com/support/errata/RHSA-2010-0786.html",
"http://www.redhat.com/support/errata/RHSA-2010-0807.html",
"http://www.redhat.com/support/errata/RHSA-2010-0865.html",
"http://www.redhat.com/support/errata/RHSA-2010-0986.html",
"http://www.redhat.com/support/errata/RHSA-2010-0987.html",
"http://www.redhat.com/support/errata/RHSA-2011-0880.html",
"http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html",
"http://www.securityfocus.com/archive/1/507952/100/0/threaded",
"http://www.securityfocus.com/archive/1/508075/100/0/threaded",
"http://www.securityfocus.com/archive/1/508130/100/0/threaded",
"http://www.securityfocus.com/archive/1/515055/100/0/threaded",
"http://www.securityfocus.com/archive/1/516397/100/0/threaded",
"http://www.securityfocus.com/archive/1/522176",
"http://www.securityfocus.com/archive/1/522176",
"http://www.securityfocus.com/bid/36935",
"http://www.securitytracker.com/id?1023163",
"http://www.securitytracker.com/id?1023204",
"http://www.securitytracker.com/id?1023205",
"http://www.securitytracker.com/id?1023206",
"http://www.securitytracker.com/id?1023207",
"http://www.securitytracker.com/id?1023208",
"http://www.securitytracker.com/id?1023209",
"http://www.securitytracker.com/id?1023210",
"http://www.securitytracker.com/id?1023211",
"http://www.securitytracker.com/id?1023212",
"http://www.securitytracker.com/id?1023213",
"http://www.securitytracker.com/id?1023214",
"http://www.securitytracker.com/id?1023215",
"http://www.securitytracker.com/id?1023216",
"http://www.securitytracker.com/id?1023217",
"http://www.securitytracker.com/id?1023218",
"http://www.securitytracker.com/id?1023219",
"http://www.securitytracker.com/id?1023224",
"http://www.securitytracker.com/id?1023243",
"http://www.securitytracker.com/id?1023270",
"http://www.securitytracker.com/id?1023271",
"http://www.securitytracker.com/id?1023272",
"http://www.securitytracker.com/id?1023273",
"http://www.securitytracker.com/id?1023274",
"http://www.securitytracker.com/id?1023275",
"http://www.securitytracker.com/id?1023411",
"http://www.securitytracker.com/id?1023426",
"http://www.securitytracker.com/id?1023427",
"http://www.securitytracker.com/id?1023428",
"http://www.securitytracker.com/id?1024789",
"http://www.tombom.co.uk/blog/?p=85",
"http://www.ubuntu.com/usn/USN-1010-1",
"http://www.ubuntu.com/usn/USN-927-1",
"http://www.ubuntu.com/usn/USN-927-4",
"http://www.ubuntu.com/usn/USN-927-5",
"http://www.us-cert.gov/cas/techalerts/TA10-222A.html",
"http://www.us-cert.gov/cas/techalerts/TA10-287A.html",
"http://www.vmware.com/security/advisories/VMSA-2010-0019.html",
"http://www.vmware.com/security/advisories/VMSA-2011-0003.html",
"http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html",
"http://www.vupen.com/english/advisories/2009/3164",
"http://www.vupen.com/english/advisories/2009/3165",
"http://www.vupen.com/english/advisories/2009/3205",
"http://www.vupen.com/english/advisories/2009/3220",
"http://www.vupen.com/english/advisories/2009/3310",
"http://www.vupen.com/english/advisories/2009/3313",
"http://www.vupen.com/english/advisories/2009/3353",
"http://www.vupen.com/english/advisories/2009/3354",
"http://www.vupen.com/english/advisories/2009/3484",
"http://www.vupen.com/english/advisories/2009/3521",
"http://www.vupen.com/english/advisories/2009/3587",
"http://www.vupen.com/english/advisories/2010/0086",
"http://www.vupen.com/english/advisories/2010/0173",
"http://www.vupen.com/english/advisories/2010/0748",
"http://www.vupen.com/english/advisories/2010/0848",
"http://www.vupen.com/english/advisories/2010/0916",
"http://www.vupen.com/english/advisories/2010/0933",
"http://www.vupen.com/english/advisories/2010/0982",
"http://www.vupen.com/english/advisories/2010/0994",
"http://www.vupen.com/english/advisories/2010/1054",
"http://www.vupen.com/english/advisories/2010/1107",
"http://www.vupen.com/english/advisories/2010/1191",
"http://www.vupen.com/english/advisories/2010/1350",
"http://www.vupen.com/english/advisories/2010/1639",
"http://www.vupen.com/english/advisories/2010/1673",
"http://www.vupen.com/english/advisories/2010/1793",
"http://www.vupen.com/english/advisories/2010/2010",
"http://www.vupen.com/english/advisories/2010/2745",
"http://www.vupen.com/english/advisories/2010/3069",
"http://www.vupen.com/english/advisories/2010/3086",
"http://www.vupen.com/english/advisories/2010/3126",
"http://www.vupen.com/english/advisories/2011/0032",
"http://www.vupen.com/english/advisories/2011/0033",
"http://www.vupen.com/english/advisories/2011/0086",
"http://xss.cx/examples/plesk-reports/plesk-parallels-controlpanel-psa.v.10.3.1_build1013110726.09%20os_redhat.el6-billing-system-plugin-javascript-injection-example-poc-report.html",
"https://bugzilla.mozilla.org/show_bug.cgi?id=526689",
"https://bugzilla.mozilla.org/show_bug.cgi?id=545755",
"https://bugzilla.redhat.com/show_bug.cgi?id=533125",
"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/54158",
"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888",
"https://kb.bluecoat.com/index?page=content&id=SA50",
"https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E",
"https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E",
"https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E",
"https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10088",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11578",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11617",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7315",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7478",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7973",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8366",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8535",
"https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html",
"https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt",
"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html",
"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html",
"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html",
"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.html",
"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html",
"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html",
"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.html",
"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.html"
],
"score": 5.8,
"services": [
"631/http"
],
"severity": "medium",
"summary": "The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a \"plaintext injection\" attack, aka the \"Project Mogul\" issue.",
"vector_string": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"weakness": "CWE-295"
},
"CVE-2009-3560": {
"id": "CVE-2009-3560",
"references": [
"http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.164&r2=1.165",
"http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?view=log#rev1.165",
"http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00007.html",
"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html",
"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html",
"http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html",
"http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html",
"http://lists.vmware.com/pipermail/security-announce/2010/000082.html",
"http://mail.python.org/pipermail/expat-bugs/2009-November/002846.html",
"http://marc.info/?l=bugtraq&m=130168502603566&w=2",
"http://secunia.com/advisories/37537",
"http://secunia.com/advisories/38231",
"http://secunia.com/advisories/38794",
"http://secunia.com/advisories/38832",
"http://secunia.com/advisories/38834",
"http://secunia.com/advisories/39478",
"http://secunia.com/advisories/41701",
"http://secunia.com/advisories/43300",
"http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.486026",
"http://sunsolve.sun.com/search/document.do?assetkey=1-66-273630-1",
"http://www.debian.org/security/2009/dsa-1953",
"http://www.mandriva.com/security/advisories?name=MDVSA-2009:316",
"http://www.redhat.com/support/errata/RHSA-2011-0896.html",
"http://www.securityfocus.com/bid/37203",
"http://www.securitytracker.com/id?1023278",
"http://www.ubuntu.com/usn/USN-890-1",
"http://www.ubuntu.com/usn/USN-890-6",
"http://www.vupen.com/english/advisories/2010/0528",
"http://www.vupen.com/english/advisories/2010/0896",
"http://www.vupen.com/english/advisories/2010/1107",
"http://www.vupen.com/english/advisories/2011/0359",
"https://bugzilla.redhat.com/show_bug.cgi?id=533174",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10613",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12942",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6883",
"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00370.html",
"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00394.html",
"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00413.html"
],
"score": 5,
"services": [
"631/http"
],
"severity": "medium",
"summary": "The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with malformed UTF-8 sequences that trigger a buffer over-read, related to the doProlog function in lib/xmlparse.c, a different vulnerability than CVE-2009-2625 and CVE-2009-3720.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "CWE-119"
},
"CVE-2009-3720": {
"id": "CVE-2009-3720",
"references": [
"http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmltok_impl.c?r1=1.13&r2=1.15&view=patch",
"http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmltok_impl.c?view=log",
"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051228.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051247.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051367.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051405.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051442.html",
"http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html",
"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html",
"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html",
"http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html",
"http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html",
"http://lists.vmware.com/pipermail/security-announce/2010/000082.html",
"http://mail.python.org/pipermail/expat-bugs/2009-January/002781.html",
"http://marc.info/?l=bugtraq&m=130168502603566&w=2",
"http://secunia.com/advisories/37324",
"http://secunia.com/advisories/37537",
"http://secunia.com/advisories/37925",
"http://secunia.com/advisories/38050",
"http://secunia.com/advisories/38231",
"http://secunia.com/advisories/38794",
"http://secunia.com/advisories/38832",
"http://secunia.com/advisories/38834",
"http://secunia.com/advisories/39478",
"http://secunia.com/advisories/41701",
"http://secunia.com/advisories/42326",
"http://secunia.com/advisories/42338",
"http://secunia.com/advisories/43300",
"http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.486026",
"http://sourceforge.net/tracker/index.php?func=detail&aid=1990430&group_id=10127&atid=110127",
"http://sunsolve.sun.com/search/document.do?assetkey=1-66-273630-1",
"http://svn.python.org/view?view=rev&revision=74429",
"http://www.mandriva.com/security/advisories?name=MDVSA-2009:211",
"http://www.mandriva.com/security/advisories?name=MDVSA-2009:212",
"http://www.mandriva.com/security/advisories?name=MDVSA-2009:215",
"http://www.mandriva.com/security/advisories?name=MDVSA-2009:216",
"http://www.mandriva.com/security/advisories?name=MDVSA-2009:217",
"http://www.mandriva.com/security/advisories?name=MDVSA-2009:218",
"http://www.mandriva.com/security/advisories?name=MDVSA-2009:219",
"http://www.mandriva.com/security/advisories?name=MDVSA-2009:220",
"http://www.openwall.com/lists/oss-security/2009/08/21/2",
"http://www.openwall.com/lists/oss-security/2009/08/26/3",
"http://www.openwall.com/lists/oss-security/2009/08/26/4",
"http://www.openwall.com/lists/oss-security/2009/08/27/6",
"http://www.openwall.com/lists/oss-security/2009/09/06/1",
"http://www.openwall.com/lists/oss-security/2009/10/22/5",
"http://www.openwall.com/lists/oss-security/2009/10/22/9",
"http://www.openwall.com/lists/oss-security/2009/10/23/2",
"http://www.openwall.com/lists/oss-security/2009/10/23/6",
"http://www.openwall.com/lists/oss-security/2009/10/26/3",
"http://www.openwall.com/lists/oss-security/2009/10/28/3",
"http://www.redhat.com/support/errata/RHSA-2010-0002.html",
"http://www.redhat.com/support/errata/RHSA-2011-0896.html",
"http://www.securitytracker.com/id?1023160",
"http://www.ubuntu.com/usn/USN-890-1",
"http://www.ubuntu.com/usn/USN-890-6",
"http://www.vupen.com/english/advisories/2010/0528",
"http://www.vupen.com/english/advisories/2010/0896",
"http://www.vupen.com/english/advisories/2010/1107",
"http://www.vupen.com/english/advisories/2010/3035",
"http://www.vupen.com/english/advisories/2010/3053",
"http://www.vupen.com/english/advisories/2010/3061",
"http://www.vupen.com/english/advisories/2011/0359",
"https://bugs.gentoo.org/show_bug.cgi?id=280615",
"https://bugzilla.redhat.com/show_bug.cgi?id=531697",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11019",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12719",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7112",
"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00370.html",
"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00413.html",
"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01274.html"
],
"score": 5,
"services": [
"631/http"
],
"severity": "medium",
"summary": "The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafted UTF-8 sequences that trigger a buffer over-read, a different vulnerability than CVE-2009-2625.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2009-4444": {
"id": "CVE-2009-4444",
"references": [
"http://blogs.technet.com/msrc/archive/2009/12/27/new-reports-of-a-vulnerability-in-iis.aspx",
"http://secunia.com/advisories/37831",
"http://securitytracker.com/id?1023387",
"http://soroush.secproject.com/downloadable/iis-semicolon-report.pdf",
"http://www.securityfocus.com/bid/37460",
"http://www.vupen.com/english/advisories/2009/3634"
],
"score": 6,
"services": [
"27017/http"
],
"severity": "medium",
"summary": "Microsoft Internet Information Services (IIS) 5.x and 6.x uses only the portion of a filename before a ; (semicolon) character to determine the file extension, which allows remote attackers to bypass intended extension restrictions of third-party upload applications via a filename with a (1) .asp, (2) .cer, or (3) .asa first extension, followed by a semicolon and a safe extension, as demonstrated by the use of asp.dll to handle a .asp;.jpg file.",
"vector_string": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2009-4445": {
"id": "CVE-2009-4445",
"references": [
"http://securitytracker.com/id?1023387",
"http://soroush.secproject.com/downloadable/iis-semicolon-report.pdf",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/55308",
"http://securitytracker.com/id?1023387",
"http://soroush.secproject.com/downloadable/iis-semicolon-report.pdf",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/55308"
],
"score": 6,
"services": [
"27017/http"
],
"severity": "medium",
"summary": "Microsoft Internet Information Services (IIS), when used in conjunction with unspecified third-party upload applications, allows remote attackers to create empty files with arbitrary extensions via a filename containing an initial extension followed by a : (colon) and a safe extension, as demonstrated by an upload of a .asp:.jpg file that results in creation of an empty .asp file, related to support for the NTFS Alternate Data Streams (ADS) filename syntax. NOTE: it could be argued that this is a vulnerability in the third-party product, not IIS, because the third-party product should be applying its extension restrictions to the portion of the filename before the colon.",
"vector_string": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"weakness": "CWE-20"
},
"CVE-2010-0408": {
"id": "CVE-2010-0408",
"references": [
"http://httpd.apache.org/security/vulnerabilities_22.html",
"http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html",
"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html",
"http://marc.info/?l=bugtraq&m=127557640302499&w=2",
"http://secunia.com/advisories/39100",
"http://secunia.com/advisories/39501",
"http://secunia.com/advisories/39628",
"http://secunia.com/advisories/39632",
"http://secunia.com/advisories/39656",
"http://secunia.com/advisories/40096",
"http://support.apple.com/kb/HT4435",
"http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_ajp.c?r1=917876&r2=917875&pathrev=917876",
"http://svn.apache.org/viewvc?view=revision&revision=917876",
"http://www-01.ibm.com/support/docview.wss?uid=swg1PM08939",
"http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247",
"http://www-01.ibm.com/support/docview.wss?uid=swg1PM15829",
"http://www.debian.org/security/2010/dsa-2035",
"http://www.mandriva.com/security/advisories?name=MDVSA-2010:053",
"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150",
"http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html",
"http://www.redhat.com/support/errata/RHSA-2010-0168.html",
"http://www.securityfocus.com/bid/38491",
"http://www.vupen.com/english/advisories/2010/0911",
"http://www.vupen.com/english/advisories/2010/0994",
"http://www.vupen.com/english/advisories/2010/1001",
"http://www.vupen.com/english/advisories/2010/1057",
"http://www.vupen.com/english/advisories/2010/1411",
"https://bugzilla.redhat.com/show_bug.cgi?id=569905",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8619",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9935"
],
"score": 5,
"services": [
"631/http"
],
"severity": "medium",
"summary": "The ap_proxy_ajp_request function in mod_proxy_ajp.c in mod_proxy_ajp in the Apache HTTP Server 2.2.x before 2.2.15 does not properly handle certain situations in which a client sends no request body, which allows remote attackers to cause a denial of service (backend server outage) via a crafted request, related to use of a 500 error code instead of the appropriate 400 error code.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "NVD-CWE-Other"
},
"CVE-2010-0425": {
"id": "CVE-2010-0425",
"references": [
"http://httpd.apache.org/security/vulnerabilities_20.html",
"http://httpd.apache.org/security/vulnerabilities_22.html",
"http://lists.vmware.com/pipermail/security-announce/2010/000105.html",
"http://secunia.com/advisories/38978",
"http://secunia.com/advisories/39628",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?r1=917870&r2=917869&pathrev=917870",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/arch/win32/mod_isapi.c?r1=917870&r2=917869&pathrev=917870",
"http://svn.apache.org/viewvc?view=revision&revision=917870",
"http://www-01.ibm.com/support/docview.wss?uid=swg1PM09447",
"http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247",
"http://www.kb.cert.org/vuls/id/280613",
"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html",
"http://www.securityfocus.com/bid/38494",
"http://www.securitytracker.com/id?1023701",
"http://www.senseofsecurity.com.au/advisories/SOS-10-002",
"http://www.vmware.com/security/advisories/VMSA-2010-0014.html",
"http://www.vupen.com/english/advisories/2010/0634",
"http://www.vupen.com/english/advisories/2010/0994",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/56624",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8439",
"https://www.exploit-db.com/exploits/11650"
],
"score": 10,
"services": [
"631/http"
],
"severity": "high",
"summary": "modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server 2.0.37 through 2.0.63, 2.2.0 through 2.2.14, and 2.3.x before 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapi_unload for an ISAPI .dll module, which allows remote attackers to execute arbitrary code via unspecified vectors related to a crafted request, a reset packet, and \"orphaned callback pointers.\"",
"vector_string": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2010-0434": {
"id": "CVE-2010-0434",
"references": [
"http://httpd.apache.org/security/vulnerabilities_22.html",
"http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html",
"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html",
"http://lists.vmware.com/pipermail/security-announce/2010/000105.html",
"http://marc.info/?l=bugtraq&m=127557640302499&w=2",
"http://secunia.com/advisories/39100",
"http://secunia.com/advisories/39115",
"http://secunia.com/advisories/39501",
"http://secunia.com/advisories/39628",
"http://secunia.com/advisories/39632",
"http://secunia.com/advisories/39656",
"http://secunia.com/advisories/40096",
"http://support.apple.com/kb/HT4435",
"http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/server/protocol.c?r1=917617&r2=917867&pathrev=917867&diff_format=h",
"http://svn.apache.org/viewvc?view=revision&revision=917867",
"http://svn.apache.org/viewvc?view=revision&revision=918427",
"http://www-01.ibm.com/support/docview.wss?uid=swg1PM08939",
"http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247",
"http://www-01.ibm.com/support/docview.wss?uid=swg1PM15829",
"http://www.debian.org/security/2010/dsa-2035",
"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html",
"http://www.redhat.com/support/errata/RHSA-2010-0168.html",
"http://www.redhat.com/support/errata/RHSA-2010-0175.html",
"http://www.securityfocus.com/bid/38494",
"http://www.vmware.com/security/advisories/VMSA-2010-0014.html",
"http://www.vupen.com/english/advisories/2010/0911",
"http://www.vupen.com/english/advisories/2010/0994",
"http://www.vupen.com/english/advisories/2010/1001",
"http://www.vupen.com/english/advisories/2010/1057",
"http://www.vupen.com/english/advisories/2010/1411",
"https://bugzilla.redhat.com/show_bug.cgi?id=570171",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/56625",
"https://issues.apache.org/bugzilla/show_bug.cgi?id=48359",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10358",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8695"
],
"score": 4.3,
"services": [
"631/http"
],
"severity": "medium",
"summary": "The ap_read_request function in server/protocol.c in the Apache HTTP Server 2.2.x before 2.2.15, when a multithreaded MPM is used, does not properly handle headers in subrequests in certain circumstances involving a parent request that has a body, which might allow remote attackers to obtain sensitive information via a crafted request that triggers access to memory locations associated with an earlier request.",
"vector_string": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"weakness": "CWE-200"
},
"CVE-2010-1452": {
"id": "CVE-2010-1452",
"references": [
"http://blogs.sun.com/security/entry/cve_2010_1452_mod_dav",
"http://httpd.apache.org/security/vulnerabilities_22.html",
"http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html",
"http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00009.html",
"http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00008.html",
"http://marc.info/?l=apache-announce&m=128009718610929&w=2",
"http://marc.info/?l=bugtraq&m=129190899612998&w=2",
"http://marc.info/?l=bugtraq&m=133355494609819&w=2",
"http://secunia.com/advisories/42367",
"http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.467395",
"http://support.apple.com/kb/HT4581",
"http://ubuntu.com/usn/usn-1021-1",
"http://www.redhat.com/support/errata/RHSA-2010-0659.html",
"http://www.redhat.com/support/errata/RHSA-2011-0896.html",
"http://www.redhat.com/support/errata/RHSA-2011-0897.html",
"http://www.vupen.com/english/advisories/2010/2218",
"http://www.vupen.com/english/advisories/2010/3064",
"http://www.vupen.com/english/advisories/2011/0291",
"https://issues.apache.org/bugzilla/show_bug.cgi?id=49246",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11683",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12341"
],
"score": 5,
"services": [
"631/http"
],
"severity": "medium",
"summary": "The (1) mod_cache and (2) mod_dav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service (process crash) via a request that lacks a path.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "NVD-CWE-Other"
},
"CVE-2010-1623": {
"id": "CVE-2010-1623",
"references": [
"http://blogs.sun.com/security/entry/cve_2010_1623_memory_leak",
"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049885.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049939.html",
"http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html",
"http://marc.info/?l=bugtraq&m=130168502603566&w=2",
"http://secunia.com/advisories/41701",
"http://secunia.com/advisories/42015",
"http://secunia.com/advisories/42361",
"http://secunia.com/advisories/42367",
"http://secunia.com/advisories/42403",
"http://secunia.com/advisories/42537",
"http://secunia.com/advisories/43211",
"http://secunia.com/advisories/43285",
"http://security-tracker.debian.org/tracker/CVE-2010-1623",
"http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.627828",
"http://svn.apache.org/viewvc?view=revision&revision=1003492",
"http://svn.apache.org/viewvc?view=revision&revision=1003493",
"http://svn.apache.org/viewvc?view=revision&revision=1003494",
"http://svn.apache.org/viewvc?view=revision&revision=1003495",
"http://svn.apache.org/viewvc?view=revision&revision=1003626",
"http://ubuntu.com/usn/usn-1021-1",
"http://www-01.ibm.com/support/docview.wss?uid=swg1PM31601",
"http://www.apache.org/dist/apr/CHANGES-APR-UTIL-1.3",
"http://www.mandriva.com/security/advisories?name=MDVSA-2010:192",
"http://www.redhat.com/support/errata/RHSA-2010-0950.html",
"http://www.redhat.com/support/errata/RHSA-2011-0896.html",
"http://www.redhat.com/support/errata/RHSA-2011-0897.html",
"http://www.securityfocus.com/bid/43673",
"http://www.ubuntu.com/usn/USN-1022-1",
"http://www.vupen.com/english/advisories/2010/2556",
"http://www.vupen.com/english/advisories/2010/2557",
"http://www.vupen.com/english/advisories/2010/2806",
"http://www.vupen.com/english/advisories/2010/3064",
"http://www.vupen.com/english/advisories/2010/3065",
"http://www.vupen.com/english/advisories/2010/3074",
"http://www.vupen.com/english/advisories/2011/0358",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12800"
],
"score": 5,
"services": [
"631/http"
],
"severity": "medium",
"summary": "Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) before 1.3.10, as used in the mod_reqtimeout module in the Apache HTTP Server and other software, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors related to the destruction of an APR bucket.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "CWE-119"
},
"CVE-2011-0419": {
"id": "CVE-2011-0419",
"references": [
"http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/fnmatch.c#rev1.22",
"http://cxib.net/stuff/apache.fnmatch.phps",
"http://cxib.net/stuff/apr_fnmatch.txts",
"http://httpd.apache.org/security/vulnerabilities_22.html",
"http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html",
"http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html",
"http://marc.info/?l=bugtraq&m=131551295528105&w=2",
"http://marc.info/?l=bugtraq&m=131551295528105&w=2",
"http://marc.info/?l=bugtraq&m=131731002122529&w=2",
"http://marc.info/?l=bugtraq&m=131731002122529&w=2",
"http://marc.info/?l=bugtraq&m=132033751509019&w=2",
"http://marc.info/?l=bugtraq&m=132033751509019&w=2",
"http://marc.info/?l=bugtraq&m=134987041210674&w=2",
"http://marc.info/?l=bugtraq&m=134987041210674&w=2",
"http://secunia.com/advisories/44490",
"http://secunia.com/advisories/44564",
"http://secunia.com/advisories/44574",
"http://secunia.com/advisories/48308",
"http://securityreason.com/achievement_securityalert/98",
"http://securityreason.com/securityalert/8246",
"http://securitytracker.com/id?1025527",
"http://support.apple.com/kb/HT5002",
"http://svn.apache.org/viewvc/apr/apr/branches/1.4.x/strings/apr_fnmatch.c?r1=731029&r2=1098902",
"http://svn.apache.org/viewvc?view=revision&revision=1098188",
"http://svn.apache.org/viewvc?view=revision&revision=1098799",
"http://www.apache.org/dist/apr/Announcement1.x.html",
"http://www.apache.org/dist/apr/CHANGES-APR-1.4",
"http://www.apache.org/dist/httpd/Announcement2.2.html",
"http://www.debian.org/security/2011/dsa-2237",
"http://www.mail-archive.com/dev%40apr.apache.org/msg23960.html",
"http://www.mail-archive.com/dev%40apr.apache.org/msg23961.html",
"http://www.mail-archive.com/dev%40apr.apache.org/msg23976.html",
"http://www.mandriva.com/security/advisories?name=MDVSA-2011:084",
"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150",
"http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/fnmatch.c#rev1.15",
"http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html",
"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html",
"http://www.redhat.com/support/errata/RHSA-2011-0507.html",
"http://www.redhat.com/support/errata/RHSA-2011-0896.html",
"http://www.redhat.com/support/errata/RHSA-2011-0897.html",
"https://bugzilla.redhat.com/show_bug.cgi?id=703390",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r064df0985779b7ee044d3120d71ba59750427cf53f57ba3384e3773f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14638",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14804",
"http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/fnmatch.c#rev1.22",
"http://cxib.net/stuff/apache.fnmatch.phps",
"http://cxib.net/stuff/apr_fnmatch.txts",
"http://httpd.apache.org/security/vulnerabilities_22.html",
"http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html",
"http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html",
"http://marc.info/?l=bugtraq&m=131551295528105&w=2",
"http://marc.info/?l=bugtraq&m=131551295528105&w=2",
"http://marc.info/?l=bugtraq&m=131731002122529&w=2",
"http://marc.info/?l=bugtraq&m=131731002122529&w=2",
"http://marc.info/?l=bugtraq&m=132033751509019&w=2",
"http://marc.info/?l=bugtraq&m=132033751509019&w=2",
"http://marc.info/?l=bugtraq&m=134987041210674&w=2",
"http://marc.info/?l=bugtraq&m=134987041210674&w=2",
"http://secunia.com/advisories/44490",
"http://secunia.com/advisories/44564",
"http://secunia.com/advisories/44574",
"http://secunia.com/advisories/48308",
"http://securityreason.com/achievement_securityalert/98",
"http://securityreason.com/securityalert/8246",
"http://securitytracker.com/id?1025527",
"http://support.apple.com/kb/HT5002",
"http://svn.apache.org/viewvc/apr/apr/branches/1.4.x/strings/apr_fnmatch.c?r1=731029&r2=1098902",
"http://svn.apache.org/viewvc?view=revision&revision=1098188",
"http://svn.apache.org/viewvc?view=revision&revision=1098799",
"http://www.apache.org/dist/apr/Announcement1.x.html",
"http://www.apache.org/dist/apr/CHANGES-APR-1.4",
"http://www.apache.org/dist/httpd/Announcement2.2.html",
"http://www.debian.org/security/2011/dsa-2237",
"http://www.mail-archive.com/dev%40apr.apache.org/msg23960.html",
"http://www.mail-archive.com/dev%40apr.apache.org/msg23961.html",
"http://www.mail-archive.com/dev%40apr.apache.org/msg23976.html",
"http://www.mandriva.com/security/advisories?name=MDVSA-2011:084",
"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150",
"http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/fnmatch.c#rev1.15",
"http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html",
"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html",
"http://www.redhat.com/support/errata/RHSA-2011-0507.html",
"http://www.redhat.com/support/errata/RHSA-2011-0896.html",
"http://www.redhat.com/support/errata/RHSA-2011-0897.html",
"https://bugzilla.redhat.com/show_bug.cgi?id=703390",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r064df0985779b7ee044d3120d71ba59750427cf53f57ba3384e3773f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14638",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14804"
],
"score": 4.3,
"services": [
"631/http"
],
"severity": "medium",
"summary": "Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd.",
"vector_string": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"weakness": "CWE-770"
},
"CVE-2011-3192": {
"id": "CVE-2011-3192",
"references": [
"http://archives.neohapsis.com/archives/fulldisclosure/2011-08/0285.html",
"http://blogs.oracle.com/security/entry/security_alert_for_cve_2011",
"http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html",
"http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00006.html",
"http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00009.html",
"http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00010.html",
"http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00011.html",
"http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00008.html",
"http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html",
"http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3c20110824161640.122D387DD%40minotaur.apache.org%3e",
"http://mail-archives.apache.org/mod_mbox/httpd-dev/201108.mbox/%3cCAAPSnn2PO-d-C4nQt_TES2RRWiZr7urefhTKPWBC1b+K1Dqc7g%40mail.gmail.com%3e",
"http://marc.info/?l=bugtraq&m=131551295528105&w=2",
"http://marc.info/?l=bugtraq&m=131731002122529&w=2",
"http://marc.info/?l=bugtraq&m=132033751509019&w=2",
"http://marc.info/?l=bugtraq&m=133477473521382&w=2",
"http://marc.info/?l=bugtraq&m=133951357207000&w=2",
"http://marc.info/?l=bugtraq&m=134987041210674&w=2",
"http://osvdb.org/74721",
"http://seclists.org/fulldisclosure/2011/Aug/175",
"http://secunia.com/advisories/45606",
"http://secunia.com/advisories/45937",
"http://secunia.com/advisories/46000",
"http://secunia.com/advisories/46125",
"http://secunia.com/advisories/46126",
"http://securitytracker.com/id?1025960",
"http://support.apple.com/kb/HT5002",
"http://www.apache.org/dist/httpd/Announcement2.2.html",
"http://www.cisco.com/en/US/products/products_security_advisory09186a0080b90d73.shtml",
"http://www.exploit-db.com/exploits/17696",
"http://www.gossamer-threads.com/lists/apache/dev/401638",
"http://www.kb.cert.org/vuls/id/405811",
"http://www.mandriva.com/security/advisories?name=MDVSA-2011:130",
"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150",
"http://www.oracle.com/technetwork/topics/security/alert-cve-2011-3192-485304.html",
"http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html",
"http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html",
"http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html",
"http://www.redhat.com/support/errata/RHSA-2011-1245.html",
"http://www.redhat.com/support/errata/RHSA-2011-1294.html",
"http://www.redhat.com/support/errata/RHSA-2011-1300.html",
"http://www.redhat.com/support/errata/RHSA-2011-1329.html",
"http://www.redhat.com/support/errata/RHSA-2011-1330.html",
"http://www.redhat.com/support/errata/RHSA-2011-1369.html",
"http://www.securityfocus.com/bid/49303",
"http://www.ubuntu.com/usn/USN-1199-1",
"https://bugzilla.redhat.com/show_bug.cgi?id=732928",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/69396",
"https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
"https://issues.apache.org/bugzilla/show_bug.cgi?id=51714",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14762",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14824",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18827"
],
"score": 7.8,
"services": [
"631/http"
],
"severity": "high",
"summary": "The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"weakness": "CWE-400"
},
"CVE-2011-3368": {
"id": "CVE-2011-3368",
"references": [
"http://kb.juniper.net/JSA10585",
"http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html",
"http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html",
"http://lists.opensuse.org/opensuse-updates/2013-02/msg00009.html",
"http://lists.opensuse.org/opensuse-updates/2013-02/msg00012.html",
"http://marc.info/?l=bugtraq&m=133294460209056&w=2",
"http://marc.info/?l=bugtraq&m=134987041210674&w=2",
"http://osvdb.org/76079",
"http://rhn.redhat.com/errata/RHSA-2012-0542.html",
"http://rhn.redhat.com/errata/RHSA-2012-0543.html",
"http://seclists.org/fulldisclosure/2011/Oct/232",
"http://seclists.org/fulldisclosure/2011/Oct/273",
"http://secunia.com/advisories/46288",
"http://secunia.com/advisories/46414",
"http://secunia.com/advisories/48551",
"http://support.apple.com/kb/HT5501",
"http://svn.apache.org/viewvc?view=revision&revision=1179239",
"http://web.archiveorange.com/archive/v/ZyS0hzECD5zzb2NkvQlt",
"http://www-01.ibm.com/support/docview.wss?uid=nas2064c7e5f53452ff686257927003c8d42",
"http://www-01.ibm.com/support/docview.wss?uid=nas2b7c57b1f1035675186257927003c8d48",
"http://www.contextis.com/research/blog/reverseproxybypass/",
"http://www.debian.org/security/2012/dsa-2405",
"http://www.exploit-db.com/exploits/17969",
"http://www.mandriva.com/security/advisories?name=MDVSA-2011:144",
"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150",
"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html",
"http://www.redhat.com/support/errata/RHSA-2011-1391.html",
"http://www.redhat.com/support/errata/RHSA-2011-1392.html",
"http://www.securityfocus.com/bid/49957",
"http://www.securitytracker.com/id?1026144",
"https://bugzilla.redhat.com/show_bug.cgi?id=740045",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/70336",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r064df0985779b7ee044d3120d71ba59750427cf53f57ba3384e3773f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
],
"score": 5,
"services": [
"631/http"
],
"severity": "medium",
"summary": "The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character.",
"vector_string": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"weakness": "CWE-20"
},
"CVE-2011-3607": {
"id": "CVE-2011-3607",
"references": [
"http://archives.neohapsis.com/archives/fulldisclosure/2011-11/0023.html",
"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041",
"http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html",
"http://marc.info/?l=bugtraq&m=133294460209056&w=2",
"http://marc.info/?l=bugtraq&m=133494237717847&w=2",
"http://marc.info/?l=bugtraq&m=134987041210674&w=2",
"http://rhn.redhat.com/errata/RHSA-2012-0128.html",
"http://rhn.redhat.com/errata/RHSA-2012-0542.html",
"http://rhn.redhat.com/errata/RHSA-2012-0543.html",
"http://secunia.com/advisories/45793",
"http://secunia.com/advisories/48551",
"http://securitytracker.com/id?1026267",
"http://support.apple.com/kb/HT5501",
"http://www.debian.org/security/2012/dsa-2405",
"http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html",
"http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/",
"http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/DemoExploit.html",
"http://www.mandriva.com/security/advisories?name=MDVSA-2012:003",
"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150",
"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html",
"http://www.osvdb.org/76744",
"http://www.securityfocus.com/bid/50494",
"https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/811422",
"https://bugzilla.redhat.com/show_bug.cgi?id=750935",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/71093",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
],
"score": 4.4,
"services": [
"631/http"
],
"severity": "medium",
"summary": "Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, allows local users to gain privileges via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, leading to a heap-based buffer overflow.",
"vector_string": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"weakness": "CWE-189"
},
"CVE-2011-3639": {
"id": "CVE-2011-3639",
"references": [
"http://rhn.redhat.com/errata/RHSA-2012-0128.html",
"http://svn.apache.org/viewvc?view=revision&revision=1188745",
"http://www.debian.org/security/2012/dsa-2405",
"https://bugzilla.redhat.com/show_bug.cgi?id=752080"
],
"score": 4.3,
"services": [
"631/http"
],
"severity": "medium",
"summary": "The mod_proxy module in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x before 2.2.18, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers by using the HTTP/0.9 protocol with a malformed URI containing an initial @ (at sign) character. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368.",
"vector_string": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"weakness": "CWE-20"
},
"CVE-2011-4317": {
"id": "CVE-2011-4317",
"references": [
"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041",
"http://kb.juniper.net/JSA10585",
"http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html",
"http://lists.opensuse.org/opensuse-updates/2013-02/msg00009.html",
"http://lists.opensuse.org/opensuse-updates/2013-02/msg00012.html",
"http://marc.info/?l=bugtraq&m=133294460209056&w=2",
"http://marc.info/?l=bugtraq&m=134987041210674&w=2",
"http://rhn.redhat.com/errata/RHSA-2012-0128.html",
"http://secunia.com/advisories/48551",
"http://support.apple.com/kb/HT5501",
"http://thread.gmane.org/gmane.comp.apache.devel/46440",
"http://www.debian.org/security/2012/dsa-2405",
"http://www.mandriva.com/security/advisories?name=MDVSA-2012:003",
"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150",
"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html",
"http://www.securitytracker.com/id?1026353",
"https://bugzilla.redhat.com/show_bug.cgi?id=756483",
"https://community.qualys.com/blogs/securitylabs/2011/11/23/apache-reverse-proxy-bypass-issue",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
],
"score": 4.3,
"services": [
"631/http"
],
"severity": "medium",
"summary": "The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an @ (at sign) character and a : (colon) character in invalid positions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368.",
"vector_string": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"weakness": "CWE-20"
},
"CVE-2011-4415": {
"id": "CVE-2011-4415",
"references": [
"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041",
"http://www.gossamer-threads.com/lists/apache/dev/403775",
"http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/",
"http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/DemoExploit.html"
],
"score": 1.2,
"services": [
"631/http"
],
"severity": "low",
"summary": "The ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, does not restrict the size of values of environment variables, which allows local users to cause a denial of service (memory consumption or NULL pointer dereference) via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, related to (1) the \"len +=\" statement and (2) the apr_pcalloc function call, a different vulnerability than CVE-2011-3607.",
"vector_string": "AV:L/AC:H/Au:N/C:N/I:N/A:P",
"weakness": "CWE-20"
},
"CVE-2012-0031": {
"id": "CVE-2012-0031",
"references": [
"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041",
"http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html",
"http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00026.html",
"http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00002.html",
"http://marc.info/?l=bugtraq&m=133294460209056&w=2",
"http://marc.info/?l=bugtraq&m=133494237717847&w=2",
"http://marc.info/?l=bugtraq&m=134987041210674&w=2",
"http://rhn.redhat.com/errata/RHSA-2012-0128.html",
"http://rhn.redhat.com/errata/RHSA-2012-0542.html",
"http://rhn.redhat.com/errata/RHSA-2012-0543.html",
"http://secunia.com/advisories/47410",
"http://secunia.com/advisories/48551",
"http://support.apple.com/kb/HT5501",
"http://svn.apache.org/viewvc?view=revision&revision=1230065",
"http://www.debian.org/security/2012/dsa-2405",
"http://www.halfdog.net/Security/2011/ApacheScoreboardInvalidFreeOnShutdown/",
"http://www.mandriva.com/security/advisories?name=MDVSA-2012:012",
"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150",
"http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html",
"http://www.securityfocus.com/bid/51407",
"https://bugzilla.redhat.com/show_bug.cgi?id=773744",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
],
"score": 4.6,
"services": [
"631/http"
],
"severity": "medium",
"summary": "scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading to an invalid call to the free function.",
"vector_string": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2012-0053": {
"id": "CVE-2012-0053",
"references": [
"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041",
"http://httpd.apache.org/security/vulnerabilities_22.html",
"http://kb.juniper.net/JSA10585",
"http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html",
"http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00026.html",
"http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00002.html",
"http://marc.info/?l=bugtraq&m=133294460209056&w=2",
"http://marc.info/?l=bugtraq&m=133494237717847&w=2",
"http://marc.info/?l=bugtraq&m=133951357207000&w=2",
"http://marc.info/?l=bugtraq&m=136441204617335&w=2",
"http://rhn.redhat.com/errata/RHSA-2012-0128.html",
"http://rhn.redhat.com/errata/RHSA-2012-0542.html",
"http://rhn.redhat.com/errata/RHSA-2012-0543.html",
"http://secunia.com/advisories/48551",
"http://support.apple.com/kb/HT5501",
"http://svn.apache.org/viewvc?view=revision&revision=1235454",
"http://www.debian.org/security/2012/dsa-2405",
"http://www.mandriva.com/security/advisories?name=MDVSA-2012:012",
"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150",
"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html",
"http://www.securityfocus.com/bid/51706",
"https://bugzilla.redhat.com/show_bug.cgi?id=785069",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
],
"score": 4.3,
"services": [
"631/http"
],
"severity": "medium",
"summary": "protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script.",
"vector_string": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2012-0883": {
"id": "CVE-2012-0883",
"references": [
"http://article.gmane.org/gmane.comp.apache.devel/48158",
"http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html",
"http://lists.opensuse.org/opensuse-updates/2013-02/msg00009.html",
"http://lists.opensuse.org/opensuse-updates/2013-02/msg00012.html",
"http://marc.info/?l=bugtraq&m=134012830914727&w=2",
"http://secunia.com/advisories/48849",
"http://support.apple.com/kb/HT5880",
"http://svn.apache.org/viewvc?view=revision&revision=1296428",
"http://www.apache.org/dist/httpd/Announcement2.4.html",
"http://www.apachelounge.com/Changelog-2.4.html",
"http://www.securityfocus.com/bid/53046",
"http://www.securitytracker.com/id?1026932",
"http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/74901",
"https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
],
"score": 6.9,
"services": [
"631/http"
],
"severity": "medium",
"summary": "envvars (aka envvars-std) in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse DSO in the current working directory during execution of apachectl.",
"vector_string": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2012-2687": {
"id": "CVE-2012-2687",
"references": [
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html",
"http://lists.opensuse.org/opensuse-updates/2013-02/msg00009.html",
"http://lists.opensuse.org/opensuse-updates/2013-02/msg00011.html",
"http://lists.opensuse.org/opensuse-updates/2013-02/msg00012.html",
"http://mail-archives.apache.org/mod_mbox/www-announce/201208.mbox/%3C0BFFEA9B-801B-4BAA-9534-56F640268E30%40apache.org%3E",
"http://marc.info/?l=bugtraq&m=136612293908376&w=2",
"http://marc.info/?l=bugtraq&m=136612293908376&w=2",
"http://rhn.redhat.com/errata/RHSA-2012-1591.html",
"http://rhn.redhat.com/errata/RHSA-2012-1592.html",
"http://rhn.redhat.com/errata/RHSA-2012-1594.html",
"http://rhn.redhat.com/errata/RHSA-2013-0130.html",
"http://secunia.com/advisories/50894",
"http://secunia.com/advisories/51607",
"http://support.apple.com/kb/HT5880",
"http://www-01.ibm.com/support/docview.wss?uid=nas2a2b50a0ca011b37c86257a96003c9a4f",
"http://www.apache.org/dist/httpd/CHANGES_2.4.3",
"http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html",
"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html",
"http://www.securityfocus.com/bid/55131",
"http://www.ubuntu.com/usn/USN-1627-1",
"http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18832",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19539",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html",
"http://lists.opensuse.org/opensuse-updates/2013-02/msg00009.html",
"http://lists.opensuse.org/opensuse-updates/2013-02/msg00011.html",
"http://lists.opensuse.org/opensuse-updates/2013-02/msg00012.html",
"http://mail-archives.apache.org/mod_mbox/www-announce/201208.mbox/%3C0BFFEA9B-801B-4BAA-9534-56F640268E30%40apache.org%3E",
"http://marc.info/?l=bugtraq&m=136612293908376&w=2",
"http://marc.info/?l=bugtraq&m=136612293908376&w=2",
"http://rhn.redhat.com/errata/RHSA-2012-1591.html",
"http://rhn.redhat.com/errata/RHSA-2012-1592.html",
"http://rhn.redhat.com/errata/RHSA-2012-1594.html",
"http://rhn.redhat.com/errata/RHSA-2013-0130.html",
"http://secunia.com/advisories/50894",
"http://secunia.com/advisories/51607",
"http://support.apple.com/kb/HT5880",
"http://www-01.ibm.com/support/docview.wss?uid=nas2a2b50a0ca011b37c86257a96003c9a4f",
"http://www.apache.org/dist/httpd/CHANGES_2.4.3",
"http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html",
"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html",
"http://www.securityfocus.com/bid/55131",
"http://www.ubuntu.com/usn/USN-1627-1",
"http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18832",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19539"
],
"score": 2.6,
"services": [
"631/http"
],
"severity": "low",
"summary": "Multiple cross-site scripting (XSS) vulnerabilities in the make_variant_list function in mod_negotiation.c in the mod_negotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted filename that is not properly handled during construction of a variant list.",
"vector_string": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"weakness": "CWE-79"
},
"CVE-2012-3499": {
"id": "CVE-2012-3499",
"references": [
"http://httpd.apache.org/security/vulnerabilities_22.html",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101196.html",
"http://marc.info/?l=bugtraq&m=136612293908376&w=2",
"http://marc.info/?l=bugtraq&m=136612293908376&w=2",
"http://rhn.redhat.com/errata/RHSA-2013-0815.html",
"http://rhn.redhat.com/errata/RHSA-2013-1207.html",
"http://rhn.redhat.com/errata/RHSA-2013-1208.html",
"http://rhn.redhat.com/errata/RHSA-2013-1209.html",
"http://secunia.com/advisories/55032",
"http://support.apple.com/kb/HT5880",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_info.c?r1=1225799&r2=1413732&diff_format=h",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c?r1=1389564&r2=1413732&diff_format=h",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ldap/util_ldap_cache_mgr.c?r1=1209766&r2=1418752&diff_format=h",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/mappers/mod_imagemap.c?r1=1398480&r2=1413732&diff_format=h",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_ftp.c?r1=1404625&r2=1413732&diff_format=h",
"http://www.debian.org/security/2013/dsa-2637",
"http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html",
"http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"http://www.securityfocus.com/bid/58165",
"http://www.securityfocus.com/bid/64758",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19312",
"http://httpd.apache.org/security/vulnerabilities_22.html",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101196.html",
"http://marc.info/?l=bugtraq&m=136612293908376&w=2",
"http://marc.info/?l=bugtraq&m=136612293908376&w=2",
"http://rhn.redhat.com/errata/RHSA-2013-0815.html",
"http://rhn.redhat.com/errata/RHSA-2013-1207.html",
"http://rhn.redhat.com/errata/RHSA-2013-1208.html",
"http://rhn.redhat.com/errata/RHSA-2013-1209.html",
"http://secunia.com/advisories/55032",
"http://support.apple.com/kb/HT5880",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_info.c?r1=1225799&r2=1413732&diff_format=h",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c?r1=1389564&r2=1413732&diff_format=h",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ldap/util_ldap_cache_mgr.c?r1=1209766&r2=1418752&diff_format=h",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/mappers/mod_imagemap.c?r1=1398480&r2=1413732&diff_format=h",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_ftp.c?r1=1404625&r2=1413732&diff_format=h",
"http://www.debian.org/security/2013/dsa-2637",
"http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html",
"http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"http://www.securityfocus.com/bid/58165",
"http://www.securityfocus.com/bid/64758",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19312"
],
"score": 4.3,
"services": [
"631/http"
],
"severity": "medium",
"summary": "Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3) mod_ldap, (4) mod_proxy_ftp, and (5) mod_status modules.",
"vector_string": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"weakness": "CWE-79"
},
"CVE-2012-4558": {
"id": "CVE-2012-4558",
"references": [
"http://httpd.apache.org/security/vulnerabilities_22.html",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101196.html",
"http://marc.info/?l=bugtraq&m=136612293908376&w=2",
"http://marc.info/?l=bugtraq&m=136612293908376&w=2",
"http://rhn.redhat.com/errata/RHSA-2013-0815.html",
"http://rhn.redhat.com/errata/RHSA-2013-1207.html",
"http://rhn.redhat.com/errata/RHSA-2013-1208.html",
"http://rhn.redhat.com/errata/RHSA-2013-1209.html",
"http://support.apple.com/kb/HT5880",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_balancer.c?r1=1404653&r2=1413732&diff_format=h",
"http://www.debian.org/security/2013/dsa-2637",
"http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"http://www.securityfocus.com/bid/58165",
"http://www.securityfocus.com/bid/64758",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18977",
"http://httpd.apache.org/security/vulnerabilities_22.html",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101196.html",
"http://marc.info/?l=bugtraq&m=136612293908376&w=2",
"http://marc.info/?l=bugtraq&m=136612293908376&w=2",
"http://rhn.redhat.com/errata/RHSA-2013-0815.html",
"http://rhn.redhat.com/errata/RHSA-2013-1207.html",
"http://rhn.redhat.com/errata/RHSA-2013-1208.html",
"http://rhn.redhat.com/errata/RHSA-2013-1209.html",
"http://support.apple.com/kb/HT5880",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_balancer.c?r1=1404653&r2=1413732&diff_format=h",
"http://www.debian.org/security/2013/dsa-2637",
"http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"http://www.securityfocus.com/bid/58165",
"http://www.securityfocus.com/bid/64758",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18977"
],
"score": 4.3,
"services": [
"631/http"
],
"severity": "medium",
"summary": "Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via a crafted string.",
"vector_string": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"weakness": "CWE-79"
},
"CVE-2013-0340": {
"id": "CVE-2013-0340",
"references": [
"http://openwall.com/lists/oss-security/2013/02/22/3",
"http://seclists.org/fulldisclosure/2021/Oct/61",
"http://seclists.org/fulldisclosure/2021/Oct/62",
"http://seclists.org/fulldisclosure/2021/Oct/63",
"http://seclists.org/fulldisclosure/2021/Sep/33",
"http://seclists.org/fulldisclosure/2021/Sep/34",
"http://seclists.org/fulldisclosure/2021/Sep/35",
"http://seclists.org/fulldisclosure/2021/Sep/38",
"http://seclists.org/fulldisclosure/2021/Sep/39",
"http://seclists.org/fulldisclosure/2021/Sep/40",
"http://securitytracker.com/id?1028213",
"http://www.openwall.com/lists/oss-security/2013/04/12/6",
"http://www.openwall.com/lists/oss-security/2021/10/07/4",
"http://www.osvdb.org/90634",
"http://www.securityfocus.com/bid/58233",
"https://lists.apache.org/thread.html/r41eca5f4f09e74436cbb05dec450fc2bef37b5d3e966aa7cc5fada6d%40%3Cannounce.apache.org%3E",
"https://lists.apache.org/thread.html/rfb2c193360436e230b85547e85a41bea0916916f96c501f5b6fc4702%40%3Cusers.openoffice.apache.org%3E",
"https://security.gentoo.org/glsa/201701-21",
"https://support.apple.com/kb/HT212804",
"https://support.apple.com/kb/HT212805",
"https://support.apple.com/kb/HT212807",
"https://support.apple.com/kb/HT212814",
"https://support.apple.com/kb/HT212815",
"https://support.apple.com/kb/HT212819",
"http://openwall.com/lists/oss-security/2013/02/22/3",
"http://seclists.org/fulldisclosure/2021/Oct/61",
"http://seclists.org/fulldisclosure/2021/Oct/62",
"http://seclists.org/fulldisclosure/2021/Oct/63",
"http://seclists.org/fulldisclosure/2021/Sep/33",
"http://seclists.org/fulldisclosure/2021/Sep/34",
"http://seclists.org/fulldisclosure/2021/Sep/35",
"http://seclists.org/fulldisclosure/2021/Sep/38",
"http://seclists.org/fulldisclosure/2021/Sep/39",
"http://seclists.org/fulldisclosure/2021/Sep/40",
"http://securitytracker.com/id?1028213",
"http://www.openwall.com/lists/oss-security/2013/04/12/6",
"http://www.openwall.com/lists/oss-security/2021/10/07/4",
"http://www.osvdb.org/90634",
"http://www.securityfocus.com/bid/58233",
"https://lists.apache.org/thread.html/r41eca5f4f09e74436cbb05dec450fc2bef37b5d3e966aa7cc5fada6d%40%3Cannounce.apache.org%3E",
"https://lists.apache.org/thread.html/rfb2c193360436e230b85547e85a41bea0916916f96c501f5b6fc4702%40%3Cusers.openoffice.apache.org%3E",
"https://security.gentoo.org/glsa/201701-21",
"https://support.apple.com/kb/HT212804",
"https://support.apple.com/kb/HT212805",
"https://support.apple.com/kb/HT212807",
"https://support.apple.com/kb/HT212814",
"https://support.apple.com/kb/HT212815",
"https://support.apple.com/kb/HT212819"
],
"score": 6.8,
"services": [
"27018/http"
],
"severity": "medium",
"summary": "expat 2.1.0 and earlier does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue. NOTE: it could be argued that because expat already provides the ability to disable external entity expansion, the responsibility for resolving this issue lies with application developers; according to this argument, this entry should be REJECTed, and each affected application would need its own CVE.",
"vector_string": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"weakness": "CWE-611"
},
"CVE-2013-1862": {
"id": "CVE-2013-1862",
"references": [
"http://lists.opensuse.org/opensuse-updates/2013-08/msg00026.html",
"http://lists.opensuse.org/opensuse-updates/2013-08/msg00029.html",
"http://lists.opensuse.org/opensuse-updates/2013-08/msg00030.html",
"http://people.apache.org/~jorton/mod_rewrite-CVE-2013-1862.patch",
"http://rhn.redhat.com/errata/RHSA-2013-0815.html",
"http://rhn.redhat.com/errata/RHSA-2013-1207.html",
"http://rhn.redhat.com/errata/RHSA-2013-1208.html",
"http://rhn.redhat.com/errata/RHSA-2013-1209.html",
"http://secunia.com/advisories/55032",
"http://support.apple.com/kb/HT6150",
"http://svn.apache.org/viewvc?view=revision&revision=r1469311",
"http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1862",
"http://www-01.ibm.com/support/docview.wss?uid=swg21644047",
"http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html",
"http://www.mandriva.com/security/advisories?name=MDVSA-2013:174",
"http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"http://www.securityfocus.com/bid/59826",
"http://www.securityfocus.com/bid/64758",
"http://www.ubuntu.com/usn/USN-1903-1",
"https://bugzilla.redhat.com/show_bug.cgi?id=953729",
"https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03922406-1%257CdocLocale%253D%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken",
"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18790",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19534"
],
"score": 5.1,
"services": [
"631/http"
],
"severity": "medium",
"summary": "mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator.",
"vector_string": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2013-1896": {
"id": "CVE-2013-1896",
"references": [
"http://lists.opensuse.org/opensuse-updates/2013-08/msg00026.html",
"http://lists.opensuse.org/opensuse-updates/2013-08/msg00029.html",
"http://lists.opensuse.org/opensuse-updates/2013-08/msg00030.html",
"http://rhn.redhat.com/errata/RHSA-2013-1156.html",
"http://rhn.redhat.com/errata/RHSA-2013-1207.html",
"http://rhn.redhat.com/errata/RHSA-2013-1208.html",
"http://rhn.redhat.com/errata/RHSA-2013-1209.html",
"http://secunia.com/advisories/55032",
"http://support.apple.com/kb/HT6150",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/mod_dav.c?r1=1482522&r2=1485668&diff_format=h",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/mod_dav.c?view=log",
"http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1896",
"http://www-01.ibm.com/support/docview.wss?uid=swg21644047",
"http://www.apache.org/dist/httpd/Announcement2.2.html",
"http://www.securityfocus.com/bid/61129",
"http://www.ubuntu.com/usn/USN-1903-1",
"https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03922406-1%257CdocLocale%253D%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18835",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19747"
],
"score": 4.3,
"services": [
"631/http"
],
"severity": "medium",
"summary": "mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segmentation fault) via a MERGE request in which the URI is configured for handling by the mod_dav_svn module, but a certain href attribute in XML data refers to a non-DAV URI.",
"vector_string": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2013-5704": {
"id": "CVE-2013-5704",
"references": [
"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html",
"http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html",
"http://marc.info/?l=apache-httpd-dev&m=139636309822854&w=2",
"http://marc.info/?l=bugtraq&m=143403519711434&w=2",
"http://marc.info/?l=bugtraq&m=143403519711434&w=2",
"http://marc.info/?l=bugtraq&m=144493176821532&w=2",
"http://marc.info/?l=bugtraq&m=144493176821532&w=2",
"http://martin.swende.se/blog/HTTPChunked.html",
"http://rhn.redhat.com/errata/RHSA-2015-0325.html",
"http://rhn.redhat.com/errata/RHSA-2015-1249.html",
"http://rhn.redhat.com/errata/RHSA-2015-2661.html",
"http://rhn.redhat.com/errata/RHSA-2016-0061.html",
"http://rhn.redhat.com/errata/RHSA-2016-0062.html",
"http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c?r1=1610674&r2=1610814&diff_format=h",
"http://www.mandriva.com/security/advisories?name=MDVSA-2014:174",
"http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html",
"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
"http://www.securityfocus.com/bid/66550",
"http://www.ubuntu.com/usn/USN-2523-1",
"https://access.redhat.com/errata/RHSA-2015:2659",
"https://access.redhat.com/errata/RHSA-2015:2660",
"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://security.gentoo.org/glsa/201504-03",
"https://support.apple.com/HT204659",
"https://support.apple.com/HT205219",
"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html",
"http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html",
"http://marc.info/?l=apache-httpd-dev&m=139636309822854&w=2",
"http://marc.info/?l=bugtraq&m=143403519711434&w=2",
"http://marc.info/?l=bugtraq&m=143403519711434&w=2",
"http://marc.info/?l=bugtraq&m=144493176821532&w=2",
"http://marc.info/?l=bugtraq&m=144493176821532&w=2",
"http://martin.swende.se/blog/HTTPChunked.html",
"http://rhn.redhat.com/errata/RHSA-2015-0325.html",
"http://rhn.redhat.com/errata/RHSA-2015-1249.html",
"http://rhn.redhat.com/errata/RHSA-2015-2661.html",
"http://rhn.redhat.com/errata/RHSA-2016-0061.html",
"http://rhn.redhat.com/errata/RHSA-2016-0062.html",
"http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c?r1=1610674&r2=1610814&diff_format=h",
"http://www.mandriva.com/security/advisories?name=MDVSA-2014:174",
"http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html",
"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
"http://www.securityfocus.com/bid/66550",
"http://www.ubuntu.com/usn/USN-2523-1",
"https://access.redhat.com/errata/RHSA-2015:2659",
"https://access.redhat.com/errata/RHSA-2015:2660",
"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://security.gentoo.org/glsa/201504-03",
"https://support.apple.com/HT204659",
"https://support.apple.com/HT205219"
],
"score": 5,
"services": [
"631/http"
],
"severity": "medium",
"summary": "The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass \"RequestHeader unset\" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states \"this is not a security issue in httpd as such.\"",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2013-6438": {
"id": "CVE-2013-6438",
"references": [
"http://advisories.mageia.org/MGASA-2014-0135.html",
"http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html",
"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698",
"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html",
"http://marc.info/?l=bugtraq&m=141017844705317&w=2",
"http://marc.info/?l=bugtraq&m=141390017113542&w=2",
"http://seclists.org/fulldisclosure/2014/Dec/23",
"http://secunia.com/advisories/58230",
"http://secunia.com/advisories/59315",
"http://secunia.com/advisories/59345",
"http://secunia.com/advisories/60536",
"http://security.gentoo.org/glsa/glsa-201408-12.xml",
"http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/util.c",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/util.c?r1=1528718&r2=1556428&diff_format=h",
"http://www-01.ibm.com/support/docview.wss?uid=swg21669554",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676091",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676092",
"http://www.apache.org/dist/httpd/CHANGES_2.4.9",
"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
"http://www.securityfocus.com/archive/1/534161/100/0/threaded",
"http://www.securityfocus.com/bid/66303",
"http://www.ubuntu.com/usn/USN-2152-1",
"http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
"https://blogs.oracle.com/sunsecurity/entry/multiple_input_validation_vulnerabilities_in1",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://puppet.com/security/cve/cve-2013-6438",
"https://support.apple.com/HT204659",
"https://support.apple.com/kb/HT6535"
],
"score": 5,
"services": [
"631/http"
],
"severity": "medium",
"summary": "The dav_xml_get_cdata function in main/util.c in the mod_dav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service (daemon crash) via a crafted DAV WRITE request.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2014-0098": {
"id": "CVE-2014-0098",
"references": [
"http://advisories.mageia.org/MGASA-2014-0135.html",
"http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html",
"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698",
"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html",
"http://marc.info/?l=bugtraq&m=141017844705317&w=2",
"http://marc.info/?l=bugtraq&m=141390017113542&w=2",
"http://seclists.org/fulldisclosure/2014/Dec/23",
"http://secunia.com/advisories/58230",
"http://secunia.com/advisories/58915",
"http://secunia.com/advisories/59219",
"http://secunia.com/advisories/59315",
"http://secunia.com/advisories/59345",
"http://secunia.com/advisories/60536",
"http://security.gentoo.org/glsa/glsa-201408-12.xml",
"http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15320.html",
"http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/loggers/mod_log_config.c",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/loggers/mod_log_config.c?r1=1575394&r2=1575400&diff_format=h",
"http://www-01.ibm.com/support/docview.wss?uid=swg21668973",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676091",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676092",
"http://www.apache.org/dist/httpd/CHANGES_2.4.9",
"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
"http://www.securityfocus.com/archive/1/534161/100/0/threaded",
"http://www.securityfocus.com/bid/66303",
"http://www.ubuntu.com/usn/USN-2152-1",
"http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
"https://blogs.oracle.com/sunsecurity/entry/multiple_input_validation_vulnerabilities_in1",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://puppet.com/security/cve/cve-2014-0098",
"https://support.apple.com/HT204659",
"https://support.apple.com/kb/HT6535"
],
"score": 5,
"services": [
"631/http"
],
"severity": "medium",
"summary": "The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server before 2.4.8 allows remote attackers to cause a denial of service (segmentation fault and daemon crash) via a crafted cookie that is not properly handled during truncation.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2014-0118": {
"id": "CVE-2014-0118",
"references": [
"http://advisories.mageia.org/MGASA-2014-0304.html",
"http://advisories.mageia.org/MGASA-2014-0305.html",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html",
"http://marc.info/?l=bugtraq&m=143403519711434&w=2",
"http://marc.info/?l=bugtraq&m=143748090628601&w=2",
"http://marc.info/?l=bugtraq&m=144050155601375&w=2",
"http://marc.info/?l=bugtraq&m=144493176821532&w=2",
"http://rhn.redhat.com/errata/RHSA-2014-1019.html",
"http://rhn.redhat.com/errata/RHSA-2014-1020.html",
"http://rhn.redhat.com/errata/RHSA-2014-1021.html",
"http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/filters/mod_deflate.c",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/filters/mod_deflate.c?r1=1604353&r2=1610501&diff_format=h",
"http://www.debian.org/security/2014/dsa-2989",
"http://www.mandriva.com/security/advisories?name=MDVSA-2014:142",
"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"http://www.securityfocus.com/bid/68745",
"https://bugzilla.redhat.com/show_bug.cgi?id=1120601",
"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://puppet.com/security/cve/cve-2014-0118",
"https://security.gentoo.org/glsa/201504-03",
"https://support.apple.com/HT204659"
],
"score": 4.3,
"services": [
"631/http"
],
"severity": "medium",
"summary": "The deflate_in_filter function in mod_deflate.c in the mod_deflate module in the Apache HTTP Server before 2.4.10, when request body decompression is enabled, allows remote attackers to cause a denial of service (resource consumption) via crafted request data that decompresses to a much larger size.",
"vector_string": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"weakness": "CWE-400"
},
"CVE-2014-0226": {
"id": "CVE-2014-0226",
"references": [
"http://advisories.mageia.org/MGASA-2014-0304.html",
"http://advisories.mageia.org/MGASA-2014-0305.html",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html",
"http://marc.info/?l=bugtraq&m=143403519711434&w=2",
"http://marc.info/?l=bugtraq&m=143748090628601&w=2",
"http://marc.info/?l=bugtraq&m=144050155601375&w=2",
"http://marc.info/?l=bugtraq&m=144493176821532&w=2",
"http://rhn.redhat.com/errata/RHSA-2014-1019.html",
"http://rhn.redhat.com/errata/RHSA-2014-1020.html",
"http://rhn.redhat.com/errata/RHSA-2014-1021.html",
"http://seclists.org/fulldisclosure/2014/Jul/114",
"http://secunia.com/advisories/60536",
"http://security.gentoo.org/glsa/glsa-201408-12.xml",
"http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c?r1=1450998&r2=1610491&diff_format=h",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c?r1=1588989&r2=1610491&diff_format=h",
"http://www.debian.org/security/2014/dsa-2989",
"http://www.exploit-db.com/exploits/34133",
"http://www.mandriva.com/security/advisories?name=MDVSA-2014:142",
"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"http://www.osvdb.org/109216",
"http://www.securityfocus.com/bid/68678",
"http://zerodayinitiative.com/advisories/ZDI-14-236/",
"https://bugzilla.redhat.com/show_bug.cgi?id=1120603",
"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://puppet.com/security/cve/cve-2014-0226",
"https://security.gentoo.org/glsa/201504-03",
"https://support.apple.com/HT204659",
"https://www.povonsec.com/apache-2-4-7-exploit/"
],
"score": 6.8,
"services": [
"631/http"
],
"severity": "medium",
"summary": "Race condition in the mod_status module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of service (heap-based buffer overflow), or possibly obtain sensitive credential information or execute arbitrary code, via a crafted request that triggers improper scoreboard handling within the status_handler function in modules/generators/mod_status.c and the lua_ap_scoreboard_worker function in modules/lua/lua_request.c.",
"vector_string": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"weakness": "CWE-362"
},
"CVE-2014-0231": {
"id": "CVE-2014-0231",
"references": [
"http://advisories.mageia.org/MGASA-2014-0304.html",
"http://advisories.mageia.org/MGASA-2014-0305.html",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html",
"http://marc.info/?l=bugtraq&m=143403519711434&w=2",
"http://marc.info/?l=bugtraq&m=143403519711434&w=2",
"http://marc.info/?l=bugtraq&m=143748090628601&w=2",
"http://marc.info/?l=bugtraq&m=144050155601375&w=2",
"http://marc.info/?l=bugtraq&m=144493176821532&w=2",
"http://marc.info/?l=bugtraq&m=144493176821532&w=2",
"http://packetstormsecurity.com/files/130769/RSA-Digital-Certificate-Solution-XSS-Denial-Of-Service.html",
"http://rhn.redhat.com/errata/RHSA-2014-1019.html",
"http://rhn.redhat.com/errata/RHSA-2014-1020.html",
"http://rhn.redhat.com/errata/RHSA-2014-1021.html",
"http://secunia.com/advisories/60536",
"http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c?r1=1482522&r2=1535125&diff_format=h",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c?r1=1565711&r2=1610509&diff_format=h",
"http://www.debian.org/security/2014/dsa-2989",
"http://www.mandriva.com/security/advisories?name=MDVSA-2014:142",
"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"http://www.securityfocus.com/bid/68742",
"https://bugzilla.redhat.com/show_bug.cgi?id=1120596",
"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://puppet.com/security/cve/cve-2014-0231",
"https://security.gentoo.org/glsa/201504-03",
"https://support.apple.com/HT204659",
"http://advisories.mageia.org/MGASA-2014-0304.html",
"http://advisories.mageia.org/MGASA-2014-0305.html",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html",
"http://marc.info/?l=bugtraq&m=143403519711434&w=2",
"http://marc.info/?l=bugtraq&m=143403519711434&w=2",
"http://marc.info/?l=bugtraq&m=143748090628601&w=2",
"http://marc.info/?l=bugtraq&m=144050155601375&w=2",
"http://marc.info/?l=bugtraq&m=144493176821532&w=2",
"http://marc.info/?l=bugtraq&m=144493176821532&w=2",
"http://packetstormsecurity.com/files/130769/RSA-Digital-Certificate-Solution-XSS-Denial-Of-Service.html",
"http://rhn.redhat.com/errata/RHSA-2014-1019.html",
"http://rhn.redhat.com/errata/RHSA-2014-1020.html",
"http://rhn.redhat.com/errata/RHSA-2014-1021.html",
"http://secunia.com/advisories/60536",
"http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c?r1=1482522&r2=1535125&diff_format=h",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c?r1=1565711&r2=1610509&diff_format=h",
"http://www.debian.org/security/2014/dsa-2989",
"http://www.mandriva.com/security/advisories?name=MDVSA-2014:142",
"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"http://www.securityfocus.com/bid/68742",
"https://bugzilla.redhat.com/show_bug.cgi?id=1120596",
"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://puppet.com/security/cve/cve-2014-0231",
"https://security.gentoo.org/glsa/201504-03",
"https://support.apple.com/HT204659"
],
"score": 5,
"services": [
"631/http"
],
"severity": "medium",
"summary": "The mod_cgid module in the Apache HTTP Server before 2.4.10 does not have a timeout mechanism, which allows remote attackers to cause a denial of service (process hang) via a request to a CGI script that does not read from its stdin file descriptor.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "CWE-399"
},
"CVE-2015-0228": {
"id": "CVE-2015-0228",
"references": [
"http://advisories.mageia.org/MGASA-2015-0099.html",
"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
"http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html",
"http://lists.opensuse.org/opensuse-updates/2015-03/msg00006.html",
"http://rhn.redhat.com/errata/RHSA-2015-1666.html",
"http://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x/CHANGES",
"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
"http://www.securityfocus.com/bid/73041",
"http://www.securityfocus.com/bid/91787",
"http://www.securitytracker.com/id/1032967",
"http://www.ubuntu.com/usn/USN-2523-1",
"https://github.com/apache/httpd/commit/643f0fcf3b8ab09a68f0ecd2aa37aafeda3e63ef",
"https://github.com/apache/httpd/commit/78eb3b9235515652ed141353d98c239237030410",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://support.apple.com/HT205219",
"https://support.apple.com/kb/HT205031",
"http://advisories.mageia.org/MGASA-2015-0099.html",
"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
"http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html",
"http://lists.opensuse.org/opensuse-updates/2015-03/msg00006.html",
"http://rhn.redhat.com/errata/RHSA-2015-1666.html",
"http://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x/CHANGES",
"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
"http://www.securityfocus.com/bid/73041",
"http://www.securityfocus.com/bid/91787",
"http://www.securitytracker.com/id/1032967",
"http://www.ubuntu.com/usn/USN-2523-1",
"https://github.com/apache/httpd/commit/643f0fcf3b8ab09a68f0ecd2aa37aafeda3e63ef",
"https://github.com/apache/httpd/commit/78eb3b9235515652ed141353d98c239237030410",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://support.apple.com/HT205219",
"https://support.apple.com/kb/HT205031"
],
"score": 5,
"services": [
"631/http"
],
"severity": "medium",
"summary": "The lua_websocket_read function in lua_request.c in the mod_lua module in the Apache HTTP Server through 2.4.12 allows remote attackers to cause a denial of service (child-process crash) by sending a crafted WebSocket Ping frame after a Lua script has called the wsupgrade function.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "CWE-20"
},
"CVE-2015-3183": {
"id": "CVE-2015-3183",
"references": [
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735",
"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
"http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html",
"http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html",
"http://marc.info/?l=bugtraq&m=144493176821532&w=2",
"http://marc.info/?l=bugtraq&m=144493176821532&w=2",
"http://rhn.redhat.com/errata/RHSA-2015-1666.html",
"http://rhn.redhat.com/errata/RHSA-2015-1667.html",
"http://rhn.redhat.com/errata/RHSA-2015-1668.html",
"http://rhn.redhat.com/errata/RHSA-2015-2661.html",
"http://rhn.redhat.com/errata/RHSA-2016-0061.html",
"http://rhn.redhat.com/errata/RHSA-2016-0062.html",
"http://rhn.redhat.com/errata/RHSA-2016-2054.html",
"http://rhn.redhat.com/errata/RHSA-2016-2055.html",
"http://rhn.redhat.com/errata/RHSA-2016-2056.html",
"http://www.apache.org/dist/httpd/CHANGES_2.4",
"http://www.debian.org/security/2015/dsa-3325",
"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
"http://www.securityfocus.com/bid/75963",
"http://www.securityfocus.com/bid/91787",
"http://www.securitytracker.com/id/1032967",
"http://www.ubuntu.com/usn/USN-2686-1",
"https://access.redhat.com/errata/RHSA-2015:2659",
"https://access.redhat.com/errata/RHSA-2015:2660",
"https://github.com/apache/httpd/commit/a6027e56924bb6227c1fdbf6f91e7e2438338be6",
"https://github.com/apache/httpd/commit/e427c41257957b57036d5a549b260b6185d1dd73",
"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246",
"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://puppet.com/security/cve/CVE-2015-3183",
"https://security.gentoo.org/glsa/201610-02",
"https://support.apple.com/HT205219",
"https://support.apple.com/kb/HT205031",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735",
"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
"http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html",
"http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html",
"http://marc.info/?l=bugtraq&m=144493176821532&w=2",
"http://marc.info/?l=bugtraq&m=144493176821532&w=2",
"http://rhn.redhat.com/errata/RHSA-2015-1666.html",
"http://rhn.redhat.com/errata/RHSA-2015-1667.html",
"http://rhn.redhat.com/errata/RHSA-2015-1668.html",
"http://rhn.redhat.com/errata/RHSA-2015-2661.html",
"http://rhn.redhat.com/errata/RHSA-2016-0061.html",
"http://rhn.redhat.com/errata/RHSA-2016-0062.html",
"http://rhn.redhat.com/errata/RHSA-2016-2054.html",
"http://rhn.redhat.com/errata/RHSA-2016-2055.html",
"http://rhn.redhat.com/errata/RHSA-2016-2056.html",
"http://www.apache.org/dist/httpd/CHANGES_2.4",
"http://www.debian.org/security/2015/dsa-3325",
"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
"http://www.securityfocus.com/bid/75963",
"http://www.securityfocus.com/bid/91787",
"http://www.securitytracker.com/id/1032967",
"http://www.ubuntu.com/usn/USN-2686-1",
"https://access.redhat.com/errata/RHSA-2015:2659",
"https://access.redhat.com/errata/RHSA-2015:2660",
"https://github.com/apache/httpd/commit/a6027e56924bb6227c1fdbf6f91e7e2438338be6",
"https://github.com/apache/httpd/commit/e427c41257957b57036d5a549b260b6185d1dd73",
"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246",
"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://puppet.com/security/cve/CVE-2015-3183",
"https://security.gentoo.org/glsa/201610-02",
"https://support.apple.com/HT205219",
"https://support.apple.com/kb/HT205031"
],
"score": 5,
"services": [
"631/http"
],
"severity": "medium",
"summary": "The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"weakness": "CWE-17"
},
"CVE-2016-4975": {
"id": "CVE-2016-4975",
"references": [
"http://www.securityfocus.com/bid/105093",
"https://httpd.apache.org/security/vulnerabilities_22.html#CVE-2016-4975",
"https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2016-4975",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://security.netapp.com/advisory/ntap-20180926-0006/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03908en_us"
],
"score": 6.1,
"services": [
"631/http"
],
"severity": "medium",
"summary": "Possible CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir. This issue was mitigated by changes made in 2.4.25 and 2.2.32 which prohibit CR or LF injection into the \"Location\" or other outbound header key or value. Fixed in Apache HTTP Server 2.4.25 (Affected 2.4.1-2.4.23). Fixed in Apache HTTP Server 2.2.32 (Affected 2.2.0-2.2.31).",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"weakness": "CWE-93"
},
"CVE-2016-5387": {
"id": "CVE-2016-5387",
"references": [
"http://lists.opensuse.org/opensuse-updates/2016-07/msg00059.html",
"http://rhn.redhat.com/errata/RHSA-2016-1624.html",
"http://rhn.redhat.com/errata/RHSA-2016-1625.html",
"http://rhn.redhat.com/errata/RHSA-2016-1648.html",
"http://rhn.redhat.com/errata/RHSA-2016-1649.html",
"http://rhn.redhat.com/errata/RHSA-2016-1650.html",
"http://www.debian.org/security/2016/dsa-3623",
"http://www.kb.cert.org/vuls/id/797896",
"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html",
"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
"http://www.securityfocus.com/bid/91816",
"http://www.securitytracker.com/id/1036330",
"http://www.ubuntu.com/usn/USN-3038-1",
"https://access.redhat.com/errata/RHSA-2016:1420",
"https://access.redhat.com/errata/RHSA-2016:1421",
"https://access.redhat.com/errata/RHSA-2016:1422",
"https://access.redhat.com/errata/RHSA-2016:1635",
"https://access.redhat.com/errata/RHSA-2016:1636",
"https://access.redhat.com/errata/RHSA-2016:1851",
"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us",
"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149",
"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722",
"https://httpoxy.org/",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WCTE7443AYZ4EGELWLVNANA2WJCJIYI/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NEKZAB7MTWVSMORHTEMCQNFFMIHCYF76/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPQAPWQA774JPDRV4UIB2SZAX6D3UZCV/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGNHXJJSWDXAOEYH5TMXDPQVJMQQJOAZ/",
"https://security.gentoo.org/glsa/201701-36",
"https://support.apple.com/HT208221",
"https://www.apache.org/security/asf-httpoxy-response.txt",
"https://www.tenable.com/security/tns-2017-04",
"http://lists.opensuse.org/opensuse-updates/2016-07/msg00059.html",
"http://rhn.redhat.com/errata/RHSA-2016-1624.html",
"http://rhn.redhat.com/errata/RHSA-2016-1625.html",
"http://rhn.redhat.com/errata/RHSA-2016-1648.html",
"http://rhn.redhat.com/errata/RHSA-2016-1649.html",
"http://rhn.redhat.com/errata/RHSA-2016-1650.html",
"http://www.debian.org/security/2016/dsa-3623",
"http://www.kb.cert.org/vuls/id/797896",
"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html",
"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
"http://www.securityfocus.com/bid/91816",
"http://www.securitytracker.com/id/1036330",
"http://www.ubuntu.com/usn/USN-3038-1",
"https://access.redhat.com/errata/RHSA-2016:1420",
"https://access.redhat.com/errata/RHSA-2016:1421",
"https://access.redhat.com/errata/RHSA-2016:1422",
"https://access.redhat.com/errata/RHSA-2016:1635",
"https://access.redhat.com/errata/RHSA-2016:1636",
"https://access.redhat.com/errata/RHSA-2016:1851",
"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us",
"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149",
"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722",
"https://httpoxy.org/",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WCTE7443AYZ4EGELWLVNANA2WJCJIYI/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NEKZAB7MTWVSMORHTEMCQNFFMIHCYF76/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPQAPWQA774JPDRV4UIB2SZAX6D3UZCV/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGNHXJJSWDXAOEYH5TMXDPQVJMQQJOAZ/",
"https://security.gentoo.org/glsa/201701-36",
"https://support.apple.com/HT208221",
"https://www.apache.org/security/asf-httpoxy-response.txt",
"https://www.tenable.com/security/tns-2017-04"
],
"score": 8.1,
"services": [
"631/http"
],
"severity": "high",
"summary": "The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an \"httpoxy\" issue. NOTE: the vendor states \"This mitigation has been assigned the identifier CVE-2016-5387\"; in other words, this is not a CVE ID for a vulnerability.",
"vector_string": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2016-8612": {
"id": "CVE-2016-8612",
"references": [
"http://rhn.redhat.com/errata/RHSA-2016-2957.html",
"http://www.securityfocus.com/bid/94939",
"https://access.redhat.com/errata/RHSA-2017:0193",
"https://access.redhat.com/errata/RHSA-2017:0194",
"https://bugzilla.redhat.com/show_bug.cgi?id=1387605",
"https://security.netapp.com/advisory/ntap-20180601-0005/",
"http://rhn.redhat.com/errata/RHSA-2016-2957.html",
"http://www.securityfocus.com/bid/94939",
"https://access.redhat.com/errata/RHSA-2017:0193",
"https://access.redhat.com/errata/RHSA-2017:0194",
"https://bugzilla.redhat.com/show_bug.cgi?id=1387605",
"https://security.netapp.com/advisory/ntap-20180601-0005/"
],
"score": 4.3,
"services": [
"631/http"
],
"severity": "medium",
"summary": "Apache HTTP Server mod_cluster before version httpd 2.4.23 is vulnerable to an Improper Input Validation in the protocol parsing logic in the load balancer resulting in a Segmentation Fault in the serving httpd process.",
"vector_string": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"weakness": "CWE-20"
},
"CVE-2016-8743": {
"id": "CVE-2016-8743",
"references": [
"http://rhn.redhat.com/errata/RHSA-2017-1415.html",
"http://www.debian.org/security/2017/dsa-3796",
"http://www.securityfocus.com/bid/95077",
"http://www.securitytracker.com/id/1037508",
"https://access.redhat.com/errata/RHSA-2017:0906",
"https://access.redhat.com/errata/RHSA-2017:1161",
"https://access.redhat.com/errata/RHSA-2017:1413",
"https://access.redhat.com/errata/RHSA-2017:1414",
"https://access.redhat.com/errata/RHSA-2017:1721",
"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbmu03753en_us",
"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03725en_us",
"https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2016-8743",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r09b8a39d1262adbab5528eea73df1b1f93e919bf004ed5a843d9cad1%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r4fe84db67fe9dc906c6185e58bbd9913f4356dd555a5c3db490694e5%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r94284b139540e5287ebdd3450682d3e3d187263dd6b75af8fa7d4890%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcb6c7b9e7ca727a7eeeb5f13f89488a03981cfa0e7c3125f18fa239%40%3Ccvs.httpd.apache.org%3E",
"https://security.gentoo.org/glsa/201701-36",
"https://security.netapp.com/advisory/ntap-20180423-0001/",
"https://support.apple.com/HT208221",
"https://www.tenable.com/security/tns-2017-04",
"http://rhn.redhat.com/errata/RHSA-2017-1415.html",
"http://www.debian.org/security/2017/dsa-3796",
"http://www.securityfocus.com/bid/95077",
"http://www.securitytracker.com/id/1037508",
"https://access.redhat.com/errata/RHSA-2017:0906",
"https://access.redhat.com/errata/RHSA-2017:1161",
"https://access.redhat.com/errata/RHSA-2017:1413",
"https://access.redhat.com/errata/RHSA-2017:1414",
"https://access.redhat.com/errata/RHSA-2017:1721",
"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbmu03753en_us",
"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03725en_us",
"https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2016-8743",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r09b8a39d1262adbab5528eea73df1b1f93e919bf004ed5a843d9cad1%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r4fe84db67fe9dc906c6185e58bbd9913f4356dd555a5c3db490694e5%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r94284b139540e5287ebdd3450682d3e3d187263dd6b75af8fa7d4890%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcb6c7b9e7ca727a7eeeb5f13f89488a03981cfa0e7c3125f18fa239%40%3Ccvs.httpd.apache.org%3E",
"https://security.gentoo.org/glsa/201701-36",
"https://security.netapp.com/advisory/ntap-20180423-0001/",
"https://support.apple.com/HT208221",
"https://www.tenable.com/security/tns-2017-04"
],
"score": 7.5,
"services": [
"631/http"
],
"severity": "high",
"summary": "Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security concern when httpd participates in any chain of proxies or interacts with back-end application servers, either through mod_proxy or using conventional CGI mechanisms, and may result in request smuggling, response splitting and cache pollution.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2017-3167": {
"id": "CVE-2017-3167",
"references": [
"http://www.debian.org/security/2017/dsa-3896",
"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"http://www.securityfocus.com/bid/99135",
"http://www.securitytracker.com/id/1038711",
"https://access.redhat.com/errata/RHSA-2017:2478",
"https://access.redhat.com/errata/RHSA-2017:2479",
"https://access.redhat.com/errata/RHSA-2017:2483",
"https://access.redhat.com/errata/RHSA-2017:3193",
"https://access.redhat.com/errata/RHSA-2017:3194",
"https://access.redhat.com/errata/RHSA-2017:3195",
"https://access.redhat.com/errata/RHSA-2017:3475",
"https://access.redhat.com/errata/RHSA-2017:3476",
"https://access.redhat.com/errata/RHSA-2017:3477",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8409e41a8f7dd9ded37141c38df001be930115428c3d64f70bbdb8b4%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://security.gentoo.org/glsa/201710-32",
"https://security.netapp.com/advisory/ntap-20180601-0002/",
"https://support.apple.com/HT208221",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03908en_us",
"https://www.nomachine.com/SU08O00185",
"https://www.tenable.com/security/tns-2019-09",
"http://www.debian.org/security/2017/dsa-3896",
"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"http://www.securityfocus.com/bid/99135",
"http://www.securitytracker.com/id/1038711",
"https://access.redhat.com/errata/RHSA-2017:2478",
"https://access.redhat.com/errata/RHSA-2017:2479",
"https://access.redhat.com/errata/RHSA-2017:2483",
"https://access.redhat.com/errata/RHSA-2017:3193",
"https://access.redhat.com/errata/RHSA-2017:3194",
"https://access.redhat.com/errata/RHSA-2017:3195",
"https://access.redhat.com/errata/RHSA-2017:3475",
"https://access.redhat.com/errata/RHSA-2017:3476",
"https://access.redhat.com/errata/RHSA-2017:3477",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8409e41a8f7dd9ded37141c38df001be930115428c3d64f70bbdb8b4%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://security.gentoo.org/glsa/201710-32",
"https://security.netapp.com/advisory/ntap-20180601-0002/",
"https://support.apple.com/HT208221",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03908en_us",
"https://www.nomachine.com/SU08O00185",
"https://www.tenable.com/security/tns-2019-09"
],
"score": 9.8,
"services": [
"631/http"
],
"severity": "critical",
"summary": "In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-287"
},
"CVE-2017-3169": {
"id": "CVE-2017-3169",
"references": [
"http://www.debian.org/security/2017/dsa-3896",
"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"http://www.securityfocus.com/bid/99134",
"http://www.securitytracker.com/id/1038711",
"https://access.redhat.com/errata/RHSA-2017:2478",
"https://access.redhat.com/errata/RHSA-2017:2479",
"https://access.redhat.com/errata/RHSA-2017:2483",
"https://access.redhat.com/errata/RHSA-2017:3193",
"https://access.redhat.com/errata/RHSA-2017:3194",
"https://access.redhat.com/errata/RHSA-2017:3195",
"https://access.redhat.com/errata/RHSA-2017:3475",
"https://access.redhat.com/errata/RHSA-2017:3476",
"https://access.redhat.com/errata/RHSA-2017:3477",
"https://github.com/gottburgm/Exploits/tree/master/CVE-2017-3169",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84bf7fcc5cad35d355f11839cbdd13cbc5ffc1d34675090bff0f96ae%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E",
"https://security.gentoo.org/glsa/201710-32",
"https://security.netapp.com/advisory/ntap-20180601-0002/",
"https://support.apple.com/HT208221",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03908en_us",
"https://www.nomachine.com/SU08O00185",
"https://www.tenable.com/security/tns-2019-09"
],
"score": 9.8,
"services": [
"631/http"
],
"severity": "critical",
"summary": "In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-476"
},
"CVE-2017-7679": {
"id": "CVE-2017-7679",
"references": [
"http://www.debian.org/security/2017/dsa-3896",
"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"http://www.securityfocus.com/bid/99170",
"http://www.securitytracker.com/id/1038711",
"https://access.redhat.com/errata/RHSA-2017:2478",
"https://access.redhat.com/errata/RHSA-2017:2479",
"https://access.redhat.com/errata/RHSA-2017:2483",
"https://access.redhat.com/errata/RHSA-2017:3193",
"https://access.redhat.com/errata/RHSA-2017:3194",
"https://access.redhat.com/errata/RHSA-2017:3195",
"https://access.redhat.com/errata/RHSA-2017:3475",
"https://access.redhat.com/errata/RHSA-2017:3476",
"https://access.redhat.com/errata/RHSA-2017:3477",
"https://github.com/gottburgm/Exploits/tree/master/CVE-2017-7679",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f4515e580dfb6eeca589a5cdebd4c4c709ce632b12924f343c3b7751%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E",
"https://security.gentoo.org/glsa/201710-32",
"https://security.netapp.com/advisory/ntap-20180601-0002/",
"https://support.apple.com/HT208221",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03821en_us",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03908en_us",
"https://www.nomachine.com/SU08O00185",
"https://www.tenable.com/security/tns-2019-09",
"http://www.debian.org/security/2017/dsa-3896",
"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"http://www.securityfocus.com/bid/99170",
"http://www.securitytracker.com/id/1038711",
"https://access.redhat.com/errata/RHSA-2017:2478",
"https://access.redhat.com/errata/RHSA-2017:2479",
"https://access.redhat.com/errata/RHSA-2017:2483",
"https://access.redhat.com/errata/RHSA-2017:3193",
"https://access.redhat.com/errata/RHSA-2017:3194",
"https://access.redhat.com/errata/RHSA-2017:3195",
"https://access.redhat.com/errata/RHSA-2017:3475",
"https://access.redhat.com/errata/RHSA-2017:3476",
"https://access.redhat.com/errata/RHSA-2017:3477",
"https://github.com/gottburgm/Exploits/tree/master/CVE-2017-7679",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f4515e580dfb6eeca589a5cdebd4c4c709ce632b12924f343c3b7751%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E",
"https://security.gentoo.org/glsa/201710-32",
"https://security.netapp.com/advisory/ntap-20180601-0002/",
"https://support.apple.com/HT208221",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03821en_us",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03908en_us",
"https://www.nomachine.com/SU08O00185",
"https://www.tenable.com/security/tns-2019-09"
],
"score": 9.8,
"services": [
"631/http"
],
"severity": "critical",
"summary": "In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-126"
},
"CVE-2017-9788": {
"id": "CVE-2017-9788",
"references": [
"http://www.debian.org/security/2017/dsa-3913",
"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"http://www.securityfocus.com/bid/99569",
"http://www.securitytracker.com/id/1038906",
"https://access.redhat.com/errata/RHSA-2017:2478",
"https://access.redhat.com/errata/RHSA-2017:2479",
"https://access.redhat.com/errata/RHSA-2017:2483",
"https://access.redhat.com/errata/RHSA-2017:2708",
"https://access.redhat.com/errata/RHSA-2017:2709",
"https://access.redhat.com/errata/RHSA-2017:2710",
"https://access.redhat.com/errata/RHSA-2017:3113",
"https://access.redhat.com/errata/RHSA-2017:3114",
"https://access.redhat.com/errata/RHSA-2017:3193",
"https://access.redhat.com/errata/RHSA-2017:3194",
"https://access.redhat.com/errata/RHSA-2017:3195",
"https://access.redhat.com/errata/RHSA-2017:3239",
"https://access.redhat.com/errata/RHSA-2017:3240",
"https://httpd.apache.org/security/vulnerabilities_22.html",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/0dd69204a6bd643cc4e9ccd008f07a9375525d977c6ebeb07a881afb%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E",
"https://security.gentoo.org/glsa/201710-32",
"https://security.netapp.com/advisory/ntap-20170911-0002/",
"https://support.apple.com/HT208221",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03908en_us",
"https://www.tenable.com/security/tns-2019-09",
"http://www.debian.org/security/2017/dsa-3913",
"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"http://www.securityfocus.com/bid/99569",
"http://www.securitytracker.com/id/1038906",
"https://access.redhat.com/errata/RHSA-2017:2478",
"https://access.redhat.com/errata/RHSA-2017:2479",
"https://access.redhat.com/errata/RHSA-2017:2483",
"https://access.redhat.com/errata/RHSA-2017:2708",
"https://access.redhat.com/errata/RHSA-2017:2709",
"https://access.redhat.com/errata/RHSA-2017:2710",
"https://access.redhat.com/errata/RHSA-2017:3113",
"https://access.redhat.com/errata/RHSA-2017:3114",
"https://access.redhat.com/errata/RHSA-2017:3193",
"https://access.redhat.com/errata/RHSA-2017:3194",
"https://access.redhat.com/errata/RHSA-2017:3195",
"https://access.redhat.com/errata/RHSA-2017:3239",
"https://access.redhat.com/errata/RHSA-2017:3240",
"https://httpd.apache.org/security/vulnerabilities_22.html",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/0dd69204a6bd643cc4e9ccd008f07a9375525d977c6ebeb07a881afb%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E",
"https://security.gentoo.org/glsa/201710-32",
"https://security.netapp.com/advisory/ntap-20170911-0002/",
"https://support.apple.com/HT208221",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03908en_us",
"https://www.tenable.com/security/tns-2019-09"
],
"score": 9.1,
"services": [
"631/http"
],
"severity": "critical",
"summary": "In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault in other cases resulting in denial of service.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"weakness": "CWE-20"
},
"CVE-2017-9798": {
"id": "CVE-2017-9798",
"references": [
"http://openwall.com/lists/oss-security/2017/09/18/2",
"http://www.debian.org/security/2017/dsa-3980",
"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"http://www.securityfocus.com/bid/100872",
"http://www.securityfocus.com/bid/105598",
"http://www.securitytracker.com/id/1039387",
"https://access.redhat.com/errata/RHSA-2017:2882",
"https://access.redhat.com/errata/RHSA-2017:2972",
"https://access.redhat.com/errata/RHSA-2017:3018",
"https://access.redhat.com/errata/RHSA-2017:3113",
"https://access.redhat.com/errata/RHSA-2017:3114",
"https://access.redhat.com/errata/RHSA-2017:3193",
"https://access.redhat.com/errata/RHSA-2017:3194",
"https://access.redhat.com/errata/RHSA-2017:3195",
"https://access.redhat.com/errata/RHSA-2017:3239",
"https://access.redhat.com/errata/RHSA-2017:3240",
"https://access.redhat.com/errata/RHSA-2017:3475",
"https://access.redhat.com/errata/RHSA-2017:3476",
"https://access.redhat.com/errata/RHSA-2017:3477",
"https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html",
"https://blog.fuzzing-project.org/uploads/apache-2.2-optionsbleed-backport.patch",
"https://github.com/apache/httpd/commit/4cc27823899e070268b906ca677ee838d07cf67a",
"https://github.com/hannob/optionsbleed",
"https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2017-9798",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E",
"https://security-tracker.debian.org/tracker/CVE-2017-9798",
"https://security.gentoo.org/glsa/201710-32",
"https://security.netapp.com/advisory/ntap-20180601-0003/",
"https://support.apple.com/HT208331",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us",
"https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/core.c?r1=1805223&r2=1807754&pathrev=1807754&view=patch",
"https://www.exploit-db.com/exploits/42745/",
"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"https://www.tenable.com/security/tns-2019-09",
"http://openwall.com/lists/oss-security/2017/09/18/2",
"http://www.debian.org/security/2017/dsa-3980",
"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"http://www.securityfocus.com/bid/100872",
"http://www.securityfocus.com/bid/105598",
"http://www.securitytracker.com/id/1039387",
"https://access.redhat.com/errata/RHSA-2017:2882",
"https://access.redhat.com/errata/RHSA-2017:2972",
"https://access.redhat.com/errata/RHSA-2017:3018",
"https://access.redhat.com/errata/RHSA-2017:3113",
"https://access.redhat.com/errata/RHSA-2017:3114",
"https://access.redhat.com/errata/RHSA-2017:3193",
"https://access.redhat.com/errata/RHSA-2017:3194",
"https://access.redhat.com/errata/RHSA-2017:3195",
"https://access.redhat.com/errata/RHSA-2017:3239",
"https://access.redhat.com/errata/RHSA-2017:3240",
"https://access.redhat.com/errata/RHSA-2017:3475",
"https://access.redhat.com/errata/RHSA-2017:3476",
"https://access.redhat.com/errata/RHSA-2017:3477",
"https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html",
"https://blog.fuzzing-project.org/uploads/apache-2.2-optionsbleed-backport.patch",
"https://github.com/apache/httpd/commit/4cc27823899e070268b906ca677ee838d07cf67a",
"https://github.com/hannob/optionsbleed",
"https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2017-9798",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E",
"https://security-tracker.debian.org/tracker/CVE-2017-9798",
"https://security.gentoo.org/glsa/201710-32",
"https://security.netapp.com/advisory/ntap-20180601-0003/",
"https://support.apple.com/HT208331",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us",
"https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/core.c?r1=1805223&r2=1807754&pathrev=1807754&view=patch",
"https://www.exploit-db.com/exploits/42745/",
"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"https://www.tenable.com/security/tns-2019-09"
],
"score": 7.5,
"services": [
"631/http"
],
"severity": "high",
"summary": "Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret data. This is a use-after-free issue and thus secret data is not always sent, and the specific data depends on many factors including configuration. Exploitation with .htaccess can be blocked with a patch to the ap_limit_section function in server/core.c.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"weakness": "CWE-416"
},
"CVE-2018-1301": {
"id": "CVE-2018-1301",
"references": [
"http://www.openwall.com/lists/oss-security/2018/03/24/2",
"http://www.securityfocus.com/bid/103515",
"http://www.securitytracker.com/id/1040573",
"https://access.redhat.com/errata/RHSA-2018:3558",
"https://access.redhat.com/errata/RHSA-2019:0366",
"https://access.redhat.com/errata/RHSA-2019:0367",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2018/05/msg00020.html",
"https://security.netapp.com/advisory/ntap-20180601-0004/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us",
"https://usn.ubuntu.com/3627-1/",
"https://usn.ubuntu.com/3627-2/",
"https://usn.ubuntu.com/3937-2/",
"https://www.debian.org/security/2018/dsa-4164",
"https://www.tenable.com/security/tns-2019-09",
"http://www.openwall.com/lists/oss-security/2018/03/24/2",
"http://www.securityfocus.com/bid/103515",
"http://www.securitytracker.com/id/1040573",
"https://access.redhat.com/errata/RHSA-2018:3558",
"https://access.redhat.com/errata/RHSA-2019:0366",
"https://access.redhat.com/errata/RHSA-2019:0367",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2018/05/msg00020.html",
"https://security.netapp.com/advisory/ntap-20180601-0004/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us",
"https://usn.ubuntu.com/3627-1/",
"https://usn.ubuntu.com/3627-2/",
"https://usn.ubuntu.com/3937-2/",
"https://www.debian.org/security/2018/dsa-4164",
"https://www.tenable.com/security/tns-2019-09"
],
"score": 5.9,
"services": [
"631/http"
],
"severity": "medium",
"summary": "A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an out of bound access after a size limit is reached by reading the HTTP header. This vulnerability is considered very hard if not impossible to trigger in non-debug mode (both log and build level), so it is classified as low risk for common server usage.",
"vector_string": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-119"
},
"CVE-2018-1302": {
"id": "CVE-2018-1302",
"references": [
"http://www.openwall.com/lists/oss-security/2018/03/24/5",
"http://www.securityfocus.com/bid/103528",
"http://www.securitytracker.com/id/1040567",
"https://access.redhat.com/errata/RHSA-2019:0366",
"https://access.redhat.com/errata/RHSA-2019:0367",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E",
"https://security.netapp.com/advisory/ntap-20180601-0004/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us",
"https://usn.ubuntu.com/3783-1/",
"https://www.tenable.com/security/tns-2019-09",
"http://www.openwall.com/lists/oss-security/2018/03/24/5",
"http://www.securityfocus.com/bid/103528",
"http://www.securitytracker.com/id/1040567",
"https://access.redhat.com/errata/RHSA-2019:0366",
"https://access.redhat.com/errata/RHSA-2019:0367",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E",
"https://security.netapp.com/advisory/ntap-20180601-0004/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us",
"https://usn.ubuntu.com/3783-1/",
"https://www.tenable.com/security/tns-2019-09"
],
"score": 5.9,
"services": [
"631/http"
],
"severity": "medium",
"summary": "When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.30 could have written a NULL pointer potentially to an already freed memory. The memory pools maintained by the server make this vulnerability hard to trigger in usual configurations, the reporter and the team could not reproduce it outside debug builds, so it is classified as low risk.",
"vector_string": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-476"
},
"CVE-2018-1303": {
"id": "CVE-2018-1303",
"references": [
"http://www.openwall.com/lists/oss-security/2018/03/24/3",
"http://www.securityfocus.com/bid/103522",
"http://www.securitytracker.com/id/1040572",
"https://access.redhat.com/errata/RHSA-2018:3558",
"https://access.redhat.com/errata/RHSA-2019:0366",
"https://access.redhat.com/errata/RHSA-2019:0367",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E",
"https://security.netapp.com/advisory/ntap-20180601-0004/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us",
"https://usn.ubuntu.com/3627-1/",
"https://usn.ubuntu.com/3627-2/",
"https://www.debian.org/security/2018/dsa-4164",
"https://www.tenable.com/security/tns-2019-09",
"http://www.openwall.com/lists/oss-security/2018/03/24/3",
"http://www.securityfocus.com/bid/103522",
"http://www.securitytracker.com/id/1040572",
"https://access.redhat.com/errata/RHSA-2018:3558",
"https://access.redhat.com/errata/RHSA-2019:0366",
"https://access.redhat.com/errata/RHSA-2019:0367",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E",
"https://security.netapp.com/advisory/ntap-20180601-0004/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us",
"https://usn.ubuntu.com/3627-1/",
"https://usn.ubuntu.com/3627-2/",
"https://www.debian.org/security/2018/dsa-4164",
"https://www.tenable.com/security/tns-2019-09"
],
"score": 7.5,
"services": [
"631/http"
],
"severity": "high",
"summary": "A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial of Service attack against users of mod_cache_socache. The vulnerability is considered as low risk since mod_cache_socache is not widely used, mod_cache_disk is not concerned by this vulnerability.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-125"
},
"CVE-2018-15891": {
"id": "CVE-2018-15891",
"references": [
"https://wiki.freepbx.org/display/FOP/2018-09-11+Core+Stored+XSS?src=contextnavpagetreemode",
"https://www.freepbx.org/",
"https://wiki.freepbx.org/display/FOP/2018-09-11+Core+Stored+XSS?src=contextnavpagetreemode",
"https://www.freepbx.org/"
],
"score": 4.8,
"services": [
"1434/sip-proxy"
],
"severity": "medium",
"summary": "An issue was discovered in FreePBX core before 3.0.122.43, 14.0.18.34, and 5.0.1beta4. By crafting a request for adding Asterisk modules, an attacker is able to store JavaScript commands in a module name.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"weakness": "CWE-79"
},
"CVE-2018-20406": {
"id": "CVE-2018-20406",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html",
"https://access.redhat.com/errata/RHSA-2019:3725",
"https://bugs.python.org/issue34656",
"https://github.com/python/cpython/commit/a4ae828ee416a66d8c7bf5ee71d653c2cc6a26dd",
"https://lists.debian.org/debian-lts-announce/2019/02/msg00011.html",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46PVWY5LFP4BRPG3BVQ5QEEFYBVEXHCK/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AEZ5IQT7OF7Q2NCGIVABOWYGKO7YU3NJ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D3LXPABKVLFYUHRYJPM3CSS5MS6FXKS7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ICBEGRHIPHWPG2VGYS6R4EVKVUUF4AQW/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JSKPGPZQNTAULHW4UH63KGOOUIDE4RRB/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TR6GCO3WTV4D5L23WTCBF275VE6BVNI3/",
"https://security.netapp.com/advisory/ntap-20190416-0010/",
"https://usn.ubuntu.com/4127-1/",
"https://usn.ubuntu.com/4127-2/",
"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html",
"https://access.redhat.com/errata/RHSA-2019:3725",
"https://bugs.python.org/issue34656",
"https://github.com/python/cpython/commit/a4ae828ee416a66d8c7bf5ee71d653c2cc6a26dd",
"https://lists.debian.org/debian-lts-announce/2019/02/msg00011.html",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46PVWY5LFP4BRPG3BVQ5QEEFYBVEXHCK/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AEZ5IQT7OF7Q2NCGIVABOWYGKO7YU3NJ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D3LXPABKVLFYUHRYJPM3CSS5MS6FXKS7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ICBEGRHIPHWPG2VGYS6R4EVKVUUF4AQW/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JSKPGPZQNTAULHW4UH63KGOOUIDE4RRB/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TR6GCO3WTV4D5L23WTCBF275VE6BVNI3/",
"https://security.netapp.com/advisory/ntap-20190416-0010/",
"https://usn.ubuntu.com/4127-1/",
"https://usn.ubuntu.com/4127-2/"
],
"score": 7.5,
"services": [
"27018/http"
],
"severity": "high",
"summary": "Modules/_pickle.c in Python before 3.7.1 has an integer overflow via a large LONG_BINPUT value that is mishandled during a \"resize to twice the size\" attempt. This issue might cause memory exhaustion, but is only relevant if the pickle format is used for serializing tens or hundreds of gigabytes of data. This issue is fixed in: v3.4.10, v3.4.10rc1; v3.5.10, v3.5.10rc1, v3.5.7, v3.5.7rc1, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.7, v3.6.7rc1, v3.6.7rc2, v3.6.8, v3.6.8rc1, v3.6.9, v3.6.9rc1; v3.7.1, v3.7.1rc1, v3.7.1rc2, v3.7.2, v3.7.2rc1, v3.7.3, v3.7.3rc1, v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-190"
},
"CVE-2019-15903": {
"id": "CVE-2019-15903",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00080.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00081.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00000.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00002.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00003.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00013.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00016.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00017.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00018.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00019.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html",
"http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html",
"http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html",
"http://packetstormsecurity.com/files/154947/Slackware-Security-Advisory-mozilla-firefox-Updates.html",
"http://seclists.org/fulldisclosure/2019/Dec/23",
"http://seclists.org/fulldisclosure/2019/Dec/26",
"http://seclists.org/fulldisclosure/2019/Dec/27",
"http://seclists.org/fulldisclosure/2019/Dec/30",
"https://access.redhat.com/errata/RHSA-2019:3210",
"https://access.redhat.com/errata/RHSA-2019:3237",
"https://access.redhat.com/errata/RHSA-2019:3756",
"https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43",
"https://github.com/libexpat/libexpat/issues/317",
"https://github.com/libexpat/libexpat/issues/342",
"https://github.com/libexpat/libexpat/pull/318",
"https://lists.debian.org/debian-lts-announce/2019/11/msg00006.html",
"https://lists.debian.org/debian-lts-announce/2019/11/msg00017.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/",
"https://seclists.org/bugtraq/2019/Dec/17",
"https://seclists.org/bugtraq/2019/Dec/21",
"https://seclists.org/bugtraq/2019/Dec/23",
"https://seclists.org/bugtraq/2019/Nov/1",
"https://seclists.org/bugtraq/2019/Nov/24",
"https://seclists.org/bugtraq/2019/Oct/29",
"https://seclists.org/bugtraq/2019/Sep/30",
"https://seclists.org/bugtraq/2019/Sep/37",
"https://security.gentoo.org/glsa/201911-08",
"https://security.netapp.com/advisory/ntap-20190926-0004/",
"https://support.apple.com/kb/HT210785",
"https://support.apple.com/kb/HT210788",
"https://support.apple.com/kb/HT210789",
"https://support.apple.com/kb/HT210790",
"https://support.apple.com/kb/HT210793",
"https://support.apple.com/kb/HT210794",
"https://support.apple.com/kb/HT210795",
"https://usn.ubuntu.com/4132-1/",
"https://usn.ubuntu.com/4132-2/",
"https://usn.ubuntu.com/4165-1/",
"https://usn.ubuntu.com/4202-1/",
"https://usn.ubuntu.com/4335-1/",
"https://www.debian.org/security/2019/dsa-4530",
"https://www.debian.org/security/2019/dsa-4549",
"https://www.debian.org/security/2019/dsa-4571",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/security-alerts/cpuoct2020.html",
"https://www.tenable.com/security/tns-2021-11",
"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00080.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00081.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00000.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00002.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00003.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00013.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00016.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00017.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00018.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00019.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html",
"http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html",
"http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html",
"http://packetstormsecurity.com/files/154947/Slackware-Security-Advisory-mozilla-firefox-Updates.html",
"http://seclists.org/fulldisclosure/2019/Dec/23",
"http://seclists.org/fulldisclosure/2019/Dec/26",
"http://seclists.org/fulldisclosure/2019/Dec/27",
"http://seclists.org/fulldisclosure/2019/Dec/30",
"https://access.redhat.com/errata/RHSA-2019:3210",
"https://access.redhat.com/errata/RHSA-2019:3237",
"https://access.redhat.com/errata/RHSA-2019:3756",
"https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43",
"https://github.com/libexpat/libexpat/issues/317",
"https://github.com/libexpat/libexpat/issues/342",
"https://github.com/libexpat/libexpat/pull/318",
"https://lists.debian.org/debian-lts-announce/2019/11/msg00006.html",
"https://lists.debian.org/debian-lts-announce/2019/11/msg00017.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/",
"https://seclists.org/bugtraq/2019/Dec/17",
"https://seclists.org/bugtraq/2019/Dec/21",
"https://seclists.org/bugtraq/2019/Dec/23",
"https://seclists.org/bugtraq/2019/Nov/1",
"https://seclists.org/bugtraq/2019/Nov/24",
"https://seclists.org/bugtraq/2019/Oct/29",
"https://seclists.org/bugtraq/2019/Sep/30",
"https://seclists.org/bugtraq/2019/Sep/37",
"https://security.gentoo.org/glsa/201911-08",
"https://security.netapp.com/advisory/ntap-20190926-0004/",
"https://support.apple.com/kb/HT210785",
"https://support.apple.com/kb/HT210788",
"https://support.apple.com/kb/HT210789",
"https://support.apple.com/kb/HT210790",
"https://support.apple.com/kb/HT210793",
"https://support.apple.com/kb/HT210794",
"https://support.apple.com/kb/HT210795",
"https://usn.ubuntu.com/4132-1/",
"https://usn.ubuntu.com/4132-2/",
"https://usn.ubuntu.com/4165-1/",
"https://usn.ubuntu.com/4202-1/",
"https://usn.ubuntu.com/4335-1/",
"https://www.debian.org/security/2019/dsa-4530",
"https://www.debian.org/security/2019/dsa-4549",
"https://www.debian.org/security/2019/dsa-4571",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/security-alerts/cpuoct2020.html",
"https://www.tenable.com/security/tns-2021-11"
],
"score": 7.5,
"services": [
"27018/http"
],
"severity": "high",
"summary": "In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-125"
},
"CVE-2019-16056": {
"id": "CVE-2019-16056",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00062.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00063.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00012.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00021.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html",
"https://access.redhat.com/errata/RHSA-2019:3725",
"https://access.redhat.com/errata/RHSA-2019:3948",
"https://bugs.python.org/issue34155",
"https://github.com/python/cpython/commit/8cb65d1381b027f0b09ee36bfed7f35bb4dec9a9",
"https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2019/09/msg00018.html",
"https://lists.debian.org/debian-lts-announce/2019/09/msg00019.html",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html",
"https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEARDOTXCYPYELKBD2KWZ27GSPXDI3GQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/COATURTCY7G67AYI6UDV5B2JZTBCKIDX/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E2HP37NUVLQSBW3J735A2DQDOZ4ZGBLY/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ER6LONC2B2WYIO56GBQUDU6QTWZDPUNQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K4KZEFP6E4YPYB52AF4WXCUDSGQOTF37/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K7HNVIFMETMFWWWUNTB72KYJYXCZOS5V/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NF3DRDGMVIRYNZMSLJIHNW47HOUQYXVG/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OYGESQSGIHDCIGOBVF7VXCMIE6YDWRYB/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QASRD4E2G65GGEHYKVHYCXB2XWAGTNL4/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QP46PQSUKYPGWTADQ67NOV3BUN6JM34Z/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SDQQ56P7ZZR64XV5DUVWNSNXKKEXUG2J/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBTGPBUABGXZ7WH7677OEM3NSP6ZEA76/",
"https://security.netapp.com/advisory/ntap-20190926-0005/",
"https://usn.ubuntu.com/4151-1/",
"https://usn.ubuntu.com/4151-2/",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/security-alerts/cpujul2020.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00062.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00063.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00012.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00021.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html",
"https://access.redhat.com/errata/RHSA-2019:3725",
"https://access.redhat.com/errata/RHSA-2019:3948",
"https://bugs.python.org/issue34155",
"https://github.com/python/cpython/commit/8cb65d1381b027f0b09ee36bfed7f35bb4dec9a9",
"https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2019/09/msg00018.html",
"https://lists.debian.org/debian-lts-announce/2019/09/msg00019.html",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html",
"https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEARDOTXCYPYELKBD2KWZ27GSPXDI3GQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/COATURTCY7G67AYI6UDV5B2JZTBCKIDX/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E2HP37NUVLQSBW3J735A2DQDOZ4ZGBLY/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ER6LONC2B2WYIO56GBQUDU6QTWZDPUNQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K4KZEFP6E4YPYB52AF4WXCUDSGQOTF37/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K7HNVIFMETMFWWWUNTB72KYJYXCZOS5V/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NF3DRDGMVIRYNZMSLJIHNW47HOUQYXVG/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OYGESQSGIHDCIGOBVF7VXCMIE6YDWRYB/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QASRD4E2G65GGEHYKVHYCXB2XWAGTNL4/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QP46PQSUKYPGWTADQ67NOV3BUN6JM34Z/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SDQQ56P7ZZR64XV5DUVWNSNXKKEXUG2J/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBTGPBUABGXZ7WH7677OEM3NSP6ZEA76/",
"https://security.netapp.com/advisory/ntap-20190926-0005/",
"https://usn.ubuntu.com/4151-1/",
"https://usn.ubuntu.com/4151-2/",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/security-alerts/cpujul2020.html"
],
"score": 7.5,
"services": [
"27018/http"
],
"severity": "high",
"summary": "An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address that should be denied. An attack may be the same as in CVE-2019-11340; however, this CVE applies to Python more generally.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2019-16935": {
"id": "CVE-2019-16935",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00062.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00063.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00012.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00021.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html",
"https://bugs.python.org/issue38243",
"https://github.com/python/cpython/blob/35c0809158be7feae4c4f877a08b93baea2d8291/Lib/xmlrpc/server.py#L897",
"https://github.com/python/cpython/blob/e007860b8b3609ce0bc62b1780efaa06241520bd/Lib/DocXMLRPCServer.py#L213",
"https://github.com/python/cpython/pull/16373",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html",
"https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEARDOTXCYPYELKBD2KWZ27GSPXDI3GQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/COATURTCY7G67AYI6UDV5B2JZTBCKIDX/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K7HNVIFMETMFWWWUNTB72KYJYXCZOS5V/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OYGESQSGIHDCIGOBVF7VXCMIE6YDWRYB/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBTGPBUABGXZ7WH7677OEM3NSP6ZEA76/",
"https://security.netapp.com/advisory/ntap-20191017-0004/",
"https://usn.ubuntu.com/4151-1/",
"https://usn.ubuntu.com/4151-2/",
"https://www.oracle.com/security-alerts/cpujul2020.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00062.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00063.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00012.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00021.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html",
"https://bugs.python.org/issue38243",
"https://github.com/python/cpython/blob/35c0809158be7feae4c4f877a08b93baea2d8291/Lib/xmlrpc/server.py#L897",
"https://github.com/python/cpython/blob/e007860b8b3609ce0bc62b1780efaa06241520bd/Lib/DocXMLRPCServer.py#L213",
"https://github.com/python/cpython/pull/16373",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html",
"https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEARDOTXCYPYELKBD2KWZ27GSPXDI3GQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/COATURTCY7G67AYI6UDV5B2JZTBCKIDX/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K7HNVIFMETMFWWWUNTB72KYJYXCZOS5V/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OYGESQSGIHDCIGOBVF7VXCMIE6YDWRYB/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBTGPBUABGXZ7WH7677OEM3NSP6ZEA76/",
"https://security.netapp.com/advisory/ntap-20191017-0004/",
"https://usn.ubuntu.com/4151-1/",
"https://usn.ubuntu.com/4151-2/",
"https://www.oracle.com/security-alerts/cpujul2020.html"
],
"score": 6.1,
"services": [
"27018/http"
],
"severity": "medium",
"summary": "The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. If set_server_title is called with untrusted input, arbitrary JavaScript can be delivered to clients that visit the http URL for this server.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"weakness": "CWE-79"
},
"CVE-2019-18348": {
"id": "CVE-2019-18348",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00041.html",
"https://bugs.python.org/issue30458#msg347282",
"https://bugzilla.redhat.com/show_bug.cgi?id=1727276",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A5NSAX4SC3V64PGZUPH7PRDLSON34Q5A/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UESGYI5XDAHJBATEZN3MHNDUBDH47AS6/",
"https://security.netapp.com/advisory/ntap-20191107-0004/",
"https://usn.ubuntu.com/4333-1/",
"https://usn.ubuntu.com/4333-2/",
"https://www.oracle.com/security-alerts/cpuoct2020.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00041.html",
"https://bugs.python.org/issue30458#msg347282",
"https://bugzilla.redhat.com/show_bug.cgi?id=1727276",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A5NSAX4SC3V64PGZUPH7PRDLSON34Q5A/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UESGYI5XDAHJBATEZN3MHNDUBDH47AS6/",
"https://security.netapp.com/advisory/ntap-20191107-0004/",
"https://usn.ubuntu.com/4333-1/",
"https://usn.ubuntu.com/4333-2/",
"https://www.oracle.com/security-alerts/cpuoct2020.html"
],
"score": 6.1,
"services": [
"27018/http"
],
"severity": "medium",
"summary": "An issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x through 3.8.0. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the host component of a URL) followed by an HTTP header. This is similar to the CVE-2019-9740 query string issue and the CVE-2019-9947 path string issue. (This is not exploitable when glibc has CVE-2016-10739 fixed.). This is fixed in: v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1; v3.6.11, v3.6.11rc1, v3.6.12; v3.7.8, v3.7.8rc1, v3.7.9; v3.8.3, v3.8.3rc1, v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"weakness": "CWE-74"
},
"CVE-2019-19538": {
"id": "CVE-2019-19538",
"references": [
"https://community.freepbx.org/t/freepbx-security-vulnerability-sec-2019-00",
"https://wiki.freepbx.org/display/FOP/2019-12-03+Remote+Command+Execution",
"https://community.freepbx.org/t/freepbx-security-vulnerability-sec-2019-00",
"https://wiki.freepbx.org/display/FOP/2019-12-03+Remote+Command+Execution"
],
"score": 7.2,
"services": [
"1434/sip-proxy"
],
"severity": "high",
"summary": "In Sangoma FreePBX 13 through 15 and sysadmin (aka System Admin) 13.0.92 through 15.0.13.6 modules have a Remote Command Execution vulnerability that results in Privilege Escalation.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2019-19851": {
"id": "CVE-2019-19851",
"references": [
"https://wiki.freepbx.org/display/FOP/2020-01-09+XSS+Injection+vulnerability+in+Superfecta+Module",
"https://wiki.freepbx.org/display/FOP/List+of+Securities+Vulnerabilities",
"https://wiki.freepbx.org/display/FOP/2020-01-09+XSS+Injection+vulnerability+in+Superfecta+Module",
"https://wiki.freepbx.org/display/FOP/List+of+Securities+Vulnerabilities"
],
"score": 4.8,
"services": [
"1434/sip-proxy"
],
"severity": "medium",
"summary": "An XSS Injection vulnerability exists in Sangoma FreePBX and PBXact 13, 14, and 15 within the Debug/Test page of the Superfecta module at the admin/config.php?display=superfecta URI. This affects Superfecta through 13.0.4.7, 14.x through 14.0.24, and 15.x through 15.0.2.20.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"weakness": "CWE-79"
},
"CVE-2019-20907": {
"id": "CVE-2019-20907",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00051.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00052.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00053.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00056.html",
"https://bugs.python.org/issue39017",
"https://github.com/python/cpython/pull/21454",
"https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html",
"https://lists.debian.org/debian-lts-announce/2020/11/msg00032.html",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36XI3EEQNMHGOZEI63Y7UV6XZRELYEAU/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CAXHCY4V3LPAAJOBCJ26ISZ4NUXQXTUZ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNHPQGSP2YM3JAUD2VAMPXTIUQTZ2M2U/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CTUNTBJ3POHONQOTLEZC46POCIYYTAKZ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE4O3PNDNNOMSKHNUKZKD3NGHIFUFDPX/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NTBKKOLFFNHG6CM4ACDX4APHSD5ZX5N4/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OXI72HIHMXCQFWTULUXDG7VDA2BCYL4Y/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PDKKRXLNVXRF6VGERZSR3OMQR5D5QI6I/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TOGKLGTXZLHQQFBVCAPSUDA6DOOJFNRY/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3TALOUBYU2MQD4BPLRTDQUMBKGCAXUA/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V53P2YOLEQH4J7S5QHXMKMZYFTVVMTMO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VT4AF72TJ2XNIKCR4WEBR7URBJJ4YZRD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YILCHHTNLH4GG4GSQBX2MZRKZBXOLCKE/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YSL3XWVDMSMKO23HR74AJQ6VEM3C2NTS/",
"https://security.gentoo.org/glsa/202008-01",
"https://security.netapp.com/advisory/ntap-20200731-0002/",
"https://usn.ubuntu.com/4428-1/",
"https://www.oracle.com/security-alerts/cpujan2021.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00051.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00052.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00053.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00056.html",
"https://bugs.python.org/issue39017",
"https://github.com/python/cpython/pull/21454",
"https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html",
"https://lists.debian.org/debian-lts-announce/2020/11/msg00032.html",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36XI3EEQNMHGOZEI63Y7UV6XZRELYEAU/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CAXHCY4V3LPAAJOBCJ26ISZ4NUXQXTUZ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNHPQGSP2YM3JAUD2VAMPXTIUQTZ2M2U/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CTUNTBJ3POHONQOTLEZC46POCIYYTAKZ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE4O3PNDNNOMSKHNUKZKD3NGHIFUFDPX/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NTBKKOLFFNHG6CM4ACDX4APHSD5ZX5N4/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OXI72HIHMXCQFWTULUXDG7VDA2BCYL4Y/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PDKKRXLNVXRF6VGERZSR3OMQR5D5QI6I/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TOGKLGTXZLHQQFBVCAPSUDA6DOOJFNRY/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3TALOUBYU2MQD4BPLRTDQUMBKGCAXUA/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V53P2YOLEQH4J7S5QHXMKMZYFTVVMTMO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VT4AF72TJ2XNIKCR4WEBR7URBJJ4YZRD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YILCHHTNLH4GG4GSQBX2MZRKZBXOLCKE/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YSL3XWVDMSMKO23HR74AJQ6VEM3C2NTS/",
"https://security.gentoo.org/glsa/202008-01",
"https://security.netapp.com/advisory/ntap-20200731-0002/",
"https://usn.ubuntu.com/4428-1/",
"https://www.oracle.com/security-alerts/cpujan2021.html"
],
"score": 7.5,
"services": [
"27018/http"
],
"severity": "high",
"summary": "In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-835"
},
"CVE-2019-9674": {
"id": "CVE-2019-9674",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00041.html",
"https://bugs.python.org/issue36260",
"https://bugs.python.org/issue36462",
"https://github.com/python/cpython/blob/master/Lib/zipfile.py",
"https://python-security.readthedocs.io/security.html#archives-and-zip-bomb",
"https://security.netapp.com/advisory/ntap-20200221-0003/",
"https://usn.ubuntu.com/4428-1/",
"https://www.python.org/news/security/",
"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00041.html",
"https://bugs.python.org/issue36260",
"https://bugs.python.org/issue36462",
"https://github.com/python/cpython/blob/master/Lib/zipfile.py",
"https://python-security.readthedocs.io/security.html#archives-and-zip-bomb",
"https://security.netapp.com/advisory/ntap-20200221-0003/",
"https://usn.ubuntu.com/4428-1/",
"https://www.python.org/news/security/"
],
"score": 7.5,
"services": [
"27018/http"
],
"severity": "high",
"summary": "Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-400"
},
"CVE-2020-14422": {
"id": "CVE-2020-14422",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00003.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00006.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00032.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00041.html",
"https://bugs.python.org/issue41004",
"https://github.com/python/cpython/pull/20956",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00016.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36XI3EEQNMHGOZEI63Y7UV6XZRELYEAU/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNHPQGSP2YM3JAUD2VAMPXTIUQTZ2M2U/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CTUNTBJ3POHONQOTLEZC46POCIYYTAKZ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FCCZTAYZATTNSNEAXWA7U3HCO2OVQKT5/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE4O3PNDNNOMSKHNUKZKD3NGHIFUFDPX/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NTBKKOLFFNHG6CM4ACDX4APHSD5ZX5N4/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OXI72HIHMXCQFWTULUXDG7VDA2BCYL4Y/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3TALOUBYU2MQD4BPLRTDQUMBKGCAXUA/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V53P2YOLEQH4J7S5QHXMKMZYFTVVMTMO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VT4AF72TJ2XNIKCR4WEBR7URBJJ4YZRD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X36Y523UAZY5QFXZAAORNFY63HLBWX7N/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YILCHHTNLH4GG4GSQBX2MZRKZBXOLCKE/",
"https://security.gentoo.org/glsa/202008-01",
"https://security.netapp.com/advisory/ntap-20200724-0004/",
"https://usn.ubuntu.com/4428-1/",
"https://www.oracle.com/security-alerts/cpujan2021.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00003.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00006.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00032.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00041.html",
"https://bugs.python.org/issue41004",
"https://github.com/python/cpython/pull/20956",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00016.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36XI3EEQNMHGOZEI63Y7UV6XZRELYEAU/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNHPQGSP2YM3JAUD2VAMPXTIUQTZ2M2U/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CTUNTBJ3POHONQOTLEZC46POCIYYTAKZ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FCCZTAYZATTNSNEAXWA7U3HCO2OVQKT5/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE4O3PNDNNOMSKHNUKZKD3NGHIFUFDPX/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NTBKKOLFFNHG6CM4ACDX4APHSD5ZX5N4/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OXI72HIHMXCQFWTULUXDG7VDA2BCYL4Y/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3TALOUBYU2MQD4BPLRTDQUMBKGCAXUA/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V53P2YOLEQH4J7S5QHXMKMZYFTVVMTMO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VT4AF72TJ2XNIKCR4WEBR7URBJJ4YZRD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X36Y523UAZY5QFXZAAORNFY63HLBWX7N/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YILCHHTNLH4GG4GSQBX2MZRKZBXOLCKE/",
"https://security.gentoo.org/glsa/202008-01",
"https://security.netapp.com/advisory/ntap-20200724-0004/",
"https://usn.ubuntu.com/4428-1/",
"https://www.oracle.com/security-alerts/cpujan2021.html"
],
"score": 5.9,
"services": [
"27018/http"
],
"severity": "medium",
"summary": "Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects, and this attacker can cause many dictionary entries to be created. This is fixed in: v3.5.10, v3.5.10rc1; v3.6.12; v3.7.9; v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1; v3.9.0, v3.9.0b4, v3.9.0b5, v3.9.0rc1, v3.9.0rc2.",
"vector_string": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-330"
},
"CVE-2020-15523": {
"id": "CVE-2020-15523",
"references": [
"https://bugs.python.org/issue29778",
"https://github.com/python/cpython/pull/21297",
"https://security.netapp.com/advisory/ntap-20210312-0004/",
"https://bugs.python.org/issue29778",
"https://github.com/python/cpython/pull/21297",
"https://security.netapp.com/advisory/ntap-20210312-0004/"
],
"score": 7.8,
"services": [
"27018/http"
],
"severity": "high",
"summary": "In Python 3.6 through 3.6.10, 3.7 through 3.7.8, 3.8 through 3.8.4rc1, and 3.9 through 3.9.0b4 on Windows, a Trojan horse python3.dll might be used in cases where CPython is embedded in a native application. This occurs because python3X.dll may use an invalid search path for python3.dll loading (after Py_SetPath has been used). NOTE: this issue CANNOT occur when using python.exe from a standard (non-embedded) Python installation on Windows.",
"vector_string": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"weakness": "CWE-427"
},
"CVE-2020-26116": {
"id": "CVE-2020-26116",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00027.html",
"https://bugs.python.org/issue39603",
"https://lists.debian.org/debian-lts-announce/2020/11/msg00032.html",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BW4GCLQISJCOEGQNIMVUZDQMIY6RR6CC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HDQ2THWU4GPV4Y5H5WW5PFMSWXL2CRFD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWMAVY4T4257AZHTF2RZJKNJNSJFY24O/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OXI72HIHMXCQFWTULUXDG7VDA2BCYL4Y/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QOX7DGMMWWL6POCRYGAUCISOLR2IG3XV/",
"https://python-security.readthedocs.io/vuln/http-header-injection-method.html",
"https://security.gentoo.org/glsa/202101-18",
"https://security.netapp.com/advisory/ntap-20201023-0001/",
"https://usn.ubuntu.com/4581-1/",
"https://www.oracle.com/security-alerts/cpuoct2021.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00027.html",
"https://bugs.python.org/issue39603",
"https://lists.debian.org/debian-lts-announce/2020/11/msg00032.html",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BW4GCLQISJCOEGQNIMVUZDQMIY6RR6CC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HDQ2THWU4GPV4Y5H5WW5PFMSWXL2CRFD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWMAVY4T4257AZHTF2RZJKNJNSJFY24O/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OXI72HIHMXCQFWTULUXDG7VDA2BCYL4Y/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QOX7DGMMWWL6POCRYGAUCISOLR2IG3XV/",
"https://python-security.readthedocs.io/vuln/http-header-injection-method.html",
"https://security.gentoo.org/glsa/202101-18",
"https://security.netapp.com/advisory/ntap-20201023-0001/",
"https://usn.ubuntu.com/4581-1/",
"https://www.oracle.com/security-alerts/cpuoct2021.html"
],
"score": 7.2,
"services": [
"27018/http"
],
"severity": "high",
"summary": "http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"weakness": "CWE-74"
},
"CVE-2020-27619": {
"id": "CVE-2020-27619",
"references": [
"https://bugs.python.org/issue41944",
"https://github.com/python/cpython/commit/2ef5caa58febc8968e670e39e3d37cf8eef3cab8",
"https://github.com/python/cpython/commit/43e523103886af66d6c27cd72431b5d9d14cd2a9",
"https://github.com/python/cpython/commit/6c6c256df3636ff6f6136820afaefa5a10a3ac33",
"https://github.com/python/cpython/commit/b664a1df4ee71d3760ab937653b10997081b1794",
"https://github.com/python/cpython/commit/e912e945f2960029d039d3390ea08835ad39374b",
"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E",
"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E",
"https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/",
"https://security.gentoo.org/glsa/202402-04",
"https://security.netapp.com/advisory/ntap-20201123-0004/",
"https://www.oracle.com/security-alerts/cpujul2022.html",
"https://bugs.python.org/issue41944",
"https://github.com/python/cpython/commit/2ef5caa58febc8968e670e39e3d37cf8eef3cab8",
"https://github.com/python/cpython/commit/43e523103886af66d6c27cd72431b5d9d14cd2a9",
"https://github.com/python/cpython/commit/6c6c256df3636ff6f6136820afaefa5a10a3ac33",
"https://github.com/python/cpython/commit/b664a1df4ee71d3760ab937653b10997081b1794",
"https://github.com/python/cpython/commit/e912e945f2960029d039d3390ea08835ad39374b",
"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E",
"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E",
"https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/",
"https://security.gentoo.org/glsa/202402-04",
"https://security.netapp.com/advisory/ntap-20201123-0004/",
"https://www.oracle.com/security-alerts/cpujul2022.html"
],
"score": 9.8,
"services": [
"27018/http"
],
"severity": "critical",
"summary": "In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2020-8315": {
"id": "CVE-2020-8315",
"references": [
"https://bugs.python.org/issue39401",
"https://bugs.python.org/issue39401"
],
"score": 5.5,
"services": [
"27018/http"
],
"severity": "medium",
"summary": "In Python (CPython) 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1, an insecure dependency load upon launch on Windows 7 may result in an attacker's copy of api-ms-win-core-path-l1-1-0.dll being loaded and used instead of the system's copy. Windows 8 and later are unaffected.",
"vector_string": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"weakness": "CWE-427"
},
"CVE-2020-8492": {
"id": "CVE-2020-8492",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html",
"https://bugs.python.org/issue39503",
"https://github.com/python/cpython/pull/18284",
"https://lists.apache.org/thread.html/rdb31a608dd6758c6093fd645aea3fbf022dd25b37109b6aaea5bc0b5%40%3Ccommits.cassandra.apache.org%3E",
"https://lists.apache.org/thread.html/rfec113c733162b39633fd86a2d0f34bf42ac35f711b3ec1835c774da%40%3Ccommits.cassandra.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WOKDEXLYW5UQ4S7PA7E37IITOC7C56J/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A5NSAX4SC3V64PGZUPH7PRDLSON34Q5A/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APGWEMYZIY5VHLCSZ3HD67PA5Z2UQFGH/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UESGYI5XDAHJBATEZN3MHNDUBDH47AS6/",
"https://python-security.readthedocs.io/vuln/urllib-basic-auth-regex.html",
"https://security.gentoo.org/glsa/202005-09",
"https://security.netapp.com/advisory/ntap-20200221-0001/",
"https://usn.ubuntu.com/4333-1/",
"https://usn.ubuntu.com/4333-2/",
"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html",
"https://bugs.python.org/issue39503",
"https://github.com/python/cpython/pull/18284",
"https://lists.apache.org/thread.html/rdb31a608dd6758c6093fd645aea3fbf022dd25b37109b6aaea5bc0b5%40%3Ccommits.cassandra.apache.org%3E",
"https://lists.apache.org/thread.html/rfec113c733162b39633fd86a2d0f34bf42ac35f711b3ec1835c774da%40%3Ccommits.cassandra.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WOKDEXLYW5UQ4S7PA7E37IITOC7C56J/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A5NSAX4SC3V64PGZUPH7PRDLSON34Q5A/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APGWEMYZIY5VHLCSZ3HD67PA5Z2UQFGH/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UESGYI5XDAHJBATEZN3MHNDUBDH47AS6/",
"https://python-security.readthedocs.io/vuln/urllib-basic-auth-regex.html",
"https://security.gentoo.org/glsa/202005-09",
"https://security.netapp.com/advisory/ntap-20200221-0001/",
"https://usn.ubuntu.com/4333-1/",
"https://usn.ubuntu.com/4333-2/"
],
"score": 6.5,
"services": [
"27018/http"
],
"severity": "medium",
"summary": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"weakness": "CWE-400"
},
"CVE-2021-23336": {
"id": "CVE-2021-23336",
"references": [
"http://www.openwall.com/lists/oss-security/2021/02/19/4",
"http://www.openwall.com/lists/oss-security/2021/05/01/2",
"https://github.com/python/cpython/pull/24297",
"https://lists.apache.org/thread.html/ra8ce70088ba291f358e077cafdb14d174b7a1ce9a9d86d1b332d6367%40%3Cusers.airflow.apache.org%3E",
"https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432%40%3Cannounce.apache.org%3E",
"https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html",
"https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html",
"https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html",
"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/",
"https://security.gentoo.org/glsa/202104-04",
"https://security.netapp.com/advisory/ntap-20210326-0004/",
"https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/",
"https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933",
"https://www.oracle.com//security-alerts/cpujul2021.html",
"https://www.oracle.com/security-alerts/cpuApr2021.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.oracle.com/security-alerts/cpuoct2021.html",
"http://www.openwall.com/lists/oss-security/2021/02/19/4",
"http://www.openwall.com/lists/oss-security/2021/05/01/2",
"https://github.com/python/cpython/pull/24297",
"https://lists.apache.org/thread.html/ra8ce70088ba291f358e077cafdb14d174b7a1ce9a9d86d1b332d6367%40%3Cusers.airflow.apache.org%3E",
"https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432%40%3Cannounce.apache.org%3E",
"https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html",
"https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html",
"https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html",
"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/",
"https://security.gentoo.org/glsa/202104-04",
"https://security.netapp.com/advisory/ntap-20210326-0004/",
"https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/",
"https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933",
"https://www.oracle.com//security-alerts/cpujul2021.html",
"https://www.oracle.com/security-alerts/cpuApr2021.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.oracle.com/security-alerts/cpuoct2021.html"
],
"score": 5.9,
"services": [
"27018/http"
],
"severity": "medium",
"summary": "The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter.",
"vector_string": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H",
"weakness": "CWE-444"
},
"CVE-2021-28861": {
"id": "CVE-2021-28861",
"references": [
"https://bugs.python.org/issue43223",
"https://github.com/python/cpython/pull/24848",
"https://github.com/python/cpython/pull/93879",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2TRINJE3INWDVIHIABW4L2NP3RUSK7BJ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LTSPFIULY2GZJN3QYNFVM4JSU6H4D6J/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5OABQ5CMPQETJLFHROAXDIDXCMDTNVYG/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DISZAFSIQ7IAPAEQTC7G2Z5QUA2V2PSW/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HPX4XHT2FGVQYLY2STT2MRVENILNZTTU/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I3MQT5ZE3QH5PVDJMERTBOCILHK35CBE/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFGV7P2PYFBMK32OKHCAC2ZPJQV5AUDF/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KRGKPYA5YHIXQAMRIXO5DSCX7D4UUW4Q/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OKYE2DOI2X7WZXAWTQJZAXYIWM37HDCY/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QLE5INSVJUZJGY5OJXV6JREXWD7UDHYN/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S7G66SRWUM36ENQ3X6LAIG7HAB27D4XJ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TZEPOPUFC42KXXSLFPZ47ZZRGPOR7SQE/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WXF6MQ74HVIDDSR5AE2UDR24I6D4FEPC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X46T4EFTIBXZRYTGASBDEZGYJINH2OWV/",
"https://security.gentoo.org/glsa/202305-02",
"https://bugs.python.org/issue43223",
"https://github.com/python/cpython/pull/24848",
"https://github.com/python/cpython/pull/93879",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2TRINJE3INWDVIHIABW4L2NP3RUSK7BJ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LTSPFIULY2GZJN3QYNFVM4JSU6H4D6J/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5OABQ5CMPQETJLFHROAXDIDXCMDTNVYG/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DISZAFSIQ7IAPAEQTC7G2Z5QUA2V2PSW/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HPX4XHT2FGVQYLY2STT2MRVENILNZTTU/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I3MQT5ZE3QH5PVDJMERTBOCILHK35CBE/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFGV7P2PYFBMK32OKHCAC2ZPJQV5AUDF/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KRGKPYA5YHIXQAMRIXO5DSCX7D4UUW4Q/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OKYE2DOI2X7WZXAWTQJZAXYIWM37HDCY/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QLE5INSVJUZJGY5OJXV6JREXWD7UDHYN/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S7G66SRWUM36ENQ3X6LAIG7HAB27D4XJ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TZEPOPUFC42KXXSLFPZ47ZZRGPOR7SQE/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WXF6MQ74HVIDDSR5AE2UDR24I6D4FEPC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X46T4EFTIBXZRYTGASBDEZGYJINH2OWV/",
"https://security.gentoo.org/glsa/202305-02"
],
"score": 7.4,
"services": [
"27018/http"
],
"severity": "high",
"summary": "Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. NOTE: this is disputed by a third party because the http.server.html documentation page states \"Warning: http.server is not recommended for production. It only implements basic security checks.\"",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"weakness": "CWE-601"
},
"CVE-2021-3177": {
"id": "CVE-2021-3177",
"references": [
"https://bugs.python.org/issue42938",
"https://github.com/python/cpython/pull/24239",
"https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html",
"https://lists.debian.org/debian-lts-announce/2022/02/msg00013.html",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BRHOCQYX3QLDGDQGTWQAUUT2GGIZCZUO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCFZMVRQUKCBQIG5F2CBVADK63NFSE4A/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPE7SMXYUIWPOIZV4DQYXODRXMFX3C5E/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MGSV6BJQLRQ6RKVUXK7JGU7TP4QFGQXC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NQPARTLNSFQVMMQHPNBFOCOZOO3TMQNA/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXSMBHES3ANXXS2RSO5G6Q24BR4B2PWK/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V6XJAULOS5JVB2L67NCKKMJ5NTKZJBSD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y4KSYYWMGAKOA2JVCQA422OINT6CKQ7O/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YDTZVGSXQ7HR7OCGSUHTRNTMBG43OMKU/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7GZV74KM72O2PEJN2C4XP3V5Q5MZUOO/",
"https://news.ycombinator.com/item?id=26185005",
"https://python-security.readthedocs.io/vuln/ctypes-buffer-overflow-pycarg_repr.html",
"https://security.gentoo.org/glsa/202101-18",
"https://security.netapp.com/advisory/ntap-20210226-0003/",
"https://www.oracle.com//security-alerts/cpujul2021.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.oracle.com/security-alerts/cpujul2022.html",
"https://www.oracle.com/security-alerts/cpuoct2021.html",
"https://bugs.python.org/issue42938",
"https://github.com/python/cpython/pull/24239",
"https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html",
"https://lists.debian.org/debian-lts-announce/2022/02/msg00013.html",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BRHOCQYX3QLDGDQGTWQAUUT2GGIZCZUO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCFZMVRQUKCBQIG5F2CBVADK63NFSE4A/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPE7SMXYUIWPOIZV4DQYXODRXMFX3C5E/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MGSV6BJQLRQ6RKVUXK7JGU7TP4QFGQXC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NQPARTLNSFQVMMQHPNBFOCOZOO3TMQNA/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXSMBHES3ANXXS2RSO5G6Q24BR4B2PWK/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V6XJAULOS5JVB2L67NCKKMJ5NTKZJBSD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y4KSYYWMGAKOA2JVCQA422OINT6CKQ7O/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YDTZVGSXQ7HR7OCGSUHTRNTMBG43OMKU/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7GZV74KM72O2PEJN2C4XP3V5Q5MZUOO/",
"https://news.ycombinator.com/item?id=26185005",
"https://python-security.readthedocs.io/vuln/ctypes-buffer-overflow-pycarg_repr.html",
"https://security.gentoo.org/glsa/202101-18",
"https://security.netapp.com/advisory/ntap-20210226-0003/",
"https://www.oracle.com//security-alerts/cpujul2021.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.oracle.com/security-alerts/cpujul2022.html",
"https://www.oracle.com/security-alerts/cpuoct2021.html"
],
"score": 9.8,
"services": [
"27018/http"
],
"severity": "critical",
"summary": "Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-120"
},
"CVE-2021-3426": {
"id": "CVE-2021-3426",
"references": [
"https://bugzilla.redhat.com/show_bug.cgi?id=1935913",
"https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html",
"https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/25HVHLBGO2KNPXJ3G426QEYSSCECJDU5/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BF2K7HEWADHN6P52R3QLIOX27U3DJ4HI/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQYPUKLLBOZMKFPO7RD7CENTXHUUEUV7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LM5V4VPLBHBEASSAROYPSHXGXGGPHNOE/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QNGAFMPIYIVJ47FCF2NK2PIX22HUG35B/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VPX7Y5GQDNB4FJTREWONGC4ZSVH7TGHF/",
"https://security.gentoo.org/glsa/202104-04",
"https://security.netapp.com/advisory/ntap-20210629-0003/",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.oracle.com/security-alerts/cpuoct2021.html",
"https://bugzilla.redhat.com/show_bug.cgi?id=1935913",
"https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html",
"https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/25HVHLBGO2KNPXJ3G426QEYSSCECJDU5/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BF2K7HEWADHN6P52R3QLIOX27U3DJ4HI/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQYPUKLLBOZMKFPO7RD7CENTXHUUEUV7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LM5V4VPLBHBEASSAROYPSHXGXGGPHNOE/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QNGAFMPIYIVJ47FCF2NK2PIX22HUG35B/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VPX7Y5GQDNB4FJTREWONGC4ZSVH7TGHF/",
"https://security.gentoo.org/glsa/202104-04",
"https://security.netapp.com/advisory/ntap-20210629-0003/",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.oracle.com/security-alerts/cpuoct2021.html"
],
"score": 5.7,
"services": [
"27018/http"
],
"severity": "medium",
"summary": "There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to access. The highest risk of this flaw is to data confidentiality. This flaw affects Python versions before 3.8.9, Python versions before 3.9.3 and Python versions before 3.10.0a7.",
"vector_string": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"weakness": "CWE-200"
},
"CVE-2021-34798": {
"id": "CVE-2021-34798",
"references": [
"http://httpd.apache.org/security/vulnerabilities_24.html",
"https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf",
"https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20211008-0004/",
"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ",
"https://www.debian.org/security/2021/dsa-4982",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.tenable.com/security/tns-2021-17",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf",
"https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20211008-0004/",
"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ",
"https://www.debian.org/security/2021/dsa-4982",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.tenable.com/security/tns-2021-17"
],
"score": 7.5,
"services": [
"631/http"
],
"severity": "high",
"summary": "Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-476"
},
"CVE-2021-3733": {
"id": "CVE-2021-3733",
"references": [
"https://bugs.python.org/issue43075",
"https://bugzilla.redhat.com/show_bug.cgi?id=1995234",
"https://github.com/python/cpython/commit/7215d1ae25525c92b026166f9d5cac85fb",
"https://github.com/python/cpython/pull/24391",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html",
"https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html",
"https://security.netapp.com/advisory/ntap-20220407-0001/",
"https://ubuntu.com/security/CVE-2021-3733",
"https://bugs.python.org/issue43075",
"https://bugzilla.redhat.com/show_bug.cgi?id=1995234",
"https://github.com/python/cpython/commit/7215d1ae25525c92b026166f9d5cac85fb",
"https://github.com/python/cpython/pull/24391",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html",
"https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html",
"https://security.netapp.com/advisory/ntap-20220407-0001/",
"https://ubuntu.com/security/CVE-2021-3733"
],
"score": 6.5,
"services": [
"27018/http"
],
"severity": "medium",
"summary": "There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to, could trigger a Regular Expression Denial of Service (ReDOS) during an authentication request with a specially crafted payload that is sent by the server to the client. The greatest threat that this flaw poses is to application availability.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-400"
},
"CVE-2021-3737": {
"id": "CVE-2021-3737",
"references": [
"https://bugs.python.org/issue44022",
"https://bugzilla.redhat.com/show_bug.cgi?id=1995162",
"https://github.com/python/cpython/pull/25916",
"https://github.com/python/cpython/pull/26503",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html",
"https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html",
"https://python-security.readthedocs.io/vuln/urllib-100-continue-loop.html",
"https://security.netapp.com/advisory/ntap-20220407-0009/",
"https://ubuntu.com/security/CVE-2021-3737",
"https://www.oracle.com/security-alerts/cpujul2022.html",
"https://bugs.python.org/issue44022",
"https://bugzilla.redhat.com/show_bug.cgi?id=1995162",
"https://github.com/python/cpython/pull/25916",
"https://github.com/python/cpython/pull/26503",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html",
"https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html",
"https://python-security.readthedocs.io/vuln/urllib-100-continue-loop.html",
"https://security.netapp.com/advisory/ntap-20220407-0009/",
"https://ubuntu.com/security/CVE-2021-3737",
"https://www.oracle.com/security-alerts/cpujul2022.html"
],
"score": 7.5,
"services": [
"27018/http"
],
"severity": "high",
"summary": "A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-835"
},
"CVE-2021-39275": {
"id": "CVE-2021-39275",
"references": [
"https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20211008-0004/",
"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ",
"https://www.debian.org/security/2021/dsa-4982",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20211008-0004/",
"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ",
"https://www.debian.org/security/2021/dsa-4982",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html"
],
"score": 9.8,
"services": [
"631/http"
],
"severity": "critical",
"summary": "ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-787"
},
"CVE-2021-40438": {
"id": "CVE-2021-40438",
"references": [
"https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r210807d0bb55f4aa6fbe1512be6bcc4dacd64e84940429fba329967a%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37%40%3Cbugs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6954e60b1c8e480678ce3d02f61b8a788997785652e9557a3265c00%40%3Cusers.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20211008-0004/",
"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ",
"https://www.debian.org/security/2021/dsa-4982",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.tenable.com/security/tns-2021-17",
"https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r210807d0bb55f4aa6fbe1512be6bcc4dacd64e84940429fba329967a%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37%40%3Cbugs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6954e60b1c8e480678ce3d02f61b8a788997785652e9557a3265c00%40%3Cusers.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20211008-0004/",
"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ",
"https://www.debian.org/security/2021/dsa-4982",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.tenable.com/security/tns-2021-17"
],
"score": 9,
"services": [
"631/http"
],
"severity": "critical",
"summary": "A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.",
"vector_string": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"weakness": "CWE-918"
},
"CVE-2021-4189": {
"id": "CVE-2021-4189",
"references": [
"https://access.redhat.com/security/cve/CVE-2021-4189",
"https://bugs.python.org/issue43285",
"https://bugzilla.redhat.com/show_bug.cgi?id=2036020",
"https://github.com/python/cpython/commit/0ab152c6b5d95caa2dc1a30fa96e10258b5f188e",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html",
"https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html",
"https://python-security.readthedocs.io/vuln/ftplib-pasv.html",
"https://security-tracker.debian.org/tracker/CVE-2021-4189",
"https://security.netapp.com/advisory/ntap-20221104-0004/",
"https://access.redhat.com/security/cve/CVE-2021-4189",
"https://bugs.python.org/issue43285",
"https://bugzilla.redhat.com/show_bug.cgi?id=2036020",
"https://github.com/python/cpython/commit/0ab152c6b5d95caa2dc1a30fa96e10258b5f188e",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html",
"https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html",
"https://python-security.readthedocs.io/vuln/ftplib-pasv.html",
"https://security-tracker.debian.org/tracker/CVE-2021-4189",
"https://security.netapp.com/advisory/ntap-20221104-0004/"
],
"score": 5.3,
"services": [
"27018/http"
],
"severity": "medium",
"summary": "A flaw was found in Python, specifically in the FTP (File Transfer Protocol) client library in PASV (passive) mode. The issue is how the FTP client trusts the host from the PASV response by default. This flaw allows an attacker to set up a malicious FTP server that can trick FTP clients into connecting back to a given IP address and port. This vulnerability could lead to FTP client scanning ports, which otherwise would not have been possible.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"weakness": "CWE-252"
},
"CVE-2021-44790": {
"id": "CVE-2021-44790",
"references": [
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://packetstormsecurity.com/files/171631/Apache-2.4.x-Buffer-Overflow.html",
"http://seclists.org/fulldisclosure/2022/May/33",
"http://seclists.org/fulldisclosure/2022/May/35",
"http://seclists.org/fulldisclosure/2022/May/38",
"http://www.openwall.com/lists/oss-security/2021/12/20/4",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFSWOH4X77CV7AH7C4RMHUBDWKQDL4YH/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20211224-0001/",
"https://support.apple.com/kb/HT213255",
"https://support.apple.com/kb/HT213256",
"https://support.apple.com/kb/HT213257",
"https://www.debian.org/security/2022/dsa-5035",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.tenable.com/security/tns-2022-01",
"https://www.tenable.com/security/tns-2022-03",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://packetstormsecurity.com/files/171631/Apache-2.4.x-Buffer-Overflow.html",
"http://seclists.org/fulldisclosure/2022/May/33",
"http://seclists.org/fulldisclosure/2022/May/35",
"http://seclists.org/fulldisclosure/2022/May/38",
"http://www.openwall.com/lists/oss-security/2021/12/20/4",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFSWOH4X77CV7AH7C4RMHUBDWKQDL4YH/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20211224-0001/",
"https://support.apple.com/kb/HT213255",
"https://support.apple.com/kb/HT213256",
"https://support.apple.com/kb/HT213257",
"https://www.debian.org/security/2022/dsa-5035",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.tenable.com/security/tns-2022-01",
"https://www.tenable.com/security/tns-2022-03"
],
"score": 9.8,
"services": [
"631/http"
],
"severity": "critical",
"summary": "A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-787"
},
"CVE-2022-0391": {
"id": "CVE-2022-0391",
"references": [
"https://bugs.python.org/issue43882",
"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CSD2YBXP3ZF44E44QMIIAR5VTO35KTRB/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDBDBAU6HUPZHISBOARTXZ5GKHF2VH5U/",
"https://security.gentoo.org/glsa/202305-02",
"https://security.netapp.com/advisory/ntap-20220225-0009/",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://bugs.python.org/issue43882",
"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CSD2YBXP3ZF44E44QMIIAR5VTO35KTRB/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDBDBAU6HUPZHISBOARTXZ5GKHF2VH5U/",
"https://security.gentoo.org/glsa/202305-02",
"https://security.netapp.com/advisory/ntap-20220225-0009/",
"https://www.oracle.com/security-alerts/cpuapr2022.html"
],
"score": 7.5,
"services": [
"27018/http"
],
"severity": "high",
"summary": "A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\\r' and '\\n' in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks. This flaw affects Python versions prior to 3.10.0b1, 3.9.5, 3.8.11, 3.7.11 and 3.6.14.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"weakness": "CWE-74"
},
"CVE-2022-22719": {
"id": "CVE-2022-22719",
"references": [
"http://seclists.org/fulldisclosure/2022/May/33",
"http://seclists.org/fulldisclosure/2022/May/35",
"http://seclists.org/fulldisclosure/2022/May/38",
"http://www.openwall.com/lists/oss-security/2022/03/14/4",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2022/03/msg00033.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220321-0001/",
"https://support.apple.com/kb/HT213255",
"https://support.apple.com/kb/HT213256",
"https://support.apple.com/kb/HT213257",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"http://seclists.org/fulldisclosure/2022/May/33",
"http://seclists.org/fulldisclosure/2022/May/35",
"http://seclists.org/fulldisclosure/2022/May/38",
"http://www.openwall.com/lists/oss-security/2022/03/14/4",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2022/03/msg00033.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220321-0001/",
"https://support.apple.com/kb/HT213255",
"https://support.apple.com/kb/HT213256",
"https://support.apple.com/kb/HT213257",
"https://www.oracle.com/security-alerts/cpuapr2022.html"
],
"score": 7.5,
"services": [
"631/http"
],
"severity": "high",
"summary": "A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and earlier.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-665"
},
"CVE-2022-22720": {
"id": "CVE-2022-22720",
"references": [
"http://seclists.org/fulldisclosure/2022/May/33",
"http://seclists.org/fulldisclosure/2022/May/35",
"http://seclists.org/fulldisclosure/2022/May/38",
"http://www.openwall.com/lists/oss-security/2022/03/14/3",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2022/03/msg00033.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220321-0001/",
"https://support.apple.com/kb/HT213255",
"https://support.apple.com/kb/HT213256",
"https://support.apple.com/kb/HT213257",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujul2022.html",
"http://seclists.org/fulldisclosure/2022/May/33",
"http://seclists.org/fulldisclosure/2022/May/35",
"http://seclists.org/fulldisclosure/2022/May/38",
"http://www.openwall.com/lists/oss-security/2022/03/14/3",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2022/03/msg00033.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220321-0001/",
"https://support.apple.com/kb/HT213255",
"https://support.apple.com/kb/HT213256",
"https://support.apple.com/kb/HT213257",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujul2022.html"
],
"score": 9.8,
"services": [
"631/http"
],
"severity": "critical",
"summary": "Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-444"
},
"CVE-2022-22721": {
"id": "CVE-2022-22721",
"references": [
"http://seclists.org/fulldisclosure/2022/May/33",
"http://seclists.org/fulldisclosure/2022/May/35",
"http://seclists.org/fulldisclosure/2022/May/38",
"http://www.openwall.com/lists/oss-security/2022/03/14/2",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2022/03/msg00033.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220321-0001/",
"https://support.apple.com/kb/HT213255",
"https://support.apple.com/kb/HT213256",
"https://support.apple.com/kb/HT213257",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujul2022.html",
"http://seclists.org/fulldisclosure/2022/May/33",
"http://seclists.org/fulldisclosure/2022/May/35",
"http://seclists.org/fulldisclosure/2022/May/38",
"http://www.openwall.com/lists/oss-security/2022/03/14/2",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2022/03/msg00033.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220321-0001/",
"https://support.apple.com/kb/HT213255",
"https://support.apple.com/kb/HT213256",
"https://support.apple.com/kb/HT213257",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujul2022.html"
],
"score": 9.1,
"services": [
"631/http"
],
"severity": "critical",
"summary": "If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"weakness": "CWE-190"
},
"CVE-2022-26488": {
"id": "CVE-2022-26488",
"references": [
"https://mail.python.org/archives/list/security-announce%40python.org/thread/657Z4XULWZNIY5FRP3OWXHYKUSIH6DMN/",
"https://security.netapp.com/advisory/ntap-20220419-0005/",
"https://mail.python.org/archives/list/security-announce%40python.org/thread/657Z4XULWZNIY5FRP3OWXHYKUSIH6DMN/",
"https://security.netapp.com/advisory/ntap-20220419-0005/"
],
"score": 7,
"services": [
"27018/http"
],
"severity": "high",
"summary": "In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. The installer may allow a local attacker to add user-writable directories to the system search path. To exploit, an administrator must have installed Python for all users and enabled PATH entries. A non-administrative user can trigger a repair that incorrectly adds user-writable paths into PATH, enabling search-path hijacking of other users and system services. This affects Python (CPython) through 3.7.12, 3.8.x through 3.8.12, 3.9.x through 3.9.10, and 3.10.x through 3.10.2.",
"vector_string": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-426"
},
"CVE-2022-28330": {
"id": "CVE-2022-28330",
"references": [
"http://www.openwall.com/lists/oss-security/2022/06/08/3",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.netapp.com/advisory/ntap-20220624-0005/",
"http://www.openwall.com/lists/oss-security/2022/06/08/3",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.netapp.com/advisory/ntap-20220624-0005/"
],
"score": 5.3,
"services": [
"631/http"
],
"severity": "medium",
"summary": "Apache HTTP Server 2.4.53 and earlier on Windows may read beyond bounds when configured to process requests with the mod_isapi module.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"weakness": "CWE-125"
},
"CVE-2022-28614": {
"id": "CVE-2022-28614",
"references": [
"http://www.openwall.com/lists/oss-security/2022/06/08/4",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/",
"http://www.openwall.com/lists/oss-security/2022/06/08/4",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/"
],
"score": 5.3,
"services": [
"631/http"
],
"severity": "medium",
"summary": "The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function. Modules compiled and distributed separately from Apache HTTP Server that use the 'ap_rputs' function and may pass it a very large (INT_MAX or larger) string must be compiled against current headers to resolve the issue.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"weakness": "CWE-190"
},
"CVE-2022-28615": {
"id": "CVE-2022-28615",
"references": [
"http://www.openwall.com/lists/oss-security/2022/06/08/9",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/",
"http://www.openwall.com/lists/oss-security/2022/06/08/9",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/"
],
"score": 9.1,
"services": [
"631/http"
],
"severity": "critical",
"summary": "Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in ap_strcmp_match() when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use ap_strcmp_match() may hypothetically be affected.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"weakness": "CWE-190"
},
"CVE-2022-29404": {
"id": "CVE-2022-29404",
"references": [
"http://www.openwall.com/lists/oss-security/2022/06/08/5",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/",
"http://www.openwall.com/lists/oss-security/2022/06/08/5",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/"
],
"score": 7.5,
"services": [
"631/http"
],
"severity": "high",
"summary": "In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-770"
},
"CVE-2022-30556": {
"id": "CVE-2022-30556",
"references": [
"http://www.openwall.com/lists/oss-security/2022/06/08/7",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/",
"http://www.openwall.com/lists/oss-security/2022/06/08/7",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/"
],
"score": 7.5,
"services": [
"631/http"
],
"severity": "high",
"summary": "Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread() that point past the end of the storage allocated for the buffer.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"weakness": "CWE-200"
},
"CVE-2022-31681": {
"id": "CVE-2022-31681",
"references": [
"https://www.vmware.com/security/advisories/VMSA-2022-0025.html"
],
"score": 6.5,
"services": [
"5984/http"
],
"severity": "medium",
"summary": "VMware ESXi contains a null-pointer deference vulnerability. A malicious actor with privileges within the VMX process only, may create a denial of service condition on the host.",
"vector_string": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"weakness": "CWE-476"
},
"CVE-2022-31813": {
"id": "CVE-2022-31813",
"references": [
"http://www.openwall.com/lists/oss-security/2022/06/08/8",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/",
"http://www.openwall.com/lists/oss-security/2022/06/08/8",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/"
],
"score": 9.8,
"services": [
"631/http"
],
"severity": "critical",
"summary": "Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-348"
},
"CVE-2022-37436": {
"id": "CVE-2022-37436",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.gentoo.org/glsa/202309-01",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.gentoo.org/glsa/202309-01"
],
"score": 5.3,
"services": [
"631/http"
],
"severity": "medium",
"summary": "Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be truncated early, resulting in some headers being incorporated into the response body. If the later headers have any security purpose, they will not be interpreted by the client.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"weakness": "CWE-113"
},
"CVE-2022-37454": {
"id": "CVE-2022-37454",
"references": [
"https://csrc.nist.gov/projects/hash-functions/sha-3-project",
"https://eprint.iacr.org/2023/331",
"https://github.com/XKCP/XKCP/security/advisories/GHSA-6w4m-2xhg-2658",
"https://lists.debian.org/debian-lts-announce/2022/10/msg00041.html",
"https://lists.debian.org/debian-lts-announce/2022/11/msg00000.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4/",
"https://mouha.be/sha-3-buffer-overflow/",
"https://news.ycombinator.com/item?id=33281106",
"https://news.ycombinator.com/item?id=35050307",
"https://security.gentoo.org/glsa/202305-02",
"https://www.debian.org/security/2022/dsa-5267",
"https://www.debian.org/security/2022/dsa-5269",
"https://csrc.nist.gov/projects/hash-functions/sha-3-project",
"https://eprint.iacr.org/2023/331",
"https://github.com/XKCP/XKCP/security/advisories/GHSA-6w4m-2xhg-2658",
"https://lists.debian.org/debian-lts-announce/2022/10/msg00041.html",
"https://lists.debian.org/debian-lts-announce/2022/11/msg00000.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4/",
"https://mouha.be/sha-3-buffer-overflow/",
"https://news.ycombinator.com/item?id=33281106",
"https://news.ycombinator.com/item?id=35050307",
"https://security.gentoo.org/glsa/202305-02",
"https://security.netapp.com/advisory/ntap-20230203-0001/",
"https://www.debian.org/security/2022/dsa-5267",
"https://www.debian.org/security/2022/dsa-5269"
],
"score": 9.8,
"services": [
"27018/http"
],
"severity": "critical",
"summary": "The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-190"
},
"CVE-2022-45061": {
"id": "CVE-2022-45061",
"references": [
"https://github.com/python/cpython/issues/98433",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html",
"https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2AOUKI72ACV6CHY2QUFO6VK2DNMVJ2MB/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/35YDIWCUMWTMDBWFRAVENFH6BLB65D6S/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4WBZJNSALFGMPYTINIF57HAAK46U72WQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63FS6VHY4DCS74HBTEINUDOECQ2X6ZCH/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WQPHKGNXUJC3TC3BDW5RKGROWRJVSFR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B3YI6JYARWU6GULWOHNUROSACT54XFFS/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B4MYQ3IV6NWA4CKSXEHW45CH2YNDHEPH/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BWJREJHWVRBYDP43YB5WRL3QC7UBA7BR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTPVDZDATRQFE6KAT6B4BQIQ4GRHIIIJ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN26PWZTYG6IF3APLRXQJBVACQHZUPT2/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCDJXNBHWXNYUTOEV4H2HCFSRKV3SYL3/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JTYVESWVBPD57ZJC35G5722Q6TS37WSB/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KNE4GMD45RGC2HWUAAIGTDHT5VJ2E4O4/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKWAMPURWUV3DCCT4J7VHRF4NT2CFVBR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O67LRHDTJWH544KXB6KY4HMHQLYDXFPK/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORVCQGJCCAVLN4DJDTWGREFCUWXKQRML/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PLQ2BNZVBBAQPV3SPRU24ZD37UYJJS7W/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCKD4AFBHXIMHS64ZER2U7QRT33HNE7L/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QLUGZSEAO3MBWGKCUSMKQIRYJZKJCIOB/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RDK3ZZBRYFO47ET3N4BNTKVXN47U6ICY/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RH57BNT4VQERGEJ5SXNXSVMDYP66YD4H/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTN2OOLKYTG34DODUEJGT5MLC2PFGPBA/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T3D5TX4TDJPXHXD2QICKTY3OCQC3JARP/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UHVW73QZJMHA4MK7JBT7CXX7XSNYQEGF/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMDX6IFKLOA3NXUQEV524L5LHTPI2JI/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X3EJ6J7PXVQOULBQZQGBXCXY6LFF6LZD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XXZJL3CNAFS5PAIR7K4RL62S3Y7THR7O/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPNWZKXPKTNHS5FVMN7UQZ2UPCSEFJUK/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB5YCMIRVX35RUB6XPOWKENCVCJEVDRK/",
"https://security.gentoo.org/glsa/202305-02",
"https://security.netapp.com/advisory/ntap-20221209-0007/",
"https://github.com/python/cpython/issues/98433",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html",
"https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2AOUKI72ACV6CHY2QUFO6VK2DNMVJ2MB/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/35YDIWCUMWTMDBWFRAVENFH6BLB65D6S/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4WBZJNSALFGMPYTINIF57HAAK46U72WQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63FS6VHY4DCS74HBTEINUDOECQ2X6ZCH/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WQPHKGNXUJC3TC3BDW5RKGROWRJVSFR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B3YI6JYARWU6GULWOHNUROSACT54XFFS/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B4MYQ3IV6NWA4CKSXEHW45CH2YNDHEPH/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BWJREJHWVRBYDP43YB5WRL3QC7UBA7BR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTPVDZDATRQFE6KAT6B4BQIQ4GRHIIIJ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN26PWZTYG6IF3APLRXQJBVACQHZUPT2/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCDJXNBHWXNYUTOEV4H2HCFSRKV3SYL3/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JTYVESWVBPD57ZJC35G5722Q6TS37WSB/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KNE4GMD45RGC2HWUAAIGTDHT5VJ2E4O4/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKWAMPURWUV3DCCT4J7VHRF4NT2CFVBR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O67LRHDTJWH544KXB6KY4HMHQLYDXFPK/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORVCQGJCCAVLN4DJDTWGREFCUWXKQRML/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PLQ2BNZVBBAQPV3SPRU24ZD37UYJJS7W/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCKD4AFBHXIMHS64ZER2U7QRT33HNE7L/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QLUGZSEAO3MBWGKCUSMKQIRYJZKJCIOB/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RDK3ZZBRYFO47ET3N4BNTKVXN47U6ICY/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RH57BNT4VQERGEJ5SXNXSVMDYP66YD4H/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTN2OOLKYTG34DODUEJGT5MLC2PFGPBA/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T3D5TX4TDJPXHXD2QICKTY3OCQC3JARP/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UHVW73QZJMHA4MK7JBT7CXX7XSNYQEGF/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMDX6IFKLOA3NXUQEV524L5LHTPI2JI/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X3EJ6J7PXVQOULBQZQGBXCXY6LFF6LZD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XXZJL3CNAFS5PAIR7K4RL62S3Y7THR7O/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPNWZKXPKTNHS5FVMN7UQZ2UPCSEFJUK/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB5YCMIRVX35RUB6XPOWKENCVCJEVDRK/",
"https://security.gentoo.org/glsa/202305-02",
"https://security.netapp.com/advisory/ntap-20221209-0007/"
],
"score": 7.5,
"services": [
"27018/http"
],
"severity": "high",
"summary": "An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be controlled by a malicious actor; in such a scenario, they could trigger excessive CPU consumption on the client attempting to make use of an attacker-supplied supposed hostname. For example, the attack payload could be placed in the Location header of an HTTP response with status code 302. A fix is planned in 3.11.1, 3.10.9, 3.9.16, 3.8.16, and 3.7.16.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-407"
},
"CVE-2022-48560": {
"id": "CVE-2022-48560",
"references": [
"https://bugs.python.org/issue39421",
"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html",
"https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZ5OOBWNYWXFTZDMCGHJVGDLDTHLWITJ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VO7Y2YZSDK3UYJD2KBGLXRTGNG6T326J/",
"https://security.netapp.com/advisory/ntap-20230929-0008/",
"https://bugs.python.org/issue39421",
"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html",
"https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZ5OOBWNYWXFTZDMCGHJVGDLDTHLWITJ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VO7Y2YZSDK3UYJD2KBGLXRTGNG6T326J/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/JZ5OOBWNYWXFTZDMCGHJVGDLDTHLWITJ/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/VO7Y2YZSDK3UYJD2KBGLXRTGNG6T326J/",
"https://security.netapp.com/advisory/ntap-20230929-0008/"
],
"score": 7.5,
"services": [
"27018/http"
],
"severity": "high",
"summary": "A use-after-free exists in Python through 3.9 via heappushpop in heapq.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-416"
},
"CVE-2022-48564": {
"id": "CVE-2022-48564",
"references": [
"https://bugs.python.org/issue42103",
"https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html",
"https://security.netapp.com/advisory/ntap-20230929-0009/",
"https://bugs.python.org/issue42103",
"https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html",
"https://security.netapp.com/advisory/ntap-20230929-0009/"
],
"score": 6.5,
"services": [
"27018/http"
],
"severity": "medium",
"summary": "read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"weakness": "CWE-400"
},
"CVE-2022-48565": {
"id": "CVE-2022-48565",
"references": [
"https://bugs.python.org/issue42051",
"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html",
"https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AFHYAGWBFBNUGWU6XWKBHTCV5NH77MB7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BAYWJD576JUKLHCWKDLMJSUGTRDKPF3M/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KZRZRJHWLZ7MOJNPQBWGJVXMVYDC5BRA/",
"https://security.netapp.com/advisory/ntap-20231006-0007/",
"https://bugs.python.org/issue42051",
"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html",
"https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AFHYAGWBFBNUGWU6XWKBHTCV5NH77MB7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BAYWJD576JUKLHCWKDLMJSUGTRDKPF3M/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KZRZRJHWLZ7MOJNPQBWGJVXMVYDC5BRA/",
"https://security.netapp.com/advisory/ntap-20231006-0007/"
],
"score": 9.8,
"services": [
"27018/http"
],
"severity": "critical",
"summary": "An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-611"
},
"CVE-2022-48566": {
"id": "CVE-2022-48566",
"references": [
"https://bugs.python.org/issue40791",
"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html",
"https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html",
"https://security.netapp.com/advisory/ntap-20231006-0013/",
"https://bugs.python.org/issue40791",
"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html",
"https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html",
"https://security.netapp.com/advisory/ntap-20231006-0013/"
],
"score": 5.9,
"services": [
"27018/http"
],
"severity": "medium",
"summary": "An issue was discovered in compare_digest in Lib/hmac.py in Python through 3.9.1. Constant-time-defeating optimisations were possible in the accumulator variable in hmac.compare_digest.",
"vector_string": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"weakness": "CWE-362"
},
"CVE-2023-24329": {
"id": "CVE-2023-24329",
"references": [
"https://github.com/python/cpython/issues/102153",
"https://github.com/python/cpython/pull/99421",
"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6PEVICI7YNGGMSL3UCMWGE66QFLATH72/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSL6NSOAXWBJJ67XPLSSC74MNKZF3BBO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EM2XLZSTXG44TMFXF4E6VTGKR2MQCW3G/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F2NY75GFDZ5T6YPN44D3VMFT5SUVTOTG/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GR5US3BYILYJ4SKBV6YBNPRUBAL5P2CN/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H23OSKC6UG6IWOQAUPW74YUHWRWVXJP7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZTLGV2HYFF4AMYJL25VDIGAIHCU7UPA/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LWC4WGXER5P6Q75RFGL7QUTPP3N5JR7T/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZEHSXSCMA4WWQKXT6QV7AAR6SWNZ2VP/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O5SP4RT3RRS434ZS2HQKQJ3VZW7YPKYR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OHHJHJRLEF3TDT2K3676CAUVRDD4CCMR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PEUN6T22UJFXR7J5F6UUHCXXPKJ2DVHI/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PURM5CFDABEWAIWZFD2MQ7ZJGCPYSQ44/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q3J5N24ECS4B6MJDRO6UAYU6GPLYBDCL/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QRQHN7RWJQJHYP6E5EKESOYP5VDSHZG4/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RA2MBEEES6L46OD64OBSVUUMGKNGMOWW/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4IDB5OAR5Y4UK3HLMZBW4WEL2B7YFMJ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TZH26JGNZ5XYPZ5SAU3NKSBSPRE5OHTG/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2MZOJYGFCB5PPT6AKMAU72N7QOYWLBP/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UONZWLB4QVLQIY5CPDLEUEKH6WX4VQMC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTOAUJNDWZDRWVSXJ354AYZYKRMT56HU/",
"https://pointernull.com/security/python-url-parse-problem.html",
"https://security.netapp.com/advisory/ntap-20230324-0004/",
"https://www.kb.cert.org/vuls/id/127587",
"https://github.com/python/cpython/issues/102153",
"https://github.com/python/cpython/pull/99421",
"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6PEVICI7YNGGMSL3UCMWGE66QFLATH72/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSL6NSOAXWBJJ67XPLSSC74MNKZF3BBO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EM2XLZSTXG44TMFXF4E6VTGKR2MQCW3G/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F2NY75GFDZ5T6YPN44D3VMFT5SUVTOTG/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GR5US3BYILYJ4SKBV6YBNPRUBAL5P2CN/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H23OSKC6UG6IWOQAUPW74YUHWRWVXJP7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZTLGV2HYFF4AMYJL25VDIGAIHCU7UPA/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LWC4WGXER5P6Q75RFGL7QUTPP3N5JR7T/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZEHSXSCMA4WWQKXT6QV7AAR6SWNZ2VP/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O5SP4RT3RRS434ZS2HQKQJ3VZW7YPKYR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OHHJHJRLEF3TDT2K3676CAUVRDD4CCMR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PEUN6T22UJFXR7J5F6UUHCXXPKJ2DVHI/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PURM5CFDABEWAIWZFD2MQ7ZJGCPYSQ44/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q3J5N24ECS4B6MJDRO6UAYU6GPLYBDCL/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QRQHN7RWJQJHYP6E5EKESOYP5VDSHZG4/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RA2MBEEES6L46OD64OBSVUUMGKNGMOWW/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4IDB5OAR5Y4UK3HLMZBW4WEL2B7YFMJ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TZH26JGNZ5XYPZ5SAU3NKSBSPRE5OHTG/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2MZOJYGFCB5PPT6AKMAU72N7QOYWLBP/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UONZWLB4QVLQIY5CPDLEUEKH6WX4VQMC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTOAUJNDWZDRWVSXJ354AYZYKRMT56HU/",
"https://pointernull.com/security/python-url-parse-problem.html",
"https://security.netapp.com/advisory/ntap-20230324-0004/",
"https://www.kb.cert.org/vuls/id/127587"
],
"score": 7.5,
"services": [
"27018/http"
],
"severity": "high",
"summary": "An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"weakness": "CWE-20"
},
"CVE-2023-27043": {
"id": "CVE-2023-27043",
"references": [
"http://python.org",
"https://github.com/python/cpython/issues/102988",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ZAEFSFZDNBNJPNOUTLG5COISGQDLMGV/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/75DTHSTNOFFNAWHXKMDXS7EJWC6W2FUC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ARI7VDSNTQVXRQFM6IK5GSSLEIYV4VZH/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BQAKLUJMHFGVBRDPEY57BJGNCE5UUPHW/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HXYVPEZUA3465AEFX5JVFVP7KIFZMF3N/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6M5I6OQHJABNEYY555HUMMKX3Y4P25Z/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NEUNZSZ3CVSM2QWVYH3N2XGOCDWNYUA3/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORLXS5YTKN65E2Q2NWKXMFS5FWQHRNZW/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2MAICLFDDO3QVNHTZ2OCERZQ34R2PIC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2W2BZQIHMCKRI5FNBJERFYMS5PK6TAH/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PHVGRKQAGANCSGFI3QMYOCIMS4IFOZA5/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PU6Y2S5CBN5BWCBDAJFTGIBZLK3S2G3J/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QDRDDPDN3VFIYXJIYEABY6USX5EU66AG/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RDDC2VOX7OQC6OHMYTVD4HLFZIV6PYBC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SINP4OVYNB2AGDYI2GS37EMW3H3F7XPZ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SOX7BCN6YL7B3RFPEEXPIU5CMTEHJOKR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VZXC32CJ7TWDPJO6GY2XIQRO7JZX5FLP/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWMBD4LNHWEXRI6YVFWJMTJQUL5WOFTS/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YQVY5C5REXWJIORJIL2FIL3ALOEJEF72/",
"https://python-security.readthedocs.io/vuln/email-parseaddr-realname.html",
"https://security.netapp.com/advisory/ntap-20230601-0003/",
"http://python.org",
"https://github.com/python/cpython/issues/102988",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ZAEFSFZDNBNJPNOUTLG5COISGQDLMGV/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/75DTHSTNOFFNAWHXKMDXS7EJWC6W2FUC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ARI7VDSNTQVXRQFM6IK5GSSLEIYV4VZH/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BQAKLUJMHFGVBRDPEY57BJGNCE5UUPHW/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HXYVPEZUA3465AEFX5JVFVP7KIFZMF3N/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6M5I6OQHJABNEYY555HUMMKX3Y4P25Z/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NEUNZSZ3CVSM2QWVYH3N2XGOCDWNYUA3/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORLXS5YTKN65E2Q2NWKXMFS5FWQHRNZW/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2MAICLFDDO3QVNHTZ2OCERZQ34R2PIC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2W2BZQIHMCKRI5FNBJERFYMS5PK6TAH/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PHVGRKQAGANCSGFI3QMYOCIMS4IFOZA5/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PU6Y2S5CBN5BWCBDAJFTGIBZLK3S2G3J/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QDRDDPDN3VFIYXJIYEABY6USX5EU66AG/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RDDC2VOX7OQC6OHMYTVD4HLFZIV6PYBC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SINP4OVYNB2AGDYI2GS37EMW3H3F7XPZ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SOX7BCN6YL7B3RFPEEXPIU5CMTEHJOKR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VZXC32CJ7TWDPJO6GY2XIQRO7JZX5FLP/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWMBD4LNHWEXRI6YVFWJMTJQUL5WOFTS/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YQVY5C5REXWJIORJIL2FIL3ALOEJEF72/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/4ZAEFSFZDNBNJPNOUTLG5COISGQDLMGV/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/75DTHSTNOFFNAWHXKMDXS7EJWC6W2FUC/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/ARI7VDSNTQVXRQFM6IK5GSSLEIYV4VZH/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/BQAKLUJMHFGVBRDPEY57BJGNCE5UUPHW/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/HXYVPEZUA3465AEFX5JVFVP7KIFZMF3N/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/N6M5I6OQHJABNEYY555HUMMKX3Y4P25Z/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/NEUNZSZ3CVSM2QWVYH3N2XGOCDWNYUA3/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/ORLXS5YTKN65E2Q2NWKXMFS5FWQHRNZW/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/P2MAICLFDDO3QVNHTZ2OCERZQ34R2PIC/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/P2W2BZQIHMCKRI5FNBJERFYMS5PK6TAH/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/PHVGRKQAGANCSGFI3QMYOCIMS4IFOZA5/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/PU6Y2S5CBN5BWCBDAJFTGIBZLK3S2G3J/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/QDRDDPDN3VFIYXJIYEABY6USX5EU66AG/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/RDDC2VOX7OQC6OHMYTVD4HLFZIV6PYBC/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/SINP4OVYNB2AGDYI2GS37EMW3H3F7XPZ/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/VZXC32CJ7TWDPJO6GY2XIQRO7JZX5FLP/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/XWMBD4LNHWEXRI6YVFWJMTJQUL5WOFTS/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/YQVY5C5REXWJIORJIL2FIL3ALOEJEF72/",
"https://python-security.readthedocs.io/vuln/email-parseaddr-realname.html",
"https://security.netapp.com/advisory/ntap-20230601-0003/"
],
"score": 5.3,
"services": [
"27018/http"
],
"severity": "medium",
"summary": "The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"weakness": "CWE-20"
},
"CVE-2023-29552": {
"id": "CVE-2023-29552",
"references": [
"https://blogs.vmware.com/security/2023/04/vmware-response-to-cve-2023-29552-reflective-denial-of-service-dos-amplification-vulnerability-in-slp.html",
"https://curesec.com/blog/article/CVE-2023-29552-Service-Location-Protocol-Denial-of-Service-Amplification-Attack-212.html",
"https://datatracker.ietf.org/doc/html/rfc2608",
"https://github.com/curesec/slpload",
"https://security.netapp.com/advisory/ntap-20230426-0001/",
"https://www.bitsight.com/blog/new-high-severity-vulnerability-cve-2023-29552-discovered-service-location-protocol-slp",
"https://www.cisa.gov/news-events/alerts/2023/04/25/abuse-service-location-protocol-may-lead-dos-attacks",
"https://www.suse.com/support/kb/doc/?id=000021051"
],
"score": 7.5,
"services": [
"5984/http"
],
"severity": "high",
"summary": "The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2023-31122": {
"id": "CVE-2023-31122",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/TI3V2YCEUM65QDYPGGNUZ7UONIM5OEXC/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/VZJTT5TEFNSBWVMKCLS6EZ7PI6EJYBCO/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/ZFDNHDH4VLFGDPY6MEZV2RO5N5FLFONW/",
"https://security.netapp.com/advisory/ntap-20231027-0011/",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/TI3V2YCEUM65QDYPGGNUZ7UONIM5OEXC/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/VZJTT5TEFNSBWVMKCLS6EZ7PI6EJYBCO/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/ZFDNHDH4VLFGDPY6MEZV2RO5N5FLFONW/",
"https://security.netapp.com/advisory/ntap-20231027-0011/"
],
"score": 7.5,
"services": [
"631/http"
],
"severity": "high",
"summary": "Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-125"
},
"CVE-2023-36632": {
"id": "CVE-2023-36632",
"references": [
"https://docs.python.org/3/library/email.html",
"https://docs.python.org/3/library/email.utils.html",
"https://github.com/Daybreak2019/PoC_python3.9_Vul/blob/main/RecursionError-email.utils.parseaddr.py",
"https://github.com/python/cpython/issues/103800",
"https://docs.python.org/3/library/email.html",
"https://docs.python.org/3/library/email.utils.html",
"https://github.com/Daybreak2019/PoC_python3.9_Vul/blob/main/RecursionError-email.utils.parseaddr.py",
"https://github.com/python/cpython/issues/103800"
],
"score": 7.5,
"services": [
"27018/http"
],
"severity": "high",
"summary": "The legacy email.utils.parseaddr function in Python through 3.11.4 allows attackers to trigger \"RecursionError: maximum recursion depth exceeded while calling a Python object\" via a crafted argument. This argument is plausibly an untrusted value from an application's input data that was supposed to contain a name and an e-mail address. NOTE: email.utils.parseaddr is categorized as a Legacy API in the documentation of the Python email package. Applications should instead use the email.parser.BytesParser or email.parser.Parser class. NOTE: the vendor's perspective is that this is neither a vulnerability nor a bug. The email package is intended to have size limits and to throw an exception when limits are exceeded; they were exceeded by the example demonstration code.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-674"
},
"CVE-2023-40217": {
"id": "CVE-2023-40217",
"references": [
"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html",
"https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html",
"https://mail.python.org/archives/list/security-announce%40python.org/thread/PEPLII27KYHLF4AK3ZQGKYNCRERG4YXY/",
"https://security.netapp.com/advisory/ntap-20231006-0014/",
"https://www.python.org/dev/security/",
"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html",
"https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html",
"https://mail.python.org/archives/list/security-announce%40python.org/thread/PEPLII27KYHLF4AK3ZQGKYNCRERG4YXY/",
"https://security.netapp.com/advisory/ntap-20231006-0014/",
"https://www.python.org/dev/security/"
],
"score": 5.3,
"services": [
"27018/http"
],
"severity": "medium",
"summary": "An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers (such as HTTP servers) that use TLS client authentication. If a TLS server-side socket is created, receives data into the socket buffer, and then is closed quickly, there is a brief window where the SSLSocket instance will detect the socket as \"not connected\" and won't initiate a handshake, but buffered data will still be readable from the socket buffer. This data will not be authenticated if the server-side TLS peer is expecting client certificate authentication, and is indistinguishable from valid TLS stream data. Data is limited in size to the amount that will fit in the buffer. (The TLS connection cannot directly be used for data exfiltration because the vulnerable code path requires that the connection be closed on initialization of the SSLSocket.)",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2023-43336": {
"id": "CVE-2023-43336",
"references": [
"http://freepbx.com",
"http://sangoma.com",
"https://medium.com/%40janirudransh/security-disclosure-of-vulnerability-cve-2023-23336-4429d416f826",
"http://freepbx.com",
"http://sangoma.com",
"https://medium.com/%40janirudransh/security-disclosure-of-vulnerability-cve-2023-23336-4429d416f826"
],
"score": 8.8,
"services": [
"1434/sip-proxy"
],
"severity": "high",
"summary": "Sangoma Technologies FreePBX before cdr 15.0.18, 16.0.40, 15.0.16, and 16.0.17 was discovered to contain an access control issue via a modified parameter value, e.g., changing extension=self to extension=101.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"weakness": "NVD-CWE-Other"
},
"CVE-2023-45802": {
"id": "CVE-2023-45802",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/",
"https://security.netapp.com/advisory/ntap-20231027-0011/"
],
"score": 5.9,
"services": [
"631/http"
],
"severity": "medium",
"summary": "When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that.nnThis was found by the reporter during testing ofxa0CVE-2023-44487 (HTTP/2 Rapid Reset Exploit) with their own test client. During \"normal\" HTTP/2 use, the probability to hit this bug is very low. The kept memory would not become noticeable before the connection closes or times out.nnUsers are recommended to upgrade to version 2.4.58, which fixes the issue.n",
"vector_string": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-770"
},
"CVE-2024-40898": {
"id": "CVE-2024-40898",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"http://www.openwall.com/lists/oss-security/2024/07/17/7",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.netapp.com/advisory/ntap-20240808-0006/"
],
"score": 7.5,
"services": [
"631/http"
],
"severity": "high",
"summary": "SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests.\n\nUsers are recommended to upgrade to version 2.4.62 which fixes this issue. ",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"weakness": "CWE-918"
},
"CVE-2024-6232": {
"id": "CVE-2024-6232",
"references": [
"https://github.com/python/cpython/commit/34ddb64d088dd7ccc321f6103d23153256caa5d4",
"https://github.com/python/cpython/commit/4eaf4891c12589e3c7bdad5f5b076e4c8392dd06",
"https://github.com/python/cpython/commit/743acbe872485dc18df4d8ab2dc7895187f062c4",
"https://github.com/python/cpython/commit/7d1f50cd92ff7e10a1c15a8f591dde8a6843a64d",
"https://github.com/python/cpython/commit/b4225ca91547aa97ed3aca391614afbb255bc877",
"https://github.com/python/cpython/commit/d449caf8a179e3b954268b3a88eb9170be3c8fbf",
"https://github.com/python/cpython/commit/ed3a49ea734ada357ff4442996fd4ae71d253373",
"https://github.com/python/cpython/issues/121285",
"https://github.com/python/cpython/pull/121286",
"https://mail.python.org/archives/list/[email protected]/thread/JRYFTPRHZRTLMZLWQEUHZSJXNHM4ACTY/",
"http://www.openwall.com/lists/oss-security/2024/09/03/5",
"https://security.netapp.com/advisory/ntap-20241018-0007/"
],
"score": 7.5,
"services": [
"27018/http"
],
"severity": "high",
"summary": "There is a MEDIUM severity vulnerability affecting CPython.\n\n\n\n\n\nRegular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-1333"
},
"CVE-2024-7592": {
"id": "CVE-2024-7592",
"references": [
"https://github.com/python/cpython/commit/391e5626e3ee5af267b97e37abc7475732e67621",
"https://github.com/python/cpython/commit/44e458357fca05ca0ae2658d62c8c595b048b5ef",
"https://github.com/python/cpython/commit/a77ab24427a18bff817025adb03ca920dc3f1a06",
"https://github.com/python/cpython/commit/b2f11ca7667e4d57c71c1c88b255115f16042d9a",
"https://github.com/python/cpython/commit/d4ac921a4b081f7f996a5d2b101684b67ba0ed7f",
"https://github.com/python/cpython/commit/d662e2db2605515a767f88ad48096b8ac623c774",
"https://github.com/python/cpython/commit/dcc3eaef98cd94d6cb6cb0f44bd1c903d04f33b1",
"https://github.com/python/cpython/issues/123067",
"https://github.com/python/cpython/pull/123075",
"https://mail.python.org/archives/list/[email protected]/thread/HXJAAAALNUNGCQUS2W7WR6GFIZIHFOOK/",
"https://security.netapp.com/advisory/ntap-20241018-0006/"
],
"score": 7.5,
"services": [
"27018/http"
],
"severity": "high",
"summary": "There is a LOW severity vulnerability affecting CPython, specifically the\n'http.cookies' standard library module.\n\n\nWhen parsing cookies that contained backslashes for quoted characters in\nthe cookie value, the parser would use an algorithm with quadratic\ncomplexity, resulting in excess CPU resources being used while parsing the\nvalue.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-400"
}
}
}