On Dec 5, 2007 5:00 PM, Juha-Matti Laurio <[EMAIL PROTECTED]> wrote: > It is not know if this information was collected with scripts or manually via > Netcraft-type databases.
Looks like Nessus output to me. So someone portscanned Pakistan.gov? Okie dokie.. -JP > > Example data: > --clip-- > www.academy.gov.pk 67.18.34.220 > SERVER IP: 67.18.34.220 > PORT/PROTOCOL: 80/tcp > TYPE: NOTE > - A web server is running on this port : Server: Microsoft-IIS/6.0 > - The remote host is running a Microsoft IIS webserver > > SERVER IP: 67.18.34.220 > PORT/PROTOCOL: 80/tcp > TYPE: REPORT > Synopsis : The remote host is vulnerable to multiple attack vectors The > remote host is running PHP less than 5.2.0. This version is vulnerable to > around 180 bugs. An attacker, exploiting these flaws, would be able to impact > Confidentiality, Integrity, and Availability. CVSS Base Score : 7.5 > CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P Solution : Upgrade to PHP 4.4.5, 5.2.1 or > newer See also : http://www.php.net/ChangeLog-5.php#5.2.1 > CVE :.... > --clip-- > > Link: > http://cryptome.org/gov-pk.htm > > - Juha-Matti > _______________________________________________ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. > _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
