db_server_msgs

Ubuntu packages of security software。 相当不错的源码

#VERSION,2.002
#LASTMOD,01.08.2008
# http://www.cirt.net/

# This file may only be distributed and used with the full Nikto package.
# This file may not be used with any software product without written permission from CIRT, Inc.
# (c) 2007 CIRT, Inc., All Rights Reserved.

# By sending any database updates to CIRT, Inc., it is assumed that you
# grant CIRT, Inc., the unlimited, non-exclusive right to reuse, modify and relicense the changes.

"800000","4D_WebSTAR_S\/5\.([0-2]|3\.[0-2])","May be vulnerable to multiple flaws. http://secunia.com/advisories/12063/"
"800001","4D_WebSTAR_S\/5\.([0-2]|3\.[01])","May be vulnerable to denial of service threw openssl implementation bug. http://secunia.com/advisories/11181/"
"800002","4D_WebSTAR_S\/5\.([0-3]|4[^.])","May be vulnerable to a buffer overflow in tomcat plugin URL. http://secunia.com/advisories/15278/"
"800003","4D_WebSTAR_S\/5\.3\.1","May be vulnerable to remote exploitable buffer overflow. http://secunia.com/advisories/9723/"
"800004","Abyss\/1\.0\.3","May be vulnerable to directory traversal by using '%5c%2e%2e%5c' type paths."
"800005","ADSM_HTTP\/","May be Tivoli server administration. Default account is admin/admin."
"800006","Acme.Serve/v1.7 of 13nov96","Java class Acme.Serve.Serve is used as an embedded server for many devices, including APC InfraStruXure Manager. This server string is the default for the servlet. Check for port 9090, which may have a browsable c:\ drive. See: http://www.acme.com/java/software/Acme.Serve.Serve.html"
"800007","AdSubtract","Adsubtract.com, a Windows proxy which removes popup ads, can be configure for remote access or localhost only."
"800008","Agranat-EMWeb","Most likely a printer."
"800009","alibaba","http://alibaba.austria.eu.net/ This server has lots of problems (overflows, etc)"
"800010","Allegro-Software-RomPager","Most likely a printer."
"800011","allegro-software","Most often a printer or other embedded device"
"800012","american sitebuilder","http://www.american.com/product1.html"
"800013","aolserver","http://www.aolserver.com/ runs on Dec OSF1"
"800014","Apache Tomcat\/4\.(0\.[1-4]|1\.[0-9][^0-9]|1\.10)","May be vulnerable to JSP source code exposure. CAN-2002-1148."
"800015","Apache Tomcat\/4\.0\.3","Apache Tomcat 4.0.3 Win 2000 server is vulnerable to a DoS attack. Upgrade to a 4.1.3beta or higher."
"800016","apache-ssl-us","http://apachessl.c2.net"
"800017","Apache\/.* Ben-SSL\/1\.([0-9][^0-9]|[0-3][0-9]|4[0-6])[^0-9]","This version of Apache-SSl is vulnerable to a buffer overflow."
"800018","Apache\/(1\.2\.([2-9].*|1[0-9])|1\.3\.([0-1].*|2[0-4]))","Apache 1.x up 1.2.34 are vulnerable to a remote DoS and possible code execution. CAN-2002-0392."
"800019","Apache\/1\.0\.3","Probably a Xerox printer"
"800020","Apache\/1\.1\.1","May be able view directory contents regardless of index.html"
"800021","Apache\/1\.1\.3","This version has a mod_cookies buffer overflow"
"800022","Apache\/1\.3\.(0.*|1.*|2[0-6])","Apache 1.3 below 1.3.27 are vulnerable to a local buffer overflow which allows attackers to kill any process on the system. CAN-2002-0839."
"800023","Apache\/1\.3\.(0.*|1.*|2[0-8])","Apache 1.3 below 1.3.29 are vulnerable to overflows in mod_rewrite and mod_cgi. CAN-2003-0542."
"800024","Apache\/1\.3\.27","Windows and OS/2 version vulnerable to remote exploit. CAN-2003-0460"
"800025","Apache\/2\.0\.([0-2].*|3.*)","Apache 2.0 to 2.0.39 Windows may be vulnerable to arbitrary file retrieval. CAN-2002-0661."
"800026","Apache\/2\.0\.([0-2].*|3[0-8])","Apache 2.0 up 2.0.36 are vulnerable to a remote DoS and possible code execution. CAN-2002-0392."
"800027","Apache\/2\.0\.([0-3].*|4.[0-8])","Apache 2.0 to 2.0.48: overflows in mod_alias and mod_rewrite (OSVDB-2733, OSVDB-7611), mod_cgid may send the output of CGI to the incorrect client (OSVDB-15889)."
"800028","Apache\/2\.0\.([0-3].*|4[0-6])","Apache 2.0 up 2.0.46 are vulnerable to multiple remote problems. CAN-2003-0192. CAN-2003-0253. CAN-2003-0254. CERT VU#379828."
"800029","Apache\/2\.0\.([0-3].*|4[0-7])","Apache 2.0 up 2.0.47 are vulnerable to multiple remote problems in mod_rewrite and mod_cgi. CAN-2003-0789. CAN-2003-0542."
"800030","Apache\/2\.0\.([0-4].*|5\.[0-1])","Apache 2.0 to 2.0.51 contain multiple problems: overflow in apr-util (OSVDB-9994), config file variable overflow (OSVDB-9991), indirect lock refresh DoS (OSVDB-9948), SSL input filter DoS (OSVDB-9742), potential infinite loop (OSVDB-9523)."
"800031","Apache\/2\.0\.([0-4].*|5\.[0-2])","Apache 2.0 to 2.0.52 could allow bypassing of authentication via the Satisfy directive. CAN-2004-0811. OSVDB-10218."
"800032","Apache\/2\.0\.([0-4].*|5\.[0-3])","Apache 2.0 to 2.0.53 allows bypassing of an SSLCipherSuite setting. CAN-2004-0885. OSVDB-10637. Also contains a memory exhaustion DoS through MIME folded requests. CAN-2004-0942. OSVDB-11391"
"800033","Apache\/2\.0\.([0-4].*|5\.0)","Apache 2.0 to 2.0.50 contain a buffer overflow in FakeBasicAuth with trusted client certificates. CAN-2004-0488. OSVDB-6472. Also a DoS with certain input data. CAN-2004-0493. OSVDB-7269."
"800034","Apache\/2\.0\.(3[7-9]|4[0-5])","Apache versions 2.0.37 through 2.0.45 are vulnerable to a DoS in mod_dav. CAN-2003-0245."
"800035","Apache\/2\.0\.[0-4].*","Apache 2.0 to 2.0.49: memory leak in plain-HTTP-on-SSL-port handling (OSVDB-4182), a DoS with short-lived connections on rarely-accessed sockets (OSVDB-4383), and may allow unescaped data into logfiles (OSVDB-4382)."
"800036","Apache\/2\.0\.4[0-5]","Apache versions 2.0.40 through 2.0.45 are vulnerable to a DoS in basic authentication. CAN-2003-0189."
"800037","Apache\/2\.0\.43","Win9x and ME servers allow arbitrary code execution, DoS and/or arbitrary file retrieval. CAN-2003-0016. CAN-2003-0017."
"800038","Apache\/2\.0\.44","Apache 2.0.44 is vulnerable to a DoS when linefeed characters are submitted consecutively. CAN-2003-0132."
"800039","apachejserv\/1\.(0|1\.[0-1])","This version of Apache JServ allows files to be retrieved and possibly executed from outside the web root. CAN-2001-0307."
"800040","aserve","http://www.phone.net/aws"
"800041","ATPhttpd","http://www.redshift.com/~yramin/atp/atphttpd/ V0.4 contains a DoS by sending a GET 3000 chars long (many times). See securityoffice.net. Also see http://bespin.org/~qitest1 for more bugs/patches."
"800042","avenida","http://www.avenida.co.uk/"
"800043","Avirt","Check www.avirt.com for updates, some versions of the proxies have buffer overflows that allow attackers to run arbitrary commands."
"800044","awhttpd","http://pulsar.systes.net/awhttpd/ v2.2 has a local DoS if a user has write access to the HTML directory, see http://sec.angrypacket.com for more info."
"800045","BadBlue\/([0-1].*|2\.[0-9]{1}|2\.1[0-5]{1})","BadBlue Web server 2.15 allow remote users to execute commands on the machine. http://www.badblue.com/"
"800046","BadBlue\/(0\..*|1\.([0-6].*|7\.0))","BadBlue Web server 1.7.0 and below allows directories to be listed by appending a unicode % to the end of a string. http://www.badblue.com/"
"800047","bkhttp\/0.3","BitKeeper may allow anyone to execute arbitrary commands on the remote system. See http://www.securiteam.com/securitynews/5TP0D0K8UQ.html."
"800048","Blazix\/1\.2\.1","Can view JSP source by appending a + to the end of the request."
"800049","boa","http://www.boa.org/"
"800050","boulevard","http://www.resnova.com/boulevard"
"800051","Brickserver Modifications","May be vulnerable to %2f type directory listing vulnerabilities if the directory contains an index.shtml but not index.html file."
"800052","capneld","This is a web hosting manager. It should not be running unless required, as it allows web server administration."
"800053","cern","http://www.w3.org/hypertext/WWW/Daemon"
"800054","ChaiServer","HP printer."
"800055","Cherokee\/0\.2\.7","This version of Cherokee allows arbitrary files to be retreived remotely. See http://www.securitytracker.com/alerts/2001/Dec/1003074.html"
"800056","cisco ios","Cisco Catalyst Switch"
"800057","cisco-CPA","Most likely a router/switch web management port"
"800058","cl-http","http://www.ai.mit.edu/projects/iiip/doc/cl-http/home-page.html"
"800059","Cobalt","Cobalt RaQ system"
"800060","commerce-builder","http://www.ifact.com/"
"800061","CompaqHTTPServer","Has had a few remote DoS issues. Can also give a lot of system information, especially if anonymous access enabled."
"800062","cosmos","http://www.ris.fr/"
"800063","DeleGate\/","www.globalintersec.com has found multiple vulnerabilities in the DeleGate proxies and recommends using Squid or another proxy device as the author(s) have not fixed previous versions."
"800064","DeleGate\/7\.7\.[0-1]","DeleGate 7.7.1 & 7.7.0 are vulnerable to CSS."
"800065","dwhttpd","Probably Sun Microsystem's AnswerBook server. v3.1a4, 4.0.2a7a and 4.1a6 have problems."
"800066","dwhttpd\/4\.(0\.2a7a|1a6)","May allow unauthorized users to add administrators or view logs remotely."
"800067","Embedded HTTP Server","Likely this is a D-Link SoHo router."
"800068","emwac","http://emwac.ed.ac.uk/"
"800069","enterpriseweb","http://www.beyond-software.com/products/eweb/eweb.html"
"800070","Eserv\/2\.97","Server allows pass protected directories to be retrieved by prepending '/./' to it, ie http://server/./protected/, or directory listings by appending ?"
"800071","Essentia\/2\.1","Essentia 2.1 is vulnerable to directory traversal problems with /../ type requests, along with a DoS on long (2000 chars) requests."
"800072","Ews/","Probably a printer."
"800073","falcon","May allow ../../ file system browsing"
"800074","fnord","Win 32 platform"
"800075","Folkweb","Win 32 platform"
"800076","frontier","http://www.frontiertech.com/products/superweb.htm"
"800077","frontpage","http://www.insecure.org/sploits/Microsoft.frontpage.insecurities.html"
"800078","ghttpd\/1\.[0-4]","The Ghttpd server may contain a remote buffer overflow. Upgrade to the latest version."
"800079","glaci","Netware web server"
"800080","GoAhead-Webs","This may be a Cyclade, http://www.cyclades.com/"
"800081","GoAhead-Webs\/2\.(0.*|1)","GoAhead-Webs 2.1 and below is vulnerable to command execution through a buffer overflow. See http://www.securiteam.com for details."
"800082","Gordian Embedded","Lantronix device, may give system/networking information freely. Could be an access badge reader/card swipe."
"800083","goserve","http://www2.hursley.ibm.com/goserve"
"800084","gosite","http://www.gosite.com/"
"800085","GWS\/","Could be the Google Web Server. 2.0 seems to be current."
"800086","hellbent java webserver v0.1","This version of the server is vulnerable to a path disclosure bug and can allow attackers to view .prefs files under certain circumstances. Upgrade to 0.11 or higher. See http://www.securityfocus.com/archive/82/73778"
"800087","homedoor","http://www.opendoor.com/"
"800088","HP-Web-Server","HP Printer"
"800089","hyperwave","http://www.hyperwave.com/"
"800090","i\/net","http://www.inetmi.com/"
"800091","ibm internet connection server","http://www.ics.raleigh.ibm.com"
"800092","IBM-HTTP-Server\/1\.0","This IBM web server allows file source to be viewed by adding a '/' to the URI, like http://server/index.jsp/"
"800093","icecast/1\.3\.(7|8.*beta[0-2])","This version of Icecast may allow an attacker to execute commands on the server with a format string attack."
"800094","iis\/4","May be able to bypass security settings using 8.3 file names. ESB-98.015."
"800095","Intrusion\/","The server may be running Tripwire for web pages. This can allow attackers to gain sensitive information about the web setup."
"800096","Ipswitch-IMail\/7\.11","May be vulnerable to a remote command execution overflow, see http://online.securityfocus.com/archive/1/284465"
"800097","Jaguar Server","Probably a Sybase web interface"
"800098","jakarta-tomcat-4.0.1","Server will reveal path"
"800099","JavaWebServer","Probably Sun Microsystem's servlet interface. May have defualt code which is exploitable. Try admin/admin for id/password."
"800100","JetAdmin","HP Printer"
"800101","Jeus WebContainer\/([0-3]\.[0-2]\..*)","JEUS below 3.2.2 is vulnerable to XSS if a nonexistent url is requested, i.e. [victim site]/[javascript].jsp"
"800102","Jigsaw\/([0-1].*|2\.([0-1].*|2\.0))","Jigsaw 2.1.0 or below may be vulnerable to XSS if a nonexistent host name is requested, i.e. nosuchhost.domain.com/<script>..."
"800103","Jigsaw\/2\.2\.1","Jigsaw 2.1.1 on Windows may be tricked into revealing the system path by requesting /aux two times."
"800104","JRun\/([0-3]\..*|4\.0)","JRun 4.0 and below on IIS is vulnerable to remote buffer overflow with a filename over 4096. http://www.macromedia.com/v1/handlers/index.cfm?ID=23500 and http://www.eeye.com/html/Research/Advisories/index.html"
"800105","JRun\/3\.1","JRun 3.1 on Windows NT/2000 is vulnerable to remote buffer overflow in the Host header field that can allow attackers to exploit the system."
"800106","KazaaClient","Kazaa may allow sensitve information to be retrieved, http://www.securiteam.com/securitynews/5UP0L2K55W.html"
"800107","LabVIEW\/(5\.[1-9]|6\.[0-1])","LabVIEW 5.1.1 to 6.1 is vulnerable to a remote DoS by sending a malformed GET request. This DoS was not attempted."
"800108","Lasso\/3\.6\.5","This version of Blueworld WebData engine is vulnerable to DoS by sending a 1600 character long GET request."
"800109","LilHTTP\/2\.1","LilHTTP server 2.1 allows password protected resources to be retrieved by prepending '/./' to the url."
"800110","LocalWeb2000\/([0-1]\.*|2\.(0\.*|1\.0))","LocalWeb2000 2.1.0 and below allow protected files to be retrieved by prepending the request with /./"
"800111","Lotus-Domino\/([0-3].*|4\.([0-1].*|2\.([0-1].*|3)))","This version of Lotus-Domino server has had multiple vulnerabilities. See the bugtraq archives for details."
"800112","Lotus-Domino\/4\.[5-6]","This version of Lotus-Domino server is vulnerable to a DoS via the WEb Retriever. CAN-2003-0123."
"800113","Lotus-Domino\/5","This version of Lotus-Domino server is vulnerable to a DoS via the WEb Retriever. CAN-2003-0123."
"800114","Lotus-Domino\/5\.0\.9","This version of Lotus-Domino server is vulnerable to a DoS via requesting DOS devices"
"800115","Lotus-Domino\/6b.*","This version of Lotus-Domino server is vulnerable to a DoS via the WEb Retriever. CAN-2003-0123."
"800116","Lotus-Domino\/Release-([0-3].*|4\.([0-1].*|2\.([0-1].*|3)))","This version of Lotus-Domino server has had multiple vulnerabilities. See the bugtraq archives for details."
"800117","Lotus-Domino\/Release-4\.[5-6]","This version of Lotus-Domino server is vulnerable to a DoS via the WEb Retriever. CAN-2003-0123."
"800118","Lotus-Domino\/Release-5","This version of Lotus-Domino server is vulnerable to a DoS via the WEb Retriever. CAN-2003-0123."
"800119","Lotus-Domino\/Release-5\.0\.9","This version of Lotus-Domino server is vulnerable to a DoS via requesting DOS devices"
"800120","Lotus-Domino\/Release-6b*","This version of Lotus-Domino server is vulnerable to a DoS via the WEb Retriever. CAN-2003-0123."
"800121","machttp","http://www.starnine.com/machttp may let you download log files"