db_tests

Ubuntu packages of security software。 相当不错的源码

"000310","0","3","/webmail/horde/test.php","GET","Horde Versions","","","","","Horde script reveals detailed system/Horde information.","",""
"000311","0","3","/whateverJUNK(4).html","GET","InterScan HTTP Version","","","","","InterScan VirusWall on the remote host reveals its version number in HTTP error messages.","",""
"000312","0","3","/ws_ftp.ini","GET","200","","","","","Can contain saved passwords for ftp sites","",""
"000313","0","3","/WS_FTP.ini","GET","200","","","","","Can contain saved passwords for ftp sites","",""
"000314","0","3","@CGIDIRSMsmMask.exe","GET","200","","","","","MondoSearch 4.4 may allow source code viewing by requesting MsmMask.exe?mask=/filename.asp where 'filename.asp' is a real asp file.","",""
"000315","0","3","/_mem_bin/auoconfig.asp","GET","200","","","","","Displays the default AUO (LDAP) schema, including host and port.","",""
"000316","0","3","/_mem_bin/auoconfig.asp","GET","LDAP","","","","","LDAP information revealed via asp. See http://www.wiretrip.net/rfp/p/doc.asp/i1/d69.htm","",""
"000317","17664","3","/_mem_bin/remind.asp","GET","Recover","","","","","Page will give the password reminder for any user requested (username must be known).","",""
"000318","0","3","/exchange/lib/ATTACH.INC","GET","File upload","","","","","Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/","",""
"000319","17659","3","/SiteServer/Admin/knowledge/persmbr/vs.asp","GET","200","","","","","Expose various LDAP service and backend configuration parameters","",""
"000320","17661","3","/SiteServer/Admin/knowledge/persmbr/VsLsLpRd.asp","GET","200","","","","","Expose various LDAP service and backend configuration parameters","",""
"000321","17662","3","/SiteServer/Admin/knowledge/persmbr/VsPrAuoEd.asp","GET","200","","","","","Expose various LDAP service and backend configuration parameters","",""
"000322","17660","3","/SiteServer/Admin/knowledge/persmbr/VsTmPr.asp","GET","200","","","","","Expose various LDAP service and backend configuration parameters","",""
"000323","0","3","/trace.axd","GET","Application Trace","","","","","The .NET IIS server has application tracing enabled. This could allow an attacker to view the last 50 web requests.","",""
"000324","0","3","/tvcs/getservers.exe?action=selects1","GET","200","","","","","Following steps 2-4 of this page may reveal a zip file which contains passwords and system details.","",""
"000325","0","3","/whatever.htr","GET","<html>Error: The requested file could not be found. </html>","","","","","Reveals physical path. htr files may also be vulnerable to an off-by-one overflow that allows remote command execution (see MS02-018)","",""
"000326","0","3","/whatever.htr","GET","200","","","","","Reveals physical path. htr files may also be vulnerable to an off-by-one overflow that allows remote command execution (see MS02-018)","",""
"000327","0","3","/./","GET","Index of ","","","","","Appending '/./' to a directory allows indexing","",""
"000328","0","3","/nsn/fdir.bas:ShowVolume","GET","200","","","","","You can use ShowVolume and ShowDirectory directly on the Novell server (NW5.1) to view the filesystem without having to log in","",""
"000329","0","3","/nsn/fdir.bas","GET","200","","","","","You can use fdir to ShowVolume and ShowDirectory.","",""
"000330","0","3","/servlet/webacc?User.html=noexist","GET","templates/","","","","","Netware web access may reveal full path of the web server. Apply vendor patch or upgrade.","",""
"000331","0","4","/forum/admin/database/wwForum.mdb","GET","200","","","","","Web Wiz Forums pre 7.5 is vulnerable to Cross-Site Scripting attacks. Default login/pass is Administrator/letmein","",""
"000332","0","4","/webmail/blank.html","GET","200","","","","","IlohaMail 0.8.10 contains an XSS vulnerability. Previous versions contain other non-descript vulnerabilities.","",""
"000333","0","5","/jamdb/","GET","200","","","","","JamDB pre 0.9.2 mp3.php and image.php can allow user to read arbitrary file out of docroot.","",""
"000334","0","6","/cgi/cgiproc?","GET","200","","","","","It may be possible to crash Nortel Contivity VxWorks by requesting '/cgi/cgiproc?$' (not attempted!). Upgrade to version 2.60 or later.","",""
"000335","0","7","@CGIDIRSaddbanner.cgi","GET","200","","","","","This CGI may allow attackers to read any file on the system.","",""
"000336","0","7","@CGIDIRSaf.cgi?_browser_out=.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2Fetc%2Fpasswd","GET","root:","","","","","AlienForm2 revision 1.5 allows any file to be read from the remote system.","",""
"000337","0","7","@CGIDIRSalienform.cgi?_browser_out=.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2Fetc%2Fpasswd","GET","root:","","","","","AlienForm2 revision 1.5 allows any file to be read from the remote system.","",""
"000338","0","7","@CGIDIRSshtml.dll","GET","200","","","","","This may allow attackers to retrieve document source.","",""
"000339","2400","7","/admin-serv/tasks/configuration/ViewLog?file=passwd&num=5000&str=&directories=admin-serv%2Flogs%2f..%2f..%2f..%2f..%2f..%2f..%2fetc&id=admin-serv","GET","root:","","","","","iPlanet Administration Server 5.1 allows remote users to download any file from the server. Upgrade to SunOne DS5.2 and in iDS5.1 SP2 Hotfix 2."," ",""
"000340","0","8","@CGIDIRSaglimpse.cgi","GET","200","","","","","This CGI may allow attackers to execute remote commands.","",""
"000341","0","8","@CGIDIRSaglimpse","GET","200","","","","","This CGI may allow attackers to execute remote commands.","",""
"000342","0","8","@CGIDIRSarchitext_query.cgi","GET","200","","","","","Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands.","",""
"000343","0","8","/cgi-local/cgiemail-1.4/cgicso?query=AAA","GET","400 Required field missing: fingerhost","","","","","This CGI allows attackers to execute remote commands.","",""
"000344","0","8","/cgi-local/cgiemail-1.6/cgicso?query=AAA","GET","400 Required field missing: fingerhost","","","","","This CGI allows attackers to execute remote commands.","",""
"000345","0","8","/servlet/SchedulerTransfer","GET","200","Error Occurred","","","","PeopleSoft SchedulerTransfer servlet found, which may allow remote command execution. See http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21999","",""
"000346","0","8","/servlet/sunexamples.BBoardServlet","GET","200","Error Occurred","","","","This default servlet lets attackers execute arbitrary commands."," ",""
"000347","0","8","/servlets/SchedulerTransfer","GET","200","Error Occurred","","","","PeopleSoft SchedulerTransfer servlet found, which may allow remote command execution. See http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21999","",""
"000348","0","8","@CGIDIRScmd.exe?/c+dir","GET","200","","","","","cmd.exe can execute arbitrary commands","",""
"000349","0","8","@CGIDIRScmd1.exe?/c+dir","GET","200","","","","","cmd1.exe can execute arbitrary commands","",""
"000350","0","8","@CGIDIRShello.bat?&dir+c:\",","GET","200","","","","","This batch file may allow attackers to execute remote commands.","",""
"000351","0","8","@CGIDIRSpost32.exe|dir%20c:\",","GET","200","","","","","post32 can execute arbitrary commands","",""
"000352","0","8","/perl/-e%20print%20Hello","GET","200","","","","","The PERL interpreter on the novell system may allow any command to be executed. See BID-5520. Installing Perl 5.6 might fix this issue.","",""
"000353","0","a","/admin.cgi","GET","Administration","","","","","InterScan VirusWall administration is accessible without authentication.","",""
"000354","0","a","/interscan/","GET","Administration","","","","","InterScan VirusWall administration is accessible without authentication.","",""
"000355","0","a","/vgn/legacy/save","GET","200","","","","","Vignette Legacy Tool may be unprotected. To access this resource, set a cookie called 'vgn_creds' with any value.","",""
"000356","0","b","/","GET","default Tomcat","","","","","Appears to be a default Apache Tomcat install.","",""
"000357","0","b","/IDSWebApp/IDSjsp/Login.jsp","GET","200","","","","","Tivoli Directory Server Web Administration.","",""
"000358","0","b","/quikstore.cfg","GET","200","","","","","Shopping cart config file, http://www.quikstore.com/, http://www.mindsec.com/advisories/post2.txt","",""
"000359","0","b","/quikstore.cgi","GET","200","","","","","A shopping cart.","",""
"000360","0","b","/securecontrolpanel/","GET","200","","","","","Web Server Control Panel","",""
"000361","0","b","/siteminder","GET","200","","","","","This may be an indication that the server is running Siteminder for SSO","",""
"000362","0","b","/webmail/","GET","200","","","","","Web based mail package installed.","",""
"000363","0","b","/Xcelerate/LoginPage.html","GET","Xcelerate Login Page","","","","","Xcelerate Content Server by Divine/OpenMarket login page found.","",""
"000364","0","b","/_cti_pvt/","GET","200","","","","","FrontPage directory found.","",""
"000365","0","b","/smg_Smxcfg30.exe?vcc=3560121183d3","GET","200","","","","","This may be a Trend Officesan 'backdoor'.","",""
"000366","0","2b","/examples/servlets/index.html","GET","Servlet Examples","","","","","Apache Tomcat default JSP pages present.","",""
"000367","0","3b","/nsn/..%5Cutil/attrib.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","",""
"000368","0","3b","/nsn/..%5Cutil/chkvol.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","",""
"000369","0","3b","/nsn/..%5Cutil/copy.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","",""
"000370","0","3b","/nsn/..%5Cutil/del.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","",""
"000371","0","3b","/nsn/..%5Cutil/dir.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","",""
"000372","0","3b","/nsn/..%5Cutil/dsbrowse.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","",""
"000373","0","3b","/nsn/..%5Cutil/glist.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","",""
"000374","0","3b","/nsn/..%5Cutil/lancard.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","",""
"000375","0","3b","/nsn/..%5Cutil/md.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","",""
"000376","0","3b","/nsn/..%5Cutil/rd.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","",""
"000377","0","3b","/nsn/..%5Cutil/ren.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server ","",""
"000378","0","3b","/nsn/..%5Cutil/send.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","",""
"000379","0","3b","/nsn/..%5Cutil/set.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","",""
"000380","0","3b","/nsn/..%5Cutil/slist.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","",""
"000381","0","3b","/nsn/..%5Cutil/type.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","",""
"000382","0","3b","/nsn/..%5Cutil/userlist.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","",""
"000383","0","3b","/nsn/..%5Cweb/env.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","",""
"000384","0","3b","/nsn/..%5Cweb/fdir.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","",""
"000385","0","3b","/nsn/..%5Cwebdemo/env.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","",""
"000386","0","3b","/nsn/..%5Cwebdemo/fdir.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","",""
"000387","0","c","/wikihome/action/conflict.php","GET","200","","","","","Some versions of this script allow external source to be included/run by appending ?TemplateDir=http://my.host/ to requests.","",""
"000388","0","1","@CGIDIRSarchi