Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Vulnerable uri?
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: Vulnerable uri? (Read 1261 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 34054
malware fighter
Vulnerable uri?
«
on:
March 30, 2017, 03:56:23 PM »
See:
http://urlquery.net/report.php?id=1490880741640
and
http://www.domxssscanner.com/scan?url=http%3A%2F%2F179.41.248.173%2Fhtml%2Fjs%2Fsecboot.js
Consider:
https://www.rapid7.com/db/search?q=CVE-2012-0920
(dropbear version vulnerable)....
See: -https://aw-snap.info/file-viewer/?protocol=not-secure&tgt=179.41.248.173%2Fcgi-bin%2Fwebproc&ref_sel=GSP2&ua_sel=ff&fs=1 mini_httpd/1.19 19dec2003
Extra link found: -http://www.acme.com/software/mini_httpd/
Open to dependency injection? /html/skin/ErrorMark.gif like a CT local
See:
https://urlscan.io/result/5dc0e561-7608-4c31-9ad1-5ea637a6bd02#summary
polonus (volunteer website security analyst and website error-hunter)
«
Last Edit: March 30, 2017, 04:16:46 PM by polonus
»
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
polonus
Avast Überevangelist
Probably Bot
Posts: 34054
malware fighter
Re: Vulnerable uri?
«
Reply #1 on:
March 31, 2017, 01:30:43 PM »
Risks are luring everywhere now for this sub domain.
Consider here:
http://toolbar.netcraft.com/site_report?url=http%3A%2F%2Fcp0203.azamedia.net%2F
We have 11 abusers on that AS:
http://sitevet.com/db/asn/AS15699
There is risk because of the exposure of the nameserver version: 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6_8.4
Exposing name server's versions may be risky, when a new vulnerability is found your name servers may be automatically exploited by script kiddies until you patch the system. The excessive info proliferation data can be incorrect, still it is not considered 'best practices", your servers should never speak out loud!
Meagre F-Status:
https://observatory.mozilla.org/analyze.html?host=cp0203.azamedia.net
B-status here:
https://www.htbridge.com/ssl/?id=7bdaf9f435ff059f8cde1dca7d6199dad7336733d6d388146d065d73c8199901
The RSA certificate provided by the server could not be trusted. Non-compliant with PCI DSS requirements,
non-compliant with HIPAA guidance. Misconfiguration and weaknesses. It is self-signed!
Kingscope exploitable???
Re:
https://urlscan.io/result/a47d9251-8bbe-40be-a966-849b4e63884b#summary
Plesk-link to
https://plus.google.com/communities/109881979300958500728
Sio hashes and retireable codes non vulnerable.
We see this site could have been a little bit more secure....
polonus (volunteer website security analyst and website error-hunter)
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Vulnerable uri?