Home / vulnerabilitiesPDF  

nmapfinger-whoops.txt

Posted on 01 January 2008
Source : packetstormsecurity.org Link

 

Vendor Site: http://www.astaro.com/
Firmware Version: 7.100
Pattern Version: 5661
Kernel: default-2.6.16.43-54.5

Overview: The following fingerprints discovered could allow an attacker to craft a malicious HTTP packet and or leverage other attacks via port 80 & 8080. Nmap services scan (-sV) most take place internal to the network.


HTTP

==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============

SF-Port80-TCP:V=4.20%I=7%D=12/24%Time=476F3D7F%P=i686-pc-windows-windows%r

SF:(GetRequest,94F,"HTTP/1.1x20400x20Badx20Request
Date:x20Mon,x2

SF:024x20Decx202007x2000:02:35x20GMT
Pragma:x20no-cache
Cache-C

SF:ontrol:x20no-cache
Content-Type:x20text/html;x20charset="UTF-8"

SF:
Pragma:x20no-cache
Cache-control:x20no-cache
Content-Length

SF::x202143
Proxy-Connection:x20close

<!DOCTYPEx20htmlx20PUB

SF:LICx20"-//W3C//DTDx20HTMLx204.01x20Transitional//EN"x20"http:/

SF:/www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<metax20http-equ

SF:iv="Content-Type"x20content="text/html;x20charset=UTF-8">
<title

SF:>Thex20requestedx20URLx20couldx20notx20bex20retrieved</title>
<l

SF:inkx20href="http://passthrough.fw-notify.net/static/default.css"\n
SF:x20rel="stylesheet"x20type="text/css">
<scriptx20type="text/jav

SF:ascript"x20src="http://passthrough.fw-notify.net/static/default.j

SF:s"></script>
</head>
<bodyx20onLoad="checkResize()"><divx20id=

SF:"emsg_large"></div><tablex20class="table_white"x20cellpadding="1

SF:0"x20cellspacing="0"x20border="0">
<trx20class="table_white"

SF:><tdx20align="center">
<imgx20src="http://passthrough.fw-notify\n
SF:.net")%r(HTTPOptions,94F,"HTTP/1.1x20400x20Badx20Request
Date:x

SF:20Mon,x2024x20Decx202007x2000:02:35x20GMT
Pragma:x20no-cache

SF:
Cache-Control:x20no-cache
Content-Type:x20text/html;x20charset=

SF:"UTF-8"
Pragma:x20no-cache
Cache-control:x20no-cache
Conte

SF:nt-Length:x202143
Proxy-Connection:x20close

<!DOCTYPEx20ht

SF:mlx20PUBLICx20"-//W3C//DTDx20HTMLx204.01x20Transitional//EN"x2

SF:0"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<metax2

SF:0http-equiv="Content-Type"x20content="text/html;x20charset=UTF-8"

SF:>
<title>Thex20requestedx20URLx20couldx20notx20bex20retrieved</t

SF:itle>
<linkx20href="http://passthrough.fw-notify.net/static/defaul

SF:t.css"x20rel="stylesheet"x20type="text/css">
<scriptx20type=\n
SF:"text/javascript"x20src="http://passthrough.fw-notify.net/static/d

SF:efault.js"></script>
</head>
<bodyx20onLoad="checkResize()"><d

SF:ivx20id="emsg_large"></div><tablex20class="table_white"x20cellpa

SF:dding="10"x20cellspacing="0"x20border="0">
<trx20class="tabl

SF:e_white"><tdx20align="center">
<imgx20src="http://passthrough.f

SF:w-notify.net");



HTTP-Proxy

==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============

SF-Port8080-TCP:V=4.20%I=7%D=12/24%Time=476F3D7F%P=i686-pc-windows-windows

SF:%r(GetRequest,94F,"HTTP/1.1x20400x20Badx20Request
Date:x20Mon,\n
SF:x2024x20Decx202007x2000:02:35x20GMT
Pragma:x20no-cache
Cache

SF:-Control:x20no-cache
Content-Type:x20text/html;x20charset="UTF-8

SF:"
Pragma:x20no-cache
Cache-control:x20no-cache
Content-Leng

SF:th:x202143
Proxy-Connection:x20close

<!DOCTYPEx20htmlx20P

SF:UBLICx20"-//W3C//DTDx20HTMLx204.01x20Transitional//EN"x20"http

SF:://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<metax20http-e

SF:quiv="Content-Type"x20content="text/html;x20charset=UTF-8">
<tit

SF:le>Thex20requestedx20URLx20couldx20notx20bex20retrieved</title>


SF:<linkx20href="http://passthrough.fw-notify.net/static/default.css\n
SF:"x20rel="stylesheet"x20type="text/css">
<scriptx20type="text/j

SF:avascript"x20src="http://passthrough.fw-notify.net/static/default\n
SF:.js"></script>
</head>
<bodyx20onLoad="checkResize()"><divx20i

SF:d="emsg_large"></div><tablex20class="table_white"x20cellpadding=\n
SF:"10"x20cellspacing="0"x20border="0">
<trx20class="table_white

SF:"><tdx20align="center">
<imgx20src="http://passthrough.fw-notif

SF:y.net")%r(HTTPOptions,94F,"HTTP/1.1x20400x20Badx20Request
Date:

SF:x20Mon,x2024x20Decx202007x2000:02:35x20GMT
Pragma:x20no-cache

SF:
Cache-Control:x20no-cache
Content-Type:x20text/html;x20charse

SF:t="UTF-8"
Pragma:x20no-cache
Cache-control:x20no-cache
Con

SF:tent-Length:x202143
Proxy-Connection:x20close

<!DOCTYPEx20

SF:htmlx20PUBLICx20"-//W3C//DTDx20HTMLx204.01x20Transitional//EN"\n
SF:x20"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta\n
SF:x20http-equiv="Content-Type"x20content="text/html;x20charset=UTF-8

SF:">
<title>Thex20requestedx20URLx20couldx20notx20bex20retrieved<

SF:/title>
<linkx20href="http://passthrough.fw-notify.net/static/defa

SF:ult.css"x20rel="stylesheet"x20type="text/css">
<scriptx20type

SF:="text/javascript"x20src="http://passthrough.fw-notify.net/static

SF:/default.js"></script>
</head>
<bodyx20onLoad="checkResize()">

SF:<divx20id="emsg_large"></div><tablex20class="table_white"x20cell

SF:padding="10"x20cellspacing="0"x20border="0">
<trx20class="ta

SF:ble_white"><tdx20align="center">
<imgx20src="http://passthrough\n
SF:.fw-notify.net");

 

TOP

Malware :

Exploits :