#################################################################################### # unix.uxe (~2001/05/25) WWW Unix related WWW Vulnerabilities scan rule for arirang. # (this scan rule use a GET method and /cgi-bin .) # # (c) 2000-2001 by pilot # http://www.monkey.org/~pilot # pilot@monkey.org # #################################################################################### 200 OK-> GET :/cgi-bin/lasso.cgi^lasso.cgi;; 200 OK-> GET :/cgi-bin/rwwwshell.pl^THC Web Backdoor(rwwwshell.pl);; 200 OK-> GET :/cgi-bin/unlg1.1^Un1G Web Backdoor(un1g1.1);; 200 OK-> GET :/cgi-bin/unlg1.2^Un1G Web Backdoor(un1g1.2);; 200 OK-> GET :/cgi-bin/phf^PHF(phf);; 200 OK-> GET :/cgi-bin/phf.cgi^PHF(phf.cgi);; 200 OK-> GET :/cgi-bin/test-cgi^test-cgi;; 200 OK-> GET :/cgi-bin/finger^Local host finger (finger);; 200 OK-> GET :/cgi-bin/Count.cgi^Count.cgi bof(Count.cgi);; 200 OK-> GET :/cgi-bin/jj^Escape to a shell(jj);; 200 OK-> GET :/cgi-bin/day5datacopier.cgi^IRIX(day5datacopier.cgi);; 200 OK-> GET :/cgi-bin/day5datanotifier.cgi^IRIX(day5datanotifier.cgi);; 200 OK-> GET :/cgi-bin/php.cgi^bof(php.cgi);; 200 OK-> GET :/cgi-bin/php^php;; 200 OK-> GET :/cgi-bin/nph-test-cgi^nph-test-cgi;; 200 OK-> GET :/cgi-bin/nph-publish^nph-publish;; 200 OK-> GET :/cgi-bin/handler^IRIX(handler);; 200 OK-> GET :/cgi-bin/webdist.cgi^IRIX(webdist.cgi);; 200 OK-> GET :/cgi-bin/wrap.cgi^IRIX(wrap.cgi);; 200 OK-> GET :/cgi-bin/AnyForm2^AnyForm2 ;; 200 OK-> GET :/cgi-bin/webgais^web sendmail security hole(webgais);; 200 OK-> GET :/cgi-bin/websendmail^web sendmail security hole(websendmail);; 200 OK-> GET :/cgi-bin/faxsurvey^faxsurvey;; 200 OK-> GET :/cgi-bin/htmlscript^htmlscript;; 200 OK-> GET :/cgi-bin/pfdisplay.cgi^IRIX(pfdisplay.cgi);; 200 OK-> GET :/cgi-bin/perl.exe^shell execute perl.exe;; 200 OK-> GET :/cgi-bin/wwwboard.pl^WebBoard(wwwboard.pl);; 200 OK-> GET :/cgi-bin/www-sql^www-sql;; 200 OK-> GET :/cgi-bin/view-source^SCO(view-source);; 200 OK-> GET :/cgi-bin/campas^campas;; 200 OK-> GET :/cgi-bin/aglimpse^Glimpse HTTP security hole(aglimpse);; 200 OK-> GET :/cgi-bin/glimpse^Glimpse HTTP security hole(glimpse);; 200 OK-> GET :/cgi-bin/man.sh^man.sh;; 200 OK-> GET :/cgi-bin/AT-admin.cgi^Excite 1.1(AT-admin.cgi);; 200 OK-> GET :/cgi-bin/AT-generate.cgi^Excite 1.1(AT-generate.cgi);; 200 OK-> GET :/cgi-bin/filemail.pl^filemail.pl;; 200 OK-> GET :/cgi-bin/maillist.pl^maillist.pl;; 200 OK-> GET :/cgi-bin/info2www^info2www;; 200 OK-> GET :/cgi-bin/files.pl^files.pl;; 200 OK-> GET :/cgi-bin/bnbform.cgi^bnbform.cgi;; 200 OK-> GET :/cgi-bin/survey.cgi^survey.cgi;; 200 OK-> GET :/cgi-bin/textcounter.pl^textcounter.pl;; 200 OK-> GET :/cgi-bin/classifieds.cgi^classifieds.cgi;; 200 OK-> GET :/cgi-bin/environ.cgi^environ.cgi;; 200 OK-> GET :/cgi-bin/wrap^wrap;; 200 OK-> GET :/cgi-bin/cgiwrap^cgiwrap;; 200 OK-> GET :/cgi-bin/edit.pl^edit.pl;; 200 OK-> GET :/cgi-bin/perl^perl;; 200 OK-> GET :/domcfg.nsf^Lotus Note(domcfg.nsf);; 200 OK-> GET :/today.nsf^Lotus Note(today.nsf);; 200 OK-> GET :/names.nsf^Lotus Note(names.nsf);; 200 OK-> GET :/catalog.nsf^Lotus Note(catalog.nsf);; 200 OK-> GET :/log.nsf^Lotus Note(log.nsf) ;; 200 OK-> GET :/domlog.nsf^Lotus Note(domlog.nsf);; 200 OK-> GET :/cgi-bin/Xrun.cgi^Lotus Note(Xrun.cgi);; 200 OK-> GET :/cgi-bin/webgais^Gais tool(webgais);; 200 OK-> GET :/cgi-bin/dumpenv.pl^Sambar Server(dumpenv.pl);; 200 OK-> GET :/adminlogin?RCpage=/sysadmin/index.stm^adminlogin;; 200 OK-> GET :/test/test.cgi^Cobalt RaQ2 server(test.cgi);; 200 OK-> GET :/scripts/submit.cgi^Cobalt RaQ2 server(submit.cgi) A;; 200 OK-> GET :/users/scripts/submit.cgi^Cobalt RaQ2 server(submit.cgi) B;; 200 OK-> GET :/cgi-bin/guestbook.cgi^guestbook.cgi;; 200 OK-> GET :/cgi-bin/guestbook.pl^guestbook.pl ;; 200 OK-> GET :/cgi-bin/cachemgr.cgi^Redhat 6(cachemgr.cgi) ;; 200 OK-> GET :/cgi-bin/whois_raw.cgi^whois_raw.cgi ;; 200 OK-> GET :/cgi-bin/responder.cgi^Mac HTTP(responder.cgi) ;; 200 OK-> GET :/cgi-bin/perlshop.cgi^Shopping Carts(perlshop.cgi);; 200 OK-> GET :/ncl_items.html?SUBJECT=2097^Tektronix Webserver(ncl_items.html);; 200 OK-> GET :/cgi-bin/webwho.pl^webwho.pl;; 200 OK-> GET :/manage/cgi/cgiproc^Nortel Contivity DoS,view(cgiproc) ;; 200 OK-> GET :/cgi-bin/query^AltaVista Search Engine(query);; 200 OK-> GET :/cgi-bin/w3-msql^w3-msql;; 200 OK-> GET :/cgi-bin/search.cgi?letter=^Home Free CGI(search.cgi);; 200 OK-> GET :/cgi-bin/plusmail^PowerScripts PlusMail(plusmail);; 200 OK-> GET :/cgi-bin/.cobalt/siteUserMod/siteUserMod.cgi^Cobalt(siteUserMod.cgi) ;; 200 OK-> GET :/cgi-bin/htsearch^Htdig <= 3.1.4(htsearch);www.htdig.org; 200 OK-> GET :/cgi-bin/loadpage.cgi^EZ Shopper 3.0(loadpage.cgi) ;; 200 OK-> GET :/cgi-bin/rpm_query^OpenLinux(rpm_query);; 200 OK-> GET :/cgi-bin/infosrch.cgi^IRIX 6.5(infosrch.cgi);; 200 OK-> GET :/publisher^Netscape Web Publishing(publisher);; 200 OK-> GET :/PSUser/PSCOErrPage.htm^PublishingXpert 2.*(PSCOErrPage.htm);; 200 OK-> GET :/cgi-bin/getdoc.cgi^Infonautics(getdoc.cgi);; 200 OK-> GET :/cgi-bin/bizdb1-search.cgi^BizDB Search(bizdb1-search.cgi);; 200 OK-> GET :/cgi-bin/htsearch?config=aaa^htDig path reveals;; 200 OK-> GET :/piranha/secure/passwd.php3^Redhat 6.2 backdoor(passwd.php3);; 500-> GET :/piranha/secure/passwd.php3^Redhat 6.2 backdoor(passwd.php3);; 401-> GET :/piranha/secure/passwd.php3^Redhat 6.2 backdoor(passwd.php3);; 200 OK-> GET :/ultraboard.pl^UltraBoard(ultraboard.pl),DoS;; 200 OK-> GET :/cgi-bin/ultraboard.cgi^UltraBoard(ultraboard.cgi);; 200 OK-> GET :/scripts/dbman/db.cgi^Gossamer Threads DBMan(db.cgi);; 200 OK-> GET :/cgi-bin/formmail.cgi^Matt Wright FormMail(formmail.cgi);; 200 OK-> GET :/cgi-bin/dnewsweb.cgi^DNews Web bof(dnewsweb.cgi);; 200 OK-> GET :/cgi-bin/dmailweb.cgi^DMail Web bof(dmailweb.cgi) ;; 200 OK-> GET :/cgi-bin/calender.pl^Matt Kruse Calendar(calender.pl);; 200 OK-> GET :/cgi-bin/calender_admin.pl^Matt Kruse Calendar(calender_admin.pl);; 200 OK-> GET :/cgi-bin/allmanage.pl^Allmanage(allmanage.pl) ;; 200 OK-> GET :/cgi-bin/allmanageup.pl^Allmanage(allmanageup.pl) ;; 200 OK-> GET :/cgi-bin/ssi^thttpd web server(ssi);; 200 OK-> GET :/adpassword.txt^Banner Rotation 01(adpassword.txt) ;; 200 OK-> GET :/cgi-bin/redirect.cgi^PDGSoft Shopping Cart(redirect.cgi) ;; 200 OK-> GET :/cgi-bin/changepw.cgi^PDGSoft Shopping Cart(changepw.cgi);; 200 OK-> GET :/cgi-bin/counterfiglet/nc/f^George Burgyan counter 4.0.7 ;; 200 OK-> GET :/cgi-bin/mdma.bat^Savant expose CGI (mdma.bat) ;; 200 OK-> GET :/cgi-auth/userreg.cgi^MailStudio2000 ver <=2.0 (userreg.cgi);; 200 OK-> GET ::8987/sawmill^Sawmill file and password (sawmill) ;; 200 OK-> GET :/cgi-bin/search/tidfinder.cgi?2956734^NetWare Netscape Server (tidfinder.cgi);; 200 OK-> GET :/cgi-bin/view_page.html^MiniVend Security Hole (view_page.html);; 200 OK-> GET :/admin-serv/config/admpw^Netscape Admin password (admpw);; 200 OK-> GET :/cgi-bin/cvsweb/cvsweb.cgi^Cvsweb 1.80 Security Hole (cvsweb.cgi);; 200 OK-> GET :/cgi-bin/pollit/Poll_It_SSI_v2.0.cgi?data_dir=/bin/ls%00^Poll It v2.0 (Poll_It_SSI_v2.0.cgi) ;; 200 OK-> GET :/examples/applications/bboard/bboard_frames.html^Sun Java Web Server(bboard_frames.html);; 200 OK-> GET :/pservlet.html^Sun Jave Web Servets (pservlet.html);; 200 OK-> GET :/login.jsp^WebSphere<=3.0.21 Showcode(login.jsp);; 200 OK-> GET :/ConsoleHelp/login.jsp^Weblogic SSIServlet Showcode(login.jsp);; 200 OK-> GET :/pccsmysqladm/incs/dbconnect.inc^PCCS<1.2.5 Mysql password dbconnect.inc);; 200 OK-> GET :/cgi-bin/admin/admin^Solaris AnswerBook2(admin);; 200 OK-> GET :/cgi-bin/netauth.cgi^Netauth<=4.2 (netauth.cgi);; 200 OK-> GET :/cgi-bin/htgrep^HtGrep CGI file view(htgrep);; 200 OK-> GET :/cgi-bin/wais.pl^wais.pl file view(wais.pl) ;; 200 OK-> GET :/admin.php3?admin=anything^PHP-NUKE<=2.5(admin.php3) ;; 200 OK-> GET :/cgi-bin/amlite/amadmin.pl^Account Manger 1.0(amadmin.pl);; 200 OK-> GET :/cgi-bin/subscribe.pl^subscribe Me Lite 2.0(subscribe.pl);; 200 OK-> GET :/cgi-bin/news/news.cgi^News Publisher(news.cgi);; 200 OK-> GET :/cgi-bin/awl/auctionweaver.pl^Auction_Weaver(auctionweaver.pl);; #directory and log 200 OK-> GET :/admin/^/admin/;; 403-> GET :/admin/^/admin/;; 200 OK-> GET :/administrator/^/administrator/;; 403-> GET :/administrator/^/administrator/;; 200 OK-> GET :/download/^/download/;; 200 OK-> GET :/downloads/^/downloads/;; 200 OK-> GET :/data/^/data/;; 200 OK-> GET :/db/^/db/;; 200 OK-> GET :/include/^/include/;; 200 OK-> GET :/includes/^/includes/;; 200 OK-> GET :/programs/^/programs/;; 200 OK-> GET :/incoming/^/incoming/;; 200 OK-> GET :/ftp/^/ftp/;; 200 OK-> GET :/work/^/work/;; 200 OK-> GET :/backup/^/backup/;; 200 OK-> GET :/docs/^/docs/;; 200 OK-> GET :/bbs/^/bbs/;; 200 OK-> GET :/bbs/data/^/bbs/data/;; 200 OK-> GET :/down/^/down/;; 200 OK-> GET :/bbs/admin/config/^/bbs/admin/config/;; 200 OK-> GET :/bbs/admin/^/bbs/admin/;; 200 OK-> GET :/bbs/include/^/bbs/include/;; 200 OK-> GET :/.htaccess/^/.htaccess/;; 200 OK-> GET :/.htpasswd/^/.htpasswd/;; 200 OK-> GET :/htdocs/^/htdocs/;; 200 OK-> GET :/bbs/db/^/bbs/db/;; 200 OK-> GET :/manual/^/manual/;; 200 OK-> GET :/misc/^/misc/;; 200 OK-> GET :/mp3/^/mp3/;; 200 OK-> GET :/cgi-bin/Board/db/^/cgi-bin/Board/db/;; 200 OK-> GET :/sex/^/sex/;; 200 OK-> GET :/porno/^/porno/;; 200 OK-> GET :/img/^/img/;; 200 OK-> GET :/image/^/image/;; 200 OK-> GET :/images/^/images/;; 200 OK-> GET :/server-info/^apache mod_info;; 200 OK-> GET :/server-status/^apache mod_status;; 200 OK-> GET :/php3/^/php3/;; 200 OK-> GET :/php/^/php/;; 200 OK-> GET :/php4/^/php4/;; 200 OK-> GET :/pds/^/pds/;; 200 OK-> GET :/inc/^/inc/;; 200 OK-> GET :/include/inc/^/include/inc/;; 200 OK-> GET :/private/^/private/;; 200 OK-> GET :/private/.htpasswd^/private/.htpasswd;; 200 OK-> GET :/public/^/public/;; 200 OK-> GET :/girls/^/girls/;; 200 OK-> GET :/girl/^/girl/;; 200 OK-> GET :/secret/^/secret/;; 200 OK-> GET :/secrets/^secrets/;; 200 OK-> GET :/files/^/files/;; 200 OK-> GET :/file/^/file/;; 200 OK-> GET :/forum/^/forum/;; 200 OK-> GET :/dbase/^/dbase/;; 200 OK-> GET :/sql/^/sql/;; 200 OK-> GET :/mysql/^/mysql/;; 200 OK-> GET :/msql/^/msql/;; 200 OK-> GET :/source/^/source/;; 200 OK-> GET :/sources/^/sources/;; 200 OK-> GET :/test/^/test/;; 200 OK-> GET :/config/^/config/;; 200 OK-> GET :/setting/^/setting/;; 200 OK-> GET :/set/^/set/;; 200 OK-> GET :/hire/^/hire/;; 200 OK-> GET :/customer/^/customer/;; 200 OK-> GET :/card/^/card/;; 200 OK-> GET :/number/^/number/;; 200 OK-> GET :/telephone/^/telephone/;; 200 OK-> GET :/phone/^/phone/;; 200 OK-> GET :/ideas/^/ideas/;; 200 OK-> GET :/idea/^/idea/;; 200 OK-> GET :/linux/^/linux/;; 200 OK-> GET :/library/^/library/;; 200 OK-> GET :/lib/^/lib/;; 200 OK-> GET :/tool/^/tool/;; 200 OK-> GET :/tools/^/tools/;; 200 OK-> GET :/document/^/document/;; 200 OK-> GET :/documents/^/documents/;; 200 OK-> GET :/setup/^/setup/;; 200 OK-> GET :/install/^/install/;; 200 OK-> GET :/program/^/program/;; 200 OK-> GET :/programming/^/programming/;; 200 OK-> GET :/devel/^/devel/;; 200 OK-> GET :/database/^/database/;; 200 OK-> GET :/databases/^/databases/;; 200 OK-> GET :/accept/^/accept/;; 200 OK-> GET :/deny/^/deny/;; 200 OK-> GET :/ports/^/ports/;; 200 OK-> GET :/temp/^/temp/;; 200 OK-> GET :/temporary/^temporary;; #snort 200 OK-> GET :/snort2html.html^snort(/snort2html) log;; 200 OK-> GET :/html/snort2html.html^snort(/html/snort2html) log;; 200 OK-> GET :/acid/acid_main.php^snort(/acid/acid_main.php);; 200 OK-> GET :/acid/^snort(/acid);; #mrtg & snmp 200 OK-> GET :/mrtg/^MRTG(/mrtg/);; 200 OK-> GET :/snmp/^SNMP(/snmp/);; 200 OK-> GET :/usage/^/usage/;; #log 200 OK-> GET :/Stats/^/Stats/;; 200 OK-> GET :/cache-stats/^/cache-stats/;; 200 OK-> GET :/log/^/log/;; 200 OK-> GET :/logfile/^/logfile/;; 200 OK-> GET :/logfiles/^/logfiles/;; 200 OK-> GET :/logger/^/logger/;; 200 OK-> GET :/logging/^/logging/;; 200 OK-> GET :/logs/^/logs/;; 200 OK-> GET :/logs/access_log^/logs/access_log;; 200 OK-> GET :/server_stats/^/lserver_stat/;; 200 OK-> GET :/stat/^/stat/;; 200 OK-> GET :/statistics/^/statistics/;; 200 OK-> GET :/stats/^/stats/;; 200 OK-> GET :/weblog/^/weblog/;; 200 OK-> GET :/weblogs/^/weblogs/;; 200 OK-> GET :/webstats/^/webstats/;; 200 OK-> GET :/wstats/^/wstats/;; 200 OK-> GET :/wwwlog/^/wwwlog/;; 200 OK-> GET :/wwwstats/^/wwwstats/;; 200 OK-> GET :/access-log^/access-log;; 200 OK-> GET :/access.log^/access.log;; 200 OK-> GET :/log.htm^/log.htm;; 200 OK-> GET :/log.html^/log.html;; 200 OK-> GET :/log.txt^/log.txt;; 200 OK-> GET :/logfile^/logfile;; 200 OK-> GET :/logfile.htm^/logfile.htm;; 200 OK-> GET :/logfile.html^/logifle.html;; 200 OK-> GET :/logfile.txt^/logfile.txt;; 200 OK-> GET :/logger.html^/logger.html;; 200 OK-> GET :/stat.htm^/stat.htm;; 200 OK-> GET :/stats.htm^/stats.htm;; 200 OK-> GET :/stats.html^/stats.html;; 200 OK-> GET :/stats.txt^/stats.txt;; 200 OK-> GET :/webaccess.htm^/webaccess.htm;; 200 OK-> GET :/wwwstats.html^/wwwstats.html;; #end log 200 OK-> GET :/site/eg/source.asp^apache::asp (source.asp);; 200 OK-> GET :/cgi-bin-sdb^Suse <=6.4 (/cgi-bin-sdb);; 200 OK-> GET :/secret/secret/add-user.shmtl^Suse (add-user.shtml);; 200 OK-> GET :/secret/secret/sql_tool.shtml^Suse (sql_tool.shtml) ;; 200 OK-> GET :/secret/secret/change-passwd.shtml^Suse (change-passwd.shtml);; 200 OK-> GET :/phpPhotoAlbum/explorer.php^phpPhotoAlbum 0.99 (explorer.php);; 200 OK-> GET :/perl^Mandrake <=7.1 (/perl);; 200 OK-> GET :/cgi-bin/mailto.cgi^Johnson (mailto.cgi);; 200 OK-> GET :/search97cgi/vtopic^SCO Unixware7.0 (/search97cgi/vtopic);; 200 OK-> GET :/cgi-bin/YaBB.pl^YaBB File read(YABB.pl);; 200 OK-> GET :/cgi-bin/mailform.pl^MailForm 2.0 (mailform.pl);; 200 OK-> GET :/Newuser?Image=../../database/rbsserv.mdb^Extent RBS (rbsserv.mdb);; 200 OK-> GET :/cgi-bin/webplus.cgi?Script=/webplus/webping/webping.wml^Talentsoft Web+ (webplus.cgi) ;; 200 OK-> GET :/cgi-bin/webdata.cgi^WebTeacher WebData(webdata.cgi);; 200 OK-> GET :/cgi-bin/cached_feed.cgi^Moreover (cached_feed.cgi);; 200 OK-> GET :/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/etc/motd^Boa Webserver 0.94.2.x;; 200 OK-> GET :/cgi-bin/mailfile.cgi^MailFile (mailfile.cgi);; 200 OK-> GET ://WEB-INF/^Allaire JRun 3.0 Dic (//Web-INF/) ;; 200 OK-> GET :/servlet/com.livesoftware.jrun.plugins.jsp.JSP^Allaire JRun 2.3 multiple (servlet) A;; 200 OK-> GET :/servlet/com.livesoftware.jrun.plugins.ssi.SSIFilter^Allaire JRun 2.3 multiple (servlet) B;; 200 OK-> GET :/exec/show/config/cr^Cisco Catalyst3500(/exec/show/config/cr);; 200 OK-> GET :/cgi-bin/global.cgi^*BSD Global Port (global.cgi) ;; 200 OK-> GET :/cgi-bin/pagelog.cgi^Pagelog (pagelog.cgi);; 200 OK-> GET :/cgi-bin/scripts/whois.cgi?action=load&whois=check^KW Whois (whois.cgi);; 200 OK-> GET :/servlet/com.unify.ewave.servletexec.UploadServlet^Unify eWave ServletExec;; 200 OK-> GET ::2301/survey^Compaq Management (/survey);; 200 OK-> GET :/cgi-bin/Search.pl^YaBB Search.pl (Search.pl);; 200 OK-> GET :/cgi-bin/gbook/gbook.cgi?_MAILTO=check;id^Bill Kendrick GBook (gbook.cgi);; 200 OK-> GET :/cgi-bin/bb-hist.sh^BigBrother remote account(bb-hist.sh);; 200 OK-> GET :/cgi-bin/build.cgi^Adcycle Password (build.cgi);; 200 OK-> GET :/cgi-bin/cgiforum.pl^CGIForum File Dislosure( cgiforum.pl);; 200 OK-> GET :/forum/common.php^Phorum File Read(common.php) A;; 200 OK-> GET :/phorum/common.php^Phorum File Read(common.php) B ;; 200 OK-> GET :/index.php3?vhosts[test]=^Twig Remote Script Execution(index.php3);; 200 OK-> GET :/cgi-bin/db2www/library/document.d2w/show^IBM Net.Data Path(show);; 200 OK-> GET :/includes/global.inc^Trlinux Webmail(global.inc);; 200 OK-> GET :/submit.php?CONF=anything^phpWebLog Admin bypass(submit.php) ;; 200 OK-> GET ::8765/index.html^Inktomi Search(:8765/index.html) ;; 200 OK-> GET ::8765/example/^Inktomi Search(:8765/example/);; 200 OK-> GET :/phpgroupware/inc/phpgwapi/phpgw.inc.php^phpGroupWare Include File(phpgw.inc.php);; 200 OK-> GET :/cgi-bin/mmstdod.cgi?ALTERNATE_TEMPLATES=^MailMan WebMail(mmstdod.cgi) ;; 200 OK-> GET :/cgi-bin/ad.cgi^Leif M.Wright (ad.cgi);; 200 OK-> GET :/cgi-bin/simplestmail.cgi^Leif M.Wright (simplestmail.cgi);; 200 OK-> GET :/cgi-bin/everythingform.cgi^Leif M.Wright (everythingform.cgi);; 200 OK-> GET :/cgi-bin/simplestguest.cgi^Leif M.Wright (simplestguest.cgi);; 200 OK-> GET :/cgi-bin/ezshopper3/loadpage.cgi^EZShooper3 dir Disclosure(loadpage.cgi)A;; 200 OK-> GET :/cgi-bin/ezshopper2/loadpage.cgi^EZshooper2 dir Disclosure(loadpage.cgi)B;; 200 OK-> GET :/.jpilot/^jpilot World Readable(/.jpilot/);; 200 OK-> GET :/subscribe.pl?test@test.com^SubscribeME Admin Access(/subscripbe.pl);; 200 OK-> GET :/WSFTP.LOG^WSFTP Log file (/WSFTP.LOG);; 200 OK-> GET :/index.html~^vim backup file(/index.html~) ;; 200 OK-> GET :/index.php~^vim backup file(/index.php~) ;; 200 OK-> GET :/index.html.bak^sambar client backup(/index.html.bak);; 200 OK-> GET :/index.php.bak^sambar client backup(/index.php.bak);; 200 OK-> GET :/technote/main.cgi/oops?board=FREE_BOARD&command=down_load&filename=/../../../main.cgi^techonote file read(/technote/main.cgi);http://www.technote.co.kr; 200 OK-> GET :/technote/print.cgi^techonote file read(/technote/print.cgi);http://www.technote.co.kr; 200 OK-> GET :/cgi-bin/register.cgi^ikonboard(register.cgi);; 200 OK-> GET :/cgi-bin/newsdesk.cgi?t=../pass.txt^newsdesk.cgi File read(newsdesk.cgi);; 200 OK-> GET :/cgi-bin/webdriver^Webdriver remote admin(webdriver);; 200 OK-> GET :/cgi-bin/bbs_forum.cgi^eXtropia bbs_forum.cgi(bbs_forum.cgi) ;; 200 OK-> GET :/class/mysql.class^Basilix Webmail(mysql.class);; 200 OK-> GET :/inc/sendmail.inc^Basilix Webmail(sendmail.inc);; 200 OK-> GET :/setpasswd.cgi^Interscan VirusWall(/setpasswd.cgi);; 200 OK-> GET :/scancfg.cgi^Interscan VirusWall(/scancfg.cgi);; 200 OK-> GET :/cgi-bin/CrazyWWWBoard.cgi^qDecoder bof(CrazyWWWBoard.cgi);http://www.nobreak.com; 200 OK-> GET :/cgi-bin/empower?DB=UkRteamHole^Muscat Path (empower) ;; 200 OK-> GET :/cgi-bin/pals-cgi^WebPALS remote execute(pals-cgi);; 200 OK-> GET :/ROADS/cgi-bin/search.pl^Martin ROADS file disclosure(search.pl) ;; 200 OK-> GET :/way-board/way-board.cgi^Way-Board 2.0 file read(way-board.cgi);; 200 OK-> GET :/cgi-bin/replicator/webpage.cgi^WebPage.cgi(webpage.cgi) ;; 200 OK-> GET :/cgi-bin/auktion.pl^HIS Auktion 1.62(auktion.pl);; 200 OK-> GET :/opendir.php?requesturl=/etc/passwd^PHP-NUKE(opendir.php) ;; 200 OK-> GET :/cgi-bin/webspirs.cgi^WebSPIRS file disclosure(webspirs.cgi);; 200 OK-> GET :/cgi-bin/commerce.cgi?page=check^Carey Commerce.cgi(commerce.cgi);; 200 OK-> GET :/cgi-bin/store.cgi?StartID=../etc/hosts%00.html^ES.One file read(store.cgi) ;; 200 OK-> GET :/cgi-bin/ipf/etc/gfw/ui/pwd.dat^ipfilter cgi password(pwd.dat);; 200 OK-> GET :/cgi-bin/hsx.cgi^Hyperseek 2000 file read(hsx.cgi);; 200 OK-> GET :/cgi-bin/mailnews.cgi^mailnews(mailnews.cgi);; 200 OK-> GET :/cgi-bin/adcycle^adcycle;; 200 OK-> GET :/caspsamp/codebrws.asp?source=/caspsamp/../admin/conf/service.pwd^chilisoft ASP(codebrws.asp);http://www.chilisoft.com; 200 OK-> GET :/caspsamp/codebrws.asp?source=/caspsamp/../global_odbc.ini^chilisoft ASP(codebrws.asp);http://www.chilisoft.com; 200 OK-> GET :/caspsamp/codebrws.asp?source=/caspsamp/../admin/logs/server^chilisoft ASP(codebrws.asp);http://www.chilisoft.com; 200 OK-> GET :/caspsamp/codebrws.asp?source=/caspsamp/../LICENSE.LIC^chilisoft ASP(codebrws.asp);http://www.chilisoft.com; 200 OK-> GET :/caspsamp/codebrws.asp?source=/caspsamp/../logs/server-3000^chilisoft ASP(codebrws.asp);http://www.chilisoft.com; 200 OK-> GET :/user.php&op=saveuser^PHPNUKE(user.php);http://www.phpnuke.org; 200 OK-> GET :/banners.php?op=Change^PHPNUKE(banners.php);http://www.phpnuke.org; 200 OK-> GET :/cgi-bin/post-query^post-query (CGI) buffer overflow;; 200 OK-> GET :/cgi-bin/ikonboard/help.cgi^Ikonboard v2.1.7b(help.cgi);http://www.ikonboard.com; 200 OK-> GET :/cgi-bin/s.cgi?q=a&tmpl=check^Aspseek buffer overflow(s.cgi);www.aspseek.org; 200 OK-> GET ::8080/examples/jsp/num/numguess.js%70^Tomcat source(numguess.js);http://jakarta.apache.org/tomcat/; 200 OK-> GET ::8080/index.js%2570^Tomcat source(index.js%2570);http://jakarta.apache.org/tomcat/; 200 OK-> GET :/cgi-bin/anacondaclip.pl?template=check^Anaconda show file(anacondaclip.pl);http://www.anaconda.net; 200 OK-> GET :/cgi-bin/webspirs.cgi^Webspirs(webspirs.cgi);; 200 OK-> GET :/cgi-bin/ustorekeeper.pl^ustorekeeper(ustorekeeper.pl);http://www.uburst.com; 200 OK-> GET :/cgi-bin/postings.cgi?action=reply&forum=&number=1&topic=000001.cgi&TopicSubject=&replyto=0^Ultimate Bulletin Board(postings.cgi);http://www.infopop.com/business/business_ubb.html; 200 OK-> GET :/cgi-bin/processit.pl^processit.pl;; 200 OK-> GET :/cgi-bin/nph-maillist.pl^nph-maillist.pl;; 200 OK-> GET :/cgi-bin/dcboard.cgi^DCForum(dcboard.cgi);www.dcscripts.com\n\thttp://www.dcscripts.com/FAQ/sec_2001_03_31.html; 200 OK-> GET :/cgi-bin/dcadmin.cgi^DCForum(dcadmin.cgi);www.dcscripts.com\n\thttp://www.dcscripts.com/FAQ/sec_2001_03_31.html; 200 OK-> GET :/cgi-bin/dcforumlib.pl^DCForum(dcforumlib.pl);www.dcscripts.com\n\thttp://www.dcscripts.com/FAQ/sec_2001_03_31.html; 200 OK-> GET :/cgi-bin/upload_file.pl^DCForum(upload_file.pl);www.dcscripts.com\n\thttp://www.dcscripts.com/FAQ/sec_2001_03_31.html; 200 OK-> GET :/cgi-bin/cal_make.pl^PerlCal(cal_make.pl);http://www.perlcal.com; ######### end (~2001/05/25 WWW Unix Vulnerabilities ) ##################### #Apache Chunk Handling bug check 400-> POST :/check.html HTTP/1.1\r\nHost: 192.168.1.1\r\nTransfer-Encoding: chunked\r\n\r\naaaaaaaaaaaa\r\n\r\n^this server apache chunk Vulnerability doesn't affect;;