Scan report for "www.carrier411.com"

Membership level: Free member
Nikto scan (max 60 sec) (nikto -host www.carrier411.com -maxtime 60)
- Nikto v2.5.0
---------------------------------------------------------------------------
+ Multiple IPs found: 104.18.14.240, 104.18.15.240, 2606:4700::6812:ff0, 2606:4700::6812:ef0
+ Target IP:          104.18.14.240
+ Target Hostname:    www.carrier411.com
+ Target Port:        80
+ Start Time:         2024-06-12 16:57:05 (GMT-4)
---------------------------------------------------------------------------
+ Server: cloudflare
+ /: IP address found in the '__cf_bm' cookie. The IP is "1.0.1.1".
+ /: IP address found in the 'set-cookie' header. The IP is "1.0.1.1". See: https://portswigger.net/kb/issues/00600300_private-ip-addresses-disclosed
+ /: An alt-svc header was found which is advertising HTTP/3. The endpoint is: ':443'. Nikto cannot test HTTP/3 over QUIC. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/alt-svc
+ /webcgi/cart32.exe: request cart32.exe/cart32clientlist.
+ /cgi-914/cart32.exe: request cart32.exe/cart32clientlist.
+ /cgi-sys/cart32.exe: request cart32.exe/cart32clientlist.
+ /cgi-home/cart32.exe: request cart32.exe/cart32clientlist.
+ /scgi-bin/cart32.exe: request cart32.exe/cart32clientlist.
+ /cgi.cgi/flexform: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article
+ /cgi-914/flexform: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article
+ /bin/flexform: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article
+ /cgi/flexform: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article
+ /ows-bin/flexform: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article
+ /cgi-sys/flexform: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article
+ /cgi-mod/flexform: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article
+ /webcgi/lwgate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-914/lwgate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /bin/lwgate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi/lwgate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /scripts/lwgate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /fcgi-bin/lwgate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /scgi-bin/lwgate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-bin-sdb/lwgate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-mod/lwgate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /webcgi/LWGate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi/LWGate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /ows-bin/LWGate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-win/LWGate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-home/LWGate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /scgi-bin/LWGate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-bin-sdb/LWGate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-mod/LWGate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /_vti_bin/shtml.exe: Attackers may be able to crash FrontPage by requesting a DOS device, like shtml.exe/aux.htm -- a DoS was not attempted. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0709
+ /webcgi/finger: finger other users, may be other commands?.
+ /cgi-914/finger: finger other users, may be other commands?.
+ /bin/finger: finger other users, may be other commands?.
+ /cgi-sys/finger: finger other users, may be other commands?.
+ /fcgi-bin/finger: finger other users, may be other commands?.
+ /cgi-home/finger: finger other users, may be other commands?.
+ /cgi-914/finger.pl: finger other users, may be other commands?.
+ /ows-bin/finger.pl: finger other users, may be other commands?.
+ /scripts/finger.pl: finger other users, may be other commands?.
+ /fcgi-bin/finger.pl: finger other users, may be other commands?.
+ /cgi-home/finger.pl: finger other users, may be other commands?.
+ /cgi-bin-sdb/finger.pl: finger other users, may be other commands?.
+ /cgi-mod/finger.pl: finger other users, may be other commands?.
+ /cgi.cgi/get32.exe: This can allow attackers to execute arbitrary commands remotely.
+ /webcgi/get32.exe: This can allow attackers to execute arbitrary commands remotely.
+ /cgi-914/get32.exe: This can allow attackers to execute arbitrary commands remotely.
+ /ows-bin/get32.exe: This can allow attackers to execute arbitrary commands remotely.
+ /fcgi-bin/get32.exe: This can allow attackers to execute arbitrary commands remotely.
+ /cgi-bin-sdb/get32.exe: This can allow attackers to execute arbitrary commands remotely.
+ /cgi-mod/get32.exe: This can allow attackers to execute arbitrary commands remotely.
+ /cgi.cgi/guestbook/passwd: GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file.
+ /webcgi/guestbook/passwd: GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file.
+ /cgi-914/guestbook/passwd: GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file.
+ /bin/guestbook/passwd: GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file.
+ /cgi-sys/guestbook/passwd: GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file.
+ /fcgi-bin/guestbook/passwd: GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file.
+ /cgi-home/guestbook/passwd: GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file.
+ /cgi-bin-sdb/guestbook/passwd: GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file.
+ /cgi-mod/guestbook/passwd: GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file.
+ /guestbook/guestbookdat: PHP-Gastebuch 1.60 Beta reveals sensitive information about its configuration.
+ /cgi.cgi/visadmin.exe: This CGI allows an attacker to crash the web server. Remove it from the CGI directory.
+ /cgi-914/visadmin.exe: This CGI allows an attacker to crash the web server. Remove it from the CGI directory.
+ /bin/visadmin.exe: This CGI allows an attacker to crash the web server. Remove it from the CGI directory.
+ /ows-bin/visadmin.exe: This CGI allows an attacker to crash the web server. Remove it from the CGI directory.
+ /scripts/visadmin.exe: This CGI allows an attacker to crash the web server. Remove it from the CGI directory.
+ /cgi-home/visadmin.exe: This CGI allows an attacker to crash the web server. Remove it from the CGI directory.
+ /cgi-mod/visadmin.exe: This CGI allows an attacker to crash the web server. Remove it from the CGI directory.
+ /cgi.cgi/guestbook.pl: May allow attackers to execute commands as the web daemon.
+ /cgi-914/guestbook.pl: May allow attackers to execute commands as the web daemon.
+ /bin/guestbook.pl: May allow attackers to execute commands as the web daemon.
+ /ows-bin/guestbook.pl: May allow attackers to execute commands as the web daemon.
+ /cgi-sys/guestbook.pl: May allow attackers to execute commands as the web daemon.
+ /cgi-bin-sdb/guestbook.pl: May allow attackers to execute commands as the web daemon.
+ /cgi.cgi/ss: Mediahouse Statistics Server may allow attackers to execute remote commands. Upgrade to the latest version or remove from the CGI directory.
+ /bin/ss: Mediahouse Statistics Server may allow attackers to execute remote commands. Upgrade to the latest version or remove from the CGI directory.
+ /cgi/ss: Mediahouse Statistics Server may allow attackers to execute remote commands. Upgrade to the latest version or remove from the CGI directory.
+ /fcgi-bin/ss: Mediahouse Statistics Server may allow attackers to execute remote commands. Upgrade to the latest version or remove from the CGI directory.
+ /cgi-home/ss: Mediahouse Statistics Server may allow attackers to execute remote commands. Upgrade to the latest version or remove from the CGI directory.
+ /cgi-bin-sdb/ss: Mediahouse Statistics Server may allow attackers to execute remote commands. Upgrade to the latest version or remove from the CGI directory.
+ /cgi-mod/ss: Mediahouse Statistics Server may allow attackers to execute remote commands. Upgrade to the latest version or remove from the CGI directory.
+ /cgi.cgi/architext_query.pl: Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands.
+ /webcgi/architext_query.pl: Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands.
+ /cgi-914/architext_query.pl: Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands.
+ /bin/architext_query.pl: Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands.
+ /cgi/architext_query.pl: Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands.
+ /ows-bin/architext_query.pl: Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands.
+ /fcgi-bin/architext_query.pl: Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands.
+ /cgi-home/architext_query.pl: Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands.
+ /vgn/performance/TMT: Vignette CMS admin/maintenance script available.
+ /vgn/performance/TMT/Report: Vignette CMS admin/maintenance script available.
+ /vgn/performance/TMT/Report/XML: Vignette CMS admin/maintenance script available.
+ /vgn/performance/TMT/reset: Vignette CMS admin/maintenance script available.
+ /vgn/ppstats: Vignette CMS admin/maintenance script available.
+ /vgn/record/previewer: Vignette CMS admin/maintenance script available.
+ /vgn/vr/Deleting: Vignette CMS admin/maintenance script available.
+ /vgn/vr/Select: Vignette CMS admin/maintenance script available.
+ /vgn/style: Vignette server may reveal system information through this file. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0401
+ /clusterframe.jsp: Macromedia JRun 4 build 61650 remote administration interface is vulnerable to several XSS attacks.
+ /bb-dnbd/faxsurvey: This may allow arbitrary command execution.
+ /scripts/tools/dsnform.exe: Allows creation of ODBC Data Source.
+ /PDG_Cart/order.log: PDG Commerce log found. See: http://zodi.com/cgi-bin/shopper.cgi?display=intro&template=Intro/commerce.html
+ /ows/restricted%2eshow: OWS may allow restricted files to be viewed by replacing a character with its encoded equivalent.
+ /bin/foxweb.exe: Foxweb 2.5 and below is vulnerable to a buffer overflow (not tested or confirmed). Verify Foxweb is the latest available version. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0762
+ /cgi/foxweb.exe: Foxweb 2.5 and below is vulnerable to a buffer overflow (not tested or confirmed). Verify Foxweb is the latest available version. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0762
+ /ows-bin/foxweb.exe: Foxweb 2.5 and below is vulnerable to a buffer overflow (not tested or confirmed). Verify Foxweb is the latest available version. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0762
+ /cgi-home/foxweb.exe: Foxweb 2.5 and below is vulnerable to a buffer overflow (not tested or confirmed). Verify Foxweb is the latest available version. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0762
+ /scgi-bin/foxweb.exe: Foxweb 2.5 and below is vulnerable to a buffer overflow (not tested or confirmed). Verify Foxweb is the latest available version. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0762
+ /cgi-mod/foxweb.exe: Foxweb 2.5 and below is vulnerable to a buffer overflow (not tested or confirmed). Verify Foxweb is the latest available version. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0762
+ /cgi.cgi/mgrqcgi: This CGI from Magic Enterprise 8.30-5 and earlier is vulnerable to multiple buffer overflows. Upgrade to 9.x.
+ /webcgi/mgrqcgi: This CGI from Magic Enterprise 8.30-5 and earlier is vulnerable to multiple buffer overflows. Upgrade to 9.x.
+ /ows-bin/mgrqcgi: This CGI from Magic Enterprise 8.30-5 and earlier is vulnerable to multiple buffer overflows. Upgrade to 9.x.
+ /fcgi-bin/mgrqcgi: This CGI from Magic Enterprise 8.30-5 and earlier is vulnerable to multiple buffer overflows. Upgrade to 9.x.
+ /cgi-mod/mgrqcgi: This CGI from Magic Enterprise 8.30-5 and earlier is vulnerable to multiple buffer overflows. Upgrade to 9.x.
+ /cgi-914/uploader.exe: This CGI allows attackers to upload files to the server and then execute them.
+ /bin/uploader.exe: This CGI allows attackers to upload files to the server and then execute them.
+ /cgi/uploader.exe: This CGI allows attackers to upload files to the server and then execute them.
+ /ows-bin/uploader.exe: This CGI allows attackers to upload files to the server and then execute them.
+ /cgi-sys/uploader.exe: This CGI allows attackers to upload files to the server and then execute them.
+ /fcgi-bin/uploader.exe: This CGI allows attackers to upload files to the server and then execute them.
+ /cgi-home/uploader.exe: This CGI allows attackers to upload files to the server and then execute them.
+ /cgi-mod/uploader.exe: This CGI allows attackers to upload files to the server and then execute them.
+ /cgi.cgi/fpsrvadm.exe: Potentially vulnerable CGI program.
+ /cgi-914/fpsrvadm.exe: Potentially vulnerable CGI program.
+ /bin/fpsrvadm.exe: Potentially vulnerable CGI program.
+ /cgi/fpsrvadm.exe: Potentially vulnerable CGI program.
+ /scripts/fpsrvadm.exe: Potentially vulnerable CGI program.
+ /cgi-win/fpsrvadm.exe: Potentially vulnerable CGI program.
+ /vgn/ac/edit: Vignette CMS admin/maintenance script available.
+ /vgn/ac/esave: Vignette CMS admin/maintenance script available.
+ /vgn/ac/fsave: Vignette CMS admin/maintenance script available.
+ /vgn/asp/MetaDataUpdate: Vignette CMS admin/maintenance script available.
+ /vgn/asp/previewer: Vignette CMS admin/maintenance script available.
+ /vgn/errors: Vignette CMS admin/maintenance script available.
+ /vgn/jsp/errorpage: Vignette CMS admin/maintenance script available.
+ /vgn/jsp/initialize: Vignette CMS admin/maintenance script available.
+ /vgn/jsp/jspstatus: Vignette CMS admin/maintenance script available.
+ /vgn/jsp/jspstatus56: Vignette CMS admin/maintenance script available.
+ /vgn/jsp/metadataupdate: Vignette CMS admin/maintenance script available.
+ /vgn/login: Vignette server may allow user enumeration based on the login attempts to this file.
+ /fpdb/shop.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web. See: https://packetstormsecurity.com/files/32406/xmas.txt.html
+ /MIDICART/midicart.mdb: MIDICART database is available for browsing. This should not be allowed via the web server. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1432
+ /news/news.mdb: Web Wiz Site News release v3.06 admin password database is available and unencrypted.
+ /shopping300.mdb: VP-ASP shopping cart application allows .mdb files (which may include customer data) to be downloaded via the web. These should not be available. See: https://securitytracker.com/id/1004382
+ /shopping400.mdb: VP-ASP shopping cart application allows .mdb files (which may include customer data) to be downloaded via the web. These should not be available. See: https://securitytracker.com/id/1004382
+ /cgi.cgi/mailit.pl: Sambar may allow anonymous email to be sent from any host via this CGI. See: https://vulners.com/nessus/SAMBAR_MAILIT.NASL
+ /cgi-914/mailit.pl: Sambar may allow anonymous email to be sent from any host via this CGI. See: https://vulners.com/nessus/SAMBAR_MAILIT.NASL
+ /cgi/mailit.pl: Sambar may allow anonymous email to be sent from any host via this CGI. See: https://vulners.com/nessus/SAMBAR_MAILIT.NASL
+ /ows-bin/mailit.pl: Sambar may allow anonymous email to be sent from any host via this CGI. See: https://vulners.com/nessus/SAMBAR_MAILIT.NASL
+ /scripts/mailit.pl: Sambar may allow anonymous email to be sent from any host via this CGI. See: https://vulners.com/nessus/SAMBAR_MAILIT.NASL
+ /cgi-bin-sdb/mailit.pl: Sambar may allow anonymous email to be sent from any host via this CGI. See: https://vulners.com/nessus/SAMBAR_MAILIT.NASL
+ /vgn/license: Vignette server license file found. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0403
+ /cgi/MsmMask.exe: MondoSearch 4.4 may allow source code viewing by requesting MsmMask.exe?mask=/filename.asp where 'filename.asp' is a real ASP file. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1528
+ /ows-bin/MsmMask.exe: MondoSearch 4.4 may allow source code viewing by requesting MsmMask.exe?mask=/filename.asp where 'filename.asp' is a real ASP file. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1528
+ /cgi-sys/MsmMask.exe: MondoSearch 4.4 may allow source code viewing by requesting MsmMask.exe?mask=/filename.asp where 'filename.asp' is a real ASP file. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1528
+ /scripts/MsmMask.exe: MondoSearch 4.4 may allow source code viewing by requesting MsmMask.exe?mask=/filename.asp where 'filename.asp' is a real ASP file. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1528
+ /fcgi-bin/MsmMask.exe: MondoSearch 4.4 may allow source code viewing by requesting MsmMask.exe?mask=/filename.asp where 'filename.asp' is a real ASP file. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1528
+ /scgi-bin/MsmMask.exe: MondoSearch 4.4 may allow source code viewing by requesting MsmMask.exe?mask=/filename.asp where 'filename.asp' is a real ASP file. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1528
+ /cgi-bin-sdb/MsmMask.exe: MondoSearch 4.4 may allow source code viewing by requesting MsmMask.exe?mask=/filename.asp where 'filename.asp' is a real ASP file. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1528
+ /cgi-mod/MsmMask.exe: MondoSearch 4.4 may allow source code viewing by requesting MsmMask.exe?mask=/filename.asp where 'filename.asp' is a real ASP file. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1528
+ /tvcs/getservers.exe?action=selects1: Following steps 2-4 of this page may reveal a zip file that contains passwords and system details.
+ /nsn/fdir.bas:ShowVolume: You can use ShowVolume and ShowDirectory directly on the Novell server (NW5.1) to view the filesystem without having to log in.
+ /forum/admin/database/wwForum.mdb: Web Wiz Forums pre 7.5 is vulnerable to Cross-Site Scripting attacks. Default login/pass is Administrator/letmein.
+ /webcgi/aglimpse: This CGI may allow attackers to execute remote commands.
+ /bin/aglimpse: This CGI may allow attackers to execute remote commands.
+ /ows-bin/aglimpse: This CGI may allow attackers to execute remote commands.
+ /scripts/aglimpse: This CGI may allow attackers to execute remote commands.
+ /cgi-win/aglimpse: This CGI may allow attackers to execute remote commands.
+ /fcgi-bin/aglimpse: This CGI may allow attackers to execute remote commands.
+ /servlet/SchedulerTransfer: PeopleSoft SchedulerTransfer servlet found, which may allow remote command execution. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0104
+ /servlet/sunexamples.BBoardServlet: This default servlet lets attackers execute arbitrary commands.
+ /servlets/SchedulerTransfer: PeopleSoft SchedulerTransfer servlet found, which may allow remote command execution. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0104
+ /webcgi/cmd.exe?/c+dir: cmd.exe can execute arbitrary commands.
+ /cgi-914/cmd.exe?/c+dir: cmd.exe can execute arbitrary commands.
+ /bin/cmd.exe?/c+dir: cmd.exe can execute arbitrary commands.
+ /cgi/cmd.exe?/c+dir: cmd.exe can execute arbitrary commands.
+ /cgi-win/cmd.exe?/c+dir: cmd.exe can execute arbitrary commands.
+ /cgi-home/cmd.exe?/c+dir: cmd.exe can execute arbitrary commands.
+ /scgi-bin/cmd.exe?/c+dir: cmd.exe can execute arbitrary commands.
+ /cgi-914/cmd1.exe?/c+dir: cmd1.exe can execute arbitrary commands.
+ /bin/cmd1.exe?/c+dir: cmd1.exe can execute arbitrary commands.
+ /cgi/cmd1.exe?/c+dir: cmd1.exe can execute arbitrary commands.
+ /ows-bin/cmd1.exe?/c+dir: cmd1.exe can execute arbitrary commands.
+ /cgi-sys/cmd1.exe?/c+dir: cmd1.exe can execute arbitrary commands.
+ /scripts/cmd1.exe?/c+dir: cmd1.exe can execute arbitrary commands.
+ /cgi-win/cmd1.exe?/c+dir: cmd1.exe can execute arbitrary commands.
+ /fcgi-bin/cmd1.exe?/c+dir: cmd1.exe can execute arbitrary commands.
+ /cgi-home/cmd1.exe?/c+dir: cmd1.exe can execute arbitrary commands.
+ /cgi-bin-sdb/cmd1.exe?/c+dir: cmd1.exe can execute arbitrary commands.
+ /cgi.cgi/post32.exe|dir%20c:\\: post32 can execute arbitrary commands.
+ /bin/post32.exe|dir%20c:\\: post32 can execute arbitrary commands.
+ /cgi-sys/post32.exe|dir%20c:\\: post32 can execute arbitrary commands.
+ /cgi-home/post32.exe|dir%20c:\\: post32 can execute arbitrary commands.
+ /scgi-bin/post32.exe|dir%20c:\\: post32 can execute arbitrary commands.
+ /cgi-mod/post32.exe|dir%20c:\\: post32 can execute arbitrary commands.
+ /IDSWebApp/IDSjsp/Login.jsp: Tivoli Directory Server Web Administration.
+ /siteminder: This may be an indication that the server is running Siteminder for SSO.
+ /smg_Smxcfg30.exe?vcc=3560121183d3: This may be a Trend Micro Officescan 'backdoor'.
+ /nsn/..%5Cutil/chkvol.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server.
+ /nsn/..%5Cutil/del.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server.
+ /nsn/..%5Cutil/dir.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server.
+ /nsn/..%5Cutil/dsbrowse.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server.
+ /nsn/..%5Cutil/glist.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server.
+ /nsn/..%5Cutil/lancard.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server.
+ /nsn/..%5Cutil/rd.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server.
+ /nsn/..%5Cutil/ren.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server.
+ /nsn/..%5Cutil/set.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server.
+ /nsn/..%5Cutil/type.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server.
+ /nsn/..%5Cweb/fdir.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server.
+ /nsn/..%5Cwebdemo/fdir.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server.
+ /cgi.cgi/archie: Gateway to the unix command, may be able to submit extra commands.
+ /webcgi/archie: Gateway to the unix command, may be able to submit extra commands.
+ /bin/archie: Gateway to the unix command, may be able to submit extra commands.
+ /cgi/archie: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-sys/archie: Gateway to the unix command, may be able to submit extra commands.
+ /fcgi-bin/archie: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-mod/archie: Gateway to the unix command, may be able to submit extra commands.
+ /cgi.cgi/calendar.pl: Gateway to the unix command, may be able to submit extra commands.
+ /webcgi/calendar.pl: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-914/calendar.pl: Gateway to the unix command, may be able to submit extra commands.
+ /bin/calendar.pl: Gateway to the unix command, may be able to submit extra commands.
+ /cgi/calendar.pl: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-win/calendar.pl: Gateway to the unix command, may be able to submit extra commands.
+ /fcgi-bin/calendar.pl: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-home/calendar.pl: Gateway to the unix command, may be able to submit extra commands.
+ /scgi-bin/calendar.pl: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-mod/calendar.pl: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-914/calendar: Gateway to the unix command, may be able to submit extra commands.
+ /bin/calendar: Gateway to the unix command, may be able to submit extra commands.
+ /scripts/calendar: Gateway to the unix command, may be able to submit extra commands.
+ /fcgi-bin/calendar: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-home/calendar: Gateway to the unix command, may be able to submit extra commands.
+ /cgi.cgi/date: Gateway to the unix command, may be able to submit extra commands.
+ /webcgi/date: Gateway to the unix command, may be able to submit extra commands.
+ /cgi/date: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-sys/date: Gateway to the unix command, may be able to submit extra commands.
+ /scripts/date: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-win/date: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-home/date: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-bin-sdb/date: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-mod/date: Gateway to the unix command, may be able to submit extra commands.
+ /cgi.cgi/fortune: Gateway to the unix command, may be able to submit extra commands.
+ /scripts/fortune: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-win/fortune: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-bin-sdb/fortune: Gateway to the unix command, may be able to submit extra commands.
+ /fcgi-bin/redirect: Redirects via URL from form.
+ /cgi.cgi/uptime: Gateway to the unix command, may be able to submit extra commands.
+ /webcgi/uptime: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-914/uptime: Gateway to the unix command, may be able to submit extra commands.
+ /cgi/uptime: Gateway to the unix command, may be able to submit extra commands.
+ /ows-bin/uptime: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-sys/uptime: Gateway to the unix command, may be able to submit extra commands.
+ /scripts/uptime: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-mod/uptime: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-win/wais.pl: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-bin-sdb/wais.pl: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-mod/wais.pl: Gateway to the unix command, may be able to submit extra commands.
+ /CVS/Entries: CVS Entries file may contain directory listing information.
+ /cgi.cgi/mail: Simple Perl mailing script to send form data to a pre-configured email address.
+ /cgi-914/mail: Simple Perl mailing script to send form data to a pre-configured email address.
+ /cgi-sys/mail: Simple Perl mailing script to send form data to a pre-configured email address.
+ /scripts/mail: Simple Perl mailing script to send form data to a pre-configured email address.
+ /cgi-win/mail: Simple Perl mailing script to send form data to a pre-configured email address.
+ /scgi-bin/mail: Simple Perl mailing script to send form data to a pre-configured email address.
+ /cgi.cgi/nph-error.pl: Gives more information in error messages.
+ /bin/nph-error.pl: Gives more information in error messages.
+ /scripts/nph-error.pl: Gives more information in error messages.
+ /cgi-win/nph-error.pl: Gives more information in error messages.
+ /scgi-bin/nph-error.pl: Gives more information in error messages.
+ /cgi.cgi/query: Echoes back result of your GET.
+ /cgi-914/query: Echoes back result of your GET.
+ /bin/query: Echoes back result of your GET.
+ /cgi/query: Echoes back result of your GET.
+ /ows-bin/query: Echoes back result of your GET.
+ /scripts/query: Echoes back result of your GET.
+ /cgi-win/query: Echoes back result of your GET.
+ /cgi-home/query: Echoes back result of your GET.
+ /cgi.cgi/test-env: May echo environment variables or give directory listings.
+ /cgi-914/test-env: May echo environment variables or give directory listings.
+ /cgi/test-env: May echo environment variables or give directory listings.
+ /cgi-win/test-env: May echo environment variables or give directory listings.
+ /cgi-bin-sdb/test-env: May echo environment variables or give directory listings.
+ /admin-serv/config/admpw: This file contains the encrypted Netscape admin password. It should not be accessible via the web.
+ /tree: WASD Server reveals the entire web root structure and files via this URL. Upgrade to a later version and secure according to the documents on the WASD web site.
+ /webcgi/cgitest.exe: This CGI allows remote users to download other CGI source code. May have a buffer overflow in the User-Agent header.
+ /cgi-914/cgitest.exe: This CGI allows remote users to download other CGI source code. May have a buffer overflow in the User-Agent header.
+ /cgi-sys/cgitest.exe: This CGI allows remote users to download other CGI source code. May have a buffer overflow in the User-Agent header.
+ /scripts/cgitest.exe: This CGI allows remote users to download other CGI source code. May have a buffer overflow in the User-Agent header.
+ /fcgi-bin/cgitest.exe: This CGI allows remote users to download other CGI source code. May have a buffer overflow in the User-Agent header.
+ /cgi-home/cgitest.exe: This CGI allows remote users to download other CGI source code. May have a buffer overflow in the User-Agent header.
+ /examples/servlet/AUX: Apache Tomcat versions below 4.1 may be vulnerable to DoS by repeatedly requesting this file.
+ /cgi.cgi/hpnst.exe?c=p+i=SrvSystemInfo.html: HP Instant TopTools may be vulnerable to a DoS by requesting hpnst.exe?c=p+i=hpnst.exe multiple times. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0169
+ /bin/hpnst.exe?c=p+i=SrvSystemInfo.html: HP Instant TopTools may be vulnerable to a DoS by requesting hpnst.exe?c=p+i=hpnst.exe multiple times. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0169
+ /cgi/hpnst.exe?c=p+i=SrvSystemInfo.html: HP Instant TopTools may be vulnerable to a DoS by requesting hpnst.exe?c=p+i=hpnst.exe multiple times. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0169
+ /cgi-sys/hpnst.exe?c=p+i=SrvSystemInfo.html: HP Instant TopTools may be vulnerable to a DoS by requesting hpnst.exe?c=p+i=hpnst.exe multiple times. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0169
+ /cgi-home/hpnst.exe?c=p+i=SrvSystemInfo.html: HP Instant TopTools may be vulnerable to a DoS by requesting hpnst.exe?c=p+i=hpnst.exe multiple times. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0169
+ /cgi-bin-sdb/hpnst.exe?c=p+i=SrvSystemInfo.html: HP Instant TopTools may be vulnerable to a DoS by requesting hpnst.exe?c=p+i=hpnst.exe multiple times. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0169
+ /cgi-mod/hpnst.exe?c=p+i=SrvSystemInfo.html: HP Instant TopTools may be vulnerable to a DoS by requesting hpnst.exe?c=p+i=hpnst.exe multiple times. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0169
+ /Config1.htm: This may be a D-Link. Some devices have a DoS condition if an oversized POST request is sent. This DoS was not tested. See: https://raw.githubusercontent.com/sullo/advisory-archives/master/phenoelit.de_dp-300.txt
+ /contents/extensions/asp/1: The IIS system may be vulnerable to a DOS. See: https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/MS02-018
+ /webcgi/Pbcgi.exe?bcgiu4: Sambar may be vulnerable to a DOS when a long string is passed to Pbcgi.exe (not attempted). Default CGI should be removed from web servers. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0128
+ /bin/Pbcgi.exe?bcgiu4: Sambar may be vulnerable to a DOS when a long string is passed to Pbcgi.exe (not attempted). Default CGI should be removed from web servers. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0128
+ /ows-bin/Pbcgi.exe?bcgiu4: Sambar may be vulnerable to a DOS when a long string is passed to Pbcgi.exe (not attempted). Default CGI should be removed from web servers. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0128
+ /scgi-bin/Pbcgi.exe?bcgiu4: Sambar may be vulnerable to a DOS when a long string is passed to Pbcgi.exe (not attempted). Default CGI should be removed from web servers. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0128
+ /cgi-bin-sdb/Pbcgi.exe?bcgiu4: Sambar may be vulnerable to a DOS when a long string is passed to Pbcgi.exe (not attempted). Default CGI should be removed from web servers. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0128
+ /webcgi/testcgi.exe: Sambar may be vulnerable to a DOS when a long string is passed to testcgi.exe (not attempted). Default CGI should be removed from web servers. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0128
+ /cgi-914/testcgi.exe: Sambar may be vulnerable to a DOS when a long string is passed to testcgi.exe (not attempted). Default CGI should be removed from web servers. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0128
+ /ows-bin/testcgi.exe: Sambar may be vulnerable to a DOS when a long string is passed to testcgi.exe (not attempted). Default CGI should be removed from web servers. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0128
+ /cgi-sys/testcgi.exe: Sambar may be vulnerable to a DOS when a long string is passed to testcgi.exe (not attempted). Default CGI should be removed from web servers. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0128
+ /fcgi-bin/testcgi.exe: Sambar may be vulnerable to a DOS when a long string is passed to testcgi.exe (not attempted). Default CGI should be removed from web servers. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0128
+ /cgi-home/testcgi.exe: Sambar may be vulnerable to a DOS when a long string is passed to testcgi.exe (not attempted). Default CGI should be removed from web servers. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0128
+ /cgi-bin-sdb/testcgi.exe: Sambar may be vulnerable to a DOS when a long string is passed to testcgi.exe (not attempted). Default CGI should be removed from web servers. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0128
+ /cgi-mod/testcgi.exe: Sambar may be vulnerable to a DOS when a long string is passed to testcgi.exe (not attempted). Default CGI should be removed from web servers. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0128
+ /cgi-win/cgitest.exe: This CGI may allow the server to be crashed remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0128
+ /cgi.cgi/snorkerz.cmd: Arguments passed to DOS CGI without checking.
+ /webcgi/snorkerz.cmd: Arguments passed to DOS CGI without checking.
+ /cgi-914/snorkerz.cmd: Arguments passed to DOS CGI without checking.
+ /bin/snorkerz.cmd: Arguments passed to DOS CGI without checking.
+ /ows-bin/snorkerz.cmd: Arguments passed to DOS CGI without checking.
+ /cgi-sys/snorkerz.cmd: Arguments passed to DOS CGI without checking.
+ /fcgi-bin/snorkerz.cmd: Arguments passed to DOS CGI without checking.
+ /cgi-home/snorkerz.cmd: Arguments passed to DOS CGI without checking.
+ /scgi-bin/snorkerz.cmd: Arguments passed to DOS CGI without checking.
+ /cgi-bin-sdb/snorkerz.cmd: Arguments passed to DOS CGI without checking.
+ /cgi-shl/win-c-sample.exe: win-c-sample.exe has a buffer overflow.
+ /................../config.sys: PWS allows files to be read by prepending multiple '.' characters. At worst, IIS, not PWS, should be used.
+ /openautoclassifieds/friendmail.php?listing=<script>alert(document.domain);</script>: OpenAutoClassifieds 1.0 is vulnerable to a XSS attack. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1145
+ /bin/retrieve_password.pl: retrieve_password.pl in DCForum 6.x and 2000 generates predictable new passwords based on a sessionID. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0226
+ /cgi/retrieve_password.pl: retrieve_password.pl in DCForum 6.x and 2000 generates predictable new passwords based on a sessionID. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0226
+ /ows-bin/retrieve_password.pl: retrieve_password.pl in DCForum 6.x and 2000 generates predictable new passwords based on a sessionID. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0226
+ /scripts/retrieve_password.pl: retrieve_password.pl in DCForum 6.x and 2000 generates predictable new passwords based on a sessionID. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0226
+ /cgi-win/retrieve_password.pl: retrieve_password.pl in DCForum 6.x and 2000 generates predictable new passwords based on a sessionID. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0226
+ /cgi.cgi/wwwadmin.pl: Administration CGI?.
+ /bin/wwwadmin.pl: Administration CGI?.
+ /cgi-win/wwwadmin.pl: Administration CGI?.
+ /scgi-bin/wwwadmin.pl: Administration CGI?.
+ Scan terminated: 0 error(s) and 338 item(s) reported on remote host
+ End Time:           2024-06-12 16:58:06 (GMT-4) (61 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested
Color Scheme
Target
www.carrier411.com
Scan method
Nikto scan (max 60 sec)
Run command
nikto -host www.carrier411.com -maxtime 60
Scan time
61s
Quick report
Order full scan ($79/one time)
Scan date
12 Jun 2024 16:58
Copy scan report
Download report
Remove scan result
$
Total scans
About 2 times
Some firewalls blocks Nikto. For get true positive results add nikto.online IP addresses (172.96.166.66-172.96.166.70 or CIDR 172.96.166.64/29) to the whitelist
[scan_method]
Visibility:
Scan method: