Professional Documents
Culture Documents
2 November, 2010
Scan information
Starttime 11/2/2010 10:17:25 AM
Finish time 11/2/2010 5:39:44 PM
Scan time 7 hours, 22 minutes
Profile default
Server information
Responsive True
Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1
Server banner
mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_perl/2.0.4 Perl/v5.8.8
Server OS Unix
Server technologies PHP,Perl,mod_ssl,mod_perl,OpenSSL,FrontPage
Threat level
Alerts distribution
Knowledge base
List of open TCP ports
There are 3 open TCP ports on the remote host.
Whois lookup
Acunetix Website Audit 2
Whois result for IP address 180.235.148.97:
/index.php
/templates/yoo_studio/lib/js/mootools.js
/templates/yoo_studio/lib/js/addons/base.js
/templates/yoo_studio/lib/js/addons/accordionmenu.js
/templates/yoo_studio/lib/js/addons/fancymenu.js
/templates/yoo_studio/lib/js/addons/dropdownmenu.js
/templates/yoo_studio/lib/js/template.js
/plugins/system/mediaobject/js/mediaobject-150.js
/modules/mod_yoo_scroller/mod_yoo_scroller.js
/modules/mod_yoo_search/mod_yoo_search.js
/media/system/js/caption.js
/components/com_livechat/js/livechat_v3.js
/index.php - 31 inputs
/plugins/system/jceutilities/css/jceutilities.css - 1 inputs
/plugins/system/jceutilities/themes/standard/css/style.css - 1 inputs
/plugins/system/jceutilities/themes/standard/css/style_ie6.css - 1 inputs
/plugins/system/jceutilities/js/jceutilities.js - 1 inputs
/plugins/system/yoo_effects/yoo_effects.js.php - 5 inputs
/modules/mod_jlivechat/dynamic.php - 2 inputs
www.yootheme.com
www.getfirefox.com
www.apple.com
www.opera.com
www.microsoft.com
mail.elangbiru.co.id
warp.yootheme.com
www.elangbiru.co.id
zoo.yootheme.com
tools.yootheme.com
jigsaw.w3.org
teamlog.yootheme.com
tutorials.yootheme.com
www.mootools.net
Alerts summary
Severity Medium
Type Validation
Reported by module Version check
Description
This alert was generated using only banner information. It may be a false positive.
A format string vulnerability has been found in mod_ssl versions older than 2.8.19. Successful exploitation of this issue will
most likely allow an attacker to execute arbitrary code on the affected computer.
Impact
Denial of service and/or possible arbitrary code execution.
Recommendation
Upgrade mod_ssl to the latest version.
Affected items
mod_ssl
Details
Current version is mod_ssl/2.2.16 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4
FrontPage/5.0.2.2635 mod_perl/2.0.4 Perl/v5.8.8 PHP/5.3.3
Severity Medium
Type Validation
Reported by module Version check
Description
This alert was generated using only banner information. It may be a false positive.
A stack-based buffer overflow has been reported in the Apache mod_ssl module. This issue would most likely result in a
denial of service if triggered, but could theoretically allow for execution of arbitrary code. The issue is not believed to be
exploitable to execute arbitrary code on x86 architectures, though this may not be the case with other architectures.
Impact
Denial of service and/or possible arbitrary code execution.
Recommendation
Upgrade mod_ssl to the latest version.
Affected items
Severity Low
Type Informational
Reported by module Crawler
Description
User credentials are not encrypted when they are transmitted.
Impact
A third party may be able to read the user credentials by intercepting an unencrypted HTTP connection.
Recommendation
Because user credentials usually are considered sensitive information, it is recommended to be sent to the server over an
encrypted connection.
Affected items
/index.php
Details
It seemes that user credentials are sent to /index.php in clear text.
Request
GET /index.php?option=com_content&view=frontpage&Itemid=1 HTTP/1.0
Accept: */*
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322)
Host: elangbiru.co.id
Cookie: 7df71366168362a461f0845fea3e4de7=e35092dc009b7d21ec362f389d9bd645
Connection: Close
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Pragma: no-cache
Acunetix-aspect-queries: filelist;aspectalerts
Referer: http://elangbiru.co.id/
Acunetix-Product: WVS/5.1 (Acunetix Web Vulnerability Scanner - NORMAL)
Acunetix-Scanning-agreement: Third Party Scanning PROHIBITED
Acunetix-User-agreement: http://www.acunetix.com/wvs/disc.htm
Response
HTTP/1.0 200 OK
Date: Tue, 02 Nov 2010 03:18:43 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8e-fips-rhel5
mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_perl/2.0.4
Perl/v5.8.8
X-Powered-By: PHP/5.3.3
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Tue, 02 Nov 2010 03:18:44 GMT
Content-Type: text/html; charset=utf-8
Severity Informational
Type Informational
Acunetix Website Audit 6
Reported by module Crawler
Description
This file is listed in robots.txt but it's not linked anywhere in the site.
Impact
Possible sensitive information disclosure.
Recommendation
In robots.txt you should only include files or directories linked on the site.
Affected items
/administrator
Details
No details are available.
Request
Response
/cache
Details
No details are available.
Request
Response
/components
Details
No details are available.
Request
Response
/images
Details
No details are available.
Request
Response
/includes
Details
No details are available.
Request
Response
/installation
Details
No details are available.
Response
/language
Details
No details are available.
Request
Response
/libraries
Details
No details are available.
Request
Response
/media
Details
No details are available.
Request
Response
/modules
Details
No details are available.
Request
Response
/plugins
Details
No details are available.
Request
Response
/templates
Details
No details are available.
Request
Response
Response
/xmlrpc
Details
No details are available.
Request
Response
Severity Informational
Type Informational
Reported by module GHDB - Google hacking database
Description
The description for this alert is contributed by the GHDB community, it may contain inappropriate language.
Webmasters wanting to exclude search engine robots from certain parts of their site often choose the use of a robot.txt file
on the root of the server. This file basicly tells the bot which directories are supposed to be off-limits. An attacker can
easily obtain that information by very simply opening that plain text file in his browser. Webmasters should *never* rely on
this for real security issues. Google helps the attacker by allowing a search for the "disallow" keyword.
The Google Hacking Database (GHDB) appears courtesy of the Google Hacking community.
Impact
Not available. Check description.
Recommendation
Not available. Check description.
Affected items
/robots.txt
Details
We found
(inurl:"robot.txt" | inurl:"robots.txt" ) intext:disallow filetype:txt
Request
GET /robots.txt HTTP/1.0
Accept: */*
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322)
Host: elangbiru.co.id
Cookie: 7df71366168362a461f0845fea3e4de7=e35092dc009b7d21ec362f389d9bd645
Connection: Close
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Pragma: no-cache
Acunetix Website Audit 9
Acunetix-aspect-queries: filelist;aspectalerts
Acunetix-Product: WVS/5.1 (Acunetix Web Vulnerability Scanner - NORMAL)
Acunetix-Scanning-agreement: Third Party Scanning PROHIBITED
Response
HTTP/1.0 200 OK
Date: Tue, 02 Nov 2010 03:18:42 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8e-fips-rhel5
mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_perl/2.0.4
Perl/v5.8.8
Last-Modified: Sat, 28 Mar 2009 06:30:02 GMT
ETag: "2600f22-130-46627faa94e80"
Accept-Ranges: bytes
Content-Length: 304
Content-Type: text/plain
Severity Informational
Type Informational
Reported by module GHDB - Google hacking database
Description
The description for this alert is contributed by the GHDB community, it may contain inappropriate language.
The robots.txt file serves as a set of instructions for web crawlers. The "disallow" tag tells a web crawler where NOT to
look, for whatever reason. Hackers will always go to those places first!
The Google Hacking Database (GHDB) appears courtesy of the Google Hacking community.
Impact
Not available. Check description.
Recommendation
Not available. Check description.
Affected items
/robots.txt
Details
We found
"robots.txt" "Disallow:" filetype:txt
Request
GET /robots.txt HTTP/1.0
Accept: */*
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322)
Host: elangbiru.co.id
Cookie: 7df71366168362a461f0845fea3e4de7=e35092dc009b7d21ec362f389d9bd645
Connection: Close
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Pragma: no-cache
Acunetix-aspect-queries: filelist;aspectalerts
Acunetix-Product: WVS/5.1 (Acunetix Web Vulnerability Scanner - NORMAL)
Acunetix-Scanning-agreement: Third Party Scanning PROHIBITED
Acunetix-User-agreement: http://www.acunetix.com/wvs/disc.htm
Severity Informational
Type Informational
Reported by module Crawler
Description
When a new name and password is entered in a form and the form is submitted, the browser asks if the password should
be saved. Thereafter when the form is displayed, the name and password are filled in automatically or are completed as the
name is entered. An attacker with local access could obtain the cleartext password from the browser cache.
Impact
Possible sensitive information disclosure
Recommendation
The password autocomplete should be disabled in sensitive applications.
To disable autocomplete, you may use a code similar to:
<INPUT TYPE="password" AUTOCOMPLETE="off">
Affected items
/index.php
Details
Password type input named passwd from form named login with action /index.php?
option=com_content&view=frontpage&Itemid=1 has autocomplete enabled.
Request
GET /index.php?option=com_content&view=frontpage&Itemid=1 HTTP/1.0
Accept: */*
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322)
Host: elangbiru.co.id
Cookie: 7df71366168362a461f0845fea3e4de7=e35092dc009b7d21ec362f389d9bd645
Connection: Close
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Pragma: no-cache
Acunetix-aspect-queries: filelist;aspectalerts
Referer: http://elangbiru.co.id/
Acunetix-Product: WVS/5.1 (Acunetix Web Vulnerability Scanner - NORMAL)
Acunetix-Scanning-agreement: Third Party Scanning PROHIBITED
Acunetix-User-agreement: http://www.acunetix.com/wvs/disc.htm
Response
HTTP/1.0 200 OK
Date: Tue, 02 Nov 2010 03:18:43 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8e-fips-rhel5
mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_perl/2.0.4
Perl/v5.8.8
X-Powered-By: PHP/5.3.3