Professional Documents
Culture Documents
3 October, 2014
Developer Report
Scan of http://mail.sukasa.com/
Scan details
Scan information
Start time
Finish time
Scan time
Profile
10/03/2014 17:05:13
10/03/2014 17:05:23
10 seconds
Default
Server information
Responsive
Server banner
Server OS
Server technologies
True
Apache/2.2.15 (CentOS)
Unix
PHP
Threat level
Acunetix Threat Level 2
One or more medium-severity type vulnerabilities have been discovered by the scanner.
You should investigate each of these vulnerabilities to ensure they will not escalate to
more severe problems.
Alerts distribution
Total alerts found
15
High
Medium
Low
Informational
13
1
Alerts summary
Apache httpd remote denial of service
Affects
Web Server
Variation
s1
Variation
s1
Variation
s1
Variation
s1
1
1
1
1
1
1
1
1
1
Variation
s1
Broken links
Affects
/webmail
Variation
s1
Alert details
Apache httpd remote denial of service
Severity
Medium
Type
Configuration
Reported by module Scripting (Version_Check.script)
Description
A denial of service vulnerability has been found in the way the multiple overlapping ranges are handled by the Apache
HTTPD server:
http://seclists.org/fulldisclosure/2011/Aug/175
An attack tool is circulating in the wild. Active use of this tools has been observed. The attack can be done remotely and
with a modest number of requests can cause very significant memory and CPU usage on the server.
This alert was generated using only banner information. It may be a false positive.
Affected Apache versions (1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19).
Impact
Remote Denial of Service
Recommendation
Upgrade to the latest version of Apache HTTP Server (2.2.20 or later), available from the Apache HTTP Server Project
Web site.
References
Apache httpd Remote Denial of Service (memory exhaustion)
CVE-2011-3192
Apache HTTP Server 2.2.20 Released
Apache HTTPD Security ADVISORY
Affected items
Web Server
Details
Current version is : 2.2.15
Options -Multiviews
References
Multiviews Apache, Accept Requests and free listing
Apache Module mod_negotiation
mod_negotiation: directory listing, filename bruteforcing
Affected items
Web Server
Details
Pattern found: <title>406 Not Acceptable</title>
Request headers
GET /index HTTP/1.1
Accept: acunetix/wvs
Host: mail.sukasa.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko)
Chrome/28.0.1500.63 Safari/537.36
Acunetix-Product: WVS/9.0 (Acunetix Web Vulnerability Scanner - NORMAL)
Acunetix-Scanning-agreement: Third Party Scanning PROHIBITED
Acunetix-User-agreement: http://www.acunetix.com/wvs/disc.htm
internal
Details
VirtualHost: internal
Response:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<head>
<title>Apache HTTP Server Test Page powered by CentOS</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<style type="text/css">
body {
background-color: #fff;
color: #000;
font-size: 0.9em;
font-family: sans-serif,helvetica;
margin: 0;
padding: 0;
}
:link {
color: #0000FF;
}
:visited {
color: #0000FF;
}
a:hover {
Request headers
GET / HTTP/1.0
Host: internal
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
intranet
Details
VirtualHost: intranet
Response: <body>
<h1>Apache 2 Test Page<br><font size="-1"><strong>powered by</font> CentOS</strong></h1>
<div class="content">
<div class="content-middle">
<p>This page is used to test the proper operation of the Apache HTTP server after it has been installed. If you can read
this page it means that the Apache HTTP server installed at this site is working properly.</p>
</div>
<hr />
<div class="content-columns">
<div class="content-column-left">
<h2>If you are a member of the general publi
Request headers
GET / HTTP/1.0
Host: intranet
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
localhost
Details
VirtualHost: localhost
Response: <body>
<h1>Apache 2 Test Page<br><font size="-1"><strong>powered by</font> CentOS</strong></h1>
<div class="content">
<div class="content-middle">
<p>This page is used to test the proper operation of the Apache HTTP server after it has been installed. If you can read
this page it means that the Apache HTTP server installed at this site is working properly.</p>
</div>
<hr />
<div class="content-columns">
<div class="content-column-left">
<h2>If you are a member of the general publi
Request headers
GET / HTTP/1.0
Host: localhost
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
mail
Details
VirtualHost: mail
Response:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<head>
<title>Apache HTTP Server Test Page powered by CentOS</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<style type="text/css">
body {
background-color: #fff;
color: #000;
font-size: 0.9em;
font-family: sans-serif,helvetica;
margin: 0;
padding: 0;
}
:link {
color: #0000FF;
}
:visited {
color: #0000FF;
}
a:hover {
Request headers
GET / HTTP/1.0
Host: mail
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
prelive
Details
VirtualHost: prelive
Response: <body>
<h1>Apache 2 Test Page<br><font size="-1"><strong>powered by</font> CentOS</strong></h1>
<div class="content">
<div class="content-middle">
<p>This page is used to test the proper operation of the Apache HTTP server after it has been installed. If you can read
this page it means that the Apache HTTP server installed at this site is working properly.</p>
</div>
<hr />
<div class="content-columns">
<div class="content-column-left">
<h2>If you are a member of the general publi
Request headers
GET / HTTP/1.0
Host: prelive
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
secure
Details
VirtualHost: secure
Response:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<head>
<title>Apache HTTP Server Test Page powered by CentOS</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<style type="text/css">
body {
background-color: #fff;
color: #000;
font-size: 0.9em;
font-family: sans-serif,helvetica;
margin: 0;
padding: 0;
}
:link {
color: #0000FF;
}
:visited {
color: #0000FF;
}
a:hover {
Request headers
GET / HTTP/1.0
Host: secure
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
10
webmail
Details
VirtualHost: webmail
Response: <body>
<h1>Apache 2 Test Page<br><font size="-1"><strong>powered by</font> CentOS</strong></h1>
<div class="content">
<div class="content-middle">
<p>This page is used to test the proper operation of the Apache HTTP server after it has been installed. If you can read
this page it means that the Apache HTTP server installed at this site is working properly.</p>
</div>
<hr />
<div class="content-columns">
<div class="content-column-left">
<h2>If you are a member of the general publi
Request headers
GET / HTTP/1.0
Host: webmail
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
www-staging
Details
VirtualHost: www-staging
Response:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<head>
<title>Apache HTTP Server Test Page powered by CentOS</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<style type="text/css">
body {
background-color: #fff;
color: #000;
font-size: 0.9em;
font-family: sans-serif,helvetica;
margin: 0;
padding: 0;
}
:link {
color: #0000FF;
}
:visited {
color: #0000FF;
}
a:hover {
Request headers
GET / HTTP/1.0
Host: www-staging
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
11
www-test
Details
VirtualHost: www-test
Response: <body>
<h1>Apache 2 Test Page<br><font size="-1"><strong>powered by</font> CentOS</strong></h1>
<div class="content">
<div class="content-middle">
<p>This page is used to test the proper operation of the Apache HTTP server after it has been installed. If you can read
this page it means that the Apache HTTP server installed at this site is working properly.</p>
</div>
<hr />
<div class="content-columns">
<div class="content-column-left">
<h2>If you are a member of the general publi
Request headers
GET / HTTP/1.0
Host: www-test
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
12
13
Broken links
Severity
Informational
Type
Informational
Reported by module Crawler
Description
A broken link refers to any link that should take you to a document, image or webpage, that actually results in an error.
This page was linked from the website but it is inaccessible.
Impact
Problems navigating the site.
Recommendation
Remove the links to this file or make it accessible.
Affected items
/webmail
Details
For a complete list of URLs linking to this file, go to Site Structure > Locate and select the file (marked as "Not Found") >
select Referrers Tab from the bottom of the Information pane.
Request headers
GET /webmail HTTP/1.1
Pragma: no-cache
Cache-Control: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Host: mail.sukasa.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko)
Chrome/28.0.1500.63 Safari/537.36
Acunetix-Product: WVS/9.0 (Acunetix Web Vulnerability Scanner - NORMAL)
Acunetix-Scanning-agreement: Third Party Scanning PROHIBITED
Acunetix-User-agreement: http://www.acunetix.com/wvs/disc.htm
Accept: */*
14
15