Comments (9)
I found a 403 forbidden page which is diclosing nginx version too.
URL: https://manalyzer.org/static/
from manalyze.
These are the known vulnerabilites of this version:
1.ginx Restriction Bypass Vulnerability
nginx/Windows 1.3.x before 1.3.1 and 1.2.x before 1.2.1 allows remote attackers to bypass intended access restrictions and access restricted files via (1) a trailing . (dot) or (2) certain $index_allocation sequences in a request.
External References
•CVE-2011-4963
2.nginx Restriction Bypass Vulnerability
nginx 0.8.41 through 1.4.3 and 1.5.x before 1.5.7 allows remote attackers to bypass intended restrictions via an unescaped space character in a URI.
External References
•CVE-2013-4547
3.nginx Request Line Parsing Vulnerability
nginx 0.8.41 through 1.4.3 and 1.5.x before 1.5.7 allows remote attackers to bypass intended restrictions via an unescaped space character in a URI.
External References
•CVE-2013-4547
4.Nginx Plaintext Command Injection Attack
The STARTTLS implementation in mail/ngx_mail_smtp_handler.c in the SMTP proxy in nginx 1.5.x and 1.6.x before 1.6.1 and 1.7.x before 1.7.4 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a 'plaintext command injection' attack, a similar issue to CVE-2011-0411.
External References
•CVE-2014-3556
5.Nginx SSL Virtual Host Confusion Attacks
nginx 0.5.6 through 1.7.4, when using the same shared ssl_session_cache or ssl_session_ticket_key for multiple servers, can reuse a cached SSL session for an unrelated context, which allows remote attackers with certain privileges to conduct 'virtual host confusion' attacks.
External References
•CVE-2014-3616
from manalyze.
Thanks for reporting this. Have you tried exploiting these vulnerabilities? All relevant patches have most likely been backported by Debian's security team.
I might just disable server tokens anyway, because I'm getting too many reports based just on the version number.
from manalyze.
from manalyze.
As mentioned in the bug bounty rule page, exploitability needs to be demonstrated. A simple application version is not sufficient to indicate a vulnerability as security patches may be backported by distribution maitainers.
Is my report is eligible for bounty or swag.
Please accept this free Manalyzer logo as thanks for banner grabbing my server:
from manalyze.
from manalyze.
To quote the bug bounty rules again :
Security issues in the manalyzer.org
machine are eligible as well. However, only bugs which have an actual security impact will be rewarded with money. (Emphasis also in the original document)
Information disclosures are eligible for bounty or swag if and only if the rules say they do, and they specifically indicate otherwise.
from manalyze.
from manalyze.
You just got swag (a free copy of the manalyzer logo).
I also think actual security impact should be rewarded with money. Sadly, you report is neither impactful, security-related or even actual (a CVE from 2011).
from manalyze.
Related Issues (20)
- Infinite loop when parsing resources HOT 5
- PolyEnE_0_01 false positive HOT 6
- Typo HOT 1
- Remove unnecessary null pointer checks HOT 1
- Installation error: Ubuntu 18.04 HOT 1
- Could not compile yara rules HOT 3
- update_clamav_signatures.py skips yara rules HOT 2
- Clamav Cloudflare DDoS protection causes signature updater to fail. HOT 1
- Analysis of certain sample does not end HOT 5
- Exporting JSON to a File HOT 3
- Server-side request forgery on manalyzer.org via url upload HOT 1
- error running update_clamav_signatures.py HOT 1
- Unusual section name found: .didat
- Unusual section name found: .detourc
- Unusual section name found: .orpc
- Rule Seems to be Malformed, skipping HOT 1
- False positive on fake signatures when one brand's name is a substring of another
- Could not load yara rules HOT 1
- install error HOT 1
- Macos 13.5 cmake error HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from manalyze.