help with Nikto results...

Discussion in 'Computer Security' started by Spaceman Spiff, Feb 8, 2004.

  1. Hi all,

    I've been playing with Nikto and using it against my personal web
    server. I get some results that I cannot find any information about in
    my searching. Can anyone help give me an idea of what the /?Open line
    indicates and help me understand why I'm seeing something for
    MyWebServer when this is an apache web server. And one last thing, why
    is there a hit for .htaccess/.htpasswd when I have those disabled in the
    httpd.conf and there are no such files in any of my directory structure?
    The results of the scan are;

    + Server: Apache/1.3.29 (Unix) mod_perl/1.28 PHP/4.3.4
    + No CGI Directories found (use '-C all' to force check all possible dirs)
    + /robots.txt - contains 19 'disallow' entries which should be manually
    viewed (added to mutation file lists) (GET).
    + Apache/1.3.29 appears to be outdated (current is at least
    Apache/2.0.47). Apache 1.3.28 is still maintained and considered secure.
    + mod_perl/1.28 appears to be outdated (current is at least 1.99_10)
    + PHP/4.3.4 appears to be outdated (current is at least 4.3.4RC2)
    + /.htaccess - Contains authorization information (GET)
    + /.htpasswd - Contains authorization information (GET)
    + /phpBB2/includes/db.php - Some versions of db.php from phpBB2 allow
    remote file inclusions. Verify the current version is running. See
    http://www.securiteam.com/securitynews/5BP0F2A6KC.html for more info (GET)
    + /\"><img%20src=\"javascript:alert(document.domain)\"> - The IBM Web
    Traffic Express Caching Proxy is vulnerable to Cross Site Scripting
    (XSS). CA-2000-02. (GET)
    + /?Open - This displays a list of all databases on the server. ÊDisable
    this capability via server options. (GET)
    +
    /xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx<font%20size=50>DEFACED<!--//--
    - MyWebServer 1.0.2 is vulnerable to HTML injection. Upgrade to a later
    version. (GET)
    + /phpMyAdmin/ - This might be interesting... (GET)
    + 1987 items checked - 8 item(s) found on remote host(s)


    Thanks
    Spaceman Spiff, Feb 8, 2004
    #1
    1. Advertising

  2. Spaceman Spiff

    Doc Guest

    > I've been playing with Nikto and using it against my personal web
    > server. I get some results that I cannot find any information about in
    > my searching. Can anyone help give me an idea of what the /?Open line
    > indicates and help me understand why I'm seeing something for
    > MyWebServer when this is an apache web server. And one last thing, why
    > is there a hit for .htaccess/.htpasswd when I have those disabled in the
    > httpd.conf and there are no such files in any of my directory structure?




    The /?Open line probably relates to one of the Domino tests. Grep
    through the plugins and check. These kinds of web scanners are not
    smart, they look for http 200 codes for successful downloads or http
    40x codes for failed downloads and so do throw up the occasional false
    positive, especially if the targets have customised non-rfc compliant
    error pages.
    Doc, Feb 13, 2004
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Dee
    Replies:
    2
    Views:
    687
    trout
    Aug 4, 2003
  2. Gary

    Help with hijackthis results

    Gary, Sep 25, 2004, in forum: Computer Support
    Replies:
    3
    Views:
    2,015
    The Tech Guy
    Sep 28, 2004
  3. ECLiPSE 2002

    Questions/help with strange defragmentation results

    ECLiPSE 2002, Mar 12, 2005, in forum: Computer Support
    Replies:
    3
    Views:
    535
    Enkidu
    Mar 13, 2005
  4. Ron Drake
    Replies:
    3
    Views:
    901
    Wayne McGlinn
    Feb 14, 2006
  5. =?Utf-8?B?cmF6b3I=?=

    Need Help with Indexing Service Not Showing PDFs in Results

    =?Utf-8?B?cmF6b3I=?=, Sep 5, 2007, in forum: Windows 64bit
    Replies:
    1
    Views:
    513
    =?Utf-8?B?bGVvcmFt?=
    Sep 6, 2007
Loading...

Share This Page