Help! How vulnerable is this site?

Discussion in 'other security issues & news' started by still_longhorn, Nov 13, 2004.

Thread Status:
Not open for further replies.
  1. still_longhorn

    still_longhorn Registered Member

    Joined:
    Oct 3, 2004
    Posts:
    256
    Help! How vulnerable is a site with open ports?

    Can any security expert help prevent an attack here?

    Open Ports
    2082
    2083
    2086

    Server: Apache/1.3.31 (Unix) mod_gzip/1.3.26.1a mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 PHP/4.3.9 FrontPage/5.0.2.2634a mod_ssl/2.8.20 OpenSSL/0.9.7a

    Vulnerabilities

    Old PHP Version
    Risk Level: High
    Bugtraq ID: 10725
    CVE ID: CAN-2004-0594

    Old mod_ssl version
    Risk Level: High
    Bugtraq ID: 10736
    CVE ID: 0

    Old OpenSSL version
    Risk Level: High
    Bugtraq ID: 0
    CVE ID: CVE-MAP-NOMATCH

    http://64.91.226.241/

    Can anyone offer recommendations here?
     
    Last edited: Nov 13, 2004
  2. still_longhorn

    still_longhorn Registered Member

    Joined:
    Oct 3, 2004
    Posts:
    256
    Its a pity no one is interested in discussing the listed threats to http://64.91.226.241/. It would have been a real learning experience in computer security. These threats are real, have high risk ratings and are from a vulnerability scan done earlier today on the address concerned. The exploits/attacks are readily available on the net but the solutions/work around are in the net, too. :rolleyes:

    What is amazing and perhaps scary is the fact that only 240 out of a possible 30,000 tests I could have carried out were used and yet, 3 high risk vulnerabilities were detected. I am quite certain I can find no less than 20 vulnerabilities in this site. I would have been glad to discuss these with the "experts" in this forum or PM.

    To those who think Linux is safer than Windows, think again. Vulnerabilities are everywhere and there is no perfect system and there will be none in the foreseeable future. So don't hold you breathes waiting for it guys!

    I hate to admit it but I learned a lot from the questions raised here... There are some really knowledgeable guys here: LWM, Bubba, Detox, Q, Ronjor, BigC & Tuatara to name a few who've earned my respect.

    It would be the height of irony to be a security forum that has a server with at least 3 high risk vulnerabilities, so work around these if the solutions are not practical. Time to ride into the sunset, guys....

    Take care.... :D :D :D :D :D
     
  3. Marja

    Marja Honestly, I'm not a bot!!

    Joined:
    Mar 8, 2004
    Posts:
    4,553
    Location:
    In the Vast Fields of My Mind
    Are we supposed to say,"Who was that masked man?" now, or later?
     
  4. True Orient

    True Orient Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    88
    :D :D :D :D :D
     
  5. nadirah

    nadirah Registered Member

    Joined:
    Oct 14, 2003
    Posts:
    3,647
    The admins have their own way of handling this issue. Rest assured this forum is safe.
     
  6. True Orient

    True Orient Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    88
    Hi

    Shouldn't they remove the post? It could be embarassing with those vulnerabilities posted here.
     
  7. True Orient

    True Orient Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    88
    Can anyone explain Bugtraq ID: 10736 to me? What's a bugtraq ID?
     
  8. True Orient

    True Orient Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    88
    Can anyone really exploit these vulnerabilities now that they are known?
     
  9. Galcoolest

    Galcoolest Registered Member

    Joined:
    Jun 18, 2004
    Posts:
    229
    Location:
    San Francisco
    Tis a good thing I so appreciate and take especial note of IRONY in my daily journies through life.

    Longhorned Man, as I recall, was decidedly puff-chested, self-assured and scornfully dismissive in some of his posts responding to my concerns in an earlier thread recently, in which I had detailed pretty strong evidence of intrusion on my PC through the SP2 matrix.

    ' No way, GAL you're just too inexperienced to recognize that it's all software conflicts- you newbies are pathetically paranoid and unaware......' , to paraphrase the jist of Long's input.

    Lack of actual evidence was due to my own fault, the anomalies not properly screenshot or replicable, as I had wiped the XP OS already.

    And I bagged out when Marja took over (thanks, girl, I was sick of being on the defensive) but the fact remains that MY issues were NOT identical to hers- those same, explicable MS generated characters were hanging out somewhat- but it was the OTHER jokers no one can yet explain or legitimize, the new software, the new drivers, the summary reconfiguring of my whole security matrix (which theretofore never illicited from any Windows element so much as a whisper)--- IT WAS THOSE EVENTS THAT CONCERNED ME. And why I wiped the drive again, but this time installed ME.

    Is LongLorn documenting incredible security issues he would never have believed had he not seen them himself? Is he now trumpeting from his mountaintop that troubles are on the horizon?
    " The sky is falling, the sky is falling I tell you!"

    Oh, too bad. Seems most of the villagers had noticed the clouds gathering last night and didn't care if Longo or others couldn't be bothered just then to look to the eastern sky and recognize its portent. They weren't around any more, having sought safety elsewhere.

    Does the trumpet make a sound when there is no one around to hear it?
     
  10. still_longhorn

    still_longhorn Registered Member

    Joined:
    Oct 3, 2004
    Posts:
    256
    Obviously there is no sound gal. Sound is perception and if there is no one around to perceive it, how can there be sound?

    Communication is perception as well, and if you cannot perceive what I was trying to tell you because of the disparities in our areas and levels of expertise (yours being civil law & mine being computer security) then there can never be communication because perception is communication. It has nothing to do with intelligence but all to do with levels of perception.

    The scenario you painted in your first thread was characterized by too many improbabilities (nay impossibilities) that it had to be poohpoohed away so as not to mislead people into believing in Santa Claus.

    This thread I posted is a credible security issue that can be verified as either true or plain garbage. One can argue till hell freezes over that the vulnerabilities do not exist. Never argue with a hypothesis gal. Test it! Admin can verify the presence of these Bug traqs. If they do not exist, nothing lost and Longhorn loses his hard earned credibility.

    The real question is: what if they do exist and the right script comes along? Do we stop meeting like this then?
     
  11. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    While we ponder the likely hood that the sky is falling....I would like to remind those that wish to continue this thread by posting....let's Please keep to the subject of the thread.

    How vulnerable is a site with open ports?
     
  12. True Orient

    True Orient Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    88
    I came here not to see the sky fall but to learn how to keep it from falling.
     
  13. still_longhorn

    still_longhorn Registered Member

    Joined:
    Oct 3, 2004
    Posts:
    256
    All it needs now is an appropriate script. Port 2082 should be the most convenient entry point since this is the Infowave port.... (seems like it but I'm not really sure until I look it up). Less talented hackers would opt for a frontal DoS attack to force a core dump and retrieve shadow passwords and other user info
     
  14. still_longhorn

    still_longhorn Registered Member

    Joined:
    Oct 3, 2004
    Posts:
    256
    Waddya think Tas?
     
  15. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,874
    Location:
    New England
    Since you cross posted this information in the General Topics thread, and I already replied there, this topic will now be closed for the same reason...

    We will not discuss this forum's security in public threads.
     
Loading...
Thread Status:
Not open for further replies.