Ceh PDF

Report Date: 2019-08-06
Attestation of Scan Compliance

A.1 Scan Customer Information A.2 Approved Scanning Vendor Information
Company: JS Int-B Roles 08052019 Company: Trustwave Holdings, Inc.
Contact Name: Jim PCIScan Job Title: Contact Name: Trustwave Support Job Title:
Telephone: E-mail: jsintbroles08052019@tw.com Telephone: 1-800-363-1621 E-mail: support@trustwave.com

Business Address: Business Address: 70 West Madison St., Ste 600
City: State/Province: City: Chicago State/Province: IL
ZIP/Postal Code: Country: ZIP/Postal Code: 60602.0 Country: US

Website / URL: Website / URL: www.trustwave.com
A.3 Scan Status
Date scan completed: 2019-08-05 Scan expiration date (90 days from date scan completed): N/A
Compliance status: Fail Scan report type: Full Scan
Number of unique in-scope components scanned: 4
Number of identified failing vulnerabilities: 170
Number of components found by ASV but not scanned because 13
scan customer confirmed they were out of scope:
A.4 Scan Customer Attestation Test A.5 ASV Attestation

JS Int-B Roles 08052019 attests on 2019-08-05 that this scan (either by itself or combined with multiple, This scan and report was prepared and conducted by Trustwave under certificate number 3702-01-13 (2018),
partial, or failed scans/rescans, as indicated in the above Section A.3, "Scan Status") includes all components 3702-01-12 (2017), 3702-01-11 (2016), 3702-01-10 (2015), 3702-01-09 (2014), 3702-01-08 (2013), 3702-01-
which should be in scope for PCI DSS, any component considered out of scope for this scan is properly 07 (2012), 3702-01-06 (2011), 3702-01-05 (2010), according to internal processes that meet PCI DSS
segmented from my cardholder data environment, and any evidence submitted to the ASV to resolve scan Requirement 11.2.2 and the ASV Program Guide.
exceptions-including compensating controls if applicable-is accurate and complete. JS Int-B Roles 08052019
also acknowledges 1) accurate and complete scoping of this external scan is my responsibility, and 2) this Trustwave attests that the PCI DSS scan process was followed, including a manual or automated Quality
scan result only indicates whether or not my scanned systems are compliant with the external vulnerability Assurance process with customer boarding and scoping practices, review of results for anomalies, and review
scan requirement of PCI DSS; this scan result does not represent my overall compliance status with PCI DSS and correction of 1) disputed or incomplete results, 2) false positives, 3) compensating controls (if applicable),
or provide any indication of compliance with other PCI DSS requirements. and 4) active scan interference. This report and any exceptions were reviewed by the Trustwave Quality
Assurance Process.
Signature Printed Name
Title Date
Confidential Information: This document may contain information that is privileged, confidential or otherwise protected from disclosure. Copyright © 2019 Trustwave Holdings, Inc., All rights reserved.
Dissemination, distribution or copying of this document or the information herein is prohibited without prior permission of Trustwave and
Page 1 of 1637
JS Int-B Roles 08052019.
HIDDEN TEXT TO MARK THE BEGINNING OF THE TABLE OF CONTENTS
Vulnerability Scan Report: Table of Contents
Attestation of Scan Compliance 1
Part 1. Scan Information 1
Part 2. Component Compliance Summary 1
Part 3a. Vulnerabilities Noted for Each Component 1
ASV Scan Report Summary 4
Part 3b. Special Notes by Component 28
Part 3c. Special Notes - Full Text 29
Part 4a. Scope Submitted by Scan Customer for Discovery 30
Part 4b. Scan Customer Designated "In-Scope" Components (Scanned) 31
Part 4c. Scan Customer Designated "Out-of-Scope" Components (Not Scanned) 31
ASV Scan Report Vulnerability Details 34
Part 1. Scan Information 34
Part 2. Vulnerability Details 34
agent-av-mirror-inc.tw-test.net (MV PCI1) 34
crackme.cenzic.com (MV PCI2) 35
crackme.trustwave.com (MV PCI3) 40
crackmebank.campbell.devlab (MV PCI4) 44
cyclone.ciphertechs.com 45
demo.testfire.net (Jen's PCI Test) 46
google-gruyere.appspot.com (MV PCI6) 812
Page 2 of 1637
Vulnerability Scan Report: Table of Contents
hackazon.webscantest.com (MV PCI7) 826
hackxor.sourceforge.net (MV PCI7) 1584
ioc-signatures-inc.tw-test.net (MV PCI8) 1605
jarlsberg.appspot.com (MV PCI9) 1606
pentesteracademylab.appspot.com (MV PCI10) 1621
port-app-dv1-01.tw-test.net (MV PCI11) 1634
port-evm-dv1-03.tw-test.net 1637
Page 3 of 1637
ASV Scan Report Summary
Part 1. Scan Information
Scan Customer Company JS Int-B Roles 08052019 ASV Company Trustwave Holdings, Inc.
Date Scan Completed 2019-08-05 Scan Expiration Date N/A
Part 2. Component Compliance Summary
Component (IP Address, domain, etc): agent-av-mirror-inc.tw-test.net (MV PCI1) Pass

Component (IP Address, domain, etc): crackme.cenzic.com (MV PCI2) Pass
Component (IP Address, domain, etc): crackme.trustwave.com (MV PCI3) Pass
Component (IP Address, domain, etc): crackmebank.campbell.devlab (MV PCI4) Pass
Component (IP Address, domain, etc): cyclone.ciphertechs.com Fail
Component (IP Address, domain, etc): demo.testfire.net (Jen's PCI Test) Fail
Component (IP Address, domain, etc): google-gruyere.appspot.com (MV PCI6) Pass
Component (IP Address, domain, etc): hackazon.webscantest.com (MV PCI7) Pass
Component (IP Address, domain, etc): hackxor.sourceforge.net (MV PCI7) Pass
Component (IP Address, domain, etc): ioc-signatures-inc.tw-test.net (MV PCI8) Pass
Component (IP Address, domain, etc): jarlsberg.appspot.com (MV PCI9) Pass
Component (IP Address, domain, etc): pentesteracademylab.appspot.com (MV PCI10) Pass
Component (IP Address, domain, etc): port-app-dv1-01.tw-test.net (MV PCI11) Pass
Component (IP Address, domain, etc): port-evm-dv1-03.tw-test.net Fail
Part 3a. Vulnerabilities Noted for Each Component
Page 4 of 1637
Vulnerabilities Noted per Severity CVSS Compliance Exceptions, False Positives, or Compensating Controls (Noted by
# Component
Component Level Score Status the ASV for this vulnerability)
Note to scan customer:
1 agent-av-mirror- Host Detected Info 0.0 Out of Scope
This vulnerability is not recognized in the National Vulnerability
inc.tw-test.net
Database.
(MV PCI1)

2 agent-av-mirror- Hostname Resolved Info 0.0 Out of Scope
inc.tw-test.net
Database.
(MV PCI1)
Consolidated Solution/Correction Plan for the above Component:

3 crackme.cenzic.co System Responds to SYN+FIN Low 0.0 Pass
m TCP Packets
Database.
(MV PCI2)

4 crackme.cenzic.co Host Detected Info 0.0 Pass
m
Database.
(MV PCI2)

5 crackme.cenzic.co Hostname Resolved Info 0.0 Pass
m
Database.
(MV PCI2)
6 crackme.cenzic.co NTP Service Not Synchronized Info 0.0 Pass

m
(MV PCI2)
7 crackme.cenzic.co Unknown services found Info 0.0 Pass

m
(MV PCI2)
Page 5 of 1637
# Component
8 crackme.cenzic.co Service Detected Info 0.0 Pass
m
Database.
(MV PCI2)
• Restrict access to any files, applications, and/or network services for which there is no business requirement to be publicly accessible.

9 crackme.trustwav System Responds to SYN+FIN Low 0.0 Out of Scope
e.com TCP Packets
Database.
(MV PCI3)
10 crackme.trustwav NTP Service Not Synchronized Info 0.0 Out of Scope

e.com
(MV PCI3)
11 crackme.trustwav Host Detected Info 0.0 Out of Scope
e.com
Database.
(MV PCI3)
12 crackme.trustwav Unknown services found Info 0.0 Out of Scope

e.com
(MV PCI3)
13 crackme.trustwav Hostname Resolved Info 0.0 Out of Scope
e.com
Database.
(MV PCI3)

14 crackme.trustwav Service Detected Info 0.0 Out of Scope
e.com
Database.
(MV PCI3)
Page 6 of 1637
# Component

15 crackmebank.cam Host Detected Info 0.0 Out of Scope
pbell.devlab
Database.
(MV PCI4)

16 crackmebank.cam Hostname Resolved Info 0.0 Out of Scope
pbell.devlab
Database.
(MV PCI4)

17 cyclone.ciphertec Hostname could not be Low 0.0 Fail
hs.com Resolved
Database. Host not responsive.
• Verify your Scan Setup for correct IP Address and Domain Name information. Configure your network to allow access from Trustwave scanners.

18 demo.testfire.net TLSv1.0 Supported High 10.0 Fail
(Jen's PCI Test)
Database. TLS v1.0 violates PCI DSS and is considered an automatic
failing condition.

19 demo.testfire.net SQL Injection Vulnerability High 7.5 Fail
A SQL injection vulnerability violates PCI DSS and is considered an
(Jen's PCI Test)
automatic failing condition. This vulnerability is not recognized in the
National Vulnerability Database.
Page 7 of 1637
# Component

20 demo.testfire.net Unencrypted Password Form Medium 6.1 Fail
(Jen's PCI Test)
Database. Unencrypted communication channels violate
Requirement 4 of the PCI DSS.

21 demo.testfire.net Insecure transmission of Medium 6.1 Fail
(Jen's PCI Test) credentials

22 demo.testfire.net Information leakage via HTML or Medium 5.0 Fail
(Jen's PCI Test) JavaScript comments
Database.

23 demo.testfire.net Web Page Transmits Login Medium 4.6 Fail
(Jen's PCI Test) Credentials Without Encryption

24 demo.testfire.net Cross-Site Scripting Medium 4.3 Fail
A cross-site scripting vulnerability violates PCI DSS and is considered
(Jen's PCI Test)
an automatic failing condition. This vulnerability is not recognized in
the National Vulnerability Database.

25 demo.testfire.net Insecure configuration of Cookie Medium 4.3 Fail
(Jen's PCI Test) attributes
Database.
Page 8 of 1637
# Component
26 demo.testfire.net SSLv2, SSLv3 and TLS v1.0 Medium 4.3 Fail

(Jen's PCI Test) Vulnerable to CBC Attacks via
chosen-plaintext (BEAST), CVE-
2011-3389
27 demo.testfire.net No Clickjacking Protection Low 2.6 Pass
(Jen's PCI Test) present
Database.

28 demo.testfire.net Absence of caching directives Low 2.1 Pass
(Jen's PCI Test) for pages having forms
Database.

29 demo.testfire.net Auto-Completion Enabled for Low 1.2 Pass
(Jen's PCI Test) Password Fields
Database.
30 demo.testfire.net HTTP Responses Missing Info 0.0 Pass

(Jen's PCI Test) Character Encoding
31 demo.testfire.net Insufficient or No use of Strict Info 0.0 Pass
(Jen's PCI Test) Transport Security header
Database.

32 demo.testfire.net Hostname Resolved Info 0.0 Pass
(Jen's PCI Test)
Database.

33 demo.testfire.net Website Location Detected Info 0.0 Pass
(Jen's PCI Test)
Database.
Page 9 of 1637
# Component
34 demo.testfire.net Insecure or no Content-Security- Info 0.0 Pass
(Jen's PCI Test) Policy header
Database.
35 demo.testfire.net Discovered HTTP Methods Info 0.0 Pass

(Jen's PCI Test)
36 demo.testfire.net Website Detected Info 0.0 Pass
(Jen's PCI Test)
Database.

37 demo.testfire.net Embedded links or code from Info 0.0 Pass
(Jen's PCI Test) out-of-scope domains
Database.

38 demo.testfire.net Service Detected Info 0.0 Pass
(Jen's PCI Test)
Database.
39 demo.testfire.net Enumerated SSL/TLS Cipher Info 0.0 Pass

(Jen's PCI Test) Suites
40 demo.testfire.net Enumerated Hostnames Info 0.0 Pass

(Jen's PCI Test)
41 demo.testfire.net Enumerated Applications Info 0.0 Pass
(Jen's PCI Test)
Database.

42 demo.testfire.net SSL-TLS Certificate Information Info 0.0 Pass
(Jen's PCI Test)
Database.
Page 10 of 1637
# Component
43 demo.testfire.net SSL Perfect Forward Secrecy Info 0.0 Pass

(Jen's PCI Test) Supported
44 demo.testfire.net Host Detected Info 0.0 Pass
(Jen's PCI Test)
Database.
45 demo.testfire.net Discovered Web Directories Info 0.0 Pass

(Jen's PCI Test)
• Ensure that all applications and services running on this host are configured to appropriately restrict access to sensitive information. This includes account
information and configuration settings.
• Configure the SSL service(s) running on this host to adhere to information security best practices.
• Ensure that any web applications running on this host properly validate and transmit user input in a secure manner.
• Configure the HTTP service(s) running on this host to adhere to information security best practices.
• Ensure that any web applications running on this host is configured following industry security best practices.

46 google- TLSv1.0 Supported High 10.0 Out of Scope
gruyere.appspot.c
om
failing condition.
(MV PCI6)
47 google- Block cipher algorithms with Medium 5.0 Out of Scope

gruyere.appspot.c block size of 64 bits (like DES
om and 3DES) birthday attack
(MV PCI6) known as Sweet32, CVE-2016-
2183
Page 11 of 1637
# Component
48 google- SSLv2, SSLv3 and TLS v1.0 Medium 4.3 Out of Scope
gruyere.appspot.c Vulnerable to CBC Attacks via
om chosen-plaintext (BEAST), CVE-
(MV PCI6) 2011-3389
49 google- System Responds to SYN+FIN Low 0.0 Out of Scope
gruyere.appspot.c TCP Packets
Database.
om
(MV PCI6)
50 google- Enumerated Hostnames Info 0.0 Out of Scope

gruyere.appspot.c
om
51 google- Hostname Resolved Info 0.0 Out of Scope
gruyere.appspot.c
Database.
om
(MV PCI6)
52 google- Wildcard SSL Certificate Info 0.0 Out of Scope

gruyere.appspot.c Detected
om
53 google- Service Detected Info 0.0 Out of Scope
gruyere.appspot.c
Database.
om
(MV PCI6)
54 google- Host Detected Info 0.0 Out of Scope
gruyere.appspot.c
Database.
om
(MV PCI6)
55 google- Enumerated SSL/TLS Cipher Info 0.0 Out of Scope

gruyere.appspot.c Suites
om
Page 12 of 1637
# Component
56 google- SSL Certificate Expiring Soon Info 0.0 Out of Scope

gruyere.appspot.c
om
57 google- SSL-TLS Certificate Information Info 0.0 Out of Scope
gruyere.appspot.c
Database.
om
(MV PCI6)

58 hackazon.websca SQL Injection Vulnerability High 7.5 Out of Scope
A SQL injection vulnerability violates PCI DSS and is considered an
ntest.com
automatic failing condition. This vulnerability is not recognized in the
(MV PCI7)
National Vulnerability Database.
59 hackazon.websca Apache HTTP Server Multiple High 7.5 Out of Scope

ntest.com Vulnerabilities 2.2.x Through
(MV PCI7) 2.2.34 and 2.4.x prior to 2.4.26,
CVE-2017-9788 CVE-2017-7679
CVE-2017-7668 CVE-2017-3169
CVE-2017-3167
60 hackazon.websca HTTPoxy Vulnerability, CVE- Medium 6.8 Out of Scope

ntest.com 2016-5387 CVE-2016-5388 CVE-
(MV PCI7) 2016-5386 CVE-2016-5385
61 hackazon.websca Apache HTTP Server FilesMatch Medium 6.8 Out of Scope

ntest.com Directive Improper Input
(MV PCI7) Validation Vulnerability, CVE-
2017-15715
Page 13 of 1637
# Component
62 hackazon.websca Apache HTTP Server Medium 6.8 Out of Scope

ntest.com mod_auth_digest Weak Digest
(MV PCI7) Auth Nonce Generation
Vulnerability, CVE-2018-1312
63 hackazon.websca Open Redirect Vulnerability Medium 6.4 Out of Scope
ntest.com
Database.
(MV PCI7)

ntest.com mod_auth_digest Uninitialized
(MV PCI7) Memory Reflection Vulnerability,
CVE-2017-9788
65 hackazon.websca Insecure transmission of Medium 6.1 Out of Scope
ntest.com credentials
(MV PCI7)

66 hackazon.websca Unencrypted Password Form Medium 6.1 Out of Scope
ntest.com
(MV PCI7)

ntest.com mod_auth_digest Access Control
(MV PCI7) Bypass Vulnerability, CVE-2019-
0217
This vulnerability is purely a denial-of-service vulnerability and it is
ntest.com mod_cache_socache out of
not considered a failing condition under the PCI DSS.
(MV PCI7) Bound Read Vulnerability, CVE-
2018-1303
Page 14 of 1637
# Component

ntest.com mod_session_crypto Padding
(MV PCI7) Oracle Attack Vulnerability, CVE-
2016-0736
NVD CVSS Score: 5.0
ntest.com mod_authnz_ldap Out-of-Bound
(MV PCI7) Write Vulnerability, CVE-2017-
15710

ntest.com mod_session_cookie Session
(MV PCI7) Expiry Time Vulnerability, CVE-
2018-17199
72 hackazon.websca Information Disclosure through Medium 5.0 Out of Scope
ntest.com Application Exception
Database. Information leakage through detailed application error
(MV PCI7)
messages violates PCI DSS and is considered an automatic failing
condition.
73 hackazon.websca Apache HTTP Server Request Medium 5.0 Out of Scope

ntest.com Smuggling Vulnerability via
(MV PCI7) Invalid Chunk-Extension
Characters, CVE-2015-3183
74 hackazon.websca Apache HTTP Server URL Medium 5.0 Out of Scope

ntest.com Normalization Vulnerability,
(MV PCI7) CVE-2019-0220
75 hackazon.websca Apache HTTP Server through Medium 5.0 Out of Scope
ntest.com 2.4.12 allows remote attackers
(MV PCI7) to cause a denial of service,
CVE-2015-0228
Page 15 of 1637
# Component
76 hackazon.websca Apache HTTP Server before Medium 5.0 Out of Scope
ntest.com 2.4.11 allows remote attackers
(MV PCI7) to cause a denial of service via
null pointer, CVE-2014-3581
77 hackazon.websca Apache HTTP Server Multiple Medium 5.0 Out of Scope

ntest.com Vulnerabilities 2.4.x Through
(MV PCI7) 2.4.23, CVE-2016-2161 CVE-
2016-0736
78 hackazon.websca Apache HTTP Allows Remote Medium 5.0 Out of Scope

ntest.com Attackers to Read Privileged
(MV PCI7) Memory, CVE-2017-9798
79 hackazon.websca Non-HttpOnly Session Cookies Medium 5.0 Out of Scope
ntest.com Identified
Database.
(MV PCI7)
80 hackazon.websca Apache HTTP Whitespace Char Medium 5.0 Out of Scope

ntest.com Injection Vulnerability, CVE-
(MV PCI7) 2016-8743
81 hackazon.websca Apache HTTP Server mod_dav Medium 5.0 Out of Scope
ntest.com Denial of Service Vulnerability
(MV PCI7) via a Crafted DAV WRITE
Request, CVE-2013-6438
ntest.com mod_log_config Denial of
(MV PCI7) Service Vulnerability, CVE-2014-
0098
83 hackazon.websca Non-Secure Session Cookies Medium 5.0 Out of Scope
ntest.com Identified
Database.
(MV PCI7)
Page 16 of 1637
# Component

84 hackazon.websca Information leakage via HTML or Medium 5.0 Out of Scope
ntest.com JavaScript comments
Database.
(MV PCI7)

85 hackazon.websca Web Page Transmits Login Medium 4.6 Out of Scope
ntest.com Credentials Without Encryption
(MV PCI7)

86 hackazon.websca Apache HTTP Server out of Medium 4.3 Out of Scope
ntest.com Bound Access Vulnerability,
(MV PCI7) CVE-2018-1301
87 hackazon.websca Apache HTTP Server mod_lua Medium 4.3 Out of Scope

ntest.com module access restriction
(MV PCI7) bypass, CVE-2014-8109
ntest.com mod_deflate Denial of Service
(MV PCI7) Vulnerability, CVE-2014-0118

89 hackazon.websca Cross-Site Scripting Medium 4.3 Out of Scope
ntest.com
an automatic failing condition. This vulnerability is not recognized in
(MV PCI7)
the National Vulnerability Database.
90 hackazon.websca Apache HTTP Server Bypass Medium 4.3 Out of Scope

ntest.com Access Restriction Vulnerability
(MV PCI7) via Require Directive, CVE-2015-
Page 17 of 1637
# Component
3185
91 hackazon.websca Insecure configuration of Cookie Medium 4.3 Out of Scope
ntest.com attributes
Database.
(MV PCI7)

92 hackazon.websca jQuery Cross-Domain Medium 4.3 Out of Scope
ntest.com Asynchronous JavaScript and
an automatic failing condition.
(MV PCI7) Extensible Markup Language
Request Cross-site Scripting
Vulnerability, CVE-2015-9251

ntest.com mod_userdir CRLF injection
94 hackazon.websca Apache HTTP Server Low 3.5 Out of Scope

ntest.com mod_session Tampering
95 hackazon.websca No Clickjacking Protection Low 2.6 Out of Scope
ntest.com present
Database.
(MV PCI7)

96 hackazon.websca Auto-Completion Enabled for Low 1.2 Out of Scope
ntest.com Password Fields
Database.
(MV PCI7)

97 hackazon.websca System Responds to SYN+FIN Low 0.0 Out of Scope
ntest.com TCP Packets
Database.
(MV PCI7)
Page 18 of 1637
# Component
98 hackazon.websca Web Application Potentially Info 0.0 Out of Scope

ntest.com Sensitive CGI Parameter
(MV PCI7) Detection
99 hackazon.websca Discovered Web Applications Info 0.0 Out of Scope

ntest.com
(MV PCI7)
100 hackazon.websca Operating System Potentially Info 0.0 Out of Scope

ntest.com Determined via Apache
(MV PCI7) Requests
101 hackazon.websca Discovered Web Directories Info 0.0 Out of Scope

ntest.com
(MV PCI7)
102 hackazon.websca SSL Perfect Forward Secrecy Info 0.0 Out of Scope
ntest.com Supported
(MV PCI7)
103 hackazon.websca Enumerated Applications Info 0.0 Out of Scope
ntest.com
Database.
(MV PCI7)

104 hackazon.websca SSL-TLS Certificate Information Info 0.0 Out of Scope
ntest.com
Database.
(MV PCI7)

105 hackazon.websca jQuery Script Detection Info 0.0 Out of Scope
ntest.com
Database.
(MV PCI7)

106 hackazon. Website Location Detected Info 0.0 Out of Scope
Page 19 of 1637
# Component
Database.
webscantest.com
(MV PCI7)
107 hackazon.websca Discovered HTTP Methods Info 0.0 Out of Scope

ntest.com
(MV PCI7)
108 hackazon.websca Host Detected Info 0.0 Out of Scope
ntest.com
Database.
(MV PCI7)
109 hackazon.websca HTTP Responses Missing Info 0.0 Out of Scope

ntest.com Character Encoding
(MV PCI7)
110 hackazon.websca Enumerated SSL/TLS Cipher Info 0.0 Out of Scope

ntest.com Suites
(MV PCI7)
111 hackazon.websca Adobe Flash crossdomain.xml Info 0.0 Out of Scope
ntest.com Found
Database.
(MV PCI7)

112 hackazon.websca Service Detected Info 0.0 Out of Scope
ntest.com
Database.
(MV PCI7)

113 hackazon.websca Insecure or no Content-Security- Info 0.0 Out of Scope
ntest.com Policy header
Database.
(MV PCI7)

114 hackazon. Hostname Resolved Info 0.0 Out of Scope
Page 20 of 1637
# Component
Database.
webscantest.com
(MV PCI7)
115 hackazon.websca Insufficient or No use of Strict Info 0.0 Out of Scope
ntest.com Transport Security header
Database.
(MV PCI7)

116 hackazon.websca Website Detected Info 0.0 Out of Scope
ntest.com
Database.
(MV PCI7)
117 hackazon.websca Enumerated Hostnames Info 0.0 Out of Scope

ntest.com
(MV PCI7)
• Upgrade and/or install security updates for Apache HTTP Server.
• Ensure that any web applications running on this host properly validate and transmit user input in a secure manner.
• Ensure that all applications and services running on this host are configured to appropriately restrict access to sensitive information. This includes account
information and configuration settings.
• Upgrade and/or install security updates for jQuery.

118 hackxor.sourcefor Unsupported version of Nginx High 10.0 Out of Scope
ge.net Detected
Database. An unsupported version of software will no longer receive
(MV PCI7)
patches/updates, and for this reason, Trustwave has set the CVSSv2
base score to 10 and the CVSSv2 vector to
AV:N/AC:L/Au:N/C:C/I:C/A:C.
Page 21 of 1637
# Component

119 hackxor.sourcefor Insecure HTTP Methods Enabled Medium 5.8 Out of Scope
ge.net
Database. Information leakage through enabled insecure HTTP
(MV PCI7)
methods violates PCI DSS and is considered an automatic failing
condition.
120 hackxor.sourcefor Nginx ngx_http_mp4_module Medium 5.8 Out of Scope

ge.net Information Disclosure
121 hackxor.sourcefor No Clickjacking Protection Low 2.6 Out of Scope
ge.net present
Database.
(MV PCI7)

122 hackxor.sourcefor Indexable Web Directories Low 2.6 Out of Scope
ge.net
Database.
(MV PCI7)

123 hackxor.sourcefor System Responds to SYN+FIN Low 0.0 Out of Scope
ge.net TCP Packets
Database.
(MV PCI7)
124 hackxor.sourcefor HTTP Responses Missing Info 0.0 Out of Scope

ge.net Character Encoding
(MV PCI7)
125 hackxor.sourcefor Hostname Resolved Info 0.0 Out of Scope
ge.net
Database.
(MV PCI7)
Page 22 of 1637
# Component
126 hackxor.sourcefor Service Detected Info 0.0 Out of Scope
ge.net
Database.
(MV PCI7)

127 hackxor.sourcefor Website Location Detected Info 0.0 Out of Scope
ge.net
Database.
(MV PCI7)

128 hackxor.sourcefor Enumerated Applications Info 0.0 Out of Scope
ge.net
Database.
(MV PCI7)

129 hackxor.sourcefor Website Detected Info 0.0 Out of Scope
ge.net
Database.
(MV PCI7)
130 hackxor.sourcefor Discovered HTTP Methods Info 0.0 Out of Scope

ge.net
(MV PCI7)
131 hackxor.sourcefor Website Not Detected Info 0.0 Out of Scope
ge.net
(MV PCI7)
132 hackxor.sourcefor Discovered Web Directories Info 0.0 Out of Scope

ge.net
(MV PCI7)
133 hackxor.sourcefor Insecure or no Content-Security- Info 0.0 Out of Scope
ge.net Policy header
Database.
(MV PCI7)
Page 23 of 1637
# Component
134 hackxor.sourcefor Host Detected Info 0.0 Out of Scope
ge.net
Database.
(MV PCI7)
• The version of Nginx is out of support by the vendor. Update to a supported version.
• Upgrade and/or install security updates for Nginx.

135 ioc-signatures- Host Detected Info 0.0 Pass
inc.tw-test.net
Database.
(MV PCI8)

136 ioc-signatures- Hostname Resolved Info 0.0 Pass
inc.tw-test.net
Database.
(MV PCI8)

137 jarlsberg.appspot. TLSv1.0 Supported High 10.0 Out of Scope
com
(MV PCI9)
failing condition.
Page 24 of 1637
# Component
138 jarlsberg.appspot. Block cipher algorithms with Medium 5.0 Out of Scope
com block size of 64 bits (like DES
(MV PCI9) and 3DES) birthday attack
known as Sweet32, CVE-2016-
2183
139 jarlsberg.appspot. SSLv2, SSLv3 and TLS v1.0 Medium 4.3 Out of Scope
com Vulnerable to CBC Attacks via
(MV PCI9) chosen-plaintext (BEAST), CVE-
2011-3389
140 jarlsberg.appspot. System Responds to SYN+FIN Low 0.0 Out of Scope
com TCP Packets
Database.
(MV PCI9)

141 jarlsberg.appspot. Host Detected Info 0.0 Out of Scope
com
Database.
(MV PCI9)
142 jarlsberg.appspot. Enumerated SSL/TLS Cipher Info 0.0 Out of Scope

com Suites
(MV PCI9)
143 jarlsberg.appspot. Enumerated Hostnames Info 0.0 Out of Scope

com
(MV PCI9)
144 jarlsberg.appspot. Hostname Resolved Info 0.0 Out of Scope
com
Database.
(MV PCI9)

145 jarlsberg.appspot. Service Detected Info 0.0 Out of Scope
com
Database.
Page 25 of 1637
# Component
(MV PCI9)
146 jarlsberg.appspot. Wildcard SSL Certificate Info 0.0 Out of Scope

com Detected
(MV PCI9)
147 jarlsberg.appspot. SSL-TLS Certificate Information Info 0.0 Out of Scope
com
Database.
(MV PCI9)
148 jarlsberg.appspot. SSL Certificate Expiring Soon Info 0.0 Out of Scope
com
(MV PCI9)

149 pentesteracadem TLSv1.0 Supported High 10.0 Out of Scope
ylab.appspot.com
(MV PCI10)
failing condition.
150 pentesteracadem Block cipher algorithms with Medium 5.0 Out of Scope
ylab.appspot.com block size of 64 bits (like DES
(MV PCI10) and 3DES) birthday attack
known as Sweet32, CVE-2016-
2183
151 pentesteracadem SSLv2, SSLv3 and TLS v1.0 Medium 4.3 Out of Scope
ylab.appspot.com Vulnerable to CBC Attacks via
(MV PCI10) chosen-plaintext (BEAST), CVE-
2011-3389
Page 26 of 1637
# Component
152 pentesteracadem Enumerated Hostnames Info 0.0 Out of Scope

ylab.appspot.com
(MV PCI10)
153 pentesteracadem Enumerated SSL/TLS Cipher Info 0.0 Out of Scope

ylab.appspot.com Suites
(MV PCI10)
154 pentesteracadem Wildcard SSL Certificate Info 0.0 Out of Scope

ylab.appspot.com Detected
(MV PCI10)
155 pentesteracadem Service Detected Info 0.0 Out of Scope
ylab.appspot.com
Database.
(MV PCI10)

156 pentesteracadem Hostname Resolved Info 0.0 Out of Scope
ylab.appspot.com
Database.
(MV PCI10)

157 pentesteracadem Host Detected Info 0.0 Out of Scope
ylab.appspot.com
Database.
(MV PCI10)
158 pentesteracadem SSL Certificate Expiring Soon Info 0.0 Out of Scope
ylab.appspot.com
(MV PCI10)
159 pentesteracadem SSL-TLS Certificate Information Info 0.0 Out of Scope
ylab.appspot.com
Database.
(MV PCI10)
Page 27 of 1637
# Component

160 port-app-dv1- Hostname Resolved Info 0.0 Pass
01.tw-test.net
Database.
(MV PCI11)

161 port-app-dv1- Host Detected Info 0.0 Pass
01.tw-test.net
Database.
(MV PCI11)

162 port-app-dv1- Hostname Resolved Info 0.0 Out of Scope
02.tw-test.net
Database.
(MV PCI12)

163 port-app-dv1- Host Detected Info 0.0 Out of Scope
02.tw-test.net
Database.
(MV PCI12)

164 port-app-dv2- Hostname could not be Low 0.0 Out of Scope
02.tw-test.net Resolved
(MV PCI13)
Page 28 of 1637
# Component

165 port-evm-dv1- Hostname could not be Low 0.0 Fail
03.tw-test.net Resolved
Part 3b. Special Notes by Component
Scan customer's description of action taken and declaration that

# Component Special Note Item Noted
software is either implemented securely or removed
1 crackme.cenzic.c Unknown services

om
(MV PCI2)
2 crackme.trustwa Unknown services

ve.com
(MV PCI3)
3 demo.testfire.net Embedded links or code from out-of-scope tcp/443 https

(Jen's PCI Test) domains

5 demo.testfire.net Embedded links or code from out-of-scope tcp/80 http

Page 29 of 1637
Scan customer's description of action taken and declaration that

# Component Special Note Item Noted
software is either implemented securely or removed





11 hackxor.sourcefo Directory Browsing Enabled tcp/80 http

rge.net (nginx:nginx)
(MV PCI7)
12 hackxor.sourcefo Directory Browsing Enabled tcp/80 http

rge.net (nginx:nginx)
(MV PCI7)
Part 3c. Special Notes - Full Text
Note
Directory Browsing Enabled

Note to scan customer: Browsing of directories on web servers can lead to information disclosure or potential exploit. Due to increased risk to the cardholder data
environment, please 1) justify the business need for this configuration to the ASV, or 2) confirm that it is disabled. Please consult your ASV if you have questions about this
Special Note.
Embedded links or code from out-of-scope domains
Note to scan customer: Due to increased risk to the cardholder data environment when embedded links redirect traffic to domains outside the merchant’s CDE scope, 1)
Page 30 of 1637
Note
confirm that this code is obtained from a trusted source, that the embedded links redirect to a trusted source, and that the code is implemented securely, or 2) confirm that
the code has been removed. Consult your ASV if you have questions about this Special Note.
Unknown services
Note to scan customer: Unidentified services have been detected. Due to increased risk to the cardholder data environment, identify the service, then either 1) justify the
business need for this service and confirm it is securely implemented, or 2) identify the service and confirm that it is disabled. Consult your ASV if you have questions about
this Special Note.
Part 4a. Scope Submitted by Scan Customer for Discovery
IP Address/ranges/subnets, domains, URLs, etc.
IP Address: 10.70.244.2 (port-app-dv1-01.tw-test.net)
IP Address: 10.70.244.28 (agent-av-mirror-inc.tw-test.net)
IP Address: 10.70.244.29 (ioc-signatures-inc.tw-test.net)
IP Address: 10.70.244.3 (port-app-dv1-02.tw-test.net)
IP Address: 10.76.128.61 (crackmebank.campbell.devlab)
IP Address: 172.217.0.20 (google-gruyere.appspot.com)
IP Address: 172.217.4.52 (pentesteracademylab.appspot.com)
IP Address: 204.13.201.47 (crackme.trustwave.com)
IP Address: 204.13.201.47 (crackme.cenzic.com)
IP Address: 216.105.38.10 (hackxor.sourceforge.net)
IP Address: 216.58.192.244 (jarlsberg.appspot.com)
IP Address: 2607:f8b0:4009:804:0:0:0:2014 (pentesteracademylab.appspot.com)
Page 31 of 1637
IP Address: 2607:f8b0:4009:80f:0:0:0:2014 (jarlsberg.appspot.com)
IP Address: 2607:f8b0:4009:813:0:0:0:2014 (google-gruyere.appspot.com)
IP Address: 65.61.137.117 (demo.testfire.net)
IP Address: 69.164.223.171 (hackazon.webscantest.com)
Part 4b. Scan Customer Designated "In-Scope" Components (Scanned)
crackme.cenzic.com / MV PCI2
demo.testfire.net / Jen's PCI Test
ioc-signatures-inc.tw-test.net / MV PCI8
port-app-dv1-01.tw-test.net / MV PCI11
Part 4c. Scan Customer Designated "Out-of-Scope" Components (Not Scanned)
agent-av-mirror-inc.tw-test.net (MV PCI1) -- Scan customer attests that target or targets are out-of-scope and do not need to be scanned for PCI.
crackme.trustwave.com (MV PCI3) -- Scan customer attests that target or targets are out-of-scope and do not need to be scanned for PCI.
crackmebank.campbell.devlab (MV PCI4) -- Scan customer attests that target or targets are out-of-scope and do not need to be scanned for PCI.
cyclone.ciphertechs.com -- These hosts were not visible and the scanner was unable to decide on the overall security of the environment per PCI ASV requirements.
google-gruyere.appspot.com (MV PCI6) -- Scan customer attests that target or targets are out-of-scope and do not need to be scanned for PCI.
Page 32 of 1637
hackazon.webscantest.com (MV PCI7) -- Scan customer attests that target or targets are out-of-scope and do not need to be scanned for PCI.
hackxor.sourceforge.net (MV PCI7) -- Scan customer attests that target or targets are out-of-scope and do not need to be scanned for PCI.
jarlsberg.appspot.com (MV PCI9) -- Scan customer attests that target or targets are out-of-scope and do not need to be scanned for PCI.
pentesteracademylab.appspot.com (MV PCI10) -- Scan customer attests that target or targets are out-of-scope and do not need to be scanned for PCI.
port-app-dv1-02.tw-test.net (MV PCI12) -- Scan customer attests that target or targets are out-of-scope and do not need to be scanned for PCI.
port-app-dv2-02.tw-test.net (MV PCI13) -- Scan customer attests that target or targets are out-of-scope and do not need to be scanned for PCI.
port-evm-dv1-03.tw-test.net -- These hosts were not visible and the scanner was unable to decide on the overall security of the environment per PCI ASV requirements.
port-rly-dv3-01.tw-test.net (MV PCI15) -- Scan customer attests that target or targets are out-of-scope and do not need to be scanned for PCI.
Page 33 of 1637
ASV Scan Report Vulnerability Details
Part 1. Scan Information
Scan Customer Company JS Int-B Roles 08052019 ASV Company Trustwave Holdings, Inc.
Date Scan Completed 2019-08-05 Scan Expiration Date N/A
Part 2. Vulnerability Details
The following issues were identified during this scan. Please review all items and address all that items that affect compliance or the security of your system.
In the tables below you can find the following information about each TrustKeeper finding.
• CVE Number - The Common Vulnerabilities and Exposure number(s) for the detected vulnerability - an industry standard for cataloging vulnerabilities. A comprehensive
list of CVEs can be found at nvd.nist.gov or cve.mitre.org.
• Vulnerability - This describes the name of the finding, which usually includes the name of the application or operating system that is vulnerable.
• CVSS Score - The Common Vulnerability Scoring System is an open framework for communicating the characteristics and impacts of IT vulnerabilities. Further
information can be found at www.first.org/cvss or nvd.nist.gov/cvss.cfm.
• Severity - This identifies the risk of the vulnerability. It is closely associated with the CVSS score.
• Compliance Status - Findings that are PCI compliance violations are indicated with a Fail status. In order to pass a vulnerability scan, these findings must be addressed.
Most findings with a CVSS score of 4 or more, or a Severity of Medium or higher, will have a Fail status. Some exceptions exist, such as DoS vulnerabilities, which are
not included in PCI compliance.
• Details - TrustKeeper provides the port on which the vulnerability is detected, details about the vulnerability, links to available patches and other specific guidance on
actions you can take to address each vulnerability.
For more information on how to read this section and the scoring methodology used, please refer to the appendix.
agent-av-mirror-inc.tw-test.net (MV PCI1)

CVSS Compliance
# CVE Number Vulnerability Severity Details
Score Status
1 Host Detected 0.0 Info Pass This host responded to network probes.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:N
Page 34 of 1637
agent-av-mirror-inc.tw-test.net (MV PCI1)

CVSS Compliance
Score Status
Evidence:
hostname: agent-av-mirror-inc.tw-test.net
ip_address: 10.70.244.28
2 Hostname Resolved 0.0 Info Pass This hostname was resolved to one or more IP addresses using DNS
resolution.
Evidence:
hostname: agent-av-mirror-inc.tw-test.net
ip_address: 10.70.244.28
crackme.cenzic.com (MV PCI2)

CVSS Compliance
Score Status
1 System Responds to 0.0 Low Pass Port: tcp/443

SYN+FIN TCP Packets
This device responded to a TCP packet with both the SYN and FIN bits
set. Such packets do not occur in typical network traffic, but can be
used by attackers to bypass the security rules configured in non-
stateful firewalls and establish connections with protected hosts.
Reference:
http://www.kb.cert.org/vuls/id/464113
Page 35 of 1637

CVSS Compliance
Score Status
Remediation:
Verify that stateful inspection has been implemented on the network to
protect this host from out-of-state attacks. Confirm with your vendor
that there are no known rule-bypass concerns with this device, and
that the software revision is current. You may additionally wish to
create specific filtering rules designed to drop or reject packets with
certain combinations of bits set in initial synchronization packets such
as SYN/FIN, and SYN/RST. Do not use routable IP space internally,
except within your DMZ.

SYN+FIN TCP Packets
Reference:
Remediation:
Page 36 of 1637

CVSS Compliance
Score Status
3 Service Detected 0.0 Info Pass Port: udp/123
This service responded to network probes.
Service: ntp
Evidence:
application_protocol: ntp
ip_address: 204.13.201.47
port_number: 123
transport_protocol: udp
resolution.
Evidence:
hostname: crackme.cenzic.com
ip_address: 204.13.201.47
Evidence:
hostname: crackme.cenzic.com
ip_address: 204.13.201.47
Page 37 of 1637

CVSS Compliance
Score Status
6 Unknown services found 0.0 Info Pass The finding reports all ports and protocols that couldn't be remotely
identified. Particular items may indicate uncommon but safe protocols
or in-house application that uses custom and/or proprietary protocol.
However they can as well indicate malicious activity (backdoors,
rootkits, any other types of malware). This finding is purely
informational.
Evidence:
Unknown Service: transport protocol: tcp, port: 80, ssl: false, banner:
(N/A)
(N/A)
Remediation:
Review items mentioned in this finding one by one and ensure the
services are known and accounted for in your security plan.
Evidence:
cpe: cpe:/h:linksys:befw11s4
ip_address: 204.13.201.47
os_name: embedded
8 NTP Service Not 0.0 Info Pass Port: udp/123
Page 38 of 1637

CVSS Compliance
Score Status
Synchronized The NTP service on this server does not appear to be synchronized
based on it's Leap Indicator error status.
Service: ntp
Remediation:
Ensure the NTP server is properly synced with an authoritative time
source.
9 Service Detected 0.0 Info Pass Port: tcp/80

Evidence:
ip_address: 204.13.201.47
port_number: 80
transport_protocol: tcp

Evidence:
ip_address: 204.13.201.47
port_number: 443
Page 39 of 1637

CVSS Compliance
Score Status
crackme.trustwave.com (MV PCI3)

CVSS Compliance
Score Status

SYN+FIN TCP Packets
Reference:
Remediation:
Page 40 of 1637

CVSS Compliance
Score Status
SYN+FIN TCP Packets This device responded to a TCP packet with both the SYN and FIN bits
Reference:
Remediation:
Evidence:
cpe: cpe:/h:synology:rt1900ac
ip_address: 204.13.201.47
os_name: embedded
4 NTP Service Not 0.0 Info Pass Port: udp/123
Page 41 of 1637

CVSS Compliance
Score Status
Synchronized The NTP service on this server does not appear to be synchronized
based on it's Leap Indicator error status.
Service: ntp
Remediation:
Ensure the NTP server is properly synced with an authoritative time
source.

Evidence:
ip_address: 204.13.201.47
port_number: 443
6 Service Detected 0.0 Info Pass Port: udp/123
Service: ntp
Evidence:
application_protocol: ntp
Page 42 of 1637

CVSS Compliance
Score Status
ip_address: 204.13.201.47
port_number: 123
transport_protocol: udp

Evidence:
ip_address: 204.13.201.47
port_number: 80
Evidence:
hostname: crackme.trustwave.com
ip_address: 204.13.201.47
resolution.
Evidence:
hostname: crackme.trustwave.com
ip_address: 204.13.201.47
Page 43 of 1637

CVSS Compliance
Score Status
10 Unknown services found 0.0 Info Pass The finding reports all ports and protocols that couldn't be remotely
identified. Particular items may indicate uncommon but safe protocols
or in-house application that uses custom and/or proprietary protocol.
However they can as well indicate malicious activity (backdoors,
rootkits, any other types of malware). This finding is purely
informational.
Evidence:
(N/A)
(N/A)
Remediation:
Review items mentioned in this finding one by one and ensure the
services are known and accounted for in your security plan.
crackmebank.campbell.devlab (MV PCI4)

CVSS Compliance
Score Status
Evidence:
hostname: crackmebank.campbell.devlab
Page 44 of 1637
crackmebank.campbell.devlab (MV PCI4)

CVSS Compliance
Score Status
ip_address: 10.76.128.61
resolution.
Evidence:
hostname: crackmebank.campbell.devlab
ip_address: 10.76.128.61
cyclone.ciphertechs.com
CVSS Compliance
Score Status
1 Hostname could not be 0.0 Low Fail This hostname's IP address could not be resolved using DNS resolution.
Resolved
Reference:
https://www3.trustwave.com/support/kb/KnowledgebaseArticle20965.a
spx
Remediation:
Make sure you have correctly entered the fully qualified domain name
for the host you are trying to scan. Consider working with your ISP (or
your IT network manager, if this is an internal scan) to validate that
DNS is configured correctly.
Page 45 of 1637
cyclone.ciphertechs.com
CVSS Compliance
Score Status
demo.testfire.net (Jen's PCI Test)

CVSS Compliance
Score Status
1 TLSv1.0 Supported 10.0 High Fail Port: tcp/443
This service supports the use of the TLSv1.0 protocol. The TLSv1.0
protocol has known cryptographic weaknesses that can lead to the
compromise of sensitive data within an encrypted session. Additionally,
the PCI SSC and NIST have determined that the TLSv1.0 protocol no
longer meets the definition of strong cryptography.
CVSSv2: AV:N/AC:L/Au:N/C:C/I:C/A:C
Service: https
Application: apache:tomcat, apache:tomcat
Reference:
https://www.pcisecuritystandards.org/documents/Migrating_from_SSL_E
arly_TLS_Information%20Supplement_v1.pdf
https://www.pcisecuritystandards.org/pdfs/15_04_15%20PCI%20DSS%2
03%201%20Press%20Release.pdf
https://www.trustwave.com/Resources/SpiderLabs-Blog/Bring-Out-Your-
Dead--An-Update-on-the-PCI-relevance-of-
SSLv3/?page=1&year=0&month=0
https://www3.trustwave.com/support/vulnerabilitymanagement/tls/
Evidence:
Page 46 of 1637

CVSS Compliance
Score Status
Cipher Suite: TLSv1 : ECDHE-RSA-AES256-SHA
Cipher Suite: TLSv1 : DHE-RSA-AES256-SHA
Remediation:
The server should be configured to disable the use of the TLSv1.0
protocol in favor of cryptographically stronger protocols such as
TLSv1.1 and TLSv1.2. For services that already support TLSv1.1 or
TLSv1.2, simply disabling the use of the TLSv1.0 protocol on this
service is sufficient to address this finding. Please note the port
associated with this finding. This finding may NOT be originating from
port 443, which is what most online testing tools check by default.
NOTE: as of June 30th, 2018, Risk Mitigation & Migration plans were not
considered a PCI exception to this finding: the instance of SSLv3 must
be remediated properly.
Service: https
Reference:
https://www.pcisecuritystandards.
Page 47 of 1637

CVSS Compliance
Score Status
org/documents/Migrating_from_SSL_Early_TLS_Information%20Supplem
ent_v1.pdf
Evidence:
Remediation:
3 SQL Injection Vulnerability 7.5 High Fail URL: http://demo.testfire.net:8080/doLogin

Port: tcp/8080
A SQL injection vulnerability (SQLi) was identified in this web
Page 48 of 1637

CVSS Compliance
Score Status
application. SQL injection is when modified SQL syntax is supplied to a
user defined parameter to have it query the SQL database directly,
which is not the desired intent of the web application. A simple proof
of concept example of this would be for a user to supply "' or SELECT
DATABASES;--" to a user defined parameter and then upon submission,
a list of databases on the system would be supplied for the user
because the SQL query was interpreted directly on the SQL server
instance. SQL injection can be found in many different forms and
combinations so the full request and response that was used
demonstrate this vulnerability has been provided below as evidence.
All SQL Injection vulnerabilities are considered non-compliant by PCI.
CVSSv2: AV:N/AC:L/Au:N/C:P/I:P/A:P
Service: http
Reference:
https://www.owasp.org/index.php/Guide_to_SQL_Injection
https://www.owasp.org/index.php/SQL_Injection
Evidence:
DetectionDetails: Boolean based SQL vulnerability found
POST - http://demo.testfire.net:8080/doLogin - uid
False Injection: ' or 8=6 -- -
True Injection: ' or 8=8 -- -
True and false injections produced different responses
True Request: POST http://demo.testfire.net:8080/doLogin HTTP/1.1
Origin: http://demo.testfire.net:8080
Upgrade-Insecure-Requests: 1
Referer: http://demo.testfire.net:8080/login.jsp
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36
(KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36
Page 49 of 1637

CVSS Compliance
Score Status
Content-Type: application/x-www-form-urlencoded
uid=%27+or+8%3D8+--+-&passw=Passwor1&btnSubmit=Login
True Response: HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 6706
Date: Tue, 06 Aug 2019 04:33:42 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<title>Altoro Mutual</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-
8859-1" />
<link href="/style.css" rel="stylesheet" type="text/css" />
</head>
<body style="margin-top:5px;">
<div id="header" style="margin-bottom:5px; width: 99%;">
Page 50 of 1637

CVSS Compliance
Score Status
<form id="frmSearch" method="get" action="/search.jsp">
<table width="100%" border="0" cellpadding="0"
cellspacing="0">
<tr>
<td rowspan="2"><a id="HyperLink1" href="
/index.jsp"><img src="/images/logo.gif" width=283
height=80/></a></td>
<td align="right" valign="top">
<a id="LoginLink" href="/logout.jsp"><font
style="font-weight: bold; color: red;">Sign Off</font></a> | <a id="
HyperLink3" href="/index.jsp?content=inside_contact.htm">Contact
Us</a> | <a id="HyperLink4" href="/feedback.jsp">Feedback</a> |
<label for="txtSearch">Search</label>
<input type="text" name="query" id="query" accesskey="S" />
<input type="submit" value="Go" />
</td>
</tr>
<tr>
<td align="right" style="background-image:
url('/images/gradient.jpg');padding:0px;margin:0px;"><img src="
/images/header_pic.jpg" alt="" width=354 height=60/></td>
</tr>
</table>
</form>
</div>
<table cellspacing="0" width="100%">

<tr>
<td width="25%" class="bt br bb"><div id="Header1"><img id="
Image1" src="/images/pf_lock.gif" width=12 height=14 style="vertical-
align: bottom;" alt="Secure Login"/> <a id="AccountLink"
href="/bank/main.jsp" class="focus" >MY ACCOUNT</a></div></td>
<td width="25%" class="cc bt br bb"><div id="Header2"><a id="
Page 51 of 1637

CVSS Compliance
Score Status
LinkHeader2" class="focus" href="/index.jsp?content=personal.htm"
>PERSONAL</a></div></td>
LinkHeader3" class="focus" href="/index.jsp?content=business.htm"
>SMALL BUSINESS</a></div></td>
<td width="25%" class="cc bt bb"><div id="Header4"><a id="
LinkHeader4" class="focus" href="/index.jsp?content=inside.htm"
>INSIDE ALTORO MUTUAL</a></div></td>
</tr>
<tr>

<div id="wrapper" style="width: 99%;">


<td valign="top" class="cc br bb">

<br style="line-height: 10px;"/>
<b>I WANT TO ...</b>
<ul class="sidebar">
<li><a id="MenuHyperLink1" href="/bank/main.jsp">View
Account Summary</a></li>
<li><a id="MenuHyperLink2" href="/bank/transaction.jsp"
>View Recent Transactions</a></li>
<li><a id="MenuHyperLink3" href="/bank/transfer.jsp"
Page 52 of 1637

CVSS Compliance
Score Status
>Transfer Funds</a></li>

<li><a id="MenuHyperLink4" href="/bank/queryxpath.jsp"

>Search News Articles</a></li>
<li><a id="MenuHyperLink5" href="/bank/customize.jsp"
>Customize Site Language</a></li>
</ul>
<span id="_ctl0__ctl0_Content_Administration">
<b>ADMINISTRATION</b>
<li><a href="/admin/admin.jsp"
>Edit Users</a></li>
</ul>
</span>
</td>

<td valign="top" colspan="3" class="bb">
<div class="fl" style="width: 99%;">
<h1>Hello Admin User

</h1>
<p>
Welcome to Altoro Mutual Online.
Page 53 of 1637

CVSS Compliance
Score Status
</p>
<form name="details" method="get" action="

showAccount">
<table border="0">
<TR valign="top">
<td>View Account Details:</td>
<td align="left">
<select size="1" name="listAccounts" id="
listAccounts">
<option value="800000" >800000
Corporate</option>
<option value="800001" >800001 Checking</option>
<option value="800002" >800002 Savings</option>
<option value="4539082039396288" >4539082039396288 Credit
Card</option>
Card</option>
</select>
<input type="submit" id="btnGetAccount"
value=" GO ">
</td>
</tr>
<tr>
<td colspan="2"><span id="
_ctl0__ctl0_Content_Main_promo"><table width=590
border=0><tr><td><h2>Congratulations!
Page 54 of 1637

CVSS Compliance
Score Status
</h2></td></tr><tr><td>You have been pre-approved for an Altoro
Gold Visa with a credit limit of $10000!</td></tr><tr><td>Click <a
href='apply.jsp'>Here</a> to apply.
</td></tr></table></span></td>
</tr>
</table>
</form>
</div>
</td>
</div>

</tr>
</table>
<div id="footer" style="width: 99%;">
<a id="HyperLink5" href="/index.jsp?content=privacy.htm">Privacy
Policy</a>
  |
<a id="HyperLink6" href="/index.jsp?content=security.htm"
>Security Statement</a>
  |
<a id="HyperLink6" href="/status_check.jsp">Server Status
Check</a>
  |
<a id="HyperLink6" href="/swagger/index.html">REST API</a>
  |
© 2019 Altoro Mutual, Inc.
<span style="color:red;font-weight:bold;font-style:italic;float:right"
Page 55 of 1637

CVSS Compliance
Score Status
>This web application is open source!<span style="color:black;font-
style:italic;font-weight:normal;float:right"> <a href="https:
//github.com/AppSecDev/AltoroJ/">Get your copy from GitHub</a> and
take advantage of advanced features</span></span>
<br><br><br>
<div class="disclaimer">
The AltoroJ website is published by IBM Corporation for the sole
purpose of
demonstrating the effectiveness of IBM products in detecting web
application
vulnerabilities and website defects. This site is not a real banking
site. Similarities,
if any, to third party products and/or websites are purely
coincidental. This site is
provided "as is" without warranty of any kind, either express or
implied. IBM does
not assume any risk in relation to your use of this website. For
more information,
please go to <a id="HyperLink7" href="http://www-142.ibm.
com/software/products/us/en/subcategory/SWI10" >http://www-142.
ibm.com/software/products/us/en/subcategory/SWI10</a>.<br /><br
/>
Copyright © 2008, 2019, IBM Corporation, All rights

reserved.
</div>
</div>
</body>
</html>

False Request: POST http://demo.testfire.net:8080/doLogin HTTP/1.1
Page 56 of 1637

CVSS Compliance
Score Status
False Response: HTTP/1.1 200 OK
Transfer-Encoding: chunked
Date: Tue, 06 Aug 2019 04:33:43 GMT

<head>
8859-1" />
Page 57 of 1637

CVSS Compliance
Score Status
</head>

cellspacing="0">
<tr>
</td>
</tr>
<tr>
</tr>
</table>
</form>
</div>

<tr>
Page 58 of 1637

CVSS Compliance
Score Status
</tr>
<tr>



<a id="CatLink1" class="subheader" href="index.jsp?

content=personal.htm">PERSONAL</a>
<li><a id="MenuHyperLink1" href="index.jsp?
content=personal_deposit.htm">Deposit Product</a></li>
content=personal_checking.htm">Checking</a></li>
Page 59 of 1637

CVSS Compliance
Score Status
content=personal_loans.htm">Loan Products</a></li>
<li><a id="MenuHyperLink4"
href="index.jsp?content=personal_cards.htm">Cards</a></li>
href="index.jsp?content=personal_investments.htm">Investments
& Insurance</a></li>
href="index.jsp?content=personal_other.htm">Other
Services</a></li>
</ul>
<a id="CatLink2" class="subheader"

href="index.jsp?content=business.htm">SMALL BUSINESS</a>
href="index.jsp?content=business_deposit.htm">Deposit
Products</a></li>
href="index.jsp?content=business_lending.htm">Lending
Services</a></li>
href="index.jsp?content=business_cards.htm">Cards</a></li>
href="index.jsp?content=business_insurance.htm">Insurance</a></li
>
href="index.jsp?content=business_retirement.htm">Retirement</a><
/li>
href="index.jsp?content=business_other.htm">Other
Services</a></li>
</ul>
Page 60 of 1637

CVSS Compliance
Score Status
content=inside_contact.htm">Contact Us</a></li>
<li><a id="MenuHyperLink15" href="cgi.exe"
>Locations</a></li>
content=inside_investor.htm">Investor Relations</a></li>
content=inside_press.htm">Press Room</a></li>
content=inside_careers.htm">Careers</a></li>
<li><a id="MenuHyperLink19" href="
subscribe.jsp">Subscribe</a></li>
</ul>
</td>


<h1>Online Banking Login</h1>

<p><span id="_ctl0__ctl0_Content_Main_message"
style="color:#FF0066;font-size:12pt;font-weight:bold;">
Login Failed: We're sorry, but this username or
password was not found in our system. Please try again.
</span></p>
<form action="doLogin" method="post" name="login"

id="login" onsubmit="return (confirminput(login));">
<table>
<tr>
<td>
Page 61 of 1637

CVSS Compliance
Score Status
Username:
</td>
<td>
<input type="text" id="uid" name="uid"
value="" style="width: 150px;">
</td>
<td>
</td>
</tr>
<tr>
<td>
Password:
</td>
<td>
<input type="password" id="passw" name="
passw" style="width: 150px;">
</td>
</tr>
<tr>
<td></td>
<td>
<input type="submit" name="btnSubmit"
value="Login">
</td>
</tr>
</table>
</form>
</div>
<script type="text/javascript">
function setfocus() {
if (document.login.uid.value=="") {
Page 62 of 1637

CVSS Compliance
Score Status
document.login.uid.focus();
} else {
document.login.passw.focus();
}
}
function confirminput(myform) {
if (myform.uid.value.length && myform.
passw.value.length) {
return (true);
} else if (!(myform.uid.value.length)) {
myform.reset();
myform.uid.focus();
alert ("You must enter a valid username");
return (false);
} else {
myform.passw.focus();
alert ("You must enter a valid password");
return (false);
}
}
window.onload = setfocus;
</script>
</td>
</div>
</tr>
</table>
Page 63 of 1637

CVSS Compliance
Score Status
Policy</a>
  |
  |
Check</a>
  |
  |
<br><br><br>
purpose of
application
site. Similarities,
implied. IBM does
more information,
Page 64 of 1637

CVSS Compliance
Score Status
com/software/products/us/en/subcategory/SWI10" >http://www-
142.ibm.com/software/products/us/en/subcategory/SWI10</a>.<br
/><br />
Copyright © 2008, 2019, IBM Corporation, All rights reserved.

</div>
</div>
</body>
</html>

Remediation:
This web site responded with content that suggests that the SQL
content injected was possibly interpreted by the SQL database engine,
indicating that the underlying web application may be vulnerable to
SQL Injection (SQLi). This vulnerability could be utilized by an attacker
to access, modify or delete sensitive information within the associated
database instance. Before accepting any user-supplied data, the
application should validate this data's format and reject any characters
that are not explicitly allowed (i.e. a white-list). This list should be as
restrictive as possible. This is particularly important when the original
source of data is beyond the control of the application.
Please note that the listing of SQLi vulnerabilities is not an exhaustive

list, and other SQLi vulnerabilities may exist in the application.
4 SQL Injection Vulnerability 7.5 High Fail URL: https://demo.testfire.net:8443/doLogin

Port: tcp/8443
Page 65 of 1637

CVSS Compliance
Score Status
Service: https
Reference:
Evidence:
POST - https://demo.testfire.net:8443/doLogin - passw
True Request: POST https://demo.testfire.net:8443/doLogin HTTP/1.1
Origin: https://demo.testfire.net:8443
Referer: https://demo.testfire.net:8443/login.jsp
Page 66 of 1637

CVSS Compliance
Score Status
uid=CHSuser&passw=%27+or+8%3D8+--+-&btnSubmit=Login
True Response: HTTP/1.1 500 Internal Server Error
Content-Type: text/html;charset=utf-8
Content-Language: en
Date: Tue, 06 Aug 2019 04:37:47 GMT
Connection: close
<!doctype html><html lang="en"><head><title>HTTP Status 500 ?

Internal Server Error</title><style type="text/css">H1 {font-
family:Tahoma,Arial,sans-serif;color:white;background-
color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-
serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-
color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-
serif;color:black;background-color:white;} B {font-
color:#525D76;} P {font-family:Tahoma,Arial,sans-
serif;background:white;color:black;font-size:12px;}A {color :
black;}A.name {color : black;}HR {color :
#525D76;}</style></head><body><h1>HTTP Status 500 ? Internal
Server Error</h1><hr class="line" /><p><b>Type</b> Status
Report</p><p><b>Description</b> The server encountered an
unexpected condition that prevented it from fulfilling the
request.</p><hr class="line" /><h3>Apache
False Request: POST https://demo.testfire.net:8443/doLogin HTTP/1.1
Page 67 of 1637

CVSS Compliance
Score Status
Date: Tue, 06 Aug 2019 04:37:47 GMT

<head>
8859-1" />
</head>
Page 68 of 1637

CVSS Compliance
Score Status
cellspacing="0">
<tr>
</td>
</tr>
<tr>
</tr>
</table>
</form>
</div>

<tr>
Page 69 of 1637

CVSS Compliance
Score Status
</tr>
<tr>




content=personal_cards.htm">Cards</a></li>
Page 70 of 1637

CVSS Compliance
Score Status
Services</a></li>
</ul>

Products</a></li>
Services</a></li>
>
/li>
Services</a></li>
</ul>

href="index.jsp?content=inside.htm">INSIDE ALTORO MUTUAL</a>
Page 71 of 1637

CVSS Compliance
Score Status
</ul>
</td>



SiteOps at 415-555-6159 -->
</span></p>

<table>
<tr>
<td>
Username:
</td>
<td>
Page 72 of 1637

CVSS Compliance
Score Status
</td>
<td>
</td>
</tr>
<tr>
<td>
Password:
</td>
<td>
</td>
</tr>
<tr>
<td></td>
<td>
value="Login">
</td>
</tr>
</table>
</form>
</div>
} else {
Page 73 of 1637

CVSS Compliance
Score Status
}
}
return (true);
myform.reset();
myform.uid.focus();
return (false);
} else {
return (false);
}
}
</script>
</td>
</div>
</tr>
</table>
Policy</a>
Page 74 of 1637

CVSS Compliance
Score Status
  |
  |
Check</a>
  |
  |
<br><br><br>
purpose of
application
site. Similarities,
implied. IBM does
more information,
/>
Page 75 of 1637

CVSS Compliance
Score Status

</div>
</div>
</body>
</html>

Remediation:

5 SQL Injection Vulnerability 7.5 High Fail URL: https://demo.testfire.net:8443/doLogin

Port: tcp/8443

Page 76 of 1637

CVSS Compliance
Score Status
Service: https
Reference:
Evidence:
POST - https://demo.testfire.net:8443/doLogin - uid
True Request: POST https://demo.testfire.net:8443/doLogin HTTP/1.1
Page 77 of 1637

CVSS Compliance
Score Status
Date: Tue, 06 Aug 2019 04:37:44 GMT

<head>
8859-1" />
</head>

cellspacing="0">
Page 78 of 1637

CVSS Compliance
Score Status
<tr>
</td>
</tr>
<tr>
</tr>
</table>
</form>
</div>

<tr>
Page 79 of 1637

CVSS Compliance
Score Status
</tr>
<tr>



Page 80 of 1637

CVSS Compliance
Score Status

</ul>
</ul>
</span>
</td>

</h1>
<p>
</p>
Page 81 of 1637

CVSS Compliance
Score Status
showAccount">
<table border="0">
<TR valign="top">
<td align="left">
listAccounts">
<option value="800000" >800000
Corporate</option>
Card</option>
Card</option>
</select>
value=" GO ">
</td>
</tr>
<tr>
Page 82 of 1637

CVSS Compliance
Score Status
</tr>
</table>
</form>
</div>
</td>
</div>
</tr>
</table>
Policy</a>
  |
  |
Check</a>
  |
  |
Page 83 of 1637

CVSS Compliance
Score Status
<br><br><br>
purpose of
application
site. Similarities,
implied. IBM does
more information,
/>

reserved.
</div>
</div>
</body>
</html>

False Request: POST https://demo.testfire.net:8443/doLogin HTTP/1.1
Page 84 of 1637

CVSS Compliance
Score Status
Date: Tue, 06 Aug 2019 04:37:44 GMT

<head>
8859-1" />
</head>
Page 85 of 1637

CVSS Compliance
Score Status
cellspacing="0">
<tr>
</td>
</tr>
<tr>
</tr>
</table>
</form>
</div>

<tr>
Page 86 of 1637

CVSS Compliance
Score Status
</tr>
<tr>




Page 87 of 1637

CVSS Compliance
Score Status
Services</a></li>
</ul>

Products</a></li>
Services</a></li>
>
/li>
Services</a></li>
</ul>

Page 88 of 1637

CVSS Compliance
Score Status
</ul>
</td>



SiteOps at 415-555-6159 -->
</span></p>

<table>
<tr>
<td>
Username:
</td>
<td>
Page 89 of 1637

CVSS Compliance
Score Status
</td>
<td>
</td>
</tr>
<tr>
<td>
Password:
</td>
<td>
</td>
</tr>
<tr>
<td></td>
<td>
value="Login">
</td>
</tr>
</table>
</form>
</div>
} else {
Page 90 of 1637

CVSS Compliance
Score Status
}
}
return (true);
myform.reset();
myform.uid.focus();
return (false);
} else {
return (false);
}
}
</script>
</td>
</div>
</tr>
</table>
Policy</a>
Page 91 of 1637

CVSS Compliance
Score Status
  |
  |
Check</a>
  |
  |
<br><br><br>
purpose of
application
site. Similarities,
implied. IBM does
more information,
/>
Page 92 of 1637

CVSS Compliance
Score Status

</div>
</div>
</body>
</html>

Remediation:

6 SQL Injection Vulnerability 7.5 High Fail URL: https://demo.testfire.net/doLogin

Port: tcp/443

Page 93 of 1637

CVSS Compliance
Score Status
Service: https
Reference:
Evidence:
POST - https://demo.testfire.net/doLogin - uid
True Request: POST https://demo.testfire.net/doLogin HTTP/1.1
Origin: https://demo.testfire.net
Referer: https://demo.testfire.net/login.jsp
Page 94 of 1637

CVSS Compliance
Score Status
Date: Tue, 06 Aug 2019 04:31:39 GMT

<head>
8859-1" />
</head>

cellspacing="0">
Page 95 of 1637

CVSS Compliance
Score Status
<tr>
</td>
</tr>
<tr>
</tr>
</table>
</form>
</div>

<tr>
Page 96 of 1637

CVSS Compliance
Score Status
</tr>
<tr>



Page 97 of 1637

CVSS Compliance
Score Status

</ul>
</ul>
</span>
</td>

</h1>
<p>
</p>
Page 98 of 1637

CVSS Compliance
Score Status
showAccount">
<table border="0">
<TR valign="top">
<td align="left">
listAccounts">
<option value="800000" >800000
Corporate</option>
Card</option>
Card</option>
</select>
value=" GO ">
</td>
</tr>
<tr>
Page 99 of 1637

CVSS Compliance
Score Status
</tr>
</table>
</form>
</div>
</td>
</div>
</tr>
</table>
Policy</a>
  |
  |
Check</a>
  |
  |
Page 100 of 1637

CVSS Compliance
Score Status
<br><br><br>
purpose of
application
site. Similarities,
implied. IBM does
more information,
/>

reserved.
</div>
</div>
</body>
</html>

False Request: POST https://demo.testfire.net/doLogin HTTP/1.1
Page 101 of 1637

CVSS Compliance
Score Status
Date: Tue, 06 Aug 2019 04:31:39 GMT

<head>
8859-1" />
</head>
Page 102 of 1637

CVSS Compliance
Score Status

cellspacing="0">
<tr>
</td>
</tr>
<tr>
</tr>
</table>
</form>
</div>

<tr>
Page 103 of 1637

CVSS Compliance
Score Status
</tr>
<tr>




Page 104 of 1637

CVSS Compliance
Score Status
Services</a></li>
</ul>

Products</a></li>
Services</a></li>
>
/li>
Services</a></li>
</ul>

Page 105 of 1637

CVSS Compliance
Score Status
>Locations</a></li>
</ul>
</td>



SiteOps at 415-555-6159 -->
</span></p>

<table>
<tr>
<td>
Username:
</td>
Page 106 of 1637

CVSS Compliance
Score Status
<td>
</td>
<td>
</td>
</tr>
<tr>
<td>
Password:
</td>
<td>
</td>
</tr>
<tr>
<td></td>
<td>
value="Login">
</td>
</tr>
</table>
</form>
</div>
} else {
Page 107 of 1637

CVSS Compliance
Score Status
}
}
return (true);
myform.reset();
myform.uid.focus();
return (false);
} else {
return (false);
}
}
</script>
</td>
</div>
</tr>
</table>
Page 108 of 1637

CVSS Compliance
Score Status
Policy</a>
  |
  |
Check</a>
  |
  |
<br><br><br>
purpose of
application
site. Similarities,
implied. IBM does
more information,
Page 109 of 1637

CVSS Compliance
Score Status
/>

</div>
</div>
</body>
</html>

Remediation:

7 SQL Injection Vulnerability 7.5 High Fail URL: https://65.61.137.117:8443/doLogin

Port: tcp/8443

Page 110 of 1637

CVSS Compliance
Score Status
Service: https
Reference:
Evidence:
POST - https://65.61.137.117:8443/doLogin - uid
True Request: POST https://65.61.137.117:8443/doLogin HTTP/1.1
Origin: https://65.61.137.117:8443
Referer: https://65.61.137.117:8443/login.jsp
Page 111 of 1637

CVSS Compliance
Score Status
Date: Tue, 06 Aug 2019 04:38:32 GMT

<head>
8859-1" />
</head>

Page 112 of 1637

CVSS Compliance
Score Status
cellspacing="0">
<tr>
</td>
</tr>
<tr>
</tr>
</table>
</form>
</div>

<tr>
Page 113 of 1637

CVSS Compliance
Score Status
</tr>
<tr>



Page 114 of 1637

CVSS Compliance
Score Status

</ul>
</ul>
</span>
</td>

</h1>
<p>
</p>
Page 115 of 1637

CVSS Compliance
Score Status
showAccount">
<table border="0">
<TR valign="top">
<td align="left">
listAccounts">
<option value="800000" >800000
Corporate</option>
Card</option>
Card</option>
</select>
value=" GO ">
</td>
</tr>
<tr>
Page 116 of 1637

CVSS Compliance
Score Status
</tr>
</table>
</form>
</div>
</td>
</div>
</tr>
</table>
Policy</a>
  |
  |
Check</a>
  |
  |
Page 117 of 1637

CVSS Compliance
Score Status
<br><br><br>
purpose of
application
site. Similarities,
implied. IBM does
more information,
/>

reserved.
</div>
</div>
</body>
</html>

False Request: POST https://65.61.137.117:8443/doLogin HTTP/1.1
Origin: https://65.61.137.117:8443
Page 118 of 1637

CVSS Compliance
Score Status
Date: Tue, 06 Aug 2019 04:38:32 GMT

<head>
8859-1" />
</head>
Page 119 of 1637

CVSS Compliance
Score Status

cellspacing="0">
<tr>
</td>
</tr>
<tr>
</tr>
</table>
</form>
</div>

<tr>
Page 120 of 1637

CVSS Compliance
Score Status
</tr>
<tr>




Page 121 of 1637

CVSS Compliance
Score Status
Services</a></li>
</ul>

Products</a></li>
Services</a></li>
>
/li>
Services</a></li>
</ul>

Page 122 of 1637

CVSS Compliance
Score Status
>Locations</a></li>
</ul>
</td>



SiteOps at 415-555-6159 -->
</span></p>

<table>
<tr>
<td>
Username:
</td>
Page 123 of 1637

CVSS Compliance
Score Status
<td>
</td>
<td>
</td>
</tr>
<tr>
<td>
Password:
</td>
<td>
</td>
</tr>
<tr>
<td></td>
<td>
value="Login">
</td>
</tr>
</table>
</form>
</div>
} else {
Page 124 of 1637

CVSS Compliance
Score Status
}
}
return (true);
myform.reset();
myform.uid.focus();
return (false);
} else {
return (false);
}
}
</script>
</td>
</div>
</tr>
</table>
Page 125 of 1637

CVSS Compliance
Score Status
Policy</a>
  |
  |
Check</a>
  |
  |
<br><br><br>
purpose of
application
site. Similarities,
implied. IBM does
more information,
Page 126 of 1637

CVSS Compliance
Score Status
/>

</div>
</div>
</body>
</html>

Remediation:

8 SQL Injection Vulnerability 7.5 High Fail URL: https://65.61.137.117:8443/doLogin

Port: tcp/8443

Page 127 of 1637

CVSS Compliance
Score Status
Service: https
Reference:
Evidence:
POST - https://65.61.137.117:8443/doLogin - passw
True Request: POST https://65.61.137.117:8443/doLogin HTTP/1.1
Origin: https://65.61.137.117:8443
Page 128 of 1637

CVSS Compliance
Score Status
Date: Tue, 06 Aug 2019 04:38:36 GMT
Connection: close

False Request: POST https://65.61.137.117:8443/doLogin HTTP/1.1
Origin: https://65.61.137.117:8443
Page 129 of 1637

CVSS Compliance
Score Status
Date: Tue, 06 Aug 2019 04:38:37 GMT

<head>
8859-1" />
</head>

Page 130 of 1637

CVSS Compliance
Score Status
cellspacing="0">
<tr>
</td>
</tr>
<tr>
</tr>
</table>
</form>
</div>

<tr>
Page 131 of 1637

CVSS Compliance
Score Status
</tr>
<tr>




content=personal_investments.htm">Investments &
Page 132 of 1637

CVSS Compliance
Score Status
Insurance</a></li>
Services</a></li>
</ul>

Products</a></li>
Services</a></li>
>
/li>
Services</a></li>
</ul>

href="index.jsp?content=inside_about.htm">About Us</a></li>
Page 133 of 1637

CVSS Compliance
Score Status
</ul>
</td>



SiteOps at 415-555-6159 -->
</span></p>

<table>
<tr>
<td>
Username:
</td>
<td>
Page 134 of 1637

CVSS Compliance
Score Status
</td>
<td>
</td>
</tr>
<tr>
<td>
Password:
</td>
<td>
</td>
</tr>
<tr>
<td></td>
<td>
value="Login">
</td>
</tr>
</table>
</form>
</div>
} else {
}
}
Page 135 of 1637

CVSS Compliance
Score Status
return (true);
myform.reset();
myform.uid.focus();
return (false);
} else {
return (false);
}
}
</script>
</td>
</div>
</tr>
</table>
Policy</a>
  |
Page 136 of 1637

CVSS Compliance
Score Status
  |
Check</a>
  |
  |
<br><br><br>
purpose of
application
site. Similarities,
implied. IBM does
more information,
/>
Page 137 of 1637

CVSS Compliance
Score Status
reserved.
</div>
</div>
</body>
</html>

Remediation:

9 SQL Injection Vulnerability 7.5 High Fail URL: https://65.61.137.117/doLogin

Port: tcp/443

Page 138 of 1637

CVSS Compliance
Score Status
Service: https
Reference:
Evidence:
POST - https://65.61.137.117/doLogin - uid
True Request: POST https://65.61.137.117/doLogin HTTP/1.1
Origin: https://65.61.137.117
Referer: https://65.61.137.117/login.jsp
Page 139 of 1637

CVSS Compliance
Score Status
Date: Tue, 06 Aug 2019 04:05:35 GMT

<head>
8859-1" />
</head>

cellspacing="0">
<tr>
Page 140 of 1637

CVSS Compliance
Score Status
</td>
</tr>
<tr>
</tr>
</table>
</form>
</div>

<tr>
Page 141 of 1637

CVSS Compliance
Score Status
</tr>
<tr>



Page 142 of 1637

CVSS Compliance
Score Status
</ul>
</ul>
</span>
</td>

</h1>
<p>
</p>

showAccount">
<table border="0">
Page 143 of 1637

CVSS Compliance
Score Status
<TR valign="top">
<td align="left">
listAccounts">
<option value="800000" >800000
Corporate</option>
Card</option>
Card</option>
</select>
value=" GO ">
</td>
</tr>
<tr>
Page 144 of 1637

CVSS Compliance
Score Status
</tr>
</table>
</form>
</div>
</td>
</div>
</tr>
</table>
Policy</a>
  |
  |
Check</a>
  |
  |
Page 145 of 1637

CVSS Compliance
Score Status
<br><br><br>
purpose of
application
site. Similarities,
implied. IBM does
more information,
/>

reserved.
</div>
</div>
</body>
</html>

False Request: POST https://65.61.137.117/doLogin HTTP/1.1
Origin: https://65.61.137.117
Page 146 of 1637

CVSS Compliance
Score Status
Date: Tue, 06 Aug 2019 04:05:35 GMT

<head>
8859-1" />
</head>
Page 147 of 1637

CVSS Compliance
Score Status
cellspacing="0">
<tr>
</td>
</tr>
<tr>
</tr>
</table>
</form>
</div>

<tr>
Page 148 of 1637

CVSS Compliance
Score Status
</tr>
<tr>




Page 149 of 1637

CVSS Compliance
Score Status
Insurance</a></li>
Services</a></li>
</ul>

Products</a></li>
Services</a></li>
>
/li>
Services</a></li>
</ul>

Page 150 of 1637

CVSS Compliance
Score Status
</ul>
</td>



SiteOps at 415-555-6159 -->
</span></p>

<table>
<tr>
<td>
Username:
</td>
<td>
Page 151 of 1637

CVSS Compliance
Score Status
</td>
<td>
</td>
</tr>
<tr>
<td>
Password:
</td>
<td>
</td>
</tr>
<tr>
<td></td>
<td>
value="Login">
</td>
</tr>
</table>
</form>
</div>
} else {
}
Page 152 of 1637

CVSS Compliance
Score Status
}
return (true);
myform.reset();
myform.uid.focus();
return (false);
} else {
return (false);
}
}
</script>
</td>
</div>
</tr>
</table>
Policy</a>
  |
Page 153 of 1637

CVSS Compliance
Score Status
  |
Check</a>
  |
  |
<br><br><br>
purpose of
application
site. Similarities,
implied. IBM does
more information,
/>
Page 154 of 1637

CVSS Compliance
Score Status
</div>
</div>
</body>
</html>

Remediation:

10 SQL Injection Vulnerability 7.5 High Fail URL: http://demo.testfire.net:8080/doLogin

Port: tcp/8080

Page 155 of 1637

CVSS Compliance
Score Status
Service: http
Reference:
Evidence:
POST - http://demo.testfire.net:8080/doLogin - passw
True Request: POST http://demo.testfire.net:8080/doLogin HTTP/1.1
Page 156 of 1637

CVSS Compliance
Score Status
Date: Tue, 06 Aug 2019 04:33:46 GMT
Connection: close

False Request: POST http://demo.testfire.net:8080/doLogin HTTP/1.1
Page 157 of 1637

CVSS Compliance
Score Status
Date: Tue, 06 Aug 2019 04:33:46 GMT

<head>
8859-1" />
</head>

cellspacing="0">
Page 158 of 1637

CVSS Compliance
Score Status
<tr>
</td>
</tr>
<tr>
</tr>
</table>
</form>
</div>

<tr>
Page 159 of 1637

CVSS Compliance
Score Status
</tr>
<tr>




Insurance</a></li>
Page 160 of 1637

CVSS Compliance
Score Status
content=personal_other.htm">Other Services</a></li>
</ul>

Products</a></li>
Services</a></li>
>
/li>
Services</a></li>
</ul>

href="index.jsp?content=inside_contact.htm">Contact Us</a></li>
href="cgi.exe">Locations</a></li>
Page 161 of 1637

CVSS Compliance
Score Status
</ul>
</td>



SiteOps at 415-555-6159 -->
</span></p>

<table>
<tr>
<td>
Username:
</td>
<td>
</td>
<td>
Page 162 of 1637

CVSS Compliance
Score Status
</td>
</tr>
<tr>
<td>
Password:
</td>
<td>
</td>
</tr>
<tr>
<td></td>
<td>
value="Login">
</td>
</tr>
</table>
</form>
</div>
} else {
}
}
Page 163 of 1637

CVSS Compliance
Score Status
return (true);
myform.reset();
myform.uid.focus();
return (false);
} else {
return (false);
}
}
</script>
</td>
</div>
</tr>
</table>
Policy</a>
  |
  |
Page 164 of 1637

CVSS Compliance
Score Status
Check</a>
  |
  |
<br><br><br>
purpose of
application
site. Similarities,
implied. IBM does
more information,
/>

reserved.
</div>
Page 165 of 1637

CVSS Compliance
Score Status
</div>
</body>
</html>

Remediation:

11 SQL Injection Vulnerability 7.5 High Fail URL: http://65.61.137.117:8080/doLogin

Port: tcp/8080

Page 166 of 1637

CVSS Compliance
Score Status
Service: http
Reference:
Evidence:
POST - http://65.61.137.117:8080/doLogin - passw
True Request: POST http://65.61.137.117:8080/doLogin HTTP/1.1
Origin: http://65.61.137.117:8080
Referer: http://65.61.137.117:8080/login.jsp
Page 167 of 1637

CVSS Compliance
Score Status
Date: Tue, 06 Aug 2019 04:35:51 GMT
Connection: close

False Request: POST http://65.61.137.117:8080/doLogin HTTP/1.1
Origin: http://65.61.137.117:8080
Page 168 of 1637

CVSS Compliance
Score Status
Date: Tue, 06 Aug 2019 04:35:51 GMT

<head>
8859-1" />
</head>

cellspacing="0">
<tr>
Page 169 of 1637

CVSS Compliance
Score Status
</td>
</tr>
<tr>
</tr>
</table>
</form>
</div>

<tr>
Page 170 of 1637

CVSS Compliance
Score Status
</tr>
<tr>




Insurance</a></li>
</ul>
Page 171 of 1637

CVSS Compliance
Score Status
content=business.htm">SMALL BUSINESS</a>
content=business_deposit.htm">Deposit Products</a></li>
content=business_lending.htm">Lending Services</a></li>
content=business_cards.htm">Cards</a></li>
content=business_insurance.htm">Insurance</a></li>
content=business_retirement.htm">Retirement</a></li>
content=business_other.htm">Other Services</a></li>
</ul>

content=inside.htm">INSIDE ALTORO MUTUAL</a>
content=inside_about.htm">About Us</a></li>
>Locations</a></li>
Page 172 of 1637

CVSS Compliance
Score Status
</ul>
</td>



SiteOps at 415-555-6159 -->
</span></p>

<table>
<tr>
<td>
Username:
</td>
<td>
</td>
<td>
</td>
</tr>
<tr>
Page 173 of 1637

CVSS Compliance
Score Status
<td>
Password:
</td>
<td>
</td>
</tr>
<tr>
<td></td>
<td>
value="Login">
</td>
</tr>
</table>
</form>
</div>
} else {
}
}
return (true);
Page 174 of 1637

CVSS Compliance
Score Status
myform.reset();
myform.uid.focus();
return (false);
} else {
return (false);
}
}
</script>
</td>
</div>
</tr>
</table>
Policy</a>
  |
  |
Check</a>
  |
Page 175 of 1637

CVSS Compliance
Score Status
  |
<br><br><br>
purpose of
application
site. Similarities,
implied. IBM does
more information,
/>

reserved.
</div>
</div>
</body>
Page 176 of 1637

CVSS Compliance
Score Status
</html>

Remediation:

12 SQL Injection Vulnerability 7.5 High Fail URL: http://demo.testfire.net/doLogin

Port: tcp/80

Page 177 of 1637

CVSS Compliance
Score Status
Service: http
Reference:
Evidence:
POST - http://demo.testfire.net/doLogin - passw
True Request: POST http://demo.testfire.net/doLogin HTTP/1.1
Origin: http://demo.testfire.net
Referer: http://demo.testfire.net/login.jsp
Date: Tue, 06 Aug 2019 04:34:47 GMT
Connection: close
Page 178 of 1637

CVSS Compliance
Score Status

False Request: POST http://demo.testfire.net/doLogin HTTP/1.1
Date: Tue, 06 Aug 2019 04:34:47 GMT
Page 179 of 1637

CVSS Compliance
Score Status

<head>
8859-1" />
</head>

cellspacing="0">
<tr>
Page 180 of 1637

CVSS Compliance
Score Status
</td>
</tr>
<tr>
</tr>
</table>
</form>
</div>

<tr>
</tr>
Page 181 of 1637

CVSS Compliance
Score Status
<tr>




Insurance</a></li>
</ul>

Page 182 of 1637

CVSS Compliance
Score Status
</ul>

>Locations</a></li>
</ul>
</td>
Page 183 of 1637

CVSS Compliance
Score Status



SiteOps at 415-555-6159 -->
</span></p>

<table>
<tr>
<td>
Username:
</td>
<td>
</td>
<td>
</td>
</tr>
<tr>
<td>
Password:
</td>
Page 184 of 1637

CVSS Compliance
Score Status
<td>
</td>
</tr>
<tr>
<td></td>
<td>
value="Login">
</td>
</tr>
</table>
</form>
</div>
} else {
}
}
return (true);
myform.reset();
myform.uid.focus();
Page 185 of 1637

CVSS Compliance
Score Status
return (false);
} else {
return (false);
}
}
</script>
</td>
</div>
</tr>
</table>
Policy</a>
  |
  |
Check</a>
  |
  |
Page 186 of 1637

CVSS Compliance
Score Status
<br><br><br>
purpose of
application
site. Similarities,
implied. IBM does
more information,
/>

reserved.
</div>
</div>
</body>
</html>

Page 187 of 1637

CVSS Compliance
Score Status
Remediation:

13 SQL Injection Vulnerability 7.5 High Fail URL: https://demo.testfire.net/doLogin

Port: tcp/443

Page 188 of 1637

CVSS Compliance
Score Status
Service: https
Reference:
Evidence:
POST - https://demo.testfire.net/doLogin - passw
True Request: POST https://demo.testfire.net/doLogin HTTP/1.1
Date: Tue, 06 Aug 2019 04:31:43 GMT
Connection: close

Internal Server Error</title><style type="text/css">H1 {font-family:
Page 189 of 1637

CVSS Compliance
Score Status
Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-
size:22px;} H2 {font-family:Tahoma,Arial,sans-
False Request: POST https://demo.testfire.net/doLogin HTTP/1.1
Date: Tue, 06 Aug 2019 04:31:43 GMT
Page 190 of 1637

CVSS Compliance
Score Status

<head>
8859-1" />
</head>

cellspacing="0">
<tr>
Page 191 of 1637

CVSS Compliance
Score Status
</td>
</tr>
<tr>
</tr>
</table>
</form>
</div>

<tr>
</tr>
<tr>

Page 192 of 1637

CVSS Compliance
Score Status



Insurance</a></li>
</ul>

Page 193 of 1637

CVSS Compliance
Score Status
</ul>

>Locations</a></li>
</ul>
</td>

Page 194 of 1637

CVSS Compliance
Score Status

SiteOps at 415-555-6159 -->
</span></p>

<table>
<tr>
<td>
Username:
</td>
<td>
</td>
<td>
</td>
</tr>
<tr>
<td>
Password:
</td>
<td>
Page 195 of 1637

CVSS Compliance
Score Status
</td>
</tr>
<tr>
<td></td>
<td>
value="Login">
</td>
</tr>
</table>
</form>
</div>
} else {
}
}
return (true);
myform.reset();
myform.uid.focus();
return (false);
} else {
Page 196 of 1637

CVSS Compliance
Score Status
return (false);
}
}
</script>
</td>
</div>
</tr>
</table>
Policy</a>
  |
  |
Check</a>
  |
  |
Page 197 of 1637

CVSS Compliance
Score Status
<br><br><br>
purpose of
application
site. Similarities,
implied. IBM does
more information,
/>

reserved.
</div>
</div>
</body>
</html>

Remediation:
Page 198 of 1637

CVSS Compliance
Score Status

14 SQL Injection Vulnerability 7.5 High Fail URL: http://65.61.137.117:8080/doLogin

Port: tcp/8080

Service: http
Page 199 of 1637

CVSS Compliance
Score Status
Reference:
Evidence:
POST - http://65.61.137.117:8080/doLogin - uid
True Request: POST http://65.61.137.117:8080/doLogin HTTP/1.1
Origin: http://65.61.137.117:8080
Date: Tue, 06 Aug 2019 04:35:47 GMT
Page 200 of 1637

CVSS Compliance
Score Status
<head>
8859-1" />
</head>

cellspacing="0">
<tr>
</td>
Page 201 of 1637

CVSS Compliance
Score Status
</tr>
<tr>
</tr>
</table>
</form>
</div>

<tr>
</tr>
<tr>


Page 202 of 1637

CVSS Compliance
Score Status


</ul>
Page 203 of 1637

CVSS Compliance
Score Status
</ul>
</span>
</td>

</h1>
<p>
</p>

showAccount">
<table border="0">
<TR valign="top">
<td align="left">
listAccounts">
<option value="800000" >800000
Corporate</option>
Page 204 of 1637

CVSS Compliance
Score Status
Card</option>
Card</option>
</select>
value=" GO ">
</td>
</tr>
<tr>
</tr>
</table>
</form>
</div>
</td>
</div>
Page 205 of 1637

CVSS Compliance
Score Status
</tr>
</table>
Policy</a>
  |
  |
Check</a>
  |
  |
<br><br><br>
purpose of
application
site. Similarities,
implied. IBM does
Page 206 of 1637

CVSS Compliance
Score Status
more information,
/>

reserved.
</div>
</div>
</body>
</html>

False Request: POST http://65.61.137.117:8080/doLogin HTTP/1.1
Origin: http://65.61.137.117:8080
Date: Tue, 06 Aug 2019 04:35:47 GMT
Page 207 of 1637

CVSS Compliance
Score Status

<head>
8859-1" />
</head>

cellspacing="0">
<tr>
Page 208 of 1637

CVSS Compliance
Score Status
</td>
</tr>
<tr>
</tr>
</table>
</form>
</div>

<tr>
</tr>
<tr>

Page 209 of 1637

CVSS Compliance
Score Status



Insurance</a></li>
</ul>

Page 210 of 1637

CVSS Compliance
Score Status
</ul>

>Locations</a></li>
</ul>
</td>

Page 211 of 1637

CVSS Compliance
Score Status

SiteOps at 415-555-6159 -->
</span></p>

<table>
<tr>
<td>
Username:
</td>
<td>
</td>
<td>
</td>
</tr>
<tr>
<td>
Password:
</td>
<td>
Page 212 of 1637

CVSS Compliance
Score Status
</td>
</tr>
<tr>
<td></td>
<td>
value="Login">
</td>
</tr>
</table>
</form>
</div>
} else {
}
}
return (true);
myform.reset();
myform.uid.focus();
return (false);
} else {
Page 213 of 1637

CVSS Compliance
Score Status
return (false);
}
}
</script>
</td>
</div>
</tr>
</table>
Policy</a>
  |
  |
Check</a>
  |
  |
Page 214 of 1637

CVSS Compliance
Score Status
<br><br><br>
purpose of
application
site. Similarities,
implied. IBM does
more information,
/>

reserved.
</div>
</div>
</body>
</html>

Remediation:
Page 215 of 1637

CVSS Compliance
Score Status

15 SQL Injection Vulnerability 7.5 High Fail URL: https://65.61.137.117/doLogin

Port: tcp/443

Service: https
Page 216 of 1637

CVSS Compliance
Score Status
Reference:
Evidence:
POST - https://65.61.137.117/doLogin - passw
True Request: POST https://65.61.137.117/doLogin HTTP/1.1
Origin: https://65.61.137.117
Date: Tue, 06 Aug 2019 04:05:38 GMT
Connection: close

Page 217 of 1637

CVSS Compliance
Score Status
Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;}
BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-
color:white;} B {font-family:Tahoma,Arial,sans-
serif;color:white;background-color:#525D76;} P {font-
family:Tahoma,Arial,sans-serif;background:white;color:black;font-
size:12px;}A {color : black;}A.name {color : black;}HR {color :
Tomcat/7.0.92</h3></body></html>
False Request: POST https://65.61.137.117/doLogin HTTP/1.1
Origin: https://65.61.137.117
Date: Tue, 06 Aug 2019 04:05:38 GMT
Page 218 of 1637

CVSS Compliance
Score Status

<head>
8859-1" />
</head>

cellspacing="0">
<tr>
Page 219 of 1637

CVSS Compliance
Score Status
</td>
</tr>
<tr>
</tr>
</table>
</form>
</div>

<tr>
</tr>
<tr>

Page 220 of 1637

CVSS Compliance
Score Status



Insurance</a></li>
</ul>

Page 221 of 1637

CVSS Compliance
Score Status
</ul>

>Locations</a></li>
</ul>
</td>


Page 222 of 1637

CVSS Compliance
Score Status

SiteOps at 415-555-6159 -->
</span></p>

<table>
<tr>
<td>
Username:
</td>
<td>
</td>
<td>
</td>
</tr>
<tr>
<td>
Password:
</td>
<td>
</td>
</tr>
<tr>
Page 223 of 1637

CVSS Compliance
Score Status
<td></td>
<td>
value="Login">
</td>
</tr>
</table>
</form>
</div>
} else {
}
}
return (true);
myform.reset();
myform.uid.focus();
return (false);
} else {
return (false);
Page 224 of 1637

CVSS Compliance
Score Status
}
}
</script>
</td>
</div>
</tr>
</table>
Policy</a>
  |
  |
Check</a>
  |
  |
<br><br><br>
Page 225 of 1637

CVSS Compliance
Score Status
purpose of
application
site. Similarities,
implied. IBM does
more information,
please go to <a id="HyperLink7" href="http://www-
142.ibm.com/software/products/us/en/subcategory/SWI10"
>http://www-
/><br />

</div>
</div>
</body>
</html>

Remediation:
Page 226 of 1637

CVSS Compliance
Score Status

16 SQL Injection Vulnerability 7.5 High Fail URL: http://65.61.137.117/doLogin

Port: tcp/80

Service: http
Reference:
Page 227 of 1637

CVSS Compliance
Score Status
Evidence:
POST - http://65.61.137.117/doLogin - passw
True Request: POST http://65.61.137.117/doLogin HTTP/1.1
Origin: http://65.61.137.117
Referer: http://65.61.137.117/login.jsp
Date: Tue, 06 Aug 2019 04:29:00 GMT
Connection: close

Page 228 of 1637

CVSS Compliance
Score Status
background-color:#525D76;} P {font-family:Tahoma,Arial,sans-
Tomcat/7.0.92</h3></body></html>
False Request: POST http://65.61.137.117/doLogin HTTP/1.1
Origin: http://65.61.137.117
Date: Tue, 06 Aug 2019 04:29:01 GMT

Page 229 of 1637

CVSS Compliance
Score Status
<head>
8859-1" />
</head>

cellspacing="0">
<tr>
</td>
</tr>
<tr>
Page 230 of 1637

CVSS Compliance
Score Status
</tr>
</table>
</form>
</div>

<tr>
</tr>
<tr>


Page 231 of 1637

CVSS Compliance
Score Status

href="index.jsp?content=personal.htm">PERSONAL</a>
href="index.jsp?content=personal_deposit.htm">Deposit
Product</a></li>
href="index.jsp?content=personal_checking.htm">Checking</a></li>
href="index.jsp?content=personal_loans.htm">Loan
Products</a></li>
Services</a></li>
</ul>

Products</a></li>
Services</a></li>
Page 232 of 1637

CVSS Compliance
Score Status
</ul>

>Locations</a></li>
</ul>
</td>



SiteOps at 415-555-6159 -->
Page 233 of 1637

CVSS Compliance
Score Status
</span></p>

<table>
<tr>
<td>
Username:
</td>
<td>
</td>
<td>
</td>
</tr>
<tr>
<td>
Password:
</td>
<td>
</td>
</tr>
<tr>
<td></td>
<td>
Page 234 of 1637

CVSS Compliance
Score Status
value="Login">
</td>
</tr>
</table>
</form>
</div>
} else {
}
}
return (true);
myform.reset();
myform.uid.focus();
return (false);
} else {
return (false);
}
}
Page 235 of 1637

CVSS Compliance
Score Status
</script>
</td>
</div>
</tr>
</table>
Policy</a>
  |
  |
Check</a>
  |
  |
<br><br><br>
purpose of
Page 236 of 1637

CVSS Compliance
Score Status
application
site. Similarities,
implied. IBM does
more information,
>http://www-
/><br />

</div>
</div>
</body>
</html>

Remediation:
Page 237 of 1637

CVSS Compliance
Score Status

17 SQL Injection Vulnerability 7.5 High Fail URL: http://demo.testfire.net/doLogin

Port: tcp/80

Service: http
Reference:
Evidence:
Page 238 of 1637

CVSS Compliance
Score Status
POST - http://demo.testfire.net/doLogin - uid
True Request: POST http://demo.testfire.net/doLogin HTTP/1.1
Date: Tue, 06 Aug 2019 04:34:43 GMT

Page 239 of 1637

CVSS Compliance
Score Status
<head>
8859-1" />
</head>

cellspacing="0">
<tr>
</td>
</tr>
<tr>
</tr>
Page 240 of 1637

CVSS Compliance
Score Status
</table>
</form>
</div>

<tr>
</tr>
<tr>


Page 241 of 1637

CVSS Compliance
Score Status


</ul>
</ul>
</span>
</td>
Page 242 of 1637

CVSS Compliance
Score Status

</h1>
<p>
</p>

showAccount">
<table border="0">
<TR valign="top">
<td align="left">
listAccounts">
<option value="800000" >800000
Corporate</option>
Card</option>
Page 243 of 1637

CVSS Compliance
Score Status
Card</option>
</select>
value=" GO ">
</td>
</tr>
<tr>
</tr>
</table>
</form>
</div>
</td>
</div>
</tr>
</table>
Page 244 of 1637

CVSS Compliance
Score Status
Policy</a>
  |
  |
Check</a>
  |
  |
<br><br><br>
purpose of
application
site. Similarities,
implied. IBM does
more information,
Page 245 of 1637

CVSS Compliance
Score Status
/>

reserved.
</div>
</div>
</body>
</html>

False Request: POST http://demo.testfire.net/doLogin HTTP/1.1
Date: Tue, 06 Aug 2019 04:34:43 GMT
Page 246 of 1637

CVSS Compliance
Score Status
<head>
8859-1" />
</head>

cellspacing="0">
<tr>
</td>
</tr>
Page 247 of 1637

CVSS Compliance
Score Status
<tr>
</tr>
</table>
</form>
</div>

<tr>
</tr>
<tr>

Page 248 of 1637

CVSS Compliance
Score Status


href="index.jsp?content=personal.htm">PERSONAL</a>
href="index.jsp?content=personal_deposit.htm">Deposit
Product</a></li>
Products</a></li>
Services</a></li>
</ul>

Products</a></li>
Services</a></li>
Page 249 of 1637

CVSS Compliance
Score Status
</ul>

>Locations</a></li>
</ul>
</td>


Page 250 of 1637

CVSS Compliance
Score Status
SiteOps at 415-555-6159 -->
</span></p>

<table>
<tr>
<td>
Username:
</td>
<td>
</td>
<td>
</td>
</tr>
<tr>
<td>
Password:
</td>
<td>
</td>
</tr>
<tr>
<td></td>
<td>
Page 251 of 1637

CVSS Compliance
Score Status
value="Login">
</td>
</tr>
</table>
</form>
</div>
} else {
}
}
return (true);
myform.reset();
myform.uid.focus();
return (false);
} else {
return (false);
}
}
Page 252 of 1637

CVSS Compliance
Score Status
</script>
</td>
</div>
</tr>
</table>
Policy</a>
  |
  |
Check</a>
  |
  |
<br><br><br>
Page 253 of 1637

CVSS Compliance
Score Status
purpose of
application
site. Similarities,
implied. IBM does
more information,
>http://www-
/><br />

</div>
</div>
</body>
</html>

Remediation:
Page 254 of 1637

CVSS Compliance
Score Status

18 SQL Injection Vulnerability 7.5 High Fail URL: http://65.61.137.117/doLogin

Port: tcp/80

Service: http
Reference:
Page 255 of 1637

CVSS Compliance
Score Status
Evidence:
POST - http://65.61.137.117/doLogin - uid
True Request: POST http://65.61.137.117/doLogin HTTP/1.1
Origin: http://65.61.137.117
Date: Tue, 06 Aug 2019 04:28:56 GMT

Page 256 of 1637

CVSS Compliance
Score Status
<head>
8859-1" />
</head>

cellspacing="0">
<tr>
</td>
</tr>
<tr>
Page 257 of 1637

CVSS Compliance
Score Status
</tr>
</table>
</form>
</div>

<tr>
</tr>
<tr>


Page 258 of 1637

CVSS Compliance
Score Status


</ul>
</ul>
</span>
</td>
Page 259 of 1637

CVSS Compliance
Score Status

</h1>
<p>
</p>

showAccount">
<table border="0">
<TR valign="top">
<td align="left">
listAccounts">
<option value="800000" >800000
Corporate</option>
Card</option>
Page 260 of 1637

CVSS Compliance
Score Status
Card</option>
</select>
value=" GO ">
</td>
</tr>
<tr>
</tr>
</table>
</form>
</div>
</td>
</div>
</tr>
</table>
Page 261 of 1637

CVSS Compliance
Score Status
Policy</a>
  |
  |
Check</a>
  |
  |
<br><br><br>
purpose of
application
site. Similarities,
implied. IBM does
more information,
Page 262 of 1637

CVSS Compliance
Score Status
/>

reserved.
</div>
</div>
</body>
</html>

False Request: POST http://65.61.137.117/doLogin HTTP/1.1
Origin: http://65.61.137.117
Date: Tue, 06 Aug 2019 04:28:57 GMT
Connection: close
Page 263 of 1637

CVSS Compliance
Score Status

<head>
8859-1" />
</head>

cellspacing="0">
<tr>
Page 264 of 1637

CVSS Compliance
Score Status
</td>
</tr>
<tr>
</tr>
</table>
</form>
</div>

<tr>
</tr>
<tr>

Page 265 of 1637

CVSS Compliance
Score Status



Insurance</a></li>
</ul>

Page 266 of 1637

CVSS Compliance
Score Status
</ul>

>Locations</a></li>
</ul>
</td>


Page 267 of 1637

CVSS Compliance
Score Status

SiteOps at 415-555-6159 -->
</span></p>

<table>
<tr>
<td>
Username:
</td>
<td>
</td>
<td>
</td>
</tr>
<tr>
<td>
Password:
</td>
<td>
</td>
</tr>
<tr>
Page 268 of 1637

CVSS Compliance
Score Status
<td></td>
<td>
value="Login">
</td>
</tr>
</table>
</form>
</div>
} else {
}
}
return (true);
myform.reset();
myform.uid.focus();
return (false);
} else {
return (false);
Page 269 of 1637

CVSS Compliance
Score Status
}
}
</script>
</td>
</div>
</tr>
</table>
Policy</a>
  |
  |
Check</a>
  |
  |
<br><br><br>
Page 270 of 1637

CVSS Compliance
Score Status
purpose of
application
site. Similarities,
implied. IBM does
more information,
>http://www-
/><br />

</div>
</div>
</body>
</html>

Remediation:
Page 271 of 1637

CVSS Compliance
Score Status

19 Unencrypted Password 6.1 Medium Fail URL: http://demo.testfire.net/login.jsp

Form Port: tcp/80
A form in this web application which appears to be associated with

login credentials (i.e., username and/or password) does not utilize
encryption (HTTPS) for completed forms.
CVSSv2: AV:A/AC:L/Au:N/C:C/I:N/A:N
Service: http
Evidence:
DetectionDetails: GET - http://demo.testfire.net/login.jsp
Detected password form in a non-secure page
Request: GET http://demo.testfire.net/login.jsp HTTP/1.1
Cookie: JSESSIONID=B95638AFC2EBB1AEEE06E0A48503002C
Remediation:
Page 272 of 1637

CVSS Compliance
Score Status
All login credentials should be transmitted using HTTPS, either
explicitly or from within a current HTTPS context.
20 Unencrypted Password 6.1 Medium Fail URL: http://65.61.137.117:8080/login.jsp

Form Port: tcp/8080

Service: http
Evidence:
DetectionDetails: GET - http://65.61.137.117:8080/login.jsp
Request: GET http://65.61.137.117:8080/login.jsp HTTP/1.1
Cookie: JSESSIONID=76AA5AC0228D700D9219ED73F9533B78
Remediation:
21 Insecure transmission of 6.1 Medium Fail URL: http://65.61.137.117/doLogin

Port: tcp/80
Page 273 of 1637

CVSS Compliance
Score Status
credentials
When the authentication information like username or password is
passed to the server via an HTTP GET request, it is supplied using
query string parameters present in the URL. As a result, this
information might be easily available on proxy or web server logs.
Similarly, if such information is sent using HTTP POST request or using
cookies over an unencrypted connection, it is prone to a man-in-the-
middle attack.
Service: http
Evidence:
DetectionDetails: Login credentials found in the POST request body
POST - http://65.61.137.117/doLogin
uid=CHSuser contains CHSuser
passw=Passwor1 contains Passwor1
Request: POST http://65.61.137.117/doLogin HTTP/1.1

Cookie: JSESSIONID=7DEA7694E36255C4C48824F9A0DE4E13
Origin: http://65.61.137.117
Content-Length: 42
uid=CHSuser&passw=Passwor1&btnSubmit=Login
Remediation:
All login credentials should be transmitted using HTTPS using a POST
Page 274 of 1637

CVSS Compliance
Score Status
request.
22 Unencrypted Password 6.1 Medium Fail URL: http://demo.testfire.net:8080/login.jsp

Form Port: tcp/8080

Service: http
Evidence:
DetectionDetails: GET - http://demo.testfire.net:8080/login.jsp
Request: GET http://demo.testfire.net:8080/login.jsp HTTP/1.1
Cookie: JSESSIONID=03939398EA63CCAEE93295DC28E42282
Remediation:
23 Unencrypted Password 6.1 Medium Fail URL: http://demo.testfire.net:8080/doLogin

Form Port: tcp/8080
Page 275 of 1637

CVSS Compliance
Score Status
Service: http
Evidence:
DetectionDetails: POST - http://demo.testfire.net:8080/doLogin
Request: POST http://demo.testfire.net:8080/doLogin HTTP/1.1
Content-Length: 42
Remediation:
24 Insecure transmission of 6.1 Medium Fail URL: http://65.61.137.117:8080/doLogin

credentials Port: tcp/8080

Page 276 of 1637

CVSS Compliance
Score Status
middle attack.
Service: http
Evidence:
POST - http://65.61.137.117:8080/doLogin
Request: POST http://65.61.137.117:8080/doLogin HTTP/1.1

Origin: http://65.61.137.117:8080
Content-Length: 42
Remediation:
request.
Page 277 of 1637

CVSS Compliance
Score Status
25 Insecure transmission of 6.1 Medium Fail URL: http://demo.testfire.net/doLogin


middle attack.
Service: http
Evidence:
POST - http://demo.testfire.net/doLogin
Request: POST http://demo.testfire.net/doLogin HTTP/1.1

Content-Length: 42
Page 278 of 1637

CVSS Compliance
Score Status
Remediation:
request.
26 Unencrypted Password 6.1 Medium Fail URL: http://demo.testfire.net/doLogin

Form Port: tcp/80

Service: http
Evidence:
DetectionDetails: POST - http://demo.testfire.net/doLogin
Content-Length: 42
Remediation:
Page 279 of 1637

CVSS Compliance
Score Status
27 Unencrypted Password 6.1 Medium Fail URL: http://65.61.137.117:8080/doLogin

Form Port: tcp/8080

Service: http
Evidence:
DetectionDetails: POST - http://65.61.137.117:8080/doLogin
Origin: http://65.61.137.117:8080
Content-Length: 42
Remediation:
Page 280 of 1637

CVSS Compliance
Score Status
28 Unencrypted Password 6.1 Medium Fail URL: http://65.61.137.117/doLogin

Form Port: tcp/80

Service: http
Evidence:
DetectionDetails: POST - http://65.61.137.117/doLogin
Origin: http://65.61.137.117
Content-Length: 42
Remediation:
Page 281 of 1637

CVSS Compliance
Score Status
29 Insecure transmission of 6.1 Medium Fail URL: http://demo.testfire.net:8080/doLogin


middle attack.
Service: http
Evidence:
POST - http://demo.testfire.net:8080/doLogin

Content-Length: 42
Page 282 of 1637

CVSS Compliance
Score Status
Remediation:
request.
30 Unencrypted Password 6.1 Medium Fail URL: http://65.61.137.117/login.jsp

Form Port: tcp/80

Service: http
Evidence:
DetectionDetails: GET - http://65.61.137.117/login.jsp
Request: GET http://65.61.137.117/login.jsp HTTP/1.1
Remediation:
Page 283 of 1637

CVSS Compliance
Score Status
31 Information leakage via 5.0 Medium Fail URL: http://65.61.137.117:8080/index.jsp

HTML or JavaScript Port: tcp/8080
comments
While adding general comments is very useful, some programmers
tend to leave important data, such as: filenames related to the web
application, old links or links which were not meant to be browsed by
users, old code fragments, etc.
An attacker who finds these comments can map the application's

structure and files, expose hidden parts of the site, and study the
fragments of code to reverse engineer the application, which may help
develop further attacks against the site.
CVSSv2: AV:N/AC:L/Au:N/C:P/I:N/A:N
Service: http
Reference:
https://cwe.mitre.org/data/definitions/615.html
Evidence:
DetectionDetails: HTML or Javascript comments found
GET - http://65.61.137.117:8080/index.jsp
7 HTML Comment(s) found





Request: GET http://65.61.137.117:8080/index.jsp HTTP/1.1
Page 284 of 1637

CVSS Compliance
Score Status
Remediation:
Remove comments which have sensitive information about the
application. Some of the comments may be exposed to the user and
affect the security posture of the application.
32 Information leakage via 5.0 Medium Fail URL: http://65.61.137.117:8080/

comments

Service: http
Reference:
Page 285 of 1637

CVSS Compliance
Score Status
Evidence:
DetectionDetails: Limit Exceeded. 9 more item(s) were reported.
GET - http://65.61.137.117:8080/index.jsp?content=personal.htm
GET - http://65.61.137.117:8080/index.jsp?content=business.htm
GET - http://65.61.137.117:8080/subscribe.jsp
POST - http://65.61.137.117:8080/doSubscribe
GET - http://65.61.137.117:8080/default.jsp?content=security.htm
GET - http://65.61.137.117:8080/survey_questions.jsp
GET - http://65.61.137.117:8080/survey_questions.jsp?step=a
GET - http://65.61.137.117:8080/status_check.jsp
GET - http://65.61.137.117:8080/swagger/index.html
Remediation:
33 Information leakage via 5.0 Medium Fail URL: http://65.61.137.117:8080/

comments

Page 286 of 1637

CVSS Compliance
Score Status
Service: http
Reference:
Evidence:
GET - http://65.61.137.117:8080/




Request: GET http://65.61.137.117:8080/ HTTP/1.1
Remediation:
34 Information leakage via 5.0 Medium Fail URL: https://65.61.137.117/sendFeedback

Page 287 of 1637

CVSS Compliance
Score Status
comments

Service: https
Reference:
Evidence:
POST - https://65.61.137.117/sendFeedback




Request: POST https://65.61.137.117/sendFeedback HTTP/1.1
Cookie: JSESSIONID=3804E3482E26BDF0C73231467A2AC9D4
Origin: https://65.61.137.117
Referer: https://65.61.137.117/feedback.jsp
Page 288 of 1637

CVSS Compliance
Score Status
Content-Length: 126
cfile=comments.txt&name=CHSuser&email_addr=jsmith20%40kelev.b
iz&subject=_WSETESTDATA&comments=_WSETESTAREADATA&submit
=+Submit+
Remediation:
35 Information leakage via 5.0 Medium Fail URL: http://demo.testfire.net/

comments

Service: http
Reference:
Page 289 of 1637

CVSS Compliance
Score Status
Evidence:
GET - http://demo.testfire.net/




Request: GET http://demo.testfire.net/ HTTP/1.1
Remediation:
36 Information leakage via 5.0 Medium Fail URL: http://65.61.137.117/sendFeedback

comments
Page 290 of 1637

CVSS Compliance
Score Status

Service: http
Reference:
Evidence:
POST - http://65.61.137.117/sendFeedback




Request: POST http://65.61.137.117/sendFeedback HTTP/1.1
Origin: http://65.61.137.117
Referer: http://65.61.137.117/feedback.jsp
Content-Length: 126
Page 291 of 1637

CVSS Compliance
Score Status
=+Submit+
Remediation:
37 Information leakage via 5.0 Medium Fail URL: https://demo.testfire.net/login.jsp

comments

Service: https
Reference:
Evidence:
Page 292 of 1637

CVSS Compliance
Score Status
GET - https://demo.testfire.net/login.jsp
Potentially sensitive comments found
"admin" found in






6159 -->
Request: GET https://demo.testfire.net/login.jsp HTTP/1.1
Cookie: JSESSIONID=0565231311CE173563DB02789CEE78E3
Remediation:
38 Information leakage via 5.0 Medium Fail URL: https://demo.testfire.net/index.jsp?content=inside_contact.ht

HTML or JavaScript m
Port: tcp/443
Page 293 of 1637

CVSS Compliance
Score Status
comments

Service: https
Reference:
Evidence:
GET - https://demo.testfire.net/index.jsp?content=inside_contact.htm





Request: GET
https://demo.testfire.net/index.jsp?content=inside_contact.htm
HTTP/1.1
Page 294 of 1637

CVSS Compliance
Score Status
Remediation:
39 Information leakage via 5.0 Medium Fail URL: https://demo.testfire.net/sendFeedback

comments

Service: https
Reference:
Evidence:
Page 295 of 1637

CVSS Compliance
Score Status
POST - https://demo.testfire.net/sendFeedback




Request: POST https://demo.testfire.net/sendFeedback HTTP/1.1
Referer: https://demo.testfire.net/feedback.jsp
Content-Length: 126
=+Submit+
Remediation:
40 Information leakage via 5.0 Medium Fail URL: http://65.61.137.117:8080/sendFeedback

comments
Page 296 of 1637

CVSS Compliance
Score Status

Service: http
Reference:
Evidence:
POST - http://65.61.137.117:8080/sendFeedback




Request: POST http://65.61.137.117:8080/sendFeedback HTTP/1.1
Origin: http://65.61.137.117:8080
Referer: http://65.61.137.117:8080/feedback.jsp
Page 297 of 1637

CVSS Compliance
Score Status
Content-Length: 126
=+Submit+
Remediation:
41 Information leakage via 5.0 Medium Fail URL: http://demo.testfire.net/index.jsp?content=inside_contact.htm

comments

Service: http
Reference:
Page 298 of 1637

CVSS Compliance
Score Status
Evidence:
GET - http://demo.testfire.net/index.jsp?content=inside_contact.htm




subscriptions -->
Request: GET
http://demo.testfire.net/index.jsp?content=inside_contact.htm HTTP/1.1
Remediation:
42 Information leakage via 5.0 Medium Fail URL: http://demo.testfire.net/search.jsp?query=_WSETESTDATA

comments
Page 299 of 1637

CVSS Compliance
Score Status

Service: http
Reference:
Evidence:
GET - http://demo.testfire.net/search.jsp?query=_WSETESTDATA




Request: GET
http://demo.testfire.net/search.jsp?query=_WSETESTDATA HTTP/1.1
Referer: http://demo.testfire.net/
Page 300 of 1637

CVSS Compliance
Score Status
Remediation:
43 Information leakage via 5.0 Medium Fail URL: http://demo.testfire.net/doLogin

comments

Service: http
Reference:
Evidence:
"admin" found in
Page 301 of 1637

CVSS Compliance
Score Status
6159 -->





6159 -->
Content-Length: 42
Remediation:
44 Information leakage via 5.0 Medium Fail URL: https://demo.testfire.net:8443/

comments
Page 302 of 1637

CVSS Compliance
Score Status

Service: https
Reference:
Evidence:
GET - https://demo.testfire.net:8443/index.jsp?content=personal.htm
GET - https://demo.testfire.net:8443/index.jsp?content=business.htm
GET - https://demo.testfire.net:8443/subscribe.jsp
POST - https://demo.testfire.net:8443/doSubscribe
GET -
https://demo.testfire.net:8443/default.jsp?content=security.htm
GET - https://demo.testfire.net:8443/survey_questions.jsp
GET - https://demo.testfire.net:8443/survey_questions.jsp?step=a
GET - https://demo.testfire.net:8443/status_check.jsp
GET - https://demo.testfire.net:8443/swagger/index.html
Remediation:
Page 303 of 1637

CVSS Compliance
Score Status
45 Information leakage via 5.0 Medium Fail URL: https://demo.testfire.net:8443/search.jsp?query=_WSETESTDA

HTML or JavaScript TA
comments Port: tcp/8443


Service: https
Reference:
Evidence:
GET - https://demo.testfire.net:8443/search.jsp?query=_WSETESTDATA




Page 304 of 1637

CVSS Compliance
Score Status
Request: GET
https://demo.testfire.net:8443/search.jsp?query=_WSETESTDATA
HTTP/1.1
Cookie: JSESSIONID=44C815873649B1433E310F19F9B9450B
Referer: https://demo.testfire.net:8443/
Remediation:
46 Information leakage via 5.0 Medium Fail URL: http://65.61.137.117/feedback.jsp

comments

Service: http
Page 305 of 1637

CVSS Compliance
Score Status
Reference:
Evidence:
GET - http://65.61.137.117/feedback.jsp





Request: GET http://65.61.137.117/feedback.jsp HTTP/1.1
Remediation:
47 Information leakage via 5.0 Medium Fail URL: http://demo.testfire.net:8080/disclaimer.htm?url=http://www.

microsoft.com
Page 306 of 1637

CVSS Compliance
Score Status

comments

Service: http
Reference:
Evidence:
GET -
http://demo.testfire.net:8080/disclaimer.htm?url=http://www.microsoft.
com
1 Javascript Comment(s) found
// if redirection is in the application's domain, don't ask for
Request: GET
http://demo.testfire.net:8080/disclaimer.htm?url=http://www.microsoft.
com HTTP/1.1
Page 307 of 1637

CVSS Compliance
Score Status
Remediation:
48 Information leakage via 5.0 Medium Fail URL: https://demo.testfire.net:8443/doLogin

comments

Service: https
Reference:
Evidence:
POST - https://demo.testfire.net:8443/doLogin
Page 308 of 1637

CVSS Compliance
Score Status
"admin" found in
6159 -->





6159 -->
Request: POST https://demo.testfire.net:8443/doLogin HTTP/1.1
Content-Length: 42
Remediation:
49 Information leakage via 5.0 Medium Fail URL: http://65.61.137.117:8080/index.jsp?content=inside_contact.h

tm
Page 309 of 1637

CVSS Compliance
Score Status

comments

Service: http
Reference:
Evidence:
GET - http://65.61.137.117:8080/index.jsp?content=inside_contact.htm




subscriptions -->
Request: GET
http://65.61.137.117:8080/index.jsp?content=inside_contact.htm
Page 310 of 1637

CVSS Compliance
Score Status
Remediation:
50 Information leakage via 5.0 Medium Fail URL: http://65.61.137.117:8080/doLogin

comments

Service: http
Reference:
Page 311 of 1637

CVSS Compliance
Score Status
Evidence:
"admin" found in
6159 -->





6159 -->
Origin: http://65.61.137.117:8080
Content-Length: 42
Remediation:
Page 312 of 1637

CVSS Compliance
Score Status
51 Information leakage via 5.0 Medium Fail URL: https://65.61.137.117:8443/

comments

Service: https
Reference:
Evidence:
GET - https://65.61.137.117:8443/




Page 313 of 1637

CVSS Compliance
Score Status
Request: GET https://65.61.137.117:8443/ HTTP/1.1
Remediation:
52 Information leakage via 5.0 Medium Fail URL: https://65.61.137.117:8443/disclaimer.htm?url=http://www.mi

HTML or JavaScript crosoft.com


Service: https
Reference:
Page 314 of 1637

CVSS Compliance
Score Status
Evidence:
GET -
https://65.61.137.117:8443/disclaimer.htm?url=http://www.microsoft.c
om
Request: GET
https://65.61.137.117:8443/disclaimer.htm?url=http://www.microsoft.c
om HTTP/1.1
Cookie: JSESSIONID=9B8C68C14BB9B053BB189485F1F888A4
Remediation:
53 Information leakage via 5.0 Medium Fail URL: https://demo.testfire.net/

comments
Page 315 of 1637

CVSS Compliance
Score Status
Service: https
Reference:
Evidence:
GET - https://demo.testfire.net/index.jsp?content=personal.htm
GET - https://demo.testfire.net/index.jsp?content=business.htm
GET - https://demo.testfire.net/subscribe.jsp
POST - https://demo.testfire.net/doSubscribe
GET - https://demo.testfire.net/default.jsp?content=security.htm
GET - https://demo.testfire.net/survey_questions.jsp
GET - https://demo.testfire.net/survey_questions.jsp?step=a
GET - https://demo.testfire.net/status_check.jsp
GET - https://demo.testfire.net/swagger/index.html
Remediation:
54 Information leakage via 5.0 Medium Fail URL: https://65.61.137.117/index.jsp

Page 316 of 1637

CVSS Compliance
Score Status
comments While adding general comments is very useful, some programmers


Service: https
Reference:
Evidence:
GET - https://65.61.137.117/index.jsp




Request: GET https://65.61.137.117/index.jsp HTTP/1.1
Page 317 of 1637

CVSS Compliance
Score Status
Remediation:
55 Information leakage via 5.0 Medium Fail URL: http://65.61.137.117/

comments

Service: http
Reference:
Evidence:
GET - http://65.61.137.117/
Page 318 of 1637

CVSS Compliance
Score Status




Request: GET http://65.61.137.117/ HTTP/1.1
Remediation:
56 Information leakage via 5.0 Medium Fail URL: http://demo.testfire.net:8080/login.jsp

comments

Page 319 of 1637

CVSS Compliance
Score Status
Service: http
Reference:
Evidence:
GET - http://demo.testfire.net:8080/login.jsp
"admin" found in
6159 -->





6159 -->
Page 320 of 1637

CVSS Compliance
Score Status
Remediation:
57 Information leakage via 5.0 Medium Fail URL: http://demo.testfire.net:8080/disclaimer.htm?url=http://www.n

HTML or JavaScript etscape.com


Service: http
Reference:
Evidence:
GET -
http://demo.testfire.net:8080/disclaimer.htm?url=http://www.netscape.
com
Page 321 of 1637

CVSS Compliance
Score Status
authorization
Request: GET
http://demo.testfire.net:8080/disclaimer.htm?url=http://www.netscape.
com HTTP/1.1
Remediation:
58 Information leakage via 5.0 Medium Fail URL: http://demo.testfire.net:8080/sendFeedback

comments

Service: http
Page 322 of 1637

CVSS Compliance
Score Status
Reference:
Evidence:
POST - http://demo.testfire.net:8080/sendFeedback




Request: POST http://demo.testfire.net:8080/sendFeedback HTTP/1.1
Referer: http://demo.testfire.net:8080/feedback.jsp
Content-Length: 126
=+Submit+
Remediation:
Page 323 of 1637

CVSS Compliance
Score Status
59 Information leakage via 5.0 Medium Fail URL: http://demo.testfire.net/disclaimer.htm?url=http://www.netsca

HTML or JavaScript pe.com


Service: http
Reference:
Evidence:
GET -
http://demo.testfire.net/disclaimer.htm?url=http://www.netscape.com
authorization
Request: GET
http://demo.testfire.net/disclaimer.htm?url=http://www.netscape.com
HTTP/1.1
Page 324 of 1637

CVSS Compliance
Score Status
Remediation:
60 Information leakage via 5.0 Medium Fail URL: http://demo.testfire.net/sendFeedback

comments

Service: http
Reference:
Evidence:
Page 325 of 1637

CVSS Compliance
Score Status
POST - http://demo.testfire.net/sendFeedback




Request: POST http://demo.testfire.net/sendFeedback HTTP/1.1
Referer: http://demo.testfire.net/feedback.jsp
Content-Length: 126
=+Submit+
Remediation:
61 Information leakage via 5.0 Medium Fail URL: http://65.61.137.117:8080/disclaimer.htm?url=http://www.nets

HTML or JavaScript cape.com
Page 326 of 1637

CVSS Compliance
Score Status

Service: http
Reference:
Evidence:
GET -
http://65.61.137.117:8080/disclaimer.htm?url=http://www.netscape.co
m
Request: GET
http://65.61.137.117:8080/disclaimer.htm?url=http://www.netscape.co
m HTTP/1.1
Page 327 of 1637

CVSS Compliance
Score Status
Remediation:
62 Information leakage via 5.0 Medium Fail URL: http://65.61.137.117:8080/disclaimer.htm?url=http://www.micr

HTML or JavaScript osoft.com


Service: http
Reference:
Evidence:
GET -
http://65.61.137.117:8080/disclaimer.htm?url=http://www.microsoft.co
m
Page 328 of 1637

CVSS Compliance
Score Status
authorization
Request: GET
http://65.61.137.117:8080/disclaimer.htm?url=http://www.microsoft.co
m HTTP/1.1
Remediation:
63 Information leakage via 5.0 Medium Fail URL: http://65.61.137.117:8080/feedback.jsp

comments

Service: http
Page 329 of 1637

CVSS Compliance
Score Status
Reference:
Evidence:
GET - http://65.61.137.117:8080/feedback.jsp




problem.
Request: GET http://65.61.137.117:8080/feedback.jsp HTTP/1.1
Remediation:
64 Information leakage via 5.0 Medium Fail URL: http://65.61.137.117:8080/login.jsp
Page 330 of 1637

CVSS Compliance
Score Status

comments

Service: http
Reference:
Evidence:
GET - http://65.61.137.117:8080/login.jsp
"admin" found in
6159 -->





Page 331 of 1637

CVSS Compliance
Score Status
6159 -->
Remediation:
65 Information leakage via 5.0 Medium Fail URL: https://65.61.137.117:8443/login.jsp

comments

Service: https
Page 332 of 1637

CVSS Compliance
Score Status
Reference:
Evidence:
GET - https://65.61.137.117:8443/login.jsp
"admin" found in
6159 -->





6159 -->
Request: GET https://65.61.137.117:8443/login.jsp HTTP/1.1
Remediation:
Page 333 of 1637

CVSS Compliance
Score Status
66 Information leakage via 5.0 Medium Fail URL: http://65.61.137.117/search.jsp?query=_WSETESTDATA

comments

Service: http
Reference:
Evidence:
GET - http://65.61.137.117/search.jsp?query=_WSETESTDATA




Request: GET http://65.61.137.117/search.jsp?query=_WSETESTDATA
Page 334 of 1637

CVSS Compliance
Score Status
HTTP/1.1
Referer: http://65.61.137.117/
Remediation:
67 Information leakage via 5.0 Medium Fail URL: http://65.61.137.117:8080/search.jsp?query=_WSETESTDATA

comments

Service: http
Reference:
Page 335 of 1637

CVSS Compliance
Score Status
Evidence:
GET - http://65.61.137.117:8080/search.jsp?query=_WSETESTDATA




Request: GET
http://65.61.137.117:8080/search.jsp?query=_WSETESTDATA HTTP/1.1
Referer: http://65.61.137.117:8080/
Remediation:
68 Information leakage via 5.0 Medium Fail URL: https://demo.testfire.net:8443/login.jsp

comments
Page 336 of 1637

CVSS Compliance
Score Status

Service: https
Reference:
Evidence:
GET - https://demo.testfire.net:8443/login.jsp
"admin" found in
6159 -->





6159 -->
Page 337 of 1637

CVSS Compliance
Score Status
Request: GET https://demo.testfire.net:8443/login.jsp HTTP/1.1
Remediation:
69 Information leakage via 5.0 Medium Fail URL: http://demo.testfire.net:8080/index.jsp?content=inside_contac

HTML or JavaScript t.htm


Service: http
Reference:
Page 338 of 1637

CVSS Compliance
Score Status
Evidence:
GET -
http://demo.testfire.net:8080/index.jsp?content=inside_contact.htm




subscriptions -->
Request: GET
HTTP/1.1
Remediation:
70 Information leakage via 5.0 Medium Fail URL: http://demo.testfire.net:8080/

Page 339 of 1637

CVSS Compliance
Score Status
comments

Service: http
Reference:
Evidence:
GET - http://demo.testfire.net:8080/




Request: GET http://demo.testfire.net:8080/ HTTP/1.1
Page 340 of 1637

CVSS Compliance
Score Status
Remediation:
71 Information leakage via 5.0 Medium Fail URL: https://65.61.137.117:8443/

comments

Service: https
Reference:
Evidence:
GET - https://65.61.137.117:8443/index.jsp?content=personal.htm
Page 341 of 1637

CVSS Compliance
Score Status
GET - https://65.61.137.117:8443/index.jsp?content=business.htm
GET - https://65.61.137.117:8443/subscribe.jsp
POST - https://65.61.137.117:8443/doSubscribe
GET - https://65.61.137.117:8443/default.jsp?content=security.htm
GET - https://65.61.137.117:8443/survey_questions.jsp
GET - https://65.61.137.117:8443/survey_questions.jsp?step=a
GET - https://65.61.137.117:8443/status_check.jsp
GET - https://65.61.137.117:8443/swagger/index.html
Remediation:
72 Information leakage via 5.0 Medium Fail URL: https://65.61.137.117:8443/index.jsp?content=inside_contact.

HTML or JavaScript htm


Service: https
Page 342 of 1637

CVSS Compliance
Score Status
Reference:
Evidence:
GET -
https://65.61.137.117:8443/index.jsp?content=inside_contact.htm




subscriptions -->
Request: GET
HTTP/1.1
Remediation:
73 Information leakage via 5.0 Medium Fail URL: http://demo.testfire.net:8080/doLogin
Page 343 of 1637

CVSS Compliance
Score Status

comments

Service: http
Reference:
Evidence:
"admin" found in
6159 -->





Page 344 of 1637

CVSS Compliance
Score Status
6159 -->
Content-Length: 42
Remediation:
74 Information leakage via 5.0 Medium Fail URL: http://demo.testfire.net:8080/index.jsp

comments

Page 345 of 1637

CVSS Compliance
Score Status
Service: http
Reference:
Evidence:
GET - http://demo.testfire.net:8080/index.jsp




Request: GET http://demo.testfire.net:8080/index.jsp HTTP/1.1
Remediation:
Page 346 of 1637

CVSS Compliance
Score Status
75 Information leakage via 5.0 Medium Fail URL: https://demo.testfire.net:8443/

comments

Service: https
Reference:
Evidence:
GET - https://demo.testfire.net:8443/




Page 347 of 1637

CVSS Compliance
Score Status
Request: GET https://demo.testfire.net:8443/ HTTP/1.1
Remediation:
76 Information leakage via 5.0 Medium Fail URL: https://demo.testfire.net:8443/feedback.jsp

comments

Service: https
Reference:
Page 348 of 1637

CVSS Compliance
Score Status
Evidence:
GET - https://demo.testfire.net:8443/feedback.jsp




problem.
Request: GET https://demo.testfire.net:8443/feedback.jsp HTTP/1.1
Remediation:
77 Information leakage via 5.0 Medium Fail URL: http://65.61.137.117/index.jsp?content=inside_contact.htm

comments
Page 349 of 1637

CVSS Compliance
Score Status

Service: http
Reference:
Evidence:
GET - http://65.61.137.117/index.jsp?content=inside_contact.htm




subscriptions -->
Request: GET
http://65.61.137.117/index.jsp?content=inside_contact.htm HTTP/1.1
Page 350 of 1637

CVSS Compliance
Score Status
Remediation:
78 Information leakage via 5.0 Medium Fail URL: https://65.61.137.117:8443/doLogin

comments

Service: https
Reference:
Evidence:
POST - https://65.61.137.117:8443/doLogin
Page 351 of 1637

CVSS Compliance
Score Status
"admin" found in
6159 -->





6159 -->
Request: POST https://65.61.137.117:8443/doLogin HTTP/1.1
Origin: https://65.61.137.117:8443
Content-Length: 42
Remediation:
Page 352 of 1637

CVSS Compliance
Score Status
79 Information leakage via 5.0 Medium Fail URL: https://65.61.137.117:8443/index.jsp

comments

Service: https
Reference:
Evidence:
GET - https://65.61.137.117:8443/index.jsp




Request: GET https://65.61.137.117:8443/index.jsp HTTP/1.1
Page 353 of 1637

CVSS Compliance
Score Status
Remediation:
80 Information leakage via 5.0 Medium Fail URL: https://65.61.137.117:8443/feedback.jsp

comments

Service: https
Reference:
Page 354 of 1637

CVSS Compliance
Score Status
Evidence:
GET - https://65.61.137.117:8443/feedback.jsp




problem.
Request: GET https://65.61.137.117:8443/feedback.jsp HTTP/1.1
Remediation:
81 Information leakage via 5.0 Medium Fail URL: http://demo.testfire.net/login.jsp

comments
Page 355 of 1637

CVSS Compliance
Score Status

Service: http
Reference:
Evidence:
GET - http://demo.testfire.net/login.jsp
"admin" found in
6159 -->





6159 -->
Page 356 of 1637

CVSS Compliance
Score Status
Remediation:
82 Information leakage via 5.0 Medium Fail URL: https://65.61.137.117/search.jsp?query=_WSETESTDATA

comments

Service: https
Reference:
Page 357 of 1637

CVSS Compliance
Score Status
Evidence:
GET - https://65.61.137.117/search.jsp?query=_WSETESTDATA




Request: GET https://65.61.137.117/search.jsp?query=_WSETESTDATA
HTTP/1.1
Referer: https://65.61.137.117/
Remediation:
83 Information leakage via 5.0 Medium Fail URL: http://65.61.137.117/index.jsp

comments
Page 358 of 1637

CVSS Compliance
Score Status

Service: http
Reference:
Evidence:
GET - http://65.61.137.117/index.jsp




Request: GET http://65.61.137.117/index.jsp HTTP/1.1
Page 359 of 1637

CVSS Compliance
Score Status
Remediation:
84 Information leakage via 5.0 Medium Fail URL: http://65.61.137.117/

comments

Service: http
Reference:
Evidence:
GET - http://65.61.137.117/index.jsp?content=personal.htm
GET - http://65.61.137.117/index.jsp?content=business.htm
GET - http://65.61.137.117/subscribe.jsp
POST - http://65.61.137.117/doSubscribe
Page 360 of 1637

CVSS Compliance
Score Status
GET - http://65.61.137.117/default.jsp?content=security.htm
GET - http://65.61.137.117/survey_questions.jsp
GET - http://65.61.137.117/survey_questions.jsp?step=a
GET - http://65.61.137.117/status_check.jsp
GET - http://65.61.137.117/swagger/index.html
Remediation:
85 Information leakage via 5.0 Medium Fail URL: http://65.61.137.117/disclaimer.htm?url=http://www.microsoft.

HTML or JavaScript com


Service: http
Reference:
Page 361 of 1637

CVSS Compliance
Score Status
Evidence:
GET -
http://65.61.137.117/disclaimer.htm?url=http://www.microsoft.com
authorization
Request: GET
http://65.61.137.117/disclaimer.htm?url=http://www.microsoft.com
HTTP/1.1
Remediation:
86 Information leakage via 5.0 Medium Fail URL: https://demo.testfire.net/disclaimer.htm?url=http://www.micro

HTML or JavaScript soft.com


Page 362 of 1637

CVSS Compliance
Score Status
Service: https
Reference:
Evidence:
GET -
https://demo.testfire.net/disclaimer.htm?url=http://www.microsoft.com
authorization
Request: GET
https://demo.testfire.net/disclaimer.htm?url=http://www.microsoft.com
HTTP/1.1
Remediation:
Page 363 of 1637

CVSS Compliance
Score Status
87 Information leakage via 5.0 Medium Fail URL: https://demo.testfire.net/feedback.jsp

comments

Service: https
Reference:
Evidence:
GET - https://demo.testfire.net/feedback.jsp




problem.
Page 364 of 1637

CVSS Compliance
Score Status
Request: GET https://demo.testfire.net/feedback.jsp HTTP/1.1
Remediation:
88 Information leakage via 5.0 Medium Fail URL: https://demo.testfire.net/doLogin

comments

Service: https
Reference:
Page 365 of 1637

CVSS Compliance
Score Status
Evidence:
POST - https://demo.testfire.net/doLogin
"admin" found in
6159 -->





6159 -->
Request: POST https://demo.testfire.net/doLogin HTTP/1.1
Content-Length: 42
Remediation:
Page 366 of 1637

CVSS Compliance
Score Status
89 Information leakage via 5.0 Medium Fail URL: http://demo.testfire.net:8080/feedback.jsp

comments

Service: http
Reference:
Evidence:
GET - http://demo.testfire.net:8080/feedback.jsp




Page 367 of 1637

CVSS Compliance
Score Status
problem.
Request: GET http://demo.testfire.net:8080/feedback.jsp HTTP/1.1
Remediation:
90 Information leakage via 5.0 Medium Fail URL: http://demo.testfire.net:8080/

comments

Page 368 of 1637

CVSS Compliance
Score Status
Service: http
Reference:
Evidence:
GET - http://demo.testfire.net:8080/index.jsp?content=personal.htm
GET - http://demo.testfire.net:8080/index.jsp?content=business.htm
GET - http://demo.testfire.net:8080/subscribe.jsp
POST - http://demo.testfire.net:8080/doSubscribe
GET - http://demo.testfire.net:8080/default.jsp?content=security.htm
GET - http://demo.testfire.net:8080/survey_questions.jsp
GET - http://demo.testfire.net:8080/survey_questions.jsp?step=a
GET - http://demo.testfire.net:8080/status_check.jsp
GET - http://demo.testfire.net:8080/swagger/index.html
Remediation:
91 Information leakage via 5.0 Medium Fail URL: http://demo.testfire.net/disclaimer.htm?url=http://www.micros

HTML or JavaScript oft.com

Page 369 of 1637

CVSS Compliance
Score Status

Service: http
Reference:
Evidence:
GET -
http://demo.testfire.net/disclaimer.htm?url=http://www.microsoft.com
authorization
Request: GET
http://demo.testfire.net/disclaimer.htm?url=http://www.microsoft.com
HTTP/1.1
Remediation:
Page 370 of 1637

CVSS Compliance
Score Status
92 Information leakage via 5.0 Medium Fail URL: https://demo.testfire.net:8443/disclaimer.htm?url=http://www.

HTML or JavaScript microsoft.com


Service: https
Reference:
Evidence:
GET -
https://demo.testfire.net:8443/disclaimer.htm?url=http://www.microsof
t.com
Request: GET
https://demo.testfire.net:8443/disclaimer.htm?url=http://www.microsof
t.com HTTP/1.1
Page 371 of 1637

CVSS Compliance
Score Status
Remediation:
93 Information leakage via 5.0 Medium Fail URL: https://65.61.137.117:8443/sendFeedback

comments

Service: https
Reference:
Evidence:
Page 372 of 1637

CVSS Compliance
Score Status
POST - https://65.61.137.117:8443/sendFeedback




Request: POST https://65.61.137.117:8443/sendFeedback HTTP/1.1
Origin: https://65.61.137.117:8443
Referer: https://65.61.137.117:8443/feedback.jsp
Content-Length: 126
=+Submit+
Remediation:
94 Information leakage via 5.0 Medium Fail URL: https://65.61.137.117:8443/search.jsp?query=_WSETESTDATA

comments
Page 373 of 1637

CVSS Compliance
Score Status

Service: https
Reference:
Evidence:
GET - https://65.61.137.117:8443/search.jsp?query=_WSETESTDATA




Request: GET
https://65.61.137.117:8443/search.jsp?query=_WSETESTDATA
HTTP/1.1
Referer: https://65.61.137.117:8443/
Page 374 of 1637

CVSS Compliance
Score Status
Remediation:
95 Information leakage via 5.0 Medium Fail URL: http://demo.testfire.net:8080/search.jsp?query=_WSETESTDAT

HTML or JavaScript A


Service: http
Reference:
Evidence:
GET - http://demo.testfire.net:8080/search.jsp?query=_WSETESTDATA
Page 375 of 1637

CVSS Compliance
Score Status




Request: GET
http://demo.testfire.net:8080/search.jsp?query=_WSETESTDATA
HTTP/1.1
Referer: http://demo.testfire.net:8080/
Remediation:
96 Information leakage via 5.0 Medium Fail URL: https://65.61.137.117/index.jsp?content=inside_contact.htm

comments

Page 376 of 1637

CVSS Compliance
Score Status
Service: https
Reference:
Evidence:
GET - https://65.61.137.117/index.jsp?content=inside_contact.htm




subscriptions -->
Request: GET
https://65.61.137.117/index.jsp?content=inside_contact.htm HTTP/1.1
Remediation:
Page 377 of 1637

CVSS Compliance
Score Status
97 Information leakage via 5.0 Medium Fail URL: https://65.61.137.117/login.jsp

comments

Service: https
Reference:
Evidence:
GET - https://65.61.137.117/login.jsp
"admin" found in
6159 -->
Page 378 of 1637

CVSS Compliance
Score Status




6159 -->
Request: GET https://65.61.137.117/login.jsp HTTP/1.1
Remediation:
98 Information leakage via 5.0 Medium Fail URL: https://65.61.137.117/

comments

Page 379 of 1637

CVSS Compliance
Score Status
Service: https
Reference:
Evidence:
GET - https://65.61.137.117/index.jsp?content=personal.htm
GET - https://65.61.137.117/index.jsp?content=business.htm
GET - https://65.61.137.117/subscribe.jsp
POST - https://65.61.137.117/doSubscribe
GET - https://65.61.137.117/default.jsp?content=security.htm
GET - https://65.61.137.117/survey_questions.jsp
GET - https://65.61.137.117/survey_questions.jsp?step=a
GET - https://65.61.137.117/status_check.jsp
GET - https://65.61.137.117/swagger/index.html
Remediation:
99 Information leakage via 5.0 Medium Fail URL: http://demo.testfire.net/

comments
Page 380 of 1637

CVSS Compliance
Score Status

Service: http
Reference:
Evidence:
GET - http://demo.testfire.net/index.jsp?content=personal.htm
GET - http://demo.testfire.net/index.jsp?content=business.htm
GET - http://demo.testfire.net/subscribe.jsp
POST - http://demo.testfire.net/doSubscribe
GET - http://demo.testfire.net/default.jsp?content=security.htm
GET - http://demo.testfire.net/survey_questions.jsp
GET - http://demo.testfire.net/survey_questions.jsp?step=a
GET - http://demo.testfire.net/status_check.jsp
GET - http://demo.testfire.net/swagger/index.html
Remediation:
URL: https://demo.testfire.net:8443/index.jsp
Page 381 of 1637

CVSS Compliance
Score Status
100 Information leakage via 5.0 Medium Fail Port: tcp/8443

HTML or JavaScript
comments While adding general comments is very useful, some programmers

Service: https
Reference:
Evidence:
GET - https://demo.testfire.net:8443/index.jsp




Request: GET https://demo.testfire.net:8443/index.jsp HTTP/1.1
Page 382 of 1637

CVSS Compliance
Score Status
Remediation:
101 Information leakage via 5.0 Medium Fail URL: https://65.61.137.117/disclaimer.htm?url=http://www.microsof

HTML or JavaScript t.com


Service: https
Reference:
Page 383 of 1637

CVSS Compliance
Score Status
Evidence:
GET -
https://65.61.137.117/disclaimer.htm?url=http://www.microsoft.com
authorization
Request: GET
https://65.61.137.117/disclaimer.htm?url=http://www.microsoft.com
HTTP/1.1
Remediation:
102 Information leakage via 5.0 Medium Fail URL: https://65.61.137.117/feedback.jsp

comments

Page 384 of 1637

CVSS Compliance
Score Status
Service: https
Reference:
Evidence:
GET - https://65.61.137.117/feedback.jsp




problem.
Request: GET https://65.61.137.117/feedback.jsp HTTP/1.1
Remediation:
Page 385 of 1637

CVSS Compliance
Score Status
103 Information leakage via 5.0 Medium Fail URL: https://65.61.137.117/

comments

Service: https
Reference:
Evidence:
GET - https://65.61.137.117/




Page 386 of 1637

CVSS Compliance
Score Status
Request: GET https://65.61.137.117/ HTTP/1.1
Remediation:
104 Information leakage via 5.0 Medium Fail URL: https://demo.testfire.net/disclaimer.htm?url=http://www.netsc

HTML or JavaScript ape.com


Service: https
Page 387 of 1637

CVSS Compliance
Score Status
Reference:
Evidence:
GET -
https://demo.testfire.net/disclaimer.htm?url=http://www.netscape.com
authorization
Request: GET
https://demo.testfire.net/disclaimer.htm?url=http://www.netscape.com
HTTP/1.1
Remediation:
105 Information leakage via 5.0 Medium Fail URL: https://demo.testfire.net:8443/sendFeedback

comments
Page 388 of 1637

CVSS Compliance
Score Status

Service: https
Reference:
Evidence:
POST - https://demo.testfire.net:8443/sendFeedback




Request: POST https://demo.testfire.net:8443/sendFeedback HTTP/1.1
Referer: https://demo.testfire.net:8443/feedback.jsp
Content-Length: 126
Page 389 of 1637

CVSS Compliance
Score Status
=+Submit+
Remediation:
106 Information leakage via 5.0 Medium Fail URL: https://demo.testfire.net/

comments

Service: https
Reference:
Evidence:
Page 390 of 1637

CVSS Compliance
Score Status
GET - https://demo.testfire.net/




Request: GET https://demo.testfire.net/ HTTP/1.1
Remediation:
107 Information leakage via 5.0 Medium Fail URL: http://demo.testfire.net/index.jsp

comments

Page 391 of 1637

CVSS Compliance
Score Status
Service: http
Reference:
Evidence:
GET - http://demo.testfire.net/index.jsp




Request: GET http://demo.testfire.net/index.jsp HTTP/1.1
Remediation:
Page 392 of 1637

CVSS Compliance
Score Status
108 Information leakage via 5.0 Medium Fail URL: https://65.61.137.117:8443/disclaimer.htm?url=http://www.net

HTML or JavaScript scape.com


Service: https
Reference:
Evidence:
GET -
https://65.61.137.117:8443/disclaimer.htm?url=http://www.netscape.c
om
Request: GET
https://65.61.137.117:8443/disclaimer.htm?url=http://www.netscape.c
Page 393 of 1637

CVSS Compliance
Score Status
Remediation:
109 Information leakage via 5.0 Medium Fail URL: https://65.61.137.117/disclaimer.htm?url=http://www.netscape

HTML or JavaScript .com


Service: https
Reference:
Page 394 of 1637

CVSS Compliance
Score Status
Evidence:
GET -
https://65.61.137.117/disclaimer.htm?url=http://www.netscape.com
authorization
Request: GET
https://65.61.137.117/disclaimer.htm?url=http://www.netscape.com
HTTP/1.1
Remediation:
110 Information leakage via 5.0 Medium Fail URL: http://65.61.137.117/login.jsp

comments

Page 395 of 1637

CVSS Compliance
Score Status
Service: http
Reference:
Evidence:
GET - http://65.61.137.117/login.jsp
"admin" found in
6159 -->





6159 -->
Page 396 of 1637

CVSS Compliance
Score Status
Remediation:
111 Information leakage via 5.0 Medium Fail URL: https://65.61.137.117/doLogin

comments

Service: https
Reference:
Evidence:
POST - https://65.61.137.117/doLogin
Page 397 of 1637

CVSS Compliance
Score Status
"admin" found in
6159 -->





6159 -->
Request: POST https://65.61.137.117/doLogin HTTP/1.1
Origin: https://65.61.137.117
Content-Length: 42
Remediation:
112 Information leakage via 5.0 Medium Fail URL: https://demo.testfire.net:8443/disclaimer.htm?url=http://www.

netscape.com
Page 398 of 1637

CVSS Compliance
Score Status

comments

Service: https
Reference:
Evidence:
GET -
https://demo.testfire.net:8443/disclaimer.htm?url=http://www.netscape
.com
Request: GET
https://demo.testfire.net:8443/disclaimer.htm?url=http://www.netscape
.com HTTP/1.1
Page 399 of 1637

CVSS Compliance
Score Status
Remediation:
113 Information leakage via 5.0 Medium Fail URL: https://demo.testfire.net:8443/index.jsp?content=inside_conta

HTML or JavaScript ct.htm


Service: https
Reference:
Evidence:
GET - https://demo.testfire.net:8443/index.jsp?content=inside_contact.
Page 400 of 1637

CVSS Compliance
Score Status
htm




subscriptions -->
Request: GET
https://demo.testfire.net:8443/index.jsp?content=inside_contact.htm
HTTP/1.1
Remediation:
114 Information leakage via 5.0 Medium Fail URL: https://demo.testfire.net/index.jsp

comments
Page 401 of 1637

CVSS Compliance
Score Status
Service: https
Reference:
Evidence:
GET - https://demo.testfire.net/index.jsp




Request: GET https://demo.testfire.net/index.jsp HTTP/1.1
Remediation:
Page 402 of 1637

CVSS Compliance
Score Status
115 Information leakage via 5.0 Medium Fail URL: https://demo.testfire.net/search.jsp?query=_WSETESTDATA

comments

Service: https
Reference:
Evidence:
GET - https://demo.testfire.net/search.jsp?query=_WSETESTDATA



Page 403 of 1637

CVSS Compliance
Score Status

Request: GET
https://demo.testfire.net/search.jsp?query=_WSETESTDATA HTTP/1.1
Referer: https://demo.testfire.net/
Remediation:
116 Information leakage via 5.0 Medium Fail URL: http://demo.testfire.net/feedback.jsp

comments

Page 404 of 1637

CVSS Compliance
Score Status
Service: http
Reference:
Evidence:
GET - http://demo.testfire.net/feedback.jsp




problem.
Request: GET http://demo.testfire.net/feedback.jsp HTTP/1.1
Remediation:
Page 405 of 1637

CVSS Compliance
Score Status
117 Information leakage via 5.0 Medium Fail URL: http://65.61.137.117/disclaimer.htm?url=http://www.netscape.

HTML or JavaScript com


Service: http
Reference:
Evidence:
GET -
http://65.61.137.117/disclaimer.htm?url=http://www.netscape.com
authorization
Request: GET
http://65.61.137.117/disclaimer.htm?url=http://www.netscape.com
HTTP/1.1
Page 406 of 1637

CVSS Compliance
Score Status
Remediation:
118 Information leakage via 5.0 Medium Fail URL: http://65.61.137.117/doLogin

comments

Service: http
Reference:
Evidence:
Page 407 of 1637

CVSS Compliance
Score Status
"admin" found in
6159 -->





6159 -->
Origin: http://65.61.137.117
Content-Length: 42
Remediation:
Page 408 of 1637

CVSS Compliance
Score Status
119 Web Page Transmits Login 4.6 Medium Fail URL: http://65.61.137.117/login.jsp
Credentials Without Port: tcp/80
Encryption
There is a web page on this host that transmits login credentials over
HTTP, which is a clear-text protocol. As such, if an attacker was able to
intercept traffic containing login credentials, it would be trivial to view
user account and password information.
CVSSv2: AV:A/AC:H/Au:N/C:C/I:N/A:N
Service: http
Application: apache:tomcat
Evidence:
Form Name: login
Action: http://65.61.137.117:80/doLogin
Fields: uid (text), passw (password), btnSubmit (submit)
Location: http://65.61.137.117/login.jsp
Remediation:
All web application communications containing sensitive information
should be transmitted using SSL/TLS (HTTPS). If re-direction from HTTP
to HTTPS is utilized in an attempt to remediate this finding, please
ensure that such redirection occurs on the server side of the system
(for example via the use of the HTTP "Location" header element) and
that redirection is not reliant upon the client (browser) side.
120 Web Page Transmits Login 4.6 Medium Fail URL: http://demo.testfire.net:8080/login.jsp
Encryption
Page 409 of 1637

CVSS Compliance
Score Status
Service: http
Evidence:
Form Name: login
Action: http://demo.testfire.net:8080/doLogin
Location: http://demo.testfire.net:8080/login.jsp
Remediation:
121 Web Page Transmits Login 4.6 Medium Fail URL: http://65.61.137.117:8080/login.jsp
Encryption
Page 410 of 1637

CVSS Compliance
Score Status
Service: http
Evidence:
Form Name: login
Location: http://65.61.137.117:8080/login.jsp
Remediation:
122 Web Page Transmits Login 4.6 Medium Fail URL: http://demo.testfire.net/login.jsp
Encryption
Service: http
Page 411 of 1637

CVSS Compliance
Score Status
Evidence:
Form Name: login
Location: http://demo.testfire.net/login.jsp
Remediation:
123 CVE-2011-3389 SSLv2, SSLv3 and TLS v1.0 4.3 Medium Fail Port: tcp/443
Vulnerable to CBC Attacks
via chosen-plaintext This server supports a version of SSL vulnerable to a Cipher Block
(BEAST) Chaining (CBC) attack. When using a block-based cipher with SSLv2,
SSLv3 or TLS v1.0, it is possible to perform a cryptographic attack
called a chosen-plaintext attack. An attack, commonly known as
"Browser Exploit Against SSL/TLS" ("BEAST") takes advantage of this
vulnerability in how the browser sets up SSL/TLS connections (e.g. for
HTTPS), and may allow an attacker to decrypt the SSL/TLS connection
to gain access to sensitive information. Although, the BEAST attack is
the only known exploit, other services not related to web servers (e.g.
IMAP) may also be vulnerable to such attack.
CVE: CVE-2011-3389
CVSSv2: AV:N/AC:M/Au:N/C:P/I:N/A:N
Service: https
Page 412 of 1637

CVSS Compliance
Score Status
Reference:
http://httpd.apache.org/docs/trunk/mod/mod_ssl.html#sslciphersuite
http://support.microsoft.com/kb/2643584
http://technet.microsoft.com/en-us/security/advisory/2588513
Evidence:
Remediation:
The server should be configured to allow only TLS versions 1.1 and 1.2,
which are not vulnerable to this CBC attack. Although the latest
versions of all major web browsers support TLS 1.1 and 1.2 enabled by
default, disabling previous versions may prevent other services than
HTTP from connecting to the server if they do not support these
versions of TLS.
124 Cross-Site Scripting 4.3 Medium Fail URL: https://demo.testfire.net:8443/util/serverStatusCheckService.js

p?HostName=%3Cscript%3Ealert%2815650661.00947%29%3
C%2Fscript%3E
Port: tcp/8443
A reflected cross-site scripting vulnerability was identified in this web

application. Reflected cross-site scripting is when HTML or Javascript
content is supplied to a user defined parameter to have it then
displayed (aka: reflected) back to the user and rendered or interpreted
by their browser.
Page 413 of 1637

CVSS Compliance
Score Status
This web site responded to a harmless web request that included
Javascript/HTML which was reflected back, indicating that the
underlying web application may be vulnerable to being used in a cross-
site scripting (XSS) attack. While this vulnerability does not exploit the
web server itself, it can be utilized by an attacker to target end-users
and potentially take over their sessions or other sensitive information.
Cross-site scripting can be found in many different forms and

All Cross-Site Scripting vulnerabilities are considered non-compliant by

PCI.
CVSSv2: AV:N/AC:M/Au:N/C:N/I:P/A:N
Service: https
Reference:
http://www.cert.org/advisories/CA-2000-02.html
http://www.owasp.org/index.php/Cross-site_scripting
http://www.owasp.org/index.php/Data_Validation
http://www.owasp.org/index.php/Review_Code_for_Cross-site_scripting
Evidence:
DetectionDetails: Cross-Site Scripting vulnerability found.
GET -
https://demo.testfire.net:8443/util/serverStatusCheckService.jsp?HostN
ame=%3Cscript%3Ealert%2815650661.00947%29%3C%2Fscript%3E -
HostName
Injection: <script>alert(15650661.00947)</script>
Detection: An alert was detected containing 15650661.00947
Request: GET https://demo.testfire.net:
Page 414 of 1637

CVSS Compliance
Score Status
8443/util/serverStatusCheckService.jsp?HostName=%3Cscript%3Ealert
%2815650661.00947%29%3C%2Fscript%3E HTTP/1.1
Referer: https://demo.testfire.net:8443/status_check.jsp
Remediation:
Before accepting any user-supplied data, the application should
validate this data's format and reject any characters that are not
explicitly allowed (i.e. a white-list). This list should be as restrictive as
possible. Before using any data (stored or user-supplied) to generate
web page content, the application should escape all non alpha-numeric
characters (i.e. output-validation). This is particularly important when
the original source of data is beyond the control of the application.
Even if the source of the data isn't performing input-validation, output-
validation will still prevent XSS.
Please note that the listing of XSS vulnerabilities is not an exhaustive

list, and other XSS vulnerabilities may exist in the application.
125 Cross-Site Scripting 4.3 Medium Fail URL: https://demo.testfire.net/sendFeedback

Port: tcp/443

by their browser.
Page 415 of 1637

CVSS Compliance
Score Status


PCI.
Service: https
Reference:
Evidence:
POST - https://demo.testfire.net/sendFeedback - email_addr
Injection: javascript://'/</title></style></textarea></script>--><p"
onclick=alert(15650658.00617)//>*/alert(15650658.00617)/*

Page 416 of 1637

CVSS Compliance
Score Status
cfile=comments.txt&name=CHSuser&email_addr=javascript%3A%2F%
2F%27%2F%3C%2Ftitle%3E%3C%2Fstyle%3E%3C%2Ftextarea%3E%3
C%2Fscript%3E--
%3E%3Cp%22+%0A+onclick%3Dalert%2815650658.00617%29%2F%
2F%3E*%2Falert%2815650658.00617%29%2F*&subject=_WSETESTDA
TA&comments=_WSETESTAREADATA&submit=+Submit+
Remediation:

126 Cross-Site Scripting 4.3 Medium Fail URL: https://65.61.137.117:8443/util/serverStatusCheckService.jsp?

HostName=%3Cscript%3Ealert%2815650661.00947%29%3C
%2Fscript%3E
Port: tcp/8443
Page 417 of 1637

CVSS Compliance
Score Status
by their browser.



PCI.
Service: https
Reference:
Evidence:
GET - https://65.61.137.117:8443/util/serverStatusCheckService.jsp?
Page 418 of 1637

CVSS Compliance
Score Status
HostName=%3Cscript%3Ealert%2815650661.00947%29%3C%2Fscript
%3E - HostName
Request: GET
https://65.61.137.117:8443/util/serverStatusCheckService.jsp?HostNam
e=%3Cscript%3Ealert%2815650661.00947%29%3C%2Fscript%3E
HTTP/1.1
Referer: https://65.61.137.117:8443/status_check.jsp
Remediation:

127 Cross-Site Scripting 4.3 Medium Fail URL: http://demo.testfire.net:8080/index.jsp?content=javascript%3

A%2F%2F%27%2F%3C%2Ftitle%3E%3C%2Fstyle%3E%3C%2F
textarea%3E%3C%2Fscript%3E--
%3E%3Cp%22+%0A+onclick%3Dalert%2815650659.00127%
Page 419 of 1637

CVSS Compliance
Score Status
2Falert%2815650659.00127%29%2F*
Port: tcp/8080

by their browser.



PCI.
Service: http
Reference:
Page 420 of 1637

CVSS Compliance
Score Status
Evidence:
GET -
http://demo.testfire.net:8080/index.jsp?content=javascript%3A%2F%2
F%27%2F%3C%2Ftitle%3E%3C%2Fstyle%3E%3C%2Ftextarea%3E%3C
%2Fscript%3E--
2F%3E*%2Falert%2815650659.00127%29%2F* - content
Request: GET
http://demo.testfire.net:8080/index.jsp?content=javascript%3A%2F%2
%2Fscript%3E--
2F%3E*%2Falert%2815650659.00127%29%2F* HTTP/1.1
Remediation:
Page 421 of 1637

CVSS Compliance
Score Status
128 Cross-Site Scripting 4.3 Medium Fail URL: http://65.61.137.117:8080/search.jsp?query=%3Cscript%3Eale

rt%2815650660.00037%29%3C%2Fscript%3E
Port: tcp/8080

by their browser.



PCI.
Service: http
Reference:
Page 422 of 1637

CVSS Compliance
Score Status
Evidence:
GET -
http://65.61.137.117:8080/search.jsp?query=%3Cscript%3Ealert%2815
650660.00037%29%3C%2Fscript%3E - query
Request: GET
http://65.61.137.117:8080/search.jsp?query=%3Cscript%3Ealert%2815
650660.00037%29%3C%2Fscript%3E HTTP/1.1
Referer: http://65.61.137.117:8080/
Remediation:
Page 423 of 1637

CVSS Compliance
Score Status
129 Insecure configuration of 4.3 Medium Fail URL: http://65.61.137.117:8080/

Cookie attributes Port: tcp/8080
A Cookie Vulnerability helps an attacker to gain access to session

information stored in cookies. It may also be used as a 'locator' attack
that precedes a Cross-Site Scripting (XSS) or Man-In-The-Middle attack.
When looking for Cookie Vulnerabilities, an attacker will first observe
cookies through various HTTP proxies and check their attributes. The
attacker will then try to steal cookies of various users by employing
multiple attacks. If successful, he/she may be able to get sensitive
information which can be further used in an illegitimate way.
Service: http
Reference:
https://www.owasp.org/index.php/Testing_for_cookies_attributes_%28O
TG-SESS-002%29
Evidence:
DetectionDetails: Cookie Vulnerabilities Found
jsessionid = 76aa5ac0228d700d9219ed73f9533b78
Path = /
Host = 65.61.137.117
Cookie does not have a secure attribute
Cookie can be cached. Missing cache control and pragma tags
Page 424 of 1637

CVSS Compliance
Score Status
Remediation:
Secure flag must be set for Session Cookies for Application served over
SSL.
For all Session cookies, HTTPOnly flag would limit session access in
cases of Cross-Site Scripting issues. Proper Caching headers should be
set for responses carrying the cookie.
130 Cross-Site Scripting 4.3 Medium Fail URL: https://65.61.137.117:8443/search.jsp?query=%3Cscript%3Eal

ert%2815650661.00037%29%3C%2Fscript%3E
Port: tcp/8443

by their browser.


Page 425 of 1637

CVSS Compliance
Score Status

PCI.
Service: https
Reference:
Evidence:
GET -
https://65.61.137.117:8443/search.jsp?query=%3Cscript%3Ealert%281
5650661.00037%29%3C%2Fscript%3E - query
Request: GET
https://65.61.137.117:8443/search.jsp?query=%3Cscript%3Ealert%281
5650661.00037%29%3C%2Fscript%3E HTTP/1.1
Referer: https://65.61.137.117:8443/
Remediation:
Page 426 of 1637

CVSS Compliance
Score Status

131 Cross-Site Scripting 4.3 Medium Fail URL: http://65.61.137.117/index.jsp?content=javascript%3A%2F%2

F%27%2F%3C%2Ftitle%3E%3C%2Fstyle%3E%3C%2Ftextarea
%3E%3C%2Fscript%3E--
29%2F%2F%3E*%2Falert%2815650656.00127%29%2F*
Port: tcp/80

by their browser.

Page 427 of 1637

CVSS Compliance
Score Status

PCI.
Service: http
Reference:
Evidence:
GET -
http://65.61.137.117/index.jsp?content=javascript%3A%2F%2F%27%2
F%3C%2Ftitle%3E%3C%2Fstyle%3E%3C%2Ftextarea%3E%3C%2Fscrip
t%3E--
Request: GET
http://65.61.137.117/index.jsp?content=javascript%3A%2F%2F%27%2
F%3C%2Ftitle%3E%3C%2Fstyle%3E%3C%2Ftextarea%3E%3C%2Fscrip
t%3E--
2F%3E*%2Falert%2815650656.00127%29%2F* HTTP/1.1
Page 428 of 1637

CVSS Compliance
Score Status
Remediation:

132 Cross-Site Scripting 4.3 Medium Fail URL: https://65.61.137.117/sendFeedback

Port: tcp/443

by their browser.

Page 429 of 1637

CVSS Compliance
Score Status


PCI.
Service: https
Reference:
Evidence:
POST - https://65.61.137.117/sendFeedback - email_addr

Origin: https://65.61.137.117
Page 430 of 1637

CVSS Compliance
Score Status
C%2Fscript%3E--
Remediation:

133 Cross-Site Scripting 4.3 Medium Fail URL: http://65.61.137.117/util/serverStatusCheckService.jsp?HostNa

me=%3Cscript%3Ealert%2815650656.00947%29%3C%2Fscri
pt%3E
Port: tcp/80

Page 431 of 1637

CVSS Compliance
Score Status
by their browser.



PCI.
Service: http
Reference:
Evidence:
GET -
http://65.61.137.117/util/serverStatusCheckService.jsp?HostName=%3
Cscript%3Ealert%2815650656.00947%29%3C%2Fscript%3E -
HostName
Page 432 of 1637

CVSS Compliance
Score Status
Request: GET
http://65.61.137.117/util/serverStatusCheckService.jsp?HostName=%3
Cscript%3Ealert%2815650656.00947%29%3C%2Fscript%3E HTTP/1.1
Referer: http://65.61.137.117/status_check.jsp
Remediation:

134 Insecure configuration of 4.3 Medium Fail URL: http://demo.testfire.net:8080/


Page 433 of 1637

CVSS Compliance
Score Status
Service: http
Reference:
TG-SESS-002%29
Evidence:
jsessionid = 03939398ea63ccaee93295dc28e42282
Path = /
Host = demo.testfire.net
Remediation:
SSL.
Page 434 of 1637

CVSS Compliance
Score Status
135 Cross-Site Scripting 4.3 Medium Fail URL: http://demo.testfire.net:8080/search.jsp?query=%3Cscript%3E

alert%2815650659.00037%29%3C%2Fscript%3E
Port: tcp/8080

by their browser.



PCI.
Service: http
Reference:
Page 435 of 1637

CVSS Compliance
Score Status
Evidence:
GET -
http://demo.testfire.net:8080/search.jsp?query=%3Cscript%3Ealert%28
15650659.00037%29%3C%2Fscript%3E - query
Request: GET
http://demo.testfire.net:8080/search.jsp?query=%3Cscript%3Ealert%28
15650659.00037%29%3C%2Fscript%3E HTTP/1.1
Remediation:

Page 436 of 1637

CVSS Compliance
Score Status
136 Cross-Site Scripting 4.3 Medium Fail URL: http://demo.testfire.net/index.jsp?content=javascript%3A%2F

%2F%27%2F%3C%2Ftitle%3E%3C%2Fstyle%3E%3C%2Ftextar
ea%3E%3C%2Fscript%3E--
29%2F%2F%3E*%2Falert%2815650660.00127%29%2F*
Port: tcp/80

by their browser.



PCI.
Service: http
Page 437 of 1637

CVSS Compliance
Score Status
Reference:
Evidence:
GET -
http://demo.testfire.net/index.jsp?content=javascript%3A%2F%2F%27
%2F%3C%2Ftitle%3E%3C%2Fstyle%3E%3C%2Ftextarea%3E%3C%2Fs
cript%3E--
Request: GET
http://demo.testfire.net/index.jsp?content=javascript%3A%2F%2F%27
cript%3E--
2F%3E*%2Falert%2815650660.00127%29%2F* HTTP/1.1
Remediation:
Page 438 of 1637

CVSS Compliance
Score Status

137 Cross-Site Scripting 4.3 Medium Fail URL: https://demo.testfire.net:8443/search.jsp?query=%3Cscript%3

Ealert%2815650661.00037%29%3C%2Fscript%3E
Port: tcp/8443

by their browser.


Page 439 of 1637

CVSS Compliance
Score Status
PCI.
Service: https
Reference:
Evidence:
GET -
https://demo.testfire.net:8443/search.jsp?query=%3Cscript%3Ealert%2
815650661.00037%29%3C%2Fscript%3E - query
Request: GET
https://demo.testfire.net:8443/search.jsp?query=%3Cscript%3Ealert%2
815650661.00037%29%3C%2Fscript%3E HTTP/1.1
Remediation:
Page 440 of 1637

CVSS Compliance
Score Status

138 Cross-Site Scripting 4.3 Medium Fail URL: https://65.61.137.117:8443/sendFeedback

Port: tcp/8443

by their browser.



PCI.
Page 441 of 1637

CVSS Compliance
Score Status
Service: https
Reference:
Evidence:
POST - https://65.61.137.117:8443/sendFeedback - name

Origin: https://65.61.137.117:8443
cfile=comments.txt&name=%3Cscript%3Ealert%2815650661.00557%
29%3C%2Fscript%3E&email_addr=jsmith20%40kelev.biz&subject=_W
SETESTDATA&comments=_WSETESTAREADATA&submit=+Submit+
Remediation:
Page 442 of 1637

CVSS Compliance
Score Status

139 Cross-Site Scripting 4.3 Medium Fail URL: http://demo.testfire.net/sendFeedback

Port: tcp/80

by their browser.



PCI.
Page 443 of 1637

CVSS Compliance
Score Status
Service: http
Reference:
Evidence:
POST - http://demo.testfire.net/sendFeedback - email_addr

C%2Fscript%3E--
Page 444 of 1637

CVSS Compliance
Score Status
Remediation:

140 Cross-Site Scripting 4.3 Medium Fail URL: http://demo.testfire.net:8080/util/serverStatusCheckService.jsp

?HostName=%3Cscript%3Ealert%2815650659.00947%29%3C
%2Fscript%3E
Port: tcp/8080

by their browser.

Page 445 of 1637

CVSS Compliance
Score Status


PCI.
Service: http
Reference:
Evidence:
GET -
http://demo.testfire.net:8080/util/serverStatusCheckService.jsp?HostNa
me=%3Cscript%3Ealert%2815650659.00947%29%3C%2Fscript%3E -
HostName
Request: GET
http://demo.testfire.net:8080/util/serverStatusCheckService.jsp?HostNa
me=%3Cscript%3Ealert%2815650659.00947%29%3C%2Fscript%3E
HTTP/1.1
Referer: http://demo.testfire.net:8080/status_check.jsp
Page 446 of 1637

CVSS Compliance
Score Status
Remediation:

141 Cross-Site Scripting 4.3 Medium Fail URL: http://65.61.137.117:8080/index.jsp?content=javascript%3A%

2F%2F%27%2F%3C%2Ftitle%3E%3C%2Fstyle%3E%3C%2Ftex
tarea%3E%3C%2Fscript%3E--
29%2F%2F%3E*%2Falert%2815650660.00127%29%2F*
Port: tcp/8080

by their browser.

Page 447 of 1637

CVSS Compliance
Score Status


PCI.
Service: http
Reference:
Evidence:
GET -
http://65.61.137.117:8080/index.jsp?content=javascript%3A%2F%2F%
27%2F%3C%2Ftitle%3E%3C%2Fstyle%3E%3C%2Ftextarea%3E%3C%2
Fscript%3E--
Page 448 of 1637

CVSS Compliance
Score Status
Request: GET
http://65.61.137.117:8080/index.jsp?content=javascript%3A%2F%2F%
27%2F%3C%2Ftitle%3E%3C%2Fstyle%3E%3C%2Ftextarea%3E%3C%2
Fscript%3E--
2F%3E*%2Falert%2815650660.00127%29%2F* HTTP/1.1
Remediation:

142 Cross-Site Scripting 4.3 Medium Fail URL: http://65.61.137.117:8080/sendFeedback

Port: tcp/8080

Page 449 of 1637

CVSS Compliance
Score Status
by their browser.



PCI.
Service: http
Reference:
Evidence:
POST - http://65.61.137.117:8080/sendFeedback - name
Page 450 of 1637

CVSS Compliance
Score Status
Origin: http://65.61.137.117:8080
Remediation:

143 Cross-Site Scripting 4.3 Medium Fail URL: https://demo.testfire.net:8443/sendFeedback

Port: tcp/8443

Page 451 of 1637

CVSS Compliance
Score Status
by their browser.



PCI.
Service: https
Reference:
Evidence:
POST - https://demo.testfire.net:8443/sendFeedback - email_addr
Page 452 of 1637

CVSS Compliance
Score Status

C%2Fscript%3E--
Remediation:

Page 453 of 1637

CVSS Compliance
Score Status
144 Cross-Site Scripting 4.3 Medium Fail URL: http://demo.testfire.net:8080/sendFeedback

Port: tcp/8080

by their browser.



PCI.
Service: http
Reference:
Page 454 of 1637

CVSS Compliance
Score Status
Evidence:
POST - http://demo.testfire.net:8080/sendFeedback - email_addr

C%2Fscript%3E--
Remediation:
Page 455 of 1637

CVSS Compliance
Score Status

145 Cross-Site Scripting 4.3 Medium Fail URL: https://65.61.137.117/index.jsp?content=javascript%3A%2F%

2F%27%2F%3C%2Ftitle%3E%3C%2Fstyle%3E%3C%2Ftextare
a%3E%3C%2Fscript%3E--
29%2F%2F%3E*%2Falert%2815650642.00127%29%2F*
Port: tcp/443

by their browser.



PCI.
Page 456 of 1637

CVSS Compliance
Score Status
Service: https
Reference:
Evidence:
GET -
https://65.61.137.117/index.jsp?content=javascript%3A%2F%2F%27%
2F%3C%2Ftitle%3E%3C%2Fstyle%3E%3C%2Ftextarea%3E%3C%2Fscri
pt%3E--
Request: GET
https://65.61.137.117/index.jsp?content=javascript%3A%2F%2F%27%
2F%3C%2Ftitle%3E%3C%2Fstyle%3E%3C%2Ftextarea%3E%3C%2Fscri
pt%3E--
2F%3E*%2Falert%2815650642.00127%29%2F* HTTP/1.1
Remediation:
Page 457 of 1637

CVSS Compliance
Score Status

146 Cross-Site Scripting 4.3 Medium Fail URL: https://demo.testfire.net:8443/index.jsp?content=javascript%3

A%2F%2F%27%2F%3C%2Ftitle%3E%3C%2Fstyle%3E%3C%2F
textarea%3E%3C%2Fscript%3E--
29%2F%2F%3E*%2Falert%2815650661.00127%29%2F*
Port: tcp/8443

by their browser.

Page 458 of 1637

CVSS Compliance
Score Status

PCI.
Service: https
Reference:
Evidence:
GET -
https://demo.testfire.net:8443/index.jsp?content=javascript%3A%2F%2
%2Fscript%3E--
Request: GET
https://demo.testfire.net:8443/index.jsp?content=javascript%3A%2F%2
%2Fscript%3E--
Page 459 of 1637

CVSS Compliance
Score Status
Remediation:

147 Cross-Site Scripting 4.3 Medium Fail URL: http://65.61.137.117/search.jsp?query=%3Cscript%3Ealert%2

815650656.00037%29%3C%2Fscript%3E
Port: tcp/80

by their browser.

Page 460 of 1637

CVSS Compliance
Score Status


PCI.
Service: http
Reference:
Evidence:
GET -
http://65.61.137.117/search.jsp?query=%3Cscript%3Ealert%28156506
56.00037%29%3C%2Fscript%3E - query
Request: GET
http://65.61.137.117/search.jsp?query=%3Cscript%3Ealert%28156506
56.00037%29%3C%2Fscript%3E HTTP/1.1
Page 461 of 1637

CVSS Compliance
Score Status
Remediation:

148 Cross-Site Scripting 4.3 Medium Fail URL: https://demo.testfire.net/search.jsp?query=%3Cscript%3Ealert

%2815650658.00037%29%3C%2Fscript%3E
Port: tcp/443

by their browser.

Page 462 of 1637

CVSS Compliance
Score Status


PCI.
Service: https
Reference:
Evidence:
GET -
https://demo.testfire.net/search.jsp?query=%3Cscript%3Ealert%28156
50658.00037%29%3C%2Fscript%3E - query
Request: GET
https://demo.testfire.net/search.jsp?query=%3Cscript%3Ealert%28156
50658.00037%29%3C%2Fscript%3E HTTP/1.1
Page 463 of 1637

CVSS Compliance
Score Status
Remediation:

149 Cross-Site Scripting 4.3 Medium Fail URL: https://demo.testfire.net/index.jsp?content=javascript%3A%2F

%2F%27%2F%3C%2Ftitle%3E%3C%2Fstyle%3E%3C%2Ftextar
ea%3E%3C%2Fscript%3E--
29%2F%2F%3E*%2Falert%2815650658.00127%29%2F*
Port: tcp/443

by their browser.
Page 464 of 1637

CVSS Compliance
Score Status


PCI.
Service: https
Reference:
Evidence:
GET -
https://demo.testfire.net/index.jsp?content=javascript%3A%2F%2F%27
cript%3E--
Page 465 of 1637

CVSS Compliance
Score Status
Request: GET
https://demo.testfire.net/index.jsp?content=javascript%3A%2F%2F%27
cript%3E--
2F%3E*%2Falert%2815650658.00127%29%2F* HTTP/1.1
Remediation:

150 Cross-Site Scripting 4.3 Medium Fail URL: https://demo.testfire.net/sendFeedback

Port: tcp/443

Page 466 of 1637

CVSS Compliance
Score Status
by their browser.



PCI.
Service: https
Reference:
Evidence:
POST - https://demo.testfire.net/sendFeedback - name
Page 467 of 1637

CVSS Compliance
Score Status

Remediation:

151 Insecure configuration of 4.3 Medium Fail URL: http://demo.testfire.net/

Page 468 of 1637

CVSS Compliance
Score Status
Service: http
Reference:
TG-SESS-002%29
Evidence:
jsessionid = b95638afc2ebb1aeee06e0a48503002c
Path = /
Host = demo.testfire.net
Remediation:
Page 469 of 1637

CVSS Compliance
Score Status
SSL.
CVE: CVE-2011-3389
Service: https
Reference:
Evidence:
Page 470 of 1637

CVSS Compliance
Score Status
Remediation:
versions of TLS.
153 Cross-Site Scripting 4.3 Medium Fail URL: https://65.61.137.117/search.jsp?query=%3Cscript%3Ealert%2

815650642.00037%29%3C%2Fscript%3E
Port: tcp/443

by their browser.


Page 471 of 1637

CVSS Compliance
Score Status
PCI.
Service: https
Reference:
Evidence:
GET -
https://65.61.137.117/search.jsp?query=%3Cscript%3Ealert%2815650
642.00037%29%3C%2Fscript%3E - query
Request: GET
https://65.61.137.117/search.jsp?query=%3Cscript%3Ealert%2815650
642.00037%29%3C%2Fscript%3E HTTP/1.1
Referer: https://65.61.137.117/
Remediation:
Page 472 of 1637

CVSS Compliance
Score Status

154 Cross-Site Scripting 4.3 Medium Fail URL: http://65.61.137.117/sendFeedback

Port: tcp/80

by their browser.



PCI.
Page 473 of 1637

CVSS Compliance
Score Status
Service: http
Reference:
Evidence:
POST - http://65.61.137.117/sendFeedback - name

Origin: http://65.61.137.117
Remediation:
Page 474 of 1637

CVSS Compliance
Score Status

155 Cross-Site Scripting 4.3 Medium Fail URL: http://demo.testfire.net:8080/sendFeedback

Port: tcp/8080

by their browser.


Page 475 of 1637

CVSS Compliance
Score Status
PCI.
Service: http
Reference:
Evidence:
POST - http://demo.testfire.net:8080/sendFeedback - name

Remediation:
Page 476 of 1637

CVSS Compliance
Score Status

156 Cross-Site Scripting 4.3 Medium Fail URL: http://65.61.137.117:8080/sendFeedback

Port: tcp/8080

by their browser.


Page 477 of 1637

CVSS Compliance
Score Status
PCI.
Service: http
Reference:
Evidence:
POST - http://65.61.137.117:8080/sendFeedback - email_addr

Origin: http://65.61.137.117:8080
C%2Fscript%3E--
2F%3E*%2Falert%2815650660.00617%29%
Page 478 of 1637

CVSS Compliance
Score Status
2F*&subject=_WSETESTDATA&comments=_WSETESTAREADATA&subm
it=+Submit+
Remediation:

157 Cross-Site Scripting 4.3 Medium Fail URL: https://65.61.137.117:8443/sendFeedback

Port: tcp/8443

by their browser.

Page 479 of 1637

CVSS Compliance
Score Status


PCI.
Service: https
Reference:
Evidence:
POST - https://65.61.137.117:8443/sendFeedback - email_addr

Origin: https://65.61.137.117:8443
Page 480 of 1637

CVSS Compliance
Score Status
C%2Fscript%3E--
Remediation:

158 Cross-Site Scripting 4.3 Medium Fail URL: https://65.61.137.117:8443/index.jsp?content=javascript%3A

%2F%2F%27%2F%3C%2Ftitle%3E%3C%2Fstyle%3E%3C%2Ft
extarea%3E%3C%2Fscript%3E--
29%2F%2F%3E*%2Falert%2815650661.00127%29%2F*
Port: tcp/8443

Page 481 of 1637

CVSS Compliance
Score Status
by their browser.



PCI.
Service: https
Reference:
Evidence:
GET -
https://65.61.137.117:8443/index.jsp?content=javascript%3A%2F%2F
%27%2F%3C%2Ftitle%3E%3C%2Fstyle%3E%3C%2Ftextarea%3E%3C
%2Fscript%3E--
Page 482 of 1637

CVSS Compliance
Score Status
29%2F* - content
Request: GET
https://65.61.137.117:8443/index.jsp?content=javascript%3A%2F%2F
%27%2F%3C%2Ftitle%3E%3C%2Fstyle%3E%3C%2Ftextarea%3E%3C
%2Fscript%3E--
2F%3E*%2Falert%2815650661.00127%29%2F* HTTP/1.1
Remediation:

159 Cross-Site Scripting 4.3 Medium Fail URL: http://65.61.137.117:8080/util/serverStatusCheckService.jsp?H

ostName=%3Cscript%3Ealert%2815650660.00947%29%
Page 483 of 1637

CVSS Compliance
Score Status
3C%2Fscript%3E
Port: tcp/8080

by their browser.



PCI.
Service: http
Reference:
Page 484 of 1637

CVSS Compliance
Score Status
Evidence:
GET -
http://65.61.137.117:8080/util/serverStatusCheckService.jsp?HostNam
e=%3Cscript%3Ealert%2815650660.00947%29%3C%2Fscript%3E -
HostName
Request: GET
http://65.61.137.117:8080/util/serverStatusCheckService.jsp?HostNam
e=%3Cscript%3Ealert%2815650660.00947%29%3C%2Fscript%3E
HTTP/1.1
Referer: http://65.61.137.117:8080/status_check.jsp
Remediation:

Page 485 of 1637

CVSS Compliance
Score Status
160 Cross-Site Scripting 4.3 Medium Fail URL: http://demo.testfire.net/search.jsp?query=%3Cscript%3Ealert

%2815650660.00037%29%3C%2Fscript%3E
Port: tcp/80

by their browser.



PCI.
Service: http
Reference:
Page 486 of 1637

CVSS Compliance
Score Status
Evidence:
GET -
http://demo.testfire.net/search.jsp?query=%3Cscript%3Ealert%281565
0660.00037%29%3C%2Fscript%3E - query
Request: GET
http://demo.testfire.net/search.jsp?query=%3Cscript%3Ealert%281565
0660.00037%29%3C%2Fscript%3E HTTP/1.1
Remediation:

Page 487 of 1637

CVSS Compliance
Score Status
161 Cross-Site Scripting 4.3 Medium Fail URL: http://demo.testfire.net/util/serverStatusCheckService.jsp?Host

Name=%3Cscript%3Ealert%2815650660.00947%29%3C%2Fs
cript%3E
Port: tcp/80

by their browser.



PCI.
Service: http
Reference:
Page 488 of 1637

CVSS Compliance
Score Status
Evidence:
GET -
http://demo.testfire.net/util/serverStatusCheckService.jsp?HostName=
%3Cscript%3Ealert%2815650660.00947%29%3C%2Fscript%3E -
HostName
Request: GET
http://demo.testfire.net/util/serverStatusCheckService.jsp?HostName=
%3Cscript%3Ealert%2815650660.00947%29%3C%2Fscript%3E
HTTP/1.1
Referer: http://demo.testfire.net/status_check.jsp
Remediation:

Page 489 of 1637

CVSS Compliance
Score Status
162 Cross-Site Scripting 4.3 Medium Fail URL: http://demo.testfire.net/sendFeedback

Port: tcp/80

by their browser.



PCI.
Service: http
Reference:
Page 490 of 1637

CVSS Compliance
Score Status
Evidence:
POST - http://demo.testfire.net/sendFeedback - name

Remediation:
Page 491 of 1637

CVSS Compliance
Score Status
163 Insecure configuration of 4.3 Medium Fail URL: http://65.61.137.117/


Service: http
Reference:
TG-SESS-002%29
Evidence:
jsessionid = 7dea7694e36255c4c48824f9a0de4e13
Path = /
Host = 65.61.137.117
Page 492 of 1637

CVSS Compliance
Score Status
Remediation:
SSL.
164 Cross-Site Scripting 4.3 Medium Fail URL: https://demo.testfire.net:8443/sendFeedback

Port: tcp/8443

by their browser.


Page 493 of 1637

CVSS Compliance
Score Status
PCI.
Service: https
Reference:
Evidence:
POST - https://demo.testfire.net:8443/sendFeedback - name

Remediation:
Page 494 of 1637

CVSS Compliance
Score Status

165 Cross-Site Scripting 4.3 Medium Fail URL: https://demo.testfire.net/util/serverStatusCheckService.jsp?Ho

stName=%3Cscript%3Ealert%2815650658.00947%29%3C%2F
script%3E
Port: tcp/443

by their browser.


Page 495 of 1637

CVSS Compliance
Score Status

PCI.
Service: https
Reference:
Evidence:
GET -
https://demo.testfire.net/util/serverStatusCheckService.jsp?HostName=
%3Cscript%3Ealert%2815650658.00947%29%3C%2Fscript%3E -
HostName
Request: GET
https://demo.testfire.net/util/serverStatusCheckService.jsp?HostName=
%3Cscript%3Ealert%2815650658.00947%29%3C%2Fscript%3E
HTTP/1.1
Referer: https://demo.testfire.net/status_check.jsp
Remediation:
Page 496 of 1637

CVSS Compliance
Score Status

166 Cross-Site Scripting 4.3 Medium Fail URL: https://65.61.137.117/sendFeedback

Port: tcp/443

by their browser.


Page 497 of 1637

CVSS Compliance
Score Status

PCI.
Service: https
Reference:
Evidence:
POST - https://65.61.137.117/sendFeedback - name

Origin: https://65.61.137.117
Page 498 of 1637

CVSS Compliance
Score Status
Remediation:

167 Cross-Site Scripting 4.3 Medium Fail URL: https://65.61.137.117/util/serverStatusCheckService.jsp?HostN

ame=%3Cscript%3Ealert%2815650642.00947%29%3C%2Fscr
ipt%3E
Port: tcp/443

by their browser.

Page 499 of 1637

CVSS Compliance
Score Status

PCI.
Service: https
Reference:
Evidence:
GET -
https://65.61.137.117/util/serverStatusCheckService.jsp?HostName=%
3Cscript%3Ealert%2815650642.00947%29%3C%2Fscript%3E -
HostName
Request: GET
https://65.61.137.117/util/serverStatusCheckService.jsp?HostName=%
3Cscript%3Ealert%2815650642.00947%29%3C%2Fscript%3E HTTP/1.1
Referer: https://65.61.137.117/status_check.jsp
Page 500 of 1637

CVSS Compliance
Score Status
Remediation:

168 Cross-Site Scripting 4.3 Medium Fail URL: http://65.61.137.117/sendFeedback

Port: tcp/80

by their browser.

Page 501 of 1637

CVSS Compliance
Score Status

PCI.
Service: http
Reference:
Evidence:
POST - http://65.61.137.117/sendFeedback - email_addr

Origin: http://65.61.137.117
2F%27%2F%3C%2Ftitle%3E%3C%2Fstyle%3E%3C%2Ftextarea%3E%
Page 502 of 1637

CVSS Compliance
Score Status
3C%2Fscript%3E--
Remediation:

169 No Clickjacking Protection 2.6 Low Pass URL: http://65.61.137.117:8080/

present Port: tcp/8080
This page does not utilize the benefits that the X-FRAME-OPTIONS or
Content-Security-Polilcy: frame-ancestors HTTP header elements offer.
These headers should be implemented to prevent the page from being
used in part of a click-jacking scenario. The headers specify which
systems (if any) are allowed to embed the current page within an HTML
frame.
CVSSv2: AV:N/AC:H/Au:N/C:N/I:P/A:N
Page 503 of 1637

CVSS Compliance
Score Status
Service: http
Reference:
https://www.owasp.org/index.php/Clickjacking
https://www.owasp.org/index.php/Clickjacking_Defense_Cheat_Sheet
Evidence:
Headers: {"server"=>["Apache-Coyote/1.1"], "set-
cookie"=>["JSESSIONID=D5CC99799F62567D97687377E9E57D1E;
Path=/; HttpOnly"], "content-type"=>["text/html;charset=ISO-8859-
1"], "transfer-encoding"=>["chunked"], "date"=>["Tue, 06 Aug 2019
03:05:09 GMT"]}
url: http://65.61.137.117:8080/
Remediation:
Add Clickjacking protection with one of the following response headers:
X-Frame-Options or Content-Security-Policy with frame-ancestors
directive.
170 No Clickjacking Protection 2.6 Low Pass URL: http://demo.testfire.net:8080/

frame.
Page 504 of 1637

CVSS Compliance
Score Status
Service: http
Reference:
Evidence:
cookie"=>["JSESSIONID=7396ECE6F9230BEA6656EC9364C1EEE4;
03:04:14 GMT"]}
url: http://demo.testfire.net:8080/
Remediation:
directive.
171 No Clickjacking Protection 2.6 Low Pass URL: https://demo.testfire.net:8443/

frame.
Page 505 of 1637

CVSS Compliance
Score Status
Service: https
Reference:
Evidence:
cookie"=>["JSESSIONID=6AD1B35870824ABE33FC4A206303ADA1;
Path=/; Secure; HttpOnly"], "content-type"=>["text/html;charset=ISO-
8859-1"], "transfer-encoding"=>["chunked"], "date"=>["Tue, 06 Aug
2019 03:06:04 GMT"]}
url: https://demo.testfire.net:8443/
Remediation:
directive.
172 No Clickjacking Protection 2.6 Low Pass URL: https://65.61.137.117:8443/

frame.
Page 506 of 1637

CVSS Compliance
Score Status
Service: https
Reference:
Evidence:
cookie"=>["JSESSIONID=5E429D789B42131617FC21FC2C7092B0;
2019 03:06:59 GMT"]}
url: https://65.61.137.117:8443/
Remediation:
directive.
173 No Clickjacking Protection 2.6 Low Pass URL: https://65.61.137.117/

frame.
Page 507 of 1637

CVSS Compliance
Score Status
Service: https
Reference:
Evidence:
cookie"=>["JSESSIONID=91AE2C06F7F66EB7AC4721CA7926E84A;
2019 03:03:20 GMT"]}
url: https://65.61.137.117/
Remediation:
directive.
174 No Clickjacking Protection 2.6 Low Pass URL: http://demo.testfire.net/

frame.
Page 508 of 1637

CVSS Compliance
Score Status
Service: http
Reference:
Evidence:
cookie"=>["JSESSIONID=6FBDC1BA64262E169CD8AA130C5A6D25;
03:00:33 GMT"]}
url: http://demo.testfire.net/
Remediation:
directive.
175 No Clickjacking Protection 2.6 Low Pass URL: http://65.61.137.117/

frame.
Page 509 of 1637

CVSS Compliance
Score Status
Service: http
Reference:
Evidence:
cookie"=>["JSESSIONID=43417874F1E2104EC67B2F9DEE17E8CE;
03:01:27 GMT"]}
url: http://65.61.137.117/
Remediation:
directive.
176 No Clickjacking Protection 2.6 Low Pass URL: https://demo.testfire.net/

frame.
Page 510 of 1637

CVSS Compliance
Score Status
Service: https
Reference:
Evidence:
cookie"=>["JSESSIONID=ECBF550A2EE43223488AC21A19DCD097;
2019 03:02:22 GMT"]}
url: https://demo.testfire.net/
Remediation:
directive.
177 Absence of caching 2.1 Low Pass URL: http://demo.testfire.net/index.jsp?content=business.htm

directives for pages having Port: tcp/80
forms
Data submitted via forms present on pages without caching directives,
can allow data to be cached on browser/ cache giving access to the
data.
CVSSv2: AV:L/AC:L/Au:N/C:P/I:N/A:N
Service: http
Page 511 of 1637

CVSS Compliance
Score Status
Evidence:
DetectionDetails: Form Caching Vulnerability Found
GET - http://demo.testfire.net/index.jsp?content=business.htm
No Caching Directives Found.
The application should use BOTH 'pragma:no-cache as well as ' Cache-
Control:no-Store, no-Cache' headers to prevent caching.

<input type="text" name="query" id="query" accesskey="S">
<input type="submit" value="Go">
Request: GET http://demo.testfire.net/index.jsp?content=business.htm

HTTP/1.1
Remediation:
Caching can be disabled by setting the "Pragma: No-cache" and
"Cache-control: No-cache,No-Store" HTTP Header values in the
response containing form.
178 Absence of caching 2.1 Low Pass URL: https://demo.testfire.net:8443/sendFeedback

forms
data.
Page 512 of 1637

CVSS Compliance
Score Status
Service: https
Evidence:
POST - https://demo.testfire.net:8443/sendFeedback


Content-Length: 126
=+Submit+
Remediation:
Page 513 of 1637

CVSS Compliance
Score Status
179 Absence of caching 2.1 Low Pass URL: https://65.61.137.117/index.jsp

forms
data.
Service: https
Evidence:
GET - https://65.61.137.117/index.jsp

Request: GET https://65.61.137.117/index.jsp HTTP/1.1

Page 514 of 1637

CVSS Compliance
Score Status
Remediation:
180 Absence of caching 2.1 Low Pass URL: http://demo.testfire.net:8080/index.jsp?content=personal.htm

forms
data.
Service: http
Evidence:
GET - http://demo.testfire.net:8080/index.jsp?content=personal.htm

Request: GET
http://demo.testfire.net:8080/index.jsp?content=personal.htm HTTP/1.1
Page 515 of 1637

CVSS Compliance
Score Status
Remediation:
181 Absence of caching 2.1 Low Pass URL: https://65.61.137.117:8443/

forms
data.
Service: https
Evidence:
Remediation:
182 Absence of caching 2.1 Low Pass URL: https://demo.testfire.net/doLogin

Page 516 of 1637

CVSS Compliance
Score Status
forms Data submitted via forms present on pages without caching directives,
data.
Service: https
Evidence:
POST - https://demo.testfire.net/doLogin

<form action="doLogin" method="post" name="login" id="login"

onsubmit="return (confirminput(login));">
<input type="text" id="uid" name="uid" value="" style="width:
150px;">
<input type="password" id="passw" name="passw" style="width:
150px;">
<input type="submit" name="btnSubmit" value="Login">
Request: POST https://demo.testfire.net/doLogin HTTP/1.1

Page 517 of 1637

CVSS Compliance
Score Status
Content-Length: 42
Remediation:
183 Absence of caching 2.1 Low Pass URL: https://demo.testfire.net/index.jsp

forms
data.
Service: https
Evidence:
GET - https://demo.testfire.net/index.jsp

Page 518 of 1637

CVSS Compliance
Score Status
Request: GET https://demo.testfire.net/index.jsp HTTP/1.1
Remediation:
184 Absence of caching 2.1 Low Pass URL: http://demo.testfire.net:8080/index.jsp?content=business.htm

forms
data.
Service: http
Evidence:
GET - http://demo.testfire.net:8080/index.jsp?content=business.htm
Page 519 of 1637

CVSS Compliance
Score Status
Request: GET
http://demo.testfire.net:8080/index.jsp?content=business.htm
HTTP/1.1
Remediation:
185 Absence of caching 2.1 Low Pass URL: http://65.61.137.117:8080/index.jsp?content=inside_contact.h

directives for pages having tm
forms Port: tcp/8080

data.
Service: http
Evidence:
GET - http://65.61.137.117:8080/index.jsp?content=inside_contact.htm
Page 520 of 1637

CVSS Compliance
Score Status

Request: GET
HTTP/1.1
Remediation:
186 Absence of caching 2.1 Low Pass URL: https://demo.testfire.net:8443/index.jsp?content=inside_conta

directives for pages having ct.htm

data.
Page 521 of 1637

CVSS Compliance
Score Status
Service: https
Evidence:
GET -

Request: GET
HTTP/1.1
Remediation:
187 Absence of caching 2.1 Low Pass URL: https://demo.testfire.net:8443/search.jsp?query=_WSETESTDA

directives for pages having TA
Page 522 of 1637

CVSS Compliance
Score Status

data.
Service: https
Evidence:
GET - https://demo.testfire.net:8443/search.jsp?query=_WSETESTDATA

Request: GET
https://demo.testfire.net:8443/search.jsp?query=_WSETESTDATA
HTTP/1.1
Remediation:
Page 523 of 1637

CVSS Compliance
Score Status
188 Absence of caching 2.1 Low Pass URL: http://65.61.137.117/index.jsp

forms
data.
Service: http
Evidence:
GET - http://65.61.137.117/index.jsp

Request: GET http://65.61.137.117/index.jsp HTTP/1.1

Page 524 of 1637

CVSS Compliance
Score Status
Remediation:
189 Absence of caching 2.1 Low Pass URL: http://demo.testfire.net:8080/sendFeedback

forms
data.
Service: http
Evidence:
POST - http://demo.testfire.net:8080/sendFeedback


Page 525 of 1637

CVSS Compliance
Score Status
Content-Length: 126
=+Submit+
Remediation:
190 Absence of caching 2.1 Low Pass URL: https://demo.testfire.net:8443/

forms
data.
Service: https
Evidence:
GET - https://demo.testfire.net:8443/
Page 526 of 1637

CVSS Compliance
Score Status

Remediation:
191 Absence of caching 2.1 Low Pass URL: https://demo.testfire.net/search.jsp?query=_WSETESTDATA

forms
data.
Service: https
Evidence:
GET - https://demo.testfire.net/search.jsp?query=_WSETESTDATA
Page 527 of 1637

CVSS Compliance
Score Status

Request: GET
https://demo.testfire.net/search.jsp?query=_WSETESTDATA HTTP/1.1
Remediation:
192 Absence of caching 2.1 Low Pass URL: http://demo.testfire.net:8080/

forms
data.
Service: http
Page 528 of 1637

CVSS Compliance
Score Status
Evidence:
GET - http://demo.testfire.net:8080/


Remediation:
193 Absence of caching 2.1 Low Pass URL: http://demo.testfire.net:8080/feedback.jsp

forms
data.
Page 529 of 1637

CVSS Compliance
Score Status
Service: http
Evidence:
GET - http://demo.testfire.net:8080/feedback.jsp

<form name="cmt" method="post" action="sendFeedback">

<input type="hidden" name="cfile" value="comments.txt">
<input name="name" size="25" type="text" value="">
<input name="email_addr" type="text" size="25">
<input name="subject" size="25">
<input type="submit" value=" Submit " name="submit">
<input type="reset" value=" Clear Form " name="reset">
Request: GET http://demo.testfire.net:8080/feedback.jsp HTTP/1.1

Remediation:
Page 530 of 1637

CVSS Compliance
Score Status
194 Absence of caching 2.1 Low Pass URL: https://65.61.137.117:8443/doLogin

forms
data.
Service: https
Evidence:
POST - https://65.61.137.117:8443/doLogin


150px;">
150px;">
Request: POST https://65.61.137.117:8443/doLogin HTTP/1.1
Page 531 of 1637

CVSS Compliance
Score Status
Origin: https://65.61.137.117:8443
Content-Length: 42
Remediation:
195 Absence of caching 2.1 Low Pass URL: https://65.61.137.117:8443/

forms
data.
Service: https
Evidence:
GET - https://65.61.137.117:8443/
Page 532 of 1637

CVSS Compliance
Score Status


Remediation:
196 Absence of caching 2.1 Low Pass URL: https://65.61.137.117/

forms
data.
Service: https
Evidence:
Page 533 of 1637

CVSS Compliance
Score Status
Remediation:
197 Absence of caching 2.1 Low Pass URL: https://65.61.137.117/doLogin

forms
data.
Service: https
Evidence:
POST - https://65.61.137.117/doLogin


150px;">
Page 534 of 1637

CVSS Compliance
Score Status
150px;">
Request: POST https://65.61.137.117/doLogin HTTP/1.1

Origin: https://65.61.137.117
Content-Length: 42
Remediation:
198 Absence of caching 2.1 Low Pass URL: http://65.61.137.117/feedback.jsp

forms
data.
Service: http
Evidence:
Page 535 of 1637

CVSS Compliance
Score Status
GET - http://65.61.137.117/feedback.jsp


Request: GET http://65.61.137.117/feedback.jsp HTTP/1.1

Remediation:
Page 536 of 1637

CVSS Compliance
Score Status
199 Absence of caching 2.1 Low Pass URL: http://65.61.137.117/index.jsp?content=business.htm

forms
data.
Service: http
Evidence:
GET - http://65.61.137.117/index.jsp?content=business.htm

Request: GET http://65.61.137.117/index.jsp?content=business.htm

HTTP/1.1
Remediation:
Page 537 of 1637

CVSS Compliance
Score Status
200 Absence of caching 2.1 Low Pass URL: http://demo.testfire.net:8080/doLogin

forms
data.
Service: http
Evidence:


150px;">
150px;">
Page 538 of 1637

CVSS Compliance
Score Status

Content-Length: 42
Remediation:
201 Absence of caching 2.1 Low Pass URL: http://demo.testfire.net:8080/search.jsp?query=_WSETESTDAT

directives for pages having A

data.
Service: http
Evidence:
Page 539 of 1637

CVSS Compliance
Score Status
GET - http://demo.testfire.net:8080/search.jsp?query=_WSETESTDATA

Request: GET
http://demo.testfire.net:8080/search.jsp?query=_WSETESTDATA
HTTP/1.1
Remediation:
202 Absence of caching 2.1 Low Pass URL: http://65.61.137.117:8080/index.jsp

forms
data.
Page 540 of 1637

CVSS Compliance
Score Status
Service: http
Evidence:
GET - http://65.61.137.117:8080/index.jsp

Request: GET http://65.61.137.117:8080/index.jsp HTTP/1.1

Remediation:
203 Absence of caching 2.1 Low Pass URL: http://65.61.137.117:8080/login.jsp

forms
Page 541 of 1637

CVSS Compliance
Score Status
data.
Service: http
Evidence:
GET - http://65.61.137.117:8080/login.jsp


150px;">
150px;">

Page 542 of 1637

CVSS Compliance
Score Status
Remediation:
204 Absence of caching 2.1 Low Pass URL: https://demo.testfire.net:8443/index.jsp?content=personal.ht

directives for pages having m

data.
Service: https
Evidence:
GET - https://demo.testfire.net:8443/index.jsp?content=personal.htm

Request: GET
https://demo.testfire.net:8443/index.jsp?content=personal.htm
HTTP/1.1
Page 543 of 1637

CVSS Compliance
Score Status
Remediation:
205 Absence of caching 2.1 Low Pass URL: http://demo.testfire.net/search.jsp?query=_WSETESTDATA

forms
data.
Service: http
Evidence:
GET - http://demo.testfire.net/search.jsp?query=_WSETESTDATA

Page 544 of 1637

CVSS Compliance
Score Status
Request: GET
http://demo.testfire.net/search.jsp?query=_WSETESTDATA HTTP/1.1
Remediation:
206 Absence of caching 2.1 Low Pass URL: http://demo.testfire.net/index.jsp?content=personal.htm

forms
data.
Service: http
Evidence:
GET - http://demo.testfire.net/index.jsp?content=personal.htm
Page 545 of 1637

CVSS Compliance
Score Status

Request: GET http://demo.testfire.net/index.jsp?content=personal.htm

HTTP/1.1
Remediation:
207 Absence of caching 2.1 Low Pass URL: http://demo.testfire.net/index.jsp

forms
data.
Service: http
Page 546 of 1637

CVSS Compliance
Score Status
Evidence:
GET - http://demo.testfire.net/index.jsp

Request: GET http://demo.testfire.net/index.jsp HTTP/1.1

Remediation:
208 Absence of caching 2.1 Low Pass URL: https://demo.testfire.net/login.jsp

forms
data.
Page 547 of 1637

CVSS Compliance
Score Status
Service: https
Evidence:
GET - https://demo.testfire.net/login.jsp


150px;">
150px;">
Request: GET https://demo.testfire.net/login.jsp HTTP/1.1

Remediation:
Page 548 of 1637

CVSS Compliance
Score Status
209 Absence of caching 2.1 Low Pass URL: http://65.61.137.117:8080/feedback.jsp

forms
data.
Service: http
Evidence:
GET - http://65.61.137.117:8080/feedback.jsp


Page 549 of 1637

CVSS Compliance
Score Status
Request: GET http://65.61.137.117:8080/feedback.jsp HTTP/1.1
Remediation:
210 Absence of caching 2.1 Low Pass URL: http://65.61.137.117:8080/

forms
data.
Service: http
Evidence:
GET - http://65.61.137.117:8080/
Page 550 of 1637

CVSS Compliance
Score Status

Remediation:
211 Absence of caching 2.1 Low Pass URL: https://demo.testfire.net:8443/

forms
data.
Service: https
Evidence:
Remediation:
Page 551 of 1637

CVSS Compliance
Score Status
212 Absence of caching 2.1 Low Pass URL: http://demo.testfire.net:8080/index.jsp

forms
data.
Service: http
Evidence:
GET - http://demo.testfire.net:8080/index.jsp

Request: GET http://demo.testfire.net:8080/index.jsp HTTP/1.1

Page 552 of 1637

CVSS Compliance
Score Status
Remediation:
213 Absence of caching 2.1 Low Pass URL: https://65.61.137.117/index.jsp?content=personal.htm

forms
data.
Service: https
Evidence:
GET - https://65.61.137.117/index.jsp?content=personal.htm

Request: GET https://65.61.137.117/index.jsp?content=personal.htm

HTTP/1.1
Page 553 of 1637

CVSS Compliance
Score Status
Remediation:
214 Absence of caching 2.1 Low Pass URL: https://65.61.137.117/

forms
data.
Service: https
Evidence:
GET - https://65.61.137.117/

Page 554 of 1637

CVSS Compliance
Score Status
Remediation:
215 Absence of caching 2.1 Low Pass URL: http://demo.testfire.net:8080/

forms
data.
Service: http
Evidence:
Remediation:
Page 555 of 1637

CVSS Compliance
Score Status
216 Absence of caching 2.1 Low Pass URL: http://65.61.137.117/index.jsp?content=inside_contact.htm

forms
data.
Service: http
Evidence:
GET - http://65.61.137.117/index.jsp?content=inside_contact.htm

Request: GET
Remediation:
Page 556 of 1637

CVSS Compliance
Score Status
217 Absence of caching 2.1 Low Pass URL: http://65.61.137.117:8080/

forms
data.
Service: http
Evidence:
Remediation:
218 Absence of caching 2.1 Low Pass URL: https://demo.testfire.net/

forms
data.
Page 557 of 1637

CVSS Compliance
Score Status
Service: https
Evidence:
Remediation:
219 Absence of caching 2.1 Low Pass URL: http://65.61.137.117:8080/search.jsp?query=_WSETESTDATA

forms
data.
Service: http
Evidence:
GET - http://65.61.137.117:8080/search.jsp?query=_WSETESTDATA

Page 558 of 1637

CVSS Compliance
Score Status
Request: GET
http://65.61.137.117:8080/search.jsp?query=_WSETESTDATA HTTP/1.1
Referer: http://65.61.137.117:8080/
Remediation:
220 Absence of caching 2.1 Low Pass URL: http://65.61.137.117:8080/index.jsp?content=business.htm

forms
data.
Service: http
Evidence:
GET - http://65.61.137.117:8080/index.jsp?content=business.htm
Page 559 of 1637

CVSS Compliance
Score Status

Request: GET
http://65.61.137.117:8080/index.jsp?content=business.htm HTTP/1.1
Remediation:
221 Absence of caching 2.1 Low Pass URL: http://65.61.137.117:8080/sendFeedback

forms
data.
Service: http
Evidence:
Page 560 of 1637

CVSS Compliance
Score Status
POST - http://65.61.137.117:8080/sendFeedback


Origin: http://65.61.137.117:8080
Content-Length: 126
=+Submit+
Remediation:
222 Absence of caching 2.1 Low Pass URL: https://65.61.137.117/sendFeedback

forms
Page 561 of 1637

CVSS Compliance
Score Status
data.
Service: https
Evidence:
POST - https://65.61.137.117/sendFeedback


Origin: https://65.61.137.117
Content-Length: 126
=+Submit+
Remediation:
Page 562 of 1637

CVSS Compliance
Score Status
223 Absence of caching 2.1 Low Pass URL: https://65.61.137.117/search.jsp?query=_WSETESTDATA

forms
data.
Service: https
Evidence:
GET - https://65.61.137.117/search.jsp?query=_WSETESTDATA

Request: GET https://65.61.137.117/search.jsp?query=_WSETESTDATA

HTTP/1.1
Referer: https://65.61.137.117/
Page 563 of 1637

CVSS Compliance
Score Status
Remediation:
224 Absence of caching 2.1 Low Pass URL: https://65.61.137.117/login.jsp

forms
data.
Service: https
Evidence:
GET - https://65.61.137.117/login.jsp

Page 564 of 1637

CVSS Compliance
Score Status
150px;">
150px;">
Request: GET https://65.61.137.117/login.jsp HTTP/1.1

Remediation:
225 Absence of caching 2.1 Low Pass URL: http://65.61.137.117/search.jsp?query=_WSETESTDATA

forms
data.
Service: http
Evidence:
Page 565 of 1637

CVSS Compliance
Score Status
GET - http://65.61.137.117/search.jsp?query=_WSETESTDATA

Request: GET http://65.61.137.117/search.jsp?query=_WSETESTDATA

HTTP/1.1
Referer: http://65.61.137.117/
Remediation:
226 Absence of caching 2.1 Low Pass URL: https://demo.testfire.net/feedback.jsp

forms
data.
Page 566 of 1637

CVSS Compliance
Score Status
Service: https
Evidence:
GET - https://demo.testfire.net/feedback.jsp


Request: GET https://demo.testfire.net/feedback.jsp HTTP/1.1

Remediation:
Page 567 of 1637

CVSS Compliance
Score Status
227 Absence of caching 2.1 Low Pass URL: http://65.61.137.117:8080/index.jsp?content=personal.htm

forms
data.
Service: http
Evidence:
GET - http://65.61.137.117:8080/index.jsp?content=personal.htm

Request: GET
http://65.61.137.117:8080/index.jsp?content=personal.htm HTTP/1.1
Page 568 of 1637

CVSS Compliance
Score Status
Remediation:
228 Absence of caching 2.1 Low Pass URL: http://demo.testfire.net:8080/index.jsp?content=inside_contac

directives for pages having t.htm

data.
Service: http
Evidence:
GET -

Request: GET
Page 569 of 1637

CVSS Compliance
Score Status
Remediation:
229 Absence of caching 2.1 Low Pass URL: https://demo.testfire.net:8443/login.jsp

forms
data.
Service: https
Evidence:
GET - https://demo.testfire.net:8443/login.jsp

Page 570 of 1637

CVSS Compliance
Score Status

150px;">
150px;">
Request: GET https://demo.testfire.net:8443/login.jsp HTTP/1.1

Remediation:
230 Absence of caching 2.1 Low Pass URL: https://demo.testfire.net:8443/index.jsp

forms
data.
Page 571 of 1637

CVSS Compliance
Score Status
Service: https
Evidence:
GET - https://demo.testfire.net:8443/index.jsp

Request: GET https://demo.testfire.net:8443/index.jsp HTTP/1.1

Remediation:
231 Absence of caching 2.1 Low Pass URL: https://demo.testfire.net/index.jsp?content=personal.htm

forms
Page 572 of 1637

CVSS Compliance
Score Status
data.
Service: https
Evidence:
GET - https://demo.testfire.net/index.jsp?content=personal.htm

Request: GET https://demo.testfire.net/index.jsp?content=personal.htm

HTTP/1.1
Remediation:
232 Absence of caching 2.1 Low Pass URL: https://65.61.137.117:8443/index.jsp?content=personal.htm
Page 573 of 1637

CVSS Compliance
Score Status

forms
data.
Service: https
Evidence:
GET - https://65.61.137.117:8443/index.jsp?content=personal.htm

Request: GET
https://65.61.137.117:8443/index.jsp?content=personal.htm HTTP/1.1
Remediation:
Page 574 of 1637

CVSS Compliance
Score Status
233 Absence of caching 2.1 Low Pass URL: https://65.61.137.117:8443/login.jsp

forms
data.
Service: https
Evidence:
GET - https://65.61.137.117:8443/login.jsp


150px;">
150px;">
Page 575 of 1637

CVSS Compliance
Score Status
Request: GET https://65.61.137.117:8443/login.jsp HTTP/1.1
Remediation:
234 Absence of caching 2.1 Low Pass URL: http://65.61.137.117:8080/doLogin

forms
data.
Service: http
Evidence:
Page 576 of 1637

CVSS Compliance
Score Status

150px;">
150px;">

Origin: http://65.61.137.117:8080
Content-Length: 42
Remediation:
235 Absence of caching 2.1 Low Pass URL: https://65.61.137.117/index.jsp?content=inside_contact.htm

forms
Page 577 of 1637

CVSS Compliance
Score Status
data.
Service: https
Evidence:
GET - https://65.61.137.117/index.jsp?content=inside_contact.htm

Request: GET
Remediation:
Page 578 of 1637

CVSS Compliance
Score Status
236 Absence of caching 2.1 Low Pass URL: http://demo.testfire.net/index.jsp?content=inside_contact.htm

forms
data.
Service: http
Evidence:
GET - http://demo.testfire.net/index.jsp?content=inside_contact.htm

Request: GET
Remediation:
Page 579 of 1637

CVSS Compliance
Score Status
237 Absence of caching 2.1 Low Pass URL: http://demo.testfire.net/

forms
data.
Service: http
Evidence:
GET - http://demo.testfire.net/


Page 580 of 1637

CVSS Compliance
Score Status
Remediation:
238 Absence of caching 2.1 Low Pass URL: https://65.61.137.117:8443/index.jsp?content=inside_contact.

directives for pages having htm

data.
Service: https
Evidence:
GET -

Request: GET
HTTP/1.1
Page 581 of 1637

CVSS Compliance
Score Status
Remediation:
239 Absence of caching 2.1 Low Pass URL: https://65.61.137.117:8443/feedback.jsp

forms
data.
Service: https
Evidence:
GET - https://65.61.137.117:8443/feedback.jsp

Page 582 of 1637

CVSS Compliance
Score Status

Request: GET https://65.61.137.117:8443/feedback.jsp HTTP/1.1

Remediation:
240 Absence of caching 2.1 Low Pass URL: https://65.61.137.117:8443/index.jsp?content=business.htm

forms
data.
Service: https
Page 583 of 1637

CVSS Compliance
Score Status
Evidence:
GET - https://65.61.137.117:8443/index.jsp?content=business.htm

Request: GET
https://65.61.137.117:8443/index.jsp?content=business.htm HTTP/1.1
Remediation:
241 Absence of caching 2.1 Low Pass URL: http://demo.testfire.net/feedback.jsp

forms
data.
Page 584 of 1637

CVSS Compliance
Score Status
Service: http
Evidence:
GET - http://demo.testfire.net/feedback.jsp


Request: GET http://demo.testfire.net/feedback.jsp HTTP/1.1

Remediation:
Page 585 of 1637

CVSS Compliance
Score Status
242 Absence of caching 2.1 Low Pass URL: https://demo.testfire.net/sendFeedback

forms
data.
Service: https
Evidence:
POST - https://demo.testfire.net/sendFeedback


Page 586 of 1637

CVSS Compliance
Score Status
Content-Length: 126
=+Submit+
Remediation:
243 Absence of caching 2.1 Low Pass URL: https://demo.testfire.net/index.jsp?content=business.htm

forms
data.
Service: https
Evidence:
GET - https://demo.testfire.net/index.jsp?content=business.htm
Page 587 of 1637

CVSS Compliance
Score Status
Request: GET https://demo.testfire.net/index.jsp?content=business.htm

HTTP/1.1
Remediation:
244 Absence of caching 2.1 Low Pass URL: http://65.61.137.117/

forms
data.
Service: http
Evidence:
Remediation:
Page 588 of 1637

CVSS Compliance
Score Status
245 Absence of caching 2.1 Low Pass URL: http://65.61.137.117/login.jsp

forms
data.
Service: http
Evidence:
GET - http://65.61.137.117/login.jsp


150px;">
150px;">
Page 589 of 1637

CVSS Compliance
Score Status

Remediation:
246 Absence of caching 2.1 Low Pass URL: https://demo.testfire.net:8443/doLogin

forms
data.
Service: https
Evidence:
POST - https://demo.testfire.net:8443/doLogin
Page 590 of 1637

CVSS Compliance
Score Status


150px;">
150px;">
Request: POST https://demo.testfire.net:8443/doLogin HTTP/1.1

Content-Length: 42
Remediation:
247 Absence of caching 2.1 Low Pass URL: https://demo.testfire.net:8443/feedback.jsp

Port: tcp/8443
Page 591 of 1637

CVSS Compliance
Score Status
directives for pages having

data.
Service: https
Evidence:
GET - https://demo.testfire.net:8443/feedback.jsp


Request: GET https://demo.testfire.net:8443/feedback.jsp HTTP/1.1

Page 592 of 1637

CVSS Compliance
Score Status
Remediation:
248 Absence of caching 2.1 Low Pass URL: https://demo.testfire.net/

forms
data.
Service: https
Evidence:
GET - https://demo.testfire.net/


Page 593 of 1637

CVSS Compliance
Score Status
Remediation:
249 Absence of caching 2.1 Low Pass URL: http://demo.testfire.net/sendFeedback

forms
data.
Service: http
Evidence:
POST - http://demo.testfire.net/sendFeedback

Page 594 of 1637

CVSS Compliance
Score Status
Content-Length: 126
=+Submit+
Remediation:
250 Absence of caching 2.1 Low Pass URL: http://demo.testfire.net/

forms
data.
Service: http
Evidence:
Page 595 of 1637

CVSS Compliance
Score Status
Remediation:
251 Absence of caching 2.1 Low Pass URL: http://demo.testfire.net/login.jsp

forms
data.
Service: http
Evidence:
GET - http://demo.testfire.net/login.jsp


150px;">
Page 596 of 1637

CVSS Compliance
Score Status
150px;">

Remediation:
252 Absence of caching 2.1 Low Pass URL: https://65.61.137.117:8443/index.jsp

forms
data.
Service: https
Evidence:
GET - https://65.61.137.117:8443/index.jsp
Page 597 of 1637

CVSS Compliance
Score Status

Request: GET https://65.61.137.117:8443/index.jsp HTTP/1.1

Remediation:
253 Absence of caching 2.1 Low Pass URL: https://65.61.137.117:8443/sendFeedback

forms
data.
Service: https
Evidence:
Page 598 of 1637

CVSS Compliance
Score Status
POST - https://65.61.137.117:8443/sendFeedback


Origin: https://65.61.137.117:8443
Content-Length: 126
=+Submit+
Remediation:
254 Absence of caching 2.1 Low Pass URL: https://65.61.137.117/index.jsp?content=business.htm

Page 599 of 1637

CVSS Compliance
Score Status
data.
Service: https
Evidence:
GET - https://65.61.137.117/index.jsp?content=business.htm

Request: GET https://65.61.137.117/index.jsp?content=business.htm

HTTP/1.1
Remediation:
Page 600 of 1637

CVSS Compliance
Score Status
255 Absence of caching 2.1 Low Pass URL: http://65.61.137.117/

forms
data.
Service: http
Evidence:
GET - http://65.61.137.117/


Remediation:
Page 601 of 1637

CVSS Compliance
Score Status
256 Absence of caching 2.1 Low Pass URL: http://65.61.137.117/doLogin

forms
data.
Service: http
Evidence:


150px;">
150px;">
Page 602 of 1637

CVSS Compliance
Score Status
Origin: http://65.61.137.117
Content-Length: 42
Remediation:
257 Absence of caching 2.1 Low Pass URL: http://65.61.137.117/index.jsp?content=personal.htm

forms
data.
Service: http
Evidence:
GET - http://65.61.137.117/index.jsp?content=personal.htm
Page 603 of 1637

CVSS Compliance
Score Status

Request: GET http://65.61.137.117/index.jsp?content=personal.htm

HTTP/1.1
Remediation:
258 Absence of caching 2.1 Low Pass URL: http://demo.testfire.net:8080/login.jsp

forms
data.
Service: http
Evidence:
Page 604 of 1637

CVSS Compliance
Score Status
GET - http://demo.testfire.net:8080/login.jsp


150px;">
150px;">

Remediation:
Page 605 of 1637

CVSS Compliance
Score Status
259 Absence of caching 2.1 Low Pass URL: https://65.61.137.117/feedback.jsp

forms
data.
Service: https
Evidence:
GET - https://65.61.137.117/feedback.jsp


Request: GET https://65.61.137.117/feedback.jsp HTTP/1.1

Page 606 of 1637

CVSS Compliance
Score Status
Remediation:
260 Absence of caching 2.1 Low Pass URL: https://demo.testfire.net:8443/index.jsp?content=business.ht


data.
Service: https
Evidence:
GET - https://demo.testfire.net:8443/index.jsp?content=business.htm

Page 607 of 1637

CVSS Compliance
Score Status
Request: GET
https://demo.testfire.net:8443/index.jsp?content=business.htm
HTTP/1.1
Remediation:
261 Absence of caching 2.1 Low Pass URL: https://65.61.137.117:8443/search.jsp?query=_WSETESTDATA

forms
data.
Service: https
Evidence:
GET - https://65.61.137.117:8443/search.jsp?query=_WSETESTDATA
Page 608 of 1637

CVSS Compliance
Score Status

Request: GET
https://65.61.137.117:8443/search.jsp?query=_WSETESTDATA
HTTP/1.1
Referer: https://65.61.137.117:8443/
Remediation:
262 Absence of caching 2.1 Low Pass URL: https://demo.testfire.net/index.jsp?content=inside_contact.ht

forms Port: tcp/443

data.
Service: https
Page 609 of 1637

CVSS Compliance
Score Status
Evidence:
GET - https://demo.testfire.net/index.jsp?content=inside_contact.htm

Request: GET
HTTP/1.1
Remediation:
263 Absence of caching 2.1 Low Pass URL: http://demo.testfire.net/doLogin

forms
data.
Page 610 of 1637

CVSS Compliance
Score Status
Service: http
Evidence:


150px;">
150px;">

Content-Length: 42
Page 611 of 1637

CVSS Compliance
Score Status
Remediation:
264 Absence of caching 2.1 Low Pass URL: http://65.61.137.117/sendFeedback

forms
data.
Service: http
Evidence:
POST - http://65.61.137.117/sendFeedback


Origin: http://65.61.137.117
Page 612 of 1637

CVSS Compliance
Score Status
Content-Length: 126
=+Submit+
Remediation:
265 Auto-Completion Enabled 1.2 Low Pass URL: https://65.61.137.117/login.jsp

for Password Fields Port: tcp/443
The web server running on this host uses password fields that allow
auto-completion by users' browsers. This could allow a user's
credentials to be stored by the browser and subsequently exposed if
the user's computer becomes compromised.
CVSSv2: AV:L/AC:H/Au:N/C:P/I:N/A:N
Service: https
Reference:
http://msdn.microsoft.com/en-us/library/ms533032.aspx
https://developer.mozilla.
Page 613 of 1637

CVSS Compliance
Score Status
org/En/How_to_Turn_Off_Form_Autocompletion
Evidence:
Form Name: login
Action: https://65.61.137.117:443/doLogin
Fields: passw (password)
Location: https://65.61.137.117/login.jsp
Remediation:
Modify the identified page so that the password field and the enclosing
form tags have an attribute named "autocomplete" with a value of
"off".
If this is a vendor application, contact the vendor for an updated

version of the application or guidance on addressing this issue.
266 Auto-Completion Enabled 1.2 Low Pass URL: http://65.61.137.117/login.jsp

Service: http
Reference:
Page 614 of 1637

CVSS Compliance
Score Status
https://developer.mozilla.org/En/How_to_Turn_Off_Form_Autocompletio
n
Evidence:
Form Name: login
Location: http://65.61.137.117/login.jsp
Remediation:
"off".

267 Auto-Completion Enabled 1.2 Low Pass URL: https://demo.testfire.net:8443/login.jsp

Service: https
Reference:
Page 615 of 1637

CVSS Compliance
Score Status
n
Evidence:
Form Name: login
Action: https://demo.testfire.net:8443/doLogin
Location: https://demo.testfire.net:8443/login.jsp
Remediation:
"off".

268 Auto-Completion Enabled 1.2 Low Pass URL: http://demo.testfire.net/login.jsp

Service: http
Page 616 of 1637

CVSS Compliance
Score Status
Reference:
n
Evidence:
Form Name: login
Location: http://demo.testfire.net/login.jsp
Remediation:
"off".

269 Auto-Completion Enabled 1.2 Low Pass URL: http://65.61.137.117:8080/login.jsp

Service: http
Page 617 of 1637

CVSS Compliance
Score Status
Reference:
n
Evidence:
Form Name: login
Location: http://65.61.137.117:8080/login.jsp
Remediation:
"off".

270 Auto-Completion Enabled 1.2 Low Pass URL: http://demo.testfire.net:8080/login.jsp

Service: http
Page 618 of 1637

CVSS Compliance
Score Status
Reference:
n
Evidence:
Form Name: login
Location: http://demo.testfire.net:8080/login.jsp
Remediation:
"off".

271 Auto-Completion Enabled 1.2 Low Pass URL: https://demo.testfire.net/login.jsp

Page 619 of 1637

CVSS Compliance
Score Status
Service: https
Reference:
n
Evidence:
Form Name: login
Action: https://demo.testfire.net:443/doLogin
Location: https://demo.testfire.net/login.jsp
Remediation:
"off".

272 Auto-Completion Enabled 1.2 Low Pass URL: https://65.61.137.117:8443/login.jsp

Page 620 of 1637

CVSS Compliance
Score Status
Service: https
Reference:
n
Evidence:
Form Name: login
Action: https://65.61.137.117:8443/doLogin
Location: https://65.61.137.117:8443/login.jsp
Remediation:
"off".

273 Website Location Detected 0.0 Info Pass URL: http://65.61.137.117:8080/survey_questions.jsp?step=a

Port: tcp/8080
A website location was detected.
Service: http
Page 621 of 1637

CVSS Compliance
Score Status
Service: http
Evidence:
application_cpe: cpe:/a:apache:tomcat, cpe:/a:apache:tomcat
application_name: apache:tomcat, apache:tomcat
application_protocol: http
ip_address: 65.61.137.117
port_number: 80
275 Enumerated SSL/TLS Cipher 0.0 Info Pass Port: tcp/8443

Suites
The finding reports the SSL cipher suites for each SSL/TLS service
version provided by the remote service. This finding does not represent
a vulnerability, but is only meant to provide visibility into the behavior
and configuration of the remote SSL/TLS service.
The information provided as part of this finding includes the SSL
version (ex: TLSv1) as well as the name of the cipher suite (ex: RC4-
SHA).
A cipher suite is a set of cryptographic algorithms that provide

authentication, encryption, and message authentication code (MAC) as
part of an SSL/TLS negotiation and through the lifetime of the SSL
Page 622 of 1637

CVSS Compliance
Score Status
session. It is typical that an SSL service would support multiple cipher
suites. A cipher suite can be supported by across multiple SSL/TLS
versions, so you should be of no concern to see the same cipher name
reported for multiple
Service: https
Reference:
http://www.openssl.org/docs/apps/ciphers.html
Evidence:
Cipher Suite: TLSv1_1 : ECDHE-RSA-AES256-SHA
Cipher Suite: TLSv1_1 : DHE-RSA-AES256-SHA
Cipher Suite: TLSv1_2 : ECDHE-RSA-AES256-GCM-SHA384
Cipher Suite: TLSv1_2 : ECDHE-RSA-AES256-SHA384
Cipher Suite: TLSv1_2 : DHE-RSA-AES256-GCM-SHA384
Cipher Suite: TLSv1_2 : DHE-RSA-AES256-SHA256
Page 623 of 1637

CVSS Compliance
Score Status
Remediation:
No remediation is necessary.
276 Website Location Detected 0.0 Info Pass URL: https://demo.testfire.net/index.jsp

Port: tcp/443
Service: https
277 Website Location Detected 0.0 Info Pass URL: http://demo.testfire.net:8080/feedback.jsp

Port: tcp/8080
Service: http
278 Website Location Detected 0.0 Info Pass URL: http://demo.testfire.net:8080/index.jsp?content=inside.htm

Port: tcp/8080
Page 624 of 1637

CVSS Compliance
Score Status
Service: http
279 Discovered HTTP Methods 0.0 Info Pass URL: https://demo.testfire.net/my%20documents/

Port: tcp/443
Requesting the allowed HTTP OPTIONS from this host shows which
HTTP protocol methods are supported by its web server. Note that, in
some cases, this information is not reported by the web server
accurately.
Service: https
Evidence:
Methods: GET, HEAD, POST, PUT, DELETE, OPTIONS
URL: https://demo.testfire.net/my%20documents/
Remediation:
Review your web server configuration and ensure that only those HTTP
methods required for your business operations are enabled.
280 HTTP Responses Missing 0.0 Info Pass URL: http://65.61.137.117:8080/swagger/index.html

Character Encoding Port: tcp/8080
During the crawl of the HTTP service, we detected HTML and/or XML
documents that were missing any indication of their character set
encoding. The server and the pages it serves are responsible for
Page 625 of 1637

CVSS Compliance
Score Status
indicating the character set used to encode the documents. Typically,
these are indicated within the "Content-type" HTTP header, a 'meta'
HTTP-equiv HTML tag, or an XML document encoding header. Without
these, some web browsers may attempt to guess the character set
encoding of the document by making a guess based on whats
available. The danger in this is when browsers guess the incorrect
encoding, resulting in a misinterpretation of the document. In cases
where a webpage will reflect user-supplied information, an attacker
could provide a specially-crafted string that could trick a web browser
into decoding the document as a specific character set. If this specially-
crafted string were HTML code encoded in the character set, the
attacker could perform a cross-site scripting attack.
Service: http
Reference:
http://code.google.com/p/browsersec/wiki/Part2#Character_set_handlin
g_and_detection
http://wiki.whatwg.org/wiki/Web_Encodings
Evidence:
URL: http://65.61.137.117:8080/swagger/index.html
Remediation:
It's important that all documents served by the HTTP server provide the
correct character set for their encoding. The provided links will provide
information on the proper ways for indicating the character set
encoding.
Page 626 of 1637

CVSS Compliance
Score Status
281 Discovered HTTP Methods 0.0 Info Pass URL: http://65.61.137.117/swagger/

Port: tcp/80
accurately.
Service: http
Evidence:
URL: http://65.61.137.117/swagger/
Remediation:
282 Enumerated Applications 0.0 Info Pass URL: http://65.61.137.117:8080/

Port: tcp/8080
The following applications have been enumerated on this device.
Service: http
Evidence:
Page 627 of 1637

CVSS Compliance
Score Status
CPE: apache:tomcat
URI: /
Version: unknown
Remediation:
No remediation is required.
283 Website Location Detected 0.0 Info Pass URL: https://65.61.137.117:8443/search.jsp?query=_WSETESTDATA

Port: tcp/8443
Service: https
284 Discovered Web Directories 0.0 Info Pass URL: https://demo.testfire.net:8443/bank/

Port: tcp/8443
It was possible to guess one or more directories contained in the

publicly accessible path of this web server.
Service: https
Evidence:
HTTP Response Code: 302
URL: https://demo.testfire.net:8443/bank/
Page 628 of 1637

CVSS Compliance
Score Status
Remediation:
Review these directories and verify that there is no unintentional
content made available to remote users.
285 Discovered HTTP Methods 0.0 Info Pass URL: https://demo.testfire.net:8443/swagger/

Port: tcp/8443
accurately.
Service: https
Evidence:
URL: https://demo.testfire.net:8443/swagger/
Remediation:
Page 629 of 1637

CVSS Compliance
Score Status
Service: https
Evidence:
application_protocol: https
ip_address: 65.61.137.117
port_number: 8443
ssl_enabled: true
287 Discovered Web Directories 0.0 Info Pass URL: http://demo.testfire.net:80/bank/

Port: tcp/80

Service: http
Evidence:
URL: http://demo.testfire.net:80/bank/
Remediation:
Page 630 of 1637

CVSS Compliance
Score Status
288 Discovered HTTP Methods 0.0 Info Pass URL: https://demo.testfire.net/swagger/

Port: tcp/443
accurately.
Service: https
Evidence:
URL: https://demo.testfire.net/swagger/
Remediation:
289 Discovered HTTP Methods 0.0 Info Pass URL: https://65.61.137.117:8443/my%20documents/

Port: tcp/8443
accurately.
Page 631 of 1637

CVSS Compliance
Score Status
Service: https
Evidence:
URL: https://65.61.137.117:8443/my%20documents/
Remediation:
290 Embedded links or code 0.0 Info Pass URL: http://65.61.137.117/index.jsp?content=inside_contact.htm

from out-of-scope domains Port: tcp/80
Externally served scripts or objects can present a security risk because

they are not subject to system and application controls. Including
scripts from untrusted domains can result into any one of following 1-
Loss of control over changes to the application. 2- Execution of
arbitrary code on client systems. 3- Disclosure or leakage of sensitive
information to 3rd parties.
Service: http
Evidence:
DetectionDetails: Following External Links Found:
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000"
codebase="http://fpdownload.macromedia.com/pub/shockwave/cabs/fl
ash/swflash.cab#version=6,0,0,0" width="
Page 632 of 1637

CVSS Compliance
Score Status
125" height="50" id="subscribe" align="middle"> <param
name="allowScriptAccess" value="sameDomain"> <param
name="movie" value="subscribe.swf"> <param name="quality"
value="high"> <param name="bgcolor" value="#ffffff"> <embed
src="subscribe.swf" width="125" height="50" text="subscribe"
align="middle" type="application/x-shockwave-flash"> </object>
Request: GET
Remediation:
If external scripts are necessary to provide a particular service then get
the scripts from the third party, perform a review for functionality and
integrity and post it on a web server.
291 Website Location Detected 0.0 Info Pass URL: https://demo.testfire.net/index.jsp?content=inside_contact.ht

m
Port: tcp/443
Service: https
292 Website Detected 0.0 Info Pass URL: http://65.61.137.117:8080/
Page 633 of 1637

CVSS Compliance
Score Status
Port: tcp/8080
This website was detected.
Service: http
293 Website Location Detected 0.0 Info Pass URL: https://65.61.137.117:8443/index.jsp?content=business.htm

Port: tcp/8443
Service: https
294 Website Location Detected 0.0 Info Pass URL: https://65.61.137.117:8443/doSubscribe

Port: tcp/8443
Service: https
295 Website Location Detected 0.0 Info Pass URL: https://65.61.137.117:8443/survey_questions.jsp?step=a

Port: tcp/8443
Page 634 of 1637

CVSS Compliance
Score Status
Service: https
296 Embedded links or code 0.0 Info Pass URL: https://65.61.137.117:8443/index.jsp?content=inside_contact.

from out-of-scope domains htm
Port: tcp/8443

Service: https
Evidence:
ash/swflash.cab#version=6,0,0,0" width="125" height="50"
id="subscribe" align="middle"> <param name="allowScriptAccess"
value="sameDomain"> <param name="movie"
value="subscribe.swf"> <param name="quality" value="high">
<param name="bgcolor" value="#ffffff"> <embed
Request: GET
HTTP/1.1
Page 635 of 1637

CVSS Compliance
Score Status
Remediation:
297 Insufficient or No use of 0.0 Info Pass URL: https://65.61.137.117:8443/

Strict Transport Security Port: tcp/8443
header
HTTP Strict Transport Security (HSTS) is an opt-in security
enhancement that is specified by a web application through the use of
a special response header. Once a supported browser receives this
header that browser will prevent any communications from being sent
over HTTP to the specified domain and will instead send all
communications over HTTPS. It also prevents HTTPS click through
prompts on browsers.
Service: https
Reference:
https://www.owasp.org/index.php/HTTP_Strict_Transport_Security
Evidence:
DetectionDetails: No HSTS implemented for HTTPS
Page 636 of 1637

CVSS Compliance
Score Status
Remediation:
Example of response header use-
Strict-Transport-Security: max-age=31536000
298 Website Location Detected 0.0 Info Pass URL: https://65.61.137.117/disclaimer.htm?url=http://www.netscape

.com
Port: tcp/443
Service: https
299 Website Location Detected 0.0 Info Pass URL: https://65.61.137.117/swagger/index.html

Port: tcp/443
Service: https
300 Website Location Detected 0.0 Info Pass URL: http://demo.testfire.net:8080/

Port: tcp/8080
Page 637 of 1637

CVSS Compliance
Score Status
Service: http
301 Website Location Detected 0.0 Info Pass URL: http://demo.testfire.net:8080/index.jsp?content=inside_contac

t.htm
Port: tcp/8080
Service: http
302 Website Location Detected 0.0 Info Pass URL: http://demo.testfire.net:8080/disclaimer.htm?url=http://www.n

etscape.com
Port: tcp/8080
Service: http
303 Insecure or no Content- 0.0 Info Pass URL: https://demo.testfire.net:8443/

Security-Policy header Port: tcp/8443
Content-Security-Policy (CSP) is a W3C specification offering the
Page 638 of 1637

CVSS Compliance
Score Status
possibility to instruct the client browser from which location and/or
which type of resources are allowed to be loaded. This header can be
useful to prevent Cross-Site Scripting issues present on the site, if used
correctly.
Service: https
Reference:
https://www.owasp.org/index.php/Content_Security_Policy
Evidence:
DetectionDetails: No Content-Security-Policy present for entire
application
Response: HTTP/1.1 200 OK

Set-Cookie: JSESSIONID=44C815873649B1433E310F19F9B9450B;
Path=/; Secure; HttpOnly
Date: Tue, 06 Aug 2019 04:36:24 GMT
Page 639 of 1637

CVSS Compliance
Score Status

<head>
8859-1" />
</head>

cellspacing="0">
<tr>
Page 640 of 1637

CVSS Compliance
Score Status
<a id="LoginLink" href="/login.jsp"><font
style="font-weight: bold; color: red;">Sign In</font></a> | <a id="
</td>
</tr>
<tr>
</tr>
</table>
</form>
</div>

<tr>
href="/login.jsp" class="focus" >ONLINE BANKING
LOGIN</a></div></td>
Page 641 of 1637

CVSS Compliance
Score Status
</tr>
<tr>




Insurance</a></li>
</ul>
Page 642 of 1637

CVSS Compliance
Score Status
</ul>

>Locations</a></li>
Page 643 of 1637

CVSS Compliance
Score Status
</ul>
</td>


<br />
<table border=0 cellspacing=0 width="100%">
<tr>
<td width="33%" valign="top">
<b><a href="index.jsp?content=personal_savings.htm">Online
Banking with FREE Online Bill Pay </a></b><br />
No stamps, envelopes, or checks to write give you more time to
spend on the things you enjoy. <br />
<br />
<center><img src="images/home1.jpg" width="170" height="
114" /></center>
<br />
<b><a href="index.jsp?content=personal_loans.htm">Real
Estate Financing</a></b><br />
Fast. Simple. Professional. Whether you are preparing to buy,
build, purchase land, or construct new space, let Altoro Mutual's
premier real estate lenders help with financing. As a regional leader,
we know the market, we understand the business, and we have the
track record to prove it
</td>
Page 644 of 1637

CVSS Compliance
Score Status
128" /></center>
<br /><br/>
<b><a href="index.jsp?content=business_cards.htm">Business
Credit Cards</a></b><br />
You're always looking for ways to improve your company's bottom
line. You want to be informed, improve efficiency and control expenses.
Now, you can do it all - with a business credit card account from Altoro
Mutual.
<br />
<br />
<b><a
href="index.jsp?content=business_retirement.htm">Retirement
Solutions</a></b><br />
Retaining good employees is a tough task. See how Altoro Mutual
can assist you in accomplishing this feat through effective Retirement
Solutions.
</td>
<b>Privacy and Security </b><br />
The 2000 employees of Altoro Mutual are dedicated to protecting
your <a href="index.jsp?content=privacy.htm">privacy</a> and <a
href="default.jsp?content=security.htm">security</a>. We pledge to
provide you with the information and resources that you need to help
secure your information and keep it confidential. This is our promise.
<br /><br />
<center><img src="images/home3.jpg" width="170"

height="113" /></center><br /><br />
<b><a href="survey_questions.jsp">Win a Samsung Galaxy S10

smartphone</a></b>
<br />
Completing this short survey will enter you in a draw for 1 of 5
Page 645 of 1637

CVSS Compliance
Score Status
Samsung Galaxy S10 smartphones! We look forward to hearing your
important feedback.
<br /><br />
</td>
</tr>
</table>
</td>
</div>
</tr>
</table>
Policy</a>
  |
  |
Check</a>
  |
  |
Page 646 of 1637

CVSS Compliance
Score Status
<br><br><br>
purpose of
application
site. Similarities,
implied. IBM does
more information,
/>

reserved.
</div>
</div>
</body>
</html>

Remediation:
Consider utilizing strict Content-Security-Policy header option to
Page 647 of 1637

CVSS Compliance
Score Status
prevent Cross-Site Scripting issues.
304 HTTP Responses Missing 0.0 Info Pass URL: https://demo.testfire.net:8443/retirement.htm

Service: https
Reference:
g_and_detection
Evidence:
Page 648 of 1637

CVSS Compliance
Score Status
URL: https://demo.testfire.net:8443/retirement.htm
Remediation:
encoding.
305 Discovered Web Directories 0.0 Info Pass URL: https://65.61.137.117:443/admin/

Port: tcp/443

Service: https
Evidence:
URL: https://65.61.137.117:443/admin/
Remediation:
306 Website Detected 0.0 Info Pass URL: http://65.61.137.117/

Port: tcp/80
Page 649 of 1637

CVSS Compliance
Score Status
Service: http
Evidence:
application_name: apache:tomcat
path: /
potential_custom_web_app: true
307 HTTP Responses Missing 0.0 Info Pass URL: https://65.61.137.117/retirement.htm

Page 650 of 1637

CVSS Compliance
Score Status
Service: https
Reference:
g_and_detection
Evidence:
URL: https://65.61.137.117/retirement.htm
Remediation:
encoding.
308 Discovered HTTP Methods 0.0 Info Pass URL: http://65.61.137.117:8080/swagger/

Port: tcp/8080
accurately.
Service: http
Evidence:
Page 651 of 1637

CVSS Compliance
Score Status
URL: http://65.61.137.117:8080/swagger/
Remediation:
309 Insecure or no Content- 0.0 Info Pass URL: http://65.61.137.117/


correctly.
Service: http
Reference:
Evidence:
application
Page 652 of 1637

CVSS Compliance
Score Status
Set-Cookie: JSESSIONID=7DEA7694E36255C4C48824F9A0DE4E13;
Path=/; HttpOnly
Date: Tue, 06 Aug 2019 04:27:23 GMT

<head>
8859-1" />
Page 653 of 1637

CVSS Compliance
Score Status
</head>

cellspacing="0">
<tr>
</td>
</tr>
<tr>
</tr>
</table>
</form>
</div>

<tr>
Page 654 of 1637

CVSS Compliance
Score Status
</tr>
<tr>




Page 655 of 1637

CVSS Compliance
Score Status
Products</a></li>
Services</a></li>
</ul>

Products</a></li>
Services</a></li>
>
/li>
Services</a></li>
</ul>
Page 656 of 1637

CVSS Compliance
Score Status
>Locations</a></li>
</ul>
</td>


<br />
<tr>
<br />
114" /></center>
Page 657 of 1637

CVSS Compliance
Score Status
<br />
</td>
height="128" /></center>
<br /><br/>
Mutual.
<br />
<br />
<b><a
Solutions.
</td>
Page 658 of 1637

CVSS Compliance
Score Status
<br /><br />

113" /></center><br /><br />

smartphone</a></b>
<br />
important feedback.
<br /><br />
</td>
</tr>
</table>
</td>
</div>
</tr>
</table>
Policy</a>
Page 659 of 1637

CVSS Compliance
Score Status
  |
  |
Check</a>
  |
  |
<br><br><br>
purpose of
application
site. Similarities,
implied. IBM does
more information,
/>
Page 660 of 1637

CVSS Compliance
Score Status

</div>
</div>
</body>
</html>

Remediation:
310 Website Location Detected 0.0 Info Pass URL: https://65.61.137.117:8443/subscribe.jsp

Port: tcp/8443
Service: https
311 Website Location Detected 0.0 Info Pass URL: https://65.61.137.117:8443/status_check.jsp

Port: tcp/8443
Service: https
Page 661 of 1637

CVSS Compliance
Score Status
312 Discovered HTTP Methods 0.0 Info Pass URL: http://65.61.137.117/my%20documents/

Port: tcp/80
accurately.
Service: http
Evidence:
URL: http://65.61.137.117/my%20documents/
Remediation:
313 HTTP Responses Missing 0.0 Info Pass URL: http://65.61.137.117/swagger/index.html

Page 662 of 1637

CVSS Compliance
Score Status
Service: http
Reference:
g_and_detection
Evidence:
URL: http://65.61.137.117/swagger/index.html
Remediation:
encoding.
314 Website Location Detected 0.0 Info Pass URL: https://demo.testfire.net/disclaimer.htm?url=http://www.micro

soft.com
Port: tcp/443
Page 663 of 1637

CVSS Compliance
Score Status
Service: https
315 Website Location Detected 0.0 Info Pass URL: https://demo.testfire.net/sendFeedback

Port: tcp/443
Service: https
316 Website Location Detected 0.0 Info Pass URL: https://demo.testfire.net/

Port: tcp/443
Service: https
317 Website Location Detected 0.0 Info Pass URL: https://demo.testfire.net/disclaimer.htm?url=http://www.netsc

ape.com
Port: tcp/443
Page 664 of 1637

CVSS Compliance
Score Status
Service: https
318 Insecure or no Content- 0.0 Info Pass URL: http://demo.testfire.net/


correctly.
Service: http
Reference:
Evidence:
application

Set-Cookie: JSESSIONID=B95638AFC2EBB1AEEE06E0A48503002C;
Path=/; HttpOnly
Page 665 of 1637

CVSS Compliance
Score Status
Date: Tue, 06 Aug 2019 04:33:23 GMT
Content-Length: 0

<head>
8859-1" />
</head>
Page 666 of 1637

CVSS Compliance
Score Status
cellspacing="0">
<tr>
</td>
</tr>
<tr>
</tr>
</table>
</form>
</div>

<tr>
Page 667 of 1637

CVSS Compliance
Score Status
</tr>
<tr>




Page 668 of 1637

CVSS Compliance
Score Status
Services</a></li>
</ul>

Products</a></li>
Services</a></li>
>
/li>
Services</a></li>
</ul>

Page 669 of 1637

CVSS Compliance
Score Status
</ul>
</td>


<br />
<tr>
<br />
114" /></center>
<br />
Page 670 of 1637

CVSS Compliance
Score Status
</td>
<br /><br/>
Mutual.
<br />
<br />
<b><a
Solutions.
</td>
<br /><br />
Page 671 of 1637

CVSS Compliance
Score Status

113" /></center><br /><br />

smartphone</a></b>
<br />
important feedback.
<br /><br />
</td>
</tr>
</table>
</td>
</div>
</tr>
</table>
Policy</a>
  |
  |
Page 672 of 1637

CVSS Compliance
Score Status
Check</a>
  |
  |
<br><br><br>
purpose of
application
site. Similarities,
implied. IBM does
more information,
/>

reserved.
</div>
Page 673 of 1637

CVSS Compliance
Score Status
</div>
</body>
</html>

Remediation:
319 Insufficient or No use of 0.0 Info Pass URL: https://demo.testfire.net:8443/

header
Service: https
Reference:
Evidence:
Page 674 of 1637

CVSS Compliance
Score Status
Remediation:
320 Enumerated Applications 0.0 Info Pass URL: https://demo.testfire.net/

Port: tcp/443
Service: https
Evidence:
CPE: apache:tomcat
URI: /
Version: unknown
Remediation:
321 Discovered HTTP Methods 0.0 Info Pass URL: https://65.61.137.117/my%20documents/

Port: tcp/443
Page 675 of 1637

CVSS Compliance
Score Status
accurately.
Service: https
Evidence:
URL: https://65.61.137.117/my%20documents/
Remediation:
322 HTTP Responses Missing 0.0 Info Pass URL: http://65.61.137.117:8080/high_yield_investments.htm

Page 676 of 1637

CVSS Compliance
Score Status
Service: http
Reference:
g_and_detection
Evidence:
URL: http://65.61.137.117:8080/high_yield_investments.htm
Remediation:
encoding.
323 Discovered Web Directories 0.0 Info Pass URL: http://demo.testfire.net:8080/admin/

Port: tcp/8080

Page 677 of 1637

CVSS Compliance
Score Status
Service: http
Evidence:
URL: http://demo.testfire.net:8080/admin/
Remediation:
324 HTTP Responses Missing 0.0 Info Pass URL: https://65.61.137.117:8443/high_yield_investments.htm

Page 678 of 1637

CVSS Compliance
Score Status
Service: https
Reference:
g_and_detection
Evidence:
URL: https://65.61.137.117:8443/high_yield_investments.htm
Remediation:
encoding.
325 HTTP Responses Missing 0.0 Info Pass URL: https://65.61.137.117:8443/swagger/index.html

Page 679 of 1637

CVSS Compliance
Score Status
Service: https
Reference:
g_and_detection
Evidence:
URL: https://65.61.137.117:8443/swagger/index.html
Remediation:
encoding.
326 Website Detected 0.0 Info Pass URL: https://65.61.137.117:8443/

Port: tcp/8443
Service: https
Page 680 of 1637

CVSS Compliance
Score Status
Evidence:
path: /
327 Website Location Detected 0.0 Info Pass URL: https://65.61.137.117/index.jsp?content=business.htm

Port: tcp/443
Service: https
328 Website Location Detected 0.0 Info Pass URL: http://65.61.137.117/index.jsp?content=inside_contact.htm

Port: tcp/80
Service: http
329 Website Location Detected 0.0 Info Pass URL: http://65.61.137.117/disclaimer.htm?url=http://www.netscape.

com
Port: tcp/80
Page 681 of 1637

CVSS Compliance
Score Status
Service: http
330 Website Location Detected 0.0 Info Pass URL: http://65.61.137.117/feedback.jsp

Port: tcp/80
Service: http
331 Website Location Detected 0.0 Info Pass URL: http://65.61.137.117/index.jsp?content=personal.htm

Port: tcp/80
Service: http
332 Website Location Detected 0.0 Info Pass URL: http://65.61.137.117/doSubscribe

Port: tcp/80
Service: http
Page 682 of 1637

CVSS Compliance
Score Status
333 Website Location Detected 0.0 Info Pass URL: http://65.61.137.117/swagger/index.html

Port: tcp/80
Service: http
334 Website Location Detected 0.0 Info Pass URL: http://demo.testfire.net:8080/login.jsp

Port: tcp/8080
Service: http
335 Website Location Detected 0.0 Info Pass URL: http://demo.testfire.net:8080/index.jsp?content=personal.htm

Port: tcp/8080
Service: http
336 Website Location Detected 0.0 Info Pass URL: https://demo.testfire.net/search.jsp?query=_WSETESTDATA

Port: tcp/443
Page 683 of 1637

CVSS Compliance
Score Status
Service: https
337 HTTP Responses Missing 0.0 Info Pass URL: https://demo.testfire.net/high_yield_investments.htm

Service: https
Reference:
http://code.google.
Page 684 of 1637

CVSS Compliance
Score Status
com/p/browsersec/wiki/Part2#Character_set_handling_and_detection
Evidence:
URL: https://demo.testfire.net/high_yield_investments.htm
Remediation:
encoding.
338 HTTP Responses Missing 0.0 Info Pass URL: https://demo.testfire.net/retirement.htm

Page 685 of 1637

CVSS Compliance
Score Status
Service: https
Reference:
g_and_detection
Evidence:
URL: https://demo.testfire.net/retirement.htm
Remediation:
encoding.
Evidence:
ip_address: 65.61.137.117
os_name: embedded
340 Website Location Detected 0.0 Info Pass URL: https://65.61.137.117:8443/index.jsp?content=inside_contact.

htm
Port: tcp/8443
Page 686 of 1637

CVSS Compliance
Score Status
Service: https
341 Website Location Detected 0.0 Info Pass URL: https://65.61.137.117:8443/disclaimer.htm?url=http://www.net

scape.com
Port: tcp/8443
Service: https
342 Website Location Detected 0.0 Info Pass URL: https://demo.testfire.net/index.jsp?content=business.htm

Port: tcp/443
Service: https
343 Website Location Detected 0.0 Info Pass URL: https://demo.testfire.net/subscribe.jsp

Port: tcp/443
Page 687 of 1637

CVSS Compliance
Score Status
Service: https
344 Website Location Detected 0.0 Info Pass URL: https://demo.testfire.net/login.jsp

Port: tcp/443
Service: https
345 Embedded links or code 0.0 Info Pass URL: https://demo.testfire.net/index.jsp?content=inside_contact.ht

from out-of-scope domains m
Port: tcp/443

Service: https
Evidence:
Page 688 of 1637

CVSS Compliance
Score Status
Request: GET
HTTP/1.1
Remediation:

Suites
SHA).

Page 689 of 1637

CVSS Compliance
Score Status
Service: https
Reference:
Evidence:
Page 690 of 1637

CVSS Compliance
Score Status
Remediation:
347 SSL-TLS Certificate 0.0 Info Pass Port: tcp/443

Information
Information extracted from a certificate discovered on a TLS or SSL
wrapped service.
Service: https
Evidence:
Verified: true
Today: 2019-08-05 21:59:44 -0500
Start date: 2018-12-21 02:38:15 UTC
End date: 2019-12-21 03:08:14 UTC
Expired: false
Fingerprint: B0:46:07:6F:F1:C9:1D:08:80:C8:64:5F:53:D8:C9:BE
Subject: /C=CA/ST=Ontario/L=Ottawa/O=IBM/CN=altoromutual.com
Common name: altoromutual.com
Issuer: /C=US/O=Entrust, Inc./OU=See www.entrust.net/legal-
terms/OU=(c) 2012 Entrust, Inc. - for authorized use only/CN=Entrust
Certification Authority - L1K
Page 691 of 1637

CVSS Compliance
Score Status
Signature Algorithm: sha256WithRSAEncryption
Version: 2
Service: https
Evidence:
ip_address: 65.61.137.117
port_number: 443
ssl_enabled: true
349 HTTP Responses Missing 0.0 Info Pass URL: https://65.61.137.117/swagger/index.html

Page 692 of 1637

CVSS Compliance
Score Status
Service: https
Reference:
g_and_detection
Evidence:
URL: https://65.61.137.117/swagger/index.html
Remediation:
encoding.
350 Discovered HTTP Methods 0.0 Info Pass URL: http://demo.testfire.net/my%20documents/

Port: tcp/80
Page 693 of 1637

CVSS Compliance
Score Status
accurately.
Service: http
Evidence:
URL: http://demo.testfire.net/my%20documents/
Remediation:
351 HTTP Responses Missing 0.0 Info Pass URL: http://demo.testfire.net:8080/swagger/index.html

Page 694 of 1637

CVSS Compliance
Score Status
Service: http
Reference:
g_and_detection
Evidence:
URL: http://demo.testfire.net:8080/swagger/index.html
Remediation:
encoding.
352 Website Detected 0.0 Info Pass URL: http://demo.testfire.net:8080/

Port: tcp/8080
Service: http
Page 695 of 1637

CVSS Compliance
Score Status
Evidence:
path: /
353 Website Location Detected 0.0 Info Pass URL: https://65.61.137.117/index.jsp?content=inside_contact.htm

Port: tcp/443
Service: https
354 Website Location Detected 0.0 Info Pass URL: http://65.61.137.117/login.jsp

Port: tcp/80
Service: http
355 Website Location Detected 0.0 Info Pass URL: http://65.61.137.117/search.jsp?query=_WSETESTDATA

Port: tcp/80
Page 696 of 1637

CVSS Compliance
Score Status
Service: http
356 Website Location Detected 0.0 Info Pass URL: http://65.61.137.117:8080/search.jsp?query=_WSETESTDATA

Port: tcp/8080
Service: http
357 Website Location Detected 0.0 Info Pass URL: http://65.61.137.117:8080/disclaimer.htm?url=http://www.nets

cape.com
Port: tcp/8080
Service: http
358 Website Location Detected 0.0 Info Pass URL: http://65.61.137.117:8080/disclaimer.htm?url=http://www.micr

osoft.com
Port: tcp/8080
Service: http
Page 697 of 1637

CVSS Compliance
Score Status
359 Website Location Detected 0.0 Info Pass URL: http://65.61.137.117:8080/index.jsp?content=personal.htm

Port: tcp/8080
Service: http
360 Website Location Detected 0.0 Info Pass URL: http://65.61.137.117:8080/doSubscribe

Port: tcp/8080
Service: http
361 Insecure or no Content- 0.0 Info Pass URL: http://65.61.137.117:8080/


correctly.
Service: http
Page 698 of 1637

CVSS Compliance
Score Status
Reference:
Evidence:
application

Set-Cookie: JSESSIONID=76AA5AC0228D700D9219ED73F9533B78;
Path=/; HttpOnly
Date: Tue, 06 Aug 2019 04:34:24 GMT
Page 699 of 1637

CVSS Compliance
Score Status
<head>
8859-1" />
</head>

cellspacing="0">
<tr>
</td>
Page 700 of 1637

CVSS Compliance
Score Status
</tr>
<tr>
</tr>
</table>
</form>
</div>

<tr>
</tr>
<tr>

Page 701 of 1637

CVSS Compliance
Score Status



Insurance</a></li>
</ul>

Page 702 of 1637

CVSS Compliance
Score Status
</ul>

>Locations</a></li>
</ul>
</td>

Page 703 of 1637

CVSS Compliance
Score Status
<br />
<tr>
<br />
114" /></center>
<br />
</td>
128" /></center>
<br /><br/>
Mutual.
Page 704 of 1637

CVSS Compliance
Score Status
<br />
<br />
<b><a href="index.jsp?content=business_retirement.htm"
>Retirement Solutions</a></b><br />
Solutions.
</td>
<br /><br />

113" /></center><br /><br />

smartphone</a></b>
<br />
important feedback.
<br /><br />
</td>
</tr>
</table>
</td>
Page 705 of 1637

CVSS Compliance
Score Status
</div>
</tr>
</table>
Policy</a>
  |
  |
Check</a>
  |
  |
<br><br><br>
purpose of
Page 706 of 1637

CVSS Compliance
Score Status
application
site. Similarities,
implied. IBM does
more information,
>http://www-
/><br />

</div>
</div>
</body>
</html>

Remediation:
362 Website Location Detected 0.0 Info Pass URL: http://65.61.137.117:8080/survey_questions.jsp

Port: tcp/8080
Page 707 of 1637

CVSS Compliance
Score Status
Service: http
363 Website Location Detected 0.0 Info Pass URL: https://65.61.137.117:8443/login.jsp

Port: tcp/8443
Service: https
364 Discovered Web Directories 0.0 Info Pass URL: http://65.61.137.117:8080/bank/

Port: tcp/8080

Service: http
Evidence:
URL: http://65.61.137.117:8080/bank/
Remediation:
Page 708 of 1637

CVSS Compliance
Score Status
365 Discovered HTTP Methods 0.0 Info Pass URL: http://65.61.137.117:8080/my%20documents/

Port: tcp/8080
accurately.
Service: http
Evidence:
URL: http://65.61.137.117:8080/my%20documents/
Remediation:
366 Discovered Web Directories 0.0 Info Pass URL: https://demo.testfire.net:8443/admin/

Port: tcp/8443

Service: https
Page 709 of 1637

CVSS Compliance
Score Status
Evidence:
URL: https://demo.testfire.net:8443/admin/
Remediation:
367 Enumerated Applications 0.0 Info Pass URL: https://demo.testfire.net:8443/

Port: tcp/8443
Service: https
Evidence:
CPE: apache:tomcat
URI: /
Version: unknown
Remediation:
368 Website Location Detected 0.0 Info Pass URL: http://65.61.137.117/sendFeedback

Port: tcp/80
Page 710 of 1637

CVSS Compliance
Score Status
Service: http
369 Website Location Detected 0.0 Info Pass URL: http://demo.testfire.net:8080/index.jsp?content=business.htm

Port: tcp/8080
Service: http
370 Website Location Detected 0.0 Info Pass URL: http://65.61.137.117/

Port: tcp/80
Service: http
371 Website Location Detected 0.0 Info Pass URL: https://demo.testfire.net/feedback.jsp

Port: tcp/443
Page 711 of 1637

CVSS Compliance
Score Status
Service: https
372 Website Location Detected 0.0 Info Pass URL: https://demo.testfire.net/survey_questions.jsp

Port: tcp/443
Service: https
373 Website Location Detected 0.0 Info Pass URL: http://65.61.137.117:8080/index.jsp?content=business.htm

Port: tcp/8080
Service: http
374 Website Location Detected 0.0 Info Pass URL: http://65.61.137.117:8080/login.jsp

Port: tcp/8080
Service: http
Page 712 of 1637

CVSS Compliance
Score Status
375 Website Detected 0.0 Info Pass URL: http://demo.testfire.net/

Port: tcp/80
Service: http
376 Discovered Web Directories 0.0 Info Pass URL: https://65.61.137.117:443/bank/

Port: tcp/443

Service: https
Evidence:
URL: https://65.61.137.117:443/bank/
Remediation:
377 Discovered HTTP Methods 0.0 Info Pass URL: http://demo.testfire.net:8080/my%20documents/

Port: tcp/8080
Page 713 of 1637

CVSS Compliance
Score Status
accurately.
Service: http
Evidence:
URL: http://demo.testfire.net:8080/my%20documents/
Remediation:
378 Website Location Detected 0.0 Info Pass URL: https://65.61.137.117/survey_questions.jsp

Port: tcp/443
Service: https
379 Website Location Detected 0.0 Info Pass URL: https://65.61.137.117/survey_questions.jsp?step=a

Port: tcp/443
Page 714 of 1637

CVSS Compliance
Score Status
Service: https
380 Website Location Detected 0.0 Info Pass URL: https://65.61.137.117/status_check.jsp

Port: tcp/443
Service: https
381 Website Location Detected 0.0 Info Pass URL: https://65.61.137.117/index.jsp?content=personal.htm

Port: tcp/443
Service: https
382 Website Location Detected 0.0 Info Pass URL: https://65.61.137.117/index.jsp?content=inside.htm

Port: tcp/443
Service: https
Page 715 of 1637

CVSS Compliance
Score Status
383 Website Location Detected 0.0 Info Pass URL: https://65.61.137.117:8443/index.jsp

Port: tcp/8443
Service: https
384 SSL Perfect Forward 0.0 Info Pass Port: tcp/8443

Secrecy Supported
The server supports Ephemeral Diffie-Hellman ciphers for the SSL/TLS
key exchange phase. Using this algorithm enforces Forward Secrecy for
secure communications with the server.
Service: https
Evidence:
Page 716 of 1637

CVSS Compliance
Score Status
Remediation:
385 HTTP Responses Missing 0.0 Info Pass URL: http://demo.testfire.net/high_yield_investments.htm

Service: http
Reference:
g_and_detection
Page 717 of 1637

CVSS Compliance
Score Status
Evidence:
URL: http://demo.testfire.net/high_yield_investments.htm
Remediation:
encoding.
386 HTTP Responses Missing 0.0 Info Pass URL: http://65.61.137.117:8080/retirement.htm

Page 718 of 1637

CVSS Compliance
Score Status
Service: http
Reference:
g_and_detection
Evidence:
URL: http://65.61.137.117:8080/retirement.htm
Remediation:
encoding.
387 Discovered Web Directories 0.0 Info Pass URL: https://demo.testfire.net:443/bank/

Port: tcp/443

Service: https
Evidence:
URL: https://demo.testfire.net:443/bank/
Page 719 of 1637

CVSS Compliance
Score Status
Remediation:
388 HTTP Responses Missing 0.0 Info Pass URL: https://demo.testfire.net/swagger/index.html

Service: https
Reference:
g_and_detection
Page 720 of 1637

CVSS Compliance
Score Status
Evidence:
URL: https://demo.testfire.net/swagger/index.html
Remediation:
encoding.
389 Enumerated Applications 0.0 Info Pass URL: https://65.61.137.117/

Port: tcp/443
Service: https
Evidence:
CPE: apache:tomcat
URI: /
Version: unknown
Remediation:
URL: https://65.61.137.117/
Page 721 of 1637

CVSS Compliance
Score Status
390 Website Detected 0.0 Info Pass Port: tcp/443
Service: https
Evidence:
path: /
391 Discovered Web Directories 0.0 Info Pass URL: http://65.61.137.117:80/bank/

Port: tcp/80

Service: http
Evidence:
URL: http://65.61.137.117:80/bank/
Remediation:
Page 722 of 1637

CVSS Compliance
Score Status
392 Website Location Detected 0.0 Info Pass URL: https://65.61.137.117/subscribe.jsp

Port: tcp/443
Service: https
393 Website Location Detected 0.0 Info Pass URL: http://65.61.137.117/survey_questions.jsp?step=a

Port: tcp/80
Service: http
394 Website Location Detected 0.0 Info Pass URL: http://demo.testfire.net:8080/subscribe.jsp

Port: tcp/8080
Service: http
395 Website Location Detected 0.0 Info Pass URL: http://demo.testfire.net:8080/status_check.jsp

Port: tcp/8080
Page 723 of 1637

CVSS Compliance
Score Status
Service: http
396 Website Detected 0.0 Info Pass URL: http://demo.testfire.net:8080/

Port: tcp/8080
Service: http
397 Website Location Detected 0.0 Info Pass URL: http://65.61.137.117:8080/

Port: tcp/8080
Service: http
398 Website Location Detected 0.0 Info Pass URL: http://65.61.137.117:8080/index.jsp

Port: tcp/8080
Page 724 of 1637

CVSS Compliance
Score Status
Service: http
399 Website Location Detected 0.0 Info Pass URL: http://65.61.137.117:8080/sendFeedback

Port: tcp/8080
Service: http
400 Website Location Detected 0.0 Info Pass URL: https://65.61.137.117:8443/index.jsp?content=personal.htm

Port: tcp/8443
Service: https
401 Website Location Detected 0.0 Info Pass URL: https://65.61.137.117:8443/

Port: tcp/8443
Service: https
Page 725 of 1637

CVSS Compliance
Score Status
402 Insufficient or No use of 0.0 Info Pass URL: https://demo.testfire.net/

header
Service: https
Reference:
Evidence:
Remediation:
Page 726 of 1637

CVSS Compliance
Score Status
403 Website Location Detected 0.0 Info Pass URL: https://demo.testfire.net/survey_questions.jsp?step=a

Port: tcp/443
Service: https
404 Website Location Detected 0.0 Info Pass URL: https://demo.testfire.net/index.jsp?content=inside.htm

Port: tcp/443
Service: https
405 Website Detected 0.0 Info Pass URL: https://65.61.137.117:8443/

Port: tcp/8443
Service: https
406 Website Location Detected 0.0 Info Pass URL: https://65.61.137.117/search.jsp?query=_WSETESTDATA

Port: tcp/443
Page 727 of 1637

CVSS Compliance
Score Status
Service: https
407 Website Location Detected 0.0 Info Pass URL: https://65.61.137.117/doSubscribe

Port: tcp/443
Service: https
408 Website Detected 0.0 Info Pass URL: https://65.61.137.117/

Port: tcp/443
Service: https
409 Discovered HTTP Methods 0.0 Info Pass URL: https://demo.testfire.net:8443/my%20documents/

Port: tcp/8443
accurately.
Page 728 of 1637

CVSS Compliance
Score Status
Service: https
Evidence:
URL: https://demo.testfire.net:8443/my%20documents/
Remediation:
410 Website Detected 0.0 Info Pass URL: https://demo.testfire.net:8443/

Port: tcp/8443
Service: https
Evidence:
path: /
411 HTTP Responses Missing 0.0 Info Pass URL: https://65.61.137.117/high_yield_investments.htm

Page 729 of 1637

CVSS Compliance
Score Status
Service: https
Reference:
g_and_detection
Evidence:
URL: https://65.61.137.117/high_yield_investments.htm
Remediation:
Page 730 of 1637

CVSS Compliance
Score Status
encoding.
412 Discovered HTTP Methods 0.0 Info Pass URL: http://demo.testfire.net:8080/swagger/

Port: tcp/8080
accurately.
Service: http
Evidence:
URL: http://demo.testfire.net:8080/swagger/
Remediation:
413 Discovered Web Directories 0.0 Info Pass URL: http://65.61.137.117:80/admin/

Port: tcp/80

Page 731 of 1637

CVSS Compliance
Score Status
Service: http
Evidence:
URL: http://65.61.137.117:80/admin/
Remediation:
414 Website Detected 0.0 Info Pass URL: http://65.61.137.117/

Port: tcp/80
Service: http
415 Embedded links or code 0.0 Info Pass URL: http://demo.testfire.net/index.jsp?content=inside_contact.htm


Page 732 of 1637

CVSS Compliance
Score Status
Service: http
Evidence:
Request: GET
Remediation:
416 Website Location Detected 0.0 Info Pass URL: http://demo.testfire.net:8080/survey_questions.jsp

Port: tcp/8080
Page 733 of 1637

CVSS Compliance
Score Status
Service: http
417 Website Location Detected 0.0 Info Pass URL: http://demo.testfire.net:8080/index.jsp

Port: tcp/8080
Service: http
418 Embedded links or code 0.0 Info Pass URL: https://demo.testfire.net:8443/index.jsp?content=inside_conta

from out-of-scope domains ct.htm
Port: tcp/8443

Service: https
Evidence:
Page 734 of 1637

CVSS Compliance
Score Status
Request: GET
HTTP/1.1
Remediation:
419 Website Location Detected 0.0 Info Pass URL: https://65.61.137.117:8443/survey_questions.jsp

Port: tcp/8443
Service: https
Page 735 of 1637

CVSS Compliance
Score Status
Evidence:
hostname: demo.testfire.net
ip_address: 65.61.137.117
421 Website Detected 0.0 Info Pass URL: https://demo.testfire.net/

Port: tcp/443
Service: https
422 Website Location Detected 0.0 Info Pass URL: https://65.61.137.117:8443/disclaimer.htm?url=http://www.mi

crosoft.com
Port: tcp/8443
Service: https
423 Website Location Detected 0.0 Info Pass URL: https://65.61.137.117:8443/index.jsp?content=inside.htm

Port: tcp/8443
Page 736 of 1637

CVSS Compliance
Score Status
Service: https
424 Discovered Web Directories 0.0 Info Pass URL: http://demo.testfire.net:80/admin/

Port: tcp/80

Service: http
Evidence:
URL: http://demo.testfire.net:80/admin/
Remediation:
425 Website Location Detected 0.0 Info Pass URL: http://65.61.137.117/survey_questions.jsp

Port: tcp/80
Page 737 of 1637

CVSS Compliance
Score Status
Service: http
426 Website Location Detected 0.0 Info Pass URL: http://65.61.137.117/index.jsp?content=inside.htm

Port: tcp/80
Service: http
427 Embedded links or code 0.0 Info Pass URL: http://demo.testfire.net:8080/index.jsp?content=inside_contac

from out-of-scope domains t.htm
Port: tcp/8080

Service: http
Evidence:
Page 738 of 1637

CVSS Compliance
Score Status
Request: GET
HTTP/1.1
Remediation:
428 Website Location Detected 0.0 Info Pass URL: http://demo.testfire.net:8080/sendFeedback

Port: tcp/8080
Service: http
429 Embedded links or code 0.0 Info Pass URL: http://65.61.137.117:8080/index.jsp?content=inside_contact.h

from out-of-scope domains tm
Page 739 of 1637

CVSS Compliance
Score Status
Port: tcp/8080

Service: http
Evidence:
Request: GET
HTTP/1.1
Page 740 of 1637

CVSS Compliance
Score Status
Remediation:
430 Website Location Detected 0.0 Info Pass URL: http://65.61.137.117:8080/swagger/index.html

Port: tcp/8080
Service: http
431 Website Location Detected 0.0 Info Pass URL: http://65.61.137.117:8080/feedback.jsp

Port: tcp/8080
Service: http
432 Enumerated Applications 0.0 Info Pass URL: http://demo.testfire.net/

Port: tcp/80
Service: http
Page 741 of 1637

CVSS Compliance
Score Status
Evidence:
CPE: apache:tomcat
URI: /
Version: unknown
Remediation:
433 HTTP Responses Missing 0.0 Info Pass URL: http://65.61.137.117/high_yield_investments.htm

Service: http
Page 742 of 1637

CVSS Compliance
Score Status
Reference:
g_and_detection
Evidence:
URL: http://65.61.137.117/high_yield_investments.htm
Remediation:
encoding.
434 HTTP Responses Missing 0.0 Info Pass URL: http://65.61.137.117/retirement.htm

Page 743 of 1637

CVSS Compliance
Score Status
Service: http
Reference:
g_and_detection
Evidence:
URL: http://65.61.137.117/retirement.htm
Remediation:
encoding.
435 HTTP Responses Missing 0.0 Info Pass URL: http://demo.testfire.net:8080/retirement.htm

Page 744 of 1637

CVSS Compliance
Score Status
Service: http
Reference:
g_and_detection
Evidence:
URL: http://demo.testfire.net:8080/retirement.htm
Remediation:
encoding.
436 Enumerated Applications 0.0 Info Pass URL: http://65.61.137.117/

Port: tcp/80
Page 745 of 1637

CVSS Compliance
Score Status
Service: http
Evidence:
CPE: apache:tomcat
URI: /
Version: unknown
Remediation:
437 Website Location Detected 0.0 Info Pass URL: https://65.61.137.117/index.jsp

Port: tcp/443
Service: https
438 Website Location Detected 0.0 Info Pass URL: https://65.61.137.117/feedback.jsp

Port: tcp/443
Service: https
Page 746 of 1637

CVSS Compliance
Score Status
439 Website Location Detected 0.0 Info Pass URL: https://65.61.137.117/disclaimer.htm?url=http://www.microsof

t.com
Port: tcp/443
Service: https
440 Website Location Detected 0.0 Info Pass URL: http://65.61.137.117:8080/index.jsp?content=inside_contact.h

tm
Port: tcp/8080
Service: http
441 Website Location Detected 0.0 Info Pass URL: http://demo.testfire.net:8080/survey_questions.jsp?step=a

Port: tcp/8080
Service: http
Page 747 of 1637

CVSS Compliance
Score Status
442 Website Location Detected 0.0 Info Pass URL: http://demo.testfire.net:8080/search.jsp?query=_WSETESTDAT

A
Port: tcp/8080
Service: http
443 Insecure or no Content- 0.0 Info Pass URL: https://65.61.137.117:8443/


correctly.
Service: https
Reference:
Evidence:
application
Page 748 of 1637

CVSS Compliance
Score Status

Set-Cookie: JSESSIONID=9B8C68C14BB9B053BB189485F1F888A4;
Date: Tue, 06 Aug 2019 04:36:25 GMT

<head>
Page 749 of 1637

CVSS Compliance
Score Status
8859-1" />
</head>

cellspacing="0">
<tr>
</td>
</tr>
<tr>
</tr>
</table>
</form>
</div>
Page 750 of 1637

CVSS Compliance
Score Status
<tr>
</tr>
<tr>




Page 751 of 1637

CVSS Compliance
Score Status
Products</a></li>
Services</a></li>
</ul>

Products</a></li>
Services</a></li>
>
/li>
Page 752 of 1637

CVSS Compliance
Score Status
>Locations</a></li>
</ul>
</td>


<br />
<tr>
Page 753 of 1637

CVSS Compliance
Score Status
<br />
<br />
</td>
<br /><br/>
Mutual.
<br />
<br />
<b><a
Solutions.
</td>
Page 754 of 1637

CVSS Compliance
Score Status
<br /><br />

113" /></center><br /><br />

smartphone</a></b>
<br />
important feedback.
<br /><br />
</td>
</tr>
</table>
</td>
</div>
</tr>
</table>
Page 755 of 1637

CVSS Compliance
Score Status
Policy</a>
  |
  |
Check</a>
  |
  |
<br><br><br>
purpose of
application
site. Similarities,
implied. IBM does
more information,
Page 756 of 1637

CVSS Compliance
Score Status
com/software/products/us/en/subcategory/SWI10" >http://www-
/><br />

</div>
</div>
</body>
</html>

Remediation:
444 Website Location Detected 0.0 Info Pass URL: https://65.61.137.117:8443/feedback.jsp

Port: tcp/8443
Service: https
445 HTTP Responses Missing 0.0 Info Pass URL: http://demo.testfire.net/retirement.htm

Page 757 of 1637

CVSS Compliance
Score Status
Service: http
Reference:
g_and_detection
Evidence:
URL: http://demo.testfire.net/retirement.htm
Remediation:
encoding.
Page 758 of 1637

CVSS Compliance
Score Status
446 HTTP Responses Missing 0.0 Info Pass URL: http://demo.testfire.net/swagger/index.html

Service: http
Reference:
g_and_detection
Evidence:
URL: http://demo.testfire.net/swagger/index.html
Page 759 of 1637

CVSS Compliance
Score Status
Remediation:
encoding.
447 Discovered Web Directories 0.0 Info Pass URL: https://demo.testfire.net:443/admin/

Port: tcp/443

Service: https
Evidence:
URL: https://demo.testfire.net:443/admin/
Remediation:
448 SSL Perfect Forward 0.0 Info Pass Port: tcp/443

Secrecy Supported
The server supports Ephemeral Diffie-Hellman ciphers for the SSL/TLS
key exchange phase. Using this algorithm enforces Forward Secrecy for
secure communications with the server.
Page 760 of 1637

CVSS Compliance
Score Status
Service: https
Evidence:
Remediation:

Information
wrapped service.
Service: https
Page 761 of 1637

CVSS Compliance
Score Status
Evidence:
Verified: true
Today: 2019-08-05 21:59:57 -0500
Start date: 2018-12-21 02:38:15 UTC
End date: 2019-12-21 03:08:14 UTC
Expired: false
Fingerprint: B0:46:07:6F:F1:C9:1D:08:80:C8:64:5F:53:D8:C9:BE
Subject: /C=CA/ST=Ontario/L=Ottawa/O=IBM/CN=altoromutual.com
Common name: altoromutual.com
Issuer: /C=US/O=Entrust, Inc./OU=See www.entrust.net/legal-
terms/OU=(c) 2012 Entrust, Inc. - for authorized use only/CN=Entrust
Certification Authority - L1K
Version: 2
450 Discovered HTTP Methods 0.0 Info Pass URL: http://demo.testfire.net/swagger/

Port: tcp/80
accurately.
Service: http
Evidence:
Page 762 of 1637

CVSS Compliance
Score Status
URL: http://demo.testfire.net/swagger/
Remediation:
Service: http
Evidence:
ip_address: 65.61.137.117
port_number: 8080
452 Insecure or no Content- 0.0 Info Pass URL: https://demo.testfire.net/


Page 763 of 1637

CVSS Compliance
Score Status
correctly.
Service: https
Reference:
Evidence:
application

Set-Cookie: JSESSIONID=0565231311CE173563DB02789CEE78E3;
Date: Tue, 06 Aug 2019 04:30:23 GMT
Page 764 of 1637

CVSS Compliance
Score Status

<head>
8859-1" />
</head>

cellspacing="0">
<tr>
Page 765 of 1637

CVSS Compliance
Score Status
</td>
</tr>
<tr>
</tr>
</table>
</form>
</div>

<tr>
</tr>
<tr>
Page 766 of 1637

CVSS Compliance
Score Status




Insurance</a></li>
</ul>

Page 767 of 1637

CVSS Compliance
Score Status
</ul>

>Locations</a></li>
</ul>
</td>

Page 768 of 1637

CVSS Compliance
Score Status

<br />
<tr>
<br />
114" /></center>
<br />
</td>
128" /></center>
<br /><br/>
Page 769 of 1637

CVSS Compliance
Score Status
Mutual.
<br />
<br />
<b><a
Solutions.
</td>
<br /><br />


smartphone</a></b>
<br />
important feedback.
<br /><br />
Page 770 of 1637

CVSS Compliance
Score Status
</td>
</tr>
</table>
</td>
</div>
</tr>
</table>
Policy</a>
  |
  |
Check</a>
  |
  |
Page 771 of 1637

CVSS Compliance
Score Status
<br><br><br>
purpose of
application
site. Similarities,
implied. IBM does
more information,
/>

reserved.
</div>
</div>
</body>
</html>

Remediation:
Page 772 of 1637

CVSS Compliance
Score Status
453 Website Location Detected 0.0 Info Pass URL: https://demo.testfire.net/swagger/index.html

Port: tcp/443
Service: https
454 Website Location Detected 0.0 Info Pass URL: http://65.61.137.117:8080/subscribe.jsp

Port: tcp/8080
Service: http
455 Website Location Detected 0.0 Info Pass URL: http://65.61.137.117:8080/status_check.jsp

Port: tcp/8080
Service: http
456 HTTP Responses Missing 0.0 Info Pass URL: https://demo.testfire.net:8443/high_yield_investments.htm

Page 773 of 1637

CVSS Compliance
Score Status
Service: https
Reference:
g_and_detection
Evidence:
URL: https://demo.testfire.net:8443/high_yield_investments.htm
Remediation:
encoding.
Page 774 of 1637

CVSS Compliance
Score Status
457 HTTP Responses Missing 0.0 Info Pass URL: https://demo.testfire.net:8443/swagger/index.html

Service: https
Reference:
g_and_detection
Evidence:
URL: https://demo.testfire.net:8443/swagger/index.html
Page 775 of 1637

CVSS Compliance
Score Status
Remediation:
encoding.
458 Discovered Web Directories 0.0 Info Pass URL: https://65.61.137.117:8443/admin/

Port: tcp/8443

Service: https
Evidence:
URL: https://65.61.137.117:8443/admin/
Remediation:
459 Website Location Detected 0.0 Info Pass URL: http://65.61.137.117/subscribe.jsp

Port: tcp/80
Page 776 of 1637

CVSS Compliance
Score Status
Service: http
460 Discovered Web Directories 0.0 Info Pass URL: http://65.61.137.117:8080/admin/

Port: tcp/8080

Service: http
Evidence:
URL: http://65.61.137.117:8080/admin/
Remediation:
461 Discovered Web Directories 0.0 Info Pass URL: http://demo.testfire.net:8080/bank/

Port: tcp/8080

Page 777 of 1637

CVSS Compliance
Score Status
Service: http
Evidence:
URL: http://demo.testfire.net:8080/bank/
Remediation:
462 HTTP Responses Missing 0.0 Info Pass URL: http://demo.testfire.net:8080/high_yield_investments.htm

Page 778 of 1637

CVSS Compliance
Score Status
Service: http
Reference:
g_and_detection
Evidence:
URL: http://demo.testfire.net:8080/high_yield_investments.htm
Remediation:
encoding.
463 Website Detected 0.0 Info Pass URL: http://demo.testfire.net/

Port: tcp/80
Service: http
Evidence:
path: /
Page 779 of 1637

CVSS Compliance
Score Status
464 Website Detected 0.0 Info Pass URL: http://65.61.137.117:8080/

Port: tcp/8080
Service: http
Evidence:
path: /
465 Discovered Web Directories 0.0 Info Pass URL: https://65.61.137.117:8443/bank/

Port: tcp/8443

Service: https
Evidence:
URL: https://65.61.137.117:8443/bank/
Page 780 of 1637

CVSS Compliance
Score Status
Remediation:
466 Discovered HTTP Methods 0.0 Info Pass URL: https://65.61.137.117:8443/swagger/

Port: tcp/8443
accurately.
Service: https
Evidence:
URL: https://65.61.137.117:8443/swagger/
Remediation:
467 HTTP Responses Missing 0.0 Info Pass URL: https://65.61.137.117:8443/retirement.htm

Page 781 of 1637

CVSS Compliance
Score Status
Service: https
Reference:
g_and_detection
Evidence:
URL: https://65.61.137.117:8443/retirement.htm
Remediation:
encoding.
Page 782 of 1637

CVSS Compliance
Score Status
468 Enumerated Applications 0.0 Info Pass URL: https://65.61.137.117:8443/

Port: tcp/8443
Service: https
Evidence:
CPE: apache:tomcat
URI: /
Version: unknown
Remediation:
469 Website Detected 0.0 Info Pass URL: https://demo.testfire.net:8443/

Port: tcp/8443
Service: https
470 Website Location Detected 0.0 Info Pass URL: https://demo.testfire.net/index.jsp?content=personal.htm

Port: tcp/443
Page 783 of 1637

CVSS Compliance
Score Status
Service: https
471 Website Location Detected 0.0 Info Pass URL: https://demo.testfire.net/doSubscribe

Port: tcp/443
Service: https
472 Website Location Detected 0.0 Info Pass URL: https://65.61.137.117:8443/swagger/index.html

Port: tcp/8443
Service: https
473 Insecure or no Content- 0.0 Info Pass URL: https://65.61.137.117/


Page 784 of 1637

CVSS Compliance
Score Status
correctly.
Service: https
Reference:
Evidence:
application

Set-Cookie: JSESSIONID=3804E3482E26BDF0C73231467A2AC9D4;
Date: Tue, 06 Aug 2019 04:04:18 GMT
Page 785 of 1637

CVSS Compliance
Score Status

<head>
8859-1" />
</head>

cellspacing="0">
<tr>
Page 786 of 1637

CVSS Compliance
Score Status
</td>
</tr>
<tr>
</tr>
</table>
</form>
</div>

<tr>
</tr>
Page 787 of 1637

CVSS Compliance
Score Status
<tr>




Insurance</a></li>
</ul>

Page 788 of 1637

CVSS Compliance
Score Status
</ul>

>Locations</a></li>
</ul>
</td>
Page 789 of 1637

CVSS Compliance
Score Status


<br />
<tr>
<br />
114" /></center>
<br />
</td>
128" /></center>
<br /><br/>
Page 790 of 1637

CVSS Compliance
Score Status
Mutual.
<br />
<br />
<b><a
Solutions.
</td>
<br /><br />


smartphone</a></b>
<br />
important feedback.
Page 791 of 1637

CVSS Compliance
Score Status
<br /><br />
</td>
</tr>
</table>
</td>
</div>
</tr>
</table>
Policy</a>
  |
  |
Check</a>
  |
  |
Page 792 of 1637

CVSS Compliance
Score Status
<br><br><br>
purpose of
application
site. Similarities,
implied. IBM does
more information,
/>

reserved.
</div>
</div>
</body>
</html>

Remediation:
Page 793 of 1637

CVSS Compliance
Score Status
474 Website Location Detected 0.0 Info Pass URL: https://65.61.137.117/

Port: tcp/443
Service: https
475 Website Location Detected 0.0 Info Pass URL: https://65.61.137.117/login.jsp

Port: tcp/443
Service: https
476 Website Location Detected 0.0 Info Pass URL: http://65.61.137.117/disclaimer.htm?url=http://www.microsoft.

com
Port: tcp/80
Service: http
477 Website Location Detected 0.0 Info Pass URL: http://65.61.137.117/index.jsp?content=business.htm
Page 794 of 1637

CVSS Compliance
Score Status
Port: tcp/80
Service: http
478 Website Location Detected 0.0 Info Pass URL: http://65.61.137.117/status_check.jsp

Port: tcp/80
Service: http
479 Website Location Detected 0.0 Info Pass URL: http://65.61.137.117/index.jsp

Port: tcp/80
Service: http
480 Website Location Detected 0.0 Info Pass URL: http://demo.testfire.net:8080/disclaimer.htm?url=http://www.

microsoft.com
Port: tcp/8080
Page 795 of 1637

CVSS Compliance
Score Status
Service: http
481 Website Location Detected 0.0 Info Pass URL: http://demo.testfire.net:8080/doSubscribe

Port: tcp/8080
Service: http
resolution.
Evidence:
hostname: demo.testfire.net
ip_address: 65.61.137.117
483 Insufficient or No use of 0.0 Info Pass URL: https://65.61.137.117/

header
Page 796 of 1637

CVSS Compliance
Score Status
Service: https
Reference:
Evidence:
Remediation:
484 Embedded links or code 0.0 Info Pass URL: https://65.61.137.117/index.jsp?content=inside_contact.htm


Page 797 of 1637

CVSS Compliance
Score Status
Service: https
Evidence:
Request: GET
Remediation:
485 Website Location Detected 0.0 Info Pass URL: https://65.61.137.117/sendFeedback

Port: tcp/443
Page 798 of 1637

CVSS Compliance
Score Status
Service: https
486 Website Location Detected 0.0 Info Pass URL: http://demo.testfire.net:8080/swagger/index.html

Port: tcp/8080
Service: http
487 Website Location Detected 0.0 Info Pass URL: https://demo.testfire.net/status_check.jsp

Port: tcp/443
Service: https
488 Website Location Detected 0.0 Info Pass URL: http://65.61.137.117:8080/index.jsp?content=inside.htm

Port: tcp/8080
Page 799 of 1637

CVSS Compliance
Score Status
Service: http
489 Website Location Detected 0.0 Info Pass URL: https://65.61.137.117:8443/sendFeedback

Port: tcp/8443
Service: https
490 Website Detected 0.0 Info Pass URL: https://demo.testfire.net/

Port: tcp/443
Service: https
Evidence:
path: /
491 Discovered HTTP Methods 0.0 Info Pass URL: https://65.61.137.117/swagger/

Port: tcp/443
Page 800 of 1637

CVSS Compliance
Score Status
accurately.
Service: https
Evidence:
URL: https://65.61.137.117/swagger/
Remediation:
492 Enumerated Hostnames 0.0 Info Pass This list contains all hostnames discovered during the scan that are
believed to belong to this host.
Evidence:
Hostname: altoromutual.com, Source: SSL Certificate Subject Common
Name
Hostname: altoromutual.com, Source: SSL Certificate Subject
subjectAltName DNS
Hostname: www.altoromutual.com, Source: SSL Certificate Subject
subjectAltName DNS
Hostname: demo.testfire.net, Source: SSL Certificate Subject
subjectAltName DNS
Page 801 of 1637

CVSS Compliance
Score Status
Remediation:
No action is required.
493 Enumerated Applications 0.0 Info Pass URL: http://demo.testfire.net:8080/

Port: tcp/8080
Service: http
Evidence:
CPE: apache:tomcat
URI: /
Version: unknown
Remediation:
494 Insecure or no Content- 0.0 Info Pass URL: http://demo.testfire.net:8080/


correctly.
Page 802 of 1637

CVSS Compliance
Score Status
Service: http
Reference:
Evidence:
application

Set-Cookie: JSESSIONID=03939398EA63CCAEE93295DC28E42282;
Path=/; HttpOnly
Date: Tue, 06 Aug 2019 04:32:24 GMT
Page 803 of 1637

CVSS Compliance
Score Status

<head>
8859-1" />
</head>

cellspacing="0">
<tr>
Page 804 of 1637

CVSS Compliance
Score Status
</td>
</tr>
<tr>
</tr>
</table>
</form>
</div>

<tr>
</tr>
<tr>

Page 805 of 1637

CVSS Compliance
Score Status



Insurance</a></li>
</ul>

Page 806 of 1637

CVSS Compliance
Score Status
</ul>

>Locations</a></li>
</ul>
</td>

Page 807 of 1637

CVSS Compliance
Score Status

<br />
<tr>
<br />
114" /></center>
<br />
</td>
128" /></center>
<br /><br/>
Page 808 of 1637

CVSS Compliance
Score Status
Mutual.
<br />
<br />
<b><a
Solutions.
</td>
<br /><br />


smartphone</a></b>
<br />
important feedback.
<br /><br />
</td>
</tr>
</table>
Page 809 of 1637

CVSS Compliance
Score Status
</td>
</div>
</tr>
</table>
Policy</a>
  |
  |
Check</a>
  |
  |
<br><br><br>
Page 810 of 1637

CVSS Compliance
Score Status
purpose of
application
site. Similarities,
implied. IBM does
more information,
>http://www-
/><br />

</div>
</div>
</body>
</html>

Remediation:
Page 811 of 1637
google-gruyere.appspot.com (MV PCI6)

CVSS Compliance
Score Status
Service: https
Reference:
https://www.pcisecuritystandards.org/documents/Migrating_from_SSL_E
arly_TLS_Information%20Supplement_v1.pdf
Evidence:
Cipher Suite: TLSv1 : AES256-SHA
Cipher Suite: TLSv1 : DES-CBC3-SHA
Remediation:
Page 812 of 1637

CVSS Compliance
Score Status
2 CVE-2016-2183 Block cipher algorithms 5.0 Medium Fail Port: tcp/443

with block size of 64 bits
(like DES and 3DES) This is a cipher vulnerability, not limited to any specific SSL/TLS
birthday attack known as software implementation. DES and Triple DES (3DES) block ciphers with
Sweet32 a block size of 64 bits, have a birthday bound of approximately 4 billion
blocks (or 2 to the power of 32, hence the name of this vulnerability). A
man-in-the-middle (MitM) attacker, who is able to capture a large
amount of encrypted network traffic, can recover sensitive plain text
data.
NOTE: Cipher block size must not be confused with key length. DES /
3DES ciphers are vulnerable because they always operate on 64 bit
blocks regardless of the key length. If this vulnerability is detected, and
in the list of detected ciphers you see only entries with numbers
different than 64 (eg. TLSv1 112 bits ECDHE-RSA-DES-CBC3-SHA), the
detection is still valid, because '112 bits' is the key length.
CVE: CVE-2016-2183
Service: https
Page 813 of 1637

CVSS Compliance
Score Status
Reference:
https://access.redhat.com/security/cve/cve-2016-2183
https://sweet32.info/
https://www.openssl.org/blog/blog/2016/08/24/sweet32/
Evidence:
Cipher Suite: TLSv1_1 : DES-CBC3-SHA
Remediation:
This issue can by avoided by disabling block ciphers of 64 bit block
length (like DES/3DES) in all the SSL/TLS servers. Exact procedure
depends on the actual implementation. Please refer to the
documentation of your SSL/TLS server software and actual service
software (http server, mail server, etc).
NOTE 1: This finding is based on a live test that actually detects which
ciphers are supported by the server. It is very important to note that in
many cases, a software update (backported version provided by
Operating System vendor or "vanilla" release taken directly from
SSL/TLS vendor) won't be enough to resolve this issue. Usually software
update doesn't overwrite manually tweaked configuration files, which
means, DES/3DES can be still available, even if the software update
disables them by default.
NOTE 2: On Windows 7/10 systems running RDP (Remote Desktop

Protocol), the vulnerable cipher that should be disabled is labeled
'TLS_RSA_WITH_3DES_EDE_CBC_SHA'.
NOTE 3: If disabling 64 bit block ciphers is not possible, please limit the
number of requests client can make in a single TLS session and / or the
Page 814 of 1637

CVSS Compliance
Score Status
keep-alive timeout value. As stated before, successful attack requires
huge amounts of data gathered in a single TLS session (without
rekeying).
CVE: CVE-2011-3389
Service: https
Reference:
Evidence:
Page 815 of 1637

CVSS Compliance
Score Status
Remediation:
versions of TLS.

SYN+FIN TCP Packets
Service: http
Reference:
Remediation:
Page 816 of 1637

CVSS Compliance
Score Status

SYN+FIN TCP Packets
Service: https
Reference:
Remediation:
6 Wildcard SSL Certificate 0.0 Info Pass Port: tcp/443

Detected
An SSL certificate with a wildcarded common name (CN) record (e.g.,
*.mydomain.com) was detected on this service.
Page 817 of 1637

CVSS Compliance
Score Status
Service: https
Evidence:
Subject: /C=US/ST=California/L=Mountain View/O=Google
LLC/CN=*.appspot.com
Issuer: /C=US/O=Google Trust Services/CN=Google Internet Authority
G3
Certificate Chain Depth: 0
Wildcard Subject Name: *.appspot.com
Remediation:
Review your certificate configurations to assure that wildcard
certificates are suitable for your application.

Suites
SHA).

Page 818 of 1637

CVSS Compliance
Score Status
Service: https
Reference:
Evidence:
Cipher Suite: TLSv1_1 : AES256-SHA
Cipher Suite: TLSv1_2 : AES256-GCM-SHA384
Cipher Suite: TLSv1_2 : AES128-GCM-SHA256
Page 819 of 1637

CVSS Compliance
Score Status
Remediation:
8 SSL Certificate Expiring 0.0 Info Pass Port: tcp/443

Soon
This SSL certificate is currently valid; however, it is set to expire in the
near future.
Service: https
Evidence:
G3
Expiration Date: 2019-10-21 18:23:00 UTC
Days to expiration: 76
Remediation:
Contact your Certificate Authority (CA) to have a new certificate issued
prior to the expiration date. Please note the port associated with this
finding. This finding may NOT be originating from port 443, which is
what most online testing tools check by default.

Detected
An SSL certificate with a wildcarded common name (CN) record (e.g., *.
Page 820 of 1637

CVSS Compliance
Score Status
mydomain.com) was detected on this service.
Service: https
Evidence:
G3
Wildcard Subject Name: *.thinkwithgoogle.com
Remediation:

Detected
Service: https
Evidence:
G3
Page 821 of 1637

CVSS Compliance
Score Status
Wildcard Subject Name: *.withgoogle.com
Remediation:
Service: http
Evidence:
ip_address: 172.217.0.20
port_number: 80
resolution.
Evidence:
hostname: google-gruyere.appspot.com
ip_address: 172.217.0.20
Page 822 of 1637

CVSS Compliance
Score Status
resolution.
Evidence:
ip_address: 2607:F8B0:4009:813::2014

Detected
Service: https
Evidence:
G3
Wildcard Subject Name: *.withyoutube.com
Remediation:
Page 823 of 1637

CVSS Compliance
Score Status
Evidence:
ip_address: 2607:F8B0:4009:813::2014
Evidence:
ip_address: 172.217.0.20
17 Enumerated Hostnames 0.0 Info Pass This list contains all hostnames discovered during the scan that are
believed to belong to this host.
Evidence:
Hostname: app.google, Source: SSL Certificate Subject subjectAltName
DNS
Hostname: appspot.com, Source: SSL Certificate Subject
subjectAltName DNS
Hostname: run.app, Source: SSL Certificate Subject subjectAltName
DNS
Hostname: thinkwithgoogle.com, Source: SSL Certificate Subject
subjectAltName DNS
Hostname: withgoogle.com, Source: SSL Certificate Subject
subjectAltName DNS
Hostname: withyoutube.com, Source: SSL Certificate Subject
subjectAltName DNS
Page 824 of 1637

CVSS Compliance
Score Status
Remediation:
No action is required.

Information
wrapped service.
Service: https
Evidence:
Verified: true
Today: 2019-08-05 21:55:42 -0500
Start date: 2019-07-29 18:32:34 UTC
End date: 2019-10-21 18:23:00 UTC
Expired: false
Fingerprint: F5:29:C8:4C:78:6F:F6:43:49:91:22:B7:02:C4:08:E2
Common name: *.appspot.com
G3
Version: 2
Page 825 of 1637

CVSS Compliance
Score Status
Service: https
Evidence:
ip_address: 172.217.0.20
port_number: 443
ssl_enabled: true
Evidence:
ip_address: 172.217.0.20
os_name: embedded
hackazon.webscantest.com (MV PCI7)

CVSS Compliance
Score Status
1 SQL Injection Vulnerability 7.5 High Fail URL: https://hackazon.webscantest.com/wishlist/new

Port: tcp/443
Page 826 of 1637

CVSS Compliance
Score Status
Service: https
Reference:
Evidence:
POST - https://hackazon.webscantest.com/wishlist/new - type
False Injection: or 7=6
True Injection: or 7=7
True Request: POST https://hackazon.webscantest.com/wishlist/new
HTTP/1.1
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://hackazon.webscantest.com/wishlist
Origin: https://hackazon.webscantest.com
Page 827 of 1637

CVSS Compliance
Score Status
X-Requested-With: XMLHttpRequest
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
id=&name=New+Wish+List&type=or+7%3D7&_csrf_wishlist_add=Wz
up7LwI01S7dirlrNYtCePuKQ3QdAO9
Date: Tue, 06 Aug 2019 04:15:41 GMT
Server: Apache/2.4.7 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.29
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-
check=0
Pragma: no-cache
Content-Length: 25
Connection: close
Content-Type: application/json; charset=utf-8
{"success":1,"id":"3188"}
False Request: POST https://hackazon.webscantest.com/wishlist/new
HTTP/1.1
Referer: https://hackazon.webscantest.com/wishlist
Origin: https://hackazon.webscantest.com
id=&name=New+Wish+List&type=or+7%3D6&_csrf_wishlist_add=Wz
up7LwI01S7dirlrNYtCePuKQ3QdAO9
Page 828 of 1637

CVSS Compliance
Score Status
Date: Tue, 06 Aug 2019 04:15:42 GMT
check=0
Pragma: no-cache
Content-Length: 25
Connection: close
{"success":1,"id":"3189"}
Remediation:

2 CVE-2017-9788 Apache HTTP Server 7.5 High Fail URL: https://hackazon.webscantest.com/

CVE-2017-7679 Multiple Vulnerabilities Port: tcp/443
CVE-2017-7668 2.2.x Through 2.2.34 and
2.4.x Apache HTTP Server suffers from multiple vulnerabilities in 2.2.x
Page 829 of 1637

CVSS Compliance
Score Status
CVE-2017-3169 prior to 2.4.26 through 2.2.34 and 2.4.x prior to 2.4.26. These vulnerabilities are listed
CVE-2017-3167 below.
CVE-2017-3167 - A vulnerability exists in the ap_get_basic_auth_pw()

function of Apache HTTP Serverwhere if it used in a third party
extension outside of the authentication phase authentication
requirements can be bypassed.
CVE-2017-3169 - The mod_ssl module in Apache HTTP Server may

dereference a null pointer when ap_hook_process_connection() is called
by third party modules.
CVE-2017-7668 - The ap_find_token() function in Apache HTTP Server is

vulnerable to segmentation faults and other effects from crafted
malicious input.
CVE-2017-7679 - mod_mime can read one byte past its' buffer when
used in a malicious Content-Type response header.
CVE-2017-9788 - The [Proxy-]Authorization headers in Apache HTTP

Server can potentially leak information or experience a segmentation
fault causing a denial of service. This vulnerability exists due to poor
key refresh and assignment practices between sessions.
CVE: CVE-2017-9788, CVE-2017-7679, CVE-2017-7668, CVE-

2017-3169, CVE-2017-3167
Service: https
Application: apache:http_server
Reference:
https://httpd.apache.org/security/vulnerabilities_22.html
Page 830 of 1637

CVSS Compliance
Score Status
https://httpd.apache.org/security/vulnerabilities_24.html
Evidence:
Match: '2.4.7' is greater than or equal to '2.4.0'
Match: '2.4.7' is less than '2.4.26'
Remediation:
Upgrade to the most recent version of Apache HTTP Server 2.2.34 for
2.2 users or 2.4.26 for 2.4 users.
3 SQL Injection Vulnerability 7.5 High Fail URL: http://hackazon.webscantest.com/wishlist/new

Port: tcp/80

Service: http
Reference:
Page 831 of 1637

CVSS Compliance
Score Status
Evidence:
POST - http://hackazon.webscantest.com/wishlist/new - type
True Request: POST http://hackazon.webscantest.com/wishlist/new
HTTP/1.1
Referer: http://hackazon.webscantest.com/wishlist
Origin: http://hackazon.webscantest.com
id=&name=New+Wish+List&type=or+7%3D7&_csrf_wishlist_add=U0z
tnjBA24QQ69yzqfMsDo0iHP4UVVo7
Date: Tue, 06 Aug 2019 04:14:50 GMT
check=0
Pragma: no-cache
Content-Length: 25
Connection: close
Page 832 of 1637

CVSS Compliance
Score Status
{"success":1,"id":"2580"}
False Request: POST http://hackazon.webscantest.com/wishlist/new
HTTP/1.1
id=&name=New+Wish+List&type=or+7%3D6&_csrf_wishlist_add=U0z
tnjBA24QQ69yzqfMsDo0iHP4UVVo7
Date: Tue, 06 Aug 2019 04:14:50 GMT
check=0
Pragma: no-cache
Content-Length: 25
Connection: close
{"success":1,"id":"2581"}
Remediation:
Page 833 of 1637

CVSS Compliance
Score Status

4 SQL Injection Vulnerability 7.5 High Fail URL: http://hackazon.webscantest.com/wishlist/new

Port: tcp/80

Service: http
Reference:
Page 834 of 1637

CVSS Compliance
Score Status
Evidence:
POST - http://hackazon.webscantest.com/wishlist/new - id
True Request: POST http://hackazon.webscantest.com/wishlist/new
HTTP/1.1
id=or+7%3D7&name=New+Wish+List&type=private&_csrf_wishlist_a
dd=U0ztnjBA24QQ69yzqfMsDo0iHP4UVVo7

Date: Tue, 06 Aug 2019 04:14:41 GMT
check=0
Pragma: no-cache
Content-Length: 25
Connection: close
Page 835 of 1637

CVSS Compliance
Score Status
{"success":1,"id":"2464"}
False Request: POST http://hackazon.webscantest.com/wishlist/new
HTTP/1.1
id=or+7%3D6&name=New+Wish+List&type=private&_csrf_wishlist_a
dd=U0ztnjBA24QQ69yzqfMsDo0iHP4UVVo7

Date: Tue, 06 Aug 2019 04:14:41 GMT
check=0
Pragma: no-cache
Content-Length: 25
Connection: close
{"success":1,"id":"2465"}
Remediation:
Page 836 of 1637

CVSS Compliance
Score Status

5 SQL Injection Vulnerability 7.5 High Fail URL: https://hackazon.webscantest.com/product/view?id=or+7%3D

6
Port: tcp/443

Service: https
Page 837 of 1637

CVSS Compliance
Score Status
Reference:
Evidence:
GET - https://hackazon.webscantest.com/product/view?id=or+7%3D6 -
id
True Request: GET
https://hackazon.webscantest.com/product/view?id=or+7%3D7
HTTP/1.1
True Response: HTTP/1.0 503 Service Unavailable

Cache-Control: no-cache
Connection: close
Content-Type: text/html
<html><body><h1>503 Service Unavailable</h1>

No server is available to handle this request.
</body></html>
False Request: GET

https://hackazon.webscantest.com/product/view?id=or+7%3D6
HTTP/1.1
Page 838 of 1637

CVSS Compliance
Score Status
False Response: HTTP/1.1 404 Not Found

Date: Tue, 06 Aug 2019 04:18:54 GMT
check=0
Pragma: no-cache
Status: 404 Not Found
Connection: close
Content-Type: text/html; charset=utf-8
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Hackazon — Error: 404 Invalid product id</title>
<meta name="viewport" content="width=device-width, initial-

scale=1.0">
<meta name="description" content="">
<meta name="author" content="">


<link href="/css/bootstrap.css" rel="stylesheet">



<link href="/font-awesome/css/font-awesome.min.css"
rel="stylesheet">


<link href="/css/ekko-lightbox.css" rel="stylesheet">
<link href="/css/star-rating.min.css" rel="stylesheet">
<link href="/css/nivo-slider.css" rel="stylesheet">
<link href="/css/nivo-themes/bar/bar.css" rel="stylesheet">
<link href="/css/nivo-themes/light/light.css" rel="stylesheet">
<link href="/css/bootstrapValidator.css" rel="stylesheet">
<link href="/css/modern-business.css" rel="stylesheet">
<link href="/css/ladda-themeless.min.css" rel="stylesheet">


<link href="/css/subcategory.css" rel="stylesheet">
<link href="/css/site.css" rel="stylesheet">
<link href="/css/sidebar.css" rel="stylesheet">
var App = window.App || {};
App.config =
{"host":"http:\/\/hackazon.webscantest.com","user":{"id":"473","userna
me":"CHSuser","first_name":"John","last_name":"Smith","user_phone":"
4085551234","email":"jsmith20@kelev.biz","created_on":"2019-08-05
20:02:57","photo":null,"photoUrl":null},"baseImgPath":"\/user_pictures\
/","dataType":"xml"};
</script>


<script src="/js/jquery-1.10.2.js"></script>
<script src="/js/json3.min.js"></script>
<script src="/js/jquery.dump.js"></script>
Page 840 of 1637

CVSS Compliance
Score Status
<script src="/js/jquery-migrate-1.2.1.js"></script>
<script src="/js/bootstrap.js"></script>
<script src="/js/modern-business.js"></script>
<script src="/js/bootstrapValidator.min.js"></script>
<script src="/js/jquery.validate.min.js"></script>
<script src="/js/spin.min.js"></script>
<script src="/js/moment.min.js"></script>
<script src="/js/jquery.modern-blink.js"></script>
<script src="/js/ladda.min.js"></script>
<script src="/js/ladda.jquery.min.js"></script>
<script src="/js/jquery.inputmask.js"></script>
<script src="/js/ekko-lightbox.js"></script>
<script src="/js/jquery.nivo.slider.pack.js"></script>
<script src="/js/respond.min.js"></script>
<script src="/js/star-rating.min.js"></script>
<script src="/js/bootstrap.file-input.js"></script>
<script src="/js/knockout-2.2.1.js"></script>
<script src="/js/knockout.localStorage.js"></script>
<script src="/js/koExternalTemplateEngine_all.min.js"></script>
<script src="/js/amf/services.js"></script>
<script src="/js/swfobject.js"></script>
<script src="/js/tools.js"></script>
<script src="/js/site.js"></script>
// For version detection, set to min. required Flash Player version,
or 0 (or 0.0.0), for no version detection.
var swfVersionStr = "11.1.0";
// To use express install, set to playerProductInstall.swf, otherwise
the empty string.
var xiSwfUrlStr = "/swf/playerProductInstall.swf";
var flashvars = {
Page 841 of 1637

CVSS Compliance
Score Status
host: "http://hackazon.webscantest.com"
};
var params = {};
params.quality = "high";
params.bgcolor = "#ffffff";
params.allowscriptaccess = "sameDomain";
params.allowfullscreen = "false";
var attributes = {};
attributes.id = "SliderBanner";
attributes.name = "SliderBanner";
attributes.align = "middle";
$(function () {
if ($('#flashBanner').length) {
setTimeout(function () {
swfobject.embedSWF(
"/swf/SliderBanner.swf", "flashBanner",
"360", "290",
swfVersionStr, xiSwfUrlStr,
flashvars, params, attributes);
// JavaScript enabled so display the flashContent div in
case it is not replaced with a swf object.
swfobject.createCSS("#flashBanner", "display:block;text-
align:left;");
}, 300);
}
});
</script>
</head>
<body class="">
<header class="hw-header">
<nav class="navbar hw-navbar navbar-fixed-top" role="navigation"
Page 842 of 1637

CVSS Compliance
Score Status
>
<div class="container">
<div class="navbar-header">
<button type="button" class="navbar-toggle collapsed"
data-toggle="collapse" data-target="#hw-navbar">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand hw-navbar-brand" href="/"><img src="
/images/Hackazon.png"></a>
</div>

<div class="collapse hw-navbar-collapse navbar-collapse
navbar-ex1-collapse" id="hw-navbar">
<ul class="nav navbar-nav navbar-right">
<li><a href="/faq">FAQ</a></li>
<li><a href="/contact">Contact Us</a></li>
<li class="
dropdown">
<a href="
/wishlist" class="dropdown-toggle" data-toggle="dropdown">Wish List
<b class="caret"></b></a>
<ul class="
dropdown-menu">
<li><a href="/wishlist/">Wish Lists</a></li>

</ul>
</li>
<li class="dropdown">
Page 843 of 1637

CVSS Compliance
Score Status
<a href="#" class="dropdown-toggle
hw-account-link" data-toggle="dropdown">Your account
<img
src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAB4AAAA
eCAIAAAHDVQljAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR
5ccllPAAAA7NJREFUeNpiXHHi/o/ffxnAgAnI+vvvv5mSMJDBBBT4/fcfRIZFg
ItNTYIXyLJTFwMIIMYFh+8wwABID1CDGB8HVA8Q3H/9BUgyXn/2/v9/EP/7
778AAQTSAzHdUVMcKHTu4bsvP/6A9EO0cLExQxi6MgJQgyHU119Qx118
9B7CYLz5/APQHAYMABBAKO6CAxaI95w0xf/8+8/CxLjv+kuE6X/BDvwDM
40JTS/E+VDRe6++AklmJkZGRpgoUF5WmBPIABoAMQSL44B2MmG6F6g
cIICgYQIXAioCBqOsMNev3/8uP/kAtAnFGGQOGwuTpYoIxHkMHAzAMH3x
8cetF58Q0YJi19//UEfjACiqf//79/vPP0SoMjK8+vQDp2pmRsYjt17D3fr47bf
3336huxvoM252Fn1ZQS52ZiAbHhoyQlxA7wKNuPv6y91XX0Bhe+v5hz/Y
IhcrAAgg7DGOFXCwMrMgBzbYZ4wqYjy8nKwP33wFehFfeIvwsuvICPwDO
0xbmh+YSPddf8GEFKZMyGlGXYLvH5IfgOb+/487vP8zoHv3P87YYWT4h
RQ1EKWMuFT///+fnZUZWQ7oKGDKwa4a6JvbLz4jJxNg7v+NahuK1mcfvr
MgBdm1px+ZUEMQPZ28/vITymZifPf1J840+AeUWpgFudjg2cJGTQwoiByI
LP/BEspiPMqiPMBcjCLHxOiqLfHt598Lj99/+wkqZBjP3n/Dy8GCP2EBvQ4M
g+vPPrFwsjETTINAC4HWaknxMTEQDYBGAgRotcpyGoaBaLxlaVrSQgCpS
CyH4Lochj8ugJBAiB9AVC2kVbpkdZ8TBFVSW61UK/KP7fF43jIhd/fPDQjbm
0AeqSqmcqqJ1OBmewBWTvUaR6mGA+869Ds2J9Udsqo4ZhjHZ7T8nqe
6KxCWG5K9vTkJOmJT1Ypo1Xzac4Z992WktM014beXDwXwBINblFIaEOC
U7upqm89BP1qkBbFMNV2k+d6hkaxv867DpT7rQlpXIcyQ6rbos05z1WL
1TABJkqyAanU8oAYYYeJv4zlnW44Cusf36OF1YiCYCQfGyCROslyS1puiZT
aaJYLtD+NvxUsZeAJZyxYSfU9cDLy8MGmNN84of2Qk7DrngXfUEYLSrT8a
uTKe3mXozxbZ13Q5jpO0kLSyj//QNXOPffsscMOuC92VpfVHZwOvsQSzH
Pg2PkQExdNcjuPVaLqCSrFKnj5+0LuKndvkLgPkAWvpwePW5oOwnCmxlt
ahB8KuAf+pyQJVxN7hAAAAAElFTkSuQmCC" id="loginusericon"
class="userpic small" class="header-user-photo"><b
class="caret"></b></a>
<ul class="dropdown-menu">
<li><a href="/account/orders">My orders</a></li>
<li><a href="/account#profile">My profile</a></li>
<li><a href="/account/documents">My
Page 844 of 1637

CVSS Compliance
Score Status
documents</a></li>
<li><a href="/account/help_articles">Help
Articles</a></li>
<li><a href="/helpdesk">Helpdesk</a></li>
</ul>
</li>
<li class="dropdown hw-login-item">
<a href="/user/logout" class="login-window">Logout</a>

</li>
<a class="dropdown-toggle js-cart-top-icon" data-
toggle="dropdown" href="#"><span class="glyphicon glyphicon-
shopping-cart"></span></a>
<ul class="dropdown-menu js-cart-top-list cart-top-list"
>
<li><a href="/product/view?id=64"><span class="
pull-left product-name"><small>113x</small>
Molton Brown Indian Cress Purifying Shampoo, 10 fl. oz.
</span> <small class="pull-right label label-info">$ 3390,-
</small></a></li><li><a href="/product/view?id=1"><span class="
Martha Stewart Crafts Garland, Pink Pom Pom Small
</small></a></li><li><a href="/product/view?id=101"><span
class="pull-left product-name"><small>1x</small>
Diesel Men's Sleenker Skinny-Leg Jean 0608D
Native Forest Organic Classic Coconut Milk, 13.5-Ounce Cans (Pack of
12)
Page 845 of 1637

CVSS Compliance
Score Status
Ninja Master Prep (QB900B)
Hairfinity Hair Vitamins 60 capsules
</small></a></li> <li class="divider"></li>
<li><a href="/cart/view">Show all items in shopping
cart <i class="glyphicon glyphicon-chevron-right"></i></a></li>
</ul>
</li>
</ul>
</div>
<div class="row">
<div class="col-xs-12 col-md-12 col-lg-12">
<div class="row">
<form role="search" action="/search" method="get"
id="searchForm" >
<input type="hidden" name="id" value="" />
<div class="col-xs-12 col-md-12">
<div class="input-group" style="margin-bottom: 10px;">
<div class="input-group-btn">
<button type="button" class="btn btn-default dropdown-
toggle" data-toggle="dropdown" id="searchLabel">All <span
class="caret"></span></button>
<ul class="dropdown-menu" role="menu"
id="searchValue">
<li class="dropdown"><a href="#">All</a></li>
<li class="dropdown
dropdown-submenu"><a href="/category/view?id=49" data-item-
id="49">Unlimited Instant Videos</a>
Page 846 of 1637

CVSS Compliance
Score Status
<ul class="dropdown-
menu">
<li><a
href="/category/view?id=52" data-item-id="52">Shop Instant
Video</a>
<li><a
href="/category/view?id=51" data-item-id="51">Prime Instant
Video</a>
<li><a
href="/category/view?id=50" data-item-id="50">Amazon Instant
Video</a>
</ul>
</li>
<li class="dropdown dropdown-
submenu"><a href="/category/view?id=44" data-item-id="44">Test
Fire TV</a>
menu">
<li><a
href="/category/view?id=48" data-item-id="48">Test Fire TV</a>
<li><a
href="/category/view?id=47" data-item-id="47">Test Fire Game
Controller</a>
<li><a
Video</a>
<li><a
href="/category/view?id=45" data-item-id="45">Games for Fire
TV</a>
</ul>
</li>
submenu"><a href="/category/view?id=38" data-item-id="38">Sports
& Outdoors</a>
Page 847 of 1637

CVSS Compliance
Score Status
<li><a
href="/category/view?id=42" data-item-id="42">Golf</a>
<li><a
href="/category/view?id=41" data-item-id="41">Fan Shop</a>
<li><a
href="/category/view?id=40" data-item-id="40">Cycling</a>
<li><a
href="/category/view?id=39" data-item-id="39">Athletic & Outdoor
Clothing</a>
</ul>
</li>
submenu"><a href="/category/view?id=32" data-item-id="32">Home,
Garden & Tools</a>
menu">
<li><a
href="/category/view?id=37" data-item-id="37">Patio, Lawn &
Garden</a>
<li><a
href="/category/view?id=36" data-item-id="36">Kitchen & Dining</a>
<li><a
href="/category/view?id=35" data-item-id="35">Furniture &
Decor</a>
<li><a
href="/category/view?id=34" data-item-id="34">Bedding & Bath</a>
<li><a
href="/category/view?id=33" data-item-id="33">Appliances</a>
</ul>
</li>
submenu"><a href="/category/view?id=26" data-item-
id="26">Electronics & Computers</a>
Page 848 of 1637

CVSS Compliance
Score Status
<li><a
href="/category/view?id=31" data-item-id="31">Printers & Ink</a>
<li><a
href="/category/view?id=30" data-item-id="30">Musical
Instruments</a>
<li><a
href="/category/view?id=29" data-item-id="29">Cell Phones &
Accessories</a>
<li><a
href="/category/view?id=28" data-item-id="28">Car Electronics</a>
<li><a
href="/category/view?id=27" data-item-id="27">CAMERA, PHOTO &
VIDEO</a>
</ul>
</li>
id="20">Clothing, Shoes & Jewelry</a>
menu">
<li><a
href="/category/view?id=25" data-item-id="25">Women</a>
<li><a
href="/category/view?id=24" data-item-id="24">Men</a>
<li><a
href="/category/view?id=23" data-item-id="23">Girls</a>
<li><a
href="/category/view?id=22" data-item-id="22">Boys</a>
<li><a
href="/category/view?id=21" data-item-id="21">Baby</a>
</ul>
</li>
submenu"><a href="/category/view?id=14" data-item-id="14"
Page 849 of 1637

CVSS Compliance
Score Status
>Beauty, Health & Grocery</a>
menu">
<li><a
href="/category/view?id=19" data-item-id="19">Natural &
Organic</a>
<li><a
href="/category/view?id=18" data-item-id="18">Mens Grooming</a>
<li><a
href="/category/view?id=17" data-item-id="17">Luxury Beauty</a>
<li><a
href="/category/view?id=16" data-item-id="16">Health, Household &
Baby Care</a>
<li><a
href="/category/view?id=15" data-item-id="15">All beauty</a>
</ul>
</li>
id="8">Automotive & Industrial</a>
menu">
<li><a
href="/category/view?id=10" data-item-id="10">Automotive Tools &
Equipment</a>
<li><a
href="/category/view?id=9" data-item-id="9">Automotive Parts &
Accessories</a>
</ul>
</li>
submenu"><a href="/category/view?id=2" data-item-id="2">Arts,
Crafts & Sewing Coupons</a>
Page 850 of 1637

CVSS Compliance
Score Status
menu">
<li><a
href="/category/view?id=7" data-item-id="7">Sewing</a>
<li><a
href="/category/view?id=6" data-item-id="6">Scrapbooking</a>
<li><a
href="/category/view?id=5" data-item-id="5">Painting</a>
<li><a
href="/category/view?id=4" data-item-id="4">Jewelry-Making</a>
<li><a
href="/category/view?id=3" data-item-id="3">Craft Supplies</a>
</ul>
</li>
</ul>
</div>

<input type="text" class="form-control"
placeholder="Search products..." maxlength="100"
name="searchString" value="">
<span class="input-group-btn">
<button class="btn btn-default"
type="submit">Search!</button>
</span>
</div>

</div>
</form>
</div> </div>
</div>
</div>

</nav>
</header>
<div id="container">
Page 851 of 1637

CVSS Compliance
Score Status
<div class="row">
<div class="col-lg-12">
<h1 class="page-header">Error: 404 Invalid product id</h1>
<ol class="breadcrumb">
<li><a href="/">Home</a></li>
<li class="active">Error</li>
</ol>
</div>
</div>
<div class="row error-page">
<p>Please try to change your request.</p>
</div>
</div>
</div> </div>
<div class="container" >

<hr>
<footer>
<div class="row">
<p>Copyright © NTObjectives 2014</p>
</div>
</div>
</footer>
<script type="text/x-template" id="tplAlertContent">

<div class="text-center">
<a href="#" class="btn btn-primary js-yes">Yes</a>
<a href="#" class="btn btn-danger js-no">No</a>
</div>
Page 852 of 1637

CVSS Compliance
Score Status
</script> </div>
</body>
</html>
Remediation:

6 SQL Injection Vulnerability 7.5 High Fail URL: http://69.164.223.171/category/view?id=%27+RLIKE+%28SEL

ECT+%28CASE+WHEN+%2819%3D20%29+THEN+0x746578
7476616c7565+ELSE+0x28+END%29%29--+
Port: tcp/80

Page 853 of 1637

CVSS Compliance
Score Status
Service: http
Reference:
Evidence:
GET -
http://69.164.223.171/category/view?id=%27+RLIKE+%28SELECT+%2
8CASE+WHEN+%2819%3D20%29+THEN+0x7465787476616c7565+E
LSE+0x28+END%29%29--+ - id
False Injection: ' RLIKE (SELECT (CASE WHEN (19=20) THEN
0x7465787476616c7565 ELSE 0x28 END))--
True Injection: ' RLIKE (SELECT (CASE WHEN (19=19) THEN
0x7465787476616c7565 ELSE 0x28 END))--
True Request: GET
LSE+0x28+END%29%29--+ HTTP/1.1
Page 854 of 1637

CVSS Compliance
Score Status
True Response: HTTP/1.1 404 Not Found

Date: Tue, 06 Aug 2019 04:17:03 GMT
check=0
Pragma: no-cache
Status: 404 Not Found
Connection: close
Content-Type: text/html; charset=utf-8
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Hackazon — Error: 404 No such category</title>
<meta name="viewport" content="width=device-width, initial-

scale=1.0">
<meta name="description" content="">
<meta name="author" content="">


<link href="/css/bootstrap.css" rel="stylesheet">



<link href="/font-awesome/css/font-awesome.min.css"
rel="stylesheet">


<link href="/css/ekko-lightbox.css" rel="stylesheet">
<link href="/css/star-rating.min.css" rel="stylesheet">
<link href="/css/nivo-slider.css" rel="stylesheet">
<link href="/css/nivo-themes/bar/bar.css" rel="stylesheet">
<link href="/css/nivo-themes/light/light.css" rel="stylesheet">
<link href="/css/bootstrapValidator.css" rel="stylesheet">
<link href="/css/modern-business.css" rel="stylesheet">
<link href="/css/ladda-themeless.min.css" rel="stylesheet">


<link href="/css/subcategory.css" rel="stylesheet">
<link href="/css/site.css" rel="stylesheet">
<link href="/css/sidebar.css" rel="stylesheet">
var App = window.App || {};
App.config =
{"host":"http:\/\/69.164.223.171","user":{"id":"209","username":"CHSu
ser","first_name":"John","last_name":"Smith","user_phone":"408555123
4","email":"jsmith20@kelev.biz","created_on":"2019-08-05
21:24:27","photo":null,"photoUrl":null},"baseImgPath":"\/user_pictures\
/","dataType":"xml"};
</script>


<script src="/js/jquery-1.10.2.js"></script>
<script src="/js/json3.min.js"></script>
<script src="/js/jquery.dump.js"></script>
Page 856 of 1637

CVSS Compliance
Score Status
<script src="/js/jquery-migrate-1.2.1.js"></script>
<script src="/js/bootstrap.js"></script>
<script src="/js/modern-business.js"></script>
<script src="/js/bootstrapValidator.min.js"></script>
<script src="/js/jquery.validate.min.js"></script>
<script src="/js/spin.min.js"></script>
<script src="/js/moment.min.js"></script>
<script src="/js/jquery.modern-blink.js"></script>
<script src="/js/ladda.min.js"></script>
<script src="/js/ladda.jquery.min.js"></script>
<script src="/js/jquery.inputmask.js"></script>
<script src="/js/ekko-lightbox.js"></script>
<script src="/js/jquery.nivo.slider.pack.js"></script>
<script src="/js/respond.min.js"></script>
<script src="/js/star-rating.min.js"></script>
<script src="/js/bootstrap.file-input.js"></script>
<script src="/js/knockout-2.2.1.js"></script>
<script src="/js/knockout.localStorage.js"></script>
<script src="/js/koExternalTemplateEngine_all.min.js"></script>
<script src="/js/amf/services.js"></script>
<script src="/js/swfobject.js"></script>
<script src="/js/tools.js"></script>
<script src="/js/site.js"></script>
// For version detection, set to min. required Flash Player version,
or 0 (or 0.0.0), for no version detection.
var swfVersionStr = "11.1.0";
// To use express install, set to playerProductInstall.swf, otherwise
the empty string.
var xiSwfUrlStr = "/swf/playerProductInstall.swf";
var flashvars = {
Page 857 of 1637

CVSS Compliance
Score Status
host: "http://69.164.223.171"
};
var params = {};
params.quality = "high";
params.bgcolor = "#ffffff";
params.allowscriptaccess = "sameDomain";
params.allowfullscreen = "false";
var attributes = {};
attributes.id = "SliderBanner";
attributes.name = "SliderBanner";
attributes.align = "middle";
$(function () {
if ($('#flashBanner').length) {
setTimeout(function () {
swfobject.embedSWF(
"/swf/SliderBanner.swf", "flashBanner",
"360", "290",
swfVersionStr, xiSwfUrlStr,
flashvars, params, attributes);
// JavaScript enabled so display the flashContent div in
case it is not replaced with a swf object.
swfobject.createCSS("#flashBanner", "display:block;text-
align:left;");
}, 300);
}
});
</script>
</head>
<body class="">
<header class="hw-header">
<nav class="navbar hw-navbar navbar-fixed-top" role="navigation"
Page 858 of 1637

CVSS Compliance
Score Status
>
<div class="navbar-header">
<button type="button" class="navbar-toggle collapsed"
data-toggle="collapse" data-target="#hw-navbar">
<span class="sr-only">Toggle navigation</span>
</button>
<a class="navbar-brand hw-navbar-brand" href="/"><img src="
/images/Hackazon.png"></a>
</div>

<div class="collapse hw-navbar-collapse navbar-collapse
navbar-ex1-collapse" id="hw-navbar">
<ul class="nav navbar-nav navbar-right">
<li><a href="/faq">FAQ</a></li>
<li><a href="/contact">Contact Us</a></li>
<li class="
dropdown">
<a href="
/wishlist" class="dropdown-toggle" data-toggle="dropdown">Wish List
<b class="caret"></b></a>
<ul class="
dropdown-menu">
<li><a href="/wishlist/">Wish Lists</a></li>

</ul>
</li>
Page 859 of 1637

CVSS Compliance
Score Status
<a href="#" class="dropdown-toggle
hw-account-link" data-toggle="dropdown">Your account
<img
src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAB4AAAA
eCAIAAAHDVQljAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR
5ccllPAAAA7NJREFUeNpiXHHi/o/ffxnAgAnI+vvvv5mSMJDBBBT4/fcfRIZFg
ItNTYIXyLJTFwMIIMYFh+8wwABID1CDGB8HVA8Q3H/9BUgyXn/2/v9/EP/7
778AAQTSAzHdUVMcKHTu4bsvP/6A9EO0cLExQxi6MgJQgyHU119Qx118
9B7CYLz5/APQHAYMABBAKO6CAxaI95w0xf/8+8/CxLjv+kuE6X/BDvwDM
40JTS/E+VDRe6++AklmJkZGRpgoUF5WmBPIABoAMQSL44B2MmG6F6g
cIICgYQIXAioCBqOsMNev3/8uP/kAtAnFGGQOGwuTpYoIxHkMHAzAMH3x
8cetF58Q0YJi19//UEfjACiqf//79/vPP0SoMjK8+vQDp2pmRsYjt17D3fr47bf
3336huxvoM252Fn1ZQS52ZiAbHhoyQlxA7wKNuPv6y91XX0Bhe+v5hz/Y
IhcrAAgg7DGOFXCwMrMgBzbYZ4wqYjy8nKwP33wFehFfeIvwsuvICPwDO
0xbmh+YSPddf8GEFKZMyGlGXYLvH5IfgOb+/487vP8zoHv3P87YYWT4h
RQ1EKWMuFT///+fnZUZWQ7oKGDKwa4a6JvbLz4jJxNg7v+NahuK1mcfvr
MgBdm1px+ZUEMQPZ28/vITymZifPf1J840+AeUWpgFudjg2cJGTQwoiByI
LP/BEspiPMqiPMBcjCLHxOiqLfHt598Lj99/+wkqZBjP3n/Dy8GCP2EBvQ4M
g+vPPrFwsjETTINAC4HWaknxMTEQDYBGAgRotcpyGoaBaLxlaVrSQgCpS
CyH4Lochj8ugJBAiB9AVC2kVbpkdZ8TBFVSW61UK/KP7fF43jIhd/fPDQjbm
0AeqSqmcqqJ1OBmewBWTvUaR6mGA+869Ds2J9Udsqo4ZhjHZ7T8nqe
6KxCWG5K9vTkJOmJT1Ypo1Xzac4Z992WktM014beXDwXwBINblFIaEOC
U7upqm89BP1qkBbFMNV2k+d6hkaxv867DpT7rQlpXIcyQ6rbos05z1WL
1TABJkqyAanU8oAYYYeJv4zlnW44Cusf36OF1YiCYCQfGyCROslyS1puiZT
aaJYLtD+NvxUsZeAJZyxYSfU9cDLy8MGmNN84of2Qk7DrngXfUEYLSrT8a
uTKe3mXozxbZ13Q5jpO0kLSyj//QNXOPffsscMOuC92VpfVHZwOvsQSzH
Pg2PkQExdNcjuPVaLqCSrFKnj5+0LuKndvkLgPkAWvpwePW5oOwnCmxlt
ahB8KuAf+pyQJVxN7hAAAAAElFTkSuQmCC" id="loginusericon"
class="userpic small" class="header-user-photo"><b
class="caret"></b></a>
<ul class="dropdown-menu">
<li><a href="/account/orders">My orders</a></li>
<li><a href="/account#profile">My profile</a></li>
<li><a href="/account/documents">My
Page 860 of 1637

CVSS Compliance
Score Status
documents</a></li>
<li><a href="/account/help_articles">Help
Articles</a></li>
<li><a href="/helpdesk">Helpdesk</a></li>
</ul>
</li>
<li class="dropdown hw-login-item">
<a href="/user/logout" class="login-window">Logout</a>

</li>
<a class="dropdown-toggle js-cart-top-icon" data-
toggle="dropdown" href="#"><span class="glyphicon glyphicon-
shopping-cart"></span></a>
<ul class="dropdown-menu js-cart-top-list cart-top-list"
>
<li><a href="/product/view?id=101"><span class="
Diesel Men's Sleenker Skinny-Leg Jean 0608D
</small></a></li><li><a href="/product/view?id=1"><span class="
Martha Stewart Crafts Garland, Pink Pom Pom Small
Cricut Explore Electronic Cutting Machine with Cricut Design Space
Free Online Software
Molton Brown Indian Cress Purifying Shampoo, 10 fl. oz.
Page 861 of 1637

CVSS Compliance
Score Status
InterDesign Pail Waste Can, White
Chocolat
</span> <small class="pull-right label label-info">$ 6.29,-
</small></a></li> <li class="divider"></li>
<li><a href="/cart/view">Show all items in shopping
cart <i class="glyphicon glyphicon-chevron-right"></i></a></li>
</ul>
</li>
</ul>
</div>
<div class="row">
<div class="col-xs-12 col-md-12 col-lg-12">
<div class="row">
<form role="search" action="/search" method="get"
id="searchForm" >
<input type="hidden" name="id" value="" />
<div class="col-xs-12 col-md-12">
<div class="input-group" style="margin-bottom: 10px;">
<div class="input-group-btn">
<button type="button" class="btn btn-default dropdown-
toggle" data-toggle="dropdown" id="searchLabel">All <span
class="caret"></span></button>
<ul class="dropdown-menu" role="menu"
id="searchValue">
<li class="dropdown"><a href="#">All</a></li>
<li class="dropdown
dropdown-submenu"><a href="/category/view?id=49" data-item-
id="49">Unlimited Instant Videos</a>
Page 862 of 1637

CVSS Compliance
Score Status
menu">
<li><a
href="/category/view?id=52" data-item-id="52">Shop Instant
Video</a>
<li><a
Video</a>
<li><a
href="/category/view?id=50" data-item-id="50">Amazon Instant
Video</a>
</ul>
</li>
submenu"><a href="/category/view?id=44" data-item-id="44">Test
Fire TV</a>
menu">
<li><a
href="/category/view?id=48" data-item-id="48">Test Fire TV</a>
<li><a
href="/category/view?id=47" data-item-id="47">Test Fire Game
Controller</a>
<li><a
Video</a>
<li><a
href="/category/view?id=45" data-item-id="45">Games for Fire
TV</a>
</ul>
</li>
submenu"><a href="/category/view?id=38" data-item-id="38">Sports
& Outdoors</a>
Page 863 of 1637

CVSS Compliance
Score Status
<li><a
href="/category/view?id=42" data-item-id="42">Golf</a>
<li><a
href="/category/view?id=41" data-item-id="41">Fan Shop</a>
<li><a
href="/category/view?id=40" data-item-id="40">Cycling</a>
<li><a
href="/category/view?id=39" data-item-id="39">Athletic & Outdoor
Clothing</a>
</ul>
</li>
submenu"><a href="/category/view?id=32" data-item-id="32">Home,
Garden & Tools</a>
menu">
<li><a
href="/category/view?id=37" data-item-id="37">Patio, Lawn &
Garden</a>
<li><a
href="/category/view?id=36" data-item-id="36">Kitchen & Dining</a>
<li><a
href="/category/view?id=35" data-item-id="35">Furniture &
Decor</a>
<li><a
href="/category/view?id=34" data-item-id="34">Bedding & Bath</a>
<li><a
href="/category/view?id=33" data-item-id="33">Appliances</a>
</ul>
</li>
id="26">Electronics & Computers</a>
Page 864 of 1637

CVSS Compliance
Score Status
<li><a
href="/category/view?id=31" data-item-id="31">Printers & Ink</a>
<li><a
href="/category/view?id=30" data-item-id="30">Musical
Instruments</a>
<li><a
href="/category/view?id=29" data-item-id="29">Cell Phones &
Accessories</a>
<li><a
href="/category/view?id=28" data-item-id="28">Car Electronics</a>
<li><a
href="/category/view?id=27" data-item-id="27">CAMERA, PHOTO &
VIDEO</a>
</ul>
</li>
id="20">Clothing, Shoes & Jewelry</a>
menu">
<li><a
href="/category/view?id=25" data-item-id="25">Women</a>
<li><a
href="/category/view?id=24" data-item-id="24">Men</a>
<li><a
href="/category/view?id=23" data-item-id="23">Girls</a>
<li><a
href="/category/view?id=22" data-item-id="22">Boys</a>
<li><a
href="/category/view?id=21" data-item-id="21">Baby</a>
</ul>
</li>
submenu"><a href="/category/view?id=14" data-item-id="14"
Page 865 of 1637

CVSS Compliance
Score Status
>Beauty, Health & Grocery</a>
menu">
<li><a
href="/category/view?id=19" data-item-id="19">Natural &
Organic</a>
<li><a
href="/category/view?id=18" data-item-id="18">Mens Grooming</a>
<li><a
href="/category/view?id=17" data-item-id="17">Luxury Beauty</a>
<li><a
href="/category/view?id=16" data-item-id="16">Health, Household &
Baby Care</a>
<li><a
href="/category/view?id=15" data-item-id="15">All beauty</a>
</ul>
</li>
id="8">Automotive & Industrial</a>
menu">
<li><a
href="/category/view?id=10" data-item-id="10">Automotive Tools &
Equipment</a>
<li><a
href="/category/view?id=9" data-item-id="9">Automotive Parts &
Accessories</a>
</ul>
</li>
submenu"><a href="/category/view?id=2" data-item-id="2">Arts,
Crafts & Sewing Coupons</a>
Page 866 of 1637

CVSS Compliance
Score Status
menu">
<li><a
href="/category/view?id=7" data-item-id="7">Sewing</a>
<li><a
href="/category/view?id=6" data-item-id="6">Scrapbooking</a>
<li><a
href="/category/view?id=5" data-item-id="5">Painting</a>
<li><a
href="/category/view?id=4" data-item-id="4">Jewelry-Making</a>
<li><a
href="/category/view?id=3" data-item-id="3">Craft Supplies</a>
</ul>
</li>
</ul>
</div>

<input type="text" class="form-control"
placeholder="Search products..." maxlength="100"
name="searchString" value="">
<span class="input-group-btn">
<button class="btn btn-default"
type="submit">Search!</button>
</span>
</div>

</div>
</form>
</div> </div>
</div>
</div>

</nav>
</header>
<div id="container">
Page 867 of 1637

CVSS Compliance
Score Status
<div class="row">
<h1 class="page-header">Error: 404 No such category</h1>
<ol class="breadcrumb">
<li><a href="/">Home</a></li>
<li class="active">Error</li>
</ol>
</div>
</div>
<div class="row error-page">
<p>Please try to change your request.</p>
</div>
</div>
</div> </div>
<div class="container" >

<hr>
<footer>
<div class="row">
<p>Copyright © NTObjectives 2014</p>
</div>
</div>
</footer>
<script type="text/x-template" id="tplAlertContent">

<div class="text-center">
<a href="#" class="btn btn-primary js-yes">Yes</a>
<a href="#" class="btn btn-danger js-no">No</a>
</div>
Page 868 of 1637

CVSS Compliance
Score Status
</script> </div>
</body>
</html>
False Request: GET
LSE+0x28+END%29%29--+ HTTP/1.1
False Response: HTTP/1.1 503 Service Temporarily Unavailable

Date: Tue, 06 Aug 2019 04:17:03 GMT
check=0
Pragma: no-cache
Status: 503 Service Temporarily Unavailable
Content-Length: 35
Connection: close
Content-Type: text/html
503 Service Temporarily Unavailable
Remediation:
Page 869 of 1637

CVSS Compliance
Score Status

7 CVE-2017-9788 Apache HTTP Server 7.5 High Fail URL: http://hackazon.webscantest.com/

CVE-2017-7679 Multiple Vulnerabilities Port: tcp/80
CVE-2017-7668 2.2.x Through 2.2.34 and
CVE-2017-3169 2.4.x prior to 2.4.26 Apache HTTP Server suffers from multiple vulnerabilities in 2.2.x
CVE-2017-3167 through 2.2.34 and 2.4.x prior to 2.4.26. These vulnerabilities are listed
below.
CVE-2017-3167 - A vulnerability exists in the ap_get_basic_auth_pw()

function of Apache HTTP Serverwhere if it used in a third party
extension outside of the authentication phase authentication
requirements can be bypassed.
CVE-2017-3169 - The mod_ssl module in Apache HTTP Server may

dereference a null pointer when ap_hook_process_connection() is called
by third party modules.
CVE-2017-7668 - The ap_find_token() function in Apache HTTP Server is

vulnerable to segmentation faults and other effects from crafted
malicious input.
CVE-2017-7679 - mod_mime can read one byte past its' buffer when
used in a malicious Content-Type response header.
Page 870 of 1637

CVSS Compliance
Score Status
CVE-2017-9788 - The [Proxy-]Authorization headers in Apache HTTP
Server can potentially leak information or experience a segmentation
fault causing a denial

Ceh PDF

Transféré par

Informations du document

Titre original

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

Ceh PDF

Transféré par

Droits d'auteur :

Formats disponibles

Report Date: 2019-08-06

Attestation of Scan Compliance

Telephone: E-mail: jsintbroles08052019@tw.com Telephone: 1-800-363-1621 E-mail: support@trustwave.com

ZIP/Postal Code: Country: ZIP/Postal Code: 60602.0 Country: US

A.3 Scan Status

A.4 Scan Customer Attestation Test A.5 ASV Attestation

Vulnerability Scan Report: Table of Contents

Attestation of Scan Compliance 1

Part 1. Scan Information 1

Part 2. Component Compliance Summary 1

Part 3a. Vulnerabilities Noted for Each Component 1

ASV Scan Report Summary 4

Part 3b. Special Notes by Component 28

Part 3c. Special Notes - Full Text 29

Part 4a. Scope Submitted by Scan Customer for Discovery 30

Part 4b. Scan Customer Designated "In-Scope" Components (Scanned) 31

Part 4c. Scan Customer Designated "Out-of-Scope" Components (Not Scanned) 31

ASV Scan Report Vulnerability Details 34

Part 1. Scan Information 34

Part 2. Vulnerability Details 34

agent-av-mirror-inc.tw-test.net (MV PCI1) 34

crackme.cenzic.com (MV PCI2) 35

crackme.trustwave.com (MV PCI3) 40

crackmebank.campbell.devlab (MV PCI4) 44

demo.testfire.net (Jen's PCI Test) 46

google-gruyere.appspot.com (MV PCI6) 812

Vulnerability Scan Report: Table of Contents

hackazon.webscantest.com (MV PCI7) 826

hackxor.sourceforge.net (MV PCI7) 1584

ioc-signatures-inc.tw-test.net (MV PCI8) 1605

jarlsberg.appspot.com (MV PCI9) 1606

pentesteracademylab.appspot.com (MV PCI10) 1621

port-app-dv1-01.tw-test.net (MV PCI11) 1634

port-app-dv1-02.tw-test.net (MV PCI12) 1635

port-app-dv2-02.tw-test.net (MV PCI13) 1636

ASV Scan Report Summary

Part 1. Scan Information

Part 2. Component Compliance Summary

Component (IP Address, domain, etc): agent-av-mirror-inc.tw-test.net (MV PCI1) Pass

Part 3a. Vulnerabilities Noted for Each Component

ASV Scan Report Summary

Note to scan customer:

Consolidated Solution/Correction Plan for the above Component:

Note to scan customer:

Note to scan customer:

Note to scan customer:

6 crackme.cenzic.co NTP Service Not Synchronized Info 0.0 Pass

7 crackme.cenzic.co Unknown services found Info 0.0 Pass

ASV Scan Report Summary

Consolidated Solution/Correction Plan for the above Component:

Note to scan customer:

10 crackme.trustwav NTP Service Not Synchronized Info 0.0 Out of Scope

12 crackme.trustwav Unknown services found Info 0.0 Out of Scope

Note to scan customer:

ASV Scan Report Summary

Note to scan customer:

Note to scan customer:

Consolidated Solution/Correction Plan for the above Component:

Note to scan customer:

Consolidated Solution/Correction Plan for the above Component:

Note to scan customer:

Note to scan customer:

ASV Scan Report Summary