The following website designed by batchman is very vulnerable and yet i think its funny because he was telling us about how ezy it is on websites and batches and stuff like that anyways the following are venerabilities found on your site Apache mod_rewrite Apache mod_rewrite is prone to an off-by-one buffer-overflow condition. The vulnerability arising in the mod_rewrite module's ldap scheme handling allows for potential memory corruption when an attacker exploits certain rewrite rules. Affected Apache versions: Apache 1.3.28 - 1.3.36 with mod_rewrite Apache 2.2.0 - 2.2.2 with mod_rewrite Apache 2.0.46 - 2.0.58 with mod_rewrite This vulnerability affects Web Server. What can the attacker do? = An attacker may exploit this issue to trigger a denial-of-service condition. Reportedly, arbitrary code execution may also be possible how to fix it? = Upgrade Apache to the latest version. PHP multiple vulnerabilities Multiple vulnerabilities have been reported in PHP, which can be exploited to gain escalated privileges, bypass certain security restrictions, gain knowledge of sensitive information, or compromise a vulnerable system. Affected PHP versions (up to 4.3.9/5.0.2). This vulnerability affects PHP. The impact of this vulnerability Possible local and remote execution of arbitrary code. Attack details Current version is PHP/4.3.9 How to fix this vulnerability? = Upgrade PHP to the latest version. PHP Zend_Hash_Del_Key_Or_Index vulnerability Stefan Esser had discovered a weakness within the depths of the implementation of hashtables in the Zend Engine. This vulnerability affects a large number of PHP applications. It creates large new holes in many popular PHP applications. Additonally many old holes that were disclosed in the past were only fixed by using the unset() statement. Many of these holes are still open if the already existing exploits are changed by adding the correct numerical keys to survive the unset(). For a detailed explanation of the vulnerability read the referenced article. Affected PHP versions (up to 4.4.2/5.1.3). This vulnerability affects PHP. The impact of this vulnerability Possible code execution, SQL injection, ... Attack details Current version is PHP/4.3.9 How to fix this vulnerability? = Upgrade PHP to the latest version. PHP HTML Entity Encoder Heap Overflow Stefan Esser reported some vulnerabilities in PHP, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.The vulnerabilities are caused due to boundary errors within the "htmlentities()" and "htmlspecialchars()" functions. If a PHP application uses these functions to process user-supplied input, this can be exploited to cause a heap-based buffer overflow by passing specially crafted data to the affected application. Successful exploitation may allow execution of arbitrary code, but requires that the UTF-8 character set is selected. For a detailed explanation of the vulnerability read the referenced article. Vendor has released PHP 5.2.0 which fixes this issue. Affected PHP versions (up to 4.4.4/5.1.6). This vulnerability affects PHP. The impact of this vulnerability? Denial of service, remote code execution. Attack details Current version is PHP/4.3.9 How to fix this vulnerability? = Upgrade PHP to the latest version. Apache 2.x version older than 2.0.55 Multiple vulnerabilities have been found in this version of Apache. You should upgrade to the latest version of Apache. Affected Apache versions (up to 2.0.55). This vulnerability affects Web Server. The impact of this vulnerability Multiple. Check references for details about every vulnerability. Attack details Current version is Apache/2.0.52 How to fix this vulnerability? = Upgrade Apache 2.x to the latest version TRACE Method Enabled HTTP TRACE method is enabled on this web server. In the presence of other cross-domain vulnerabilities in web browsers, sensitive header information could be read from any domains that support the HTTP TRACE method. This vulnerability affects Web Server. The impact of this vulnerability Attackers may abuse HTTP TRACE functionality to gain access to information in HTTP headers such as cookies and authentication data. How to fix this vulnerability? = Disable TRACE Method on the web server. TRACK Method Enabled HTTP TRACK method is enabled on this web server. In the presence of other cross-domain vulnerabilities in web browsers, sensitive header information could be read from any domains that support the HTTP TRACK method. Additionally, IIS 5 does not log requests made with TRACK method. This vulnerability affects Web Server. The impact of this vulnerability? Attackers may abuse HTTP TRACK functionality to gain access to information in HTTP headers such as cookies and authentication data. How to fix this vulnerability? = Disable TRACK Method on the web server. CVS files found CVS (Concurrent Versions System) files have been found on this directory. The CVS directory is a special directory. CVS/Entries lists files and subdirectories registered into the server. CVS/Repository contains the path to the corresponding directory in the repository. CVS/Root contains the path to the repository. This vulnerability affects /CVS/Repository. The impact of this vulnerability These files may expose sensitive information that may help an malicious user to prepare more advanced attacks. Remove the files from production systems. WoW that is a lot of errors maybe you should fix those eh?
