Hi unSpawn,
The below which is part of my report I have. Can you please have a look? Thank You.....
-***** SSL support not available (see docs for SSL install instructions) *****
---------------------------------------------------------------------------
- Nikto 1.35/1.34 -
www.cirt.net
+ Target IP:
+ Target Hostname:
+ Target Port: 80
+ Start Time: Thu Aug 10 00:53:52 2006
---------------------------------------------------------------------------
- Scan is dependent on "Server" string which can be faked, use -g to override
+ Server ID string not sent
+ Server does not respond with '404' for error messages (uses '403').
+ This may increase false-positives.
+ All CGI directories 'found', use '-C none' to test none
+ /conspass.chl+ - Abyss allows hidden/protected files to be served if a + is added to the request. (GET)
+ /consport.chl+ - Abyss allows hidden/protected files to be served if a + is added to the request. (GET)
+ /general.chl+ - Abyss allows hidden/protected files to be served if a + is added to the request. (GET)
+ /srvstatus.chl+ - Abyss allows hidden/protected files to be served if a + is added to the request. (GET)
+ /.DS_Store - Apache on Mac OSX will serve the .DS_Store file, which contains sensitive information. Configure Apache to ignore this file or upgrade to a newer version. (GET)
+ /.FBCIndex - This file son OSX contains the source of the files in the directory.
http://www.securiteam.com/securitynews/5LP0O005FS.html (GET)
+ /docs/ - May give list of installed software (GET)
+ /examples/servlet/AUX - Apache Tomcat versions below 4.1 may be vulnerable to DoS by repeatedly requesting this file. (GET)
+ /icons/ - Directory indexing is enabled, it should only be enabled for specific directories (if required). If indexing is not used all, the /icons directory should be removed. (GET)
+ /index.html.ca - Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. (GET)
+ /index.html.cz.iso8859-2 - Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. (GET)
+ /index.html.de - Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. (GET)
+ /index.html.dk - Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. (GET)
+ /index.html.ee - Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. (GET)
+ /index.html.el - Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. (GET)
+ /index.html.en - Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. (GET)
+ /index.html.es - Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. (GET)
+ /index.html.et - Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. (GET)
+ /index.html.fr - Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. (GET)
+ /index.html.he.iso8859-8 - Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. (GET)
+ /index.html.hr.iso8859-2 - Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. (GET)
+ Over 20 "OK" messages, this may be a by-product of the
+ server answering all requests with a "200 OK" message. You should
+ manually verify your results.
+ /index.html.it - Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. (GET)
+ /index.html.ja.iso2022-jp - Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. (GET)
+ /index.html.kr.iso2022-kr - Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. (GET)
+ /index.html.ltz.utf8 - Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. (GET)
+ /index.html.lu.utf8 - Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. (GET)
. (GET)
+ /supporter/index.php - This might be interesting... has been seen in web logs from an unknown scanner. (GET)
+ /supporter/tupdate.php - This might be interesting... has been seen in web logs from an unknown scanner. (GET)
+ /sw000.asp?|-|0|404_Object_Not_Found - This might be interesting... has been seen in web logs from an unknown scanner. (GET)
+ /syslog.htm?%20 - This might be interesting... has been seen in web logs from an unknown scanner. (GET)
+ /technote/print.cgi - This might be interesting... has been seen in web logs from an unknown scanner. (GET)
+ /texis/websearch/phine - This might be interesting... has been seen in web logs from an unknown scanner. (GET)
+ /tinymsg.php - This might be interesting... has been seen in web logs from an unknown scanner. (GET)
+ /topic/entete.php - This might be interesting... has been seen in web logs from an unknown scanner. (GET)
+ /topsitesdir/edit.php - This might be interesting... has been seen in web logs from an unknown scanner. (GET)
+ /ttforum/index.php - This might be interesting... has been seen in web logs from an unknown scanner. (GET)
+ /tutos/file/file_new.php - This might be interesting... has been seen in web logs from an unknown scanner. (GET)
+ /tutos/file/file_select.php - This might be interesting... has been seen in web logs from an unknown scanner. (GET)
+ /typo3/typo3/dev/translations.php - This might be interesting... has been seen in web logs from an unknown scanner. (GET)
+ /uifc/MultFileUploadHandler.php+ - This might be interesting... has been seen in web logs from an unknown scanner. (GET)
+ /upload.cgi+ - This might be interesting... has been seen in web logs from an unknown scanner. (GET)
+ /url.jsp - This might be interesting... has been seen in web logs from an unknown scanner. (GET)
+ /useraction.php3 - This might be interesting... has been seen in web logs from an unknown scanner. (GET)
+ /utils/sprc.asp+ - This might be interesting... has been seen in web logs from an unknown scanner. (GET)
+ /vars.inc+ - This might be interesting... has been seen in web logs from an unknown scanner. (GET)
+ /VBZooM/add-subject.php - This might be interesting... has been seen in web logs from an unknown scanner. (GET)
+ /wbboard/profile.php - This might be interesting... has been seen in web logs from an unknown scanner. (GET)
+ /wbboard/reply.php - This might be interesting... has been seen in web logs from an unknown scanner. (GET)
+ /webcalendar/login.php - This might be interesting... has been seen in web logs from an unknown scanner. (GET)
+ /webcalendar/view_m.php - This might be interesting... has been seen in web logs from an unknown scanner. (GET)
+ /webmail/lib/emailreader_execute_on_each_page.inc.php - This might be interesting... has been seen in web logs from an unknown scanner. (GET)
+ /webmail/src/read_body.php - This might be interesting... has been seen in web logs from an unknown scanner. (GET)
+ /web_app/WEB-INF/jrun-web.xml - This might be interesting... has been seen in web logs from an unknown scanner. (GET)
+ /web_app/WEB-INF/webapp.properties - This might be interesting... has been seen in web logs from an unknown scanner. (GET)
+ /XMBforum/buddy.php - This might be interesting... has been seen in web logs from an unknown scanner. (GET)
+ /XMBforum/member.php - This might be interesting... has been seen in web logs from an unknown scanner. (GET)
+ /x_stat_admin.php - This might be interesting... has been seen in web logs from an unknown scanner. (GET)
+ /yabbse/Reminder.php - This might be interesting... has been seen in web logs from an unknown scanner. (GET)
+ /yabbse/Sources/Packages.php - This might be interesting... has been seen in web logs from an unknown scanner. (GET)
+ /zentrack/index.php - This might be interesting... has been seen in web logs from an unknown scanner. (GET)
+ /_head.php - This might be interesting... has been seen in web logs from an unknown scanner. (GET)
+ Over 20 "OK" messages, this may be a by-product of the
+ server answering all requests with a "200 OK" message. You should
+ manually verify your results.
+ 3311 items checked - 1496 item(s) found on remote host(s)
+ End Time: Thu Aug 10 04:57:36 2006 (14624 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested