- ***** SSL support not available (see docs for SSL install instructions) ***** --------------------------------------------------------------------------- - Nikto 2.02/2.03 - cirt.net + Target IP: 192.168.1.45 + Target Hostname: 192.168.1.45 + Target Port: 8080 + Start Time: 2008-02-29 1:12:01 --------------------------------------------------------------------------- + Server: Apache-Coyote/1.1 - Allowed HTTP Methods: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS + OSVDB-397: HTTP method ('Allow' Header): 'PUT' method could allow clients to save files on the web server. + OSVDB-5646: HTTP method ('Allow' Header): 'DELETE' may allow clients to remove files on the web server. + OSVDB-877: HTTP method ('Allow' Header): 'TRACE' is typically only used for debugging and should be disabled. This message does not mean it is vulnerable to XST. + OSVDB-0: GET // : Appears to be a default Apache Tomcat install. + OSVDB-3233: GET //admin/ : Tomcat is installed, however the administration package does not appear to be. + OSVDB-3092: GET //admin/ : This might be interesting... + OSVDB-3268: GET //docs/ : Directory indexing is enabled: /docs + OSVDB-6659: GET //9vfYL4IzXp4dPMLFiQ61AxoHnUH8H4o4ooKwyD2WGUZe6s2t6ZebbxnnHEv9NzilCOvr90krdHRn6DilsRbL2fpPV3vzmCIzwYksQSG2a2rZPAo944WDKfhNjVnV9Gul1LqGnJZjpqQooiJwcgZnNBgOvmrItusFWqKxLEFkH2UDXKwUig6WbWIdMiV31mUtZeJzwVDZ7jSsSn8iFlWJQZgMbkGQQLm<font%20size=50>DEFACED<!--//-- : MyWebServer 1.0.2 is vulnerable to HTML injection. Upgrade to a later version. + 2967 items checked: 9 item(s) reported on remote host + End Time: 2008-02-29 1:13:01 (31 seconds) --------------------------------------------------------------------------- + 1 host(s) tested