Request History

4 previous requests available

• Restore to current request
• jvninfos/view/48059
• jvninfos/view/68214
• jvninfos/view/68515
• jvninfos/view/15389

Session

• 0(null)

Request

Cake Params

• plugin(null)
• controllerjvninfos
• actionview
• named(empty)
• pass(array)
  • 020620

Post data

No post data.

Query string

No querystring data.

Cookie

To view Cookies, add CookieComponent to Controller

Current Route

• keys(array)
  • 0controller
  • 1action
• options(array)
  • defaultRoute(true)
• defaults(array)
  • plugin(null)
• template/:controller/:action/*

Sql Logs

Logs

View Variables

• jvninfo(array)
  • Jvninfo(array)
    • id20620
    • nameJVNDB-2013-002195
    • titlecronie におけるファイル記述子が漏えいする脆弱性
    • summarycronie には、特定の環境で実行する場合、ファイル記述子が漏えいする脆弱性が存在します。
    • cveinfo_nameCVE-2012-6097
    • cveinfo_id59335
    • nvdinfo_nameCVE-2012-6097
    • nvdinfo_id47045
    • cvssv24.3
    • cvssv3(null)
    • jvnurlhttp://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-002195.html
    • published_date2013-01-09
    • registered_date2013-04-11
    • last_updated_date2013-04-11
    • deleted(null)
    • created0000-00-00 00:00:00
    • modified(null)
  • Cveinfo(array)
    • id59335
    • nameCVE-2012-6092
    • statusCandidate
    • descriptionMultiple cross-site scripting (XSS) vulnerabilities in the web demos in Apache ActiveMQ before 5.8.0 allow remote attackers to inject arbitrary web script or HTML via (1) the refresh parameter to PortfolioPublishServlet.java (aka demo/portfolioPublish or Market Data Publisher), or vectors involving (2) debug logs or (3) subscribe messages in webapp/websocket/chat.js. NOTE: AMQ-4124 is covered by CVE-2012-6551.
    • phaseAssigned (20121206)
    • votesNone (candidate not yet proposed)
    • comments(null)
    • deleted(null)
    • created0000-00-00 00:00:00
    • modified0000-00-00 00:00:00
  • Nvdinfo(array)
    • id47045
    • nameCVE-2012-6097
    • descriptionFile descriptor leak in cronie 1.4.8, when running in certain environments, might allow local users to read restricted files, as demonstrated by reading /etc/crontab.
    • reject(null)
    • CVSS_version2
    • CVSS_score4.3
    • severityMedium
    • CVSS_base_score4.3
    • CVSS_impact_subscore2.9
    • CVSS_exploit_subscore8.6
    • nvd_xml_version(null)
    • CVSS_vector(AV:N/AC:M/Au:N/C:P/I:N/A:N)
    • sourcecve
    • pub_date2017-01-19
    • published2013-04-09
    • modified_date2013-04-10
    • typeCVE
    • seq2012-6097
    • deleted(null)
    • created(null)
    • modified(null)
  • Nessuslog(array)
    • 0(array)
      • id7522
      • Log_IDH28-MOJ-Online-Nara-16-seg-1-20161126-soga_ubl064.csv
      • jvninfo_id20620
      • Plugin_ID92949
      • CVECVE-2016-5330
      • CVSS9.3
      • RiskHigh
      • Host172.27.137.67
      • Protocoltcp
      • Port0
      • NameESXi 5.0 < Build 3982828 / 5.1 < Build 3872664 / 5.5 < Build 4179633 / 6.0 < Build 3620759 Multiple Vulnerabilities (VMSA-2016-0010) (remote check)
      • SynopsisThe remote VMware ESXi host is affected by multiple vulnerabilities.
      • DescriptionThe remote VMware ESXi host is 5.0 prior to build 3982828, 5.1 prior to build 3872664, 5.5 prior to build 4179633, or 6.0 prior to build 3620759. It is, therefore, affected by multiple vulnerabilities : - An arbitrary code execution vulnerability exists in the Shared Folders (HGFS) feature due to improper loading of Dynamic-link library (DLL) files from insecure paths, including the current working directory, which may not be under user control. A remote attacker can exploit this vulnerability, by placing a malicious DLL in the path or by convincing a user into opening a file on a network share, to inject and execute arbitrary code in the context of the current user. (CVE-2016-5330) - An HTTP header injection vulnerability exists due to improper sanitization of user-supplied input. A remote attacker can exploit this to inject arbitrary HTTP headers and conduct HTTP response splitting attacks. (CVE-2016-5331)
      • SolutionApply the appropriate patch as referenced in the vendor advisory. Note that VMware Tools on Windows-based guests that use the Shared Folders (HGFS) feature must also be updated to completely mitigate CVE-2016-5330.
      • See_Alsohttp://www.vmware.com/security/advisories/VMSA-2016-0010.html http://kb.vmware.com/kb/2142193 http://kb.vmware.com/kb/2143976 http://kb.vmware.com/kb/2141429 http://kb.vmware.com/kb/2144359
      • Plugin_OutputESXi version : 5.5 Installed build : 2403361 Fixed build : 4179633 / 4179631 (security-only fix)
      • deleted(null)
      • created(null)
      • modified(null)
    • 1(array)
      • id17379
      • Log_IDH28-MOJ-Teikyo-Nara-16-Seg-1-20161128-Endo_cwc04s.csv
      • jvninfo_id20620
      • Plugin_ID92949
      • CVECVE-2016-5330
      • CVSS9.3
      • RiskHigh
      • Host172.30.200.20
      • Protocoltcp
      • Port0
      • NameESXi 5.0 < Build 3982828 / 5.1 < Build 3872664 / 5.5 < Build 4179633 / 6.0 < Build 3620759 Multiple Vulnerabilities (VMSA-2016-0010) (remote check)
      • SynopsisThe remote VMware ESXi host is affected by multiple vulnerabilities.
      • DescriptionThe remote VMware ESXi host is 5.0 prior to build 3982828, 5.1 prior to build 3872664, 5.5 prior to build 4179633, or 6.0 prior to build 3620759. It is, therefore, affected by multiple vulnerabilities : - An arbitrary code execution vulnerability exists in the Shared Folders (HGFS) feature due to improper loading of Dynamic-link library (DLL) files from insecure paths, including the current working directory, which may not be under user control. A remote attacker can exploit this vulnerability, by placing a malicious DLL in the path or by convincing a user into opening a file on a network share, to inject and execute arbitrary code in the context of the current user. (CVE-2016-5330) - An HTTP header injection vulnerability exists due to improper sanitization of user-supplied input. A remote attacker can exploit this to inject arbitrary HTTP headers and conduct HTTP response splitting attacks. (CVE-2016-5331)
      • SolutionApply the appropriate patch as referenced in the vendor advisory. Note that VMware Tools on Windows-based guests that use the Shared Folders (HGFS) feature must also be updated to completely mitigate CVE-2016-5330.
      • See_Alsohttp://www.vmware.com/security/advisories/VMSA-2016-0010.html http://kb.vmware.com/kb/2142193 http://kb.vmware.com/kb/2143976 http://kb.vmware.com/kb/2141429 http://kb.vmware.com/kb/2144359
      • Plugin_OutputESXi version : 6.0 Installed build : 3568940 Fixed build : 3620759 / 3568943 (security-only fix)
      • deleted(null)
      • created(null)
      • modified(null)
    • 2(array)
      • id17424
      • Log_IDH28-MOJ-Teikyo-Nara-16-Seg-1-20161128-Endo_cwc04s.csv
      • jvninfo_id20620
      • Plugin_ID92949
      • CVECVE-2016-5330
      • CVSS9.3
      • RiskHigh
      • Host172.30.200.22
      • Protocoltcp
      • Port0
      • NameESXi 5.0 < Build 3982828 / 5.1 < Build 3872664 / 5.5 < Build 4179633 / 6.0 < Build 3620759 Multiple Vulnerabilities (VMSA-2016-0010) (remote check)
      • SynopsisThe remote VMware ESXi host is affected by multiple vulnerabilities.
      • DescriptionThe remote VMware ESXi host is 5.0 prior to build 3982828, 5.1 prior to build 3872664, 5.5 prior to build 4179633, or 6.0 prior to build 3620759. It is, therefore, affected by multiple vulnerabilities : - An arbitrary code execution vulnerability exists in the Shared Folders (HGFS) feature due to improper loading of Dynamic-link library (DLL) files from insecure paths, including the current working directory, which may not be under user control. A remote attacker can exploit this vulnerability, by placing a malicious DLL in the path or by convincing a user into opening a file on a network share, to inject and execute arbitrary code in the context of the current user. (CVE-2016-5330) - An HTTP header injection vulnerability exists due to improper sanitization of user-supplied input. A remote attacker can exploit this to inject arbitrary HTTP headers and conduct HTTP response splitting attacks. (CVE-2016-5331)
      • SolutionApply the appropriate patch as referenced in the vendor advisory. Note that VMware Tools on Windows-based guests that use the Shared Folders (HGFS) feature must also be updated to completely mitigate CVE-2016-5330.
      • See_Alsohttp://www.vmware.com/security/advisories/VMSA-2016-0010.html http://kb.vmware.com/kb/2142193 http://kb.vmware.com/kb/2143976 http://kb.vmware.com/kb/2141429 http://kb.vmware.com/kb/2144359
      • Plugin_OutputESXi version : 6.0 Installed build : 3568940 Fixed build : 3620759 / 3568943 (security-only fix)
      • deleted(null)
      • created(null)
      • modified(null)
    • 3(array)
      • id17477
      • Log_IDH28-MOJ-Teikyo-Nara-16-Seg-2-20161128-Endo_a4yi4b.csv
      • jvninfo_id20620
      • Plugin_ID92949
      • CVECVE-2016-5330
      • CVSS9.3
      • RiskHigh
      • Host172.30.200.21
      • Protocoltcp
      • Port0
      • NameESXi 5.0 < Build 3982828 / 5.1 < Build 3872664 / 5.5 < Build 4179633 / 6.0 < Build 3620759 Multiple Vulnerabilities (VMSA-2016-0010) (remote check)
      • SynopsisThe remote VMware ESXi host is affected by multiple vulnerabilities.
      • DescriptionThe remote VMware ESXi host is 5.0 prior to build 3982828, 5.1 prior to build 3872664, 5.5 prior to build 4179633, or 6.0 prior to build 3620759. It is, therefore, affected by multiple vulnerabilities : - An arbitrary code execution vulnerability exists in the Shared Folders (HGFS) feature due to improper loading of Dynamic-link library (DLL) files from insecure paths, including the current working directory, which may not be under user control. A remote attacker can exploit this vulnerability, by placing a malicious DLL in the path or by convincing a user into opening a file on a network share, to inject and execute arbitrary code in the context of the current user. (CVE-2016-5330) - An HTTP header injection vulnerability exists due to improper sanitization of user-supplied input. A remote attacker can exploit this to inject arbitrary HTTP headers and conduct HTTP response splitting attacks. (CVE-2016-5331)
      • SolutionApply the appropriate patch as referenced in the vendor advisory. Note that VMware Tools on Windows-based guests that use the Shared Folders (HGFS) feature must also be updated to completely mitigate CVE-2016-5330.
      • See_Alsohttp://www.vmware.com/security/advisories/VMSA-2016-0010.html http://kb.vmware.com/kb/2142193 http://kb.vmware.com/kb/2143976 http://kb.vmware.com/kb/2141429 http://kb.vmware.com/kb/2144359
      • Plugin_OutputESXi version : 6.0 Installed build : 3568940 Fixed build : 3620759 / 3568943 (security-only fix)
      • deleted(null)
      • created(null)
      • modified(null)
    • 4(array)
      • id18031
      • Log_IDH28-MOJ-Teikyo-Nara-17-seg-1-20161128-w510.csv
      • jvninfo_id20620
      • Plugin_ID92949
      • CVECVE-2016-5330
      • CVSS9.3
      • RiskHigh
      • Host172.30.201.20
      • Protocoltcp
      • Port0
      • NameESXi 5.0 < Build 3982828 / 5.1 < Build 3872664 / 5.5 < Build 4179633 / 6.0 < Build 3620759 Multiple Vulnerabilities (VMSA-2016-0010) (remote check)
      • SynopsisThe remote VMware ESXi host is affected by multiple vulnerabilities.
      • DescriptionThe remote VMware ESXi host is 5.0 prior to build 3982828, 5.1 prior to build 3872664, 5.5 prior to build 4179633, or 6.0 prior to build 3620759. It is, therefore, affected by multiple vulnerabilities : - An arbitrary code execution vulnerability exists in the Shared Folders (HGFS) feature due to improper loading of Dynamic-link library (DLL) files from insecure paths, including the current working directory, which may not be under user control. A remote attacker can exploit this vulnerability, by placing a malicious DLL in the path or by convincing a user into opening a file on a network share, to inject and execute arbitrary code in the context of the current user. (CVE-2016-5330) - An HTTP header injection vulnerability exists due to improper sanitization of user-supplied input. A remote attacker can exploit this to inject arbitrary HTTP headers and conduct HTTP response splitting attacks. (CVE-2016-5331)
      • SolutionApply the appropriate patch as referenced in the vendor advisory. Note that VMware Tools on Windows-based guests that use the Shared Folders (HGFS) feature must also be updated to completely mitigate CVE-2016-5330.
      • See_Alsohttp://www.vmware.com/security/advisories/VMSA-2016-0010.html http://kb.vmware.com/kb/2142193 http://kb.vmware.com/kb/2143976 http://kb.vmware.com/kb/2141429 http://kb.vmware.com/kb/2144359
      • Plugin_OutputESXi version : 6.0 Installed build : 3568940 Fixed build : 3620759 / 3568943 (security-only fix)
      • deleted(null)
      • created(null)
      • modified(null)
    • 5(array)
      • id18194
      • Log_IDH28-MOJ-Teikyo-Nara-17-seg-1-20161128-w510.csv
      • jvninfo_id20620
      • Plugin_ID92949
      • CVECVE-2016-5330
      • CVSS9.3
      • RiskHigh
      • Host172.30.201.21
      • Protocoltcp
      • Port0
      • NameESXi 5.0 < Build 3982828 / 5.1 < Build 3872664 / 5.5 < Build 4179633 / 6.0 < Build 3620759 Multiple Vulnerabilities (VMSA-2016-0010) (remote check)
      • SynopsisThe remote VMware ESXi host is affected by multiple vulnerabilities.
      • DescriptionThe remote VMware ESXi host is 5.0 prior to build 3982828, 5.1 prior to build 3872664, 5.5 prior to build 4179633, or 6.0 prior to build 3620759. It is, therefore, affected by multiple vulnerabilities : - An arbitrary code execution vulnerability exists in the Shared Folders (HGFS) feature due to improper loading of Dynamic-link library (DLL) files from insecure paths, including the current working directory, which may not be under user control. A remote attacker can exploit this vulnerability, by placing a malicious DLL in the path or by convincing a user into opening a file on a network share, to inject and execute arbitrary code in the context of the current user. (CVE-2016-5330) - An HTTP header injection vulnerability exists due to improper sanitization of user-supplied input. A remote attacker can exploit this to inject arbitrary HTTP headers and conduct HTTP response splitting attacks. (CVE-2016-5331)
      • SolutionApply the appropriate patch as referenced in the vendor advisory. Note that VMware Tools on Windows-based guests that use the Shared Folders (HGFS) feature must also be updated to completely mitigate CVE-2016-5330.
      • See_Alsohttp://www.vmware.com/security/advisories/VMSA-2016-0010.html http://kb.vmware.com/kb/2142193 http://kb.vmware.com/kb/2143976 http://kb.vmware.com/kb/2141429 http://kb.vmware.com/kb/2144359
      • Plugin_OutputESXi version : 6.0 Installed build : 3568940 Fixed build : 3620759 / 3568943 (security-only fix)
      • deleted(null)
      • created(null)
      • modified(null)
    • 6(array)
      • id18308
      • Log_IDH28-MOJ-Teikyo-Nara-17-seg-1-20161128-w510.csv
      • jvninfo_id20620
      • Plugin_ID92949
      • CVECVE-2016-5330
      • CVSS9.3
      • RiskHigh
      • Host172.30.201.22
      • Protocoltcp
      • Port0
      • NameESXi 5.0 < Build 3982828 / 5.1 < Build 3872664 / 5.5 < Build 4179633 / 6.0 < Build 3620759 Multiple Vulnerabilities (VMSA-2016-0010) (remote check)
      • SynopsisThe remote VMware ESXi host is affected by multiple vulnerabilities.
      • DescriptionThe remote VMware ESXi host is 5.0 prior to build 3982828, 5.1 prior to build 3872664, 5.5 prior to build 4179633, or 6.0 prior to build 3620759. It is, therefore, affected by multiple vulnerabilities : - An arbitrary code execution vulnerability exists in the Shared Folders (HGFS) feature due to improper loading of Dynamic-link library (DLL) files from insecure paths, including the current working directory, which may not be under user control. A remote attacker can exploit this vulnerability, by placing a malicious DLL in the path or by convincing a user into opening a file on a network share, to inject and execute arbitrary code in the context of the current user. (CVE-2016-5330) - An HTTP header injection vulnerability exists due to improper sanitization of user-supplied input. A remote attacker can exploit this to inject arbitrary HTTP headers and conduct HTTP response splitting attacks. (CVE-2016-5331)
      • SolutionApply the appropriate patch as referenced in the vendor advisory. Note that VMware Tools on Windows-based guests that use the Shared Folders (HGFS) feature must also be updated to completely mitigate CVE-2016-5330.
      • See_Alsohttp://www.vmware.com/security/advisories/VMSA-2016-0010.html http://kb.vmware.com/kb/2142193 http://kb.vmware.com/kb/2143976 http://kb.vmware.com/kb/2141429 http://kb.vmware.com/kb/2144359
      • Plugin_OutputESXi version : 6.0 Installed build : 3568940 Fixed build : 3620759 / 3568943 (security-only fix)
      • deleted(null)
      • created(null)
      • modified(null)
    • 7(array)
      • id30878
      • Log_IDH28-MOJ-Online-Funa-12-seg-v1-161103.csv
      • jvninfo_id20620
      • Plugin_ID92949
      • CVECVE-2016-5330
      • CVSS9.3
      • RiskHigh
      • Host172.27.9.67
      • Protocoltcp
      • Port0
      • NameESXi 5.0 < Build 3982828 / 5.1 < Build 3872664 / 5.5 < Build 4179633 / 6.0 < Build 3620759 Multiple Vulnerabilities (VMSA-2016-0010) (remote check)
      • SynopsisThe remote VMware ESXi host is affected by multiple vulnerabilities.
      • DescriptionThe remote VMware ESXi host is 5.0 prior to build 3982828, 5.1 prior to build 3872664, 5.5 prior to build 4179633, or 6.0 prior to build 3620759. It is, therefore, affected by multiple vulnerabilities : - An arbitrary code execution vulnerability exists in the Shared Folders (HGFS) feature due to improper loading of Dynamic-link library (DLL) files from insecure paths, including the current working directory, which may not be under user control. A remote attacker can exploit this vulnerability, by placing a malicious DLL in the path or by convincing a user into opening a file on a network share, to inject and execute arbitrary code in the context of the current user. (CVE-2016-5330) - An HTTP header injection vulnerability exists due to improper sanitization of user-supplied input. A remote attacker can exploit this to inject arbitrary HTTP headers and conduct HTTP response splitting attacks. (CVE-2016-5331)
      • SolutionApply the appropriate patch as referenced in the vendor advisory. Note that VMware Tools on Windows-based guests that use the Shared Folders (HGFS) feature must also be updated to completely mitigate CVE-2016-5330.
      • See_Alsohttp://www.vmware.com/security/advisories/VMSA-2016-0010.html http://kb.vmware.com/kb/2142193 http://kb.vmware.com/kb/2143976 http://kb.vmware.com/kb/2141429 http://kb.vmware.com/kb/2144359
      • Plugin_OutputESXi version : 5.5 Installed build : 2403361 Fixed build : 4179633 / 4179631 (security-only fix)
      • deleted(null)
      • created(null)
      • modified(null)
    • 8(array)
      • id41411
      • Log_IDH28-MOJ-Teikyo-Yokohama-17-seg-01-21161121-abe_beidq4.csv
      • jvninfo_id20620
      • Plugin_ID92949
      • CVECVE-2016-5330
      • CVSS9.3
      • RiskHigh
      • Host172.30.136.20
      • Protocoltcp
      • Port0
      • NameESXi 5.0 < Build 3982828 / 5.1 < Build 3872664 / 5.5 < Build 4179633 / 6.0 < Build 3620759 Multiple Vulnerabilities (VMSA-2016-0010) (remote check)
      • SynopsisThe remote VMware ESXi host is affected by multiple vulnerabilities.
      • DescriptionThe remote VMware ESXi host is 5.0 prior to build 3982828, 5.1 prior to build 3872664, 5.5 prior to build 4179633, or 6.0 prior to build 3620759. It is, therefore, affected by multiple vulnerabilities : - An arbitrary code execution vulnerability exists in the Shared Folders (HGFS) feature due to improper loading of Dynamic-link library (DLL) files from insecure paths, including the current working directory, which may not be under user control. A remote attacker can exploit this vulnerability, by placing a malicious DLL in the path or by convincing a user into opening a file on a network share, to inject and execute arbitrary code in the context of the current user. (CVE-2016-5330) - An HTTP header injection vulnerability exists due to improper sanitization of user-supplied input. A remote attacker can exploit this to inject arbitrary HTTP headers and conduct HTTP response splitting attacks. (CVE-2016-5331)
      • SolutionApply the appropriate patch as referenced in the vendor advisory. Note that VMware Tools on Windows-based guests that use the Shared Folders (HGFS) feature must also be updated to completely mitigate CVE-2016-5330.
      • See_Alsohttp://www.vmware.com/security/advisories/VMSA-2016-0010.html http://kb.vmware.com/kb/2142193 http://kb.vmware.com/kb/2143976 http://kb.vmware.com/kb/2141429 http://kb.vmware.com/kb/2144359
      • Plugin_OutputESXi version : 6.0 Installed build : 3568940 Fixed build : 3620759 / 3568943 (security-only fix)
      • deleted(null)
      • created(null)
      • modified(null)
    • 9(array)
      • id41464
      • Log_IDH28-MOJ-Teikyo-Yokohama-17-seg-02-21161121-abe_2jyjw7.csv
      • jvninfo_id20620
      • Plugin_ID92949
      • CVECVE-2016-5330
      • CVSS9.3
      • RiskHigh
      • Host172.30.136.21
      • Protocoltcp
      • Port0
      • NameESXi 5.0 < Build 3982828 / 5.1 < Build 3872664 / 5.5 < Build 4179633 / 6.0 < Build 3620759 Multiple Vulnerabilities (VMSA-2016-0010) (remote check)
      • SynopsisThe remote VMware ESXi host is affected by multiple vulnerabilities.
      • DescriptionThe remote VMware ESXi host is 5.0 prior to build 3982828, 5.1 prior to build 3872664, 5.5 prior to build 4179633, or 6.0 prior to build 3620759. It is, therefore, affected by multiple vulnerabilities : - An arbitrary code execution vulnerability exists in the Shared Folders (HGFS) feature due to improper loading of Dynamic-link library (DLL) files from insecure paths, including the current working directory, which may not be under user control. A remote attacker can exploit this vulnerability, by placing a malicious DLL in the path or by convincing a user into opening a file on a network share, to inject and execute arbitrary code in the context of the current user. (CVE-2016-5330) - An HTTP header injection vulnerability exists due to improper sanitization of user-supplied input. A remote attacker can exploit this to inject arbitrary HTTP headers and conduct HTTP response splitting attacks. (CVE-2016-5331)
      • SolutionApply the appropriate patch as referenced in the vendor advisory. Note that VMware Tools on Windows-based guests that use the Shared Folders (HGFS) feature must also be updated to completely mitigate CVE-2016-5330.
      • See_Alsohttp://www.vmware.com/security/advisories/VMSA-2016-0010.html http://kb.vmware.com/kb/2142193 http://kb.vmware.com/kb/2143976 http://kb.vmware.com/kb/2141429 http://kb.vmware.com/kb/2144359
      • Plugin_OutputESXi version : 6.0 Installed build : 3568940 Fixed build : 3620759 / 3568943 (security-only fix)
      • deleted(null)
      • created(null)
      • modified(null)
    • 10(array)
      • id41509
      • Log_IDH28-MOJ-Teikyo-Yokohama-17-seg-02-21161121-abe_2jyjw7.csv
      • jvninfo_id20620
      • Plugin_ID92949
      • CVECVE-2016-5330
      • CVSS9.3
      • RiskHigh
      • Host172.30.136.22
      • Protocoltcp
      • Port0
      • NameESXi 5.0 < Build 3982828 / 5.1 < Build 3872664 / 5.5 < Build 4179633 / 6.0 < Build 3620759 Multiple Vulnerabilities (VMSA-2016-0010) (remote check)
      • SynopsisThe remote VMware ESXi host is affected by multiple vulnerabilities.
      • DescriptionThe remote VMware ESXi host is 5.0 prior to build 3982828, 5.1 prior to build 3872664, 5.5 prior to build 4179633, or 6.0 prior to build 3620759. It is, therefore, affected by multiple vulnerabilities : - An arbitrary code execution vulnerability exists in the Shared Folders (HGFS) feature due to improper loading of Dynamic-link library (DLL) files from insecure paths, including the current working directory, which may not be under user control. A remote attacker can exploit this vulnerability, by placing a malicious DLL in the path or by convincing a user into opening a file on a network share, to inject and execute arbitrary code in the context of the current user. (CVE-2016-5330) - An HTTP header injection vulnerability exists due to improper sanitization of user-supplied input. A remote attacker can exploit this to inject arbitrary HTTP headers and conduct HTTP response splitting attacks. (CVE-2016-5331)
      • SolutionApply the appropriate patch as referenced in the vendor advisory. Note that VMware Tools on Windows-based guests that use the Shared Folders (HGFS) feature must also be updated to completely mitigate CVE-2016-5330.
      • See_Alsohttp://www.vmware.com/security/advisories/VMSA-2016-0010.html http://kb.vmware.com/kb/2142193 http://kb.vmware.com/kb/2143976 http://kb.vmware.com/kb/2141429 http://kb.vmware.com/kb/2144359
      • Plugin_OutputESXi version : 6.0 Installed build : 3568940 Fixed build : 3620759 / 3568943 (security-only fix)
      • deleted(null)
      • created(null)
      • modified(null)
    • 11(array)
      • id42098
      • Log_IDH28-MOJ-Teikyo-Yokohama-18-seg-01-21161121-abe_ubh1mj.csv
      • jvninfo_id20620
      • Plugin_ID92949
      • CVECVE-2016-5330
      • CVSS9.3
      • RiskHigh
      • Host172.30.138.20
      • Protocoltcp
      • Port0
      • NameESXi 5.0 < Build 3982828 / 5.1 < Build 3872664 / 5.5 < Build 4179633 / 6.0 < Build 3620759 Multiple Vulnerabilities (VMSA-2016-0010) (remote check)
      • SynopsisThe remote VMware ESXi host is affected by multiple vulnerabilities.
      • DescriptionThe remote VMware ESXi host is 5.0 prior to build 3982828, 5.1 prior to build 3872664, 5.5 prior to build 4179633, or 6.0 prior to build 3620759. It is, therefore, affected by multiple vulnerabilities : - An arbitrary code execution vulnerability exists in the Shared Folders (HGFS) feature due to improper loading of Dynamic-link library (DLL) files from insecure paths, including the current working directory, which may not be under user control. A remote attacker can exploit this vulnerability, by placing a malicious DLL in the path or by convincing a user into opening a file on a network share, to inject and execute arbitrary code in the context of the current user. (CVE-2016-5330) - An HTTP header injection vulnerability exists due to improper sanitization of user-supplied input. A remote attacker can exploit this to inject arbitrary HTTP headers and conduct HTTP response splitting attacks. (CVE-2016-5331)
      • SolutionApply the appropriate patch as referenced in the vendor advisory. Note that VMware Tools on Windows-based guests that use the Shared Folders (HGFS) feature must also be updated to completely mitigate CVE-2016-5330.
      • See_Alsohttp://www.vmware.com/security/advisories/VMSA-2016-0010.html http://kb.vmware.com/kb/2142193 http://kb.vmware.com/kb/2143976 http://kb.vmware.com/kb/2141429 http://kb.vmware.com/kb/2144359
      • Plugin_OutputESXi version : 6.0 Installed build : 3568940 Fixed build : 3620759 / 3568943 (security-only fix)
      • deleted(null)
      • created(null)
      • modified(null)
    • 12(array)
      • id42259
      • Log_IDH28-MOJ-Teikyo-Yokohama-18-seg-01-21161121-abe_ubh1mj.csv
      • jvninfo_id20620
      • Plugin_ID92949
      • CVECVE-2016-5330
      • CVSS9.3
      • RiskHigh
      • Host172.30.138.21
      • Protocoltcp
      • Port0
      • NameESXi 5.0 < Build 3982828 / 5.1 < Build 3872664 / 5.5 < Build 4179633 / 6.0 < Build 3620759 Multiple Vulnerabilities (VMSA-2016-0010) (remote check)
      • SynopsisThe remote VMware ESXi host is affected by multiple vulnerabilities.
      • DescriptionThe remote VMware ESXi host is 5.0 prior to build 3982828, 5.1 prior to build 3872664, 5.5 prior to build 4179633, or 6.0 prior to build 3620759. It is, therefore, affected by multiple vulnerabilities : - An arbitrary code execution vulnerability exists in the Shared Folders (HGFS) feature due to improper loading of Dynamic-link library (DLL) files from insecure paths, including the current working directory, which may not be under user control. A remote attacker can exploit this vulnerability, by placing a malicious DLL in the path or by convincing a user into opening a file on a network share, to inject and execute arbitrary code in the context of the current user. (CVE-2016-5330) - An HTTP header injection vulnerability exists due to improper sanitization of user-supplied input. A remote attacker can exploit this to inject arbitrary HTTP headers and conduct HTTP response splitting attacks. (CVE-2016-5331)
      • SolutionApply the appropriate patch as referenced in the vendor advisory. Note that VMware Tools on Windows-based guests that use the Shared Folders (HGFS) feature must also be updated to completely mitigate CVE-2016-5330.
      • See_Alsohttp://www.vmware.com/security/advisories/VMSA-2016-0010.html http://kb.vmware.com/kb/2142193 http://kb.vmware.com/kb/2143976 http://kb.vmware.com/kb/2141429 http://kb.vmware.com/kb/2144359
      • Plugin_OutputESXi version : 6.0 Installed build : 3568940 Fixed build : 3620759 / 3568943 (security-only fix)
      • deleted(null)
      • created(null)
      • modified(null)
    • 13(array)
      • id42339
      • Log_IDH28-MOJ-Teikyo-Yokohama-18-seg-01-21161121-abe_ubh1mj.csv
      • jvninfo_id20620
      • Plugin_ID92949
      • CVECVE-2016-5330
      • CVSS9.3
      • RiskHigh
      • Host172.30.138.22
      • Protocoltcp
      • Port0
      • NameESXi 5.0 < Build 3982828 / 5.1 < Build 3872664 / 5.5 < Build 4179633 / 6.0 < Build 3620759 Multiple Vulnerabilities (VMSA-2016-0010) (remote check)
      • SynopsisThe remote VMware ESXi host is affected by multiple vulnerabilities.
      • DescriptionThe remote VMware ESXi host is 5.0 prior to build 3982828, 5.1 prior to build 3872664, 5.5 prior to build 4179633, or 6.0 prior to build 3620759. It is, therefore, affected by multiple vulnerabilities : - An arbitrary code execution vulnerability exists in the Shared Folders (HGFS) feature due to improper loading of Dynamic-link library (DLL) files from insecure paths, including the current working directory, which may not be under user control. A remote attacker can exploit this vulnerability, by placing a malicious DLL in the path or by convincing a user into opening a file on a network share, to inject and execute arbitrary code in the context of the current user. (CVE-2016-5330) - An HTTP header injection vulnerability exists due to improper sanitization of user-supplied input. A remote attacker can exploit this to inject arbitrary HTTP headers and conduct HTTP response splitting attacks. (CVE-2016-5331)
      • SolutionApply the appropriate patch as referenced in the vendor advisory. Note that VMware Tools on Windows-based guests that use the Shared Folders (HGFS) feature must also be updated to completely mitigate CVE-2016-5330.
      • See_Alsohttp://www.vmware.com/security/advisories/VMSA-2016-0010.html http://kb.vmware.com/kb/2142193 http://kb.vmware.com/kb/2143976 http://kb.vmware.com/kb/2141429 http://kb.vmware.com/kb/2144359
      • Plugin_OutputESXi version : 6.0 Installed build : 3568940 Fixed build : 3620759 / 3568943 (security-only fix)
      • deleted(null)
      • created(null)
      • modified(null)
    • 14(array)
      • id52134
      • Log_IDH28_MUN_DWEB_Q4_172_16_240_seg.csv
      • jvninfo_id20620
      • Plugin_ID92949
      • CVECVE-2016-5330
      • CVSS9.3
      • RiskHigh
      • Host172.16.240.150
      • Protocoltcp
      • Port0
      • NameESXi 5.0 < Build 3982828 / 5.1 < Build 3872664 / 5.5 < Build 4179633 / 6.0 < Build 3620759 Multiple Vulnerabilities (VMSA-2016-0010) (remote check)
      • SynopsisThe remote VMware ESXi host is affected by multiple vulnerabilities.
      • DescriptionThe remote VMware ESXi host is 5.0 prior to build 3982828, 5.1 prior to build 3872664, 5.5 prior to build 4179633, or 6.0 prior to build 3620759. It is, therefore, affected by multiple vulnerabilities : - An arbitrary code execution vulnerability exists in the Shared Folders (HGFS) feature due to improper loading of Dynamic-link library (DLL) files from insecure paths, including the current working directory, which may not be under user control. A remote attacker can exploit this vulnerability, by placing a malicious DLL in the path or by convincing a user into opening a file on a network share, to inject and execute arbitrary code in the context of the current user. (CVE-2016-5330) - An HTTP header injection vulnerability exists due to improper sanitization of user-supplied input. A remote attacker can exploit this to inject arbitrary HTTP headers and conduct HTTP response splitting attacks. (CVE-2016-5331)
      • SolutionApply the appropriate patch as referenced in the vendor advisory. Note that VMware Tools on Windows-based guests that use the Shared Folders (HGFS) feature must also be updated to completely mitigate CVE-2016-5330.
      • See_Alsohttp://www.vmware.com/security/advisories/VMSA-2016-0010.html http://kb.vmware.com/kb/2142193 http://kb.vmware.com/kb/2143976 http://kb.vmware.com/kb/2141429 http://kb.vmware.com/kb/2144359
      • Plugin_OutputESXi version : 5.5 Installed build : 1892794 Fixed build : 4179633 / 4179631 (security-only fix)
      • deleted(null)
      • created(null)
      • modified(null)
• $request->data(empty)
• $this->validationErrors(array)
  • Jvninfo(empty)
  • Cveinfo(empty)
  • Nvdinfo(empty)
  • Nessuslog(empty)
• Loaded Helpers(array)
  • 0Number
  • 1SimpleGraph
  • 2DebugTimer
  • 3Toolbar
  • 4Html
  • 5Text
  • 6Session
  • 7HtmlToolbar

App Constants

No application environment available.

CakePHP Constants

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

PHP Environment

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/jvninfos/view/20620
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/jvninfos/view/20620
Remote Port	12776
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.154
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.1.14.45
Http Via	1.1 squid-proxy-5b5d847c96-mw4wx (squid/6.10)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	*/*
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Suspectharddos	1
Suspectdos	1
X Dostranslated Ip	216.73.216.154
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.154
Unique Id	aJXZcJyyg5-UcghrM_jt_gAAAWo
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Suspectharddos	1
Redirect Suspectdos	1
Redirect X Dostranslated Ip	216.73.216.154
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.154
Redirect Unique Id	aJXZcJyyg5-UcghrM_jt_gAAAWo
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect Suspectharddos	1
Redirect Redirect Suspectdos	1
Redirect Redirect X Dostranslated Ip	216.73.216.154
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.154
Redirect Redirect Unique Id	aJXZcJyyg5-UcghrM_jt_gAAAWo
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1754650992.6072
Request Time	1754650992

Included Files

Include Paths

• 0/virtual/inogo77/public_html/jvn/lib
• 2/opt/remi/php56/root/usr/share/pear
• 3/opt/remi/php56/root/usr/share/php
• 4/usr/share/pear
• 5/usr/share/php
• 6-> /virtual/inogo77/public_html/jvn/lib/Cake/

Included Files

• core(array)
  • Cache(array)
    • 0CORE/Cache/Cache.php
    • 1CORE/Cache/Engine/FileEngine.php
    • 2CORE/Cache/CacheEngine.php
  • Component(array)
    • 0CORE/Controller/Component/SessionComponent.php
  • Config(array)
    • 0CORE/Config/routes.php
    • 1CORE/Config/config.php
  • Controller(array)
    • 0CORE/Controller/Controller.php
    • 1CORE/Controller/ComponentCollection.php
    • 2CORE/Controller/Component.php
  • Datasource(array)
    • 0CORE/Model/Datasource/CakeSession.php
    • 1CORE/Model/Datasource/Database/Mysql.php
    • 2CORE/Model/Datasource/DboSource.php
    • 3CORE/Model/Datasource/DataSource.php
  • Error(array)
    • 0CORE/Error/exceptions.php
    • 1CORE/Error/ErrorHandler.php
  • I18n(array)
    • 0CORE/I18n/I18n.php
    • 1CORE/I18n/L10n.php
  • Log(array)
    • 0CORE/Log/CakeLog.php
    • 1CORE/Log/LogEngineCollection.php
    • 2CORE/Log/Engine/FileLog.php
    • 3CORE/Log/Engine/BaseLog.php
    • 4CORE/Log/CakeLogInterface.php
  • Model(array)
    • 0CORE/Model/Model.php
    • 1CORE/Model/BehaviorCollection.php
    • 2CORE/Model/ConnectionManager.php
  • Network(array)
    • 0CORE/Network/CakeRequest.php
    • 1CORE/Network/CakeResponse.php
  • Other(array)
    • 0CORE/bootstrap.php
    • 1CORE/basics.php
    • 2CORE/Core/App.php
    • 3CORE/Core/Configure.php
    • 4CORE/Core/CakePlugin.php
    • 5CORE/Event/CakeEventListener.php
    • 6CORE/Event/CakeEvent.php
    • 7CORE/Event/CakeEventManager.php
    • 8CORE/Core/Object.php
  • Routing(array)
    • 0CORE/Routing/Dispatcher.php
    • 1CORE/Routing/Filter/AssetDispatcher.php
    • 2CORE/Routing/DispatcherFilter.php
    • 3CORE/Routing/Filter/CacheDispatcher.php
    • 4CORE/Routing/Router.php
    • 5CORE/Routing/Route/CakeRoute.php
    • 6CORE/Routing/Route/PluginShortRoute.php
  • Utility(array)
    • 0CORE/Utility/Hash.php
    • 1CORE/Utility/Inflector.php
    • 2CORE/Utility/ObjectCollection.php
    • 3CORE/Utility/Debugger.php
    • 4CORE/Utility/String.php
    • 5CORE/Utility/ClassRegistry.php
  • View(array)
    • 0CORE/View/HelperCollection.php
• app(array)
  • Component(array)
    • 0APP/Controller/Component/CommonComponent.php
  • Config(array)
    • 0APP/Config/core.php
    • 1APP/Config/bootstrap.php
    • 2APP/Config/routes.php
    • 3APP/Config/database.php
  • Controller(array)
    • 0APP/Controller/JvninfosController.php
    • 1APP/Controller/AppController.php
  • Model(array)
    • 0APP/Model/Jvninfo.php
    • 1APP/Model/AppModel.php
    • 2APP/Model/Cveinfo.php
    • 3APP/Model/Nvdinfo.php
    • 4APP/Model/Nessuslog.php
  • Other(array)
    • 0APP/webroot/index.php
• plugins(array)
  • DebugKit(array)
    • Component(array)
      • 0DebugKit/Controller/Component/ToolbarComponent.php
    • Other(array)
      • 0DebugKit/Lib/DebugMemory.php
      • 1DebugKit/Lib/Panel/HistoryPanel.php
      • 2DebugKit/Lib/DebugPanel.php
      • 3DebugKit/Lib/Panel/SessionPanel.php
      • 4DebugKit/Lib/Panel/RequestPanel.php
      • 5DebugKit/Lib/Panel/SqlLogPanel.php
      • 6DebugKit/Lib/Panel/TimerPanel.php
      • 7DebugKit/Lib/Panel/LogPanel.php
      • 8DebugKit/Lib/Panel/VariablesPanel.php
      • 9DebugKit/Lib/Panel/EnvironmentPanel.php
      • 10DebugKit/Lib/Panel/IncludePanel.php
      • 11DebugKit/Lib/DebugTimer.php
    • Log(array)
      • 0DebugKit/Lib/Log/Engine/DebugKitLog.php