ush.it Report : Visit Site


  • Ranking Alexa Global: # 2,286,310

    Server:Apache...

    The main IP address: 213.187.10.134,Your server Italy,Padova ISP:Net Global Srl  TLD:it CountryCode:IT

    The description :⇲ aerohive hivemanager classic privilege escalation vulnerability september 4, 2017 at 5:12 pm - filed under hacks - 706 words, reading time ~2 minutes - permalink - comments sandro "guly" zaccarini f...

    This report updates in 14-Jul-2018

Expires Date:2018-08-12

Technical data of the ush.it


Geo IP provides you such as latitude, longitude and ISP (Internet Service Provider) etc. informations. Our GeoIP service found where is host ush.it. Currently, hosted in Italy and its service provider is Net Global Srl .

Latitude: 45.415191650391
Longitude: 11.881810188293
Country: Italy (IT)
City: Padova
Region: Veneto
ISP: Net Global Srl

the related websites

HTTP Header Analysis


HTTP Header information is a part of HTTP protocol that a user's browser sends to called Apache containing the details of what the browser wants and will accept back from the web server.

Content-Length:5372
X-XSS-Protection:1; mode=block
X-Content-Type-Options:nosniff
Content-Encoding:gzip
Accept-Ranges:bytes
Vary:Accept-Encoding
Keep-Alive:timeout=5, max=100
Server:Apache
Last-Modified:Mon, 04 Sep 2017 17:45:50 GMT
Connection:Keep-Alive
ETag:"3b322fe-4eb2-55860ae6c6f80"
Date:Sat, 14 Jul 2018 06:30:27 GMT
X-Frame-Options:sameorigin
Content-Type:text/html

DNS

soa:dns.technorail.com. hostmaster.ush.it. 1 86400 7200 2592000 3600
ns:dns3.arubadns.net.
dns.technorail.com.
dns4.arubadns.cz.
dns2.technorail.com.
ipv4:IP:213.187.10.134
ASN:39479
OWNER:NS3-ASN, IT
Country:IT
mx:MX preference = 20, mail exchanger = mail.ush.it.

HtmlToText

⇲ aerohive hivemanager classic privilege escalation vulnerability september 4, 2017 at 5:12 pm - filed under hacks - 706 words, reading time ~2 minutes - permalink - comments sandro "guly" zaccarini found a critical vulnerability in aerohive hivemanager classic 8.1r1. the vulnerability allows a local unprivileged user, normally restricted in a tenant-environment, to execute code on underlying system. qnap qts domain privilege escalation vulnerability march 22, 2017 at 4:49 pm - filed under hacks - 1222 words, reading time ~4 minutes - permalink - comments pasquale "sid" fiorillo found a critical vulnerability in qnap qts allowing the recovery of the domain admin password. such password is "encrypted" with xor and the key is a single byte! any web application or extraneous software running in your qnap system can access such configuration file and jeopardize your entire network if the nas uses domain authentication for it's users. veeam backup & replication local privilege escalation vulnerability october 8, 2015 at 5:02 pm - filed under hacks - 1737 words, reading time ~5 minutes - permalink - comments pasquale "sid" fiorillo found a critical vulnerability in veeam backup & replication version 6, 7 and 8. at the time of writing this impact a very large of updated and outdated/legacy veeam deployments. the vulnerability allows a local unprivileged user of a windows guest to gain local and/or domain administrator access when veeamvixproxy is active, the de-facto default in vmware and hyper-v environments. arc v2011-12-01 multiple vulnerabilities november 22, 2012 at 11:34 am - filed under hacks - 1408 words, reading time ~4 minutes - permalink - comments simone "negator" onofri and luca "beinux3" napolitano found multiple issues in arc2, providing rdf and sparql functionalities to php applications and working with mysql as backend. found vulnerabilities include sql injection and xss. pixelpost (calendar addon 1.1.6) 1.7.3 multiple vulnerabilities april 7, 2011 at 5:46 pm - filed under hacks - 1033 words, reading time ~3 minutes - permalink - comments simone "negator" onofri found multiple issues in a nice image gallery script that was going to use for his personal purposes, perhaps it's better to wait a couple of releases before using this in production. since the vendor was not responsive this is a forced release. found vulnerabilities include blind sql injection and xss. vtiger crm 5.2.0 multiple vulnerabilities november 16, 2010 at 10:46 pm - filed under hacks - 1279 words, reading time ~4 minutes - permalink - comments giovanni "evilaliv3" pellerano and alessandro "jekil" tanasi found multiple vulnerabilities in vtiger crm 5.2.0, a software we already audited in the past. high impact (for a web application) findings include a remote command execution issue (thanks to a possible bypass in the file upload extension blacklist) and a local file inclusion that can be exploited by unauthenticated users. two separate cross site scripting issues have been found, the first on the login. nginx, varnish, cherokee, thttpd, mini-httpd, webrick, orion, aolserver, yaws and boa log escape sequence injection january 11, 2010 at 2:16 am - filed under hacks , language en - 2587 words, reading time ~8 minutes - permalink - comments if you have read our previous article jetty 6.x and 7.x multiple vulnerabilities your are already familiar to an attack vector called log escape sequence injection. it allows remote attackers to remotely exploit terminal emulator vulnerabilities that may happen when displaying in an unsafe manner files containing escape sequences. while the real issue belong to the terminals, programs that does not sanitize outputs make this vector relevant in the real world. jetty 6.x and 7.x multiple vulnerabilities october 25, 2009 at 5:00 am - filed under hacks , language en - 2607 words, reading time ~8 minutes - permalink - comments jetty is a pure java application server used by big players like google (google appengine, google web toolkit) and many projects and products like eclipse, alfresco developers, bea weblogic business connect and weblogic event server, cisco subscriber edge services manager, sybase easerver, apache geronimo, hp openview interconnect tools and hp openview self-healing, jfox, zimbra desktop and others (here a more complete list http://docs.codehaus.org/display/jetty/jetty+powered ). finding a bug in such a wildspread component is something definitely interesting as the exploitation scenarios are many. we were procrastinating a little too much on this advisory but a core advisory burned some of our research and this month we found the time to contact the vendor and follow our disclosure procedure. as always enjoy the reading! vtiger crm 5.0.4 multiple vulnerabilities august 18, 2009 at 3:55 pm - filed under hacks , language en - 1780 words, reading time ~5 minutes - permalink - comments in our publication php filesystem attack vectors - take two we highlighted some issues that can occur in applications written in php that make use of filesystem operations. this advisory for the vtiger crm, version 5.0.4, application is an example on how such generic issues can impact the security of a real world application. php filesystem attack vectors - take two july 26, 2009 at 2:31 am - filed under hacks , language en - 2669 words, reading time ~8 minutes - permalink - comments did you enjoyed our previous "php filesystem attack vectors" research? this is the second part and continuation of that paper and highlight new ways to evade filters using some path normalization issues. have a nice reading! sugarcrm 5.2.0e remote code execution june 13, 2009 at 6:44 pm - filed under hacks , language en - 1524 words, reading time ~5 minutes - permalink - comments formmail 1.92 multiple vulnerabilities may 12, 2009 at 4:19 am - filed under hacks , language en - 1928 words, reading time ~6 minutes - permalink - comments do you remember formmail? i hope so. it's perl code belonging to the past, the glorious 1995 internet era. frommail is a cgi script used to create contact forms, but not a common one, it's historical with millions of downloads and has a dedicated wikipedia page (http://en.wikipedia.org/wiki/formmail). by the way it's still used in both small and big deployments. frommail development stopped in 1996, with the exception of security updates and the last security issue is from april 19, 2002. now one could expect a software to be bugfree after 13 years of feature freeze and "stable" status. well.. this is why we are here : ) don't expect code execution, just enjoy the reading. ⌫ previous entries ⇱ need professional information security services? call isgroup! free services games proxy tools security directory security tools products services ush manifest antonio `s4tan` parata francesco `ascii` ongaro marco `saidone` marini michele `liver` bottari nunzio `irtam` mignone pasquale `sid` fiorillo archives 2017 september march 2015 october 2012 november 2011 april 2010 november january 2009 october august july june may march february january 2008 december november september august july may april 2007 october august july june may april march january 2006 december november july may april march february january 2005 november october september categories hacks (53) insecurity (17) language en (61) language it (19) readings (7) reports (10) team (6) need professional information security services? call isgroup! reed's alert! got something burning? tell ush team . thp ush wisec digitalbullets

URL analysis for ush.it


http://www.ush.it/page/1/
http://news.ycombinator.com/submitlink?u=http://www.ush.it/2009/07/26/php-filesystem-attack-vectors-take-two/&t=php%20filesystem%20attack%20vectors%20-%20take%20two
http://www.ush.it/2008/05/
http://www.ush.it/2017/
http://www.ush.it/2007/06/
http://www.ush.it/category/readings/
http://www.ush.it/2012/11/22/arc-v2011-12-01-multiple-vulnerabilities/
http://www.ush.it/2008/12/
http://www.ush.it/2007/10/
http://www.ush.it/category/insecurity/
http://www.ush.it/2006/07/
http://www.ush.it/2009/05/
http://www.ush.it/2006/01/
http://www.ush.it/2005/09/
http://www.ush.it/2017/09/04/aerohive-hivemanager-classic-privilege-escalation/

Whois Information


Whois is a protocol that is access to registering information. You can reach when the website was registered, when it will be expire, what is contact details of the site with the following informations. In a nutshell, it includes these informations;


*********************************************************************
* Please note that the following result could be a subgroup of *
* the data contained in the database. *
* *
* Additional information can be visualized at: *
* http://www.nic.it/cgi-bin/Whois/whois.cgi *
*********************************************************************

Domain: ush.it
Status: ok
Created: 2004-07-09 00:00:00
Last Update: 2017-08-28 00:43:26
Expire Date: 2018-08-12

Registrant
Organization: FRANCESCO ONGARO

Admin Contact
Name: FRANCESCO ONGARO
Organization: FRANCESCO ONGARO

Technical Contacts
Name: FRANCESCO ONGARO
Organization: FRANCESCO ONGARO

Registrar
Organization: Aruba s.p.a.
Name: ARUBA-REG
Web: http://www.aruba.it

Nameservers
dns.technorail.com
dns2.technorail.com
dns3.arubadns.net
dns4.arubadns.cz


  REGISTRAR IT-Nic

  REFERRER http://www.nic.it/

SERVERS

  SERVER it.whois-servers.net

  ARGS ush.it

  PORT 43

  TYPE domain

DOMAIN

  NAME ush.it

  STATUS ok

  EXPIRES 2018-08-12

NSERVER

  DNS.TECHNORAIL.COM 62.149.128.2

  DNS2.TECHNORAIL.COM 62.149.132.2

  DNS3.ARUBADNS.NET 95.110.220.5

  DNS4.ARUBADNS.CZ 81.2.199.73

REGISTRAR

  ORGANIZATION Aruba s.p.a.

  NAME ARUBA-REG

  WEB http://www.aruba.it

OWNER

  ORGANIZATION FRANCESCO ONGARO

ADMIN

  NAME FRANCESCO ONGARO

  ORGANIZATION FRANCESCO ONGARO

TECH

  NAME FRANCESCO ONGARO

  ORGANIZATION FRANCESCO ONGARO

  REGISTERED yes

Go to top

Mistakes


The following list shows you to spelling mistakes possible of the internet users for the website searched .

  • www.uush.com
  • www.7ush.com
  • www.hush.com
  • www.kush.com
  • www.jush.com
  • www.iush.com
  • www.8ush.com
  • www.yush.com
  • www.ushebc.com
  • www.ushebc.com
  • www.ush3bc.com
  • www.ushwbc.com
  • www.ushsbc.com
  • www.ush#bc.com
  • www.ushdbc.com
  • www.ushfbc.com
  • www.ush&bc.com
  • www.ushrbc.com
  • www.urlw4ebc.com
  • www.ush4bc.com
  • www.ushc.com
  • www.ushbc.com
  • www.ushvc.com
  • www.ushvbc.com
  • www.ushvc.com
  • www.ush c.com
  • www.ush bc.com
  • www.ush c.com
  • www.ushgc.com
  • www.ushgbc.com
  • www.ushgc.com
  • www.ushjc.com
  • www.ushjbc.com
  • www.ushjc.com
  • www.ushnc.com
  • www.ushnbc.com
  • www.ushnc.com
  • www.ushhc.com
  • www.ushhbc.com
  • www.ushhc.com
  • www.ush.com
  • www.ushc.com
  • www.ushx.com
  • www.ushxc.com
  • www.ushx.com
  • www.ushf.com
  • www.ushfc.com
  • www.ushf.com
  • www.ushv.com
  • www.ushvc.com
  • www.ushv.com
  • www.ushd.com
  • www.ushdc.com
  • www.ushd.com
  • www.ushcb.com
  • www.ushcom
  • www.ush..com
  • www.ush/com
  • www.ush/.com
  • www.ush./com
  • www.ushncom
  • www.ushn.com
  • www.ush.ncom
  • www.ush;com
  • www.ush;.com
  • www.ush.;com
  • www.ushlcom
  • www.ushl.com
  • www.ush.lcom
  • www.ush com
  • www.ush .com
  • www.ush. com
  • www.ush,com
  • www.ush,.com
  • www.ush.,com
  • www.ushmcom
  • www.ushm.com
  • www.ush.mcom
  • www.ush.ccom
  • www.ush.om
  • www.ush.ccom
  • www.ush.xom
  • www.ush.xcom
  • www.ush.cxom
  • www.ush.fom
  • www.ush.fcom
  • www.ush.cfom
  • www.ush.vom
  • www.ush.vcom
  • www.ush.cvom
  • www.ush.dom
  • www.ush.dcom
  • www.ush.cdom
  • www.ushc.om
  • www.ush.cm
  • www.ush.coom
  • www.ush.cpm
  • www.ush.cpom
  • www.ush.copm
  • www.ush.cim
  • www.ush.ciom
  • www.ush.coim
  • www.ush.ckm
  • www.ush.ckom
  • www.ush.cokm
  • www.ush.clm
  • www.ush.clom
  • www.ush.colm
  • www.ush.c0m
  • www.ush.c0om
  • www.ush.co0m
  • www.ush.c:m
  • www.ush.c:om
  • www.ush.co:m
  • www.ush.c9m
  • www.ush.c9om
  • www.ush.co9m
  • www.ush.ocm
  • www.ush.co
  • ush.itm
  • www.ush.con
  • www.ush.conm
  • ush.itn
  • www.ush.col
  • www.ush.colm
  • ush.itl
  • www.ush.co
  • www.ush.co m
  • ush.it
  • www.ush.cok
  • www.ush.cokm
  • ush.itk
  • www.ush.co,
  • www.ush.co,m
  • ush.it,
  • www.ush.coj
  • www.ush.cojm
  • ush.itj
  • www.ush.cmo
Show All Mistakes Hide All Mistakes