GeneralInformation

Cloud Provider	Oracle Cloud Infrastructure
Cloud Region	uk-london-1
Country	United Kingdom
City	London
Organization	Oracle Corporation
ISP	Oracle Corporation
ASN	AS31898

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2022-41556	A resource leak in gw_backend.c in lighttpd 1.4.56 through 1.4.66 could lead to a denial of service (connection-slot exhaustion) after a large amount of anomalous TCP behavior by clients. It is related to RDHUP mishandling in certain HTTP/1.1 chunked situations. Use of mod_fastcgi is, for example, affected. This is fixed in 1.4.67.
CVE-2022-22707	4.3In lighttpd 1.4.46 through 1.4.63, the mod_extforward_Forwarded function of the mod_extforward plugin has a stack-based buffer overflow (4 bytes representing -1), as demonstrated by remote denial of service (daemon crash) in a non-default configuration. The non-default configuration requires handling of the Forwarded header in a somewhat unusual manner. Also, a 32-bit system is much more likely to be affected than a 64-bit system.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 53 80 8000

-1840095157 | 2024-04-26T04:04:24.812375

22 / tcp

SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.7
Key type: ecdsa-sha2-nistp256
Key: AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPQSH214FYHvMobEsAOR8GCr
8VDYvufS0xPhH26Bn5mU78G8YTrZ4h9yHyj8Quli+0lzxjzS1N+7yANZh39uQX8=
Fingerprint: 40:f0:9c:80:c1:83:59:07:05:15:5a:e1:35:f7:ea:23

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	sntrup761x25519-sha512@openssh.com
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

-27732661 | 2024-05-02T16:26:05.429586

53 / tcp

dnsmasq-pi-hole-v2.89-9461807
Recursion: enabled

-27732661 | 2024-04-25T05:06:09.299598

53 / udp

dnsmasq-pi-hole-v2.89-9461807
Recursion: enabled

-949720558 | 2024-04-27T21:09:28.511816

80 / tcp

HTTP/1.1 403 Forbidden
Content-Type: text/html
Content-Length: 341
Date: Sat, 27 Apr 2024 21:09:28 GMT
Server: lighttpd/1.4.59

2013617963 | 2024-05-01T11:40:10.499484

8000 / tcp

HTTP/1.1 400 Bad Request
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 01 May 2024 11:40:10 GMT
Content-Type: text/html
Content-Length: 666
Connection: close

150.230.120.120

Last Seen: 2024-05-02

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1840095157 | 2024-04-26T04:04:24.812375
22 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.7

-27732661 | 2024-05-02T16:26:05.429586
53 / tcp

-27732661 | 2024-04-25T05:06:09.299598
53 / udp

-949720558 | 2024-04-27T21:09:28.511816
80 / tcp

lighttpd1.4.59

2013617963 | 2024-05-01T11:40:10.499484
8000 / tcp

nginx1.18.0

Products

Pricing

Contact Us

150.230.120.120

Last Seen: 2024-05-02

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1840095157 | 2024-04-26T04:04:24.812375 22 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.7

-27732661 | 2024-05-02T16:26:05.429586 53 / tcp

-27732661 | 2024-04-25T05:06:09.299598 53 / udp

-949720558 | 2024-04-27T21:09:28.511816 80 / tcp

lighttpd1.4.59

2013617963 | 2024-05-01T11:40:10.499484 8000 / tcp

nginx1.18.0

Products

Pricing

Contact Us

-1840095157 | 2024-04-26T04:04:24.812375
22 / tcp

-27732661 | 2024-05-02T16:26:05.429586
53 / tcp

-27732661 | 2024-04-25T05:06:09.299598
53 / udp

-949720558 | 2024-04-27T21:09:28.511816
80 / tcp

2013617963 | 2024-05-01T11:40:10.499484
8000 / tcp