GeneralInformation

Hostnames	ec2-54-206-119-195.ap-southeast-2.compute.amazonaws.com
Domains	amazonaws.com
Cloud Provider	Amazon
Cloud Region	ap-southeast-2
Cloud Service	EC2
Country	Australia
City	Sydney
Organization	Amazon.com, Inc.
ISP	Amazon.com, Inc.
ASN	AS16509

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2022-41556

A resource leak in gw_backend.c in lighttpd 1.4.56 through 1.4.66 could lead to a denial of service (connection-slot exhaustion) after a large amount of anomalous TCP behavior by clients. It is related to RDHUP mishandling in certain HTTP/1.1 chunked situations. Use of mod_fastcgi is, for example, affected. This is fixed in 1.4.67.

CVE-2022-22707

4.3In lighttpd 1.4.46 through 1.4.63, the mod_extforward_Forwarded function of the mod_extforward plugin has a stack-based buffer overflow (4 bytes representing -1), as demonstrated by remote denial of service (daemon crash) in a non-default configuration. The non-default configuration requires handling of the Forwarded header in a somewhat unusual manner. Also, a 32-bit system is much more likely to be affected than a 64-bit system.

OpenPorts

22 53 80

2029265009 | 2024-04-18T15:10:41.821720

22 / tcp

SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.6
Key type: ecdsa-sha2-nistp256
Key: AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOCirB2R5r5KtKXWl5Fv2WjN
MrlwS2NapeH8T4JgOZDMvPHCYtHzZ8XKSFyZK63Dx4Pn2mWrseh28uC7PJgO7UM=
Fingerprint: 8e:7e:69:8a:47:73:05:d1:ea:37:06:df:5f:aa:5b:d1

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	sntrup761x25519-sha512@openssh.com
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

-27732661 | 2024-05-03T05:24:00.896457

53 / tcp

dnsmasq-pi-hole-v2.89-9461807
Recursion: enabled

-27732661 | 2024-05-01T18:00:12.681813

53 / udp

dnsmasq-pi-hole-v2.89-9461807
Recursion: enabled

-647234736 | 2024-04-27T05:30:44.742626

80 / tcp

HTTP/1.1 200 OK
Content-Type: text/html
ETag: "1671000120"
Last-Modified: Wed, 19 Apr 2023 04:35:17 GMT
Content-Length: 3371
Accept-Ranges: bytes
Date: Sat, 27 Apr 2024 05:30:44 GMT
Server: lighttpd/1.4.63

54.206.119.195

Last Seen: 2024-05-03

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

2029265009 | 2024-04-18T15:10:41.821720
22 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.6

-27732661 | 2024-05-03T05:24:00.896457
53 / tcp

-27732661 | 2024-05-01T18:00:12.681813
53 / udp

-647234736 | 2024-04-27T05:30:44.742626
80 / tcp

lighttpd1.4.63

Products

Pricing

Contact Us