GeneralInformation

Country	Hong Kong
City	Hong Kong
Organization	Asia Pacific Network Information Centre
ISP	Cloudie Limited
ASN	AS55933

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2010-3972	Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData function in ftpsvc.dll in Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) 7.0, and IIS 7.5, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted FTP command, aka "IIS FTP Service Heap Buffer Overrun Vulnerability." NOTE: some of these details are obtained from third party information.
CVE-2010-2730	Buffer overflow in Microsoft Internet Information Services (IIS) 7.5, when FastCGI is enabled, allows remote attackers to execute arbitrary code via crafted headers in a request, aka "Request Header Buffer Overflow Vulnerability."
CVE-2010-1899	Stack consumption vulnerability in the ASP implementation in Microsoft Internet Information Services (IIS) 5.1, 6.0, 7.0, and 7.5 allows remote attackers to cause a denial of service (daemon outage) via a crafted request, related to asp.dll, aka "IIS Repeated Parameter Request Denial of Service Vulnerability."

OpenPorts

80 135

-119375469 | 2024-04-12T05:21:29.834977

80 / tcp

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Fri, 18 Mar 2016 06:28:24 GMT
Accept-Ranges: bytes
ETag: "ba741560df80d11:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Fri, 12 Apr 2024 05:21:22 GMT
Content-Length: 689

-740939326 | 2024-04-21T01:01:32.250257

135 / tcp

Microsoft RPC Endpoint Mapper

d95afe70-a6d5-4259-822e-2c84da1ddb0d
  version: v1.0
  protocol: [MS-RSP]: Remote Shutdown Protocol
  provider: wininit.exe
  ncacn_ip_tcp: 103.30.43.68:49152
  ncalrpc: WindowsShutdown
  ncacn_np: \\CLOUDSERVER\PIPE\InitShutdown
  ncalrpc: WMsgKRpc05C450

76f226c3-ec14-4325-8a99-6a46348418af
  version: v1.0
  provider: winlogon.exe
  ncalrpc: WindowsShutdown
  ncacn_np: \\CLOUDSERVER\PIPE\InitShutdown
  ncalrpc: WMsgKRpc05C450
  ncalrpc: WMsgKRpc05D721
  ncalrpc: WMsgKRpc03543D4B22

c9ac6db5-82b7-4e55-ae8a-e464ed7b4277
  version: v1.0
  annotation: Impl friendly name
  provider: sysntfy.dll
  ncalrpc: LRPC-abb3614f4a9ea5aad5
  ncacn_np: \\CLOUDSERVER\PIPE\srvsvc
  ncacn_ip_tcp: 103.30.43.68:49154
  ncacn_np: \\CLOUDSERVER\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE0D5B378866DE4E75B31ACCC8C3C4
  ncalrpc: IUserProfile2
  ncalrpc: senssvc
  ncalrpc: OLE0D5B378866DE4E75B31ACCC8C3C4
  ncalrpc: IUserProfile2
  ncalrpc: OLE0D5B378866DE4E75B31ACCC8C3C4
  ncalrpc: IUserProfile2
  ncalrpc: IUserProfile2

30adc50c-5cbc-46ce-9a0e-91914789e23c
  version: v1.0
  annotation: NRP server endpoint
  provider: nrpsrv.dll
  ncalrpc: dhcpcsvc
  ncalrpc: dhcpcsvc6
  ncacn_ip_tcp: 103.30.43.68:49153
  ncacn_np: \\CLOUDSERVER\pipe\eventlog
  ncalrpc: eventlog

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
  version: v1.0
  annotation: DHCP Client LRPC Endpoint
  provider: dhcpcsvc.dll
  ncalrpc: dhcpcsvc
  ncalrpc: dhcpcsvc6
  ncacn_ip_tcp: 103.30.43.68:49153
  ncacn_np: \\CLOUDSERVER\pipe\eventlog
  ncalrpc: eventlog

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6
  version: v1.0
  annotation: DHCPv6 Client LRPC Endpoint
  provider: dhcpcsvc6.dll
  ncalrpc: dhcpcsvc6
  ncacn_ip_tcp: 103.30.43.68:49153
  ncacn_np: \\CLOUDSERVER\pipe\eventlog
  ncalrpc: eventlog

f6beaff7-1e19-4fbb-9f8f-b89e2018337c
  version: v1.0
  annotation: Event log TCPIP
  protocol: [MS-EVEN6]: EventLog Remoting Protocol
  provider: wevtsvc.dll
  ncacn_ip_tcp: 103.30.43.68:49153
  ncacn_np: \\CLOUDSERVER\pipe\eventlog
  ncalrpc: eventlog

30b044a5-a225-43f0-b3a4-e060df91f9c1
  version: v1.0
  provider: certprop.dll
  ncacn_np: \\CLOUDSERVER\PIPE\srvsvc
  ncacn_ip_tcp: 103.30.43.68:49154
  ncacn_np: \\CLOUDSERVER\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE0D5B378866DE4E75B31ACCC8C3C4
  ncalrpc: IUserProfile2

98716d03-89ac-44c7-bb8c-285824e51c4a
  version: v1.0
  annotation: XactSrv service
  provider: srvsvc.dll
  ncacn_ip_tcp: 103.30.43.68:49154
  ncacn_np: \\CLOUDSERVER\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE0D5B378866DE4E75B31ACCC8C3C4
  ncalrpc: IUserProfile2

552d076a-cb29-4e44-8b6a-d15e59e2c0af
  version: v1.0
  annotation: IP Transition Configuration endpoint
  provider: iphlpsvc.dll
  ncacn_ip_tcp: 103.30.43.68:49154
  ncacn_np: \\CLOUDSERVER\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE0D5B378866DE4E75B31ACCC8C3C4
  ncalrpc: IUserProfile2

86d35949-83c9-4044-b424-db363231fd0c
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: schedsvc.dll
  ncacn_ip_tcp: 103.30.43.68:49154
  ncacn_np: \\CLOUDSERVER\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE0D5B378866DE4E75B31ACCC8C3C4
  ncalrpc: IUserProfile2

378e52b0-c0a9-11cf-822d-00aa0051e40f
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\CLOUDSERVER\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE0D5B378866DE4E75B31ACCC8C3C4
  ncalrpc: IUserProfile2

1ff70682-0a51-30e8-076d-740be8cee98b
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\CLOUDSERVER\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE0D5B378866DE4E75B31ACCC8C3C4
  ncalrpc: IUserProfile2

0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
  version: v1.0
  provider: schedsvc.dll
  ncalrpc: senssvc
  ncalrpc: OLE0D5B378866DE4E75B31ACCC8C3C4
  ncalrpc: IUserProfile2

2eb08e3e-639f-4fba-97b1-14f878961076
  version: v1.0
  provider: gpsvc.dll
  ncalrpc: OLE0D5B378866DE4E75B31ACCC8C3C4
  ncalrpc: IUserProfile2

3473dd4d-2e88-4006-9cba-22570909dd10
  version: v5.256
  annotation: WinHttp Auto-Proxy Service
  ncacn_np: \\CLOUDSERVER\PIPE\W32TIME_ALT
  ncalrpc: W32TIME_ALT
  ncalrpc: LRPC-5b1ade889800bc3ef5
  ncalrpc: OLEB2078AE5EBC146CFB94846FA4C14

7ea70bcf-48af-4f6a-8968-6a440754d5fa
  version: v1.0
  annotation: NSI server endpoint
  provider: nsisvc.dll
  ncalrpc: LRPC-5b1ade889800bc3ef5
  ncalrpc: OLEB2078AE5EBC146CFB94846FA4C14

24019106-a203-4642-b88d-82dae9158929
  version: v1.0
  provider: authui.dll
  ncalrpc: LRPC-64016b5f7bcc5c1a47

2fb92682-6599-42dc-ae13-bd2ca89bd11c
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-41b1005634c325ea97

7f9d11bf-7fb9-436b-a812-b2d50c5d4c03
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-41b1005634c325ea97

dd490425-5325-4565-b774-7e27d6c09c24
  version: v1.0
  annotation: Base Firewall Engine API
  provider: BFE.DLL
  ncalrpc: LRPC-41b1005634c325ea97

4a452661-8290-4b36-8fbe-7f4093a94978
  version: v1.0
  annotation: Spooler function endpoint
  provider: spoolsv.exe
  ncalrpc: spoolss

ae33069b-a2a8-46ee-a235-ddfd339be281
  version: v1.0
  annotation: Spooler base remote object endpoint
  protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
  provider: spoolsv.exe
  ncalrpc: spoolss

0b6edbfa-4a24-4fc6-8a23-942b1eca65d1
  version: v1.0
  annotation: Spooler function endpoint
  protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
  provider: spoolsv.exe
  ncalrpc: spoolss

f763c91c-2ab1-47fa-868f-7de7efd42194
  version: v1.0
  annotation: VM Allow-List Provider RPC
  ncalrpc: RdvVmAllowListRpc
  ncalrpc: OLE732D8C77115E4C0EB948FA9D004E

367abb81-9844-35f1-ad32-98f038001003
  version: v2.0
  protocol: [MS-SCMR]: Service Control Manager Remote Protocol
  provider: services.exe
  ncacn_ip_tcp: 103.30.43.68:49155

12345778-1234-abcd-ef00-0123456789ac
  version: v1.0
  protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
  provider: samsrv.dll
  ncacn_ip_tcp: 103.30.43.68:49157
  ncalrpc: samss lpc
  ncalrpc: dsrole
  ncacn_np: \\CLOUDSERVER\PIPE\protected_storage
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncalrpc: LRPC-716d6a5674c3c224b5
  ncacn_np: \\CLOUDSERVER\pipe\lsass

12345678-1234-abcd-ef00-0123456789ab
  version: v1.0
  annotation: IPSec Policy agent endpoint
  protocol: [MS-RPRN]: Print System Remote Protocol
  provider: spoolsv.exe
  ncalrpc: LRPC-40418aefd395cb0042

906b0ce0-c70b-1067-b317-00dd010662da
  version: v1.0
  protocol: [MS-CMPO]: MSDTC Connection Manager:
  provider: msdtcprx.dll
  ncalrpc: LRPC-30d2a4aa34699aa951
  ncalrpc: LRPC-30d2a4aa34699aa951
  ncalrpc: LRPC-30d2a4aa34699aa951
  ncalrpc: LRPC-30d2a4aa34699aa951

12e65dd8-887f-41ef-91bf-8d816c42c2e7
  version: v1.0
  annotation: Secure Desktop LRPC interface
  provider: winlogon.exe
  ncalrpc: WMsgKRpc03543D4B22

103.30.43.68

Last Seen: 2024-04-21

GeneralInformation

Vulnerabilities

OpenPorts

-119375469 | 2024-04-12T05:21:29.834977
80 / tcp

Microsoft IIS httpd7.5

-740939326 | 2024-04-21T01:01:32.250257
135 / tcp

Microsoft RPC Endpoint Mapper

Products

Pricing

Contact Us

103.30.43.68

Last Seen: 2024-04-21

GeneralInformation

Vulnerabilities

OpenPorts

-119375469 | 2024-04-12T05:21:29.834977 80 / tcp

Microsoft IIS httpd7.5

-740939326 | 2024-04-21T01:01:32.250257 135 / tcp

Microsoft RPC Endpoint Mapper

Products

Pricing

Contact Us

-119375469 | 2024-04-12T05:21:29.834977
80 / tcp

-740939326 | 2024-04-21T01:01:32.250257
135 / tcp