Hostnames |
rc-portal.xtm-intl.com 3di.rc-portal.xtm-intl.com aholland.rc-portal.xtm-intl.com anna.rc-portal.xtm-intl.com blizzard.rc-portal.xtm-intl.com crosslang.rc-portal.xtm-intl.com dragoman.rc-portal.xtm-intl.com dstrzelbicki.rc-portal.xtm-intl.com dxcacg.rc-portal.xtm-intl.com fifa.rc-portal.xtm-intl.com grant.rc-portal.xtm-intl.com grobwerke.rc-portal.xtm-intl.com kahoot.rc-portal.xtm-intl.com karolina.rc-portal.xtm-intl.com kbcbankpoc.rc-portal.xtm-intl.com kone.rc-portal.xtm-intl.com ktm.rc-portal.xtm-intl.com language.rc-portal.xtm-intl.com lingualinx.rc-portal.xtm-intl.com linkedin.rc-portal.xtm-intl.com nestle-test.rc-portal.xtm-intl.com phoenixlabs.rc-portal.xtm-intl.com precisely.rc-portal.xtm-intl.com rc.rc-portal.xtm-intl.com regression1.rc-portal.xtm-intl.com rochetest.rc-portal.xtm-intl.com selenium1.rc-portal.xtm-intl.com sony.rc-portal.xtm-intl.com tester13.rc-portal.xtm-intl.com tester2.rc-portal.xtm-intl.com thebigword.rc-portal.xtm-intl.com yumiko.rc-portal.xtm-intl.com static.245.84.203.116.clients.your-server.de |
Domains | xtm-intl.com your-server.de |
Country | Germany |
City | Nürnberg |
Organization | Hetzner Online GmbH |
ISP | Hetzner Online GmbH |
ASN | AS24940 |
Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.
CVE-2023-3824 | In PHP version 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE. |
CVE-2023-3823 | In PHP versions 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8 various XML functions rely on libxml global state to track configuration variables, like whether external entities are loaded. This state is assumed to be unchanged unless the user explicitly changes it by calling appropriate function. However, since the state is process-global, other modules - such as ImageMagick - may also use this library within the same process, and change that global state for their internal purposes, and leave it in a state where external entities loading is enabled. This can lead to the situation where external XML is parsed with external entities loaded, which can lead to disclosure of any local files accessible to PHP. This vulnerable state may persist in the same process across many requests, until the process is shut down. |
CVE-2023-3247 | In PHP versions 8.0.* before 8.0.29, 8.1.* before 8.1.20, 8.2.* before 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for failure, and was using narrower range of values than it should have. In case of random generator failure, it could lead to a disclosure of 31 bits of uninitialized memory from the client to the server, and it also made easier to a malicious server to guess the client's nonce. |
CVE-2013-2220 | 7.5Buffer overflow in the radius_get_vendor_attr function in the Radius extension before 1.2.7 for PHP allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large Vendor Specific Attributes (VSA) length value. |
CVE-2007-3205 | 5.0The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin. |