GeneralInformation

Hostnames	bamberger-hegelwoche.de www.bamberger-hegelwoche.de uni-bamberg.de blog.uni-bamberg.de baurz24.urz.uni-bamberg.de www-test.uni-bamberg.de dev.www.uni-bamberg.de test.www.uni-bamberg.de uniba.de
Domains	bamberger-hegelwoche.de uni-bamberg.de uniba.de
Country	Germany
City	Bamberg
Organization	Otto-Friedrich-Universitaet Bamberg
ISP	Verein zur Foerderung eines Deutschen Forschungsnetzes e.V.
ASN	AS680
Operating System	Ubuntu

WebTechnologies

CMS

TYPO3 CMS

Programming languages

PHP

SecurityContact

Contact	it-sicherheit@uni-bamberg.de
Expires	2026-12-30T23:00:00.000Z

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

80 443 8010

677579724 | 2024-05-06T16:59:41.924311

80 / tcp

HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 06 May 2024 16:59:41 GMT
Content-Type: text/html
Content-Length: 564
Connection: keep-alive

104684046 | 2024-05-04T08:32:27.642909

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 08:32:26 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 86589
Connection: keep-alive
Content-Language: de
Content-Security-Policy: default-src 'self' *.uni-bamberg.de zammad.rz.uni-bamberg.de api.rz.uni-bamberg.de public-tickets--cmdb-k843-2-dev.rproxy.it-fopro.uni-bamberg.de www-daten-i1656.rproxy.it-fopro.uni-bamberg.de tandem-bot.institut-ida.de cdn.botframework.com *.infogram.com *.mapbox.com scontent.cdninstagram.com platform.twitter.com *.twitter.com *.twimg.com *.facebook.net *.unity3d.com 'unsafe-inline' 'unsafe-eval' blob: data: wss:; script-src 'self' *.uni-bamberg.de zammad.rz.uni-bamberg.de api.rz.uni-bamberg.de public-tickets--cmdb-k843-2-dev.rproxy.it-fopro.uni-bamberg.de www-daten-i1656.rproxy.it-fopro.uni-bamberg.de tandem-bot.institut-ida.de cdn.botframework.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' *.uni-bamberg.de tandem-bot.institut-ida.de cdn.botframework.com *.infogram.com *.mapbox.com scontent.cdninstagram.com platform.twitter.com *.twitter.com *.twimg.com *.facebook.net *.unity3d.com 'unsafe-inline' 'unsafe-eval' blob: data:; frame-src *; object-src 'none'; frame-ancestors 'self' *.ddev.site https://*.uni-bamberg.de
Strict-Transport-Security: max-age=63072000; includeSubDomains
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: SAMEORIGIN
Link: </_frontend/siteunibamberg/bundled/js/runtime.bd67870f.js?1709202896>; rel="preload"; as="script",</_frontend/siteunibamberg/bundled/js/755.b5bfd8a7.js?1702983672>; rel="preload"; as="script",</_frontend/siteunibamberg/bundled/js/main.e8ceadd4.js?1702983672>; rel="preload"; as="script",</_frontend/siteunibamberg/bundled/css/screen.af6d1873.css?1709202896>; rel="preload"; as="style"
Vary: Accept-Encoding
X-UA-Compatible: IE=edge
X-Content-Type-Options: nosniff
X-Varnish: 100412320 88028939
Age: 332732
Via: 1.1 varnish (Varnish/6.6)
X-Forwarded-For-uniba: 224.161.150.0, 172.31.0.1, 127.0.0.1, 127.0.0.1
X-Cache: HIT
Accept-Ranges: bytes

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:9d:c3:32:08:c3:a5:3c:b2:67:1c:8d:39:ac:e9:88:1c:39
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Apr 30 08:52:25 2024 GMT
            Not After : Jul 29 08:52:24 2024 GMT
        Subject: CN=bamberger-hegelwoche.de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:a2:f2:cb:6f:02:f0:e1:50:85:3a:55:c7:c9:9d:
                    73:78:3c:5a:c4:94:33:e2:59:f9:75:c7:74:2d:6d:
                    1a:18:ad:ab:02:a0:c1:16:66:4c:0b:a1:e5:c7:cd:
                    68:70:7d:dd:b2:8b:59:9e:6f:d1:4f:ac:59:fd:98:
                    c7:c3:50:49:eb:41:8d:a8:40:7a:00:85:00:20:98:
                    e3:ed:65:5d:cf:df:34:ba:26:7f:b7:bd:ef:0b:be:
                    63:c1:89:dd:d0:8d:4c:6a:bb:aa:09:94:e3:06:3e:
                    e9:0b:43:88:fd:6b:f6:7f:95:a2:40:9f:f3:72:49:
                    48:ab:07:58:55:26:83:25:24:49:b1:41:95:df:43:
                    bc:ad:05:a8:50:e6:d4:27:8d:09:59:71:fd:00:14:
                    64:6d:4f:d0:10:2d:88:00:85:45:96:96:05:85:e3:
                    c3:7e:a7:ae:46:e4:54:8d:17:0a:6f:c6:93:77:01:
                    85:d0:bf:39:b9:70:9c:7b:24:7b:ba:3f:6b:82:f2:
                    7b:ce:9f:7d:0c:f7:c3:89:5f:5c:a8:5b:7e:ad:66:
                    e9:ec:5e:84:d2:08:66:50:2c:52:50:ce:9f:4b:56:
                    91:bc:a0:22:de:f4:00:ba:d1:60:c5:24:b1:05:64:
                    c0:58:db:cf:3a:ae:94:5b:88:ec:66:bd:7e:43:0c:
                    29:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                41:E0:A8:8A:5D:B6:B1:4F:84:B0:B7:57:0E:CB:66:15:06:A5:99:6A
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:bamberger-hegelwoche.de
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
                                ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
                    Timestamp : Apr 30 09:52:25.728 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:D0:CD:8E:6D:F1:A0:28:35:85:40:85:
                                87:10:C9:78:2B:F3:3D:91:44:34:8B:13:C1:49:75:D2:
                                A6:5A:2F:D2:8B:02:20:38:69:AC:0A:81:22:E5:E6:74:
                                14:4B:EE:D4:88:9D:5D:F1:AF:27:F4:50:E8:A6:32:9A:
                                2C:97:E3:D7:6A:F0:8B
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 19:98:10:71:09:F0:D6:52:2E:30:80:D2:9E:3F:64:BB:
                                83:6E:28:CC:F9:0F:52:8E:EE:DF:CE:4A:3F:16:B4:CA
                    Timestamp : Apr 30 09:52:25.767 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:81:B7:EB:3E:52:8F:0A:94:10:B3:73:
                                87:C9:FA:C4:71:8D:15:B2:FC:DC:C8:BC:4C:8F:51:4A:
                                86:61:FA:30:C7:02:20:09:33:27:9A:B0:09:6E:5A:F5:
                                8F:20:3C:26:F6:95:E2:D3:3E:7E:ED:28:FA:74:65:C9:
                                0E:82:1D:C4:42:AF:D2
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        99:2e:9f:5c:ee:cf:a6:5f:6d:36:92:7b:76:6f:cc:12:9f:54:
        fe:63:f4:88:58:b2:e0:24:ca:cf:e8:8d:b7:6f:5a:25:3e:c8:
        31:bd:e4:0e:31:4f:0d:40:ae:3f:f9:b9:9e:d7:d2:b6:ef:e6:
        dd:ec:bd:f7:46:64:af:6b:54:db:9d:9e:02:15:e6:29:6a:66:
        b9:b7:b5:49:a9:7c:b8:bd:83:0d:47:a3:80:7e:ae:e6:97:f5:
        6f:90:13:c2:eb:64:e4:66:3c:ea:f4:1e:0d:59:61:34:45:84:
        c2:fd:3e:24:78:80:9e:d9:27:cc:62:50:ee:a4:46:e6:b9:97:
        72:b0:02:04:07:3f:10:73:39:69:50:e4:07:13:f9:9f:19:45:
        8c:6a:1e:f3:4c:27:6d:f2:83:86:5b:eb:53:2e:7c:96:b7:a0:
        5d:4d:cc:71:41:08:fe:72:82:23:f9:4b:c8:a7:58:13:6c:5b:
        83:bb:75:ad:ca:44:79:81:5e:38:ce:df:d0:d6:9d:fb:a2:c6:
        cb:91:0d:02:d0:dd:5a:ce:93:71:db:b4:2c:95:1d:05:22:13:
        d9:82:78:f8:6b:3a:c8:0d:69:d8:a9:8c:cd:3a:71:79:9a:85:
        e3:bc:a8:ba:07:30:36:e4:13:6d:d7:de:14:68:8e:ce:43:2e:
        bb:10:8e:b6

141.13.240.24

Last Seen: 2024-05-06

Tags:

GeneralInformation

WebTechnologies

SecurityContact

Vulnerabilities

OpenPorts

677579724 | 2024-05-06T16:59:41.924311
80 / tcp

nginx1.18.0

104684046 | 2024-05-04T08:32:27.642909
443 / tcp

nginx1.18.0

Products

Pricing

Contact Us

141.13.240.24

Last Seen: 2024-05-06

Tags:

GeneralInformation

WebTechnologies

SecurityContact

Vulnerabilities

OpenPorts

677579724 | 2024-05-06T16:59:41.924311 80 / tcp

nginx1.18.0

104684046 | 2024-05-04T08:32:27.642909 443 / tcp

nginx1.18.0

Products

Pricing

Contact Us

677579724 | 2024-05-06T16:59:41.924311
80 / tcp

104684046 | 2024-05-04T08:32:27.642909
443 / tcp