GeneralInformation

Hostnames	b1cb777a43.scan.leakix.org
Domains	leakix.org
Cloud Provider	DigitalOcean
Cloud Region	us-nj
Country	United States
City	North Bergen
Organization	DigitalOcean, LLC
ISP	DigitalOcean, LLC
ASN	AS14061
Operating System	Linux

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2022-41556

A resource leak in gw_backend.c in lighttpd 1.4.56 through 1.4.66 could lead to a denial of service (connection-slot exhaustion) after a large amount of anomalous TCP behavior by clients. It is related to RDHUP mishandling in certain HTTP/1.1 chunked situations. Use of mod_fastcgi is, for example, affected. This is fixed in 1.4.67.

CVE-2022-22707

4.3In lighttpd 1.4.46 through 1.4.63, the mod_extforward_Forwarded function of the mod_extforward plugin has a stack-based buffer overflow (4 bytes representing -1), as demonstrated by remote denial of service (daemon crash) in a non-default configuration. The non-default configuration requires handling of the Forwarded header in a somewhat unusual manner. Also, a 32-bit system is much more likely to be affected than a 64-bit system.

OpenPorts

22 80

1414973554 | 2024-05-31T10:36:53.643221

22 / tcp

SSH-2.0-OpenSSH_8.4p1 Debian-5+deb11u3
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQDqg2hhFzMS5DpAsKf0ietIU8HME4Q0cIomLc6Vf5rNeeKC
9rKaKgj7te5Dq/yQxQGhcwZ8f38jBFA81SnBroeJzSRgjl1blzZWCPsCIPU/E9JwNrBeAhObb6hq
WYtVTiZrjcY9FQc9aKnWDUNj74JwMXEs5KI0H7KpMWef/z+ISeo7ferQ7/w6oJe4i4Vg+5TZoLsT
QvdXInsr9BL3Xapz0klwqdKJon8Q2fHCrcbtAqzpfhZoIvYXbA45vKWllfmGDzvPdMjDceZI7yQm
kS4WlKNM+bTW/dqc4WjGmUg9hfRKbHqSYCduUNzBO9PrmOzgczx/T9YWYg5tXAk58oIr/vkCyY7X
0MwOzNRvWmwenzcKO+OytpWGhlqr10eKvC9Xx6/VSMSgUYuhLC5IHsPXR3gr5pbb0i7oDF2zwpNP
UWxb+NtAz4scLee3GsuEJZ+SfjPY6D29ao6cLGpEZnABBJHvuyqMdTGQ7NTT6Nri3WXpnpJn+vfu
PuTln7xtawc=
Fingerprint: 2f:91:94:ea:81:8b:2b:9b:87:08:d2:13:43:b2:6d:28

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1468116451 | 2024-05-30T21:23:58.862530

80 / tcp

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Accept-Ranges: bytes
ETag: "3601479143"
Last-Modified: Tue, 28 May 2024 20:39:08 GMT
Content-Length: 1331
Date: Thu, 30 May 2024 21:23:26 GMT
Server: lighttpd/1.4.59

142.93.0.66

Last Seen: 2024-05-31

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1414973554 | 2024-05-31T10:36:53.643221
22 / tcp

OpenSSH8.4p1 Debian 5+deb11u3

1468116451 | 2024-05-30T21:23:58.862530
80 / tcp

lighttpd1.4.59

Products

Pricing

Contact Us