GeneralInformation

Cloud Provider	DigitalOcean
Cloud Region	in-ka
Country	India
City	Doddaballapura
Organization	DigitalOcean, LLC
ISP	DigitalOcean, LLC
ASN	AS14061
Operating System	Ubuntu

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-46118

RabbitMQ is a multi-protocol messaging and streaming broker. HTTP API did not enforce an HTTP request body limit, making it vulnerable for denial of service (DoS) attacks with very large messages. An authenticated user with sufficient credentials can publish a very large messages over the HTTP API and cause target node to be terminated by an "out-of-memory killer"-like mechanism. This vulnerability has been patched in versions 3.11.24 and 3.12.7.

CVE-2022-31008

RabbitMQ is a multi-protocol messaging and streaming broker. In affected versions the shovel and federation plugins perform URI obfuscation in their worker (link) state. The encryption key used to encrypt the URI was seeded with a predictable secret. This means that in case of certain exceptions related to Shovel and Federation plugins, reasonably easily deobfuscatable data could appear in the node log. Patched versions correctly use a cluster-wide secret for that purpose. This issue has been addressed and Patched versions: `3.10.2`, `3.9.18`, `3.8.32` are available. Users unable to upgrade should disable the Shovel and Federation plugins.

OpenPorts

22 1883 4369 5672 25672 61613

-838555916 | 2024-05-14T23:58:19.555621

22 / tcp

SSH-2.0-OpenSSH_9.0p1 Ubuntu-1ubuntu7
Key type: ecdsa-sha2-nistp256
Key: AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOpnhl9a3lcN3656V/yi9ZW/
R8jjkoIqX8bAQPqSgXwR22uESNNcd9Nf4RFK665vAvA5ztNiDEPqNOYz3E4oNpo=
Fingerprint: 63:9c:3f:57:c9:6e:6d:40:ea:ff:26:10:17:71:a4:19

Kex Algorithms:
	sntrup761x25519-sha512@openssh.com
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

-1351362334 | 2024-05-14T00:09:51.458825

1883 / tcp

MQTT Connection Code: 0

Topics:

50704379 | 2024-05-12T13:53:02.775525

4369 / tcp

Erlang Port Mapper Daemon:
  nodes:
    rabbit: 25672

1951437937 | 2024-05-13T17:45:12.916748

5672 / tcp

AMQP:
  Protocol Version: 0-9
  Product: RabbitMQ
  Product Version: 3.9.13
  Platform: Erlang/OTP 24.3.4.1
  Capabilities:
    Exchange Exchange Bindings: True
    Connection.blocked: True
    Authentication Failure Close: True
    Direct Reply To: True
    Basic.nack: True
    Per Consumer Qos: True
    Consumer Priorities: True
    Consumer Cancel Notify: True
    Publisher Confirms: True

-663368818 | 2024-04-27T03:31:34.078489

61613 / tcp

ERROR\nmessage:Illegal command\ncontent-type:text/plain\nversion:1.0,1.1,1.2\ncontent-length:35\n\nYou must log in using CONNECT first\x00\n

143.110.245.40

Last Seen: 2024-05-14

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-838555916 | 2024-05-14T23:58:19.555621
22 / tcp

OpenSSH9.0p1 Ubuntu-1ubuntu7

-1351362334 | 2024-05-14T00:09:51.458825
1883 / tcp

MQTT

50704379 | 2024-05-12T13:53:02.775525
4369 / tcp

Erlang Port Mapper Daemon

1951437937 | 2024-05-13T17:45:12.916748
5672 / tcp

RabbitMQ3.9.13

-663368818 | 2024-04-27T03:31:34.078489
61613 / tcp

RabbitMQ

Products

Pricing

Contact Us

143.110.245.40

Last Seen: 2024-05-14

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-838555916 | 2024-05-14T23:58:19.555621 22 / tcp

OpenSSH9.0p1 Ubuntu-1ubuntu7

-1351362334 | 2024-05-14T00:09:51.458825 1883 / tcp

MQTT

50704379 | 2024-05-12T13:53:02.775525 4369 / tcp

Erlang Port Mapper Daemon

1951437937 | 2024-05-13T17:45:12.916748 5672 / tcp

RabbitMQ3.9.13

-663368818 | 2024-04-27T03:31:34.078489 61613 / tcp

RabbitMQ

Products

Pricing

Contact Us

-838555916 | 2024-05-14T23:58:19.555621
22 / tcp

-1351362334 | 2024-05-14T00:09:51.458825
1883 / tcp

50704379 | 2024-05-12T13:53:02.775525
4369 / tcp

1951437937 | 2024-05-13T17:45:12.916748
5672 / tcp

-663368818 | 2024-04-27T03:31:34.078489
61613 / tcp