GeneralInformation

Hostnames	dedicated.vsys.host
Domains	vsys.host
Country	Ukraine
City	Kyiv
Organization	Virtual Systems LLC
ISP	Virtual Systems LLC
ASN	AS30860
Operating System	Ubuntu

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2019-11072	7.5lighttpd before 1.4.54 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malicious HTTP GET request, as demonstrated by mishandling of /%2F? in burl_normalize_2F_to_slash_fix in burl.c. NOTE: The developer states "The feature which can be abused to cause the crash is a new feature in lighttpd 1.4.50, and is not enabled by default. It must be explicitly configured in the config file (e.g. lighttpd.conf). Certain input will trigger an abort() in lighttpd when that feature is enabled. lighttpd detects the underflow or realloc() will fail (in both 32-bit and 64-bit executables), also detected in lighttpd. Either triggers an explicit abort() by lighttpd. This is not exploitable beyond triggering the explicit abort() with subsequent application exit.
CVE-2018-19052	5.0An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. There is potential ../ path traversal of a single directory above an alias target, with a specific mod_alias configuration where the matched alias lacks a trailing '/' character, but the alias target filesystem path does have a trailing '/' character.
CVE-2014-0160	5.0The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.

OpenPorts

22 25 80 111 2083 8880

1553992141 | 2024-04-13T16:04:24.496785

22 / tcp

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.7
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABAQDOyqtu843EdTKD/MPj3RbQKunrlA6YdE/pWH56c6K4atAS
b76k3w+zRNPAEP4nO1D9h0+ATI34Psp5YmxjENuoYdPFJeiW+2RRAYMrBM+UZB++TIhiqHwOo1hZ
cPsLE3ie6NHChqdsKzYhzNGLeQ6bZUUtKyUYuNPxoTe9LJFT+MDWBhY0YBOCufqKa0klHdiMmoeC
S8POIDPr2ReKaVuL9+A1+HzBQLlydJajV2yxR6nTS553ffrWdsTitr1XFCyJQr4cAxW1RG7GVuFB
uBw+OBsBOydq+brN5pYQHLJBNxlgheaxi06bnM2IHSLOr8lTwbQPW4I6sH9Bqw3M6He7
Fingerprint: e8:22:bb:3f:25:b1:60:17:88:56:e1:d2:4f:0e:ec:7d

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	diffie-hellman-group14-sha1

Server Host Key Algorithms:
	ssh-rsa
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

-1764682294 | 2024-04-11T23:29:05.187666

25 / tcp

220 ubuntu ESMTP Postfix (Ubuntu)
250-ubuntu
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 SMTPUTF8

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:41:da:3c:a2:a5:ab:b8:0f:36:a0:4b:82:80:d9:01:58:2b:67:cd
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ubuntu
        Validity
            Not Before: Jan 29 06:02:35 2020 GMT
            Not After : Jan 26 06:02:35 2030 GMT
        Subject: CN=ubuntu
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:9b:5e:d9:fb:87:4d:6a:28:bc:6c:8f:44:91:4b:
                    0f:4a:54:84:ad:70:25:13:da:61:36:7e:37:21:13:
                    2a:85:89:91:c1:8b:ae:75:03:f5:6b:2d:cc:36:35:
                    29:99:81:12:64:3e:db:30:5e:ac:a6:b2:76:89:25:
                    b1:b2:1c:ff:d0:10:e5:87:b5:c0:ad:de:ee:e3:c3:
                    d0:81:ff:07:7a:47:f8:cd:85:83:b3:20:31:b0:8f:
                    3f:de:3c:50:5d:12:46:c4:bb:39:0c:93:b8:ed:d8:
                    12:3c:47:f1:d3:46:24:f2:34:95:d4:11:3d:a2:46:
                    26:81:a1:9b:4c:a1:e3:e1:12:60:ef:3f:ef:d8:4b:
                    b7:93:00:88:5d:da:a5:cb:01:40:06:2f:7e:47:fa:
                    0d:b8:f6:4d:59:b5:94:4a:cc:76:21:50:ee:a5:ee:
                    31:4d:d1:a9:24:a4:ae:e9:ac:a6:f0:55:91:2d:ca:
                    4d:2d:aa:44:15:c6:c7:a2:4f:90:cb:9c:9b:0c:20:
                    a3:7c:e7:e9:ef:91:0d:dc:5f:0a:b0:be:be:97:dd:
                    5d:e9:d0:14:f6:2d:8e:0f:a6:a8:84:92:11:73:70:
                    71:39:55:b0:51:8d:b0:7d:a6:61:39:5d:1b:34:f9:
                    fe:2d:ec:69:89:d3:f7:76:ed:18:d8:67:ba:6b:25:
                    0c:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
            X509v3 Subject Alternative Name: 
                DNS:ubuntu
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        6b:0e:ce:0d:1c:28:3c:6b:a0:70:80:70:94:71:6c:72:c1:4a:
        aa:f9:4a:5f:b2:ca:71:04:a6:2f:33:f5:26:bb:17:06:6c:b0:
        43:30:72:b4:fe:53:53:69:38:81:3b:65:1e:55:d8:07:9e:3b:
        c4:fd:b7:82:4d:e1:51:3d:44:e6:73:e9:b8:27:ed:e4:aa:8c:
        39:a3:36:01:f0:4f:e6:b6:5b:e8:82:d4:2b:e6:b4:2c:da:ec:
        4a:02:6c:0f:29:27:0d:21:1c:18:d0:07:3f:68:c8:be:bb:d2:
        ff:9f:bb:57:62:1a:42:3f:0a:95:5f:ae:e3:26:82:c2:6e:09:
        43:17:93:a2:39:2a:ba:ba:da:68:ae:fa:c1:01:0e:28:5e:21:
        5b:74:bd:ca:9b:bf:62:d2:f4:8a:fc:40:16:c9:1e:24:67:e8:
        22:b0:d0:be:a3:34:d3:7e:a2:8e:58:5e:cd:a9:c3:d1:13:dd:
        9e:0d:e3:41:08:f5:b6:21:ab:91:57:2f:f4:cb:71:17:ec:5e:
        ee:b2:d5:9e:45:bf:f1:54:0c:14:f4:71:c4:22:89:d0:e7:01:
        ae:0a:35:b0:48:6a:c9:de:f2:5f:91:c2:2a:64:4d:d4:99:71:
        19:3a:f8:d6:30:b3:ad:4e:5a:55:fc:4b:6c:3d:ff:e7:29:3f:
        1f:58:44:13

1845118841 | 2024-04-02T07:24:58.267814

80 / tcp

HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Type: text/html
Accept-Ranges: bytes
ETag: "171549366"
Last-Modified: Wed, 29 Jan 2020 06:03:00 GMT
Content-Length: 10918
Date: Tue, 02 Apr 2024 07:24:57 GMT
Server: lighttpd/1.4.45

574220069 | 2024-03-23T16:26:45.562294

111 / tcp

Portmap
Program	Version	Protocol	Port
portmapper	4	tcp	111
portmapper	3	tcp	111
portmapper	2	tcp	111
portmapper	4	udp	111
portmapper	3	udp	111
portmapper	2	udp	111
mountd	1	udp	37756
mountd	1	tcp	35499
mountd	2	udp	35438
mountd	2	tcp	49259
mountd	3	udp	47051
mountd	3	tcp	43103
nfs	3	tcp	2049
nfs	4	tcp	2049
100227	3	tcp	2049
nfs	3	udp	2049
100227	3	udp	2049
nlockmgr	1	udp	53513
nlockmgr	3	udp	53513
nlockmgr	4	udp	53513
nlockmgr	1	tcp	43831
nlockmgr	3	tcp	43831
nlockmgr	4	tcp	43831

164996794 | 2024-04-12T04:29:35.814066

111 / udp

Portmap
Program	Version	Protocol	Port
portmapper	4	tcp	111
portmapper	3	tcp	111
portmapper	2	tcp	111
portmapper	4	udp	111
portmapper	3	udp	111
portmapper	2	udp	111
mountd	1	udp	46798
mountd	1	tcp	51437
mountd	2	udp	42376
mountd	2	tcp	41187
mountd	3	udp	51266
mountd	3	tcp	52305
nfs	3	tcp	2049
nfs	4	tcp	2049
100227	3	tcp	2049
nfs	3	udp	2049
100227	3	udp	2049
nlockmgr	1	udp	36637
nlockmgr	3	udp	36637
nlockmgr	4	udp	36637
nlockmgr	1	tcp	38399
nlockmgr	3	tcp	38399
nlockmgr	4	tcp	38399

723451722 | 2024-04-10T09:27:21.099209

2083 / tcp

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 10 Apr 2024 09:27:21 GMT
Content-Type: text/html; charset=UTF-8
Connection: close

SSL Certificate

Certificate:
    Data:
        Version: 1 (0x0)
        Serial Number:
            dd:b8:f3:6d:c7:d3:26:0a
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=UK, ST=Warwickshire, L=Leamington, O=OrgName, OU=IT Department, CN=catchup.thenew.tv
        Validity
            Not Before: Aug  9 00:09:39 2019 GMT
            Not After : Aug  8 00:09:39 2020 GMT
        Subject: C=UK, ST=Warwickshire, L=Leamington, O=OrgName, OU=IT Department, CN=catchup.thenew.tv
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:bb:68:7b:8a:6e:65:58:34:39:95:fb:03:e9:0a:
                    a8:68:f5:15:6a:b4:a7:49:59:f4:42:19:ed:3d:8b:
                    6d:7d:27:0d:ee:fc:04:f1:b7:48:16:66:21:fd:08:
                    bd:62:a9:d0:67:16:ad:ba:f4:54:04:6e:31:08:cd:
                    66:63:3c:b4:7d:ce:3e:27:df:c4:9c:09:a8:a1:ca:
                    e7:dc:04:89:0a:b4:60:5d:35:63:62:32:5f:81:86:
                    ff:a4:6f:68:28:aa:4d:af:4e:b8:5e:2e:83:e1:33:
                    76:f4:91:31:de:38:39:f0:c1:28:74:14:5f:69:53:
                    cd:52:ce:51:64:f1:f3:92:a7:2e:8d:1f:2d:d2:a0:
                    63:0f:6b:6a:a7:64:25:74:7e:bb:d3:ca:61:d5:b2:
                    6f:64:59:f7:d9:9f:05:c4:1c:05:9c:8e:6a:4d:aa:
                    cb:8f:2a:84:7c:b7:1f:98:4c:ca:62:18:22:46:cc:
                    c1:36:22:cd:40:b0:cf:20:40:e5:70:98:0f:ff:8e:
                    20:f4:27:97:eb:69:0f:a7:fe:88:7c:f9:87:ed:91:
                    3f:16:e9:3b:8d:32:2b:a5:b8:84:e1:48:96:5d:93:
                    4e:2b:44:73:1b:77:8f:a1:62:f5:d6:c4:92:be:63:
                    58:77:8d:2e:46:cb:e1:0a:33:1e:eb:c2:4a:58:58:
                    cc:69
                Exponent: 65537 (0x10001)
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        4a:f9:43:fe:48:de:ea:93:d7:fa:77:5b:2f:37:df:00:11:81:
        18:54:19:b5:ce:b2:87:94:47:39:fe:25:49:dc:3a:91:13:79:
        7c:9c:68:9d:59:47:a7:fb:0b:1d:e7:f6:bb:5a:94:67:2f:fb:
        bd:bd:85:8e:3d:e6:f8:86:eb:32:51:c5:8e:e1:8d:c1:30:4b:
        eb:3b:5a:6f:70:db:0e:54:58:6b:46:b1:3a:05:ab:a9:8e:a1:
        74:d1:ac:95:8c:12:62:2e:40:11:63:c5:92:91:ed:c6:d5:89:
        6a:e8:4e:ce:cc:fe:cb:85:0b:0e:bf:03:a6:46:4b:2d:64:e9:
        fc:b1:05:9a:16:12:ed:c5:c6:5e:6f:70:cd:84:ef:7d:bf:ca:
        2b:b6:d5:d7:18:1b:0e:14:da:a4:ab:a4:a3:19:75:d7:03:5e:
        30:b8:7e:05:01:91:38:f2:8a:d8:4e:da:a7:22:28:13:5a:1a:
        4d:79:cf:70:e4:6b:ff:15:3a:ee:81:46:d8:1b:18:9b:cd:5f:
        fb:e6:ac:a0:1d:76:a1:1e:ce:8a:b2:0b:a1:47:f7:01:e8:6b:
        66:4c:4e:50:9c:ff:40:bf:ab:b0:9c:cb:47:80:a7:e1:22:08:
        8b:01:a5:de:d1:8c:b4:3e:b5:22:c4:78:7d:3e:02:f2:73:b0:
        dd:65:47:09

-1785342032 | 2024-04-03T00:29:09.189504

8880 / tcp

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 03 Apr 2024 00:29:09 GMT
Content-Type: text/html; charset=UTF-8
Connection: close

Xtream Codes Reborn

152.89.62.105

Last Seen: 2024-04-13

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1553992141 | 2024-04-13T16:04:24.496785
22 / tcp

OpenSSH7.6p1 Ubuntu-4ubuntu0.7

-1764682294 | 2024-04-11T23:29:05.187666
25 / tcp

Postfix smtpd

1845118841 | 2024-04-02T07:24:58.267814
80 / tcp

lighttpd1.4.45

574220069 | 2024-03-23T16:26:45.562294
111 / tcp

164996794 | 2024-04-12T04:29:35.814066
111 / udp

723451722 | 2024-04-10T09:27:21.099209
2083 / tcp

nginx

-1785342032 | 2024-04-03T00:29:09.189504
8880 / tcp

nginx

Products

Pricing

Contact Us

152.89.62.105

Last Seen: 2024-04-13

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1553992141 | 2024-04-13T16:04:24.496785 22 / tcp

OpenSSH7.6p1 Ubuntu-4ubuntu0.7

-1764682294 | 2024-04-11T23:29:05.187666 25 / tcp

Postfix smtpd

1845118841 | 2024-04-02T07:24:58.267814 80 / tcp

lighttpd1.4.45

574220069 | 2024-03-23T16:26:45.562294 111 / tcp

164996794 | 2024-04-12T04:29:35.814066 111 / udp

723451722 | 2024-04-10T09:27:21.099209 2083 / tcp

nginx

-1785342032 | 2024-04-03T00:29:09.189504 8880 / tcp

nginx

Products

Pricing

Contact Us

1553992141 | 2024-04-13T16:04:24.496785
22 / tcp

-1764682294 | 2024-04-11T23:29:05.187666
25 / tcp

1845118841 | 2024-04-02T07:24:58.267814
80 / tcp

574220069 | 2024-03-23T16:26:45.562294
111 / tcp

164996794 | 2024-04-12T04:29:35.814066
111 / udp

723451722 | 2024-04-10T09:27:21.099209
2083 / tcp

-1785342032 | 2024-04-03T00:29:09.189504
8880 / tcp