GeneralInformation

Hostnames	h-155-4-246-96.A444.priv.bahnhof.se tidreg.steamwerx.se
Domains	bahnhof.se steamwerx.se
Country	Sweden
City	Stockholm
Organization	Bahnhof AB, Sweden
ISP	Bahnhof AB
ASN	AS8473

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-3824	In PHP version 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE.
CVE-2023-3823	In PHP versions 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8 various XML functions rely on libxml global state to track configuration variables, like whether external entities are loaded. This state is assumed to be unchanged unless the user explicitly changes it by calling appropriate function. However, since the state is process-global, other modules - such as ImageMagick - may also use this library within the same process, and change that global state for their internal purposes, and leave it in a state where external entities loading is enabled. This can lead to the situation where external XML is parsed with external entities loaded, which can lead to disclosure of any local files accessible to PHP. This vulnerable state may persist in the same process across many requests, until the process is shut down.
CVE-2023-3247	In PHP versions 8.0.* before 8.0.29, 8.1.* before 8.1.20, 8.2.* before 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for failure, and was using narrower range of values than it should have. In case of random generator failure, it could lead to a disclosure of 31 bits of uninitialized memory from the client to the server, and it also made easier to a malicious server to guess the client's nonce.
CVE-2013-2220	7.5Buffer overflow in the radius_get_vendor_attr function in the Radius extension before 1.2.7 for PHP allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large Vendor Specific Attributes (VSA) length value.
CVE-2007-3205	5.0The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin.

OpenPorts

21 25 80 110 143 443 3000 3306 32400

1090329081 | 2024-05-04T08:00:46.383525

21 / tcp

220-FileZilla Server 0.9.60 beta
220-written by Tim Kosse (tim.kosse@filezilla-project.org)
220 Please visit https://filezilla-project.org/
530 Login or password incorrect!
214-The following commands are recognized:
   ABOR   ADAT   ALLO   APPE   AUTH   CDUP   CLNT   CWD 
   DELE   EPRT   EPSV   FEAT   HASH   HELP   LIST   MDTM
   MFMT   MKD    MLSD   MLST   MODE   NLST   NOOP   NOP 
   OPTS   PASS   PASV   PBSZ   PORT   PROT   PWD    QUIT
   REST   RETR   RMD    RNFR   RNTO   SITE   SIZE   STOR
   STRU   SYST   TYPE   USER   XCUP   XCWD   XMKD   XPWD
   XRMD
214 Have a nice day.
211-Features:
 MDTM
 REST STREAM
 SIZE
 MLST type*;size*;modify*;
 MLSD
 UTF8
 CLNT
 MFMT
 EPSV
 EPRT
211 End

-1202101260 | 2024-04-16T16:13:25.566044

25 / tcp

220 komponentkungen.se ESMTP
250-komponentkungen.se
250-SIZE 20480000
250-AUTH LOGIN PLAIN
250 HELP

-1132822417 | 2024-05-02T07:44:07.234979

80 / tcp

HTTP/1.1 403 Forbidden
Date: Thu, 02 May 2024 07:44:07 GMT
Server: Apache/2.4
Content-Length: 10
Content-Type: text/html; charset=iso-8859-1

-1283034168 | 2024-04-26T19:33:05.725968

110 / tcp

+OK POP3
+OK CAPA list follows
USER
UIDL
TOP
.

27672397 | 2024-05-01T18:12:44.601481

143 / tcp

* OK IMAPrev1
* CAPABILITY IMAP4 IMAP4rev1 CHILDREN IDLE QUOTA SORT ACL NAMESPACE RIGHTS=texk
A001 OK CAPABILITY completed
A002 BAD Unknown or NULL command
A003 BAD Unknown or NULL command
* BYE Have a nice day
A004 OK Logout completed

-1047154564 | 2024-04-30T02:22:58.265232

443 / tcp

HTTP/1.1 200 OK
Date: Tue, 30 Apr 2024 02:22:58 GMT
Server: Apache/2.4
X-Powered-By: PHP/8.0.28
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=me5j9ud9refqbfdnjl7at17r10; expires=Tue, 30-Apr-2024 12:22:58 GMT; Max-Age=36000; path=/
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:25:c6:73:51:d3:bc:0e:56:33:e1:8b:31:a9:49:28:06:a4
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Apr 15 06:49:00 2024 GMT
            Not After : Jul 14 06:48:59 2024 GMT
        Subject: CN=tidreg.steamwerx.se
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (3072 bit)
                Modulus:
                    00:89:cf:6c:4f:4e:21:26:7e:42:60:96:a8:dd:18:
                    33:b8:61:e2:c6:78:d5:0e:38:11:70:84:5d:91:e2:
                    11:ee:43:1d:2f:93:58:85:ad:93:f2:0c:12:b7:71:
                    3b:34:62:ea:46:ed:d1:b1:09:0f:d2:1b:92:13:91:
                    9c:d4:4c:14:9c:8d:ba:0a:5b:0c:79:f7:7e:c7:39:
                    9b:03:c1:23:36:5f:a3:9a:62:09:21:10:b4:35:4e:
                    65:51:df:25:6a:95:5d:48:f8:c8:11:2b:56:94:f2:
                    d2:dd:47:94:4a:91:81:b0:25:5e:3a:a5:fe:25:fb:
                    be:80:a9:8a:0c:85:0f:3d:cd:20:94:a4:f0:ba:f0:
                    65:f7:82:9c:e8:b8:4d:9b:01:0a:56:af:be:ca:6b:
                    a5:78:35:2c:ce:a6:6e:1c:dc:70:6c:a8:c1:e0:8b:
                    da:39:ee:3e:08:e0:28:b0:a3:39:43:d5:d6:bb:da:
                    d3:f1:98:04:c5:b0:3e:e5:b0:4f:df:43:84:09:14:
                    72:a9:7d:52:81:f1:bf:9b:1c:e1:11:5e:f8:94:6a:
                    53:ef:a9:c5:df:70:e6:8c:40:50:42:33:83:71:f4:
                    c3:53:97:ab:5c:fc:79:c6:a6:1a:9d:40:5e:45:80:
                    f8:d3:a0:48:37:f8:e5:82:a5:28:39:e5:8e:a8:87:
                    84:9e:c0:30:36:16:0f:1d:a1:16:44:f2:db:59:4a:
                    8f:80:7b:4e:39:05:62:b3:d9:83:46:1e:8b:6a:49:
                    05:aa:0c:c3:16:30:38:26:ce:a5:fa:e3:76:81:a3:
                    73:48:c5:92:8e:09:e5:3e:f0:9f:c3:68:cd:b7:f9:
                    ff:df:b0:47:21:b6:34:c0:91:b8:3f:44:75:3f:41:
                    39:d2:23:27:41:df:db:f2:3d:5e:1f:45:1b:c5:1c:
                    02:a4:6b:03:8f:5e:80:15:df:e5:44:e6:ef:92:a0:
                    8a:ea:1d:de:cc:25:8d:f9:d6:24:01:2a:ec:39:d3:
                    b8:5a:72:9e:74:75:00:48:72:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                82:01:90:11:9E:C3:DE:72:BF:81:0D:AC:D0:43:FF:89:46:FB:1F:59
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:tidreg.steamwerx.se
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
                                ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
                    Timestamp : Apr 15 07:49:00.199 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:08:DA:C4:91:3A:04:C8:8C:17:39:9D:E3:
                                CB:D1:A9:6C:65:FC:08:FB:AA:FA:55:68:C2:34:82:4B:
                                CA:10:2B:DF:02:20:73:61:51:0C:CB:1F:5A:1C:68:ED:
                                DF:21:2A:36:C6:1F:64:51:EE:69:41:02:83:48:86:02:
                                EB:BB:B3:8C:8D:F9
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Apr 15 07:49:00.184 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:2C:ED:5A:0A:81:D9:0B:4C:07:C6:83:75:
                                FE:66:41:D5:EE:B9:01:6E:DF:0B:97:D0:29:11:5D:84:
                                A5:AE:A7:DC:02:21:00:A5:05:E1:28:00:9D:66:EB:96:
                                CE:17:64:E8:F5:72:B6:DF:52:BA:07:87:C6:CC:13:64:
                                27:08:5E:3C:41:37:87
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        23:63:f5:96:f2:5e:88:88:3a:06:c2:6e:38:0b:f7:3a:21:a0:
        89:79:e6:c1:bb:0b:1d:3d:11:31:c6:58:c9:7a:d1:ec:b9:44:
        7b:b2:7d:01:d0:02:db:b0:3b:df:de:1b:07:55:bd:df:96:01:
        5f:9c:df:74:8e:1f:9d:d3:40:c3:11:51:a7:8d:f5:eb:3a:84:
        fb:93:9b:9c:96:77:03:f1:76:49:a6:59:66:12:19:d7:41:4c:
        8c:44:2b:10:77:57:b3:d3:55:3f:22:72:4f:d2:e4:2c:2e:09:
        39:36:d8:bb:aa:67:a3:6d:cc:d9:ec:25:3a:e9:b0:1c:9f:50:
        16:fc:aa:35:bc:29:3c:c0:78:ba:38:68:9c:f3:c6:98:d5:83:
        c2:69:63:92:80:e7:5a:3c:4d:50:a6:03:52:67:a0:1e:7f:8d:
        80:2f:8e:4b:a5:60:b5:b5:90:aa:46:e7:c4:35:e7:ef:35:96:
        d3:e2:1d:43:73:da:fb:ab:da:d6:a8:c4:95:76:34:91:00:98:
        c1:b6:03:6f:4a:9a:64:34:b5:bb:ec:ae:bf:02:99:91:77:e1:
        c2:3c:32:a0:20:d0:23:37:07:1c:53:40:83:3d:60:a3:49:6c:
        43:1b:a5:0a:34:41:bc:d7:d6:4a:b5:2b:97:f5:e4:2a:a9:20:
        52:c9:40:bb

-239877576 | 2024-05-05T04:46:11.369674

3000 / tcp

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
X-Frame-Options: deny
X-Xss-Protection: 1; mode=block
Date: Sun, 05 May 2024 04:46:11 GMT
Transfer-Encoding: chunked

-156795458 | 2024-04-29T05:27:52.812467

3306 / tcp

MySQL:
  Protocol Version: 10
  Version: 5.7.31-log
  Capabilities: 65535
  Server Language: 8
  Server Status: 2
  Extended Server Capabilities: 49663
  Authentication Plugin: mysql_native_password

1524593440 | 2024-05-01T01:54:40.935100

32400 / tcp

HTTP/1.1 401 Unauthorized
X-Plex-Protocol: 1.0
Content-Length: 193
Content-Type: text/html
Connection: close
Cache-Control: no-cache
Date: Wed, 01 May 2024 01:54:06 GMT


Plex Media Server:
  Version: 1.31.1.6733-bc0674160
  Machine Identifier: 036ca74aa8811b13536c4c1011861369012eca4b

155.4.246.96

Last Seen: 2024-05-05

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1090329081 | 2024-05-04T08:00:46.383525
21 / tcp

-1202101260 | 2024-04-16T16:13:25.566044
25 / tcp

-1132822417 | 2024-05-02T07:44:07.234979
80 / tcp

Apache httpd2.4

-1283034168 | 2024-04-26T19:33:05.725968
110 / tcp

27672397 | 2024-05-01T18:12:44.601481
143 / tcp

-1047154564 | 2024-04-30T02:22:58.265232
443 / tcp

Apache httpd2.4

-239877576 | 2024-05-05T04:46:11.369674
3000 / tcp

Grafana (Enterprise)9.5.2

-156795458 | 2024-04-29T05:27:52.812467
3306 / tcp

MySQL5.7.31-log

1524593440 | 2024-05-01T01:54:40.935100
32400 / tcp

Plex Media Server1.31.1.6733-bc0674160

Products

Pricing

Contact Us

155.4.246.96

Last Seen: 2024-05-05

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1090329081 | 2024-05-04T08:00:46.383525 21 / tcp

-1202101260 | 2024-04-16T16:13:25.566044 25 / tcp

-1132822417 | 2024-05-02T07:44:07.234979 80 / tcp

Apache httpd2.4

-1283034168 | 2024-04-26T19:33:05.725968 110 / tcp

27672397 | 2024-05-01T18:12:44.601481 143 / tcp

-1047154564 | 2024-04-30T02:22:58.265232 443 / tcp

Apache httpd2.4

-239877576 | 2024-05-05T04:46:11.369674 3000 / tcp

Grafana (Enterprise)9.5.2

-156795458 | 2024-04-29T05:27:52.812467 3306 / tcp

MySQL5.7.31-log

1524593440 | 2024-05-01T01:54:40.935100 32400 / tcp

Plex Media Server1.31.1.6733-bc0674160

Products

Pricing

Contact Us

1090329081 | 2024-05-04T08:00:46.383525
21 / tcp

-1202101260 | 2024-04-16T16:13:25.566044
25 / tcp

-1132822417 | 2024-05-02T07:44:07.234979
80 / tcp

-1283034168 | 2024-04-26T19:33:05.725968
110 / tcp

27672397 | 2024-05-01T18:12:44.601481
143 / tcp

-1047154564 | 2024-04-30T02:22:58.265232
443 / tcp

-239877576 | 2024-05-05T04:46:11.369674
3000 / tcp

-156795458 | 2024-04-29T05:27:52.812467
3306 / tcp

1524593440 | 2024-05-01T01:54:40.935100
32400 / tcp