GeneralInformation

Hostnames	d559d155e9.scan.leakix.org
Domains	leakix.org
Cloud Provider	DigitalOcean
Cloud Region	de-he
Country	Germany
City	Frankfurt am Main
Organization	DigitalOcean, LLC
ISP	DigitalOcean, LLC
ASN	AS14061

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2022-41556

A resource leak in gw_backend.c in lighttpd 1.4.56 through 1.4.66 could lead to a denial of service (connection-slot exhaustion) after a large amount of anomalous TCP behavior by clients. It is related to RDHUP mishandling in certain HTTP/1.1 chunked situations. Use of mod_fastcgi is, for example, affected. This is fixed in 1.4.67.

CVE-2022-22707

4.3In lighttpd 1.4.46 through 1.4.63, the mod_extforward_Forwarded function of the mod_extforward plugin has a stack-based buffer overflow (4 bytes representing -1), as demonstrated by remote denial of service (daemon crash) in a non-default configuration. The non-default configuration requires handling of the Forwarded header in a somewhat unusual manner. Also, a 32-bit system is much more likely to be affected than a 64-bit system.

OpenPorts

22 80

-603504482 | 2024-05-03T18:55:39.231127

22 / tcp

SSH-2.0-OpenSSH_8.4p1 Debian-5+deb11u3
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQDB1utGt4c979Nufm7urQ+hRWUqV8TxZTFDC49MFmHnzkRb
WitdORSw0Pe0G1xvLdycfRnExZhkwGxtRuw0CbXtD6lysJ68TAYSj4nh132mCCF/6UDxOG23yHGs
SLjGfOi21criDbYvl5t42IRW6OG4V2FgFvou0h8af5r2Ww6a5XwWLBseJ1WSmX10n80vnQLuX5Qo
KL7EHTkhE+4/qRLoq2pqmIiSNja5DlkM0qZptf6B2HGMJBF1wc3APdAwBEit1MZNuSIJwohK9QsF
ucYKccw2SQTzZadXPmKrjjccg+sZGVQ19QnSNN2hn0nj26r/LZCWcjw0MtMs6h9sKaNtGZ3eM72d
sWoSTwfwr8qx3vJpO1ScMVN1K8siR9mrM416un15KY8K6PER6OceAWxkFOJS+ti3KiRcmA+It43p
16cCJAyygjD/GZvIVPD1E2IbnaJmPLUwtlzgxQ4JU9T4+vTIn6LyCATy1bxsd0Vvg1anHES4czi3
eY9h1AMwxVM=
Fingerprint: 10:97:32:01:f1:11:bb:8d:fd:fa:e1:92:dc:0b:a1:48

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

-1266164296 | 2024-05-14T16:29:58.512254

80 / tcp

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Accept-Ranges: bytes
ETag: "1879035095"
Last-Modified: Mon, 29 Apr 2024 14:44:36 GMT
Content-Length: 1331
Date: Tue, 14 May 2024 16:29:58 GMT
Server: lighttpd/1.4.59

165.227.173.41

Last Seen: 2024-05-14

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-603504482 | 2024-05-03T18:55:39.231127
22 / tcp

OpenSSH8.4p1 Debian 5+deb11u3

-1266164296 | 2024-05-14T16:29:58.512254
80 / tcp

lighttpd1.4.59

Products

Pricing

Contact Us