GeneralInformation

Hostnames	ambafrance.org autodiscover.ambafrance.org mail.ambafrance.org owa.ambafrance.org www.ambafrance.org ip59.ip-178-33-22.eu
Domains	ambafrance.org ip-178-33-22.eu
Country	France
City	Lille
Organization	OVH SAS
ISP	OVH SAS
ASN	AS16276

WebTechnologies

CMS

SPIP3.2.19

Programming languages

PHP

Reverse proxies

Nginx

Web servers

Nginx

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2024-23659	SPIP before 4.1.14 and 4.2.x before 4.2.8 allows XSS via the name of an uploaded file. This is related to javascript/bigup.js and javascript/bigup.utils.js.
CVE-2023-52322	ecrire/public/assembler.php in SPIP before 4.1.13 and 4.2.x before 4.2.7 allows XSS because input from _request() is not restricted to safe characters such as alphanumerics.
CVE-2023-24258	SPIP v4.1.5 and earlier was discovered to contain a SQL injection vulnerability via the _oups parameter. This vulnerability allows attackers to execute arbitrary code via a crafted POST request.
CVE-2022-37454	The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.
CVE-2022-37155	RCE in SPIP 3.1.13 through 4.1.2 allows remote authenticated users to execute arbitrary code via the _oups parameter.
CVE-2022-31630	In PHP versions prior to 7.4.33, 8.0.25 and 8.1.12, when using imageloadfont() function in gd extension, it is possible to supply a specially crafted font file, such as if the loaded font is used with imagechar() function, the read outside allocated buffer will be used. This can lead to crashes or disclosure of confidential information.
CVE-2022-31629	In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.
CVE-2022-31628	In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.
CVE-2013-2220	7.5Buffer overflow in the radius_get_vendor_attr function in the Radius extension before 1.2.7 for PHP allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large Vendor Specific Attributes (VSA) length value.
CVE-2007-3205	5.0The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin.

OpenPorts

80 443

198939562 | 2024-05-10T12:01:53.676914

80 / tcp

HTTP/1.1 404 Not Found
date: Fri, 10 May 2024 12:01:53 GMT
content-length: 0

-1324325711 | 2024-05-10T17:09:15.529978

443 / tcp

HTTP/1.1 200 OK
date: Fri, 10 May 2024 17:09:14 GMT
server: nginx
content-type: text/html; charset=utf-8
vary: Accept-Encoding,Cookie
x-powered-by: PHP/7.4.30
composed-by: SPIP 3.2.19 @ www.spip.net + https://ie.ambafrance.org/local/config.txt
link: <https://ie.ambafrance.org/local/cache-css/bfe92fa4cae5e09a74dbca8af4361625.css?1712920212>;rel="stylesheet prefetch"
x-spip-cache: 86400
last-modified: Fri, 10 May 2024 17:09:14 GMT
x-powered-by: PleskLin
transfer-encoding: chunked

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3c:60:da:d0:02:c1:c7:d4:fb:49:38:75
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign RSA OV SSL CA 2018
        Validity
            Not Before: Apr 10 09:17:33 2024 GMT
            Not After : May 12 09:17:32 2025 GMT
        Subject: C=FR, ST=\xC3\x8Ele-de-France, L=Paris, O=Minist\xC3\xA8re de l'Europe et des Affaires \xC3\xA9trang\xC3\xA8res, CN=*.ambafrance.org
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:bf:84:de:0e:98:fb:0f:68:25:05:e2:81:5d:24:
                    bb:46:e6:0d:7c:77:71:0c:42:65:a2:9a:c3:cc:d0:
                    6a:18:6a:39:05:27:fe:2c:83:20:d3:d2:fb:f1:6f:
                    9b:41:0d:b9:96:cc:b3:eb:85:88:67:3d:74:54:d6:
                    23:d5:d2:6a:7f:ce:17:51:e7:fe:d9:9b:4f:9b:60:
                    66:f1:a9:90:ca:21:d9:69:07:66:29:d1:ff:1e:f9:
                    6f:bb:42:48:b2:97:a7:49:df:9b:18:64:97:99:e3:
                    a2:78:36:a8:54:07:7a:3c:db:84:22:1d:63:fe:5a:
                    1b:c5:08:6e:8d:18:57:c5:df:9c:9e:4a:b2:4c:20:
                    a0:ec:22:82:e8:66:7b:12:a7:cd:52:49:2f:7b:c7:
                    35:ef:60:31:5a:1b:81:5b:be:92:7a:dc:88:a2:fa:
                    69:f8:72:59:06:ba:7b:ad:38:b7:6b:73:3a:4a:24:
                    92:10:f0:14:1f:88:4b:d1:60:da:1f:b9:99:49:d8:
                    ba:38:35:33:c3:54:5c:34:8d:7b:16:d8:39:ce:f6:
                    df:ff:8a:29:21:b7:29:be:9f:90:25:4f:6e:6b:c7:
                    55:b0:d8:83:2a:27:df:4c:95:80:be:61:bb:64:4a:
                    c8:4d:3f:c6:8e:94:85:9c:dd:d7:f1:45:85:ee:1f:
                    82:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            Authority Information Access: 
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsrsaovsslca2018.crt
                OCSP - URI:http://ocsp.globalsign.com/gsrsaovsslca2018
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.4146.1.20
                  CPS: https://www.globalsign.com/repository/
                Policy: 2.23.140.1.2.2
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gsrsaovsslca2018.crl
            X509v3 Subject Alternative Name: 
                DNS:*.ambafrance.org, DNS:owa.ambafrance.org, DNS:mail.ambafrance.org, DNS:autodiscover.ambafrance.org, DNS:www.ambafrance.org, DNS:ambafrance.org
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Authority Key Identifier: 
                F8:EF:7F:F2:CD:78:67:A8:DE:6F:8F:24:8D:88:F1:87:03:02:B3:EB
            X509v3 Subject Key Identifier: 
                35:BC:84:06:12:3F:8C:5F:2C:B7:64:BC:C1:78:4D:3C:6D:AA:02:7B
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Apr 10 09:17:36.285 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:8B:2F:23:8B:09:94:52:A1:AB:4F:99:
                                25:15:24:17:FD:08:34:2A:90:92:2D:2A:8B:F5:AF:04:
                                35:95:A7:3D:17:02:21:00:E4:B2:BA:63:69:95:31:C3:
                                6E:83:06:14:FB:55:2B:2E:9E:60:2A:EE:5A:6E:4F:13:
                                70:03:95:10:D1:21:68:09
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
                                1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
                    Timestamp : Apr 10 09:17:36.314 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:E4:1A:3A:7A:AB:A2:4E:17:CB:1A:12:
                                82:64:AA:57:E6:5F:30:D6:0C:13:D8:08:18:D9:7C:FB:
                                C5:3F:FA:D2:07:02:21:00:DF:8B:2F:EA:4A:A1:50:2B:
                                76:60:E1:FD:E5:34:34:2F:A3:43:F9:01:18:DA:57:A9:
                                24:0C:4F:90:32:CB:C0:5E
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : Apr 10 09:17:36.247 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:8E:61:6C:C1:23:D3:95:EB:75:CF:B9:
                                7E:F6:1C:1E:4E:A3:6E:C2:E6:9D:D3:1A:42:9B:65:CE:
                                6B:06:B7:8A:45:02:21:00:D0:1F:BE:C0:0C:15:98:EE:
                                93:93:EA:9D:E2:4A:37:DB:A7:6E:60:E8:8E:F1:D5:B4:
                                EE:D2:BD:E3:AC:2D:B0:45
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        1b:30:ae:b1:e5:32:96:6d:9a:4a:9f:36:d6:09:6c:59:c3:68:
        ce:dd:c9:60:5d:2b:72:04:cb:e2:33:61:f7:1d:72:39:c0:17:
        8b:f3:c9:3f:66:c8:64:29:4e:6a:29:c2:39:fd:9e:9f:5b:55:
        d8:84:dc:61:54:6d:97:2d:0f:5d:c6:8d:cb:c0:ef:28:f2:07:
        3f:c0:31:88:af:d9:e9:82:77:3e:a4:39:2a:00:34:b8:01:c8:
        a1:b9:1d:0b:c2:b2:49:87:30:3c:2c:8e:bc:5f:6d:e7:4a:38:
        e9:6d:d5:43:66:f1:53:4f:c5:f7:8f:9b:72:04:69:b2:a1:48:
        ac:82:b4:0c:2f:87:80:5c:65:08:63:ae:90:c8:03:d8:5b:8d:
        b4:20:8a:08:43:97:45:2a:2a:b6:60:f6:1d:31:b8:3b:35:22:
        c0:e7:6c:4d:f5:2a:69:55:4a:6b:a9:c2:5c:f0:a7:6b:0f:93:
        29:4e:c5:f9:49:1d:ff:a5:81:4f:1c:7d:d9:8e:df:90:a3:b4:
        5f:08:23:5e:79:82:c4:d2:c4:fd:b6:af:8a:84:f8:b9:91:32:
        8f:39:33:ef:7f:78:34:df:d9:23:3d:15:af:f3:35:77:02:2f:
        a4:b0:71:a7:45:e3:71:83:6a:58:e0:a9:f7:97:55:1d:c4:d9:
        14:5a:c8:8a

178.33.22.59

Last Seen: 2024-05-10

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

198939562 | 2024-05-10T12:01:53.676914
80 / tcp

-1324325711 | 2024-05-10T17:09:15.529978
443 / tcp

nginx

Products

Pricing

Contact Us

178.33.22.59

Last Seen: 2024-05-10

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

198939562 | 2024-05-10T12:01:53.676914 80 / tcp

-1324325711 | 2024-05-10T17:09:15.529978 443 / tcp

nginx

Products

Pricing

Contact Us

198939562 | 2024-05-10T12:01:53.676914
80 / tcp

-1324325711 | 2024-05-10T17:09:15.529978
443 / tcp