GeneralInformation

Hostnames	athena-webservice-gamma.ca-central-1.amazonaws.com athena-webservice-internal-gamma.ca-central-1.amazonaws.com ec2-3-97-254-44.ca-central-1.compute.amazonaws.com
Domains	amazonaws.com
Cloud Provider	Amazon
Cloud Region	ca-central-1
Cloud Service	EC2
Country	Canada
City	Montréal
Organization	Amazon Data Services Canada
ISP	Amazon.com, Inc.
ASN	AS16509

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2023-3824	In PHP version 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE.
CVE-2023-3823	In PHP versions 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8 various XML functions rely on libxml global state to track configuration variables, like whether external entities are loaded. This state is assumed to be unchanged unless the user explicitly changes it by calling appropriate function. However, since the state is process-global, other modules - such as ImageMagick - may also use this library within the same process, and change that global state for their internal purposes, and leave it in a state where external entities loading is enabled. This can lead to the situation where external XML is parsed with external entities loaded, which can lead to disclosure of any local files accessible to PHP. This vulnerable state may persist in the same process across many requests, until the process is shut down.
CVE-2023-3247	In PHP versions 8.0.* before 8.0.29, 8.1.* before 8.1.20, 8.2.* before 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for failure, and was using narrower range of values than it should have. In case of random generator failure, it could lead to a disclosure of 31 bits of uninitialized memory from the client to the server, and it also made easier to a malicious server to guess the client's nonce.
CVE-2022-41742	NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted audio or video file. The issue affects only NGINX products that are built with the module ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module.
CVE-2022-41741	NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to corrupt NGINX worker memory, resulting in its termination or potential other impact using a specially crafted audio or video file. The issue affects only NGINX products that are built with the ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module.
CVE-2013-2220	7.5Buffer overflow in the radius_get_vendor_attr function in the Radius extension before 1.2.7 for PHP allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large Vendor Specific Attributes (VSA) length value.
CVE-2007-3205	5.0The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin.

OpenPorts

80 444

209853502 | 2024-05-10T12:53:34.048908

80 / tcp

HTTP/1.1 404 Not Found
Date: Fri, 10 May 2024 12:53:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.23.0
X-Powered-By: PHP/8.2.6
Cache-Control: no-cache, private
Access-Control-Allow-Origin: *

1373759999 | 2024-05-03T17:56:58.045576

444 / tcp

HTTP/1.1 403 Forbidden
Date: Fri, 03 May 2024 17:56:40 GMT
Content-Type: application/json
Content-Length: 42
Connection: keep-alive
x-amzn-RequestId: 6b284fc5-503f-407f-ab08-9599d4781264
x-amzn-ErrorType: MissingAuthenticationTokenException:http://internal.amazon.com/coral/com.amazon.coral.service/

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0b:17:d4:e3:ef:a4:6e:df:a6:81:83:30:a5:56:b4:7a
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Amazon, CN=Amazon RSA 2048 M02
        Validity
            Not Before: Jan  4 00:00:00 2024 GMT
            Not After : Feb  2 23:59:59 2025 GMT
        Subject: CN=athena-webservice-gamma.ca-central-1.amazonaws.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:a3:d1:f1:dd:b7:83:ed:5e:23:3a:57:88:ce:dd:
                    51:ff:ab:5c:4a:78:9f:42:be:f1:a3:e0:01:8e:85:
                    13:f6:43:8a:08:29:c6:05:ae:3b:67:56:74:25:c4:
                    89:a6:0f:5c:23:b2:26:cc:f2:aa:68:00:03:cf:25:
                    c1:5c:a3:e9:71:2b:97:44:cb:0b:41:f0:01:94:13:
                    52:7d:24:cd:aa:03:e4:ef:72:2d:6f:74:25:05:5e:
                    43:eb:04:da:a4:c4:68:d1:f2:f0:49:2a:12:2a:ff:
                    68:5a:2b:4a:08:57:6d:d4:2b:aa:50:11:58:3a:0f:
                    a8:50:b3:84:d1:ba:e1:0c:a9:25:90:81:e7:e9:c6:
                    47:79:d8:06:6f:6f:0b:f0:3d:f4:34:ad:e8:f2:7d:
                    9b:c7:e9:81:c9:f5:87:6a:68:f3:25:e3:70:12:01:
                    f4:76:c7:ce:7d:84:38:2e:8c:cc:2f:a8:22:6b:52:
                    29:b5:3b:72:0f:f9:f7:3d:55:b4:17:4c:8a:d2:72:
                    64:d9:8d:49:67:39:4c:bf:83:58:a0:d9:56:38:47:
                    6f:f4:6b:eb:3d:75:0c:d4:2d:94:33:88:3f:ed:9e:
                    46:3e:1e:02:50:41:7f:f8:59:6b:8e:49:5e:ef:8a:
                    f8:85:59:90:a7:5b:42:57:2d:24:5a:40:f4:ca:ef:
                    44:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                C0:31:52:CD:5A:50:C3:82:7C:74:71:CE:CB:E9:9C:F9:7A:EB:82:E2
            X509v3 Subject Key Identifier: 
                27:B8:DF:29:1E:B4:A5:79:04:A7:95:33:C2:EB:27:47:BB:46:C9:9F
            X509v3 Subject Alternative Name: 
                DNS:athena-webservice-gamma.ca-central-1.amazonaws.com, DNS:athena-webservice-internal-gamma.ca-central-1.amazonaws.com, DNS:*.athena-webservice-gamma.ca-central-1.vpce.amazonaws.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.r2m02.amazontrust.com/r2m02.crl
            Authority Information Access: 
                OCSP - URI:http://ocsp.r2m02.amazontrust.com
                CA Issuers - URI:http://crt.r2m02.amazontrust.com/r2m02.cer
            X509v3 Basic Constraints: critical
                CA:FALSE
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : Jan  4 00:41:22.341 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:1F:2A:20:91:5B:82:F9:72:EB:86:ED:F5:
                                74:47:9C:36:F2:05:5F:33:7B:E6:EA:DA:61:B5:E2:9E:
                                A6:60:05:91:02:21:00:C5:74:2F:C4:80:78:6C:5B:2B:
                                60:79:A6:AF:D8:50:2A:9A:E2:C2:6E:08:A8:A8:DA:91:
                                B9:42:F7:F3:60:60:23
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 7D:59:1E:12:E1:78:2A:7B:1C:61:67:7C:5E:FD:F8:D0:
                                87:5C:14:A0:4E:95:9E:B9:03:2F:D9:0E:8C:2E:79:B8
                    Timestamp : Jan  4 00:41:22.395 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:A3:66:25:65:08:4E:DF:E0:ED:52:D5:
                                67:70:75:45:A5:39:67:E3:CB:70:E2:A0:DF:BD:DB:35:
                                C2:62:87:44:86:02:21:00:F2:AD:D5:EC:1E:7A:F7:7B:
                                50:AB:33:B5:A4:A4:A7:07:48:B9:33:D0:88:1F:79:3D:
                                1B:8E:DD:CD:B1:56:5E:F2
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : E6:D2:31:63:40:77:8C:C1:10:41:06:D7:71:B9:CE:C1:
                                D2:40:F6:96:84:86:FB:BA:87:32:1D:FD:1E:37:8E:50
                    Timestamp : Jan  4 00:41:22.443 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:E6:E7:03:8D:69:29:B0:4B:8A:88:0D:
                                67:09:9E:D3:4B:38:FD:11:53:EE:A5:66:29:CC:CB:D1:
                                E6:71:76:61:C0:02:20:1D:74:D9:C1:11:C6:18:81:C8:
                                B5:8A:06:17:77:F2:A4:F5:7B:A1:56:F6:9A:62:80:B1:
                                36:92:42:A6:3C:CC:F0
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        88:88:7b:c3:b3:2d:3a:62:88:45:0c:51:69:99:b0:2c:60:e4:
        1f:2a:06:a1:ae:5d:21:ee:d0:b9:6d:34:09:45:c5:5b:1e:09:
        d6:5e:26:f8:db:ef:35:1e:c8:33:8e:0a:83:7e:49:ef:04:4b:
        de:85:c2:08:c4:28:aa:d4:eb:5f:ca:28:49:1a:ce:50:1d:14:
        a6:ad:1a:4e:c8:96:d8:ce:6b:60:fd:32:67:33:cc:95:7c:b2:
        19:8c:5b:57:e7:5d:96:cb:a7:8d:2d:8e:4e:1a:ef:31:cf:47:
        db:86:41:21:58:48:3c:fd:d5:c9:a3:1c:4b:ff:b6:92:fa:b1:
        38:99:0e:1e:48:1f:88:3b:1b:22:4f:ee:67:9a:f5:57:11:93:
        96:74:95:e4:c5:b2:a8:77:2f:85:35:81:28:f6:51:c2:d5:04:
        89:41:81:39:0d:ec:75:e7:76:9f:79:9b:58:6a:24:2d:1e:77:
        5f:03:11:85:d7:5b:3f:b4:a0:3d:33:45:b0:45:1d:ae:8b:45:
        cd:0d:c0:80:80:16:7f:7d:1f:cb:68:da:83:5d:fd:61:4e:8e:
        c9:2b:21:dd:7c:e1:5d:88:69:82:22:84:e9:95:bb:2d:a9:fb:
        3e:7f:d5:08:25:4d:07:3b:ff:b2:c2:d2:d9:5f:98:d4:9b:ec:
        e7:60:2e:b5

3.97.254.44

Last Seen: 2024-05-10

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

209853502 | 2024-05-10T12:53:34.048908
80 / tcp

nginx1.23.0

1373759999 | 2024-05-03T17:56:58.045576
444 / tcp

Products

Pricing

Contact Us

3.97.254.44

Last Seen: 2024-05-10

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

209853502 | 2024-05-10T12:53:34.048908 80 / tcp

nginx1.23.0

1373759999 | 2024-05-03T17:56:58.045576 444 / tcp

Products

Pricing

Contact Us

209853502 | 2024-05-10T12:53:34.048908
80 / tcp

1373759999 | 2024-05-03T17:56:58.045576
444 / tcp