GeneralInformation

Hostnames	ec2-54-154-138-236.eu-west-1.compute.amazonaws.com
Domains	amazonaws.com
Cloud Provider	Amazon
Cloud Region	eu-west-1
Cloud Service	EC2
Country	Ireland
City	Dublin
Organization	Amazon Technologies Inc.
ISP	Amazon.com, Inc.
ASN	AS16509

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

CVE-2023-36478

Eclipse Jetty provides a web server and servlet container. In versions 11.0.0 through 11.0.15, 10.0.0 through 10.0.15, and 9.0.0 through 9.4.52, an integer overflow in `MetaDataBuilder.checkSize` allows for HTTP/2 HPACK header values to exceed their size limit. `MetaDataBuilder.java` determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded. However, when length is very large and huffman is true, the multiplication by 4 in line 295 will overflow, and length will become negative. `(_size+length)` will now be negative, and the check on line 296 will not be triggered. Furthermore, `MetaDataBuilder.checkSize` allows for user-entered HPACK header value sizes to be negative, potentially leading to a very large buffer allocation later on when the user-entered size is multiplied by 2. This means that if a user provides a negative length value (or, more precisely, a length value which, when multiplied by the 4/3 fudge factor, is negative), and this length value is a very large positive number when multiplied by 2, then the user can cause a very large buffer to be allocated on the server. Users of HTTP/2 can be impacted by a remote denial of service attack. The issue has been fixed in versions 11.0.16, 10.0.16, and 9.4.53. There are no known workarounds.

OpenPorts

80 443

1949896279 | 2024-05-02T00:29:53.166847

80 / tcp

HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Thu, 02 May 2024 00:29:51 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://54.154.138.236:443/

-1371526322 | 2024-05-06T13:16:11.469678

443 / tcp

HTTP/1.1 200 OK
Date: Mon, 06 May 2024 13:16:11 GMT
Content-Type: application/json
Content-Length: 91
Connection: keep-alive
Set-Cookie: AWSALB=CzZtsUD9uaogJrNPrUNrar/ghgnJ24yXHkWJ/N9vgfUiihg8dU1IeNZGKqrhcyOoa9SneslDcO908iuNeF1/GcG7oud5eJIISvTQyPpasbDrXFCF8mWNwz2G+81A; Expires=Mon, 13 May 2024 13:16:11 GMT; Path=/
Set-Cookie: AWSALBCORS=CzZtsUD9uaogJrNPrUNrar/ghgnJ24yXHkWJ/N9vgfUiihg8dU1IeNZGKqrhcyOoa9SneslDcO908iuNeF1/GcG7oud5eJIISvTQyPpasbDrXFCF8mWNwz2G+81A; Expires=Mon, 13 May 2024 13:16:11 GMT; Path=/; SameSite=None; Secure
Server: Jetty(9.4.52.v20230823)

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:58:a1:f7:30:c3:5d:f1:f5:7a:5b:a0:1b:fe:13:6e
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Amazon, CN=Amazon RSA 2048 M02
        Validity
            Not Before: Jul 15 00:00:00 2023 GMT
            Not After : Aug 12 23:59:59 2024 GMT
        Subject: CN=*.eflangtech.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:bc:49:01:b5:08:0a:2c:ae:5d:03:98:0e:dc:ff:
                    ee:9b:38:5f:dc:e2:d7:50:0a:ee:8e:f7:4b:72:a9:
                    a0:e9:b6:4a:33:b8:b7:70:18:81:6a:38:f9:bc:68:
                    6d:77:24:71:ae:d7:6c:ed:8e:65:83:c4:84:17:53:
                    80:85:fc:a5:c9:80:c4:76:f5:df:d2:c3:e0:b2:63:
                    8d:47:43:90:bd:59:d1:ff:50:4d:35:89:93:10:c5:
                    7d:a6:49:75:d3:89:3c:7e:a4:76:f2:6c:f4:f1:0c:
                    2c:d9:aa:ed:60:5a:6c:a6:6a:24:15:5d:1d:b2:90:
                    1d:c4:4e:ba:86:14:cd:37:a2:e0:e6:09:55:7b:c9:
                    f3:60:0d:f6:f1:d8:c8:91:0b:c0:89:03:4d:e1:ec:
                    84:e0:6f:5c:8f:28:0f:af:e7:e4:bc:30:5d:ff:40:
                    6b:f6:60:4a:54:56:86:15:11:b5:b7:3b:e1:30:e0:
                    5f:8a:4c:1d:21:54:da:74:55:7e:8d:85:ad:c5:9b:
                    8c:90:99:c5:09:a7:ac:d4:32:43:fa:ee:a5:a2:17:
                    0d:ba:a0:50:11:0c:28:3b:38:4c:be:c0:71:a3:0a:
                    95:34:82:1b:80:2c:fa:b5:4f:05:54:5b:92:12:89:
                    32:c8:e4:57:76:3f:20:d2:18:5c:5d:9c:92:52:d6:
                    4c:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                C0:31:52:CD:5A:50:C3:82:7C:74:71:CE:CB:E9:9C:F9:7A:EB:82:E2
            X509v3 Subject Key Identifier: 
                F9:C0:A5:93:E2:C2:7C:DA:F4:76:1A:D5:78:E1:C3:D7:DE:BF:33:AF
            X509v3 Subject Alternative Name: 
                DNS:*.eflangtech.com
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.r2m02.amazontrust.com/r2m02.crl
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            Authority Information Access: 
                OCSP - URI:http://ocsp.r2m02.amazontrust.com
                CA Issuers - URI:http://crt.r2m02.amazontrust.com/r2m02.cer
            X509v3 Basic Constraints: critical
                CA:FALSE
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
                                B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
                    Timestamp : Jul 15 00:18:21.874 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:65:72:BA:98:CB:1F:30:5B:43:B2:1F:4F:
                                87:EA:24:B6:C3:2E:54:1F:3A:2A:6D:78:FA:14:41:75:
                                16:BD:1D:D4:02:20:2D:06:A1:33:09:8D:19:C9:5E:2D:
                                9E:B5:1B:B2:F3:AA:4A:D9:4E:51:FC:DF:72:C4:89:CA:
                                5F:7F:38:7C:D5:6A
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Jul 15 00:18:21.875 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:C5:0D:24:65:15:9F:84:C6:79:AC:24:
                                78:9E:7C:40:B2:A3:31:4B:AD:82:FA:6C:E7:27:49:98:
                                3B:87:97:0A:D9:02:20:29:05:EA:12:3D:D2:19:1F:FF:
                                D5:A9:C9:C0:5E:06:8A:F4:E0:73:03:F9:4B:0A:09:F5:
                                38:B9:47:C5:8D:40:79
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
                                ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
                    Timestamp : Jul 15 00:18:21.859 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:9B:E3:0C:14:01:E5:98:71:8B:38:4A:
                                93:73:D2:25:B9:6B:2D:2F:14:EE:02:85:F6:12:1A:51:
                                63:62:50:E7:EC:02:21:00:CC:13:24:C9:37:66:A7:EF:
                                F4:0D:E5:8C:93:2C:8A:54:4A:EB:40:B3:4A:90:58:A2:
                                4C:13:64:50:83:4C:F7:F9
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        aa:50:37:7e:30:12:83:90:8c:20:18:ef:0e:5d:e2:b8:7c:34:
        23:57:f7:47:d6:ce:41:b7:29:68:2f:91:88:28:3b:03:d8:72:
        5e:7c:64:76:0c:ec:af:16:b7:1b:17:95:8d:6f:b7:86:65:46:
        8c:64:76:a9:36:12:bb:2d:b5:c6:6c:9c:3f:5a:d8:f4:92:de:
        e4:e9:da:39:c1:ad:3e:bd:66:73:e2:5d:db:7d:29:0d:2a:09:
        38:d8:db:48:e5:2a:6a:da:e8:4c:54:81:8f:55:25:38:5d:12:
        c4:86:2b:48:52:84:9e:11:58:cf:58:5e:38:4c:b7:da:22:64:
        ed:96:b6:99:bc:28:53:9d:83:14:b2:b2:33:ca:f4:6a:f9:7b:
        7e:1d:67:58:19:2d:9f:a3:24:6c:68:68:71:30:c6:29:45:cf:
        d0:ad:b5:aa:dc:4f:32:63:1e:d3:5b:fd:c3:a3:59:c6:d3:79:
        7f:cf:f4:64:e4:8c:4d:d2:54:1a:1d:99:5b:af:a9:73:7c:31:
        8b:42:45:c7:b2:5b:53:4c:33:c2:19:b5:d7:29:63:66:65:69:
        a9:2a:d6:8f:66:f8:f7:2d:fa:70:39:56:b1:c6:4b:d0:b2:5b:
        5e:52:7b:95:6d:d9:dd:ac:00:79:3b:51:92:23:6c:ce:2e:7d:
        4b:90:e3:80

54.154.138.236

Last Seen: 2024-05-06

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1949896279 | 2024-05-02T00:29:53.166847
80 / tcp

AWS ELB2.0

-1371526322 | 2024-05-06T13:16:11.469678
443 / tcp

Jetty9.4.52.v20230823

Products

Pricing

Contact Us

54.154.138.236

Last Seen: 2024-05-06

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1949896279 | 2024-05-02T00:29:53.166847 80 / tcp

AWS ELB2.0

-1371526322 | 2024-05-06T13:16:11.469678 443 / tcp

Jetty9.4.52.v20230823

Products

Pricing

Contact Us

1949896279 | 2024-05-02T00:29:53.166847
80 / tcp

-1371526322 | 2024-05-06T13:16:11.469678
443 / tcp