GeneralInformation

Hostnames	ordns.he.net
Domains	he.net
Country	United States
City	Fremont
Organization	Hurricane Electric
ISP	Hurricane Electric LLC
ASN	AS6939

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2022-41556

A resource leak in gw_backend.c in lighttpd 1.4.56 through 1.4.66 could lead to a denial of service (connection-slot exhaustion) after a large amount of anomalous TCP behavior by clients. It is related to RDHUP mishandling in certain HTTP/1.1 chunked situations. Use of mod_fastcgi is, for example, affected. This is fixed in 1.4.67.

CVE-2022-22707

4.3In lighttpd 1.4.46 through 1.4.63, the mod_extforward_Forwarded function of the mod_extforward plugin has a stack-based buffer overflow (4 bytes representing -1), as demonstrated by remote denial of service (daemon crash) in a non-default configuration. The non-default configuration requires handling of the Forwarded header in a somewhat unusual manner. Also, a 32-bit system is much more likely to be affected than a 64-bit system.

OpenPorts

53 80 179 443

556175939 | 2024-05-11T04:30:46.156865

53 / tcp

PowerDNS Recursor 5.0.3 (built Mar  6 2024 13:31:38 by root@localhost)
Recursion: enabled
Resolver ID: tserv29

1248016740 | 2024-04-29T13:26:18.134775

53 / udp

PowerDNS Recursor 5.0.3 (built Mar  6 2024 13:31:38 by root@localhost)
Recursion: enabled
Resolver ID: tserv15.lax1.ipv6.he.net

-685443557 | 2024-05-12T10:26:21.774636

80 / tcp

HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 341
Date: Sun, 12 May 2024 10:26:21 GMT
Server: lighttpd/1.4.63

380465885 | 2024-05-12T14:02:09.561650

443 / tcp

HTTP/1.1 400 Bad Request
Connection: Close

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:7e:ab:f0:58:cf:e5:16:28:77:2d:82:6b:de:03:c0:bd:97
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Feb 15 07:01:23 2024 GMT
            Not After : May 15 07:01:22 2024 GMT
        Subject: CN=ordns.he.net
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:bf:12:97:17:c8:2c:4c:df:13:c9:2a:e7:75:5b:
                    76:9e:e4:e1:61:12:0f:ba:f3:6a:30:88:a3:66:64:
                    af:d8:0b:1a:c4:75:54:5b:da:8e:75:7b:52:f5:bf:
                    ba:5b:93:72:c0:b2:17:97:1f:e6:fc:56:ff:19:11:
                    3c:ad:23:53:30:a7:90:13:80:a3:8c:43:09:42:3b:
                    32:15:8b:46:b1:e2:f7:34:c5:1b:a9:7e:75:ba:77:
                    47:b4:f2:a4:06:1a:51:f7:38:10:0a:55:6b:39:b9:
                    a2:8a:cf:f3:4f:3d:c9:64:52:b9:7c:85:8f:a5:63:
                    ab:bd:19:45:32:dc:33:a2:7c:08:47:2f:81:09:84:
                    92:b6:f1:d8:72:3a:5a:1f:a9:28:10:92:01:06:a4:
                    13:cd:68:be:39:3f:7b:16:fe:49:c1:31:fd:d3:33:
                    dc:2a:8f:1d:42:a6:c7:89:bc:20:cd:f8:15:66:8f:
                    1b:f4:46:20:bf:f9:f0:5c:a4:6e:8c:bc:46:86:e5:
                    38:f7:50:dd:93:f2:90:39:6e:87:f9:49:ee:e4:0b:
                    e9:0f:6e:2f:dd:bf:1d:07:4a:28:83:e1:5c:8f:94:
                    d4:4d:36:d4:5f:a2:0f:21:c1:5c:ab:88:c5:69:07:
                    93:06:14:7e:b8:57:3c:9b:9d:c5:95:c9:09:27:20:
                    aa:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                AD:D2:0A:38:C0:27:00:97:49:9C:80:C9:BE:8D:02:32:1C:F2:50:4D
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:ordns.he.net
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E2:BF:D6:1E:DE:2F:2F:07:A0:D6:4E:6D:37:A7:DC:
                                65:43:B0:C6:B5:2E:A2:DA:B7:8A:F8:9A:6D:F5:17:D8
                    Timestamp : Feb 15 08:01:23.459 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:BA:3D:04:C2:A3:E7:68:B8:ED:2C:56:
                                B1:23:2B:19:68:61:DA:75:56:C1:07:71:BB:BC:9F:6F:
                                CF:94:AF:26:FD:02:21:00:D0:C6:2B:BD:E3:B7:7A:01:
                                F8:71:C9:BC:69:2C:B9:31:68:19:B6:0E:41:E0:D0:03:
                                D5:D8:2A:59:96:E7:FD:3C
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
                                B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
                    Timestamp : Feb 15 08:01:23.534 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:B0:D4:3A:A1:A1:38:06:36:09:39:B2:
                                6A:77:48:F2:E8:78:8B:19:48:DE:63:7D:F6:B3:0B:E7:
                                4B:15:9C:D7:05:02:21:00:C9:40:AE:A2:8F:85:BF:62:
                                16:49:E6:B3:45:C0:C2:22:43:62:3B:67:DC:CE:F4:83:
                                A8:B6:4A:0E:B5:F1:5C:01
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        75:29:73:75:67:60:70:91:3c:c1:19:35:cc:b0:b6:39:46:45:
        3f:50:92:5d:fc:61:72:13:b5:81:39:5a:cd:41:11:02:44:92:
        e6:60:25:dc:95:d0:81:02:fa:5c:05:f8:61:3e:2e:74:cc:93:
        63:ee:b2:1d:a6:35:7c:46:f3:80:ca:94:2e:68:0c:d5:5f:e3:
        4f:27:0d:6d:fa:04:a7:f7:93:76:95:80:00:85:b2:ea:9c:94:
        04:3e:e5:3f:e2:39:55:ad:2b:8e:18:b5:59:6d:8d:e3:37:27:
        1a:3b:92:2b:4d:58:c9:de:b2:86:18:e9:4d:ae:b0:00:2c:73:
        8a:93:ab:84:d1:f0:de:55:96:f4:90:3d:63:87:77:40:1b:ac:
        b8:29:82:f9:95:87:60:91:3c:67:01:80:bb:96:c0:39:65:5d:
        b5:92:ac:c9:f2:a5:50:89:0e:7e:15:57:ce:dc:ee:4c:a2:49:
        3a:3e:f6:09:6c:5d:70:1d:6d:da:fa:72:34:9d:b7:22:29:9a:
        89:6c:24:22:3d:40:27:5a:a3:71:02:18:df:9b:0a:cf:09:51:
        05:3e:a5:4a:9a:a9:5c:1b:a5:a8:3c:46:1a:33:d1:11:16:80:
        05:a2:cf:79:83:df:fc:ea:a6:f0:d4:37:23:0a:a2:a9:ac:fb:
        ee:fb:7a:d7

74.82.42.42

Last Seen: 2024-05-12

GeneralInformation

Vulnerabilities

OpenPorts

556175939 | 2024-05-11T04:30:46.156865
53 / tcp

1248016740 | 2024-04-29T13:26:18.134775
53 / udp

-685443557 | 2024-05-12T10:26:21.774636
80 / tcp

lighttpd1.4.63

380465885 | 2024-05-12T14:02:09.561650
443 / tcp

Products

Pricing

Contact Us

74.82.42.42

Last Seen: 2024-05-12

GeneralInformation

Vulnerabilities

OpenPorts

556175939 | 2024-05-11T04:30:46.156865 53 / tcp

1248016740 | 2024-04-29T13:26:18.134775 53 / udp

-685443557 | 2024-05-12T10:26:21.774636 80 / tcp

lighttpd1.4.63

380465885 | 2024-05-12T14:02:09.561650 443 / tcp

Products

Pricing

Contact Us

556175939 | 2024-05-11T04:30:46.156865
53 / tcp

1248016740 | 2024-04-29T13:26:18.134775
53 / udp

-685443557 | 2024-05-12T10:26:21.774636
80 / tcp

380465885 | 2024-05-12T14:02:09.561650
443 / tcp