| Hostnames |
vmi220739.contaboserver.net zoolook.eu |
| Domains | contaboserver.net zoolook.eu |
| Country | Germany |
| City | Munich |
| Organization | Contabo GmbH |
| ISP | Contabo GmbH |
| ASN | AS51167 |
Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.
| CVE-2022-22707 | 5.9In lighttpd 1.4.46 through 1.4.63, the mod_extforward_Forwarded function of the mod_extforward plugin has a stack-based buffer overflow (4 bytes representing -1), as demonstrated by remote denial of service (daemon crash) in a non-default configuration. The non-default configuration requires handling of the Forwarded header in a somewhat unusual manner. Also, a 32-bit system is much more likely to be affected than a 64-bit system. |
-924051802 | 2024-04-04T04:30:39.91398322 / tcp
SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.8 Key type: ssh-rsa Key: AAAAB3NzaC1yc2EAAAADAQABAAABAQDJ18CMOximUj/4JJ9V2YMwAMV1e9C0XI4+hVYCeVy4hbvk U+vLklWdwGqSMGKycZLqRt2DN6Lr9lGKRCJQ//Q6iW9E/HtRarizKGb5vaD0UQoX3K60D7k/Vaq3 zLoMCN87T5nI57b67+73pYyOpxK+rG8R2T2xmgnDU5E5KVXqhV7SAOQhQTvsd4BdN+hQZbyum/7q qreN2S7ej1prFzWzhHvIV25Tan87VGLmqYO5BP2/2V1AkOHtZoiq/g/C6oAPHMAS6LxNoiHEBr1c C/6ngE1ZzeNMHkjMo+23BdyXZIIkbrp5Mms7ZbD/hHR2L4Lp2ktBES3BpMbmwM68SjyX Fingerprint: 3c:9b:fd:e8:10:51:f2:c3:03:02:cc:1a:82:d9:c6:37 Kex Algorithms: curve25519-sha256 curve25519-sha256@libssh.org ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 diffie-hellman-group-exchange-sha256 diffie-hellman-group16-sha512 diffie-hellman-group18-sha512 diffie-hellman-group14-sha256 Server Host Key Algorithms: rsa-sha2-512 rsa-sha2-256 ssh-rsa ecdsa-sha2-nistp256 ssh-ed25519 Encryption Algorithms: chacha20-poly1305@openssh.com aes128-ctr aes192-ctr aes256-ctr aes128-gcm@openssh.com aes256-gcm@openssh.com MAC Algorithms: umac-64-etm@openssh.com umac-128-etm@openssh.com hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com hmac-sha1-etm@openssh.com umac-64@openssh.com umac-128@openssh.com hmac-sha2-256 hmac-sha2-512 hmac-sha1 Compression Algorithms: none zlib@openssh.com
1349736935 | 2024-04-03T02:50:11.28163325 / tcp
220 FBI 250-mail.zoolook.eu 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-8BITMIME 250-DSN 250-SMTPUTF8 250 CHUNKING
Certificate:
Data:
Version: 1 (0x0)
Serial Number:
2f:e9:29:78:22:98:93:6c:97:bf:87:9e:57:f4:b1:9f:2b:07:f6:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=UK, ST=UK, L=LONDON, O=KLF, CN=zoolook.info/emailAddress=zoolook@zoolook.info
Validity
Not Before: Jun 22 19:56:30 2019 GMT
Not After : Jun 21 19:56:30 2020 GMT
Subject: C=UK, ST=UK, L=LONDON, O=KLF, CN=zoolook.info/emailAddress=zoolook@zoolook.info
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b1:68:b6:d6:1e:8e:72:ca:6d:43:30:00:74:b7:
4c:d3:0d:28:bd:9d:3b:f2:7b:e1:f4:71:9c:4a:fc:
12:7c:39:29:05:2c:e5:8e:f3:93:dc:26:85:c9:09:
94:07:a8:67:f9:43:ab:68:22:ac:2a:99:1b:4b:2e:
20:73:c5:64:27:41:4c:9a:bd:bd:9a:e0:bb:b3:c3:
c0:34:14:46:2a:39:9b:25:5c:20:da:f0:bf:20:74:
fa:ca:9a:b0:14:7a:fc:5e:d7:97:a3:d3:af:02:04:
9f:7a:e4:3c:21:e7:84:a3:6e:95:ea:55:61:0f:8a:
cc:ed:ad:28:f7:e8:69:9b:9c:12:1d:cc:9f:eb:5d:
e0:68:b8:be:55:b9:57:3f:d6:36:4f:d3:79:92:07:
93:54:08:f1:aa:f6:a8:a4:8a:b4:46:f6:09:ae:c7:
c8:74:c9:22:01:06:a7:1e:d5:18:89:5c:44:c0:cf:
e7:a0:31:17:4b:3e:2e:5d:2a:27:1c:cb:40:2d:b5:
a7:37:d5:e4:08:df:4a:95:4c:29:88:e8:57:96:b8:
c1:7b:f0:f3:78:82:4c:c4:54:bc:88:2f:cf:1c:91:
1c:35:ca:44:8e:14:2f:f3:93:1b:de:ee:f2:05:dc:
94:44:e4:c9:d4:2e:f6:39:5d:9a:5f:a6:1c:8e:db:
5b:19
Exponent: 65537 (0x10001)
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
97:1d:64:d8:95:54:f6:6d:7b:2d:08:18:05:0f:a3:53:d1:38:
68:88:03:42:3f:45:0c:ab:3b:50:c2:d6:09:ef:d2:76:28:2b:
83:0e:20:52:25:1e:02:ed:18:ef:22:71:27:ac:e1:77:60:92:
44:ea:a1:19:8a:8f:7c:72:d1:b1:74:53:a0:4e:4f:1d:19:7a:
73:fd:b3:9f:85:a0:e2:b5:65:4f:b5:06:42:7d:8a:ab:60:a5:
a2:c0:45:b7:4d:e8:bc:07:56:34:28:72:c7:94:1f:46:0c:41:
cf:aa:f9:05:35:c8:11:9f:ce:47:f8:6d:20:d4:08:ee:f6:14:
0d:71:a0:80:a4:78:c0:bf:a7:2f:ca:64:ae:69:72:2f:b7:5b:
e6:20:07:ad:f6:4a:bb:f7:9d:17:b1:55:28:3f:44:2b:dc:c7:
b2:6b:06:9b:c0:f9:c7:1e:b5:d5:d1:96:21:3c:b3:b1:48:4c:
bc:99:b4:28:b4:a3:44:8a:f3:dd:ed:66:de:34:21:b0:57:2d:
aa:3c:2e:61:bd:4f:fa:a8:8a:2d:ea:f1:d6:58:c5:85:98:48:
0c:ed:cf:ee:86:b1:9b:2f:5b:83:3d:c4:b7:9a:fa:29:d6:20:
7d:71:5b:96:a5:f7:78:20:99:e4:8d:a7:f9:86:85:ed:b0:0d:
81:0f:5b:be
970547679 | 2024-04-11T13:09:10.15738780 / tcp
HTTP/1.1 200 OK Content-type: text/html; charset=UTF-8 Content-Length: 57 Date: Thu, 11 Apr 2024 13:09:09 GMT Server: lighttpd/1.4.55
-1712467009 | 2024-04-17T14:58:15.193312143 / tcp
* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot (Ubuntu) ready.
* CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ STARTTLS AUTH=PLAIN AUTH=LOGIN
A001 OK Pre-login capabilities listed, post-login capabilities have more.
* ID ("name" "Dovecot")
A002 OK ID completed.
A003 BAD Error in IMAP command received by server.
* BYE Logging out
A004 OK Logout completed.
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:4f:d3:f7:45:3e:19:98:58:a7:f6:21:a5:d1:73:8a:2f:54:a4:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=vmi220739.contaboserver.net
Validity
Not Before: Jun 11 09:07:09 2019 GMT
Not After : Jun 8 09:07:09 2029 GMT
Subject: CN=vmi220739.contaboserver.net
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b9:fe:19:6e:40:77:27:95:5d:7c:d5:6c:a1:ea:
1b:8f:47:e4:78:6a:e3:87:38:9c:50:3c:bc:cc:51:
be:b8:8c:ba:06:14:68:88:ff:c8:9e:2d:bd:be:ea:
f0:5a:06:cb:56:ab:d5:d9:6f:ff:ad:96:be:8d:c1:
0d:de:9f:5b:c3:7a:b7:45:ee:a8:14:39:ed:d2:de:
c5:ae:dc:b8:2a:64:03:22:6f:8c:a9:a3:65:4b:00:
49:d3:10:5a:df:d5:99:99:90:7c:58:76:57:f2:7e:
be:92:a7:f6:3d:41:fa:82:51:7a:cc:d3:20:d1:c6:
e1:04:a5:5a:5b:29:d8:c0:f0:c3:1c:96:60:37:0f:
e4:af:9e:db:10:11:f4:c6:18:0e:c9:8f:01:cd:df:
04:0d:bf:f2:03:c4:a7:7e:30:31:43:78:aa:61:9a:
ce:65:e7:27:fc:83:5e:e4:fd:26:e4:67:ea:ff:38:
83:de:8a:3c:62:ab:22:20:27:80:b9:34:95:5c:1c:
cc:bf:cd:cb:eb:ad:15:79:0f:72:ca:9c:10:9f:18:
9c:40:e7:51:21:4c:15:a6:16:01:cd:16:12:6c:2d:
9b:a7:49:45:68:61:5c:82:b5:13:33:d6:96:a4:a1:
21:74:ab:87:f4:b4:20:e7:7e:ec:98:1f:eb:72:6b:
fa:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Alternative Name:
DNS:vmi220739.contaboserver.net
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
1d:bd:ff:e1:23:f1:01:a5:80:3c:b2:85:6e:3b:36:68:22:c2:
63:d4:58:7d:b5:fb:a6:30:4f:48:56:9c:7b:1c:de:11:49:cf:
e3:b4:dc:6e:33:c6:45:5f:ff:3c:b0:e2:4b:32:3a:1b:7d:12:
5a:44:4a:e9:fc:0a:6e:56:18:3e:ec:97:d1:78:e2:47:b8:01:
be:fb:10:39:09:94:29:9c:07:d5:2a:89:dc:e5:52:cc:aa:4c:
15:84:87:a3:43:d7:40:0f:d0:a0:b4:17:3d:12:a8:ff:58:0b:
15:f7:bf:3c:18:f5:24:72:d3:f2:59:c5:64:c1:8b:31:48:19:
3d:13:1d:e2:56:6e:8f:a9:f3:47:6c:3f:60:63:2c:3f:a3:c5:
65:93:f4:73:6c:e0:d8:d0:4f:ec:4f:a1:18:13:25:82:2e:29:
60:01:d7:a9:b0:9c:ac:b8:26:da:5c:1b:da:0b:ad:86:8c:1f:
d8:53:c7:0b:d2:6b:47:04:6f:e3:28:22:21:6d:bd:a4:87:65:
ea:9f:67:23:3f:5f:19:4e:1f:81:a6:93:61:1d:ba:59:9d:fe:
f5:b2:d1:50:ff:95:04:d3:46:73:8e:04:49:69:bf:c0:49:70:
20:52:f9:a1:10:7c:8b:ea:2d:a8:84:06:8b:e1:6e:34:4e:04:
dc:33:89:f4
-2011063995 | 2024-04-14T08:36:50.531927993 / tcp
* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN AUTH=LOGIN] Dovecot (Ubuntu) ready.
* CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN AUTH=LOGIN
A001 OK Pre-login capabilities listed, post-login capabilities have more.
* ID ("name" "Dovecot")
A002 OK ID completed.
A003 BAD Error in IMAP command received by server.
* BYE Logging out
A004 OK Logout completed.
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:4f:d3:f7:45:3e:19:98:58:a7:f6:21:a5:d1:73:8a:2f:54:a4:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=vmi220739.contaboserver.net
Validity
Not Before: Jun 11 09:07:09 2019 GMT
Not After : Jun 8 09:07:09 2029 GMT
Subject: CN=vmi220739.contaboserver.net
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b9:fe:19:6e:40:77:27:95:5d:7c:d5:6c:a1:ea:
1b:8f:47:e4:78:6a:e3:87:38:9c:50:3c:bc:cc:51:
be:b8:8c:ba:06:14:68:88:ff:c8:9e:2d:bd:be:ea:
f0:5a:06:cb:56:ab:d5:d9:6f:ff:ad:96:be:8d:c1:
0d:de:9f:5b:c3:7a:b7:45:ee:a8:14:39:ed:d2:de:
c5:ae:dc:b8:2a:64:03:22:6f:8c:a9:a3:65:4b:00:
49:d3:10:5a:df:d5:99:99:90:7c:58:76:57:f2:7e:
be:92:a7:f6:3d:41:fa:82:51:7a:cc:d3:20:d1:c6:
e1:04:a5:5a:5b:29:d8:c0:f0:c3:1c:96:60:37:0f:
e4:af:9e:db:10:11:f4:c6:18:0e:c9:8f:01:cd:df:
04:0d:bf:f2:03:c4:a7:7e:30:31:43:78:aa:61:9a:
ce:65:e7:27:fc:83:5e:e4:fd:26:e4:67:ea:ff:38:
83:de:8a:3c:62:ab:22:20:27:80:b9:34:95:5c:1c:
cc:bf:cd:cb:eb:ad:15:79:0f:72:ca:9c:10:9f:18:
9c:40:e7:51:21:4c:15:a6:16:01:cd:16:12:6c:2d:
9b:a7:49:45:68:61:5c:82:b5:13:33:d6:96:a4:a1:
21:74:ab:87:f4:b4:20:e7:7e:ec:98:1f:eb:72:6b:
fa:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Alternative Name:
DNS:vmi220739.contaboserver.net
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
1d:bd:ff:e1:23:f1:01:a5:80:3c:b2:85:6e:3b:36:68:22:c2:
63:d4:58:7d:b5:fb:a6:30:4f:48:56:9c:7b:1c:de:11:49:cf:
e3:b4:dc:6e:33:c6:45:5f:ff:3c:b0:e2:4b:32:3a:1b:7d:12:
5a:44:4a:e9:fc:0a:6e:56:18:3e:ec:97:d1:78:e2:47:b8:01:
be:fb:10:39:09:94:29:9c:07:d5:2a:89:dc:e5:52:cc:aa:4c:
15:84:87:a3:43:d7:40:0f:d0:a0:b4:17:3d:12:a8:ff:58:0b:
15:f7:bf:3c:18:f5:24:72:d3:f2:59:c5:64:c1:8b:31:48:19:
3d:13:1d:e2:56:6e:8f:a9:f3:47:6c:3f:60:63:2c:3f:a3:c5:
65:93:f4:73:6c:e0:d8:d0:4f:ec:4f:a1:18:13:25:82:2e:29:
60:01:d7:a9:b0:9c:ac:b8:26:da:5c:1b:da:0b:ad:86:8c:1f:
d8:53:c7:0b:d2:6b:47:04:6f:e3:28:22:21:6d:bd:a4:87:65:
ea:9f:67:23:3f:5f:19:4e:1f:81:a6:93:61:1d:ba:59:9d:fe:
f5:b2:d1:50:ff:95:04:d3:46:73:8e:04:49:69:bf:c0:49:70:
20:52:f9:a1:10:7c:8b:ea:2d:a8:84:06:8b:e1:6e:34:4e:04:
dc:33:89:f4