GeneralInformation

Hostnames	104-237-130-38.ip.linodeusercontent.com
Domains	linodeusercontent.com
Cloud Provider	Linode
Cloud Region	us-tx
Country	United States
City	Richardson
Organization	Linode
ISP	Akamai Connected Cloud
ASN	AS63949
Operating System	Linux

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2022-41556

A resource leak in gw_backend.c in lighttpd 1.4.56 through 1.4.66 could lead to a denial of service (connection-slot exhaustion) after a large amount of anomalous TCP behavior by clients. It is related to RDHUP mishandling in certain HTTP/1.1 chunked situations. Use of mod_fastcgi is, for example, affected. This is fixed in 1.4.67.

CVE-2022-22707

4.3In lighttpd 1.4.46 through 1.4.63, the mod_extforward_Forwarded function of the mod_extforward plugin has a stack-based buffer overflow (4 bytes representing -1), as demonstrated by remote denial of service (daemon crash) in a non-default configuration. The non-default configuration requires handling of the Forwarded header in a somewhat unusual manner. Also, a 32-bit system is much more likely to be affected than a 64-bit system.

OpenPorts

22 80

-1663007903 | 2024-05-14T23:47:37.262810

22 / tcp

SSH-2.0-OpenSSH_8.4p1 Debian-5+deb11u3
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQDlOK+uSiimntWQ2+0EMY/uRgcESdo2yXhZxElVznU8xiNh
kLjZMr1gtmHzHW9Gka2eANRKNCi+5NwWI4hk5qmzlXuxeF8lUpNzLpeTmYY4ftohnOXIlQttXGVB
zTRKzJ0KnubadfQhBDgRhMwZTw5EmG3eb/ENMTlfEymfSjFs1xDzI2A6O5nZc+qHt5rnh9V22h9B
oWGIO17LKqV/epbK7o/DUHH1AGlfDDuzGTGuEg9fqBChjS3pZ9sZvAkozuCxGixgM8mCVdBj8C3b
tFyzeoOHlW+M+IZEUZgGVnIwF6Q7ErRTEj1G/Q8DD4fAtzw2zy5U6IFD72rRqE0Oh82UJZEGAiuS
rJIG5dtpUKML8+WJDzga8LiG9mFUjVfJTIuY49UfgXro98k6i7O3U9FnKYO+65Sd6N6516fEGejA
/zqP89dNBnJT4nh0qR8lFEIjXNxDRrLaoBwiOlf1azJincZZegv1AEAwXzJyJvbilXGPP9L+Pc9n
WTsFCrsrZlc=
Fingerprint: 17:b8:db:f8:99:2d:7f:a2:65:21:43:2b:c1:e4:de:39

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

-918345453 | 2024-05-08T17:09:58.996774

80 / tcp

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Accept-Ranges: bytes
ETag: "2224015484"
Last-Modified: Mon, 29 Apr 2024 14:44:36 GMT
Content-Length: 1337
Date: Wed, 08 May 2024 17:09:58 GMT
Server: lighttpd/1.4.59

104.237.130.38

Last Seen: 2024-05-14

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1663007903 | 2024-05-14T23:47:37.262810
22 / tcp

OpenSSH8.4p1 Debian 5+deb11u3

-918345453 | 2024-05-08T17:09:58.996774
80 / tcp

lighttpd1.4.59

Products

Pricing

Contact Us