GeneralInformation

Hostnames	vmi1438642.contaboserver.net
Domains	contaboserver.net
Country	Germany
City	Düsseldorf
Organization	Contabo GmbH
ISP	Contabo GmbH
ASN	AS51167

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2020-1938

7.5When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited in ways that may be surprising. In Apache Tomcat 9.0.0.M1 to 9.0.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99, Tomcat shipped with an AJP Connector enabled by default that listened on all configured IP addresses. It was expected (and recommended in the security guide) that this Connector would be disabled if not required. This vulnerability report identified a mechanism that allowed: - returning arbitrary files from anywhere in the web application - processing any file in the web application as a JSP Further, if the web application allowed file upload and stored those files within the web application (or the attacker was able to control the content of the web application by some other means) then this, along with the ability to process a file as a JSP, made remote code execution possible.

OpenPorts

22 8009 8098

-1010160421 | 2024-05-31T09:21:59.173523

22 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.9
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAACAQC3gwRpwbFeLNOf3PD99uwnqTrqiq8RqMSf6oL3KMMhAqFs
6zUaCxtr346E7395iufmtdrl27GdzuoRkvgKVZbIPtLWu9QFDQlagfge2nBLCGUg/oUOI3qsAEux
KKWN2HhQlyLgRHgJge8gugCqtm9/fUVCk0wx5eNm2e6BSLZIGO+YJdnEAh0D4bVWiupe8AN87G1t
IF+bGXuvtyszv3YywuGXiRHk6hQcfYUliSzZWiQwZItx7AxQRuNI1WnoBX/QsHzcYd/JyVrn3fX4
pT/uiEBdpnB9zyghhmSZYO3Kvzv8HwNywuzGC5w7cvGNYlNsLd6hq4r/KJF7ZuMOSeGc82oZCyNj
bBoUS+/78dgxIooNW4UW1ybZxRiAdkArjRvvSKzkAYyjfXMvfajrAVWDqGZcFrBTpq36tsbxLyLL
/WG8EDcnC+vjwJkkQX+0XKCUet1On0uUUUM5cGdFv7yMIfzyAFwXXwnxDbZZGSMSYhefRT1bCyX7
A4kkJMYggkhrZH2vxNGkNVLI355w5dFFebPKThPeaAFfJXQ2TTPhIMFNZcKDc0UN22SzzticvQv8
s0nw2gOjstED59Oat0QYWLM6qI9rMgdsC2Jyhmfa6rp1wmpRQ62EXAv2Ef4vEb8at9V+RK0lXHD6
Z/zkOi4sJoDjT2u+gtaHXW2ddmB/Hw==
Fingerprint: 3e:80:4c:de:bc:ba:d6:a9:cc:ed:64:35:72:7d:87:d2

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

993066333 | 2024-05-10T20:30:20.181293

8009 / tcp

<!doctype html><html lang="en"><head><title>HTTP Status 404 – Not Found</title><style type="text/css">h1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} h2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} h3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} body {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} b {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} p {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;} a {color:black;} a.name {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 – Not Found</h1><hr class="line" /><p><b>Type</b> Status Report</p><p><b>Message</b> &#47;asdadadas</p><p><b>Description</b> The origin server did not find a current representation for the target resource or is not willing to disclose that one exists.</p><hr class="line" /><h3>Apache Tomcat/8.5.35</h3></body></html>

700405381 | 2024-05-17T09:14:06.074649

8098 / tcp

HTTP/1.1 401 Authenitcation Required;
WWW-Authenticate: Basic realm="Primrose Web Console"
Date: Fri May 17 11:14:06 CAT 2024
Server: Primrose Web Console
LastModified: Fri May 17 11:14:06 CAT 2024
Content-Type: text/html
Connection:close

161.97.170.107

Last Seen: 2024-05-31

GeneralInformation

Vulnerabilities

OpenPorts

-1010160421 | 2024-05-31T09:21:59.173523
22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.9

993066333 | 2024-05-10T20:30:20.181293
8009 / tcp

Apache Tomcat8.5.35

700405381 | 2024-05-17T09:14:06.074649
8098 / tcp

Products

Pricing

Contact Us

161.97.170.107

Last Seen: 2024-05-31

GeneralInformation

Vulnerabilities

OpenPorts

-1010160421 | 2024-05-31T09:21:59.173523 22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.9

993066333 | 2024-05-10T20:30:20.181293 8009 / tcp

Apache Tomcat8.5.35

700405381 | 2024-05-17T09:14:06.074649 8098 / tcp

Products

Pricing

Contact Us

-1010160421 | 2024-05-31T09:21:59.173523
22 / tcp

993066333 | 2024-05-10T20:30:20.181293
8009 / tcp

700405381 | 2024-05-17T09:14:06.074649
8098 / tcp