GeneralInformation

Hostnames	eab9c05722.scan.leakix.org
Domains	leakix.org
Cloud Provider	DigitalOcean
Cloud Region	de-he
Country	Germany
City	Frankfurt am Main
Organization	DigitalOcean, LLC
ISP	DigitalOcean, LLC
ASN	AS14061

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2022-41556

A resource leak in gw_backend.c in lighttpd 1.4.56 through 1.4.66 could lead to a denial of service (connection-slot exhaustion) after a large amount of anomalous TCP behavior by clients. It is related to RDHUP mishandling in certain HTTP/1.1 chunked situations. Use of mod_fastcgi is, for example, affected. This is fixed in 1.4.67.

CVE-2022-22707

4.3In lighttpd 1.4.46 through 1.4.63, the mod_extforward_Forwarded function of the mod_extforward plugin has a stack-based buffer overflow (4 bytes representing -1), as demonstrated by remote denial of service (daemon crash) in a non-default configuration. The non-default configuration requires handling of the Forwarded header in a somewhat unusual manner. Also, a 32-bit system is much more likely to be affected than a 64-bit system.

OpenPorts

22 80

-2047528007 | 2024-05-14T20:20:08.036297

22 / tcp

SSH-2.0-OpenSSH_8.4p1 Debian-5+deb11u3
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQDP4VPBd8P/GwAXDPiC+eZYwD65QoMClOHycPOzyeWEopIN
QUcgHB+6f/RR+lNoEHlZciLAQmBh1DXzlewD4HC9nMf5xvEudFOWTkHChunTFAKETH87KgjYkWD3
qkF3iDVGQULKEi1spPNSTBOsfYQ04c8NBu0J8A1678San3O5jSX9kllA7KgSl6fpDZfCIw31ulAq
VKT1OJMXUd+bBKVmjh+osJc+5N+CvbZm3CjTfPuKoRbC0M+iKpvU5gNO8V/dWYzecRerTy7CRYPM
e9SPY9Kzi1efYwrXtlHIswbINHO92uHVqFnwZa4Y6mHsF/yzUVY5XLRODwvtz81TUnoiWVpand2n
L74GHhsZFHr3zgDcFBQZlVDerJeB3oX4CpofRaCCy0bO2FfzGmfnuVfyt9nVC+YZbXTDleVzSMCR
7gkBN5qTAh8oPW3OE/uE7mFSgxAWmzdsmhso5YNpm78KV134+O5oVDCdjX6t8Iqe0vcYcoJK466V
6SOd1xdA6l8=
Fingerprint: e3:61:a6:0c:b1:3f:71:2f:a8:f5:a4:36:7f:72:77:75

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

-1415052256 | 2024-05-18T16:02:25.678676

80 / tcp

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Accept-Ranges: bytes
ETag: "2330968139"
Last-Modified: Mon, 29 Apr 2024 14:44:37 GMT
Content-Length: 1329
Date: Sat, 18 May 2024 16:02:25 GMT
Server: lighttpd/1.4.59

178.128.207.138

Last Seen: 2024-05-18

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-2047528007 | 2024-05-14T20:20:08.036297
22 / tcp

OpenSSH8.4p1 Debian 5+deb11u3

-1415052256 | 2024-05-18T16:02:25.678676
80 / tcp

lighttpd1.4.59

Products

Pricing

Contact Us