GeneralInformation

Hostnames	ffaffaab3a.scan.leakix.org
Domains	leakix.org
Cloud Provider	DigitalOcean
Cloud Region	de-he
Country	Germany
City	Frankfurt am Main
Organization	DigitalOcean, LLC
ISP	DigitalOcean, LLC
ASN	AS14061

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2022-41556

A resource leak in gw_backend.c in lighttpd 1.4.56 through 1.4.66 could lead to a denial of service (connection-slot exhaustion) after a large amount of anomalous TCP behavior by clients. It is related to RDHUP mishandling in certain HTTP/1.1 chunked situations. Use of mod_fastcgi is, for example, affected. This is fixed in 1.4.67.

CVE-2022-22707

4.3In lighttpd 1.4.46 through 1.4.63, the mod_extforward_Forwarded function of the mod_extforward plugin has a stack-based buffer overflow (4 bytes representing -1), as demonstrated by remote denial of service (daemon crash) in a non-default configuration. The non-default configuration requires handling of the Forwarded header in a somewhat unusual manner. Also, a 32-bit system is much more likely to be affected than a 64-bit system.

OpenPorts

22 80

229353433 | 2024-05-16T02:59:13.404964

22 / tcp

SSH-2.0-OpenSSH_8.4p1 Debian-5+deb11u3
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQDCTtqg+nPdngcjz21X03DgohKPpkX2vcRYk2gR6Xgb714K
pelQX6hWh1JZ0lwZw804KR/B4bnIimmP65v5tMUkNme69esXTLN2/jb+pR5r7zSXSXz3WAg/j+Ti
I1EkjLun+GNSihSgliHMMUVyJr+tnp3IlF7635zgPJnURzN3CaAjBhC+6ejQwwrxweq7ASnGpdKP
Aj0ncvKea9Lg7vuX5RQe4F/6HcCyJnd6EyBs8UbJDs1qyOgV1Fj2LY1H/YcYnEAN+jKRgKlajhpM
dRUGffrfmfDItDIS23NygfUh2uxAVMEv5n+vuFEHHI7/PG05AU8Zd0e8DEY9ecDrc5q9C+YkeULb
+Aoli1lEFBlwzytpEazxQWAlosyUFIk9VVVDGuYmRvTg93jtaMXUo3dYfdhD5o6iU7qSsUKExLK/
FunL5ef0avzO81ARgerzP/vpyikn/U3DvCLsq+gSquHxmPtFZeComfMUI3iVG6Bv3JdrNiqUmk6/
1RBX0EXlSik=
Fingerprint: f1:57:08:a3:dd:78:eb:21:ba:f1:68:9a:5d:5f:9d:bb

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

-81058249 | 2024-05-17T04:28:36.933316

80 / tcp

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Accept-Ranges: bytes
ETag: "610781281"
Last-Modified: Mon, 29 Apr 2024 14:44:36 GMT
Content-Length: 1332
Date: Fri, 17 May 2024 04:28:36 GMT
Server: lighttpd/1.4.59

46.101.111.185

Last Seen: 2024-05-17

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

229353433 | 2024-05-16T02:59:13.404964
22 / tcp

OpenSSH8.4p1 Debian 5+deb11u3

-81058249 | 2024-05-17T04:28:36.933316
80 / tcp

lighttpd1.4.59

Products

Pricing

Contact Us