182.161.79.179
{
"scan_id": 1765408089,
"ip": "182.161.79.179",
"is_ipv4": true,
"is_ipv6": false,
"location": {
"network": "182.161.78.0/23",
"postal_code": "",
"coordinates": {
"latitude": "35.69",
"longitude": "139.69"
},
"geo_point": "35.69, 139.69",
"locale_code": "en",
"continent": "Asia",
"country_code": "JP",
"country_name": "Japan",
"city": ""
},
"location_updated_at": "2025-12-11T00:45:46Z",
"asn": {
"number": "AS4713",
"organization": "NTT DOCOMO BUSINESS,Inc.",
"country_code": ""
},
"asn_updated_at": "0001-01-01T00:00:00Z",
"whois": {
"network": "182.161.79.0/24",
"organization": "Directorz Co.,Ltd.",
"descr": "Directorz Co.,Ltd.",
"_encoding": {
"raw": "BASE64"
}
},
"whois_updated_at": "2024-12-10T12:43:45Z",
"tags": [
{
"name": "is_anonymous_proxy",
"pretty_name": "Anonymous Proxy",
"value": false,
"last_updated_at": "2025-12-11T00:45:46Z"
},
{
"name": "is_cdn",
"pretty_name": "CDN",
"value": false,
"last_updated_at": "2025-12-11T02:51:09Z"
},
{
"name": "is_satellite_provider",
"pretty_name": "Satellite Provider",
"value": false,
"last_updated_at": "2025-12-11T00:45:46Z"
}
],
"hostnames": [
{
"name": "tk9-n5z-565-12-r330.savacus.net",
"last_updated_at": "2025-12-11T02:51:09Z"
}
],
"services": [
{
"port": 443,
"protocol": "tcp",
"name": "http",
"version": "",
"product": "Apache httpd",
"extra_info": "",
"tunnel": "ssl",
"softwares": [
{
"uri": "cpe:/a:apache:http_server",
"part": "a",
"vendor": "apache",
"product": "http_server",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body": "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>403 Forbidden</title>\n</head><body>\n<h1>Forbidden</h1>\n<p>You don't have permission to access this resource.</p>\n</body></html>\n",
"body_murmur": 396138133,
"body_sha256": "5b13fb5957b84ef7bb9d0b6cd509c947ff6a37d67efdac2b896ddd3b908aad10",
"component": [
"Apache HTTP Server"
],
"content_length": 199,
"headers": {
"content_length": [
"199"
],
"content_type": [
"text/html; charset=iso-8859-1"
],
"date": [
"Sun, 14 Dec 2025 02:19:16 GMT"
],
"server": [
"Apache"
]
},
"protocol": "HTTP/1.1",
"request": {
"headers": {
"accept": [
"*/*"
],
"user_agent": [
"Mozilla/5.0 (compatible; Odin; https://docs.getodin.com/)"
]
},
"method": "GET",
"url": {
"host": "182.161.79.179",
"path": "",
"scheme": "https"
}
},
"status_code": 403,
"title": "403 Forbidden"
},
"tls": {
"certificate": {
"extensions": {
"authority_info_access": {
"issuer_urls": [
"http://nijimo.crt.sectigo.com/FujiSSLSHA2DomainSecureSiteCA.crt"
],
"ocsp_urls": [
"http://nijimo.ocsp.sectigo.com"
]
},
"authority_key_id": "e622404fa450a97a2d933951afb29d7336f3c1b0",
"basic_constraints": {
"is_ca": true
},
"certificate_policies": [
{
"cps": [
"https://sectigo.com/CPS"
],
"id": "1.3.6.1.4.1.6449.1.2.2.69"
},
{
"id": "2.23.140.1.2.1"
}
],
"ct_precert_scts": "Signed Certificate Timestamp:\n Version : v1 (0x0)\n Log ID : D8:09:55:3B:94:4F:7A:FF:C8:16:19:6F:94:4F:85:AB:\n B0:F8:FC:5E:87:55:26:0F:15:D1:2E:72:BB:45:4B:14\n Timestamp : Aug 27 00:51:17.415 2025 GMT\n Extensions: none\n Signature : ecdsa-with-SHA256\n 30:46:02:21:00:A9:42:9D:B7:79:69:21:F4:E6:AD:C1:\n B5:A2:01:2F:90:24:A6:2E:51:E0:C4:92:1F:03:98:A4:\n 1F:61:9C:7A:40:02:21:00:BF:C6:AE:85:51:88:8B:B1:\n 30:83:4F:AA:28:88:2D:8B:21:CB:4F:0E:FF:22:63:E6:\n 1B:C9:EF:59:9B:3F:4C:EA\nSigned Certificate Timestamp:\n Version : v1 (0x0)\n Log ID : AC:AB:30:70:6C:EB:EC:84:31:F4:13:D2:F4:91:5F:11:\n 1E:42:24:43:B1:F2:A6:8C:4F:3C:2B:3B:A7:1E:02:C3\n Timestamp : Aug 27 00:51:17.388 2025 GMT\n Extensions: none\n Signature : ecdsa-with-SHA256\n 30:44:02:20:39:4A:F5:AF:11:D3:C7:BA:EF:EF:23:D4:\n 80:DF:9B:1D:85:12:44:F3:02:0D:05:85:1B:FE:77:E0:\n 16:29:48:C6:02:20:35:65:C6:DC:76:A4:2D:A4:88:24:\n 39:C3:F8:24:B9:81:8A:03:65:A3:1B:F8:CF:51:B9:05:\n 1B:43:70:C1:C8:12\nSigned Certificate Timestamp:\n Version : v1 (0x0)\n Log ID : D7:6D:7D:10:D1:A7:F5:77:C2:C7:E9:5F:D7:00:BF:F9:\n 82:C9:33:5A:65:E1:D0:B3:01:73:17:C0:C8:C5:69:77\n Timestamp : Aug 27 00:51:17.398 2025 GMT\n Extensions: none\n Signature : ecdsa-with-SHA256\n 30:45:02:21:00:CE:2A:C4:BE:ED:E2:83:F8:1F:48:EB:\n 25:15:E5:60:E8:BE:32:D0:CF:76:93:40:F0:21:1E:DA:\n 74:86:2E:FC:E6:02:20:18:09:9D:86:22:6F:E6:BB:A0:\n E6:66:3C:9C:D4:C2:F4:0A:F2:23:0D:DA:14:37:7A:B3:\n DC:1E:13:01:FB:42:11",
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": false,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": true
},
"subject_alt_name": {
"dns_names": [
"*.search.zetacx.net",
"search.zetacx.net"
]
},
"subject_key_id": "3016c0679aacf0e9048d9ab8c8b55010215a4c90"
},
"fingerprint_md5": "063A822B718D486B68B9A1E3E0702F7F",
"fingerprint_sha1": "B552EB7BB9B689F8DE54B078C04081A05B901B25",
"fingerprint_sha256": "955E6614F64F196A1A9B77657711B4575467240780649DBE429FFAA9EC28948F",
"issuer": {
"common_name": [
"FujiSSL SHA2 Domain Secure Site CA"
],
"country": [
"JP"
],
"locality": [
"Shibuya-ku"
],
"organization": [
"Nijimo K.K."
],
"province": [
"Tokyo"
]
},
"issuer_dn": "/C=JP/ST=Tokyo/L=Shibuya-ku/O=Nijimo K.K./CN=FujiSSL SHA2 Domain Secure Site CA",
"jarm": "2ad2ad16d2ad2ad0002ad2ad2ad2adf61ff80be599affbc2aaaf4e292b2300",
"redacted": false,
"revocation": {
"ocsp": {
"next_update": "2025-12-20T14:48:21",
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "286069250015867927949000559610351026988",
"signature": {
"algorithm": {
"name": "SHA256-RSA",
"oid": "1.2.840.113549.1.1.11"
},
"self_signed": false,
"value": "MzM2MTQxNDJlMjdlYTRjNDI0NTQxODdjMmJkZWI1NWUwOWQxZWY0ZDkxODdkMmJmNzEwZWI0MzM5ZTNhMGY5YTEyMmE1Mjc3ZWY5MWIyODRkOTQxMzJhNWE1NmY4OGM5YmY0ZDhjOWU1NGJhYjg5ZTdkYTY4YTlkMDRkNmM3ZWFjOGUzNTViMjZiNTRiNWQ2NTMzYjFhNTU3YjNmYzhjM2RmYjAzYzJkNTFkNmQxMTVmMzBjODMxZjI5ZDRhY2YwYTRjYmNiYjc3OGFhMDc2YThmYmZkYmFkNWRlZGIzZGI0ODI3ZmJhMDYyMmNjNmJiMzliMTdkNGYwMzI4Y2VlMGNjZDVhMTA0OTlhOTQ4NjBhYzExMmI1MmZhY2JmNzBhYmRlMTM0YzFhMjEyYjQ5MzcyNTEwODQwMTNjNmZiYjI5OTgyM2I5MmM2YThhZWViNjQ0M2I0NjkyNzgyNjRkZDE2NDc1ZWEyZTZlZDZhYmQxYWRjYTg3ZjgzNDE2OTdiZjQ5Y2NhMjczMzExY2MzMTRjMWNhODVjOWEzNmZjMDY3MmFhMzk3MjA5OTc4MDMxYWIxM2YzNzlkNjAxMjM5MDgyYzJmMTc3NTU4N2RiMDQ0YTBmZmI4MzI5NzE2MGFkZjIzMDg3NGI2MzFiZWFkNTkyOTc2MjQ0M2ViNWVkODU="
},
"signed_certificate_timestamps": [
{
"entry_type": "PRE_CERTIFICATE",
"log_id": "d809553b944f7affc816196f944f85abb0f8fc5e8755260f15d12e72bb454b14",
"signature": {
"algorithm": "ECDSA",
"hash_algorithm": "SHA256",
"value": "3046022100a9429db7796921f4e6adc1b5a2012f9024a62e51e0c4921f0398a41f619c7a40022100bfc6ae8551888bb130834faa28882d8b21cb4f0eff2263e61bc9ef599b3f4cea"
},
"timestamp": "2025-08-27T00:51:17.415000",
"version": "v1"
},
{
"entry_type": "PRE_CERTIFICATE",
"log_id": "acab30706cebec8431f413d2f4915f111e422443b1f2a68c4f3c2b3ba71e02c3",
"signature": {
"algorithm": "ECDSA",
"hash_algorithm": "SHA256",
"value": "30440220394af5af11d3c7baefef23d480df9b1d851244f3020d05851bfe77e0162948c602203565c6dc76a42da4882439c3f824b9818a0365a31bf8cf51b9051b4370c1c812"
},
"timestamp": "2025-08-27T00:51:17.388000",
"version": "v1"
},
{
"entry_type": "PRE_CERTIFICATE",
"log_id": "d76d7d10d1a7f577c2c7e95fd700bff982c9335a65e1d0b3017317c0c8c56977",
"signature": {
"algorithm": "ECDSA",
"hash_algorithm": "SHA256",
"value": "3045022100ce2ac4beede283f81f48eb2515e560e8be32d0cf769340f0211eda74862efce6022018099d86226fe6bba0e6663c9cd4c2f40af2230dda14377ab3dc1e1301fb4211"
},
"timestamp": "2025-08-27T00:51:17.398000",
"version": "v1"
}
],
"signed_certificate_timestamps_oid": "1.3.6.1.4.1.11129.2.4.2",
"subject": {
"common_name": [
"*.search.zetacx.net"
]
},
"subject_alt_name": {
"dns_names": [
"*.search.zetacx.net",
"search.zetacx.net"
],
"extended_dns_names": [
{
"domain": "zetacx",
"fld": "zetacx.net",
"subdomain": "*.search",
"tld": "net"
},
{
"domain": "zetacx",
"fld": "zetacx.net",
"subdomain": "search",
"tld": "net"
}
]
},
"subject_dn": "/CN=*.search.zetacx.net",
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "a929d0a76a8094ad5049dc1321270a32007837e7df229ab543804aced42a2754",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 2048,
"modulus": "MHhiMDdlNThkMGUwOTYyMWJhMmI4YWZlNGRkMDdjMzg4ZDBlMTJiYWIxZDJhNmYzOWMxMzE2NzYyNjFjZjQwODE5Y2IzY2I4YjMwM2IzZDNlMmZkNTBkYTVhOWQ5NzU1YTA1NGJjOGY3MjQxM2UyOTJlMTIwZDQ5ZjQxY2JjNjQyN2JkMjJlODRjZjMxODY1OWVhMjBlZjdiY2ZkZmMzMzQ1ZDYxZTA0N2ZkYWNjMjIwYmU4MGY1M2FjMWEyYmU5OGI0ZDRiNDZkMmU0NWJlYjc5M2VmYWIxZTU5NDQ4NjNjYzc3NWQxMzU4MDZjMzE1M2JmY2I3MjAxZWY5NmJhZjZjYjI2NDEzYTU4NDhlYTMwM2Y4YTZiZGUzMjUxODdjYjY0NTdiZmE0OWJiNzNkMzJmZTlmYWUzZjgxZDA0MjRkNTBmNDc2NDRkYjYwMTQzMjg1NmY0YTA5N2FkNDUwZTE2NTVhZjE4ZDI2MWQ4ZmEwMWJlNzY5ZWY3OTYwMTQ3OWNlNDU2YWFlZjBjMjBkMzY2MGQxZmRjZmYzMzUwYTYyMjZkYzkxOTUzZjZiMTA3MGEzNDU1NmRhNTU2YzQxYTVjNTRhYmIyNDMzMTFmNzk3NTgwZTRhZDA0ODQ3YWMxZjFmMWEwNTUxMzNmYjIyM2ZlNDBhYWNjNDkwODU2YThiMQ=="
}
},
"tbs_fingerprint": "1f19ffa5da0324e7b59c6261145cfa5d7cf4d05848f9cd6b297c26396f0bb799",
"tbs_noct_fingerprint": "b4948670c70030ca6e8a0b05a8aa7e726f083846dafc59e6181600b56e74f5ce",
"validation_level": "DV",
"validity": {
"length_seconds": 34214400,
"not_after": "2026-09-26T23:59:59",
"not_before": "2025-08-27T00:00:00"
},
"version": 2
},
"fingerprint_sha256": "955E6614F64F196A1A9B77657711B4575467240780649DBE429FFAA9EC28948F",
"precert": false,
"raw": "MIIGKzCCBROgAwIBAgIRANc27vhf5trDKrSlIXZDgywwDQYJKoZIhvcNAQELBQAwdTELMAkGA1UEBhMCSlAxDjAMBgNVBAgTBVRva3lvMRMwEQYDVQQHEwpTaGlidXlhLWt1MRQwEgYDVQQKEwtOaWppbW8gSy5LLjErMCkGA1UEAxMiRnVqaVNTTCBTSEEyIERvbWFpbiBTZWN1cmUgU2l0ZSBDQTAeFw0yNTA4MjcwMDAwMDBaFw0yNjA5MjYyMzU5NTlaMB4xHDAaBgNVBAMMEyouc2VhcmNoLnpldGFjeC5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwfljQ4JYhuiuK/k3QfDiNDhK6sdKm85wTFnYmHPQIGcs8uLMDs9Pi/VDaWp2XVaBUvI9yQT4pLhINSfQcvGQnvSLoTPMYZZ6iDve8/fwzRdYeBH/azCIL6A9TrBor6YtNS0bS5FvreT76seWUSGPMd10TWAbDFTv8tyAe+WuvbLJkE6WEjqMD+Ka94yUYfLZFe/pJu3PTL+n64/gdBCTVD0dkTbYBQyhW9KCXrUUOFlWvGNJh2PoBvnae95YBR5zkVqrvDCDTZg0f3P8zUKYibckZU/axBwo0VW2lVsQaXFSrskMxH3l1gOStBIR6wfHxoFUTP7Ij/kCqzEkIVqixAgMBAAGjggMLMIIDBzAfBgNVHSMEGDAWgBTmIkBPpFCpei2TOVGvsp1zNvPBsDAdBgNVHQ4EFgQUMBbAZ5qs8OkEjZq4yLVQECFaTJAwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMEkGA1UdIARCMEAwNAYLKwYBBAGyMQECAkUwJTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMwCAYGZ4EMAQIBMIGHBggrBgEFBQcBAQR7MHkwSwYIKwYBBQUHMAKGP2h0dHA6Ly9uaWppbW8uY3J0LnNlY3RpZ28uY29tL0Z1amlTU0xTSEEyRG9tYWluU2VjdXJlU2l0ZUNBLmNydDAqBggrBgEFBQcwAYYeaHR0cDovL25pamltby5vY3NwLnNlY3RpZ28uY29tMDEGA1UdEQQqMCiCEyouc2VhcmNoLnpldGFjeC5uZXSCEXNlYXJjaC56ZXRhY3gubmV0MIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgAdwDYCVU7lE96/8gWGW+UT4WrsPj8XodVJg8V0S5yu0VLFAAAAZjpAfknAAAEAwBIMEYCIQCpQp23eWkh9OatwbWiAS+QJKYuUeDEkh8DmKQfYZx6QAIhAL/GroVRiIuxMINPqiiILYshy08O/yJj5hvJ71mbP0zqAHUArKswcGzr7IQx9BPS9JFfER5CJEOx8qaMTzwrO6ceAsMAAAGY6QH5DAAABAMARjBEAiA5SvWvEdPHuu/vI9SA35sdhRJE8wINBYUb/nfgFilIxgIgNWXG3HakLaSIJDnD+CS5gYoDZaMb+M9RuQUbQ3DByBIAdgDXbX0Q0af1d8LH6V/XAL/5gskzWmXh0LMBcxfAyMVpdwAAAZjpAfkWAAAEAwBHMEUCIQDOKsS+7eKD+B9I6yUV5WDovjLQz3aTQPAhHtp0hi785gIgGAmdhiJv5rug5mY8nNTC9AryIw3aFDd6s9weEwH7QhEwDQYJKoZIhvcNAQELBQADggEBADNhQULifqTEJFQYfCvetV4J0e9NkYfSv3EOtDOeOg+aEipSd++RsoTZQTKlpW+Iyb9NjJ5UuriefaaKnQTWx+rI41Wya1S11lM7GlV7P8jD37A8LVHW0RXzDIMfKdSs8KTLy7d4qgdqj7/brV3ts9tIJ/ugYizGuzmxfU8DKM7gzNWhBJmpSGCsEStS+sv3Cr3hNMGiErSTclEIQBPG+7KZgjuSxqiu62RDtGkngmTdFkdeoubtar0a3Kh/g0Fpe/ScyiczEcwxTByoXJo2/AZyqjlyCZeAMasT83nWASOQgsLxd1WH2wRKD/uDKXFgrfIwh0tjG+rVkpdiRD617YU=",
"tags": [
"dv",
"trusted"
]
}
},
"cve": [
{
"id": "CVE-1999-0070",
"score": 5,
"severity": "medium"
},
{
"id": "CVE-1999-1199",
"score": 10,
"severity": "high"
},
{
"id": "CVE-2023-25690",
"score": 9.8,
"severity": "critical"
}
],
"url": "https://182.161.79.179/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-12-14T08:54:35.087Z"
}
],
"services_hash": "92350c06b41a230a060ef949c1850a18203142b88335e59f6cf6ac4d2a466a86",
"last_updated_at": "2025-12-14T08:54:35.087Z",
"banner": [
"http",
"tls"
],
"is_vuln": true,
"cveDetails": {
"CVE-1999-0070": {
"id": "CVE-1999-0070",
"references": [
"https://lists.apache.org/thread.html/rc5d27fc1e76dc5650e1a3f1db1de403120f4c2d041cb7352850455c2%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc5d27fc1e76dc5650e1a3f1db1de403120f4c2d041cb7352850455c2%40%3Cusers.httpd.apache.org%3E"
],
"score": 5,
"services": [
"443/http"
],
"severity": "medium",
"summary": "test-cgi program allows an attacker to list files on the server.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"weakness": "NVD-CWE-noinfo"
},
"CVE-1999-1199": {
"id": "CVE-1999-1199",
"references": [
"http://marc.info/?l=bugtraq&m=90252779826784&w=2",
"http://marc.info/?l=bugtraq&m=90276683825862&w=2",
"http://marc.info/?l=bugtraq&m=90280517007869&w=2",
"http://marc.info/?l=bugtraq&m=90286768232093&w=2",
"http://www.redhat.com/support/errata/rh51-errata-general.html#apache",
"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"http://marc.info/?l=bugtraq&m=90252779826784&w=2",
"http://marc.info/?l=bugtraq&m=90276683825862&w=2",
"http://marc.info/?l=bugtraq&m=90280517007869&w=2",
"http://marc.info/?l=bugtraq&m=90286768232093&w=2",
"http://www.redhat.com/support/errata/rh51-errata-general.html#apache",
"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
],
"score": 10,
"services": [
"443/http"
],
"severity": "high",
"summary": "Apache WWW server 1.3.1 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via a large number of MIME headers with the same name, aka the \"sioux\" vulnerability.",
"vector_string": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"weakness": "NVD-CWE-Other"
},
"CVE-2023-25690": {
"id": "CVE-2023-25690",
"references": [
"http://packetstormsecurity.com/files/176334/Apache-2.4.55-mod_proxy-HTTP-Request-Smuggling.html",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2023/04/msg00028.html",
"https://security.gentoo.org/glsa/202309-01",
"http://packetstormsecurity.com/files/176334/Apache-2.4.55-mod_proxy-HTTP-Request-Smuggling.html",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2023/04/msg00028.html",
"https://security.gentoo.org/glsa/202309-01"
],
"score": 9.8,
"services": [
"443/http"
],
"severity": "critical",
"summary": "Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack.\n\n\n\n\nConfigurations are affected when mod_proxy is enabled along with some form of RewriteRule\n or ProxyPassMatch in which a non-specific pattern matches\n some portion of the user-supplied request-target (URL) data and is then\n re-inserted into the proxied request-target using variable \nsubstitution. For example, something like:\n\n\n\n\nRewriteEngine on\nRewriteRule \"^/here/(.*)\" \"http://example.com:8080/elsewhere?$1\"; [P]\nProxyPassReverse /here/ http://example.com:8080/\n\n\nRequest splitting/smuggling could result in bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. Users are recommended to update to at least version 2.4.56 of Apache HTTP Server.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-444"
},
"CVE-2023-27522": {
"id": "CVE-2023-27522",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2023/04/msg00028.html",
"https://security.gentoo.org/glsa/202309-01"
],
"score": 7.5,
"services": [
"443/http"
],
"severity": "high",
"summary": "HTTP Response Smuggling vulnerability in Apache HTTP Server via mod_proxy_uwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55.nnSpecial characters in the origin response header can truncate/split the response forwarded to the client.nnn",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"weakness": "CWE-444"
}
}
}