182.162.192.132
{
"scan_id": 1764431206,
"ip": "182.162.192.132",
"is_ipv4": true,
"is_ipv6": false,
"location": {
"network": "182.162.128.0/17",
"postal_code": "",
"coordinates": {
"latitude": "37.5112",
"longitude": "126.9741"
},
"geo_point": "37.5112, 126.9741",
"locale_code": "en",
"continent": "Asia",
"country_code": "KR",
"country_name": "South Korea",
"city": ""
},
"location_updated_at": "2025-11-30T08:43:34Z",
"asn": {
"number": "AS23576",
"organization": "NAVER Cloud Corp.",
"country_code": ""
},
"asn_updated_at": "0001-01-01T00:00:00Z",
"whois": {
"network": "182.162.0.0/16",
"organization": "LG DACOM KIDC",
"descr": "LG DACOM KIDC",
"_encoding": {
"raw": "BASE64"
}
},
"whois_updated_at": "2024-12-09T19:03:53Z",
"tags": [
{
"name": "is_anonymous_proxy",
"pretty_name": "Anonymous Proxy",
"value": false,
"last_updated_at": "2025-11-30T08:43:34Z"
},
{
"name": "is_cdn",
"pretty_name": "CDN",
"value": false,
"last_updated_at": "2025-11-30T12:01:37Z"
},
{
"name": "is_satellite_provider",
"pretty_name": "Satellite Provider",
"value": false,
"last_updated_at": "2025-11-30T08:43:34Z"
}
],
"services": [
{
"port": 80,
"protocol": "tcp",
"name": "http",
"version": "",
"product": "Apache httpd",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:apache:http_server",
"part": "a",
"vendor": "apache",
"product": "http_server",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body": "{\n\"result_code\":10400,\n\"result_data\":{\n \"message\":\"bad request\"\n }\n}",
"body_murmur": -1107301231,
"body_sha256": "bd246bcbe6042f978b0fca966b779516a8770fa1c049b18e814d9ffc7d022536",
"component": [
"Apache HTTP Server"
],
"content_length": -1,
"headers": {
"content_type": [
"application/json"
],
"date": [
"Tue, 02 Dec 2025 15:02:10 GMT"
],
"server": [
"Apache"
],
"vary": [
"Accept-Encoding"
]
},
"protocol": "HTTP/1.1",
"request": {
"headers": {
"accept": [
"*/*"
],
"user_agent": [
"Mozilla/5.0 (compatible; Odin; https://docs.getodin.com/)"
]
},
"method": "GET",
"url": {
"host": "182.162.192.132",
"path": "",
"scheme": "http"
}
},
"status_code": 404
}
},
"cve": [
{
"id": "CVE-1999-0070",
"score": 5,
"severity": "medium"
},
{
"id": "CVE-1999-1199",
"score": 10,
"severity": "high"
},
{
"id": "CVE-2023-25690",
"score": 9.8,
"severity": "critical"
}
],
"url": "http://182.162.192.132/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-12-02T15:02:11.236Z"
},
{
"port": 443,
"protocol": "tcp",
"name": "http",
"version": "",
"product": "Apache httpd",
"extra_info": "",
"tunnel": "ssl",
"softwares": [
{
"uri": "cpe:/a:apache:http_server",
"part": "a",
"vendor": "apache",
"product": "http_server",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body": "{\n\"result_code\":10400,\n\"result_data\":{\n \"message\":\"bad request\"\n }\n}",
"body_murmur": -1107301231,
"body_sha256": "bd246bcbe6042f978b0fca966b779516a8770fa1c049b18e814d9ffc7d022536",
"component": [
"Apache HTTP Server"
],
"content_length": -1,
"headers": {
"content_type": [
"application/json"
],
"date": [
"Tue, 02 Dec 2025 05:14:13 GMT"
],
"server": [
"Apache"
],
"vary": [
"Accept-Encoding"
]
},
"protocol": "HTTP/1.1",
"request": {
"headers": {
"accept": [
"*/*"
],
"user_agent": [
"Mozilla/5.0 (compatible; Odin; https://docs.getodin.com/)"
]
},
"method": "GET",
"url": {
"host": "182.162.192.132",
"path": "",
"scheme": "https"
}
},
"status_code": 404
},
"tls": {
"certificate": {
"extensions": {
"authority_info_access": {
"issuer_urls": [
"http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt"
],
"ocsp_urls": [
"http://status.geotrust.com"
]
},
"authority_key_id": "944fd45d8be4a4e2a680fefdd8f900efa3be0257",
"basic_constraints": {
"is_ca": true
},
"certificate_policies": [
{
"cps": [
"http://www.digicert.com/CPS"
],
"id": "2.23.140.1.2.2"
}
],
"crl_distribution_points": [
"http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl"
],
"ct_precert_scts": "Signed Certificate Timestamp:\n Version : v1 (0x0)\n Log ID : 96:97:64:BF:55:58:97:AD:F7:43:87:68:37:08:42:77:\n E9:F0:3A:D5:F6:A4:F3:36:6E:46:A4:3F:0F:CA:A9:C6\n Timestamp : May 27 02:34:22.765 2025 GMT\n Extensions: none\n Signature : ecdsa-with-SHA256\n 30:45:02:21:00:B4:CF:C8:89:2B:63:CA:07:F1:B7:D2:\n BE:43:5A:1B:13:1E:2D:1E:D5:6A:42:36:4E:53:D6:E8:\n D5:59:8F:94:71:02:20:47:22:4A:8D:D9:07:EF:5C:7B:\n 12:A9:EC:F4:65:46:80:CA:00:90:F6:C6:5E:4F:B0:70:\n EF:18:E9:38:B7:04:8F\nSigned Certificate Timestamp:\n Version : v1 (0x0)\n Log ID : 64:11:C4:6C:A4:12:EC:A7:89:1C:A2:02:2E:00:BC:AB:\n 4F:28:07:D4:1E:35:27:AB:EA:FE:D5:03:C9:7D:CD:F0\n Timestamp : May 27 02:34:22.766 2025 GMT\n Extensions: none\n Signature : ecdsa-with-SHA256\n 30:44:02:20:43:9F:22:18:00:41:CF:A9:AC:D5:5B:D9:\n C1:2A:27:C0:0F:D7:12:19:1E:B4:C0:2B:F8:28:A8:91:\n C1:E4:84:21:02:20:2E:DF:4C:EF:11:9A:DD:41:C9:BC:\n 62:F2:10:62:14:BE:A6:6A:5A:A0:F9:2E:16:F7:D9:1D:\n 96:01:D7:9C:E8:A3\nSigned Certificate Timestamp:\n Version : v1 (0x0)\n Log ID : 49:9C:9B:69:DE:1D:7C:EC:FC:36:DE:CD:87:64:A6:B8:\n 5B:AF:0A:87:80:19:D1:55:52:FB:E9:EB:29:DD:F8:C3\n Timestamp : May 27 02:34:22.785 2025 GMT\n Extensions: none\n Signature : ecdsa-with-SHA256\n 30:46:02:21:00:99:5F:C8:1B:3F:BB:79:57:23:35:8A:\n 1C:CC:A2:5E:29:A2:18:1A:C3:2A:32:C5:C5:4E:48:F1:\n 8F:B5:29:19:28:02:21:00:AF:09:D4:74:82:2F:73:E8:\n 75:BF:ED:2B:32:43:04:3C:4A:E6:25:06:9B:26:9D:40:\n E9:7C:8E:4C:C6:70:ED:8A",
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": false,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": true
},
"subject_alt_name": {
"dns_names": [
"*.band.us",
"band.us"
]
},
"subject_key_id": "5ed299ee93352eed2de1a9101e115bf325864c7f"
},
"fingerprint_md5": "2CFFC3C830BC1245F92B8C56FA9A501E",
"fingerprint_sha1": "C9A4B41FB82288D2CDFAD006BAB0AC8352B7F166",
"fingerprint_sha256": "587AF629CA04F9B938865054A2EF54E0AC8C9936722BE43DDEE747B1FF5617CB",
"issuer": {
"common_name": [
"GeoTrust TLS RSA CA G1"
],
"country": [
"US"
],
"organization": [
"DigiCert Inc"
],
"organizational_unit": [
"www.digicert.com"
]
},
"issuer_dn": "/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=GeoTrust TLS RSA CA G1",
"jarm": "29d29d00029d29d00029d29d29d29d96d86b34e11c2d3d5508f7111adf9d91",
"redacted": false,
"revocation": {
"crl": {
"next_update": "2025-12-08T23:10:20",
"reason": "UNKNOWN",
"revoked": false
},
"ocsp": {
"next_update": "2025-12-08T18:15:00",
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "17554537958400883364197013151745756958",
"signature": {
"algorithm": {
"name": "SHA256-RSA",
"oid": "1.2.840.113549.1.1.11"
},
"self_signed": false,
"value": "Njk3MzNmOWFhNTA0NmJkNDM1YTYwNDYwNWU5ZjFhYzFiZmMxMTMzZGU0Y2ZhYWFiMjMxZDJmOWJmZDM3MTUzNGMxYjBlNDViOTM1OTJlZDgyMjEwYjk3ODQzOTY4NDU5MjhlNWY4ZDc3MWUwNzIwOTVhNGU5ODAyZjU0M2UyODYwMmU0N2QyMDJiZWRhYWY4YTNlMjE2NzM5MWNlMThjYTI4NzA1MmI1YWJkY2Y1OWUxNDEwMDgyODQ5MTA0OGMzZDY3NTY1ZDhlODNlYTEzYTNjODdjYTQzMmFmY2Q4MGI1N2NiNWZmMmJkZjZhZjk5YTYzMDY4OTA3YjFkMGZiOTRlYWJmNjllZWQxNDc4ZThmZjkxMDNjOTkxNTdiYTE5M2M0ZDBmNTdmMTZlODU3YWJjMjQyYTg3ODQwOGMzNDhjYjEyNGJjMDIzZTZkZjNmMWU2MDNiM2UxZTBlYzFlOWMyZjg3MGMwZDFmZWYyZmM4OTE5OWIzMmNjNTI2NWZhZDQwM2I5MjAyZTNjMmYxOWY2MGY3YzM2NmI1MmY0NWEyYWFjNDg2YzI0ZTI1MDFjM2FmOGU1MTE2MGRlZDA5NmVkNDcxMmUwNmU2YTcwN2Y3MjcwYWFlYzRhYjI4NGI3MmMzODZjOGMyOGMyOTFmYjdiNGU2ZWNlY2I4ZWY4NzY="
},
"signed_certificate_timestamps": [
{
"entry_type": "PRE_CERTIFICATE",
"log_id": "969764bf555897adf743876837084277e9f03ad5f6a4f3366e46a43f0fcaa9c6",
"signature": {
"algorithm": "ECDSA",
"hash_algorithm": "SHA256",
"value": "3045022100b4cfc8892b63ca07f1b7d2be435a1b131e2d1ed56a42364e53d6e8d5598f9471022047224a8dd907ef5c7b12a9ecf4654680ca0090f6c65e4fb070ef18e938b7048f"
},
"timestamp": "2025-05-27T02:34:22.765000",
"version": "v1"
},
{
"entry_type": "PRE_CERTIFICATE",
"log_id": "6411c46ca412eca7891ca2022e00bcab4f2807d41e3527abeafed503c97dcdf0",
"signature": {
"algorithm": "ECDSA",
"hash_algorithm": "SHA256",
"value": "30440220439f22180041cfa9acd55bd9c12a27c00fd712191eb4c02bf828a891c1e4842102202edf4cef119add41c9bc62f2106214bea66a5aa0f92e16f7d91d9601d79ce8a3"
},
"timestamp": "2025-05-27T02:34:22.766000",
"version": "v1"
},
{
"entry_type": "PRE_CERTIFICATE",
"log_id": "499c9b69de1d7cecfc36decd8764a6b85baf0a878019d15552fbe9eb29ddf8c3",
"signature": {
"algorithm": "ECDSA",
"hash_algorithm": "SHA256",
"value": "3046022100995fc81b3fbb795723358a1ccca25e29a2181ac32a32c5c54e48f18fb5291928022100af09d474822f73e875bfed2b3243043c4ae625069b269d40e97c8e4cc670ed8a"
},
"timestamp": "2025-05-27T02:34:22.785000",
"version": "v1"
}
],
"signed_certificate_timestamps_oid": "1.3.6.1.4.1.11129.2.4.2",
"subject": {
"common_name": [
"*.band.us"
],
"country": [
"KR"
],
"locality": [
"Seongnam-si"
],
"organization": [
"NAVER Corporation"
],
"province": [
"Gyeonggi-do"
]
},
"subject_alt_name": {
"dns_names": [
"*.band.us",
"band.us"
],
"extended_dns_names": [
{
"domain": "band",
"fld": "band.us",
"subdomain": "*",
"tld": "us"
},
{
"domain": "band",
"fld": "band.us",
"tld": "us"
}
]
},
"subject_dn": "/C=KR/ST=Gyeonggi-do/L=Seongnam-si/O=NAVER Corporation/CN=*.band.us",
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "53ad7eeaa26fb21f943c0113cb6ff96170113d878c7fbf13645ee3e77f36d5a6",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 2048,
"modulus": "MHhhNjM5ZTQwOTJmZjVkNDY2NzIzNDgxY2MyNWVmYThlMDg4ZjI4MmQ5M2JlN2UzY2RkZWEyNDQ0ZmU0N2UxMDJkYTBlMDJmOGZkZDRlNDQ1NjMzY2UzNTI2OTZlMTAyOGVmNDAxZWI4NTBlYzc3YTQ2ODhlZmM3MWY4ODVjZDcyZWU1MzkzYjdjMDBjOWE4N2E3YjQ3NzkyNTJlNTYwOTVlOTYxYTUyNTFjMWI3N2M0NmFkMDRhMzMwMzY5ZmEyNTdlMWZhMWY5N2ZhMThiZmViN2ZmZTYyYWNkNzhlN2JhZTBhZmEzNDNmYjhjOTJjYTllNmJjZGVkYjgxNzVlOGYxYjJmYmE1ZmM5YjFhZTU0NWQ2MjA3MTBiMDIwNTQ0MDMxN2JiNzk0YTllMzk0NzhlOGViNGQwZTZiODFmMjA5NDI4NzY1NzYzMGIwYzI2YjYxNGQ4NWRmOGU1MWUzYzgwNWVlZWU2M2MyMjY2OGNmZjkxNTFmMjE0MmY1MzZhNDkyY2U3YjNhZWE5MmNjYWIyYzYxODhhNDkzNmQ0Y2U1YWFhNTlhMmU1ODEzYzk1NTRhM2ZlODhlMWNmNGZkZDZlNDVlNGU3YzgxZjU0YmFmYTA4NzQwMzdlM2I4Y2FhYjQyMzllZWMxN2Q4NTYxMDZmOTYxYzUyMDcyNmQ1NGUwOQ=="
}
},
"tbs_fingerprint": "2d6bc1f167ef4b207318ecac43288d9efdec7d94182fac2abe0cae2466df7875",
"tbs_noct_fingerprint": "9987729306cc52ca38d317eb88545910f88c4464751c5b936e5eb3634831ffc3",
"validation_level": "OV",
"validity": {
"length_seconds": 33350400,
"not_after": "2026-06-16T23:59:59",
"not_before": "2025-05-27T00:00:00"
},
"version": 2
},
"fingerprint_sha256": "587AF629CA04F9B938865054A2EF54E0AC8C9936722BE43DDEE747B1FF5617CB",
"precert": false,
"raw": "MIIGcDCCBVigAwIBAgIQDTThi0YLayZL/dKn0fLPHjANBgkqhkiG9w0BAQsFADBgMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMR8wHQYDVQQDExZHZW9UcnVzdCBUTFMgUlNBIENBIEcxMB4XDTI1MDUyNzAwMDAwMFoXDTI2MDYxNjIzNTk1OVowaTELMAkGA1UEBhMCS1IxFDASBgNVBAgTC0d5ZW9uZ2dpLWRvMRQwEgYDVQQHEwtTZW9uZ25hbS1zaTEaMBgGA1UEChMRTkFWRVIgQ29ycG9yYXRpb24xEjAQBgNVBAMMCSouYmFuZC51czCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKY55Akv9dRmcjSBzCXvqOCI8oLZO+fjzd6iRE/kfhAtoOAvj91ORFYzzjUmluECjvQB64UOx3pGiO/HH4hc1y7lOTt8AMmoentHeSUuVglelhpSUcG3fEatBKMwNp+iV+H6H5f6GL/rf/5irNeOe64K+jQ/uMksqea83tuBdejxsvul/Jsa5UXWIHELAgVEAxe7eUqeOUeOjrTQ5rgfIJQodldjCwwmthTYXfjlHjyAXu7mPCJmjP+RUfIUL1NqSSzns66pLMqyxhiKSTbUzlqqWaLlgTyVVKP+iOHPT91uReTnyB9UuvoIdAN+O4yqtCOe7BfYVhBvlhxSBybVTgkCAwEAAaOCAxswggMXMB8GA1UdIwQYMBaAFJRP1F2L5KTipoD+/dj5AO+jvgJXMB0GA1UdDgQWBBRe0pnukzUu7S3hqRAeEVvzJYZMfzAdBgNVHREEFjAUggkqLmJhbmQudXOCB2JhbmQudXMwPgYDVR0gBDcwNTAzBgZngQwBAgIwKTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwPwYDVR0fBDgwNjA0oDKgMIYuaHR0cDovL2NkcC5nZW90cnVzdC5jb20vR2VvVHJ1c3RUTFNSU0FDQUcxLmNybDB2BggrBgEFBQcBAQRqMGgwJgYIKwYBBQUHMAGGGmh0dHA6Ly9zdGF0dXMuZ2VvdHJ1c3QuY29tMD4GCCsGAQUFBzAChjJodHRwOi8vY2FjZXJ0cy5nZW90cnVzdC5jb20vR2VvVHJ1c3RUTFNSU0FDQUcxLmNydDAMBgNVHRMBAf8EAjAAMIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgAdgCWl2S/VViXrfdDh2g3CEJ36fA61fak8zZuRqQ/D8qpxgAAAZcPl0qtAAAEAwBHMEUCIQC0z8iJK2PKB/G30r5DWhsTHi0e1WpCNk5T1ujVWY+UcQIgRyJKjdkH71x7Eqns9GVGgMoAkPbGXk+wcO8Y6Ti3BI8AdQBkEcRspBLsp4kcogIuALyrTygH1B41J6vq/tUDyX3N8AAAAZcPl0quAAAEAwBGMEQCIEOfIhgAQc+prNVb2cEqJ8AP1xIZHrTAK/goqJHB5IQhAiAu30zvEZrdQcm8YvIQYhS+pmpaoPkuFvfZHZYB15zoowB3AEmcm2neHXzs/DbezYdkprhbrwqHgBnRVVL76esp3fjDAAABlw+XSsEAAAQDAEgwRgIhAJlfyBs/u3lXIzWKHMyiXimiGBrDKjLFxU5I8Y+1KRkoAiEArwnUdIIvc+h1v+0rMkMEPErmJQabJp1A6XyOTMZw7YowDQYJKoZIhvcNAQELBQADggEBAGlzP5qlBGvUNaYEYF6fGsG/wRM95M+qqyMdL5v9NxU0wbDkW5NZLtgiELl4Q5aEWSjl+Ndx4HIJWk6YAvVD4oYC5H0gK+2q+KPiFnORzhjKKHBStavc9Z4UEAgoSRBIw9Z1ZdjoPqE6PIfKQyr82AtXy1/yvfavmaYwaJB7HQ+5Tqv2nu0UeOj/kQPJkVe6GTxND1fxboV6vCQqh4QIw0jLEkvAI+bfPx5gOz4eDsHpwvhwwNH+8vyJGZsyzFJl+tQDuSAuPC8Z9g98NmtS9FoqrEhsJOJQHDr45RFg3tCW7UcS4G5qcH9ycKrsSrKEtyw4bIwowpH7e05uzsuO+HY=",
"tags": [
"ov",
"trusted"
]
}
},
"cve": [
{
"id": "CVE-1999-0070",
"score": 5,
"severity": "medium"
},
{
"id": "CVE-1999-1199",
"score": 10,
"severity": "high"
},
{
"id": "CVE-2023-25690",
"score": 9.8,
"severity": "critical"
}
],
"url": "https://182.162.192.132/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-12-02T18:04:49.748Z"
}
],
"services_hash": "9a296855bd16ed8257f02450adbe52b68b6d1e105e1c8346df6a5c1f4a45a7c0",
"last_updated_at": "2025-12-02T18:04:49.748Z",
"banner": [
"http",
"tls"
],
"is_vuln": true,
"cveDetails": {
"CVE-1999-0070": {
"id": "CVE-1999-0070",
"references": [
"https://lists.apache.org/thread.html/rc5d27fc1e76dc5650e1a3f1db1de403120f4c2d041cb7352850455c2%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc5d27fc1e76dc5650e1a3f1db1de403120f4c2d041cb7352850455c2%40%3Cusers.httpd.apache.org%3E"
],
"score": 5,
"services": [
"80/http"
],
"severity": "medium",
"summary": "test-cgi program allows an attacker to list files on the server.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"weakness": "NVD-CWE-noinfo"
},
"CVE-1999-1199": {
"id": "CVE-1999-1199",
"references": [
"http://marc.info/?l=bugtraq&m=90252779826784&w=2",
"http://marc.info/?l=bugtraq&m=90276683825862&w=2",
"http://marc.info/?l=bugtraq&m=90280517007869&w=2",
"http://marc.info/?l=bugtraq&m=90286768232093&w=2",
"http://www.redhat.com/support/errata/rh51-errata-general.html#apache",
"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"http://marc.info/?l=bugtraq&m=90252779826784&w=2",
"http://marc.info/?l=bugtraq&m=90276683825862&w=2",
"http://marc.info/?l=bugtraq&m=90280517007869&w=2",
"http://marc.info/?l=bugtraq&m=90286768232093&w=2",
"http://www.redhat.com/support/errata/rh51-errata-general.html#apache",
"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
],
"score": 10,
"services": [
"80/http"
],
"severity": "high",
"summary": "Apache WWW server 1.3.1 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via a large number of MIME headers with the same name, aka the \"sioux\" vulnerability.",
"vector_string": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"weakness": "NVD-CWE-Other"
},
"CVE-2023-25690": {
"id": "CVE-2023-25690",
"references": [
"http://packetstormsecurity.com/files/176334/Apache-2.4.55-mod_proxy-HTTP-Request-Smuggling.html",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2023/04/msg00028.html",
"https://security.gentoo.org/glsa/202309-01",
"http://packetstormsecurity.com/files/176334/Apache-2.4.55-mod_proxy-HTTP-Request-Smuggling.html",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2023/04/msg00028.html",
"https://security.gentoo.org/glsa/202309-01"
],
"score": 9.8,
"services": [
"80/http"
],
"severity": "critical",
"summary": "Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack.\n\n\n\n\nConfigurations are affected when mod_proxy is enabled along with some form of RewriteRule\n or ProxyPassMatch in which a non-specific pattern matches\n some portion of the user-supplied request-target (URL) data and is then\n re-inserted into the proxied request-target using variable \nsubstitution. For example, something like:\n\n\n\n\nRewriteEngine on\nRewriteRule \"^/here/(.*)\" \"http://example.com:8080/elsewhere?$1\"; [P]\nProxyPassReverse /here/ http://example.com:8080/\n\n\nRequest splitting/smuggling could result in bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. Users are recommended to update to at least version 2.4.56 of Apache HTTP Server.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-444"
},
"CVE-2023-27522": {
"id": "CVE-2023-27522",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2023/04/msg00028.html",
"https://security.gentoo.org/glsa/202309-01"
],
"score": 7.5,
"services": [
"80/http"
],
"severity": "high",
"summary": "HTTP Response Smuggling vulnerability in Apache HTTP Server via mod_proxy_uwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55.nnSpecial characters in the origin response header can truncate/split the response forwarded to the client.nnn",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"weakness": "CWE-444"
}
}
}