182.163.126.210
{
"scan_id": 1756685179,
"ip": "182.163.126.210",
"is_ipv4": true,
"is_ipv6": false,
"location": {
"network": "182.163.120.0/21",
"postal_code": "1216",
"coordinates": {
"latitude": "23.8233",
"longitude": "90.365"
},
"geo_point": "23.8233, 90.365",
"locale_code": "en",
"continent": "Asia",
"country_code": "BD",
"country_name": "Bangladesh",
"city": "Dhaka"
},
"location_updated_at": "2025-09-05T00:42:20Z",
"asn": {
"number": "AS9230",
"organization": "Bangladesh Online Ltd.",
"country_code": ""
},
"asn_updated_at": "0001-01-01T00:00:00Z",
"whois": {
"network": "182.163.120.0/21",
"organization": "Bangladesh Online Ltd",
"descr": "Bangladesh Online Ltd,\nSAM Tower, Level-8, Plot #4, Road #22,\nGulshan-1",
"_encoding": {
"raw": "BASE64"
}
},
"whois_updated_at": "2024-12-09T11:27:15Z",
"tags": [
{
"name": "is_anonymous_proxy",
"pretty_name": "Anonymous Proxy",
"value": false,
"last_updated_at": "2025-09-05T00:42:20Z"
},
{
"name": "is_cdn",
"pretty_name": "CDN",
"value": false,
"last_updated_at": "2025-09-05T07:33:32Z"
},
{
"name": "is_satellite_provider",
"pretty_name": "Satellite Provider",
"value": false,
"last_updated_at": "2025-09-05T00:42:20Z"
}
],
"hostnames": [
{
"name": "mail.zztlbd.com",
"last_updated_at": "2025-09-05T17:26:30.812312906Z"
}
],
"services": [
{
"port": 25,
"protocol": "tcp",
"name": "unknown",
"version": "",
"product": "",
"extra_info": "",
"tunnel": "",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-08-30T21:43:33.566Z"
},
{
"port": 80,
"protocol": "tcp",
"name": "http",
"version": "",
"product": "Apache httpd",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:apache:http_server",
"part": "a",
"vendor": "apache",
"product": "http_server",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": -2017145936,
"body_sha256": "93601d7d66a95d2f58e11ac07ec0e487e49934287305e27c3155a7c622a7feac",
"component": [
"OpenResty:1.27.1.1",
"Nginx"
],
"content_length": 185,
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"185"
],
"content_type": [
"text/html"
],
"date": [
"Mon, 01 Sep 2025 12:36:00 GMT"
],
"server": [
"openresty/1.27.1.1"
]
},
"protocol": "HTTP/1.1",
"status_code": 415,
"title": "415 Unsupported Media Type"
}
},
"cve": [
{
"id": "CVE-1999-0070",
"severity": "medium"
},
{
"id": "CVE-1999-1199",
"severity": "high"
},
{
"id": "CVE-2023-25690",
"severity": "critical"
}
],
"url": "http://182.163.126.210/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-09-01T12:36:05.897Z"
},
{
"port": 110,
"protocol": "tcp",
"name": "pop3",
"version": "",
"product": "Dovecot pop3d",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:dovecot:dovecot",
"part": "a",
"vendor": "dovecot",
"product": "dovecot",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-09-01T20:38:57.575Z"
},
{
"port": 143,
"protocol": "tcp",
"name": "imap",
"version": "",
"product": "Dovecot imapd",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:dovecot:dovecot",
"part": "a",
"vendor": "dovecot",
"product": "dovecot",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-08-30T14:47:58.499Z"
},
{
"port": 443,
"protocol": "tcp",
"name": "http",
"version": "",
"product": "Apache httpd",
"extra_info": "",
"tunnel": "ssl",
"softwares": [
{
"uri": "cpe:/a:apache:http_server",
"part": "a",
"vendor": "apache",
"product": "http_server",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": -2017145936,
"body_sha256": "93601d7d66a95d2f58e11ac07ec0e487e49934287305e27c3155a7c622a7feac",
"component": [
"OpenResty:1.27.1.1",
"Nginx"
],
"content_length": 185,
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"185"
],
"content_type": [
"text/html"
],
"date": [
"Fri, 05 Sep 2025 16:01:35 GMT"
],
"server": [
"openresty/1.27.1.1"
]
},
"protocol": "HTTP/1.1",
"status_code": 415,
"title": "415 Unsupported Media Type"
},
"tls": {
"certificate": {
"extensions": {
"authority_info_access": {
"issuer_urls": [
"http://r11.i.lencr.org/"
]
},
"authority_key_id": "c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9",
"basic_constraints": {
"is_ca": true
},
"certificate_policies": [
{
"id": "2.23.140.1.2.1"
}
],
"crl_distribution_points": [
"http://r11.c.lencr.org/22.crl"
],
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": false,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": true
},
"subject_alt_name": {
"dns_names": [
"asutexbd.com",
"www.asutexbd.com"
]
},
"subject_key_id": "bc5b90dffdf49b8d77769cc578df4914b9e8dc54"
},
"fingerprint_md5": "2DCF1B4D3DDFADCC0F10CB176DF79548",
"fingerprint_sha1": "32CE8126F5DC6699B132B9CEC0BA65F828C7B429",
"fingerprint_sha256": "C3EFF27E6A4A5D4E6C7E76475AC8D900A6DB2846692578908F6A4FD3A064524B",
"issuer": {
"common_name": [
"R11"
],
"country": [
"US"
],
"organization": [
"Let's Encrypt"
]
},
"jarm": "21d19d00021d21d00042d43d00000091f9827a8676a9d9f27d421962a09b5d",
"redacted": false,
"revocation": {
"crl": {
"next_update": "2025-09-08T07:16:27",
"reason": "UNKNOWN",
"revoked": false
},
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "559595789397079289430968334093189545977749",
"signature": {
"algorithm": {
"name": "SHA256-RSA",
"oid": "1.2.840.113549.1.1.11"
},
"self_signed": false
},
"signed_certificate_timestamps": [
{
"entry_type": "PRE_CERTIFICATE",
"log_id": "0de1f2302bd30dc140621209ea552efc47747cb1d7e930ef0e421eb47e4eaa34",
"signature": {
"algorithm": "ECDSA",
"hash_algorithm": "SHA256",
"value": "304502201aa259edd50dd719ce9515103ab77c27b16171900427ca924cca659c9d350ff6022100c59c769e56bbc4fdf4c2d53d401f8d56660d21dcc3917db67a101590a0c43e15"
},
"timestamp": "2025-07-16T13:07:21.201000",
"version": "v1"
},
{
"entry_type": "PRE_CERTIFICATE",
"log_id": "ed3c4bd6e806c2a4a20057dbcb24e23801df512fedc486c5700f20ddb73e3fe0",
"signature": {
"algorithm": "ECDSA",
"hash_algorithm": "SHA256",
"value": "30460221009f37a2202bb1ba02c59a73a8e0a184f5e98e432d6a3e31efada24426a926a6ca022100c2bb55b002e253f87dfdf88d5e59b9ee9b457ff53796e580d871fc2fb0096583"
},
"timestamp": "2025-07-16T13:07:21.217000",
"version": "v1"
}
],
"signed_certificate_timestamps_oid": "1.3.6.1.4.1.11129.2.4.2",
"subject": {
"common_name": [
"www.asutexbd.com"
]
},
"subject_alt_name": {
"dns_names": [
"www.asutexbd.com",
"asutexbd.com"
],
"extended_dns_names": [
{
"domain": "asutexbd",
"fld": "asutexbd.com",
"subdomain": "www",
"tld": "com"
},
{
"domain": "asutexbd",
"fld": "asutexbd.com",
"tld": "com"
}
]
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "42658e885c2e1158f8c1d29f37902f54e3697dd89537badf1575944fc308ba91",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 2048
}
},
"tbs_fingerprint": "c7ec387f9624ad4d075761e26d2ef4adc4f5c81743758f908c06305bff75fad2",
"tbs_noct_fingerprint": "82a55be92d39b87ea4a2468442d158e90c4091b4f657784a532848d01377310b",
"validation_level": "DV",
"validity": {
"length_seconds": 7775999,
"not_after": "2025-10-14T12:08:50",
"not_before": "2025-07-16T12:08:51"
},
"version": 2
},
"fingerprint_sha256": "C3EFF27E6A4A5D4E6C7E76475AC8D900A6DB2846692578908F6A4FD3A064524B",
"precert": false,
"tags": [
"dv",
"trusted"
]
}
},
"cve": [
{
"id": "CVE-1999-0070",
"severity": "medium"
},
{
"id": "CVE-1999-1199",
"severity": "high"
},
{
"id": "CVE-2023-25690",
"severity": "critical"
}
],
"url": "https://182.163.126.210/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-09-05T16:01:41.903Z"
},
{
"port": 465,
"protocol": "tcp",
"name": "smtp",
"version": "4.98.2",
"product": "Exim smtpd",
"extra_info": "",
"tunnel": "ssl",
"softwares": [
{
"uri": "cpe:/a:exim:exim:4.98.2",
"part": "a",
"vendor": "exim",
"product": "exim",
"version": "4\\.98\\.2",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-09-02T10:30:28.97Z"
},
{
"port": 587,
"protocol": "tcp",
"name": "smtp",
"version": "4.98.2",
"product": "Exim smtpd",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:exim:exim:4.98.2",
"part": "a",
"vendor": "exim",
"product": "exim",
"version": "4\\.98\\.2",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"smtp": {
"banner": "220-cpanel7.bol-online.com ESMTP Exim 4.98.2 #2 Wed, 27 Aug 2025 22:57:35 +0600 \r\n220-We do not authorize the use of this system to transport unsolicited, \r\n220 and/or bulk e-mail.\r\n"
},
"tls": {
"certificate": {
"extensions": {
"authority_info_access": {
"issuer_urls": [
"http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt"
],
"ocsp_urls": [
"http://ocsp.sectigo.com"
]
},
"authority_key_id": "8d8c5ec454ad8ae177e99bf99b05e1b8018d61e1",
"basic_constraints": {
"is_ca": true
},
"certificate_policies": [
{
"cps": [
"https://sectigo.com/CPS"
],
"id": "1.3.6.1.4.1.6449.1.2.2.7"
},
{
"id": "2.23.140.1.2.1"
}
],
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": false,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": true
},
"subject_alt_name": {
"dns_names": [
"*.bol-online.com",
"bol-online.com"
]
},
"subject_key_id": "36054f288039287e19ba3a6b7aabb49e0654c3d7"
},
"fingerprint_md5": "731966481EA2FC4C6A732FD43E44A4FF",
"fingerprint_sha1": "816850AF7F46A952389FFCF2C14545311F982F66",
"fingerprint_sha256": "6411641C17E264893B43DFA48E68073AB9C5B7BF23DB102789BB5763C1A6BB4C",
"issuer": {
"common_name": [
"Sectigo RSA Domain Validation Secure Server CA"
],
"country": [
"GB"
],
"locality": [
"Salford"
],
"organization": [
"Sectigo Limited"
],
"province": [
"Greater Manchester"
]
},
"jarm": "00000000000000000000000000000000000000000000000000000000000000",
"redacted": false,
"revocation": {
"ocsp": {
"next_update": "2025-09-02T16:26:48",
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "119770780299297719986892042955972952860",
"signature": {
"algorithm": {
"name": "SHA256-RSA",
"oid": "1.2.840.113549.1.1.11"
},
"self_signed": false
},
"signed_certificate_timestamps": [
{
"entry_type": "PRE_CERTIFICATE",
"log_id": "969764bf555897adf743876837084277e9f03ad5f6a4f3366e46a43f0fcaa9c6",
"signature": {
"algorithm": "ECDSA",
"hash_algorithm": "SHA256",
"value": "30450220383a9f7d8ad1f3fbfd34ed96d3a5136f8775edb4650277b1d5a1be46783ad75f022100bb49909ec1770abe78e5200e92a514de4af850b1decf853cfe22a72bf42c8422"
},
"timestamp": "2025-05-27T03:45:38.555000",
"version": "v1"
},
{
"entry_type": "PRE_CERTIFICATE",
"log_id": "1986d4c728aa6ffeba036f782a4d0191aace2d72310faece5d70412d254cc7d4",
"signature": {
"algorithm": "ECDSA",
"hash_algorithm": "SHA256",
"value": "304502205b573c249f625a9e83e03cc7f54f9ab609599fad95201a81028c6936791aaba1022100c0c01c3aa05567def715fb337c958c2d0d5aa80400f3cc0474e86d44350aa6b4"
},
"timestamp": "2025-05-27T03:45:38.544000",
"version": "v1"
},
{
"entry_type": "PRE_CERTIFICATE",
"log_id": "0e5794bcf3aea93e331b2c9907b3f790df9bc23d713225dd21a925ac61c54e21",
"signature": {
"algorithm": "ECDSA",
"hash_algorithm": "SHA256",
"value": "3046022100c96cae6490a11c2ea709b01f90ffa94947300ac61ccfb4a0d145b2e176c5d91d022100c392b9c26f8f0fe1cfa01cc54672ed5d8f503d86b2a6b14323f472fb775cf54f"
},
"timestamp": "2025-05-27T03:45:38.426000",
"version": "v1"
}
],
"signed_certificate_timestamps_oid": "1.3.6.1.4.1.11129.2.4.2",
"subject": {
"common_name": [
"*.bol-online.com"
]
},
"subject_alt_name": {
"dns_names": [
"*.bol-online.com",
"bol-online.com"
],
"extended_dns_names": [
{
"domain": "bol-online",
"fld": "bol-online.com",
"subdomain": "*",
"tld": "com"
},
{
"domain": "bol-online",
"fld": "bol-online.com",
"tld": "com"
}
]
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "de610cbdef0944dc6a2a27ded76c3fbb6b9ccfe1a87a52b79d3620d0abd78481",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 2048
}
},
"tbs_fingerprint": "bb16ace7d97eaaa98c0fcf25128518fb7e228a5d08de1c1c0c89d056c43ea8a1",
"tbs_noct_fingerprint": "070fc101ff83452d413b6343227fb6b85ecaf3607f04d7d2c178ad887a65a1ad",
"validation_level": "DV",
"validity": {
"length_seconds": 34300800,
"not_after": "2026-06-27T23:59:59",
"not_before": "2025-05-27T00:00:00"
},
"version": 2
},
"fingerprint_sha256": "6411641C17E264893B43DFA48E68073AB9C5B7BF23DB102789BB5763C1A6BB4C",
"precert": false,
"tags": [
"dv",
"trusted"
]
}
},
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-09-03T10:49:39.041Z"
},
{
"port": 993,
"protocol": "tcp",
"name": "unknown",
"version": "",
"product": "",
"extra_info": "",
"tunnel": "",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-09-02T14:38:39.298Z"
},
{
"port": 995,
"protocol": "tcp",
"name": "unknown",
"version": "",
"product": "",
"extra_info": "",
"tunnel": "",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-08-30T10:46:13.345Z"
}
],
"services_hash": "17cebb884b18de5e3c99cd56f1f32259950b92cbba1395c0955d004d77e8c653",
"last_updated_at": "2025-09-05T16:01:41.903Z",
"banner": [
"http",
"tls",
"smtp"
],
"is_vuln": true,
"cveDetails": {
"CVE-1999-0070": {
"id": "CVE-1999-0070",
"references": [
"https://lists.apache.org/thread.html/rc5d27fc1e76dc5650e1a3f1db1de403120f4c2d041cb7352850455c2%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc5d27fc1e76dc5650e1a3f1db1de403120f4c2d041cb7352850455c2%40%3Cusers.httpd.apache.org%3E"
],
"score": 5,
"services": [
"80/http"
],
"severity": "medium",
"summary": "test-cgi program allows an attacker to list files on the server.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"weakness": "NVD-CWE-noinfo"
},
"CVE-1999-1199": {
"id": "CVE-1999-1199",
"references": [
"http://marc.info/?l=bugtraq&m=90252779826784&w=2",
"http://marc.info/?l=bugtraq&m=90276683825862&w=2",
"http://marc.info/?l=bugtraq&m=90280517007869&w=2",
"http://marc.info/?l=bugtraq&m=90286768232093&w=2",
"http://www.redhat.com/support/errata/rh51-errata-general.html#apache",
"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"http://marc.info/?l=bugtraq&m=90252779826784&w=2",
"http://marc.info/?l=bugtraq&m=90276683825862&w=2",
"http://marc.info/?l=bugtraq&m=90280517007869&w=2",
"http://marc.info/?l=bugtraq&m=90286768232093&w=2",
"http://www.redhat.com/support/errata/rh51-errata-general.html#apache",
"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
],
"score": 10,
"services": [
"80/http"
],
"severity": "high",
"summary": "Apache WWW server 1.3.1 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via a large number of MIME headers with the same name, aka the \"sioux\" vulnerability.",
"vector_string": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"weakness": "NVD-CWE-Other"
},
"CVE-2023-25690": {
"id": "CVE-2023-25690",
"references": [
"http://packetstormsecurity.com/files/176334/Apache-2.4.55-mod_proxy-HTTP-Request-Smuggling.html",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2023/04/msg00028.html",
"https://security.gentoo.org/glsa/202309-01",
"http://packetstormsecurity.com/files/176334/Apache-2.4.55-mod_proxy-HTTP-Request-Smuggling.html",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2023/04/msg00028.html",
"https://security.gentoo.org/glsa/202309-01"
],
"score": 9.8,
"services": [
"80/http"
],
"severity": "critical",
"summary": "Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack.\n\n\n\n\nConfigurations are affected when mod_proxy is enabled along with some form of RewriteRule\n or ProxyPassMatch in which a non-specific pattern matches\n some portion of the user-supplied request-target (URL) data and is then\n re-inserted into the proxied request-target using variable \nsubstitution. For example, something like:\n\n\n\n\nRewriteEngine on\nRewriteRule \"^/here/(.*)\" \"http://example.com:8080/elsewhere?$1\"; [P]\nProxyPassReverse /here/ http://example.com:8080/\n\n\nRequest splitting/smuggling could result in bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. Users are recommended to update to at least version 2.4.56 of Apache HTTP Server.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-444"
},
"CVE-2023-27522": {
"id": "CVE-2023-27522",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2023/04/msg00028.html",
"https://security.gentoo.org/glsa/202309-01"
],
"score": 7.5,
"services": [
"80/http"
],
"severity": "high",
"summary": "HTTP Response Smuggling vulnerability in Apache HTTP Server via mod_proxy_uwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55.nnSpecial characters in the origin response header can truncate/split the response forwarded to the client.nnn",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"weakness": "CWE-444"
}
}
}