182.79.29.200
{
"scan_id": 1737351220,
"ip": "182.79.29.200",
"is_ipv4": true,
"is_ipv6": false,
"location": {
"network": "182.79.28.0/22",
"postal_code": "600001",
"coordinates": {
"latitude": "13.0895",
"longitude": "80.2739"
},
"geo_point": "13.0895, 80.2739",
"locale_code": "en",
"continent": "Asia",
"country_code": "IN",
"country_name": "India",
"city": "Chennai"
},
"location_updated_at": "2025-01-21T12:41:37Z",
"asn": {
"number": "AS9498",
"organization": "BHARTI Airtel Ltd.",
"country_code": ""
},
"asn_updated_at": "0001-01-01T00:00:00Z",
"whois": {
"network": "182.79.28.0/22",
"organization": "Bharti Airtel Limited",
"descr": "Bharti Airtel Limited,\nTransport Network Group,\n234, Okhla Phase III",
"_encoding": {
"raw": "BASE64"
}
},
"whois_updated_at": "2024-12-09T11:27:39Z",
"tags": [
{
"name": "is_anonymous_proxy",
"pretty_name": "Anonymous Proxy",
"value": false,
"last_updated_at": "2025-01-21T12:41:37Z"
},
{
"name": "is_cdn",
"pretty_name": "CDN",
"value": false,
"last_updated_at": "2025-01-21T14:09:45Z"
},
{
"name": "is_satellite_provider",
"pretty_name": "Satellite Provider",
"value": false,
"last_updated_at": "2025-01-21T12:41:37Z"
}
],
"services": [
{
"port": 22,
"protocol": "tcp",
"name": "ssh",
"version": "",
"product": "",
"extra_info": "protocol 2.0",
"tunnel": "",
"modules": {
"ssh": {
"banner": "SSH-2.0-8tiXd",
"client_to_server_ciphers": [
"[email protected]",
"aes128-ctr",
"aes192-ctr",
"aes256-ctr",
"[email protected]",
"[email protected]"
],
"client_to_server_compression": [
"none",
"[email protected]"
],
"client_to_server_macs": [
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"hmac-sha2-256",
"hmac-sha2-512",
"hmac-sha1",
"[email protected]",
"hmac-ripemd160",
"[email protected]"
],
"host_key_algorithms": [
"ssh-rsa",
"ssh-ed25519"
],
"kex_algorithms": [
"[email protected]",
"diffie-hellman-group-exchange-sha256",
"diffie-hellman-group-exchange-sha1",
"diffie-hellman-group14-sha1"
],
"key": {
"algorithm": "ssh-rsa",
"fingerprint_sha256": "91895f266480d72277c4bedf4e253d1e8125d7e7a769391f22e763bb17b6b2ea"
},
"server_to_client_ciphers": [
"[email protected]",
"aes128-ctr",
"aes192-ctr",
"aes256-ctr",
"[email protected]",
"[email protected]"
],
"server_to_client_compression": [
"none",
"[email protected]"
],
"server_to_client_macs": [
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"hmac-sha2-256",
"hmac-sha2-512",
"hmac-sha1",
"[email protected]",
"hmac-ripemd160",
"[email protected]"
],
"software": "8tiXd",
"version": "2.0"
}
},
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-01-16T13:14:19.16Z"
},
{
"port": 23,
"protocol": "tcp",
"name": "telnet",
"version": "",
"product": "Linux telnetd",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/o:linux:linux_kernel",
"part": "o",
"vendor": "linux",
"product": "linux_kernel",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"telnet": {
"banner": "\r\n****************************************************************************\r\nTHIS SYSTEM IS FOR THE USE OF AUTHORIZED USERS ONLY\r\n USERS HAVE NO EXPLICT OR IMPLICIT EXPECTATIONS OF PRIVACY.\r\n ANY OR ALL USE OF THIS SYSTEM AND ALL FILES ON THIS SYSTEM\r\nMAY BE INTERCEPTED,MONITORED, RECORDED, COPIED, AUDITED,\r\nINSPECTED, AND DISCLOSED TO THE NECESSARY AUTHORITIES. BY\r\nUSING THIS SYSTEM, THE USER CONSENTS TO SUCH INTERCEPTION.\r\nUNAUTHORIZED OR IMPROPER USE, OR ATTEMPTED USE, OF THIS\r\nSYSTEM MAY RESULT IN ADMINISTRATIVE DISCIPLINARY ACTION AND\r\nCIVIL AND CRIMINAL PENALTIES. BY CONTINUING TO USE THIS SYSTEM\r\nYOU INDICATE YOUR AWARENESS OF, AND CONSENT TO THESE TERMS\r\nAND CONDITIONS OF USE. LOG OFF IMMEDIATELY IF YOU DO NOT AGREE\r\nTO THE CONDITIONS THAT ARE STATED IN THIS WARNING.\r\n************************************************************************* \r\n(Press 'a' to accept):"
}
},
"cve": [
{
"id": "CVE-1999-0431",
"severity": "medium"
},
{
"id": "CVE-1999-0656",
"severity": "medium"
},
{
"id": "CVE-1999-1285",
"severity": "low"
}
],
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-01-10T23:43:59.177Z"
},
{
"port": 443,
"protocol": "tcp",
"name": "https",
"version": "",
"product": "",
"extra_info": "",
"tunnel": "ssl",
"modules": {
"http": {
"body_murmur": 390931134,
"body_sha256": "139dcb3dd29b1727eb6ee73f90dcc674ec148c2f09d009411aaa94a13fdabde5",
"content_length": -1,
"headers": {
"accept_ranges": [
"bytes"
],
"cache_control": [
"no-cache"
],
"content_security_policy": [
"frame-ancestors 'self'"
],
"content_type": [
"text/html"
],
"date": [
"Tue, 21 Jan 2025 21:51:44 GMT"
],
"last_modified": [
"Thu, 29 Jul 2021 23:34:56 GMT"
],
"strict_transport_security": [
"max-age=15552000"
],
"vary": [
"Accept-encoding"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"redirects": [
{
"body_murmur": -1559192901,
"body_sha256": "f0855be6e9962a998e160eb813e51bb3afc7ecb80f3b76494e1af84946ef9c55",
"content_length": 208,
"location": "https://182.79.29.200/ng",
"status_code": 302,
"status_line": "302 Found"
}
],
"status_code": 200
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": false,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
}
},
"fingerprint_md5": "C1A623FC022EA611B4E921985A99B837",
"fingerprint_sha1": "DB5812CA6653885E0FE9190546D640E7A1A10517",
"fingerprint_sha256": "1CBB1F073EBDD96BEC023C4EAE89157B8D001CF2DFF2BBA758F2FCB8C3B4B820",
"issuer": {
"common_name": [
"FortiGate"
],
"organization": [
"Fortinet Ltd."
]
},
"jarm": "07d0bd0fd21d21d07c42d43d0000009424803a662b126a748cf4f90707a33c",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "9184565550103280710",
"signature": {
"algorithm": {
"name": "SHA256-RSA",
"oid": "1.2.840.113549.1.1.11"
},
"self_signed": true
},
"subject": {
"common_name": [
"FortiGate"
],
"organization": [
"Fortinet Ltd."
]
},
"subject_alt_name": {
"dns_names": [
"FortiGate"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "14e6030004718aab17685ac7910def5def0510f7ac4b562ef0ae612d34ac9b5c",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 2048
}
},
"tbs_fingerprint": "d34169905944065ca1d974ee23cede3df04612c7ef88bd8f6080dd8a9a1be3b5",
"validation_level": "OV",
"validity": {
"length_seconds": 71280000,
"not_after": "2025-07-02T09:02:37",
"not_before": "2023-03-30T09:02:37"
},
"version": 2
},
"fingerprint_sha256": "1CBB1F073EBDD96BEC023C4EAE89157B8D001CF2DFF2BBA758F2FCB8C3B4B820",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"url": "https://182.79.29.200/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-01-21T22:26:50.68Z"
}
],
"services_hash": "5416868469e4805bfbc44b6621504c95303813ea1ee59984e534ff6c7476ad14",
"last_updated_at": "2025-01-21T22:26:50.68Z",
"banner": [
"http",
"tls",
"ssh",
"telnet"
],
"is_vuln": true,
"cveDetails": {
"CVE-1999-0431": {
"id": "CVE-1999-0431",
"references": [
"https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0431",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0431"
],
"score": 5,
"services": [
"23/telnet"
],
"severity": "medium",
"summary": "Linux 2.2.3 and earlier allow a remote attacker to perform an IP fragmentation attack, causing a denial of service.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "NVD-CWE-Other"
},
"CVE-1999-0656": {
"id": "CVE-1999-0656",
"references": [
"http://ca.com/au/securityadvisor/vulninfo/Vuln.aspx?ID=1638",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/348",
"http://ca.com/au/securityadvisor/vulninfo/Vuln.aspx?ID=1638",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/348"
],
"score": 5,
"services": [
"23/telnet"
],
"severity": "medium",
"summary": "The ugidd RPC interface, by design, allows remote attackers to enumerate valid usernames by specifying arbitrary UIDs that ugidd maps to local user and group names.",
"vector_string": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"weakness": "CWE-16"
},
"CVE-1999-1285": {
"id": "CVE-1999-1285",
"references": [
"http://marc.info/?l=bugtraq&m=91495921611500&w=2",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/1472",
"http://marc.info/?l=bugtraq&m=91495921611500&w=2",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/1472"
],
"score": 2.1,
"services": [
"23/telnet"
],
"severity": "low",
"summary": "Linux 2.1.132 and earlier allows local users to cause a denial of service (resource exhaustion) by reading a large buffer from a random device (e.g. /dev/urandom), which cannot be interrupted until the read has completed.",
"vector_string": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "NVD-CWE-Other"
},
"CVE-1999-1442": {
"id": "CVE-1999-1442",
"references": [
"http://uwsg.iu.edu/hypermail/linux/kernel/9805.3/0855.html",
"http://www.cs.helsinki.fi/linux/linux-kernel/Year-1998/1998-25/0816.html",
"http://www.securityfocus.com/bid/105"
],
"score": 7.2,
"services": [
"23/telnet"
],
"severity": "high",
"summary": "Bug in AMD K6 processor on Linux 2.0.x and 2.1.x kernels allows local users to cause a denial of service (crash) via a particular sequence of instructions, possibly related to accessing addresses outside of segments.",
"vector_string": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"weakness": "NVD-CWE-Other"
},
"CVE-2022-3424": {
"id": "CVE-2022-3424",
"references": [
"https://bugzilla.redhat.com/show_bug.cgi?id=2132640",
"https://github.com/torvalds/linux/commit/643a16a0eb1d6ac23744bb6e90a00fc21148a9dc",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html",
"https://lore.kernel.org/all/20221019031445.901570-1-zyytlz.wz%40163.com/",
"https://security.netapp.com/advisory/ntap-20230406-0005/",
"https://www.spinics.net/lists/kernel/msg4518970.html",
"https://bugzilla.redhat.com/show_bug.cgi?id=2132640",
"https://github.com/torvalds/linux/commit/643a16a0eb1d6ac23744bb6e90a00fc21148a9dc",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html",
"https://lore.kernel.org/all/20221019031445.901570-1-zyytlz.wz%40163.com/",
"https://security.netapp.com/advisory/ntap-20230406-0005/",
"https://www.spinics.net/lists/kernel/msg4518970.html"
],
"score": 7.8,
"services": [
"23/telnet"
],
"severity": "high",
"summary": "A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by the user, where a fail pass occurs in the gru_check_chiplet_assignment function. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"vector_string": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-416"
},
"CVE-2022-3707": {
"id": "CVE-2022-3707",
"references": [
"https://bugzilla.redhat.com/show_bug.cgi?id=2137979",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html",
"https://lore.kernel.org/all/20221007013708.1946061-1-zyytlz.wz%40163.com/",
"https://bugzilla.redhat.com/show_bug.cgi?id=2137979",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html",
"https://lore.kernel.org/all/20221007013708.1946061-1-zyytlz.wz%40163.com/"
],
"score": 5.5,
"services": [
"23/telnet"
],
"severity": "medium",
"summary": "A double-free memory flaw was found in the Linux kernel. The Intel GVT-g graphics driver triggers VGA card system resource overload, causing a fail in the intel_gvt_dma_map_guest_page function. This issue could allow a local user to crash the system.",
"vector_string": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-460"
},
"CVE-2023-0030": {
"id": "CVE-2023-0030",
"references": [
"https://bugzilla.redhat.com/show_bug.cgi?id=2157270",
"https://github.com/torvalds/linux/commit/729eba3355674f2d9524629b73683ba1d1cd3f10",
"https://security.netapp.com/advisory/ntap-20230413-0010/",
"https://bugzilla.redhat.com/show_bug.cgi?id=2157270",
"https://github.com/torvalds/linux/commit/729eba3355674f2d9524629b73683ba1d1cd3f10",
"https://security.netapp.com/advisory/ntap-20230413-0010/"
],
"score": 7.8,
"services": [
"23/telnet"
],
"severity": "high",
"summary": "A use-after-free flaw was found in the Linux kernel’s nouveau driver in how a user triggers a memory overflow that causes the nvkm_vma_tail function to fail. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"vector_string": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-416"
},
"CVE-2023-1390": {
"id": "CVE-2023-1390",
"references": [
"https://gist.github.com/netspooky/bee2d07022f6350bb88eaa48e571d9b5",
"https://github.com/torvalds/linux/commit/b77413446408fdd256599daf00d5be72b5f3e7c6",
"https://infosec.exchange/%40_mattata/109427999461122360",
"https://security.netapp.com/advisory/ntap-20230420-0001/",
"https://gist.github.com/netspooky/bee2d07022f6350bb88eaa48e571d9b5",
"https://github.com/torvalds/linux/commit/b77413446408fdd256599daf00d5be72b5f3e7c6",
"https://infosec.exchange/%40_mattata/109427999461122360",
"https://security.netapp.com/advisory/ntap-20230420-0001/"
],
"score": 7.5,
"services": [
"23/telnet"
],
"severity": "high",
"summary": "A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipc_link_xmit() hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization for the system to instantly spike to 100%, causing a denial of service condition.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-1050"
},
"CVE-2023-28466": {
"id": "CVE-2023-28466",
"references": [
"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=49c47cc21b5b7a3d8deb18fc57b0aa2ab1286962",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html",
"https://security.netapp.com/advisory/ntap-20230427-0006/",
"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=49c47cc21b5b7a3d8deb18fc57b0aa2ab1286962",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html",
"https://security.netapp.com/advisory/ntap-20230427-0006/"
],
"score": 7,
"services": [
"23/telnet"
],
"severity": "high",
"summary": "do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference).",
"vector_string": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-476"
}
}
}