208.123.119.176
{
"scan_id": 1752993643,
"ip": "208.123.119.176",
"is_ipv4": true,
"is_ipv6": false,
"location": {
"network": "208.123.118.0/23",
"postal_code": "90060",
"coordinates": {
"latitude": "34.0544",
"longitude": "-118.244"
},
"geo_point": "34.0544, -118.244",
"locale_code": "en",
"continent": "North America",
"country_code": "US",
"country_name": "United States",
"city": "Los Angeles"
},
"location_updated_at": "2025-07-21T00:44:09Z",
"asn": {
"number": "AS395092",
"organization": "SHOCK-1",
"country_code": ""
},
"asn_updated_at": "0001-01-01T00:00:00Z",
"whois": {
"network": "208.123.116.0/22",
"organization": "Shock Hosting LLC",
"descr": "Shock Hosting LLC",
"_encoding": {
"raw": "BASE64"
}
},
"whois_updated_at": "2024-12-09T19:02:23Z",
"tags": [
{
"name": "is_anonymous_proxy",
"pretty_name": "Anonymous Proxy",
"value": false,
"last_updated_at": "2025-07-21T00:44:09Z"
},
{
"name": "is_cdn",
"pretty_name": "CDN",
"value": false,
"last_updated_at": "2025-07-21T05:19:06Z"
},
{
"name": "is_satellite_provider",
"pretty_name": "Satellite Provider",
"value": false,
"last_updated_at": "2025-07-21T00:44:09Z"
}
],
"services": [
{
"port": 22,
"protocol": "tcp",
"name": "ssh",
"version": "8.9p1 Ubuntu 3ubuntu0.10",
"product": "OpenSSH",
"extra_info": "Ubuntu Linux; protocol 2.0",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:openbsd:openssh:8.9p1",
"part": "a",
"vendor": "openbsd",
"product": "openssh",
"version": "8\\.9p1",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
},
{
"uri": "cpe:/o:linux:linux_kernel",
"part": "o",
"vendor": "linux",
"product": "linux_kernel",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"ssh": {
"banner": "SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.10",
"client_to_server_ciphers": [
"[email protected]",
"aes128-ctr",
"aes192-ctr",
"aes256-ctr",
"[email protected]",
"[email protected]"
],
"client_to_server_compression": [
"none",
"[email protected]"
],
"client_to_server_macs": [
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"hmac-sha2-256",
"hmac-sha2-512",
"hmac-sha1"
],
"host_key_algorithms": [
"rsa-sha2-512",
"rsa-sha2-256",
"ecdsa-sha2-nistp256",
"ssh-ed25519"
],
"kex_algorithms": [
"curve25519-sha256",
"[email protected]",
"ecdh-sha2-nistp256",
"ecdh-sha2-nistp384",
"ecdh-sha2-nistp521",
"[email protected]",
"diffie-hellman-group-exchange-sha256",
"diffie-hellman-group16-sha512",
"diffie-hellman-group18-sha512",
"diffie-hellman-group14-sha256",
"[email protected]"
],
"key": {
"algorithm": "ecdsa-sha2-nistp256",
"fingerprint_sha256": "4f7f51384e5999d4115746c29ce26ed51ce5ae130f5b93b201138e8a96a52bd2",
"raw": "AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFlzRnXudueMOORII2nbulxbYAesOkpvdqYFgdPFiZM+irMCQatpgaVWKA83jigoKOSXCUcrvorJPFsxuBLQdC4="
},
"server_to_client_ciphers": [
"[email protected]",
"aes128-ctr",
"aes192-ctr",
"aes256-ctr",
"[email protected]",
"[email protected]"
],
"server_to_client_compression": [
"none",
"[email protected]"
],
"server_to_client_macs": [
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"hmac-sha2-256",
"hmac-sha2-512",
"hmac-sha1"
],
"software": "OpenSSH_8.9p1",
"version": "2.0"
}
},
"cve": [
{
"id": "CVE-2007-2768",
"score": 4.3,
"severity": "medium"
},
{
"id": "CVE-2008-3844",
"score": 9.3,
"severity": "high"
},
{
"id": "CVE-2023-28531",
"score": 9.8,
"severity": "critical"
}
],
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-18T08:54:54.472Z"
},
{
"port": 80,
"protocol": "tcp",
"name": "http",
"version": "",
"product": "nginx",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:igor_sysoev:nginx",
"part": "a",
"vendor": "igor_sysoev",
"product": "nginx",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body": "<!doctype html>\n<html lang=\"en\">\n <head>\n <meta charset=\"utf-8\">\n <meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n <meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">\n\n\n <title>Log in » Upload.ironcowteam.fr</title>\n <link rel=\"apple-touch-icon\" sizes=\"180x180\" href=\"/assets/img/favicon/apple-touch-icon.png\"><link rel=\"icon\" type=\"image/png\" sizes=\"32x32\" href=\"/assets/img/favicon/favicon-32x32.png\"><link rel=\"icon\" type=\"image/png\" sizes=\"16x16\" href=\"/assets/img/favicon/favicon-16x16.png\"><link rel=\"manifest\" href=\"/assets/img/favicon/site.webmanifest\"><meta name=\"theme-color\" content=\"#4c2ab6\">\n <script name=\"jquery\" src=\"/assets/lib/jquery/jquery.min.js?v=3.6.1\" type=\"text/javascript\"></script>\n<script name=\"jquery-migrate\" src=\"/assets/lib/jquery-migrate/jquery-migrate.min.js?v=3.0.1\" type=\"text/javascript\"></script>\n<script name=\"ckeditor5\" src=\"//node_modules/@ckeditor/ckeditor5-build-classic/build/ckeditor.js?v=23.1.0\" type=\"text/javascript\"></script>\n<!--[if lt IE 9]><script name=\"html5shiv\" src=\"/assets/lib/html5shiv.min.js?v=3.7.3\" type=\"text/javascript\"></script>\n<![endif]--><!--[if lt IE 9]><script name=\"respondjs\" src=\"/assets/lib/respond.min.js?v=1.4.2\" type=\"text/javascript\"></script>\n<![endif]--><link name=\"css_assets\" href=\"/assets/css/assets.css?v=2023041801\" rel=\"stylesheet\" media=\"all\" type=\"text/css\">\n<link name=\"css_main\" href=\"/assets/css/main.css?v=2023041801\" rel=\"stylesheet\" media=\"all\" type=\"text/css\">\n</head>\n\n<body class=\"body login backend\" data-page-id=\"login\">\n <header id=\"header\" class=\"navbar navbar-expand-md navbar-dark fixed-top bg-dark\">\n <div class=\"container-fluid\">\n\n <div class=\"navbar-header ms-3 me-auto\">\n <span class=\"navbar-brand\">\n <a href=\"https://www.projectsend.org/\" target=\"_blank\">\n <svg viewBox=\"0 0 358 379\" xmlns=\"http://www.w3.org/2000/svg\">\n\t<path class=\"st0\" d=\"M348.8,227.2c-10.3-19-20.7-38-31-57c-28.2-51.7-56.3-103.5-84.5-155.2C227.6,4.8,218.6,1.8,208.9,7\n\t\tc-59.8,32.5-119.6,65-179.4,97.5c-3,1.6-2.8,2.7-0.9,5.1c9.2,11.1,19.3,21.2,30.5,30.2c33.9,27.5,72.5,46.4,113.3,61\n\t\tc52.4,18.7,106.3,29.8,162,31.7c3.7,0,7.3,0,11,0C351.6,232.4,351.6,232.4,348.8,227.2z\"/>\n\t<path class=\"st0\" d=\"M9.9,192.3c30.8,56.6,61.6,113.1,92.4,169.6c6.6,12.1,15.1,14.5,27.3,7.9c70.2-38.2,140.3-76.4,210.4-114.6\n\t\tc1.4-0.7,3-1.1,4-2.7C228.1,252.3,115.4,236.1,8,188.5C8.8,190,9.3,191.2,9.9,192.3z\"/>\n</svg> </a> Upload.ironcowteam.fr</span>\n </div>\n\n <ul class=\"nav pull-right nav_account\">\n <li class=\"dropdown\">\n <a href=\"#\" class=\"dropdown-toggle\" id=\"language_dropdown\" data-toggle=\"dropdown\" role=\"button\" aria-haspopup=\"true\" aria-expanded=\"false\" data-bs-toggle=\"dropdown\" >\n <i class=\"fa fa-globe\" aria-hidden=\"true\"></i> <span>Language</span> <span class=\"caret\"></span>\n </a>\n <ul class=\"dropdown-menu dropdown-menu-end\" aria-labelledby=\"language_dropdown\">\n <li>\n <a class=\"dropdown-item\" href=\"/process.php?do=change_language&language=en&return_to=http%3A%2F%2Fupload.ironcowteam.fr%3A8083%2F\">\n English </a>\n </li>\n </ul>\n </li>\n </ul>\n </div>\n</header>\n\n <main>\n <div class=\"container-fluid\">\n <div class=\"main_content_unlogged\">\n\n <div class=\"row\">\n <div class=\"col-12 branding_unlogged\">\n <figure><img src=\"/assets/img/projectsend-logo.svg\" alt=\"Upload.ironcowteam.fr\" /></figure> </div>\n </div>\n\n\n <div class=\"row justify-content-md-center\">\n <div class=\"col-12 col-sm-12 col-lg-4\">\n </div>\n </div>\n<div class=\"row justify-content-md-center\">\n <div class=\"col-12 col-sm-12 col-lg-4\">\n <div class=\"white-box\">\n <div class=\"white-box-interior\">\n <div class=\"ajax_response\">\n </div>\n\n <div class=\"tab-content\">\n <div role=\"tabpanel\" class=\"tab-pane fade in active show\" id=\"local\">\n <form action=\"index.php\" name=\"login_admin\" role=\"form\" id=\"login_form\" method=\"post\">\n <input type=\"hidden\" name=\"csrf_token\" value=\"49b23fa4c9ac8f9d6cc702b3215c31bb051e47fb20593efd96241399de372833\" />\n <input type=\"hidden\" name=\"do\" value=\"login\">\n <fieldset>\n <div class=\"mb-3\">\n <label for=\"username\">Username / E-mail</label>\n <input type=\"text\" name=\"username\" id=\"username\" value=\"\" class=\"form-control\" autofocus />\n </div>\n\n <div class=\"mb-3\">\n <label for=\"password\">Password</label>\n <input type=\"password\" name=\"password\" id=\"password\" class=\"form-control\" />\n </div>\n\n\n\n <div class=\"inside_form_buttons\">\n <button type=\"submit\" id=\"btn_submit\" class=\"btn btn-wide btn-primary\" data-text=\"Log in\" data-loading-text=\"Logging in\">Log in</button>\n </div>\n\n <div class=\"social_login_links text-center\">\n </div>\n </fieldset>\n</form>\n\n<div class=\"login_form_links\"><p>This server does not allow self registrations.</p>\n <p>If you need an account, please contact a server administrator.</p>\n <p>Forgot your password? <a href=\"/reset-password.php\">Set up a new one.</a></p></div> </div>\n\n </div>\n </div>\n </div>\n </div>\n</div>\n <footer>\n <div id=\"footer\">\n Provided by <a href=\"https://www.projectsend.org/\" target=\"_blank\">ProjectSend</a> - Free software </div>\n </footer>\n </div> <!-- main-content -->\n </div> <!-- container-fluid -->\n </main>\n <script type=\"text/javascript\">\n /*<![CDATA[*/\n var json_strings = {\"uri\":{\"base\":\"http:\\/\\/upload.ironcowteam.fr:8083\\/\",\"public_group\":\"http:\\/\\/upload.ironcowteam.fr:8083\\/public.php\",\"public_download\":\"http:\\/\\/upload.ironcowteam.fr:8083\\/download.php\",\"assets_img\":\"http:\\/\\/upload.ironcowteam.fr:8083\\/assets\\/img\",\"widgets\":\"http:\\/\\/upload.ironcowteam.fr:8083\\/includes\\/widgets\\/\"},\"login\":{\"button_text\":\"Log in\",\"logging_in\":\"Logging in\",\"redirecting\":\"Redirecting\",\"errors\":{\"invalid_credentials\":\"The supplied credentials are not valid.\",\"wrong_username\":\"The supplied username doesn't exist.\",\"wrong_password\":\"The supplied password is incorrect.\",\"account_inactive\":\"This account is not active.\",\"account_inactive_notice\":\"If you just registered, please wait until a system administrator approves your account.\",\"no_self_registration\":\"Client self registration is not allowed. If you need an account, please contact a system administrator.\",\"timeout\":\"Session timed out. Please log in again.\",\"2fa\":{\"invalid\":\"Code is not valid\",\"used\":\"Code has already been used\",\"expired\":\"Code expired\",\"throttle\":\"You have pending codes to verify. Please wait until %s to request a new one.\"}}},\"translations\":{\"cannot_load_content\":\"Content could not be loaded\",\"public_group_note\":\"Send this URL to someone to view the allowed group contents according to your privacy settings.\",\"public_file_note\":\"Send this URL to someone to download the file without registering or logging in.\",\"copy_click_select\":\"Click the URL to select it and copy\",\"click_to_copy\":\"Click to copy\",\"copy_ok\":\"Successfully copied to clipboard\",\"copy_error\":\"Content could not be copied to clipboard\",\"public_url\":\"Public URL\",\"select_one_or_more\":\"Please select at least one item to proceed.\",\"confirm_delete\":\"You are about to delete %d items. Are you sure you want to continue?\",\"confirm_delete_log\":\"You are about to delete all activities from the log. Only those used for statistics will remain. Are you sure you want to continue?\",\"download_wait\":\"Please wait while your download is prepared.\",\"download_long_wait\":\"This operation could take a few minutes, depending on the size of the files.\",\"confirm_unassign\":\"You are about to unassign %d files from this account. Are you sure you want to continue?\",\"no_results\":\"No results were found.\",\"email_templates\":{\"confirm_replace\":\"Please confirm: replace the custom template text with the default one?\",\"loading_error\":\"Error: the content could not be loaded\"},\"upload_form\":{\"no_files\":\"You must select at least one file to upload.\",\"leave_confirm\":\"Are you sure? Files currently being uploaded will be discarded if you leave this page.\",\"copy_selection\":\"Copy selection to all files?\",\"copy_expiration\":\"Copy expiration settings to all files?\",\"copy_public\":\"Copy public settings to all files?\",\"copy_hidden\":\"Copy setting to all files?\",\"some_files_had_errors\":\"Some of your files uploaded correctly, but others could not be uploaded.\",\"continue_to_editor\":\"Go to the file editor\"},\"confirm_generic\":\"Confirm this action?\",\"preview_failed\":\"Failed to load file preview\",\"failed_loading_resource\":\"Failed to load resource\"},\"validation\":{\"errors_found_title\":\"The following errors were found\",\"default\":\"Validation \\\"%s\\\" failed for field \\\"%s\\\"\",\"recaptcha\":\"reCAPTCHA verification failed\",\"no_name\":\"Name was not completed\",\"no_client\":\"No client was selected\",\"no_user\":\"Username was not completed\",\"no_pass\":\"Password was not completed\",\"no_pass2\":\"Password verification was not completed\",\"no_email\":\"E-mail was not completed\",\"no_title\":\"Title was not completed\",\"invalid_email\":\"E-mail address is not valid\",\"alpha_user\":\"Username must be alphanumeric and may contain dot or underscores (a-z, A-Z, 0-9, _ and . allowed)\",\"alpha_pass\":\"Password must be alphanumeric (a-z,A-Z,0-9 allowed)\",\"match_pass\":\"Passwords do not match\",\"rules_pass\":\"Password does not meet the required characters rules\",\"file_size\":\"File size value must be a whole number\",\"no_role\":\"User role was not specified\",\"user_exists\":\"An account with this username already exists.\",\"email_exists\":\"An account with this e-mail address already exists.\",\"valid_pass\":\"Your password can only contain letters, numbers and the following characters:\",\"valid_chars\":\"` ! \\\" ? $ ? % ^ & * ( ) _ - + = { [ } ] : ; @ ~ # | < , > . ? ' \\/ \\\\ \",\"complete_all_options\":\"Please complete all the fields.\",\"enum_invalid\":\"Type is not valid\",\"numeric\":\"Value %s is not a number\",\"length_user\":\"Length should be between 5 and 60 characters long\",\"length_pass\":\"Length should be between 5 and 60 characters long\",\"req_upper\":\"1 uppercase character\",\"req_lower\":\"1 lowercase character\",\"req_number\":\"1 number\",\"req_special\":\"1 special character\",\"install_no_sitename\":\"Sitename was not completed.\",\"install_no_baseuri\":\"ProjectSend URI was not completed.\"},\"character_limits\":{\"user_min\":5,\"user_max\":60,\"password_min\":5,\"password_max\":60}};\n /*]]>*/\n </script>\n <script name=\"js_assets\" src=\"/assets/js/assets.js?v=2023041801\" type=\"text/javascript\"></script>\n<script name=\"js_app\" src=\"/assets/js/app.js?v=2023041801\" type=\"text/javascript\"></script>\n </body>\n</html>",
"body_murmur": -413225233,
"body_sha256": "8ff7d5f90ed3e4f2fc127378aa3d61c1512f705de783147d6117ed9d641038a2",
"component": [
"Nginx"
],
"content_length": -1,
"favicon": {
"md5_hash": "053c3318074d25db7f846c3a0fc12c39",
"murmur_hash": -1812474790,
"path": "http://208.123.119.176:80/assets/img/favicon/apple-touch-icon.png",
"size": 9609
},
"headers": {
"cache_control": [
"no-store, no-cache, must-revalidate, max-age=0"
],
"connection": [
"keep-alive"
],
"content_type": [
"text/html; charset=UTF-8"
],
"date": [
"Mon, 21 Jul 2025 08:09:42 GMT"
],
"pragma": [
"no-cache"
],
"server": [
"nginx"
],
"set_cookie": [
"PHPSESSID=u6mt2ftjdau6cuxthr5aaqmzqn; path=/"
],
"x_powered_by": [
"PHP/8.3.10"
]
},
"protocol": "HTTP/1.1",
"request": {
"headers": {
"accept": [
"*/*"
],
"user_agent": [
"Mozilla/5.0 (compatible; Odin; https://docs.getodin.com/)"
]
},
"method": "GET",
"url": {
"host": "208.123.119.176",
"path": "",
"scheme": "http"
}
},
"status_code": 200,
"title": "Log in » Upload.ironcowteam.fr",
"transfer_encoding": [
"chunked"
]
},
"solrdb": {
"directory": "/var/solr/data",
"impl_version": "8.1.1 fcbe46c28cef11bc058779afba09521de1b19bef - ab - 2019-05-22 15:20:01",
"index": [
"test"
],
"jvm": {
"stats": "Oracle Corporation OpenJDK 64-Bit Server VM",
"version": "11.0.4 11.0.4+11"
},
"lucene": {
"impl_version": "8.1.1 fcbe46c28cef11bc058779afba09521de1b19bef - ab - 2019-05-22 15:15:24",
"spec_version": "8.1.1"
},
"system": {
"arch": "amd64",
"name": "Linux",
"uname": "Linux e49117e64379 5.14.0-1059-oem #67-Ubuntu SMP Mon Mar 13 14:22:10 UTC 2023 x86_64 GNU/Linux\n",
"version": "5.14.0-1059-oem"
},
"version": "8.1.1",
"vm": {
"name": "OpenJDK 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "11.0.4+11"
}
}
},
"url": "http://208.123.119.176/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-21T08:09:43.715Z"
},
{
"port": 443,
"protocol": "tcp",
"name": "http",
"version": "",
"product": "Apache httpd",
"extra_info": "",
"tunnel": "ssl",
"softwares": [
{
"uri": "cpe:/a:apache:http_server",
"part": "a",
"vendor": "apache",
"product": "http_server",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body": "\n\n<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n<html xmlns=\"http://www.w3.org/1999/xhtml\">\n <head>\n <title>Pentaho Business Analytics</title>\n <meta http-equiv=\"refresh\" content=\"0;URL=/pentaho\">\n </head>\n <body>\n </body>\n</html>\n",
"body_murmur": -421659837,
"body_sha256": "0a9ead78c16372f821f09f6c2600d736908cae1c7e83a27e543f30fced496a95",
"component": [
"Apache HTTP Server"
],
"content_length": 356,
"favicon": {
"md5_hash": "3ab22b6f3f0d4271e8d038c05cfbd5c9",
"murmur_hash": 602431586,
"path": "https://208.123.119.176:443/favicon.ico",
"size": 1150
},
"headers": {
"content_length": [
"356"
],
"content_type": [
"text/html;charset=ISO-8859-1"
],
"date": [
"Sun, 20 Jul 2025 22:05:22 GMT"
],
"server": [
"Apache"
],
"set_cookie": [
"JSESSIONID=S17UYSVX0RT9Y7A7L0XBX0AW23JETHO2; Path=/; Secure; HttpOnly"
]
},
"protocol": "HTTP/1.1",
"request": {
"headers": {
"accept": [
"*/*"
],
"user_agent": [
"Mozilla/5.0 (compatible; Odin; https://docs.getodin.com/)"
]
},
"method": "GET",
"url": {
"host": "208.123.119.176",
"path": "",
"scheme": "https"
}
},
"status_code": 200,
"title": "Pentaho Business Analytics"
},
"tls": {
"certificate": {
"extensions": {
"authority_key_id": "3f3de3a5e8d34f9c79510ab877bc456a627e55d8",
"basic_constraints": {
"is_ca": true
},
"subject_key_id": "3f3de3a5e8d34f9c79510ab877bc456a627e55d8"
},
"fingerprint_md5": "000653864C2949733AD521E404CA24B3",
"fingerprint_sha1": "8E549A9E8E5B19275BF6432FDE12364B66541507",
"fingerprint_sha256": "928BF58CA1207BEDB19A07AA26CC1060746FAD3BF2A2FA01778F476AADE85941",
"issuer": {
"common_name": [
"localhost"
],
"country": [
"XX"
],
"locality": [
"CityName"
],
"organization": [
"CompanyName"
],
"organizational_unit": [
"CompanySectionName"
],
"province": [
"StateName"
]
},
"issuer_dn": "/C=XX/ST=StateName/L=CityName/O=CompanyName/OU=CompanySectionName/CN=localhost",
"jarm": "3fd3fd20d00000000043d3fd3fd43d684d61a135bd962c8dd9c541ddbaefa8",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "273281378022994703368199181896883737910240570901",
"signature": {
"algorithm": {
"name": "SHA256-RSA",
"oid": "1.2.840.113549.1.1.11"
},
"self_signed": true,
"value": "NDJjOGViMzEwOWFhZjMyNTZjOWIxNWQyMjNjYjg2M2Q4OTE3MzgyN2I1YWFjZmM4MWY0MjBiYWY0ZmE0M2FiYzg1ZmUyZjU0MGE5ZjI0ZDRiNjU5NWUzNDI3ODY5OWYwYzEyODM2YjRiMzM0OWY5YmFmMTE0MDU2MTdmN2NkN2M4MDJkY2VjY2U5NzNmNjczY2Y3ZWQwZWFhNDU2YmIwODkwZWQ3YzBkZTNhMmVmYzliNGVmYWNhNDc1N2UxNDgyZmJkMjUwNmQwNTIxNTk2NjFiMDkzOGYzNDJhZWRlZDJiZThkNjE5MTdiMWJkNTZkNzAzNzIzNzYxNmNhNzAzY2JmMzIxZDA1NDlkMDMzMjkzNmY1ODdlOGU5OTMzOTA2ODI5YzBmNGUxMzIyNzcwMzk5YjAxYWJkOTNhNWQ3YzMxZjk0ZTVlOWFkMDMyZThhNTlhNWRmNDJhMzI4NjI1ZWZlNGYxM2ZmYTJhOGViNzI5YjU4OGUyMTVkNTBmN2FmOTgxMzU0MTdjZmE4YTczNGQ2ZjJmYzk4NmM3ZGFjMGEyNDk1ZDVkODViMzg3Nzg2ZTE5YzE0ZDRmNDlkMmRmMzdhZDY4NTE2NzNiY2Q0ZTE4NWE5NDA4Yjg2NTZiZTRmMDQzMDc4YzgxNmMyZTYyYWU2OTliMDBmNmE0ZDdjNDZmNTA1ODhkOWM5YjE2NzIwNGFlMTFjNWQwZjA2ZTgwNGM1MDlkZjc5NWExN2UzZjYwM2MwNDIyMGQxYjk1NTkzZThlZTgyNmM4MTJjN2I5NGE1NTc2OTAwMjc3YjM4ZDljNDhmOGI2NWJlZWViYzAwMGI0ZmZjMDMyMTM2ZTMyYmEzODQ3Njk0YmZkMTUxMzcwYTFkYjIzZGFlNDI3MzBjMGRmNjAzY2M1NzA0MWM1M2M5MDQ0YTczOTg2N2UxOWZkNmMwMGYyOGM5OTMyZTMxNTVhNzU1YjVmOWQzYzFiOTQzMzM0ZDM5ZmNjYzI0YmM1MjAxZGMxYmE5ZmYzMjZjZDRhYmI3Njc4MWYzMTMzZGRlODY0NTIxYWQxNmU4MTYzZWRkNmM0NmY3MTFmNDEwZDcwMmY5NTM0NzE5Njg3ODUzNzlhY2JiOTg0NTNiNTJiMTJhOWRhNzFiZGQyNTQ4NjcwYzY0ZGFhYzJjNmNkZjQ3YzFlYzUwYmNhMWUyYTQ4NDVmNGRjNDA5MDU5M2ViZDMwMmQ2NGI2NDc0MTMxMDhhNmRiMTA3MzQ5MjQzNTk2NWU3ODExMTgzY2ZkOWYyMThiN2JhNGExMDAyYTQwYTE5ZThkNmZjMDE0ZWMxN2ZmNGRkYzMwM2FmZDg3YmI0MGM0YWQwOTJiYTNjM2FjNA=="
},
"subject": {
"common_name": [
"localhost"
],
"country": [
"XX"
],
"locality": [
"CityName"
],
"organization": [
"CompanyName"
],
"organizational_unit": [
"CompanySectionName"
],
"province": [
"StateName"
]
},
"subject_alt_name": {
"dns_names": [
"localhost"
],
"extended_dns_names": []
},
"subject_dn": "/C=XX/ST=StateName/L=CityName/O=CompanyName/OU=CompanySectionName/CN=localhost",
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "11bd28be776afb0675da38aa0257ff6775d473bcc3871f74d1f0da48a146ad5a",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096,
"modulus": "MHhiYmM2YjNmZDMwYTk0ZmFhNTVmNjMzZGE4MWI5NzE3YzlhZTE2NTc5MzdiNWIzYTllYmRjZjE5M2MwYjhhYjM0ZTIyZDNjMzEzMDFhODUwMDk1ZDU2MzU0ODZiYWJlOTZlYTc1OWFiMTE5NWMyMTgwZmYxNGMzNTc4ZjMzMjZhYjU1ZjIyMTUxNGI4NTk2NzNjMTZkNzJjYjdlYjUyNmMyN2UxZTExYmE4OTI3NDE4NDI2OWEwMjE0MmRiNmZhNTBmNTRlYTVhOTdkM2NiZmQ3MzlhZDYzZTlmMjEwYmMxZDhmOTljNDk0ZGRiMThiOTM1OTY1OTgxM2U1ZjRjZGVlMWVjOGQ0N2Q1YWRhOWEyOGY0MzhlZDkyZjUzOGI5NzgxN2Y1MjU1ZjZmYzJjMWIyMzNhN2E5ZDYyMGUyOGM5YWVmY2VjNGVlNDNlNzViNGJlOTliNWU0M2E5YTE2NTAzODQ3ZTBkMWQzYzVmY2UxZjFlY2M5MDVlOTU2NTYyMjgyOGFmYjFmYmZlNDJmNWIxOWRmNzkyNmYwMzQzNjMwNmM5MGJmMTU2Y2I4MTU1MDUyMjIyOWUyZjFiMmNmMDkwMGJhMTk3ZTEzOGIyZGVkNjRhNjI0ZDJmMDgxMTc2ZjdjYmFjM2Y3OTBiM2ZiOGFlZjlmNTdiMjI5NTQ5ZmYwZGVkMjRmOGI2ZTQ4MjA0NDg0YTFhOGQyMzVhM2Q1N2I3M2RkZGVlZDRhYmJjMzgzNDEyNjkwMTc5OGM3NGM4ZWVjMzVlYmFjZWU4MjE0M2NkMTU0ZWNjZDFjODAwZGFiNTRiNWQzYzU1YjkzZGE0ODNmYzMxMmM1MTk4MzFiZmJhM2I5MWI1OTU1ZjBhYTQzZTE5ZTdiZGQwZGI1YTNiMzVhNzgzNzU2ODFiYTUwM2YzMjM5MWNlMTJiYTNmYzJjNzgxYTZkMmNjM2ZmM2ViNGFiODRkNmUyNTNmZDUzM2FkNDI2NWU2ZmMxNzg1ODdiMWY2NzA1ZjdjZGUzYTE1YWFhOWFlOTdhMWY1NDdhNzM5MmEwYWU2NjhlOGU0ODE0NzMyYzUwZjc5OTVkMWNmZjRjY2I3OGI2ZjI5M2FmNGU1ZWFhYzljZWQwYWYxYTA3NjJiYTZiZTkyMmZjMDFiYzY1ZWE4YWQ3MDkxMTIxM2I4ZTVjYTY0ZTBhNzYzZjc4YTA2MGEyNjgwYzk5NDA5YzIzOTNkYTU3YWFiZjEwMzE4YzgzYTljY2Q1ZmQxOWQ4Yjg5ODc4MDM2Nzk2NjllYjNiOWE0NTk1MTJkNTJkODA0MjVlNzM0OTFlMTI2MzQ1MmNiZTY0ZWYzNDE2OWEwYmJkZWJjNDhiMTViMGJiY2Jm"
}
},
"tbs_fingerprint": "e976b650eccc7af7dc649663edb6dbf0e13620e04aa570d79c2e452b45943f59",
"validation_level": "OV",
"validity": {
"length_seconds": 315360000,
"not_after": "2035-05-23T15:24:15",
"not_before": "2025-05-25T15:24:15"
},
"version": 2
},
"fingerprint_sha256": "928BF58CA1207BEDB19A07AA26CC1060746FAD3BF2A2FA01778F476AADE85941",
"precert": false,
"raw": "MIIF1zCCA7+gAwIBAgIUL95cXiCdVjQGMLVH1+q8YiKPbhUwDQYJKoZIhvcNAQELBQAwezELMAkGA1UEBhMCWFgxEjAQBgNVBAgMCVN0YXRlTmFtZTERMA8GA1UEBwwIQ2l0eU5hbWUxFDASBgNVBAoMC0NvbXBhbnlOYW1lMRswGQYDVQQLDBJDb21wYW55U2VjdGlvbk5hbWUxEjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0yNTA1MjUxNTI0MTVaFw0zNTA1MjMxNTI0MTVaMHsxCzAJBgNVBAYTAlhYMRIwEAYDVQQIDAlTdGF0ZU5hbWUxETAPBgNVBAcMCENpdHlOYW1lMRQwEgYDVQQKDAtDb21wYW55TmFtZTEbMBkGA1UECwwSQ29tcGFueVNlY3Rpb25OYW1lMRIwEAYDVQQDDAlsb2NhbGhvc3QwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC7xrP9MKlPqlX2M9qBuXF8muFleTe1s6nr3PGTwLirNOItPDEwGoUAldVjVIa6vpbqdZqxGVwhgP8Uw1ePMyarVfIhUUuFlnPBbXLLfrUmwn4eEbqJJ0GEJpoCFC22+lD1TqWpfTy/1zmtY+nyELwdj5nElN2xi5NZZZgT5fTN7h7I1H1a2poo9DjtkvU4uXgX9SVfb8LBsjOnqdYg4oya787E7kPnW0vpm15DqaFlA4R+DR08X84fHsyQXpVlYigor7H7/kL1sZ33km8DQ2MGyQvxVsuBVQUiIp4vGyzwkAuhl+E4st7WSmJNLwgRdvfLrD95Cz+4rvn1eyKVSf8N7ST4tuSCBEhKGo0jWj1Xtz3d7tSrvDg0EmkBeYx0yO7DXrrO6CFDzRVOzNHIANq1S108Vbk9pIP8MSxRmDG/ujuRtZVfCqQ+Gee90NtaOzWng3VoG6UD8yORzhK6P8LHgabSzD/z60q4TW4lP9UzrUJl5vwXhYex9nBffN46Faqprpeh9UenOSoK5mjo5IFHMsUPeZXRz/TMt4tvKTr05eqsnO0K8aB2K6a+ki/AG8ZeqK1wkRITuOXKZOCnY/eKBgomgMmUCcI5PaV6q/EDGMg6nM1f0Z2LiYeANnlmnrO5pFlRLVLYBCXnNJHhJjRSy+ZO80FpoLvevEixWwu8vwIDAQABo1MwUTAdBgNVHQ4EFgQUPz3jpejTT5x5UQq4d7xFamJ+VdgwHwYDVR0jBBgwFoAUPz3jpejTT5x5UQq4d7xFamJ+VdgwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAQsjrMQmq8yVsmxXSI8uGPYkXOCe1qs/IH0ILr0+kOryF/i9UCp8k1LZZXjQnhpnwwSg2tLM0n5uvEUBWF/fNfIAtzszpc/Zzz37Q6qRWuwiQ7XwN46LvybTvrKR1fhSC+9JQbQUhWWYbCTjzQq7e0r6NYZF7G9VtcDcjdhbKcDy/Mh0FSdAzKTb1h+jpkzkGgpwPThMidwOZsBq9k6XXwx+U5emtAy6KWaXfQqMoYl7+TxP/oqjrcptYjiFdUPevmBNUF8+opzTW8vyYbH2sCiSV1dhbOHeG4ZwU1PSdLfN61oUWc7zU4YWpQIuGVr5PBDB4yBbC5irmmbAPak18RvUFiNnJsWcgSuEcXQ8G6ATFCd95Whfj9gPAQiDRuVWT6O6CbIEse5SlV2kAJ3s42cSPi2W+7rwAC0/8AyE24yujhHaUv9FRNwodsj2uQnMMDfYDzFcEHFPJBEpzmGfhn9bADyjJky4xVadVtfnTwblDM005/MwkvFIB3Bup/zJs1Ku3Z4HzEz3ehkUhrRboFj7dbEb3EfQQ1wL5U0cZaHhTeay7mEU7UrEqnacb3SVIZwxk2qwsbN9HwexQvKHipIRfTcQJBZPr0wLWS2R0ExCKbbEHNJJDWWXngRGDz9nyGLe6ShACpAoZ6Nb8AU7Bf/TdwwOv2Hu0DErQkro8OsQ=",
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"cve": [
{
"id": "CVE-1999-0070",
"score": 5,
"severity": "medium"
},
{
"id": "CVE-1999-1199",
"score": 10,
"severity": "high"
},
{
"id": "CVE-2023-25690",
"score": 9.8,
"severity": "critical"
}
],
"url": "https://208.123.119.176/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-20T22:41:11.04Z"
},
{
"port": 5000,
"protocol": "tcp",
"name": "http",
"version": "",
"product": "Apache httpd",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:apache:http_server",
"part": "a",
"vendor": "apache",
"product": "http_server",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body": "<HTML>\n<HEAD>\n<base href=\"/\">\n<!--[if IE]>\n <script type=\"text/javascript\">\n (function() {\n var baseTag = document.getElementsByTagName('base')[0];\n if (!(/^http/i).test(baseTag.href)) { // in case browser already translate to absolute path\n baseTag.href = location.protocol + '//' + location.host + baseTag.href;\n }\n baseTag.href = baseTag.href; // IE9 not correctly loading resources issue.\n })();\n </script>\n<![endif]-->\n<TITLE>Login</TITLE>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n<link rel='stylesheet' type='text/css' href='/styles/falcon_content.css?__version=1711569495'/>\n<style type=\"text/css\">\ntd {\n\tfont-family: Verdana, Arial, Helvetica, sans-serif;\n\tfont-weight: bold;\n\tcolor: black; /*#FFFFFF; */\n}\n.msg {\n background-color: #FBFEFF;\n border: 3px solid #C0D5E5;\n border-radius: 10px;\n -moz-border-radius: 10px;\n margin-top: 20px;\n padding-left: 20px;\n padding-right: 20px;\n max-height: 150px;\n max-width: 550px;\n overflow: auto;\n visibility: hidden;\n}\n.alert {font-weight: bold;color: red;}\n\nhtml{display : none ; }\nbody {\n overflow-y: auto;\n}\n</style>\n</HEAD>\n<BODY bgcolor=\"#F2F6FA\">\n <table width=\"100%\" style=\"height:100%\">\n <tr>\n <td align=\"center\" valign='middle'>\n <!-- BEGIN PAN_FORM_CONTENT -->\n<!--suppress HtmlUnknownAttribute -->\n<form name=\"login\" id=\"login_form\" method=\"post\" action=\"\" autocomplete=\"off\">\n<!-- hidden variables, we are going to set this to the session, bug fix 2157 -->\n<input type=\"hidden\" name=\"prot\" value=\"\">\n<input type=\"hidden\" name=\"server\" value=\"\">\n\n<input type=\"hidden\" name=\"authType\" value=\"init\">\n<input type=\"hidden\" name=\"challengeCookie\" value=\"\">\n\n<div id=\"taLogin\" >\n<script src='js/3rdParty/es5-shim-3.4.0x/es5-shim.js'></script>\n<script src='js/3rdParty/es5-shim-3.4.0/es5-sham.js'></script>\n<script src='js/3rdParty/umd-0.4.10/umd.js'></script>\n<script src='js/3rdParty/ext/adapter/ext/ext-base.js'></script>\n<script src='js/3rdParty/ext/ext-all.js'></script>\n<script src='js/pan/_umd.require.config.js'></script>\n<script src='js/Pan.js'></script>\n<script src='js/pan/base/util.js'></script>\n<script src='js/pan/base/msg.js'></script>\n<script src='js/pan/base.js'></script>\n<script src='js/pan/base/cookie.js'></script>\n<script src='js/pan/test/QaAutomation.js'></script>\n<script type=\"text/javascript\">\nvar cacUserName = \"\";\n// initialize upon load to let all browsers establish content objects\nfunction initDHTMLAPI() {\n if (document.images) {\n window.isIE6CSS = (document.compatMode && document.compatMode.indexOf(\"CSS1\") >= 0) ? true : false;\n }\n if(Ext.isIE){\n if (new RegExp(/msie ([0-9]{1,})/i).exec(navigator.userAgent) != null) {\n var rv = parseFloat( RegExp.$1 ); // ie version\n if (rv > 9) {\n // 10 and above\n Pan.base.cookie.set('isAboveIE10',rv);\n }\n }\n } else if (new RegExp(/trident/i).exec(navigator.userAgent) != null) {\n Pan.base.cookie.set('isAboveIE10','10'); // 11 and above always treat it as 10. Ext.isIE failed here\n }\n}\n\n// Return the available content width space in browser window\n\nfunction getInsideWindowWidth() {\n if (window.innerWidth) {\n return window.innerWidth;\n } else if (isIE6CSS) {\n // measure the html elements clientWidth\n return document.body.parentElement.clientWidth;\n } else if (document.body && document.body.clientWidth) {\n return document.body.clientWidth;\n }\n return 0;\n}\n\n// Return the available content height space in browser window\nfunction getInsideWindowHeight() {\n if (window.innerHeight) {\n return window.innerHeight;\n } else if (isIE6CSS) {\n // measure the html elements clientHeight\n return document.body.parentElement.clientHeight;\n } else if (document.body && document.body.clientHeight) {\n return document.body.clientHeight;\n }\n return 0;\n}\n\nfunction hideElement() {\n for (var i=0; i < arguments.length; i++) {\n var dv = document.getElementById(arguments[i]);\n if(dv) {\n dv.style.display = \"none\";\n }\n }\n}\n\nfunction showWait(show){\n if(show){\n hideElement(\"trInitName\", \"trInitPwd\", \"trLoginBtn\", 'trInitLocale');\n var dv = document.getElementById(\"wdiv\");\n if(dv) dv.style.display=\"block\";\n }\n}\n\nfunction get_url_param( name )\n{\n name = name.replace(/[\\[]/,\"\\\\\\[\").replace(/[\\]]/,\"\\\\\\]\");\n var regexS = \"[\\\\?&]\"+name+\"=([^&#]*)\";\n var regex = new RegExp( regexS );\n var results = regex.exec( window.location.href );\n if( results == null )\n return \"\";\n else\n return results[1];\n}\n\n//\nfunction loadPage() {\n\n initDHTMLAPI();\n\n var errMsg = \"\";\n if (0) {\n var issuesMsg = \"<li><pre></pre>\";\n errMsg = issuesMsg;\n } else if (0) {\n var upgradeLogMsg = \"<li>\";\n errMsg = upgradeLogMsg;\n }\n\n var thisForm = document.getElementById(\"login_form\");\n\n var respStatus = \"Success\";\n var redirectUrl = \"\";\n if (respStatus == \"Warning\") {\n alert(\"\");\n showWait(true);\n Pan.base.cookie.set(\"isFromLogin\", \"true\", 1);\n window.location.href = redirectUrl;\n } else if (respStatus == \"Error\") {\n if (errMsg != \"\")\n errMsg += \"<br><br>\";\n\n errMsg += \"<li>\";\n } else if (respStatus == \"Success\") {\n if (\"yes\" == \"yes\") {\n if (\"yes\" == \"no\") {\n // no password needed\n if (!cacUserName) {\n // if password is not needed and there is no user name it means cac check failed or something\n errMsg += \"<li>Insufficient credentials.\";\n\n // don't show any username/password fields and login button\n hideElement(\"trInitName\", \"trInitPwd\", \"trLoginBtn\", 'trInitLocale');\n } else {\n thisForm.user.value = cacUserName;\n\n\n // fill the authType field with \"cacOnly\" so that when we submit the form we know what to do\n // at the back end\n thisForm.authType.value = \"cacOnly\";\n\n /* KK Test - for now it looks like this automatic submit is not working. Show\n * the submit button for now. When we uncomment this we should move it to after\n * showing/hiding the buttons below\n // fill in stuff as if submit was clicked\n submitClicked();\n\n // then submit the form\n thisForm.submit();\n //document.getElementById(\"trLoginBtn\").onclick();\n */\n\n // hide some of the fields in the form\n hideElement(\"trInitName\", \"trInitPwd\");\n // showing the login button for now\n //document.getElementById(\"trLoginBtn\").style.display = \"none\";\n document.getElementById(\"trLoginBtn\").style.display = \"block\";\n\n // show the creating user session message\n document.getElementById(\"wdiv\").style.display = \"block\";\n document.getElementById(\"wdiv\").innerHTML = \"Click the login button to login as\" + ' ' + cacUserName;\n }\n\n } else {\n // password needed, just go on to show the page\n\n // fill the userName field\n thisForm.user.value = cacUserName;\n }\n } else {\n // everything ok, just redirect to next page\n var expMsg = \"\";\n if (expMsg != \"\" ) {\n alert(expMsg);\n //document.getElementById(\"wdiv\").innerHTML = \"<span style=\\\"color:#166D7D\\\">\" + expMsg + \"</span><br>\" + document.getElementById(\"wdiv\").innerHTML ;\n }\n showWait(true);\n Pan.base.cookie.set(\"isFromLogin\", \"true\", 1);\n window.location.href = redirectUrl;\n }\n } else if (respStatus == \"Challenge\") {\n // hide the init name/pwd row and show the challenge msg/pwd row\n hideElement(\"trInitName\", \"trInitPwd\");\n document.getElementById(\"trChallengeMsg\").style.display = \"\";\n document.getElementById(\"trChallengePwd\").style.display = \"\";\n\n // fill the challenge msg field\n document.getElementById('spChallengeMsg').innerHTML = \"\";\n\n // fill the authType and challengeCookie field\n thisForm.authType.value = \"challenge\";\n thisForm.challengeCookie.value = \"\";\n\n // also fill the user field with the previously entered user name\n thisForm.user.value = user;\n\n }\n // respStatus can also be \"\" when we come to this page the first time\n\n if (errMsg != \"\") {\n var divObj = document.getElementById(\"dError\");\n\n divObj.style.display = \"block\";\n divObj.innerHTML = errMsg;\n }\n\n if (document.login.user.value == '') {\n var nameRow = document.getElementById('trInitName');\n if (nameRow && nameRow.style.display != \"none\") {\n // use this to check if this field is visible\n document.login.user.focus();\n }\n }\n\n}\n\nfunction submitClicked() {\n var thisForm = document.getElementById(\"login_form\");\n // hide the error div, just incase it was showing.\n var divObj = document.getElementById(\"dError\");\n\n divObj.style.display = \"none\";\n divObj.innerHTML = \"\";\n\n // fill the hidden fields for prot and server, bug fix 2157\n var prot = window.location.protocol;\n var server = window.location.host;\n //alert(\"prot: \" + prot + \", server: \" + server);\n thisForm.prot.value = prot;\n thisForm.server.value = server;\n}\n\nfunction checkCapsLock(e){\n var el = document.getElementById('divcl');\n if (!el) return;\n\n var keycode = e.keyCode? e.keyCode : e.which;\n var shift = e.shiftKey? e.shiftKey : !!(keycode == 16);\n\n if((keycode >= 65 && keycode <= 90 && !shift) || (keycode >= 97 && keycode <= 122 && shift))\n el.style.visibility = 'visible';\n else\n el.style.visibility = 'hidden';\n}\n\nfunction checkCapsLockChallenge(e){\n var el = document.getElementById('divclChallenge');\n if (!el) return;\n\n var keycode = e.keyCode? e.keyCode : e.which;\n var shift = e.shiftKey? e.shiftKey : !!(keycode == 16);\n\n if((keycode >= 65 && keycode <= 90 && !shift) || (keycode >= 97 && keycode <= 122 && shift))\n el.style.visibility = 'visible';\n else\n el.style.visibility = 'hidden';\n}\n\nExt.onReady(function(){\n var ml = 20;\n ml = 63;\n var btn = Ext.get('submit');\n if (btn) {\n btn.on('click', submitClicked);\n }\n var u = Ext.get('user');\n if (u && u.dom) {\n u = Ext.get('user').dom;\n var uname = Pan.base.param('user') || '';\n if (uname) {\n u.value = uname;\n }\n u.maxlength = ml;\n }\n loadPage();\n var msgE = Ext.getDoc().child('.msg');\n if (msgE) {\n if (Ext.isIE8) {\n var prefMaxWidth = msgE.getStyle('max-width').replace(/px$/, '');\n var prefMaxHeight = msgE.getStyle('max-height').replace(/px$/, '');\n if (msgE.getHeight() > prefMaxHeight) {\n msgE.setHeight(prefMaxHeight);\n }\n if (msgE.getWidth() > prefMaxWidth) {\n msgE.setWidth(prefMaxWidth);\n }\n }\n if (\"\") {\n var fieldSet = Ext.create({\n title: \"I Accept and Acknowledge the Statement Below\",\n xtype: \"fieldset\",\n checkboxToggle: true,\n onCheckClick: function() {\n Ext.fly(\"submit\").dom.disabled = !this.getValue();\n },\n getValue: function() {\n if (this.checkbox) {\n return this.checkbox.dom.checked;\n }\n },\n renderTo: 'motd',\n bodyCfg: {\n html: msgE.dom.innerHTML\n }\n\n });\n fieldSet.checkbox.dom.checked = false;\n Ext.fly(\"submit\").dom.disabled = !fieldSet.getValue();\n } else {\n Ext.fly('motd').appendChild(msgE);\n msgE.setStyle({visibility: 'visible'});\n }\n }\n});\n\nif( self == top ) {\n document.documentElement.style.display = 'block' ;\n} else {\n top.location = self.location ;\n}\n\nfunction doSubmit(thisform)\n{\n return true;\n}\n</script>\n<table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" class=\"loginscreen_logo pan-form\">\n <tr>\n <td height=\"125\"> </td>\n </tr>\n <tr>\n <td height=\"167\" style=\"background-repeat:no-repeat; text-align:left; padding-left:110px;\">\n <table border=\"0\" cellpadding=\"0\" cellspacing=\"0\">\n <tr> <td colspan=\"2\"> </td></tr>\n <tr>\n <td align=\"center\" colspan=\"2\">\n <div id=\"wdiv\" style=\"display:none\">\n <span style=\"color:#166D7D\"><strong>Creating administrative session. Please wait...</strong></span>\n </div>\n </td>\n </tr>\n <tr> <td colspan=\"2\"> </td></tr>\n </table>\n <table border=\"0\" cellpadding=\"0\" cellspacing=\"0\">\n <tr id=\"trInitName\" style=\"display: block\">\n <td width=\"77\" height=\"30\"><label for=\"user\">Name</label></td>\n <td><input type=\"text\" id=\"user\" name=\"user\" size=\"19\"></td>\n </tr>\n <tr id=\"trInitPwd\" style=\"display: block\">\n <td height=\"30\" width=\"77\"><label for=\"passwd\">Password</label></td>\n <td>\n <input type=\"password\" maxlength=\"63\" size=\"19\" id=\"passwd\" name=\"passwd\" onKeyPress=\"checkCapsLock(event)\">\n <span id=\"divcl\" style=\"visibility:hidden\"><img src=\"images/ssl_decryption.gif\" title=\"CAPS LOCK\" alt=\"CAPS LOCK\"/></span>\n <td>\n </tr>\n <tr id=\"trInitLocale\" style=\"display: none\">\n <td height=\"30\" width=\"77\">Language</td>\n <td></td>\n <td></td>\n </tr>\n <tr id=\"trChallengeMsg\" style=\"display: none\">\n <td height=\"30\" colspan=\"2\">\n <span id=\"spChallengeMsg\"></span>\n </td>\n </tr>\n <tr id=\"trChallengePwd\" style=\"display: none\">\n <td height=\"30\" colspan=\"2\">\n <label for=\"challengePwd\"></label><input type=\"password\" name=\"challengePwd\" id=\"challengePwd\" size=\"19\" maxlength=\"63\" onKeyPress=\"checkCapsLockChallenge(event);\">\n <span id=\"divclChallenge\" style=\"visibility:hidden\"><img src=\"images/ssl_decryption.gif\" title=\"CAPS LOCK\" alt=\"CAPS LOCK\"/></span>\n </td>\n </tr>\n <tr>\n <td colspan=\"2\"> </td>\n </tr>\n <tr id=\"trLoginBtn\" style=\"display: block\">\n <td width=\"77\"> </td>\n <td><input class=\"buttonFixed\" type=\"submit\" id=\"submit\" name=\"ok\" value=\"Login\" onclick=\"return doSubmit(this.form);\" style=\"margin-left:0\">\n </tr>\n </table>\n </td>\n </tr>\n <tr>\n <td> </td>\n </tr>\n</table>\n<table border=\"0\" cellpadding=\"0\" cellspacing=\"0\">\n <tr>\n <td><div id=\"dError\" style=\"display:none\"> </div></td>\n </tr>\n <tr>\n <td><div id=\"motd\"></div></td>\n </tr>\n</table>\n</div>\n</form>\n<!-- END PAN_FORM_CONTENT -->\n </td>\n </tr>\n </table>\n </BODY>\n</HTML>\n\n<!--\n\t __LOGIN_PAGE__\n-->\n\n<!--\n\t __LOGIN_PAGE_FOR_PANORAMA_BACKWARD_COMPATIBILITY__\n-->\n\n",
"body_murmur": -627441520,
"body_sha256": "639f0351cd1bb83ebbfa05f1a2d28f883e18e945a1bd64f35d8e8a1735df01cd",
"component": [
"Apache HTTP Server"
],
"content_length": -1,
"favicon": {
"md5_hash": "f49c4a4bde1eec6c0b80c2277c76e3db",
"murmur_hash": 1165838194,
"path": "http://208.123.119.176:5000/favicon.ico",
"size": 1150
},
"headers": {
"cache_control": [
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0"
],
"connection": [
"keep-alive"
],
"content_security_policy": [
"default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:;"
],
"content_type": [
"text/html"
],
"date": [
"Thu, 17 Jul 2025 22:51:48 GMT"
],
"etag": [
"\"27dc0-9db-5c831446\""
],
"pragma": [
"no-cache"
],
"server": [
"Apache"
],
"set_cookie": [
"PHPSESSID=d95b67ea15a3acae4949bd0a107beae1; path=/; secure; HttpOnly"
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"request": {
"headers": {
"accept": [
"*/*"
],
"user_agent": [
"Mozilla/5.0 (compatible; Odin; https://docs.getodin.com/)"
]
},
"method": "GET",
"url": {
"host": "208.123.119.176:5000",
"path": "",
"scheme": "http"
}
},
"status_code": 200,
"title": "Login",
"transfer_encoding": [
"chunked"
]
},
"solrdb": {
"directory": "/var/solr/data",
"impl_version": "8.1.1 fcbe46c28cef11bc058779afba09521de1b19bef - ab - 2019-05-22 15:20:01",
"index": [
"test"
],
"jvm": {
"stats": "Oracle Corporation OpenJDK 64-Bit Server VM",
"version": "11.0.4 11.0.4+11"
},
"lucene": {
"impl_version": "8.1.1 fcbe46c28cef11bc058779afba09521de1b19bef - ab - 2019-05-22 15:15:24",
"spec_version": "8.1.1"
},
"system": {
"arch": "amd64",
"name": "Linux",
"uname": "Linux e49117e64379 5.14.0-1059-oem #67-Ubuntu SMP Mon Mar 13 14:22:10 UTC 2023 x86_64 GNU/Linux\n",
"version": "5.14.0-1059-oem"
},
"version": "8.1.1",
"vm": {
"name": "OpenJDK 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "11.0.4+11"
}
}
},
"cve": [
{
"id": "CVE-1999-0070",
"score": 5,
"severity": "medium"
},
{
"id": "CVE-1999-1199",
"score": 10,
"severity": "high"
},
{
"id": "CVE-2023-25690",
"score": 9.8,
"severity": "critical"
}
],
"url": "http://208.123.119.176:5000/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-17T22:51:50.38Z"
},
{
"port": 8500,
"protocol": "tcp",
"name": "http",
"version": "",
"product": "Apache httpd",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:apache:http_server",
"part": "a",
"vendor": "apache",
"product": "http_server",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body": "<!doctype html><html>\r\n<head>\r\n<title>Directory Listing For [/]</title>\r\n<style>body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style> </head>\r\n<body><h1>Directory Listing For [/]</h1><hr class=\"line\"><table width=\"100%\" cellspacing=\"0\" cellpadding=\"5\" align=\"center\">\r\n<tr>\r\n<td align=\"left\"><font size=\"+1\"><strong>Filename</strong></font></td>\r\n<td align=\"center\"><font size=\"+1\"><strong>Size</strong></font></td>\r\n<td align=\"right\"><font size=\"+1\"><strong>Last Modified</strong></font></td>\r\n</tr><tr>\r\n<td align=\"left\"> \r\n<a href=\"/CFIDE/\"><tt>CFIDE/</tt></a></td>\r\n<td align=\"right\"><tt> </tt></td>\r\n<td align=\"right\"><tt>Fri, 11 Nov 2022 07:20:53 GMT</tt></td>\r\n</tr>\r\n<tr bgcolor=\"#eeeeee\">\r\n<td align=\"left\"> \r\n<a href=\"/cf_scripts/\"><tt>cf_scripts/</tt></a></td>\r\n<td align=\"right\"><tt> </tt></td>\r\n<td align=\"right\"><tt>Fri, 11 Nov 2022 07:19:54 GMT</tt></td>\r\n</tr>\r\n<tr>\r\n<td align=\"left\"> \r\n<a href=\"/crossdomain.xml\"><tt>crossdomain.xml</tt></a></td>\r\n<td align=\"right\"><tt>0.3 kb</tt></td>\r\n<td align=\"right\"><tt>Mon, 24 Mar 2025 13:31:59 GMT</tt></td>\r\n</tr>\r\n</table>\r\n<hr class=\"line\"><h3>Apache Tomcat/9.0.60</h3></body>\r\n</html>\r\n",
"body_murmur": -1787269617,
"body_sha256": "7c78719286b66817511c7248e7dd9da043991b6e9e6464b68bcf54d14be54d0d",
"component": [
"Apache HTTP Server"
],
"content_length": 1402,
"favicon": {
"md5_hash": "eb0e997e52e0fcc02491bdce9c660128",
"murmur_hash": -860227395,
"path": "http://208.123.119.176:8500/favicon.ico",
"size": 15406
},
"headers": {
"content_length": [
"1402"
],
"content_type": [
"text/html;charset=UTF-8"
],
"date": [
"Tue, 15 Jul 2025 06:51:50 GMT"
],
"server": [
"Apache"
]
},
"protocol": "HTTP/1.1",
"request": {
"headers": {
"accept": [
"*/*"
],
"user_agent": [
"Mozilla/5.0 (compatible; Odin; https://docs.getodin.com/)"
]
},
"method": "GET",
"url": {
"host": "208.123.119.176:8500",
"path": "",
"scheme": "http"
}
},
"status_code": 200,
"title": "Directory Listing For [/]"
},
"solrdb": {
"directory": "/var/solr/data",
"impl_version": "8.1.1 fcbe46c28cef11bc058779afba09521de1b19bef - ab - 2019-05-22 15:20:01",
"index": [
"test"
],
"jvm": {
"stats": "Oracle Corporation OpenJDK 64-Bit Server VM",
"version": "11.0.4 11.0.4+11"
},
"lucene": {
"impl_version": "8.1.1 fcbe46c28cef11bc058779afba09521de1b19bef - ab - 2019-05-22 15:15:24",
"spec_version": "8.1.1"
},
"system": {
"arch": "amd64",
"name": "Linux",
"uname": "Linux e49117e64379 5.14.0-1059-oem #67-Ubuntu SMP Mon Mar 13 14:22:10 UTC 2023 x86_64 GNU/Linux\n",
"version": "5.14.0-1059-oem"
},
"version": "8.1.1",
"vm": {
"name": "OpenJDK 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "11.0.4+11"
}
}
},
"cve": [
{
"id": "CVE-1999-0070",
"score": 5,
"severity": "medium"
},
{
"id": "CVE-1999-1199",
"score": 10,
"severity": "high"
},
{
"id": "CVE-2023-25690",
"score": 9.8,
"severity": "critical"
}
],
"url": "http://208.123.119.176:8500/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-15T06:51:52.468Z"
},
{
"port": 9200,
"protocol": "tcp",
"name": "http",
"version": "0.8.12",
"product": "nginx",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:igor_sysoev:nginx:0.8.12",
"part": "a",
"vendor": "igor_sysoev",
"product": "nginx",
"version": "0\\.8\\.12",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"elasticsearch": [],
"http": {
"body": "\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n<html>\n<head>\n <title>Login</title>\n<script type=\"text/javascript\">\n<!-- FIXME: add code to ensure we're the top-most frame -->\n if (document.getElementById('layout-doc') != null) {\n // Just refresh the page... login will take over\n window.location = window.location;\n }\n</script>\n <style type=\"text/css\">\n /* clickjacking defense */\n body { display : none; }\n </style>\n<link rel=\"stylesheet\" type=\"text/css\" href=\"/theme/com/sun/webui/jsf/suntheme/css/css_master.css\" />\n<link rel=\"stylesheet\" type=\"text/css\" href=\"/theme/com/sun/webui/jsf/suntheme/css/safari.css\" />\n<script type=\"text/javascript\">\ndjConfig={\n \"isDebug\": false,\n \"debugAtAllCosts\": false,\n \"parseWidgets\": false\n};\n</script>\n<script type=\"text/javascript\" src=\"/theme/META-INF/dojo/dojo.js\"></script>\n<script type=\"text/javascript\" src=\"/theme/META-INF/json/json.js\"></script>\n<script type=\"text/javascript\" src=\"/theme/META-INF/prototype/prototype.js\"></script>\n<script type=\"text/javascript\" src=\"/theme/META-INF/com_sun_faces_ajax.js\"></script>\n<script type=\"text/javascript\">\ndojo.hostenv.setModulePrefix(\"webui.suntheme\", \"/theme/com/sun/webui/jsf/suntheme/javascript\");\ndojo.require('webui.suntheme.*');\n</script>\n<link id=\"sun_link5\" rel=\"stylesheet\" type=\"text/css\" href=\"/resource/css/css_ns6up.css\" />\n\n</head>\n\n<body id=\"body3\" class=\"LogBdy\" focus=\"loginform.j_username\" style=\"background-color: #4A5C6A;\">\n <div id=\"header\"class=\"LogTopBnd\" style=\"height: 30px;\"></div>\n <div class=\"middle\">\n <div class=\"plugincontent\" style=\"width1: 1px; visibility: hidden;\">\n\n<div style=\"height: 435px;background: #ffffff url(/resource/community-theme/images/login-backimage-open.png);\n background-repeat:no-repeat;background-position:left top; width: 720px; margin: auto; margin: auto; -webkit-border-radius: 10px; -moz-border-radius: 10px; border-radius: 10px;\">\n <div style=\"width: 460px; padding-top: 160px; margin-left: 310px;\">\n<img id=\"sun_image11\" src=\"/resource/community-theme/images/login-product_name_open.png;jsessionid=2e17de6d2cbb24508f938bf2ec45\" alt=\"Payara Server Open Source Edition\" height=\"42\" width=\"329\" border=\"0\" />\n <form method=\"POST\" class=\"form\" name=\"loginform\" action=\"j_security_check\">\n <table role=\"presentation\">\n <tr>\n <td><label for=\"Login.username\" style=\"font-weight: bold;\">User Name:</label></td>\n <td><input type=\"text\" name=\"j_username\" id=\"Login.username\" tabindex=\"1\" value=\"admin\"></td>\n </tr>\n <tr>\n <td><label for=\"Login.password\" style=\"font-weight: bold;\">Password:</label>\n <td><input type=\"password\" name=\"j_password\" id=\"Login.password\" tabindex=\"2\">\n <tr>\n <td colspan=\"2\" align=\"center\">\n <input type=\"submit\" class=\"Btn1\"\n value=\"Login\"\n title=\"Log In to Payara Administration Console\" tabindex=\"3\"\n onmouseover=\"javascript: if (this.disabled==0) this.className='Btn1Hov'\"\n onmouseout=\"javascript: if (this.disabled==0) this.className='Btn1'\"\n onblur=\"javascript: if (this.disabled==0) this.className='Btn1'\"\n onfocus=\"javascript: if (this.disabled==0) this.className='Btn1Hov'\"\n name=\"loginButton\" id=\"loginButton\">\n \t <input type=\"hidden\" name=\"loginButton.DisabledHiddenField\" value=\"true\" />\n \t </td>\n\t </tr>\n\t </table>\n </form>\n </div>\n</div>\n\n <script type=\"text/javascript\">\n if (true) {\n //submitAndDisable(document.getElementById('loginButton'), 'Login');\n document.getElementById('loginButton').form.submit();\n //document.getElementById('loginButton').form.autocomplete=\"off\";\n }\n </script>\n </div>\n </div>\n <div class=\"footer\"\n style=\"color: #fff;\">\n <div id=\"copyright\" style=\"width: 720px; margin-left: auto; margin-right: auto; padding: 5px; text-align: center\">\n <span>Copyright © 2005, 2014, Oracle and/or its affiliates. Payara Portions Copyright © 2015-2016 C2B2 Consulting Limited. All rights reserved. Payara and Payara Server are trademarks of C2B2 Consulting Limited. Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.</span>\n </div>\n </div>\n <script src=\"/resource/js/cj.js\"></script>\n</body>\n</html>\n",
"body_murmur": 996121428,
"body_sha256": "89d7a87c95331bf14f3bffeaf5f0ab4db7c2f00f5b827700ebf22cbc32ab5e7f",
"content_length": -1,
"favicon": {
"md5_hash": "f49c4a4bde1eec6c0b80c2277c76e3db",
"murmur_hash": 1165838194,
"path": "http://208.123.119.176:9200/favicon.ico",
"size": 1150
},
"headers": {
"content_type": [
"text/html;charset=UTF-8"
],
"date": [
"Mon, 21 Jul 2025 12:51:50 GMT"
],
"server": [
"Payara Server 4.1.1.163 #badassfish"
],
"set_cookie": [
"JSESSIONID=2e17de6d2cbb24508f938bf2ec45; Path=/; HttpOnly"
],
"x_powered_by": [
"Servlet/3.1 JSP/2.3 (Payara Server 4.1.1.163 #badassfish Java/Oracle Corporation/1.8)"
]
},
"protocol": "HTTP/1.1",
"request": {
"headers": {
"accept": [
"*/*"
],
"user_agent": [
"Mozilla/5.0 (compatible; Odin; https://docs.getodin.com/)"
]
},
"method": "GET",
"url": {
"host": "208.123.119.176:9200",
"path": "",
"scheme": "http"
}
},
"status_code": 200,
"title": "Login",
"transfer_encoding": [
"chunked"
]
},
"solrdb": {
"directory": "/var/solr/data",
"impl_version": "8.1.1 fcbe46c28cef11bc058779afba09521de1b19bef - ab - 2019-05-22 15:20:01",
"index": [
"test"
],
"jvm": {
"stats": "Oracle Corporation OpenJDK 64-Bit Server VM",
"version": "11.0.4 11.0.4+11"
},
"lucene": {
"impl_version": "8.1.1 fcbe46c28cef11bc058779afba09521de1b19bef - ab - 2019-05-22 15:15:24",
"spec_version": "8.1.1"
},
"system": {
"arch": "amd64",
"name": "Linux",
"uname": "Linux e49117e64379 5.14.0-1059-oem #67-Ubuntu SMP Mon Mar 13 14:22:10 UTC 2023 x86_64 GNU/Linux\n",
"version": "5.14.0-1059-oem"
},
"version": "8.1.1",
"vm": {
"name": "OpenJDK 64-Bit Server VM",
"vendor": "Oracle Corporation",
"version": "11.0.4+11"
}
}
},
"url": "http://208.123.119.176:9200/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-21T12:51:53.374Z"
}
],
"services_hash": "e37f2adb2a72d9183274ad1672dc0ddf787c2672c0905a263c1c5217cf362e48",
"last_updated_at": "2025-07-21T12:51:53.374Z",
"banner": [
"elasticsearch",
"http",
"solrdb",
"ssh",
"tls"
],
"is_vuln": true,
"cveDetails": {
"CVE-1999-0070": {
"id": "CVE-1999-0070",
"references": [
"https://lists.apache.org/thread.html/rc5d27fc1e76dc5650e1a3f1db1de403120f4c2d041cb7352850455c2%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc5d27fc1e76dc5650e1a3f1db1de403120f4c2d041cb7352850455c2%40%3Cusers.httpd.apache.org%3E"
],
"score": 5,
"services": [
"443/http"
],
"severity": "medium",
"summary": "test-cgi program allows an attacker to list files on the server.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"weakness": "NVD-CWE-noinfo"
},
"CVE-1999-0431": {
"id": "CVE-1999-0431",
"references": [
"https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0431",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0431"
],
"score": 5,
"services": [
"22/ssh"
],
"severity": "medium",
"summary": "Linux 2.2.3 and earlier allow a remote attacker to perform an IP fragmentation attack, causing a denial of service.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "NVD-CWE-Other"
},
"CVE-1999-0656": {
"id": "CVE-1999-0656",
"references": [
"http://ca.com/au/securityadvisor/vulninfo/Vuln.aspx?ID=1638",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/348",
"http://ca.com/au/securityadvisor/vulninfo/Vuln.aspx?ID=1638",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/348"
],
"score": 5,
"services": [
"22/ssh"
],
"severity": "medium",
"summary": "The ugidd RPC interface, by design, allows remote attackers to enumerate valid usernames by specifying arbitrary UIDs that ugidd maps to local user and group names.",
"vector_string": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"weakness": "CWE-16"
},
"CVE-1999-1199": {
"id": "CVE-1999-1199",
"references": [
"http://marc.info/?l=bugtraq&m=90252779826784&w=2",
"http://marc.info/?l=bugtraq&m=90276683825862&w=2",
"http://marc.info/?l=bugtraq&m=90280517007869&w=2",
"http://marc.info/?l=bugtraq&m=90286768232093&w=2",
"http://www.redhat.com/support/errata/rh51-errata-general.html#apache",
"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"http://marc.info/?l=bugtraq&m=90252779826784&w=2",
"http://marc.info/?l=bugtraq&m=90276683825862&w=2",
"http://marc.info/?l=bugtraq&m=90280517007869&w=2",
"http://marc.info/?l=bugtraq&m=90286768232093&w=2",
"http://www.redhat.com/support/errata/rh51-errata-general.html#apache",
"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
],
"score": 10,
"services": [
"443/http"
],
"severity": "high",
"summary": "Apache WWW server 1.3.1 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via a large number of MIME headers with the same name, aka the \"sioux\" vulnerability.",
"vector_string": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"weakness": "NVD-CWE-Other"
},
"CVE-1999-1285": {
"id": "CVE-1999-1285",
"references": [
"http://marc.info/?l=bugtraq&m=91495921611500&w=2",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/1472",
"http://marc.info/?l=bugtraq&m=91495921611500&w=2",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/1472"
],
"score": 2.1,
"services": [
"22/ssh"
],
"severity": "low",
"summary": "Linux 2.1.132 and earlier allows local users to cause a denial of service (resource exhaustion) by reading a large buffer from a random device (e.g. /dev/urandom), which cannot be interrupted until the read has completed.",
"vector_string": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "NVD-CWE-Other"
},
"CVE-1999-1442": {
"id": "CVE-1999-1442",
"references": [
"http://uwsg.iu.edu/hypermail/linux/kernel/9805.3/0855.html",
"http://www.cs.helsinki.fi/linux/linux-kernel/Year-1998/1998-25/0816.html",
"http://www.securityfocus.com/bid/105"
],
"score": 7.2,
"services": [
"22/ssh"
],
"severity": "high",
"summary": "Bug in AMD K6 processor on Linux 2.0.x and 2.1.x kernels allows local users to cause a denial of service (crash) via a particular sequence of instructions, possibly related to accessing addresses outside of segments.",
"vector_string": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"weakness": "NVD-CWE-Other"
},
"CVE-2007-2768": {
"id": "CVE-2007-2768",
"references": [
"http://archives.neohapsis.com/archives/fulldisclosure/2007-04/0635.html",
"http://www.osvdb.org/34601",
"https://security.netapp.com/advisory/ntap-20191107-0002/",
"http://archives.neohapsis.com/archives/fulldisclosure/2007-04/0635.html",
"http://www.osvdb.org/34601",
"https://security.netapp.com/advisory/ntap-20191107-0002/"
],
"score": 4.3,
"services": [
"22/ssh"
],
"severity": "medium",
"summary": "OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.",
"vector_string": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"weakness": "CWE-200"
},
"CVE-2008-3844": {
"id": "CVE-2008-3844",
"references": [
"http://secunia.com/advisories/31575",
"http://secunia.com/advisories/32241",
"http://securitytracker.com/id?1020730",
"http://support.avaya.com/elmodocs2/security/ASA-2008-399.htm",
"http://www.redhat.com/security/data/openssh-blacklist.html",
"http://www.redhat.com/support/errata/RHSA-2008-0855.html",
"http://www.securityfocus.com/bid/30794",
"http://www.vupen.com/english/advisories/2008/2821",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/44747",
"http://secunia.com/advisories/31575",
"http://secunia.com/advisories/32241",
"http://securitytracker.com/id?1020730",
"http://support.avaya.com/elmodocs2/security/ASA-2008-399.htm",
"http://www.redhat.com/security/data/openssh-blacklist.html",
"http://www.redhat.com/support/errata/RHSA-2008-0855.html",
"http://www.securityfocus.com/bid/30794",
"http://www.vupen.com/english/advisories/2008/2821",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/44747"
],
"score": 9.3,
"services": [
"22/ssh"
],
"severity": "high",
"summary": "Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.",
"vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"weakness": "CWE-20"
},
"CVE-2022-3424": {
"id": "CVE-2022-3424",
"references": [
"https://bugzilla.redhat.com/show_bug.cgi?id=2132640",
"https://github.com/torvalds/linux/commit/643a16a0eb1d6ac23744bb6e90a00fc21148a9dc",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html",
"https://lore.kernel.org/all/20221019031445.901570-1-zyytlz.wz%40163.com/",
"https://security.netapp.com/advisory/ntap-20230406-0005/",
"https://www.spinics.net/lists/kernel/msg4518970.html",
"https://bugzilla.redhat.com/show_bug.cgi?id=2132640",
"https://github.com/torvalds/linux/commit/643a16a0eb1d6ac23744bb6e90a00fc21148a9dc",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html",
"https://lore.kernel.org/all/20221019031445.901570-1-zyytlz.wz%40163.com/",
"https://security.netapp.com/advisory/ntap-20230406-0005/",
"https://www.spinics.net/lists/kernel/msg4518970.html"
],
"score": 7.8,
"services": [
"22/ssh"
],
"severity": "high",
"summary": "A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by the user, where a fail pass occurs in the gru_check_chiplet_assignment function. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"vector_string": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-416"
},
"CVE-2022-3707": {
"id": "CVE-2022-3707",
"references": [
"https://bugzilla.redhat.com/show_bug.cgi?id=2137979",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html",
"https://lore.kernel.org/all/20221007013708.1946061-1-zyytlz.wz%40163.com/",
"https://bugzilla.redhat.com/show_bug.cgi?id=2137979",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html",
"https://lore.kernel.org/all/20221007013708.1946061-1-zyytlz.wz%40163.com/"
],
"score": 5.5,
"services": [
"22/ssh"
],
"severity": "medium",
"summary": "A double-free memory flaw was found in the Linux kernel. The Intel GVT-g graphics driver triggers VGA card system resource overload, causing a fail in the intel_gvt_dma_map_guest_page function. This issue could allow a local user to crash the system.",
"vector_string": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-460"
},
"CVE-2023-0030": {
"id": "CVE-2023-0030",
"references": [
"https://bugzilla.redhat.com/show_bug.cgi?id=2157270",
"https://github.com/torvalds/linux/commit/729eba3355674f2d9524629b73683ba1d1cd3f10",
"https://security.netapp.com/advisory/ntap-20230413-0010/",
"https://bugzilla.redhat.com/show_bug.cgi?id=2157270",
"https://github.com/torvalds/linux/commit/729eba3355674f2d9524629b73683ba1d1cd3f10",
"https://security.netapp.com/advisory/ntap-20230413-0010/",
"https://bugzilla.redhat.com/show_bug.cgi?id=2157270"
],
"score": 7.8,
"services": [
"22/ssh"
],
"severity": "high",
"summary": "A use-after-free flaw was found in the Linux kernel’s nouveau driver in how a user triggers a memory overflow that causes the nvkm_vma_tail function to fail. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"vector_string": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-416"
},
"CVE-2023-1390": {
"id": "CVE-2023-1390",
"references": [
"https://gist.github.com/netspooky/bee2d07022f6350bb88eaa48e571d9b5",
"https://github.com/torvalds/linux/commit/b77413446408fdd256599daf00d5be72b5f3e7c6",
"https://infosec.exchange/%40_mattata/109427999461122360",
"https://security.netapp.com/advisory/ntap-20230420-0001/",
"https://gist.github.com/netspooky/bee2d07022f6350bb88eaa48e571d9b5",
"https://github.com/torvalds/linux/commit/b77413446408fdd256599daf00d5be72b5f3e7c6",
"https://infosec.exchange/%40_mattata/109427999461122360",
"https://security.netapp.com/advisory/ntap-20230420-0001/"
],
"score": 7.5,
"services": [
"22/ssh"
],
"severity": "high",
"summary": "A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipc_link_xmit() hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization for the system to instantly spike to 100%, causing a denial of service condition.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-1050"
},
"CVE-2023-25690": {
"id": "CVE-2023-25690",
"references": [
"http://packetstormsecurity.com/files/176334/Apache-2.4.55-mod_proxy-HTTP-Request-Smuggling.html",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2023/04/msg00028.html",
"https://security.gentoo.org/glsa/202309-01",
"http://packetstormsecurity.com/files/176334/Apache-2.4.55-mod_proxy-HTTP-Request-Smuggling.html",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2023/04/msg00028.html",
"https://security.gentoo.org/glsa/202309-01"
],
"score": 9.8,
"services": [
"443/http"
],
"severity": "critical",
"summary": "Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack.\n\n\n\n\nConfigurations are affected when mod_proxy is enabled along with some form of RewriteRule\n or ProxyPassMatch in which a non-specific pattern matches\n some portion of the user-supplied request-target (URL) data and is then\n re-inserted into the proxied request-target using variable \nsubstitution. For example, something like:\n\n\n\n\nRewriteEngine on\nRewriteRule \"^/here/(.*)\" \"http://example.com:8080/elsewhere?$1\"; [P]\nProxyPassReverse /here/ http://example.com:8080/\n\n\nRequest splitting/smuggling could result in bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. Users are recommended to update to at least version 2.4.56 of Apache HTTP Server.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-444"
},
"CVE-2023-27522": {
"id": "CVE-2023-27522",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2023/04/msg00028.html",
"https://security.gentoo.org/glsa/202309-01"
],
"score": 7.5,
"services": [
"443/http"
],
"severity": "high",
"summary": "HTTP Response Smuggling vulnerability in Apache HTTP Server via mod_proxy_uwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55.nnSpecial characters in the origin response header can truncate/split the response forwarded to the client.nnn",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"weakness": "CWE-444"
},
"CVE-2023-28466": {
"id": "CVE-2023-28466",
"references": [
"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=49c47cc21b5b7a3d8deb18fc57b0aa2ab1286962",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html",
"https://security.netapp.com/advisory/ntap-20230427-0006/",
"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=49c47cc21b5b7a3d8deb18fc57b0aa2ab1286962",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html",
"https://security.netapp.com/advisory/ntap-20230427-0006/"
],
"score": 7,
"services": [
"22/ssh"
],
"severity": "high",
"summary": "do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference).",
"vector_string": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-476"
},
"CVE-2023-28531": {
"id": "CVE-2023-28531",
"references": [
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AN2UDTXEUSKFIOIYMV6JNI5VSBMYZOFT/",
"https://security.gentoo.org/glsa/202307-01",
"https://security.netapp.com/advisory/ntap-20230413-0008/",
"https://www.debian.org/security/2023/dsa-5586",
"https://www.openwall.com/lists/oss-security/2023/03/15/8",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AN2UDTXEUSKFIOIYMV6JNI5VSBMYZOFT/",
"https://security.gentoo.org/glsa/202307-01",
"https://security.netapp.com/advisory/ntap-20230413-0008/",
"https://www.debian.org/security/2023/dsa-5586",
"https://www.openwall.com/lists/oss-security/2023/03/15/8"
],
"score": 9.8,
"services": [
"22/ssh"
],
"severity": "critical",
"summary": "ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2023-38408": {
"id": "CVE-2023-38408",
"references": [
"http://packetstormsecurity.com/files/173661/OpenSSH-Forwarded-SSH-Agent-Remote-Code-Execution.html",
"http://www.openwall.com/lists/oss-security/2023/07/20/1",
"http://www.openwall.com/lists/oss-security/2023/07/20/2",
"http://www.openwall.com/lists/oss-security/2023/09/22/11",
"http://www.openwall.com/lists/oss-security/2023/09/22/9",
"https://blog.qualys.com/vulnerabilities-threat-research/2023/07/19/cve-2023-38408-remote-code-execution-in-opensshs-forwarded-ssh-agent",
"https://github.com/openbsd/src/commit/7bc29a9d5cd697290aa056e94ecee6253d3425f8",
"https://github.com/openbsd/src/commit/f03a4faa55c4ce0818324701dadbf91988d7351d",
"https://github.com/openbsd/src/commit/f8f5a6b003981bb824329dc987d101977beda7ca",
"https://lists.debian.org/debian-lts-announce/2023/08/msg00021.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CEBTJJINE2I3FHAUKKNQWMFGYMLSMWKQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RAXVQS6ZYTULFAK3TEJHRLKZALJS3AOU/",
"https://news.ycombinator.com/item?id=36790196",
"https://security.gentoo.org/glsa/202307-01",
"https://security.netapp.com/advisory/ntap-20230803-0010/",
"https://support.apple.com/kb/HT213940",
"https://www.openssh.com/security.html",
"https://www.openssh.com/txt/release-9.3p2",
"https://www.qualys.com/2023/07/19/cve-2023-38408/rce-openssh-forwarded-ssh-agent.txt",
"https://www.vicarius.io/vsociety/posts/exploring-opensshs-agent-forwarding-rce-cve-2023-38408",
"http://packetstormsecurity.com/files/173661/OpenSSH-Forwarded-SSH-Agent-Remote-Code-Execution.html",
"http://www.openwall.com/lists/oss-security/2023/07/20/1",
"http://www.openwall.com/lists/oss-security/2023/07/20/2",
"http://www.openwall.com/lists/oss-security/2023/09/22/11",
"http://www.openwall.com/lists/oss-security/2023/09/22/9",
"https://blog.qualys.com/vulnerabilities-threat-research/2023/07/19/cve-2023-38408-remote-code-execution-in-opensshs-forwarded-ssh-agent",
"https://github.com/openbsd/src/commit/7bc29a9d5cd697290aa056e94ecee6253d3425f8",
"https://github.com/openbsd/src/commit/f03a4faa55c4ce0818324701dadbf91988d7351d",
"https://github.com/openbsd/src/commit/f8f5a6b003981bb824329dc987d101977beda7ca",
"https://lists.debian.org/debian-lts-announce/2023/08/msg00021.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CEBTJJINE2I3FHAUKKNQWMFGYMLSMWKQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RAXVQS6ZYTULFAK3TEJHRLKZALJS3AOU/",
"https://news.ycombinator.com/item?id=36790196",
"https://security.gentoo.org/glsa/202307-01",
"https://security.netapp.com/advisory/ntap-20230803-0010/",
"https://support.apple.com/kb/HT213940",
"https://www.openssh.com/security.html",
"https://www.openssh.com/txt/release-9.3p2",
"https://www.qualys.com/2023/07/19/cve-2023-38408/rce-openssh-forwarded-ssh-agent.txt",
"https://www.vicarius.io/vsociety/posts/exploring-opensshs-agent-forwarding-rce-cve-2023-38408"
],
"score": 9.8,
"services": [
"22/ssh"
],
"severity": "critical",
"summary": "The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-428"
},
"CVE-2023-48795": {
"id": "CVE-2023-48795",
"references": [
"http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html",
"http://seclists.org/fulldisclosure/2024/Mar/21",
"http://www.openwall.com/lists/oss-security/2023/12/18/3",
"http://www.openwall.com/lists/oss-security/2023/12/19/5",
"http://www.openwall.com/lists/oss-security/2023/12/20/3",
"http://www.openwall.com/lists/oss-security/2024/03/06/3",
"http://www.openwall.com/lists/oss-security/2024/04/17/8",
"https://access.redhat.com/security/cve/cve-2023-48795",
"https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/",
"https://bugs.gentoo.org/920280",
"https://bugzilla.redhat.com/show_bug.cgi?id=2254210",
"https://bugzilla.suse.com/show_bug.cgi?id=1217950",
"https://crates.io/crates/thrussh/versions",
"https://filezilla-project.org/versions.php",
"https://forum.netgate.com/topic/184941/terrapin-ssh-attack",
"https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6",
"https://github.com/NixOS/nixpkgs/pull/275249",
"https://github.com/PowerShell/Win32-OpenSSH/issues/2189",
"https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta",
"https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0",
"https://github.com/TeraTermProject/teraterm/releases/tag/v5.1",
"https://github.com/advisories/GHSA-45x7-px36-x8w8",
"https://github.com/apache/mina-sshd/issues/445",
"https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab",
"https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22",
"https://github.com/cyd01/KiTTY/issues/520",
"https://github.com/drakkan/sftpgo/releases/tag/v2.5.6",
"https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42",
"https://github.com/erlang/otp/releases/tag/OTP-26.2.1",
"https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d",
"https://github.com/hierynomus/sshj/issues/916",
"https://github.com/janmojzis/tinyssh/issues/81",
"https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5",
"https://github.com/libssh2/libssh2/pull/1291",
"https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25",
"https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3",
"https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15",
"https://github.com/mwiede/jsch/issues/457",
"https://github.com/mwiede/jsch/pull/461",
"https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16",
"https://github.com/openssh/openssh-portable/commits/master",
"https://github.com/paramiko/paramiko/issues/2337",
"https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES",
"https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES",
"https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES",
"https://github.com/proftpd/proftpd/issues/456",
"https://github.com/rapier1/hpn-ssh/releases",
"https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst",
"https://github.com/ronf/asyncssh/tags",
"https://github.com/ssh-mitm/ssh-mitm/issues/165",
"https://github.com/warp-tech/russh/releases/tag/v0.40.2",
"https://gitlab.com/libssh/libssh-mirror/-/tags",
"https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ",
"https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg",
"https://help.panic.com/releasenotes/transmit5/",
"https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/",
"https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html",
"https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html",
"https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html",
"https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/",
"https://matt.ucc.asn.au/dropbear/CHANGES",
"https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC",
"https://news.ycombinator.com/item?id=38684904",
"https://news.ycombinator.com/item?id=38685286",
"https://news.ycombinator.com/item?id=38732005",
"https://nova.app/releases/#v11.8",
"https://oryx-embedded.com/download/#changelog",
"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002",
"https://roumenpetrov.info/secsh/#news20231220",
"https://security-tracker.debian.org/tracker/CVE-2023-48795",
"https://security-tracker.debian.org/tracker/source-package/libssh2",
"https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg",
"https://security-tracker.debian.org/tracker/source-package/trilead-ssh2",
"https://security.gentoo.org/glsa/202312-16",
"https://security.gentoo.org/glsa/202312-17",
"https://security.netapp.com/advisory/ntap-20240105-0004/",
"https://support.apple.com/kb/HT214084",
"https://thorntech.com/cve-2023-48795-and-sftp-gateway/",
"https://twitter.com/TrueSkrillor/status/1736774389725565005",
"https://ubuntu.com/security/CVE-2023-48795",
"https://winscp.net/eng/docs/history#6.2.2",
"https://www.bitvise.com/ssh-client-version-history#933",
"https://www.bitvise.com/ssh-server-version-history",
"https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html",
"https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update",
"https://www.debian.org/security/2023/dsa-5586",
"https://www.debian.org/security/2023/dsa-5588",
"https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc",
"https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508",
"https://www.netsarang.com/en/xshell-update-history/",
"https://www.openssh.com/openbsd.html",
"https://www.openssh.com/txt/release-9.6",
"https://www.openwall.com/lists/oss-security/2023/12/18/2",
"https://www.openwall.com/lists/oss-security/2023/12/20/3",
"https://www.paramiko.org/changelog.html",
"https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/",
"https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/",
"https://www.terrapin-attack.com",
"https://www.theregister.com/2023/12/20/terrapin_attack_ssh",
"https://www.vandyke.com/products/securecrt/history.txt",
"http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html",
"http://seclists.org/fulldisclosure/2024/Mar/21",
"http://www.openwall.com/lists/oss-security/2023/12/18/3",
"http://www.openwall.com/lists/oss-security/2023/12/19/5",
"http://www.openwall.com/lists/oss-security/2023/12/20/3",
"http://www.openwall.com/lists/oss-security/2024/03/06/3",
"http://www.openwall.com/lists/oss-security/2024/04/17/8",
"https://access.redhat.com/security/cve/cve-2023-48795",
"https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/",
"https://bugs.gentoo.org/920280",
"https://bugzilla.redhat.com/show_bug.cgi?id=2254210",
"https://bugzilla.suse.com/show_bug.cgi?id=1217950",
"https://crates.io/crates/thrussh/versions",
"https://filezilla-project.org/versions.php",
"https://forum.netgate.com/topic/184941/terrapin-ssh-attack",
"https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6",
"https://github.com/NixOS/nixpkgs/pull/275249",
"https://github.com/PowerShell/Win32-OpenSSH/issues/2189",
"https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta",
"https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0",
"https://github.com/TeraTermProject/teraterm/releases/tag/v5.1",
"https://github.com/advisories/GHSA-45x7-px36-x8w8",
"https://github.com/apache/mina-sshd/issues/445",
"https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab",
"https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22",
"https://github.com/cyd01/KiTTY/issues/520",
"https://github.com/drakkan/sftpgo/releases/tag/v2.5.6",
"https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42",
"https://github.com/erlang/otp/releases/tag/OTP-26.2.1",
"https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d",
"https://github.com/hierynomus/sshj/issues/916",
"https://github.com/janmojzis/tinyssh/issues/81",
"https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5",
"https://github.com/libssh2/libssh2/pull/1291",
"https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25",
"https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3",
"https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15",
"https://github.com/mwiede/jsch/issues/457",
"https://github.com/mwiede/jsch/pull/461",
"https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16",
"https://github.com/openssh/openssh-portable/commits/master",
"https://github.com/paramiko/paramiko/issues/2337",
"https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES",
"https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES",
"https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES",
"https://github.com/proftpd/proftpd/issues/456",
"https://github.com/rapier1/hpn-ssh/releases",
"https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst",
"https://github.com/ronf/asyncssh/tags",
"https://github.com/ssh-mitm/ssh-mitm/issues/165",
"https://github.com/warp-tech/russh/releases/tag/v0.40.2",
"https://gitlab.com/libssh/libssh-mirror/-/tags",
"https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ",
"https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg",
"https://help.panic.com/releasenotes/transmit5/",
"https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/",
"https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html",
"https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html",
"https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html",
"https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/",
"https://matt.ucc.asn.au/dropbear/CHANGES",
"https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC",
"https://news.ycombinator.com/item?id=38684904",
"https://news.ycombinator.com/item?id=38685286",
"https://news.ycombinator.com/item?id=38732005",
"https://nova.app/releases/#v11.8",
"https://oryx-embedded.com/download/#changelog",
"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002",
"https://roumenpetrov.info/secsh/#news20231220",
"https://security-tracker.debian.org/tracker/CVE-2023-48795",
"https://security-tracker.debian.org/tracker/source-package/libssh2",
"https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg",
"https://security-tracker.debian.org/tracker/source-package/trilead-ssh2",
"https://security.gentoo.org/glsa/202312-16",
"https://security.gentoo.org/glsa/202312-17",
"https://security.netapp.com/advisory/ntap-20240105-0004/",
"https://support.apple.com/kb/HT214084",
"https://thorntech.com/cve-2023-48795-and-sftp-gateway/",
"https://twitter.com/TrueSkrillor/status/1736774389725565005",
"https://ubuntu.com/security/CVE-2023-48795",
"https://winscp.net/eng/docs/history#6.2.2",
"https://www.bitvise.com/ssh-client-version-history#933",
"https://www.bitvise.com/ssh-server-version-history",
"https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html",
"https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update",
"https://www.debian.org/security/2023/dsa-5586",
"https://www.debian.org/security/2023/dsa-5588",
"https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc",
"https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508",
"https://www.netsarang.com/en/xshell-update-history/",
"https://www.openssh.com/openbsd.html",
"https://www.openssh.com/txt/release-9.6",
"https://www.openwall.com/lists/oss-security/2023/12/18/2",
"https://www.openwall.com/lists/oss-security/2023/12/20/3",
"https://www.paramiko.org/changelog.html",
"https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/",
"https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/",
"https://www.terrapin-attack.com",
"https://www.theregister.com/2023/12/20/terrapin_attack_ssh",
"https://www.vandyke.com/products/securecrt/history.txt",
"https://www.vicarius.io/vsociety/posts/cve-2023-48795-detect-openssh-vulnerabilit",
"https://www.vicarius.io/vsociety/posts/cve-2023-48795-mitigate-openssh-vulnerability"
],
"score": 5.9,
"services": [
"22/ssh"
],
"severity": "medium",
"summary": "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in [email protected] and (if CBC is used) the [email protected] MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.",
"vector_string": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"weakness": "CWE-354"
},
"CVE-2023-51384": {
"id": "CVE-2023-51384",
"references": [
"http://seclists.org/fulldisclosure/2024/Mar/21",
"https://github.com/openssh/openssh-portable/commit/881d9c6af9da4257c69c327c4e2f1508b2fa754b",
"https://security.netapp.com/advisory/ntap-20240105-0005/",
"https://support.apple.com/kb/HT214084",
"https://www.debian.org/security/2023/dsa-5586",
"https://www.openssh.com/txt/release-9.6",
"https://www.openwall.com/lists/oss-security/2023/12/18/2",
"http://seclists.org/fulldisclosure/2024/Mar/21",
"https://github.com/openssh/openssh-portable/commit/881d9c6af9da4257c69c327c4e2f1508b2fa754b",
"https://security.netapp.com/advisory/ntap-20240105-0005/",
"https://support.apple.com/kb/HT214084",
"https://www.debian.org/security/2023/dsa-5586",
"https://www.openssh.com/txt/release-9.6",
"https://www.openwall.com/lists/oss-security/2023/12/18/2"
],
"score": 5.5,
"services": [
"22/ssh"
],
"severity": "medium",
"summary": "In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.",
"vector_string": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2023-51385": {
"id": "CVE-2023-51385",
"references": [
"http://seclists.org/fulldisclosure/2024/Mar/21",
"http://www.openwall.com/lists/oss-security/2023/12/26/4",
"https://github.com/openssh/openssh-portable/commit/7ef3787c84b6b524501211b11a26c742f829af1a",
"https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html",
"https://security.gentoo.org/glsa/202312-17",
"https://security.netapp.com/advisory/ntap-20240105-0005/",
"https://support.apple.com/kb/HT214084",
"https://vin01.github.io/piptagole/ssh/security/openssh/libssh/remote-code-execution/2023/12/20/openssh-proxycommand-libssh-rce.html",
"https://www.debian.org/security/2023/dsa-5586",
"https://www.openssh.com/txt/release-9.6",
"https://www.openwall.com/lists/oss-security/2023/12/18/2",
"http://seclists.org/fulldisclosure/2024/Mar/21",
"http://www.openwall.com/lists/oss-security/2023/12/26/4",
"https://github.com/openssh/openssh-portable/commit/7ef3787c84b6b524501211b11a26c742f829af1a",
"https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html",
"https://security.gentoo.org/glsa/202312-17",
"https://security.netapp.com/advisory/ntap-20240105-0005/",
"https://support.apple.com/kb/HT214084",
"https://vin01.github.io/piptagole/ssh/security/openssh/libssh/remote-code-execution/2023/12/20/openssh-proxycommand-libssh-rce.html",
"https://www.debian.org/security/2023/dsa-5586",
"https://www.openssh.com/txt/release-9.6",
"https://www.openwall.com/lists/oss-security/2023/12/18/2"
],
"score": 6.5,
"services": [
"22/ssh"
],
"severity": "medium",
"summary": "In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"weakness": "CWE-78"
},
"CVE-2023-51767": {
"id": "CVE-2023-51767",
"references": [
"https://access.redhat.com/security/cve/CVE-2023-51767",
"https://arxiv.org/abs/2309.02545",
"https://bugzilla.redhat.com/show_bug.cgi?id=2255850",
"https://github.com/openssh/openssh-portable/blob/8241b9c0529228b4b86d88b1a6076fb9f97e4a99/auth-passwd.c#L77",
"https://github.com/openssh/openssh-portable/blob/8241b9c0529228b4b86d88b1a6076fb9f97e4a99/monitor.c#L878",
"https://security.netapp.com/advisory/ntap-20240125-0006/",
"https://ubuntu.com/security/CVE-2023-51767",
"https://access.redhat.com/security/cve/CVE-2023-51767",
"https://arxiv.org/abs/2309.02545",
"https://bugzilla.redhat.com/show_bug.cgi?id=2255850",
"https://github.com/openssh/openssh-portable/blob/8241b9c0529228b4b86d88b1a6076fb9f97e4a99/auth-passwd.c#L77",
"https://github.com/openssh/openssh-portable/blob/8241b9c0529228b4b86d88b1a6076fb9f97e4a99/monitor.c#L878",
"https://security.netapp.com/advisory/ntap-20240125-0006/",
"https://ubuntu.com/security/CVE-2023-51767"
],
"score": 7,
"services": [
"22/ssh"
],
"severity": "high",
"summary": "OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.",
"vector_string": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"weakness": "NVD-CWE-Other"
},
"CVE-2024-6387": {
"id": "CVE-2024-6387",
"references": [
"https://access.redhat.com/errata/RHSA-2024:4312",
"https://access.redhat.com/errata/RHSA-2024:4340",
"https://access.redhat.com/errata/RHSA-2024:4389",
"https://access.redhat.com/errata/RHSA-2024:4469",
"https://access.redhat.com/errata/RHSA-2024:4474",
"https://access.redhat.com/errata/RHSA-2024:4479",
"https://access.redhat.com/errata/RHSA-2024:4484",
"https://access.redhat.com/security/cve/CVE-2024-6387",
"https://bugzilla.redhat.com/show_bug.cgi?id=2294604",
"https://santandersecurityresearch.github.io/blog/sshing_the_masses.html",
"https://www.openssh.com/txt/release-9.8",
"https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt",
"http://seclists.org/fulldisclosure/2024/Jul/18",
"http://seclists.org/fulldisclosure/2024/Jul/19",
"http://seclists.org/fulldisclosure/2024/Jul/20",
"http://www.openwall.com/lists/oss-security/2024/07/01/12",
"http://www.openwall.com/lists/oss-security/2024/07/01/13",
"http://www.openwall.com/lists/oss-security/2024/07/02/1",
"http://www.openwall.com/lists/oss-security/2024/07/03/1",
"http://www.openwall.com/lists/oss-security/2024/07/03/11",
"http://www.openwall.com/lists/oss-security/2024/07/03/2",
"http://www.openwall.com/lists/oss-security/2024/07/03/3",
"http://www.openwall.com/lists/oss-security/2024/07/03/4",
"http://www.openwall.com/lists/oss-security/2024/07/03/5",
"http://www.openwall.com/lists/oss-security/2024/07/04/1",
"http://www.openwall.com/lists/oss-security/2024/07/04/2",
"http://www.openwall.com/lists/oss-security/2024/07/08/2",
"http://www.openwall.com/lists/oss-security/2024/07/08/3",
"http://www.openwall.com/lists/oss-security/2024/07/09/2",
"http://www.openwall.com/lists/oss-security/2024/07/09/5",
"http://www.openwall.com/lists/oss-security/2024/07/10/1",
"http://www.openwall.com/lists/oss-security/2024/07/10/2",
"http://www.openwall.com/lists/oss-security/2024/07/10/3",
"http://www.openwall.com/lists/oss-security/2024/07/10/4",
"http://www.openwall.com/lists/oss-security/2024/07/10/6",
"http://www.openwall.com/lists/oss-security/2024/07/11/1",
"http://www.openwall.com/lists/oss-security/2024/07/11/3",
"http://www.openwall.com/lists/oss-security/2024/07/23/4",
"http://www.openwall.com/lists/oss-security/2024/07/23/6",
"http://www.openwall.com/lists/oss-security/2024/07/28/2",
"http://www.openwall.com/lists/oss-security/2024/07/28/3",
"https://access.redhat.com/errata/RHSA-2024:4312",
"https://access.redhat.com/errata/RHSA-2024:4340",
"https://access.redhat.com/errata/RHSA-2024:4389",
"https://access.redhat.com/errata/RHSA-2024:4469",
"https://access.redhat.com/errata/RHSA-2024:4474",
"https://access.redhat.com/errata/RHSA-2024:4479",
"https://access.redhat.com/errata/RHSA-2024:4484",
"https://access.redhat.com/security/cve/CVE-2024-6387",
"https://archlinux.org/news/the-sshd-service-needs-to-be-restarted-after-upgrading-to-openssh-98p1/",
"https://arstechnica.com/security/2024/07/regresshion-vulnerability-in-openssh-gives-attackers-root-on-linux/",
"https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server",
"https://bugzilla.redhat.com/show_bug.cgi?id=2294604",
"https://explore.alas.aws.amazon.com/CVE-2024-6387.html",
"https://forum.vmssoftware.com/viewtopic.php?f=8&t=9132",
"https://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2024-002.txt.asc",
"https://github.com/AlmaLinux/updates/issues/629",
"https://github.com/Azure/AKS/issues/4379",
"https://github.com/PowerShell/Win32-OpenSSH/discussions/2248",
"https://github.com/PowerShell/Win32-OpenSSH/issues/2249",
"https://github.com/microsoft/azurelinux/issues/9555",
"https://github.com/openela-main/openssh/commit/e1f438970e5a337a17070a637c1b9e19697cad09",
"https://github.com/oracle/oracle-linux/issues/149",
"https://github.com/rapier1/hpn-ssh/issues/87",
"https://github.com/zgzhang/cve-2024-6387-poc",
"https://lists.almalinux.org/archives/list/[email protected]/thread/23BF5BMGFVEVUI2WNVAGMLKT557EU7VY/",
"https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html",
"https://lists.mindrot.org/pipermail/openssh-unix-dev/2024-July/041431.html",
"https://news.ycombinator.com/item?id=40843778",
"https://packetstorm.news/files/id/190587/",
"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0010",
"https://santandersecurityresearch.github.io/blog/sshing_the_masses.html",
"https://security-tracker.debian.org/tracker/CVE-2024-6387",
"https://security.netapp.com/advisory/ntap-20240701-0001/",
"https://sig-security.rocky.page/issues/CVE-2024-6387/",
"https://stackdiary.com/openssh-race-condition-in-sshd-allows-remote-code-execution/",
"https://support.apple.com/kb/HT214118",
"https://support.apple.com/kb/HT214119",
"https://support.apple.com/kb/HT214120",
"https://ubuntu.com/security/CVE-2024-6387",
"https://ubuntu.com/security/notices/USN-6859-1",
"https://www.akamai.com/blog/security-research/2024-openssh-vulnerability-regression-what-to-know-and-do",
"https://www.arista.com/en/support/advisories-notices/security-advisory/19904-security-advisory-0100",
"https://www.exploit-db.com/exploits/52269",
"https://www.freebsd.org/security/advisories/FreeBSD-SA-24:04.openssh.asc",
"https://www.openssh.com/txt/release-9.8",
"https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt",
"https://www.splunk.com/en_us/blog/security/cve-2024-6387-regresshion-vulnerability.html",
"https://www.suse.com/security/cve/CVE-2024-6387.html",
"https://www.theregister.com/2024/07/01/regresshion_openssh/",
"https://www.vicarius.io/vsociety/posts/regresshion-an-openssh-regression-error-cve-2024-6387"
],
"score": 8.1,
"services": [
"22/ssh"
],
"severity": "high",
"summary": "A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.",
"vector_string": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-364"
}
}
}