39.98.57.101
{
"scan_id": 1763964649,
"ip": "39.98.57.101",
"is_ipv4": true,
"is_ipv6": false,
"location": {
"network": "39.96.0.0/13",
"postal_code": "",
"coordinates": {
"latitude": "39.911",
"longitude": "116.395"
},
"geo_point": "39.911, 116.395",
"locale_code": "en",
"continent": "Asia",
"country_code": "CN",
"country_name": "China",
"city": "Beijing"
},
"location_updated_at": "2025-11-23T18:17:41Z",
"asn": {
"number": "AS37963",
"organization": "Hangzhou Alibaba Advertising Co.,Ltd.",
"country_code": ""
},
"asn_updated_at": "0001-01-01T00:00:00Z",
"whois": {
"network": "39.96.0.0/13",
"organization": "Hangzhou Alibaba Advertising Co.,Ltd.",
"descr": "Hangzhou Alibaba Advertising Co.,Ltd.",
"_encoding": {
"raw": "BASE64"
}
},
"whois_updated_at": "2024-12-09T11:26:59Z",
"tags": [
{
"name": "is_anonymous_proxy",
"pretty_name": "Anonymous Proxy",
"value": false,
"last_updated_at": "2025-11-23T18:17:41Z"
},
{
"name": "is_cdn",
"pretty_name": "CDN",
"value": false,
"last_updated_at": "2025-11-23T23:33:42Z"
},
{
"name": "is_satellite_provider",
"pretty_name": "Satellite Provider",
"value": false,
"last_updated_at": "2025-11-23T18:17:41Z"
}
],
"services": [
{
"port": 21,
"protocol": "tcp",
"name": "ftp",
"version": "",
"product": "Pure-FTPd",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:pureftpd:pure-ftpd",
"part": "a",
"vendor": "pureftpd",
"product": "pure\\-ftpd",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"ftp": {
"banner": "220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\r\n220-You are user number 1 of 50 allowed.\r\n220-Local time is now 10:50. Server port: 21.\r\n220-This is a private system - No anonymous login\r\n220-IPv6 connections are also welcome on this server.\r\n220 You will be disconnected after 15 minutes of inactivity.\r\n"
},
"tls": {
"certificate": {
"extensions": {
"authority_key_id": "ad59929d55bfa23d25f0913dc06516947cdbfc60",
"basic_constraints": {
"is_ca": true
},
"subject_key_id": "ad59929d55bfa23d25f0913dc06516947cdbfc60"
},
"fingerprint_md5": "7828B1AD9A305490A13F74115D6ADCFC",
"fingerprint_sha1": "46CF311D1D4E2C0E60A36AD098DFC2645BCC5E41",
"fingerprint_sha256": "0FCA4E187EFF1075D54ED59B74451B042F9B474672CD8EDD484DD33D1FBA1360",
"issuer": {
"common_name": [
"39.98.57.101"
],
"country": [
"CN"
],
"email_address": [
"[email protected]"
],
"locality": [
"Dongguan"
],
"organization": [
"BT-PANEL"
],
"organizational_unit": [
"BT"
],
"province": [
"Guangdong"
]
},
"issuer_dn": "/C=CN/ST=Guangdong/L=Dongguan/O=BT-PANEL/OU=BT/CN=39.98.57.101/[email protected]",
"jarm": "00000000000000000000000000000000000000000000000000000000000000",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "253140963463627166915202066044578696342456289228",
"signature": {
"algorithm": {
"name": "SHA256-RSA",
"oid": "1.2.840.113549.1.1.11"
},
"self_signed": true,
"value": "N2RkZTQ1ODYyMDc5MzM0MjViZGM4NzZiMmU2MjcwODU4ZDZmYTBmMDlkZGNiNmViMWVhZTBhNGQ2MzRhNzc5MTg0Njg3ZThkYzJhMDkwNDNmNmUyMTY4MDlhOTdiMzdmMGEwNzJmY2I5ZDUwOGM4ZGU2ODU4YjgxYWY1ZWJkYTgwYTFjOGU5ZDBiMjgwMmVjYjdkMTg5Y2VmZDY4NDExMWE1YWE3MzU4OThlZTM2NDY5OWJmYWQyN2EwYjU5ZDM1YzJiYzkxMTBlZWYxZTIwNWQ4ZDcyYjU0YjJkMzBjZDgxODhiN2Q4NzA4ZDQwMjY0MDU0ODFlNDAwMTEwYTk5YTgxYzhkNDY5MDE5NjMxZjY2ZGZiZjUyZjEyNWZhN2MyZTZiY2Q0MTdiMjFiNmJiZThkNDBkNjM3YTE5YWM1MDcyZTk2OWE0ZTY0MjFlMDU0ZDJjYjA5NDI5NWNjZTY3ZWU1MjgwY2M1NTE4YTM4MzllZDM5YmJlYmU0NGJlZjlmNzkyOTIxYjAwMGFmM2M4NTY5NTcyNzZiNTY4OGZiOGVjYzlmNGE2MjM1OWJkODFhN2E1MjE3ODliYmE2MjAxMGU2NGQ5MmJiNDczNTM4Y2ViNDEyZGY4ZTIwODViNTc0NWE4NDUwYjBmYzNhOWRiODAxYWNlYmRlYTVmMzYxZjk="
},
"subject": {
"common_name": [
"39.98.57.101"
],
"country": [
"CN"
],
"email_address": [
"[email protected]"
],
"locality": [
"Dongguan"
],
"organization": [
"BT-PANEL"
],
"organizational_unit": [
"BT"
],
"province": [
"Guangdong"
]
},
"subject_alt_name": {
"dns_names": [
"39.98.57.101"
],
"extended_dns_names": []
},
"subject_dn": "/C=CN/ST=Guangdong/L=Dongguan/O=BT-PANEL/OU=BT/CN=39.98.57.101/[email protected]",
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "8e8c77442e825e32427037f80ae0b7b219839779dc950451535e0921a4b98d2c",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 2048,
"modulus": "MHg5ZmRlOGU4MjUzMmNjYTRiZTcwNjA2NGQ0ZTNiMDYxOWRmNWZiZTg3MWU5ODlkNTc0ZDdhZTZmNGEzZTFlYzI3MGExZGUxYWM0OGY4MTdhNDM1ZTA3N2ZmZGI2ODdkYTQ5NWVhYjBmZjUxYzY5ODFmOTlmZWJjNGY1YjNjNDc1YmYzNzNmODBiODVkZTgxM2UwODcwMTY0YzE2ZGYyNTQ0M2Y2YzY4ZTFmYmU4YzQ5YjhjMjk3ZmI1ODg3MjMxN2IyZWI1MTU5NzIyNGY4MGFkNzRkZDdkMDIyM2IwMDgwNjg2YTNhOTc2Y2YyZWNhZTJjMDk3OTA5YWVkM2RlODFiZjIwZmVmNGIyZDRhMGU1YjMzYmUwZGE0YmIyZDc3ZTcyNjk3NDBmNTdjYTMwMDczMmE0MjI3ODZlNWVkZDk5ZjExYmI4ZmI5OTg4NGRjZjJhZWU1MDkzYWZiYmI5N2NjMmU0Yzg2NWUyYzg0OTNiMmY3ODdkNDUyNzdmNDVhZTRjYTAyNjU0NTUwZTI3NzUxNGU2MWZmNTY4NmNiYWI1YmFiYWYxODkwOTI1MTA4NGZjYTc3Y2FhNWE2M2U1YTRlOWE1ZjA0MDFhNmE3N2M2YTE4NzY1YTBiY2U4Y2VhMjk0MTBmNmE2MmU5NzBmMDY2MDIwYTFlYjQ1OTM2ZmMyOQ=="
}
},
"tbs_fingerprint": "07849c39f6c02c551dba48caa979f6257b8d5356871d1561f284e4bc4596fb2d",
"validation_level": "OV",
"validity": {
"length_seconds": 307584000,
"not_after": "2033-08-26T13:02:15",
"not_before": "2023-11-27T13:02:15"
},
"version": 2
},
"fingerprint_sha256": "0FCA4E187EFF1075D54ED59B74451B042F9B474672CD8EDD484DD33D1FBA1360",
"precert": false,
"raw": "MIID8TCCAtmgAwIBAgIULFc7v0hzei1YXPLd3cxTK9Fcx8wwDQYJKoZIhvcNAQELBQAwgYcxCzAJBgNVBAYTAkNOMRIwEAYDVQQIDAlHdWFuZ2RvbmcxETAPBgNVBAcMCERvbmdndWFuMREwDwYDVQQKDAhCVC1QQU5FTDELMAkGA1UECwwCQlQxFTATBgNVBAMMDDM5Ljk4LjU3LjEwMTEaMBgGCSqGSIb3DQEJARYLYWRtaW5AYnQuY24wHhcNMjMxMTI3MTMwMjE1WhcNMzMwODI2MTMwMjE1WjCBhzELMAkGA1UEBhMCQ04xEjAQBgNVBAgMCUd1YW5nZG9uZzERMA8GA1UEBwwIRG9uZ2d1YW4xETAPBgNVBAoMCEJULVBBTkVMMQswCQYDVQQLDAJCVDEVMBMGA1UEAwwMMzkuOTguNTcuMTAxMRowGAYJKoZIhvcNAQkBFgthZG1pbkBidC5jbjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ/ejoJTLMpL5wYGTU47BhnfX76HHpidV0165vSj4ewnCh3hrEj4F6Q14Hf/22h9pJXqsP9Rxpgfmf68T1s8R1vzc/gLhd6BPghwFkwW3yVEP2xo4fvoxJuMKX+1iHIxey61FZciT4CtdN19AiOwCAaGo6l2zy7K4sCXkJrtPegb8g/vSy1KDlszvg2kuy135yaXQPV8owBzKkInhuXt2Z8Ru4+5mITc8q7lCTr7u5fMLkyGXiyEk7L3h9RSd/Ra5MoCZUVQ4ndRTmH/VobLq1urrxiQklEIT8p3yqWmPlpOml8EAaanfGoYdloLzozqKUEPamLpcPBmAgoetFk2/CkCAwEAAaNTMFEwHQYDVR0OBBYEFK1Zkp1Vv6I9JfCRPcBlFpR82/xgMB8GA1UdIwQYMBaAFK1Zkp1Vv6I9JfCRPcBlFpR82/xgMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAH3eRYYgeTNCW9yHay5icIWNb6Dwndy26x6uCk1jSneRhGh+jcKgkEP24haAmpezfwoHL8udUIyN5oWLga9evagKHI6dCygC7LfRic79aEERpapzWJjuNkaZv60noLWdNcK8kRDu8eIF2NcrVLLTDNgYi32HCNQCZAVIHkABEKmagcjUaQGWMfZt+/UvEl+nwua81BeyG2u+jUDWN6GaxQculppOZCHgVNLLCUKVzOZ+5SgMxVGKODntObvr5Evvn3kpIbAArzyFaVcna1aI+47Mn0piNZvYGnpSF4m7piAQ5k2Su0c1OM60Et+OIIW1dFqEULD8Op24Aazr3qXzYfk=",
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-11-25T05:24:11.298Z"
},
{
"port": 22,
"protocol": "tcp",
"name": "ssh",
"version": "8.9p1 Ubuntu 3ubuntu0.4",
"product": "OpenSSH",
"extra_info": "Ubuntu Linux; protocol 2.0",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:openbsd:openssh:8.9p1",
"part": "a",
"vendor": "openbsd",
"product": "openssh",
"version": "8\\.9p1",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
},
{
"uri": "cpe:/o:linux:linux_kernel",
"part": "o",
"vendor": "linux",
"product": "linux_kernel",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"ssh": {
"banner": "SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.4",
"client_to_server_ciphers": [
"[email protected]",
"aes128-ctr",
"aes192-ctr",
"aes256-ctr",
"[email protected]",
"[email protected]"
],
"client_to_server_compression": [
"none",
"[email protected]"
],
"client_to_server_macs": [
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"hmac-sha2-256",
"hmac-sha2-512",
"hmac-sha1"
],
"host_key_algorithms": [
"rsa-sha2-512",
"rsa-sha2-256",
"ecdsa-sha2-nistp256",
"ssh-ed25519"
],
"kex_algorithms": [
"curve25519-sha256",
"[email protected]",
"ecdh-sha2-nistp256",
"ecdh-sha2-nistp384",
"ecdh-sha2-nistp521",
"[email protected]",
"diffie-hellman-group-exchange-sha256",
"diffie-hellman-group16-sha512",
"diffie-hellman-group18-sha512",
"diffie-hellman-group14-sha256"
],
"key": {
"algorithm": "ecdsa-sha2-nistp256",
"fingerprint_sha256": "02bab2dfff6bd126f53f18a9d3db9922253f4ec85ea4ff7162e38818f291ebb6",
"raw": "AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAyLCFm6Y/s011dc1HrwjxEah85KEzrS7WxSJWwQINcz2mR7A/uego+Rko8aeYunW8u2JILoHgokBYzmhHAc/rI="
},
"server_to_client_ciphers": [
"[email protected]",
"aes128-ctr",
"aes192-ctr",
"aes256-ctr",
"[email protected]",
"[email protected]"
],
"server_to_client_compression": [
"none",
"[email protected]"
],
"server_to_client_macs": [
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"hmac-sha2-256",
"hmac-sha2-512",
"hmac-sha1"
],
"software": "OpenSSH_8.9p1",
"version": "2.0"
}
},
"cve": [
{
"id": "CVE-2007-2768",
"score": 4.3,
"severity": "medium"
},
{
"id": "CVE-2008-3844",
"score": 9.3,
"severity": "high"
},
{
"id": "CVE-2023-28531",
"score": 9.8,
"severity": "critical"
}
],
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-11-25T12:05:00.378Z"
},
{
"port": 80,
"protocol": "tcp",
"name": "http",
"version": "",
"product": "nginx",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:igor_sysoev:nginx",
"part": "a",
"vendor": "igor_sysoev",
"product": "nginx",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body": "<!doctype html>\n<html>\n<head>\n<meta charset=\"utf-8\">\n<title>没有找到站点</title>\n<style>\n*{margin:0;padding:0;color:#444}\nbody{font-size:14px;font-family:\"宋体\"}\n.main{width:600px;margin:10% auto;}\n.title{background: #20a53a;color: #fff;font-size: 16px;height: 40px;line-height: 40px;padding-left: 20px;}\n.content{background-color:#f3f7f9; height:300px;border:1px dashed #c6d9b6;padding:20px}\n.t1{border-bottom: 1px dashed #c6d9b6;color: #ff4000;font-weight: bold; margin: 0 0 20px; padding-bottom: 18px;}\n.t2{margin-bottom:8px; font-weight:bold}\nol{margin:0 0 20px 22px;padding:0;}\nol li{line-height:30px}\n</style>\n</head>\n\n<body>\n\t<div class=\"main\">\n\t\t<div class=\"title\">没有找到站点</div>\n\t\t<div class=\"content\">\n\t\t\t<p class=\"t1\">您的请求在Web服务器中没有找到对应的站点!</p>\n\t\t\t<p class=\"t2\">可能原因:</p>\n\t\t\t<ol>\n\t\t\t\t<li>您没有将此域名或IP绑定到对应站点!</li>\n\t\t\t\t<li>配置文件未生效!</li>\n\t\t\t</ol>\n\t\t\t<p class=\"t2\">如何解决:</p>\n\t\t\t<ol>\n\t\t\t\t<li>检查是否已经绑定到对应站点,若确认已绑定,请尝试重载Web服务;</li>\n\t\t\t\t<li>检查端口是否正确;</li>\n\t\t\t\t<li>若您使用了CDN产品,请尝试清除CDN缓存;</li>\n\t\t\t\t<li>普通网站访客,请联系网站管理员;</li>\n\t\t\t</ol>\n\t\t</div>\n\t</div>\n</body>\n</html>\n",
"body_murmur": 617769728,
"body_sha256": "cdf9d8eee8c4fe967fac3aa9218a7227647ae7aaaa4221c688e1aab7a9180f69",
"component": [
"Nginx"
],
"content_length": -1,
"headers": {
"connection": [
"keep-alive"
],
"content_type": [
"text/html"
],
"date": [
"Wed, 05 Nov 2025 03:07:58 GMT"
],
"etag": [
"W/\"59005463-52e\""
],
"last_modified": [
"Wed, 26 Apr 2017 08:03:47 GMT"
],
"server": [
"nginx"
],
"vary": [
"Accept-Encoding"
]
},
"protocol": "HTTP/1.1",
"request": {
"headers": {
"accept": [
"*/*"
],
"user_agent": [
"Mozilla/5.0 (compatible; Odin; https://docs.getodin.com/)"
]
},
"method": "GET",
"url": {
"host": "39.98.57.101",
"path": "",
"scheme": "http"
}
},
"status_code": 200,
"title": "没有找到站点",
"transfer_encoding": [
"chunked"
]
}
},
"url": "http://39.98.57.101/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-11-05T03:07:59.674Z"
},
{
"port": 443,
"protocol": "tcp",
"name": "http",
"version": "",
"product": "nginx",
"extra_info": "",
"tunnel": "ssl",
"softwares": [
{
"uri": "cpe:/a:igor_sysoev:nginx",
"part": "a",
"vendor": "igor_sysoev",
"product": "nginx",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body": "<!DOCTYPE html>\n<html lang=\"en\">\n<head>\n <meta charset=\"UTF-8\">\n <title></title>\n <style>\n #page {\n width: 375px;\n height: 60vh;\n margin: 0 auto;\n display: block;\n position: absolute;\n left: 50%;\n -webkit-transform: translate(-50%,0);\n -moz-transform: translate(-50%,0);\n transform: translate(-50%,0);\n }\n body {\n margin-top: 100px;\n }\n </style>\n</head>\n<body>\n<iframe id=\"page\" src=\"https://crm.swzljp.top/pages/index/index\" frameborder=\"0\"></iframe>\n</body>\n</html>",
"body_murmur": -170705033,
"body_sha256": "9a4cf731632b11c2b0061fb881655c0bbc2c1667ee61107923f87867593fa75f",
"component": [
"Nginx"
],
"content_length": -1,
"favicon": {
"md5_hash": "699adaf4da1b0dc76ea5464df13755d7",
"murmur_hash": -847565074,
"path": "https://39.98.57.101:443/favicon.ico",
"size": 4286
},
"headers": {
"connection": [
"keep-alive"
],
"content_type": [
"text/html; charset=utf-8"
],
"date": [
"Fri, 21 Nov 2025 06:33:08 GMT"
],
"server": [
"nginx"
],
"set_cookie": [
"cb_lang=zh-cn; path=/",
"PHPSESSID=162427a5cfa554aa744f87c13adaf33b; path=/"
],
"strict_transport_security": [
"max-age=31536000"
],
"vary": [
"Accept-Encoding"
]
},
"protocol": "HTTP/1.1",
"redirects": [
{
"body": "<html>\r\n<head><title>302 Found</title></head>\r\n<body>\r\n<center><h1>302 Found</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
"body_murmur": -23674247,
"body_sha256": "753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0",
"content_length": 138,
"headers": {
"content_length": [
"138"
],
"content_type": [
"text/html"
],
"date": [
"Fri, 21 Nov 2025 06:33:07 GMT"
],
"location": [
"https://39.98.57.101/"
],
"server": [
"nginx"
],
"strict_transport_security": [
"max-age=31536000"
]
},
"location": "https://39.98.57.101/",
"protocol": "HTTP/1.1",
"status_code": 302,
"status_line": "302 Moved Temporarily"
}
],
"request": {
"headers": {
"accept": [
"*/*"
],
"referer": [
"http://39.98.57.101:443"
],
"user_agent": [
"Mozilla/5.0 (compatible; Odin; https://docs.getodin.com/)"
]
},
"method": "GET",
"url": {
"host": "39.98.57.101",
"path": "/",
"scheme": "https"
}
},
"status_code": 200,
"transfer_encoding": [
"chunked"
]
},
"tls": {
"certificate": {
"extensions": {
"authority_info_access": {
"issuer_urls": [
"http://cacerts.digicert.com/EncryptionEverywhereDVTLSCA"
],
"ocsp_urls": [
"http://ocsp.digicert.com"
]
},
"authority_key_id": "78df91905feedeacf6c575ebd54c5553ef244ab6",
"basic_constraints": {
"is_ca": true
},
"certificate_policies": [
{
"cps": [
"http://www.digicert.com/CPS"
],
"id": "2.23.140.1.2.1"
}
],
"ct_precert_scts": "Signed Certificate Timestamp:\n Version : v1 (0x0)\n Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:\n 32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B\n Timestamp : Jan 30 06:40:07.899 2024 GMT\n Extensions: none\n Signature : ecdsa-with-SHA256\n 30:44:02:20:01:F4:09:9E:2A:FE:EC:01:EC:1A:A3:65:\n 97:86:40:67:15:96:57:82:C1:B0:F3:2B:7C:D7:F8:FC:\n 24:A3:A5:C4:02:20:47:DC:2F:28:9B:CC:6A:55:78:86:\n 50:70:F4:77:9C:47:9C:46:0A:69:11:19:58:E9:20:63:\n 65:DA:E8:FB:7C:7F\nSigned Certificate Timestamp:\n Version : v1 (0x0)\n Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:\n 1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73\n Timestamp : Jan 30 06:40:07.924 2024 GMT\n Extensions: none\n Signature : ecdsa-with-SHA256\n 30:45:02:20:74:EB:13:6C:BF:5D:65:7C:20:8B:00:5D:\n A8:32:FB:D3:40:2C:D6:90:B5:B1:6B:6D:32:7A:7B:61:\n 1D:A0:AA:FC:02:21:00:B4:9D:86:D9:66:16:E6:35:37:\n 3D:31:EC:40:BB:63:B2:E4:C4:5A:48:FA:3B:75:E3:5E:\n 13:07:4E:C3:54:EE:A5\nSigned Certificate Timestamp:\n Version : v1 (0x0)\n Log ID : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:\n 91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB\n Timestamp : Jan 30 06:40:07.886 2024 GMT\n Extensions: none\n Signature : ecdsa-with-SHA256\n 30:46:02:21:00:F4:4A:5A:9D:A4:F6:71:D8:32:62:6E:\n 8A:E0:16:C6:F2:3D:A0:79:32:E8:A3:20:06:47:A4:6E:\n F7:AB:83:15:38:02:21:00:B5:0D:10:77:B8:E8:2C:31:\n EB:24:F0:37:44:69:37:6D:35:F0:5C:9B:77:5C:BC:8B:\n 7B:3C:FE:06:51:10:68:6A",
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": false,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": true
},
"subject_alt_name": {
"dns_names": [
"crm.swzljp.top"
]
},
"subject_key_id": "25e929d2d3bcf9ffdfeba8807cacf55e4a0873cc"
},
"fingerprint_md5": "F2433D5A3107474D81B69A17A34FF454",
"fingerprint_sha1": "BC1110043C80EB88B2CD2B416CB69EA5E112E7B3",
"fingerprint_sha256": "9E43AE81EF4411B8DB30F8751F2FC44C679D02365E3F73195CB666DC442731FB",
"issuer": {
"common_name": [
"Encryption Everywhere DV TLS CA - G2"
],
"country": [
"US"
],
"organization": [
"DigiCert Inc"
],
"organizational_unit": [
"www.digicert.com"
]
},
"issuer_dn": "/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=Encryption Everywhere DV TLS CA - G2",
"jarm": "3fd3fd0003fd3fd21c42d42d000000307ee0eb468e9fdb5cfcd698a80a67ef",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "13995259632980247289450856783921987439",
"signature": {
"algorithm": {
"name": "SHA256-RSA",
"oid": "1.2.840.113549.1.1.11"
},
"self_signed": false,
"value": "YjM0YjFmODRmYmJkOTc2MzhmY2Y1ZDA2NjYwM2JlOTJlY2E5Mjg1NzI3MDkwNGE0MjM5ZGJjYTQzMmM5NDgxZGM1OWYyMTc0MjQzNmRiMWY2YmE1MWY4OTYyNzBiYTRkNGFlZGM1YTUzZjkwYzZhNzM2NTg1ZDEzNjBlZjk1MTEzZTEwODRkM2NjOTUyODZjNWJlMjNjNDNlNGI2MjgyZDllNDNjZGRkMDJmN2NiYTQ5Njc5YzUyZGFlOGE4MDI2YTk3NzFhOTJkMjRhOTg2OThjYjJiZDU5MGJkMGE4OWY4YzdjZTUxMmZiMzJiNGUxMTdkY2FjZjJlNTQ2ZTI0ZTVjMGIxMGZkNzAwOTZjZDI5OTNjMTk4OTBhNTU5MjVmNzRhMzllODE5MDZjZDlhZDI5Y2Q0YWIxNWU4N2ZhMGU3OWUyODQ3Nzg3MDQ5ZWM4Y2JhNTRlNjRmODBiNmQ3YjVjZDYxODI2ODFhMzM4M2ZkYTFjMmNkYmM0MDdiMjI5OGQ0ZGY2MDE1NGExOTY3MGExNGJkZTI5NmMwNDUzZDExMTFmM2Q1ZWFkZmIxNzUzYzUzMjA4ZWRhMDgxNDM0YzNiN2ZlY2Y2YjIxNzQ1NWM3Mjk2YTQzOTZjOTU5YThhMmUxN2MzNTdiZWIwYTE4ZTg4Yjg1NmJkZTg0NDk1ZmU="
},
"signed_certificate_timestamps": [
{
"entry_type": "PRE_CERTIFICATE",
"log_id": "eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b",
"signature": {
"algorithm": "ECDSA",
"hash_algorithm": "SHA256",
"value": "3044022001f4099e2afeec01ec1aa3659786406715965782c1b0f32b7cd7f8fc24a3a5c4022047dc2f289bcc6a5578865070f4779c479c460a69111958e9206365dae8fb7c7f"
},
"timestamp": "2024-01-30T06:40:07.899000",
"version": "v1"
},
{
"entry_type": "PRE_CERTIFICATE",
"log_id": "48b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d88473",
"signature": {
"algorithm": "ECDSA",
"hash_algorithm": "SHA256",
"value": "3045022074eb136cbf5d657c208b005da832fbd3402cd690b5b16b6d327a7b611da0aafc022100b49d86d96616e635373d31ec40bb63b2e4c45a48fa3b75e35e13074ec354eea5"
},
"timestamp": "2024-01-30T06:40:07.924000",
"version": "v1"
},
{
"entry_type": "PRE_CERTIFICATE",
"log_id": "dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab",
"signature": {
"algorithm": "ECDSA",
"hash_algorithm": "SHA256",
"value": "3046022100f44a5a9da4f671d832626e8ae016c6f23da07932e8a3200647a46ef7ab831538022100b50d1077b8e82c31eb24f0374469376d35f05c9b775cbc8b7b3cfe065110686a"
},
"timestamp": "2024-01-30T06:40:07.886000",
"version": "v1"
}
],
"signed_certificate_timestamps_oid": "1.3.6.1.4.1.11129.2.4.2",
"subject": {
"common_name": [
"crm.swzljp.top"
]
},
"subject_alt_name": {
"dns_names": [
"crm.swzljp.top"
],
"extended_dns_names": [
{
"domain": "swzljp",
"fld": "swzljp.top",
"subdomain": "crm",
"tld": "top"
}
]
},
"subject_dn": "/CN=crm.swzljp.top",
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "7d9644e2a071150ad8313a8ed640d2264a8e13e8f7c67c4d17331f09540b21cc",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 2048,
"modulus": "MHhiNTk3MTQwNWJiMzk3NTYzMWRlYTJkZGU1NjY4YTEwMDI4M2Y1YjE0YjJhMzQzNjNhOTA1ZTA5NjY1OTczNzJjMTMwOWVlODViYTE3OGE3ZTdkMzgyNGIxZDBhZGFmYzljZGM0ZTQxMWE5YmMyMTUwNjc0NmU3OWQ1MjEyZDhmNWM2ODQ5MTdhMzUwMDQ5MzVlZGFmNzhmYmI5NzE3OWRjNTI5YmU4YjBmY2RjYWU5ZGMwYjhlMWYyYzQ1NGM5YjAyZjJiMjYzZjY3NDgyNzc2NjE1NzE1NjQxMDJiNTUwMWE1YWM5MjA2YzNiYmJlNTUzNDYzNTYwNDdlZmY0Zjg3ZDhjZjAwM2MwNDFmODc0YTBiZjRhOTU2ZDc4YjVhN2UyNGU5NGI2ZWU1ODE1ZDY4ZDAyNjg0YjYzY2ZlNzViMjc4ZGY1YzkzZTYzYjM0NDE1MjU3YjRiMjk5ODNlZjI0OGU2ZGY4NTI2MmIxN2QwNGM0NjYyMDFlNWU3YWZhYzYxZGUwNjk1NGUzOWJlODhkYjg1MmZiODNjMTFjZTJiZjgyMDFhZjkwNjNmYjZhZmViMjI2MTJmZWUxNzBiM2U4N2M4NmY4NWQzYzU4NDMyN2E5ODEzYmIyOTY2NDI4OGJhYjFmZWFmMTlkYzgwZDY3YmI1NTY4NjVkMWMwZTUwMQ=="
}
},
"tbs_fingerprint": "8bb8a9aa934344f9ebe634325496ab0d5a58dcc40e7ed7c27800541538eeca6b",
"tbs_noct_fingerprint": "accee808b3add61c60a9984afc14581b02fc5cd4f8cd51fe7e5a5faaab60530f",
"validation_level": "DV",
"validity": {
"length_seconds": 7862399,
"not_after": "2024-04-29T23:59:59",
"not_before": "2024-01-30T00:00:00"
},
"version": 2
},
"fingerprint_sha256": "9E43AE81EF4411B8DB30F8751F2FC44C679D02365E3F73195CB666DC442731FB",
"precert": false,
"raw": "MIIF9DCCBNygAwIBAgIQCodjku0PQyGPlGJKyoK/bzANBgkqhkiG9w0BAQsFADBuMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMS0wKwYDVQQDEyRFbmNyeXB0aW9uIEV2ZXJ5d2hlcmUgRFYgVExTIENBIC0gRzIwHhcNMjQwMTMwMDAwMDAwWhcNMjQwNDI5MjM1OTU5WjAZMRcwFQYDVQQDEw5jcm0uc3d6bGpwLnRvcDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALWXFAW7OXVjHeot3lZooQAoP1sUsqNDY6kF4JZllzcsEwnuhboXin59OCSx0K2vyc3E5BGpvCFQZ0bnnVIS2PXGhJF6NQBJNe2vePu5cXncUpvosPzcrp3AuOHyxFTJsC8rJj9nSCd2YVcVZBArVQGlrJIGw7u+VTRjVgR+/0+H2M8APAQfh0oL9KlW14tafiTpS27lgV1o0CaEtjz+dbJ431yT5js0QVJXtLKZg+8kjm34UmKxfQTEZiAeXnr6xh3gaVTjm+iNuFL7g8Ec4r+CAa+QY/tq/rImEv7hcLPofIb4XTxYQyepgTuylmQoi6sf6vGdyA1nu1VoZdHA5QECAwEAAaOCAuEwggLdMB8GA1UdIwQYMBaAFHjfkZBf7t6s9sV169VMVVPvJEq2MB0GA1UdDgQWBBQl6SnS07z5/9/rqIB8rPVeSghzzDAZBgNVHREEEjAQgg5jcm0uc3d6bGpwLnRvcDA+BgNVHSAENzA1MDMGBmeBDAECATApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjCBgAYIKwYBBQUHAQEEdDByMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wSgYIKwYBBQUHMAKGPmh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9FbmNyeXB0aW9uRXZlcnl3aGVyZURWVExTQ0EtRzIuY3J0MAwGA1UdEwEB/wQCMAAwggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB1AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABjVkYtNsAAAQDAEYwRAIgAfQJnir+7AHsGqNll4ZAZxWWV4LBsPMrfNf4/CSjpcQCIEfcLyibzGpVeIZQcPR3nEecRgppERlY6SBjZdro+3x/AHYASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGNWRi09AAABAMARzBFAiB06xNsv11lfCCLAF2oMvvTQCzWkLWxa20yenthHaCq/AIhALSdhtlmFuY1Nz0x7EC7Y7LkxFpI+jt1414TB07DVO6lAHcA2ra/az+1tiKfm8K7XGvocJFxbLtRhIU0vaQ9MEjX+6sAAAGNWRi0zgAABAMASDBGAiEA9EpanaT2cdgyYm6K4BbG8j2geTLooyAGR6Ru96uDFTgCIQC1DRB3uOgsMesk8DdEaTdtNfBcm3dcvIt7PP4GURBoajANBgkqhkiG9w0BAQsFAAOCAQEAs0sfhPu9l2OPz10GZgO+kuypKFcnCQSkI528pDLJSB3FnyF0JDbbH2ulH4licLpNSu3FpT+Qxqc2WF0TYO+VET4QhNPMlShsW+I8Q+S2KC2eQ83dAvfLpJZ5xS2uioAmqXcaktJKmGmMsr1ZC9Con4x85RL7MrThF9ys8uVG4k5cCxD9cAls0pk8GYkKVZJfdKOegZBs2a0pzUqxXof6DnnihHeHBJ7Iy6VOZPgLbXtc1hgmgaM4P9ocLNvEB7IpjU32AVShlnChS94pbART0REfPV6t+xdTxTII7aCBQ0w7f+z2shdFXHKWpDlslZqKLhfDV76woY6IuFa96ESV/g==",
"tags": [
"dv",
"trusted"
]
}
},
"url": "https://39.98.57.101/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-11-21T06:33:12.508Z"
},
{
"port": 3306,
"protocol": "tcp",
"name": "mysql",
"version": "5.7.43-log",
"product": "MySQL",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:mysql:mysql:5.7.43-log",
"part": "a",
"vendor": "mysql",
"product": "mysql",
"version": "5\\.7\\.43\\-log",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"mysql": {
"capability_flags": {
"CLIENT_CAN_HANDLE_EXPIRED_PASSWORDS": true,
"CLIENT_COMPRESS": true,
"CLIENT_CONNECT_ATTRS": true,
"CLIENT_CONNECT_WITH_DB": true,
"CLIENT_DEPRECATED_EOF": true,
"CLIENT_FOUND_ROWS": true,
"CLIENT_IGNORE_SIGPIPE": true,
"CLIENT_IGNORE_SPACE": true,
"CLIENT_INTERACTIVE": true,
"CLIENT_LOCAL_FILES": true,
"CLIENT_LONG_FLAG": true,
"CLIENT_LONG_PASSWORD": true,
"CLIENT_MULTI_RESULTS": true,
"CLIENT_MULTI_STATEMENTS": true,
"CLIENT_NO_SCHEMA": true,
"CLIENT_ODBC": true,
"CLIENT_PLUGIN_AUTH": true,
"CLIENT_PLUGIN_AUTH_LEN_ENC_CLIENT_DATA": true,
"CLIENT_PROTOCOL_41": true,
"CLIENT_PS_MULTI_RESULTS": true,
"CLIENT_RESERVED": true,
"CLIENT_SECURE_CONNECTION": true,
"CLIENT_SESSION_TRACK": true,
"CLIENT_SSL": true,
"CLIENT_TRANSACTIONS": true
},
"protocol_version": 10,
"version": "5.7.43-log"
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
}
},
"fingerprint_md5": "F4525EC928C1B13605EBDA2DBA0BAB19",
"fingerprint_sha1": "F371F3BCA3DD8C699EC6BC038CB2A8AAE1BBB4F5",
"fingerprint_sha256": "56FDC80538895C1B5403F81A90FADF1F53F2AEB0ADBB99F3EA416F13C6E0F8D3",
"issuer": {
"common_name": [
"MySQL_Server_5.7.43_Auto_Generated_CA_Certificate"
]
},
"issuer_dn": "/CN=MySQL_Server_5.7.43_Auto_Generated_CA_Certificate",
"jarm": "00000000000000000000000000000000000000000000000000000000000000",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "2",
"signature": {
"algorithm": {
"name": "SHA256-RSA",
"oid": "1.2.840.113549.1.1.11"
},
"self_signed": false,
"value": "N2JmNzgzNDc5MjA1ODA0ZTEyM2U1MmFiZmJlYjdhODFjY2NiMzMwNGE0YWNkZTI1NDI5ODY0NmQxMDc3MDgzYTNlMmQ3ODk3YWFiODIyMzE4NTMwNzJjOGI1ZDk1OTFmYzczYWZkZWU5NWE5ODhkN2Q1ZDdiNTAxNzc3ZTVmNjhiYzdhNGYzZTlkZGI2NDk2NGQwMGQ2NmQ4NDNjY2Y1MTljOGJmMzg3ZDU3ZGE1MDcyNDJiZGQxMzIzNzQ3YmVlNTU5YTE1OTg3M2FiYjhiMDBjMGQ3MjEwZTFiNDVjNzVmYWQyMGJmZGFjODBhZDlmZTgyNjIzYjgwYjY0MTY4YTk0MTZmYjk4YTZjNjAwNzNmZmJkZDhkZDU2Y2I5NzdkNWU0YTJlZDlhZWQzNGMwYjE2MzRlZmNjODczYjAzMTMzMGVmMmFhYjY4YmUzOWNhZmI3ZjMyYzc0YWY1MGU5NWY0Y2IyZDc1NWMxNWQ5NTY1MTg5OTVmNGIyNTc2MGE0NTlhNGI3MzllYzI0ZmQ2MThmYjM3OGVlMDlhZjNkYmI1ZGZjNjUxNTIzMjA5OWViNDUxNjBhNWM2ZjA3OGNiMWQ2MWFkZDlkZTE2NDQzYjk4OTY4YzczOGVkZTMxZWUyYmFkNDg0MTY3YTg0OWQzMzVlZDQ2NmZlNTk0M2FkZTg="
},
"subject": {
"common_name": [
"MySQL_Server_5.7.43_Auto_Generated_Server_Certificate"
]
},
"subject_alt_name": {
"dns_names": [
"MySQL_Server_5.7.43_Auto_Generated_Server_Certificate"
],
"extended_dns_names": []
},
"subject_dn": "/CN=MySQL_Server_5.7.43_Auto_Generated_Server_Certificate",
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "64c7babb7e35db8da5932201b1ab5ecf21efae99e41e0c7b742bcfd379509e1d",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 2048,
"modulus": "MHhiNjY0ZDA3ODJkYzYwNzRkMTZmYjY4NmJjNWVmODQzMmRhNWMyM2ZiODk4MjIyYzEwMWNlNGRmZjY3Zjk4ZjAzOGVjOWUxOWQ0MmIwYTUxMmZmY2YyYTE4NTBiOWExZjBlOWM4YzQ0YWFlOTM0OTVlNTA0NDk3MDQzYWY3NmQzOThiMWE1MjljMjUwNDgwMTkzZDYyMzRlMGE1ZmEzNTViY2QxNzc5Nzg0OTdhNjhkNjI4Y2NlY2FmZGY4ZWJmMjcxNTQxOThhOTQ2YmZmM2RjMTJmYmQ0ZmM4ODA4ZTk1ZWZjZmM3OTJhODdmYjUwMjY4MjliMDVjNDY3YTJkNzIxMjYwNjM3M2U5MDI1OGUzMTYyZmRjOTdhM2Q2NjYzYTFmOTIxYmVhMDVmMmUyM2ZlZjQ4OWU3NDdiNTU5OGNkOWE1YjRmMzk2MjYxMjZmOWUxMGEzZTYxZDhkZGIyZjg5MWFhZjQ0NDNlNDJhNDIyNjliZTRjYjczMzFhZjRmMjg3NTM5ZGE2Y2Q3ZmNkYTA5YjlkOGM2NTYyMjI4YmE3ZGQ1ZDExMjIyZGFmNzNlMWQ0MTk5Zjk4YzdiOGU0M2VkZjczNTNhZmY0MWY5ZDEyMjk0MTlhN2IwYTRlMTJlODkxMmY0M2Q5MWRjNjA2OTBlYmQ5NWI1YmY3NTQ1YTgwOQ=="
}
},
"tbs_fingerprint": "b8c2c6629c27bf4ef0b118e7fec6dc3a57c99449f5f884728e573e2d5aac440c",
"validation_level": "DV",
"validity": {
"length_seconds": 315360000,
"not_after": "2033-11-24T13:07:25",
"not_before": "2023-11-27T13:07:25"
},
"version": 2
},
"fingerprint_sha256": "56FDC80538895C1B5403F81A90FADF1F53F2AEB0ADBB99F3EA416F13C6E0F8D3",
"precert": false,
"raw": "MIIDBzCCAe+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADA8MTowOAYDVQQDDDFNeVNRTF9TZXJ2ZXJfNS43LjQzX0F1dG9fR2VuZXJhdGVkX0NBX0NlcnRpZmljYXRlMB4XDTIzMTEyNzEzMDcyNVoXDTMzMTEyNDEzMDcyNVowQDE+MDwGA1UEAww1TXlTUUxfU2VydmVyXzUuNy40M19BdXRvX0dlbmVyYXRlZF9TZXJ2ZXJfQ2VydGlmaWNhdGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2ZNB4LcYHTRb7aGvF74Qy2lwj+4mCIsEBzk3/Z/mPA47J4Z1CsKUS/88qGFC5ofDpyMRKrpNJXlBElwQ69205ixpSnCUEgBk9YjTgpfo1W80XeXhJemjWKMzsr9+OvycVQZipRr/z3BL71PyICOle/Px5Kof7UCaCmwXEZ6LXISYGNz6QJY4xYv3Jej1mY6H5Ib6gXy4j/vSJ50e1WYzZpbTzliYSb54Qo+YdjdsviRqvREPkKkImm+TLczGvTyh1Odps1/zaCbnYxlYiKLp91dESItr3Ph1BmfmMe45D7fc1Ov9B+dEilBmnsKThLokS9D2R3GBpDr2Vtb91RagJAgMBAAGjEDAOMAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggEBAHv3g0eSBYBOEj5Sq/vreoHMyzMEpKzeJUKYZG0Qdwg6Pi14l6q4IjGFMHLItdlZH8c6/e6VqYjX1de1AXd+X2i8ek8+ndtklk0A1m2EPM9RnIvzh9V9pQckK90TI3R77lWaFZhzq7iwDA1yEOG0XHX60gv9rICtn+gmI7gLZBaKlBb7mKbGAHP/vdjdVsuXfV5KLtmu00wLFjTvzIc7AxMw7yqraL45yvt/MsdK9Q6V9MstdVwV2VZRiZX0sldgpFmktznsJP1hj7N47gmvPbtd/GUVIyCZ60UWClxvB4yx1hrdneFkQ7mJaMc47eMe4rrUhBZ6hJ0zXtRm/llDreg=",
"tags": [
"dv",
"trusted"
]
}
},
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-11-21T20:52:08.082Z"
}
],
"services_hash": "4c597f1f21770d1981a0c21eef8e04617f0adad966b35e9e9aa9895cf486cbdc",
"last_updated_at": "2025-11-25T12:05:00.378Z",
"banner": [
"ftp",
"tls",
"ssh",
"mysql",
"http"
],
"is_vuln": true,
"cveDetails": {
"CVE-1999-0431": {
"id": "CVE-1999-0431",
"references": [
"https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0431",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0431"
],
"score": 5,
"services": [
"22/ssh"
],
"severity": "medium",
"summary": "Linux 2.2.3 and earlier allow a remote attacker to perform an IP fragmentation attack, causing a denial of service.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "NVD-CWE-Other"
},
"CVE-1999-0656": {
"id": "CVE-1999-0656",
"references": [
"http://ca.com/au/securityadvisor/vulninfo/Vuln.aspx?ID=1638",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/348",
"http://ca.com/au/securityadvisor/vulninfo/Vuln.aspx?ID=1638",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/348"
],
"score": 5,
"services": [
"22/ssh"
],
"severity": "medium",
"summary": "The ugidd RPC interface, by design, allows remote attackers to enumerate valid usernames by specifying arbitrary UIDs that ugidd maps to local user and group names.",
"vector_string": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"weakness": "CWE-16"
},
"CVE-1999-1285": {
"id": "CVE-1999-1285",
"references": [
"http://marc.info/?l=bugtraq&m=91495921611500&w=2",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/1472",
"http://marc.info/?l=bugtraq&m=91495921611500&w=2",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/1472"
],
"score": 2.1,
"services": [
"22/ssh"
],
"severity": "low",
"summary": "Linux 2.1.132 and earlier allows local users to cause a denial of service (resource exhaustion) by reading a large buffer from a random device (e.g. /dev/urandom), which cannot be interrupted until the read has completed.",
"vector_string": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "NVD-CWE-Other"
},
"CVE-1999-1442": {
"id": "CVE-1999-1442",
"references": [
"http://uwsg.iu.edu/hypermail/linux/kernel/9805.3/0855.html",
"http://www.cs.helsinki.fi/linux/linux-kernel/Year-1998/1998-25/0816.html",
"http://www.securityfocus.com/bid/105"
],
"score": 7.2,
"services": [
"22/ssh"
],
"severity": "high",
"summary": "Bug in AMD K6 processor on Linux 2.0.x and 2.1.x kernels allows local users to cause a denial of service (crash) via a particular sequence of instructions, possibly related to accessing addresses outside of segments.",
"vector_string": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"weakness": "NVD-CWE-Other"
},
"CVE-2007-2768": {
"id": "CVE-2007-2768",
"references": [
"http://archives.neohapsis.com/archives/fulldisclosure/2007-04/0635.html",
"http://www.osvdb.org/34601",
"https://security.netapp.com/advisory/ntap-20191107-0002/",
"http://archives.neohapsis.com/archives/fulldisclosure/2007-04/0635.html",
"http://www.osvdb.org/34601",
"https://security.netapp.com/advisory/ntap-20191107-0002/"
],
"score": 4.3,
"services": [
"22/ssh"
],
"severity": "medium",
"summary": "OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.",
"vector_string": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"weakness": "CWE-200"
},
"CVE-2008-3844": {
"id": "CVE-2008-3844",
"references": [
"http://secunia.com/advisories/31575",
"http://secunia.com/advisories/32241",
"http://securitytracker.com/id?1020730",
"http://support.avaya.com/elmodocs2/security/ASA-2008-399.htm",
"http://www.redhat.com/security/data/openssh-blacklist.html",
"http://www.redhat.com/support/errata/RHSA-2008-0855.html",
"http://www.securityfocus.com/bid/30794",
"http://www.vupen.com/english/advisories/2008/2821",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/44747",
"http://secunia.com/advisories/31575",
"http://secunia.com/advisories/32241",
"http://securitytracker.com/id?1020730",
"http://support.avaya.com/elmodocs2/security/ASA-2008-399.htm",
"http://www.redhat.com/security/data/openssh-blacklist.html",
"http://www.redhat.com/support/errata/RHSA-2008-0855.html",
"http://www.securityfocus.com/bid/30794",
"http://www.vupen.com/english/advisories/2008/2821",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/44747"
],
"score": 9.3,
"services": [
"22/ssh"
],
"severity": "high",
"summary": "Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.",
"vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"weakness": "CWE-20"
},
"CVE-2022-3424": {
"id": "CVE-2022-3424",
"references": [
"https://bugzilla.redhat.com/show_bug.cgi?id=2132640",
"https://github.com/torvalds/linux/commit/643a16a0eb1d6ac23744bb6e90a00fc21148a9dc",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html",
"https://lore.kernel.org/all/20221019031445.901570-1-zyytlz.wz%40163.com/",
"https://security.netapp.com/advisory/ntap-20230406-0005/",
"https://www.spinics.net/lists/kernel/msg4518970.html",
"https://bugzilla.redhat.com/show_bug.cgi?id=2132640",
"https://github.com/torvalds/linux/commit/643a16a0eb1d6ac23744bb6e90a00fc21148a9dc",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html",
"https://lore.kernel.org/all/20221019031445.901570-1-zyytlz.wz%40163.com/",
"https://security.netapp.com/advisory/ntap-20230406-0005/",
"https://www.spinics.net/lists/kernel/msg4518970.html"
],
"score": 7.8,
"services": [
"22/ssh"
],
"severity": "high",
"summary": "A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by the user, where a fail pass occurs in the gru_check_chiplet_assignment function. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"vector_string": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-416"
},
"CVE-2022-3707": {
"id": "CVE-2022-3707",
"references": [
"https://bugzilla.redhat.com/show_bug.cgi?id=2137979",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html",
"https://lore.kernel.org/all/20221007013708.1946061-1-zyytlz.wz%40163.com/",
"https://bugzilla.redhat.com/show_bug.cgi?id=2137979",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html",
"https://lore.kernel.org/all/20221007013708.1946061-1-zyytlz.wz%40163.com/"
],
"score": 5.5,
"services": [
"22/ssh"
],
"severity": "medium",
"summary": "A double-free memory flaw was found in the Linux kernel. The Intel GVT-g graphics driver triggers VGA card system resource overload, causing a fail in the intel_gvt_dma_map_guest_page function. This issue could allow a local user to crash the system.",
"vector_string": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-460"
},
"CVE-2023-0030": {
"id": "CVE-2023-0030",
"references": [
"https://bugzilla.redhat.com/show_bug.cgi?id=2157270",
"https://github.com/torvalds/linux/commit/729eba3355674f2d9524629b73683ba1d1cd3f10",
"https://security.netapp.com/advisory/ntap-20230413-0010/",
"https://bugzilla.redhat.com/show_bug.cgi?id=2157270",
"https://github.com/torvalds/linux/commit/729eba3355674f2d9524629b73683ba1d1cd3f10",
"https://security.netapp.com/advisory/ntap-20230413-0010/",
"https://bugzilla.redhat.com/show_bug.cgi?id=2157270"
],
"score": 7.8,
"services": [
"22/ssh"
],
"severity": "high",
"summary": "A use-after-free flaw was found in the Linux kernel’s nouveau driver in how a user triggers a memory overflow that causes the nvkm_vma_tail function to fail. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"vector_string": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-416"
},
"CVE-2023-1390": {
"id": "CVE-2023-1390",
"references": [
"https://gist.github.com/netspooky/bee2d07022f6350bb88eaa48e571d9b5",
"https://github.com/torvalds/linux/commit/b77413446408fdd256599daf00d5be72b5f3e7c6",
"https://infosec.exchange/%40_mattata/109427999461122360",
"https://security.netapp.com/advisory/ntap-20230420-0001/",
"https://gist.github.com/netspooky/bee2d07022f6350bb88eaa48e571d9b5",
"https://github.com/torvalds/linux/commit/b77413446408fdd256599daf00d5be72b5f3e7c6",
"https://infosec.exchange/%40_mattata/109427999461122360",
"https://security.netapp.com/advisory/ntap-20230420-0001/"
],
"score": 7.5,
"services": [
"22/ssh"
],
"severity": "high",
"summary": "A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipc_link_xmit() hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization for the system to instantly spike to 100%, causing a denial of service condition.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-1050"
},
"CVE-2023-28466": {
"id": "CVE-2023-28466",
"references": [
"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=49c47cc21b5b7a3d8deb18fc57b0aa2ab1286962",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html",
"https://security.netapp.com/advisory/ntap-20230427-0006/",
"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=49c47cc21b5b7a3d8deb18fc57b0aa2ab1286962",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html",
"https://security.netapp.com/advisory/ntap-20230427-0006/"
],
"score": 7,
"services": [
"22/ssh"
],
"severity": "high",
"summary": "do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference).",
"vector_string": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-476"
},
"CVE-2023-28531": {
"id": "CVE-2023-28531",
"references": [
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AN2UDTXEUSKFIOIYMV6JNI5VSBMYZOFT/",
"https://security.gentoo.org/glsa/202307-01",
"https://security.netapp.com/advisory/ntap-20230413-0008/",
"https://www.debian.org/security/2023/dsa-5586",
"https://www.openwall.com/lists/oss-security/2023/03/15/8",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AN2UDTXEUSKFIOIYMV6JNI5VSBMYZOFT/",
"https://security.gentoo.org/glsa/202307-01",
"https://security.netapp.com/advisory/ntap-20230413-0008/",
"https://www.debian.org/security/2023/dsa-5586",
"https://www.openwall.com/lists/oss-security/2023/03/15/8"
],
"score": 9.8,
"services": [
"22/ssh"
],
"severity": "critical",
"summary": "ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2023-38408": {
"id": "CVE-2023-38408",
"references": [
"http://packetstormsecurity.com/files/173661/OpenSSH-Forwarded-SSH-Agent-Remote-Code-Execution.html",
"http://www.openwall.com/lists/oss-security/2023/07/20/1",
"http://www.openwall.com/lists/oss-security/2023/07/20/2",
"http://www.openwall.com/lists/oss-security/2023/09/22/11",
"http://www.openwall.com/lists/oss-security/2023/09/22/9",
"https://blog.qualys.com/vulnerabilities-threat-research/2023/07/19/cve-2023-38408-remote-code-execution-in-opensshs-forwarded-ssh-agent",
"https://github.com/openbsd/src/commit/7bc29a9d5cd697290aa056e94ecee6253d3425f8",
"https://github.com/openbsd/src/commit/f03a4faa55c4ce0818324701dadbf91988d7351d",
"https://github.com/openbsd/src/commit/f8f5a6b003981bb824329dc987d101977beda7ca",
"https://lists.debian.org/debian-lts-announce/2023/08/msg00021.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CEBTJJINE2I3FHAUKKNQWMFGYMLSMWKQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RAXVQS6ZYTULFAK3TEJHRLKZALJS3AOU/",
"https://news.ycombinator.com/item?id=36790196",
"https://security.gentoo.org/glsa/202307-01",
"https://security.netapp.com/advisory/ntap-20230803-0010/",
"https://support.apple.com/kb/HT213940",
"https://www.openssh.com/security.html",
"https://www.openssh.com/txt/release-9.3p2",
"https://www.qualys.com/2023/07/19/cve-2023-38408/rce-openssh-forwarded-ssh-agent.txt",
"https://www.vicarius.io/vsociety/posts/exploring-opensshs-agent-forwarding-rce-cve-2023-38408",
"http://packetstormsecurity.com/files/173661/OpenSSH-Forwarded-SSH-Agent-Remote-Code-Execution.html",
"http://www.openwall.com/lists/oss-security/2023/07/20/1",
"http://www.openwall.com/lists/oss-security/2023/07/20/2",
"http://www.openwall.com/lists/oss-security/2023/09/22/11",
"http://www.openwall.com/lists/oss-security/2023/09/22/9",
"https://blog.qualys.com/vulnerabilities-threat-research/2023/07/19/cve-2023-38408-remote-code-execution-in-opensshs-forwarded-ssh-agent",
"https://github.com/openbsd/src/commit/7bc29a9d5cd697290aa056e94ecee6253d3425f8",
"https://github.com/openbsd/src/commit/f03a4faa55c4ce0818324701dadbf91988d7351d",
"https://github.com/openbsd/src/commit/f8f5a6b003981bb824329dc987d101977beda7ca",
"https://lists.debian.org/debian-lts-announce/2023/08/msg00021.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CEBTJJINE2I3FHAUKKNQWMFGYMLSMWKQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RAXVQS6ZYTULFAK3TEJHRLKZALJS3AOU/",
"https://news.ycombinator.com/item?id=36790196",
"https://security.gentoo.org/glsa/202307-01",
"https://security.netapp.com/advisory/ntap-20230803-0010/",
"https://support.apple.com/kb/HT213940",
"https://www.openssh.com/security.html",
"https://www.openssh.com/txt/release-9.3p2",
"https://www.qualys.com/2023/07/19/cve-2023-38408/rce-openssh-forwarded-ssh-agent.txt",
"https://www.vicarius.io/vsociety/posts/exploring-opensshs-agent-forwarding-rce-cve-2023-38408"
],
"score": 9.8,
"services": [
"22/ssh"
],
"severity": "critical",
"summary": "The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-428"
},
"CVE-2023-48795": {
"id": "CVE-2023-48795",
"references": [
"http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html",
"http://seclists.org/fulldisclosure/2024/Mar/21",
"http://www.openwall.com/lists/oss-security/2023/12/18/3",
"http://www.openwall.com/lists/oss-security/2023/12/19/5",
"http://www.openwall.com/lists/oss-security/2023/12/20/3",
"http://www.openwall.com/lists/oss-security/2024/03/06/3",
"http://www.openwall.com/lists/oss-security/2024/04/17/8",
"https://access.redhat.com/security/cve/cve-2023-48795",
"https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/",
"https://bugs.gentoo.org/920280",
"https://bugzilla.redhat.com/show_bug.cgi?id=2254210",
"https://bugzilla.suse.com/show_bug.cgi?id=1217950",
"https://crates.io/crates/thrussh/versions",
"https://filezilla-project.org/versions.php",
"https://forum.netgate.com/topic/184941/terrapin-ssh-attack",
"https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6",
"https://github.com/NixOS/nixpkgs/pull/275249",
"https://github.com/PowerShell/Win32-OpenSSH/issues/2189",
"https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta",
"https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0",
"https://github.com/TeraTermProject/teraterm/releases/tag/v5.1",
"https://github.com/advisories/GHSA-45x7-px36-x8w8",
"https://github.com/apache/mina-sshd/issues/445",
"https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab",
"https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22",
"https://github.com/cyd01/KiTTY/issues/520",
"https://github.com/drakkan/sftpgo/releases/tag/v2.5.6",
"https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42",
"https://github.com/erlang/otp/releases/tag/OTP-26.2.1",
"https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d",
"https://github.com/hierynomus/sshj/issues/916",
"https://github.com/janmojzis/tinyssh/issues/81",
"https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5",
"https://github.com/libssh2/libssh2/pull/1291",
"https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25",
"https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3",
"https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15",
"https://github.com/mwiede/jsch/issues/457",
"https://github.com/mwiede/jsch/pull/461",
"https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16",
"https://github.com/openssh/openssh-portable/commits/master",
"https://github.com/paramiko/paramiko/issues/2337",
"https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES",
"https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES",
"https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES",
"https://github.com/proftpd/proftpd/issues/456",
"https://github.com/rapier1/hpn-ssh/releases",
"https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst",
"https://github.com/ronf/asyncssh/tags",
"https://github.com/ssh-mitm/ssh-mitm/issues/165",
"https://github.com/warp-tech/russh/releases/tag/v0.40.2",
"https://gitlab.com/libssh/libssh-mirror/-/tags",
"https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ",
"https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg",
"https://help.panic.com/releasenotes/transmit5/",
"https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/",
"https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html",
"https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html",
"https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html",
"https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/",
"https://matt.ucc.asn.au/dropbear/CHANGES",
"https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC",
"https://news.ycombinator.com/item?id=38684904",
"https://news.ycombinator.com/item?id=38685286",
"https://news.ycombinator.com/item?id=38732005",
"https://nova.app/releases/#v11.8",
"https://oryx-embedded.com/download/#changelog",
"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002",
"https://roumenpetrov.info/secsh/#news20231220",
"https://security-tracker.debian.org/tracker/CVE-2023-48795",
"https://security-tracker.debian.org/tracker/source-package/libssh2",
"https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg",
"https://security-tracker.debian.org/tracker/source-package/trilead-ssh2",
"https://security.gentoo.org/glsa/202312-16",
"https://security.gentoo.org/glsa/202312-17",
"https://security.netapp.com/advisory/ntap-20240105-0004/",
"https://support.apple.com/kb/HT214084",
"https://thorntech.com/cve-2023-48795-and-sftp-gateway/",
"https://twitter.com/TrueSkrillor/status/1736774389725565005",
"https://ubuntu.com/security/CVE-2023-48795",
"https://winscp.net/eng/docs/history#6.2.2",
"https://www.bitvise.com/ssh-client-version-history#933",
"https://www.bitvise.com/ssh-server-version-history",
"https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html",
"https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update",
"https://www.debian.org/security/2023/dsa-5586",
"https://www.debian.org/security/2023/dsa-5588",
"https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc",
"https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508",
"https://www.netsarang.com/en/xshell-update-history/",
"https://www.openssh.com/openbsd.html",
"https://www.openssh.com/txt/release-9.6",
"https://www.openwall.com/lists/oss-security/2023/12/18/2",
"https://www.openwall.com/lists/oss-security/2023/12/20/3",
"https://www.paramiko.org/changelog.html",
"https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/",
"https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/",
"https://www.terrapin-attack.com",
"https://www.theregister.com/2023/12/20/terrapin_attack_ssh",
"https://www.vandyke.com/products/securecrt/history.txt",
"http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html",
"http://seclists.org/fulldisclosure/2024/Mar/21",
"http://www.openwall.com/lists/oss-security/2023/12/18/3",
"http://www.openwall.com/lists/oss-security/2023/12/19/5",
"http://www.openwall.com/lists/oss-security/2023/12/20/3",
"http://www.openwall.com/lists/oss-security/2024/03/06/3",
"http://www.openwall.com/lists/oss-security/2024/04/17/8",
"https://access.redhat.com/security/cve/cve-2023-48795",
"https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/",
"https://bugs.gentoo.org/920280",
"https://bugzilla.redhat.com/show_bug.cgi?id=2254210",
"https://bugzilla.suse.com/show_bug.cgi?id=1217950",
"https://crates.io/crates/thrussh/versions",
"https://filezilla-project.org/versions.php",
"https://forum.netgate.com/topic/184941/terrapin-ssh-attack",
"https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6",
"https://github.com/NixOS/nixpkgs/pull/275249",
"https://github.com/PowerShell/Win32-OpenSSH/issues/2189",
"https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta",
"https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0",
"https://github.com/TeraTermProject/teraterm/releases/tag/v5.1",
"https://github.com/advisories/GHSA-45x7-px36-x8w8",
"https://github.com/apache/mina-sshd/issues/445",
"https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab",
"https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22",
"https://github.com/cyd01/KiTTY/issues/520",
"https://github.com/drakkan/sftpgo/releases/tag/v2.5.6",
"https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42",
"https://github.com/erlang/otp/releases/tag/OTP-26.2.1",
"https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d",
"https://github.com/hierynomus/sshj/issues/916",
"https://github.com/janmojzis/tinyssh/issues/81",
"https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5",
"https://github.com/libssh2/libssh2/pull/1291",
"https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25",
"https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3",
"https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15",
"https://github.com/mwiede/jsch/issues/457",
"https://github.com/mwiede/jsch/pull/461",
"https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16",
"https://github.com/openssh/openssh-portable/commits/master",
"https://github.com/paramiko/paramiko/issues/2337",
"https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES",
"https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES",
"https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES",
"https://github.com/proftpd/proftpd/issues/456",
"https://github.com/rapier1/hpn-ssh/releases",
"https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst",
"https://github.com/ronf/asyncssh/tags",
"https://github.com/ssh-mitm/ssh-mitm/issues/165",
"https://github.com/warp-tech/russh/releases/tag/v0.40.2",
"https://gitlab.com/libssh/libssh-mirror/-/tags",
"https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ",
"https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg",
"https://help.panic.com/releasenotes/transmit5/",
"https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/",
"https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html",
"https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html",
"https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html",
"https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html",
"https://lists.debian.org/debian-lts-announce/2024/09/msg00042.html",
"https://lists.debian.org/debian-lts-announce/2024/11/msg00032.html",
"https://lists.debian.org/debian-lts-announce/2025/04/msg00028.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/",
"https://matt.ucc.asn.au/dropbear/CHANGES",
"https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC",
"https://news.ycombinator.com/item?id=38684904",
"https://news.ycombinator.com/item?id=38685286",
"https://news.ycombinator.com/item?id=38732005",
"https://nova.app/releases/#v11.8",
"https://oryx-embedded.com/download/#changelog",
"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002",
"https://roumenpetrov.info/secsh/#news20231220",
"https://security-tracker.debian.org/tracker/CVE-2023-48795",
"https://security-tracker.debian.org/tracker/source-package/libssh2",
"https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg",
"https://security-tracker.debian.org/tracker/source-package/trilead-ssh2",
"https://security.gentoo.org/glsa/202312-16",
"https://security.gentoo.org/glsa/202312-17",
"https://security.netapp.com/advisory/ntap-20240105-0004/",
"https://support.apple.com/kb/HT214084",
"https://thorntech.com/cve-2023-48795-and-sftp-gateway/",
"https://twitter.com/TrueSkrillor/status/1736774389725565005",
"https://ubuntu.com/security/CVE-2023-48795",
"https://winscp.net/eng/docs/history#6.2.2",
"https://www.bitvise.com/ssh-client-version-history#933",
"https://www.bitvise.com/ssh-server-version-history",
"https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html",
"https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update",
"https://www.debian.org/security/2023/dsa-5586",
"https://www.debian.org/security/2023/dsa-5588",
"https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc",
"https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508",
"https://www.netsarang.com/en/xshell-update-history/",
"https://www.openssh.com/openbsd.html",
"https://www.openssh.com/txt/release-9.6",
"https://www.openwall.com/lists/oss-security/2023/12/18/2",
"https://www.openwall.com/lists/oss-security/2023/12/20/3",
"https://www.paramiko.org/changelog.html",
"https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/",
"https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/",
"https://www.terrapin-attack.com",
"https://www.theregister.com/2023/12/20/terrapin_attack_ssh",
"https://www.vandyke.com/products/securecrt/history.txt",
"https://www.vicarius.io/vsociety/posts/cve-2023-48795-detect-openssh-vulnerabilit",
"https://www.vicarius.io/vsociety/posts/cve-2023-48795-mitigate-openssh-vulnerability"
],
"score": 5.9,
"services": [
"22/ssh"
],
"severity": "medium",
"summary": "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in [email protected] and (if CBC is used) the [email protected] MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.",
"vector_string": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"weakness": "CWE-354"
},
"CVE-2023-51384": {
"id": "CVE-2023-51384",
"references": [
"http://seclists.org/fulldisclosure/2024/Mar/21",
"https://github.com/openssh/openssh-portable/commit/881d9c6af9da4257c69c327c4e2f1508b2fa754b",
"https://security.netapp.com/advisory/ntap-20240105-0005/",
"https://support.apple.com/kb/HT214084",
"https://www.debian.org/security/2023/dsa-5586",
"https://www.openssh.com/txt/release-9.6",
"https://www.openwall.com/lists/oss-security/2023/12/18/2",
"http://seclists.org/fulldisclosure/2024/Mar/21",
"https://github.com/openssh/openssh-portable/commit/881d9c6af9da4257c69c327c4e2f1508b2fa754b",
"https://security.netapp.com/advisory/ntap-20240105-0005/",
"https://support.apple.com/kb/HT214084",
"https://www.debian.org/security/2023/dsa-5586",
"https://www.openssh.com/txt/release-9.6",
"https://www.openwall.com/lists/oss-security/2023/12/18/2"
],
"score": 5.5,
"services": [
"22/ssh"
],
"severity": "medium",
"summary": "In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.",
"vector_string": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2023-51385": {
"id": "CVE-2023-51385",
"references": [
"http://seclists.org/fulldisclosure/2024/Mar/21",
"http://www.openwall.com/lists/oss-security/2023/12/26/4",
"https://github.com/openssh/openssh-portable/commit/7ef3787c84b6b524501211b11a26c742f829af1a",
"https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html",
"https://security.gentoo.org/glsa/202312-17",
"https://security.netapp.com/advisory/ntap-20240105-0005/",
"https://support.apple.com/kb/HT214084",
"https://vin01.github.io/piptagole/ssh/security/openssh/libssh/remote-code-execution/2023/12/20/openssh-proxycommand-libssh-rce.html",
"https://www.debian.org/security/2023/dsa-5586",
"https://www.openssh.com/txt/release-9.6",
"https://www.openwall.com/lists/oss-security/2023/12/18/2",
"http://seclists.org/fulldisclosure/2024/Mar/21",
"http://www.openwall.com/lists/oss-security/2023/12/26/4",
"http://www.openwall.com/lists/oss-security/2025/10/07/1",
"http://www.openwall.com/lists/oss-security/2025/10/12/1",
"https://github.com/openssh/openssh-portable/commit/7ef3787c84b6b524501211b11a26c742f829af1a",
"https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html",
"https://security.gentoo.org/glsa/202312-17",
"https://security.netapp.com/advisory/ntap-20240105-0005/",
"https://support.apple.com/kb/HT214084",
"https://vin01.github.io/piptagole/ssh/security/openssh/libssh/remote-code-execution/2023/12/20/openssh-proxycommand-libssh-rce.html",
"https://www.debian.org/security/2023/dsa-5586",
"https://www.openssh.com/txt/release-9.6",
"https://www.openwall.com/lists/oss-security/2023/12/18/2"
],
"score": 6.5,
"services": [
"22/ssh"
],
"severity": "medium",
"summary": "In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"weakness": "CWE-78"
},
"CVE-2023-51767": {
"id": "CVE-2023-51767",
"references": [
"https://access.redhat.com/security/cve/CVE-2023-51767",
"https://arxiv.org/abs/2309.02545",
"https://bugzilla.redhat.com/show_bug.cgi?id=2255850",
"https://github.com/openssh/openssh-portable/blob/8241b9c0529228b4b86d88b1a6076fb9f97e4a99/auth-passwd.c#L77",
"https://github.com/openssh/openssh-portable/blob/8241b9c0529228b4b86d88b1a6076fb9f97e4a99/monitor.c#L878",
"https://security.netapp.com/advisory/ntap-20240125-0006/",
"https://ubuntu.com/security/CVE-2023-51767",
"https://www.openwall.com/lists/oss-security/2025/09/22/1",
"http://www.openwall.com/lists/oss-security/2025/09/22/1",
"http://www.openwall.com/lists/oss-security/2025/09/22/2",
"http://www.openwall.com/lists/oss-security/2025/09/23/1",
"http://www.openwall.com/lists/oss-security/2025/09/23/3",
"http://www.openwall.com/lists/oss-security/2025/09/23/4",
"http://www.openwall.com/lists/oss-security/2025/09/23/5",
"http://www.openwall.com/lists/oss-security/2025/09/24/4",
"http://www.openwall.com/lists/oss-security/2025/09/24/7",
"http://www.openwall.com/lists/oss-security/2025/09/25/2",
"http://www.openwall.com/lists/oss-security/2025/09/25/6",
"http://www.openwall.com/lists/oss-security/2025/09/26/2",
"http://www.openwall.com/lists/oss-security/2025/09/26/4",
"http://www.openwall.com/lists/oss-security/2025/09/27/1",
"http://www.openwall.com/lists/oss-security/2025/09/27/2",
"http://www.openwall.com/lists/oss-security/2025/09/27/3",
"http://www.openwall.com/lists/oss-security/2025/09/27/4",
"http://www.openwall.com/lists/oss-security/2025/09/27/5",
"http://www.openwall.com/lists/oss-security/2025/09/27/6",
"http://www.openwall.com/lists/oss-security/2025/09/27/7",
"http://www.openwall.com/lists/oss-security/2025/09/28/7",
"http://www.openwall.com/lists/oss-security/2025/09/29/1",
"http://www.openwall.com/lists/oss-security/2025/09/29/4",
"http://www.openwall.com/lists/oss-security/2025/09/29/5",
"http://www.openwall.com/lists/oss-security/2025/09/29/6",
"http://www.openwall.com/lists/oss-security/2025/10/01/1",
"http://www.openwall.com/lists/oss-security/2025/10/01/2",
"https://access.redhat.com/security/cve/CVE-2023-51767",
"https://arxiv.org/abs/2309.02545",
"https://bugzilla.redhat.com/show_bug.cgi?id=2255850",
"https://github.com/openssh/openssh-portable/blob/8241b9c0529228b4b86d88b1a6076fb9f97e4a99/auth-passwd.c#L77",
"https://github.com/openssh/openssh-portable/blob/8241b9c0529228b4b86d88b1a6076fb9f97e4a99/monitor.c#L878",
"https://security.netapp.com/advisory/ntap-20240125-0006/",
"https://ubuntu.com/security/CVE-2023-51767"
],
"score": 7,
"services": [
"22/ssh"
],
"severity": "high",
"summary": "OpenSSH through 10.0, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges. NOTE: this is disputed by the Supplier, who states \"we do not consider it to be the application's responsibility to defend against platform architectural weaknesses.\"",
"vector_string": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"weakness": "NVD-CWE-Other"
},
"CVE-2024-6387": {
"id": "CVE-2024-6387",
"references": [
"https://access.redhat.com/errata/RHSA-2024:4312",
"https://access.redhat.com/errata/RHSA-2024:4340",
"https://access.redhat.com/errata/RHSA-2024:4389",
"https://access.redhat.com/errata/RHSA-2024:4469",
"https://access.redhat.com/errata/RHSA-2024:4474",
"https://access.redhat.com/errata/RHSA-2024:4479",
"https://access.redhat.com/errata/RHSA-2024:4484",
"https://access.redhat.com/security/cve/CVE-2024-6387",
"https://bugzilla.redhat.com/show_bug.cgi?id=2294604",
"https://santandersecurityresearch.github.io/blog/sshing_the_masses.html",
"https://www.openssh.com/txt/release-9.8",
"https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt",
"http://seclists.org/fulldisclosure/2024/Jul/18",
"http://seclists.org/fulldisclosure/2024/Jul/19",
"http://seclists.org/fulldisclosure/2024/Jul/20",
"http://www.openwall.com/lists/oss-security/2024/07/01/12",
"http://www.openwall.com/lists/oss-security/2024/07/01/13",
"http://www.openwall.com/lists/oss-security/2024/07/02/1",
"http://www.openwall.com/lists/oss-security/2024/07/03/1",
"http://www.openwall.com/lists/oss-security/2024/07/03/11",
"http://www.openwall.com/lists/oss-security/2024/07/03/2",
"http://www.openwall.com/lists/oss-security/2024/07/03/3",
"http://www.openwall.com/lists/oss-security/2024/07/03/4",
"http://www.openwall.com/lists/oss-security/2024/07/03/5",
"http://www.openwall.com/lists/oss-security/2024/07/04/1",
"http://www.openwall.com/lists/oss-security/2024/07/04/2",
"http://www.openwall.com/lists/oss-security/2024/07/08/2",
"http://www.openwall.com/lists/oss-security/2024/07/08/3",
"http://www.openwall.com/lists/oss-security/2024/07/09/2",
"http://www.openwall.com/lists/oss-security/2024/07/09/5",
"http://www.openwall.com/lists/oss-security/2024/07/10/1",
"http://www.openwall.com/lists/oss-security/2024/07/10/2",
"http://www.openwall.com/lists/oss-security/2024/07/10/3",
"http://www.openwall.com/lists/oss-security/2024/07/10/4",
"http://www.openwall.com/lists/oss-security/2024/07/10/6",
"http://www.openwall.com/lists/oss-security/2024/07/11/1",
"http://www.openwall.com/lists/oss-security/2024/07/11/3",
"http://www.openwall.com/lists/oss-security/2024/07/23/4",
"http://www.openwall.com/lists/oss-security/2024/07/23/6",
"http://www.openwall.com/lists/oss-security/2024/07/28/2",
"http://www.openwall.com/lists/oss-security/2024/07/28/3",
"https://access.redhat.com/errata/RHSA-2024:4312",
"https://access.redhat.com/errata/RHSA-2024:4340",
"https://access.redhat.com/errata/RHSA-2024:4389",
"https://access.redhat.com/errata/RHSA-2024:4469",
"https://access.redhat.com/errata/RHSA-2024:4474",
"https://access.redhat.com/errata/RHSA-2024:4479",
"https://access.redhat.com/errata/RHSA-2024:4484",
"https://access.redhat.com/security/cve/CVE-2024-6387",
"https://archlinux.org/news/the-sshd-service-needs-to-be-restarted-after-upgrading-to-openssh-98p1/",
"https://arstechnica.com/security/2024/07/regresshion-vulnerability-in-openssh-gives-attackers-root-on-linux/",
"https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server",
"https://bugzilla.redhat.com/show_bug.cgi?id=2294604",
"https://explore.alas.aws.amazon.com/CVE-2024-6387.html",
"https://forum.vmssoftware.com/viewtopic.php?f=8&t=9132",
"https://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2024-002.txt.asc",
"https://github.com/AlmaLinux/updates/issues/629",
"https://github.com/Azure/AKS/issues/4379",
"https://github.com/PowerShell/Win32-OpenSSH/discussions/2248",
"https://github.com/PowerShell/Win32-OpenSSH/issues/2249",
"https://github.com/microsoft/azurelinux/issues/9555",
"https://github.com/openela-main/openssh/commit/e1f438970e5a337a17070a637c1b9e19697cad09",
"https://github.com/oracle/oracle-linux/issues/149",
"https://github.com/rapier1/hpn-ssh/issues/87",
"https://github.com/zgzhang/cve-2024-6387-poc",
"https://lists.almalinux.org/archives/list/[email protected]/thread/23BF5BMGFVEVUI2WNVAGMLKT557EU7VY/",
"https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html",
"https://lists.mindrot.org/pipermail/openssh-unix-dev/2024-July/041431.html",
"https://news.ycombinator.com/item?id=40843778",
"https://packetstorm.news/files/id/190587/",
"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0010",
"https://santandersecurityresearch.github.io/blog/sshing_the_masses.html",
"https://security-tracker.debian.org/tracker/CVE-2024-6387",
"https://security.netapp.com/advisory/ntap-20240701-0001/",
"https://sig-security.rocky.page/issues/CVE-2024-6387/",
"https://stackdiary.com/openssh-race-condition-in-sshd-allows-remote-code-execution/",
"https://support.apple.com/kb/HT214118",
"https://support.apple.com/kb/HT214119",
"https://support.apple.com/kb/HT214120",
"https://ubuntu.com/security/CVE-2024-6387",
"https://ubuntu.com/security/notices/USN-6859-1",
"https://www.akamai.com/blog/security-research/2024-openssh-vulnerability-regression-what-to-know-and-do",
"https://www.arista.com/en/support/advisories-notices/security-advisory/19904-security-advisory-0100",
"https://www.exploit-db.com/exploits/52269",
"https://www.freebsd.org/security/advisories/FreeBSD-SA-24:04.openssh.asc",
"https://www.openssh.com/txt/release-9.8",
"https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt",
"https://www.splunk.com/en_us/blog/security/cve-2024-6387-regresshion-vulnerability.html",
"https://www.suse.com/security/cve/CVE-2024-6387.html",
"https://www.theregister.com/2024/07/01/regresshion_openssh/",
"https://www.vicarius.io/vsociety/posts/regresshion-an-openssh-regression-error-cve-2024-6387"
],
"score": 8.1,
"services": [
"22/ssh"
],
"severity": "high",
"summary": "A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.",
"vector_string": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-364"
}
}
}