Análisis de Vulnerabilidad en Dispositivos Conectados A Internet Utilizando SHODAN

Análisis de vulnerabilidad en dispositivos conectados a Internet utilizando SHODAN
Villarreal Rosales Jorge Luis1

1
Universidad Técnica del Norte, Facultad de Ciencias Aplicadas, Carrera de
Telecomunicaciones, Asignatura Seguridad en Redes
Autores para correspondencia: jlvillarrealr@utn.edu.ec
Introducción
El mundo está enfocado cada vez más en el internet de las cosas (IoT), esto se debe a la
necesidad de estar interconectados todos los dispositivos inteligentes y facilitar las necesidades
y confortabilidad de las personas. Pero es necesario que la infraestructura en la que gira estos
procesos de desarrollo tecnológico se enfoque esencialmente en aspectos de seguridad mediante
herramientas que permitan administrar estos equipos y recursos. Una herramienta en el mercado
como SHODAN, ha permitido el análisis de diferentes servicios y sistemas que pueden estar
conectados a internet. De tal forma que nos facilita conocer las direcciones IP asignadas a cada
uno de los equipos con conexión a la internet, y de los cuales si no se encuentran adecuadamente
configurados pueden ser blanco de ataque de usuarios inadecuados o a su vez permitir observar
vulnerabilidades en la seguridad y tratar de solventar lo más pronto posible la problemática
existente.
Desarrollo
SHODAN al ser un motor de búsqueda con gran información de dispositivos conectados a la
red, permite realizar las búsquedas por varios filtros, en este caso podemos emplear ciertos
comandos dedicados a la ubicación, a la red, al software, etc. En este punto ya depende de la
audacia y la necesidad de la persona que maneje esta herramienta, además se debe considerar
que por temas académicos no se dispone de una cuenta con ciertos privilegios como “Network
Monitoring”, capaz de brindar acceso a miles y millones de host, así como filtros directos a
vulnerabilidades.
De tal forma que la versión de prueba se limita a pocas búsquedas antes de limitar el acceso a
la misma durante un lapso de 24 horas. Para ello se ha empleado los filtros en búsqueda de host
por locación y se ha seleccionado la ciudad de Ibarra. En Saitel con dirección IP:
138.185.137.109 se han encontrado ciertas vulnerabilidades como: CVE-2014-0117 la cual
especifica que: “el módulo mod_proxy en Apache HTTP Server 2.4.x antes de 2.4.10, cuando
se habilita un proxy inverso, permite a los atacantes remotos provocar una denegación de
servicio (bloqueo del proceso secundario) a través de un encabezado de conexión HTTP
diseñado” (CVE, 2013).
Posteriormente un filtro empleado se enfoca en dispositivos como cámaras web, las cuales
mayoritariamente SHODAN brinda información en el país de China, por ende, hemos ingresado
a una localidad como Suiza que disponía de vulnerabilidades en una cámara web y respondía a
la dirección IP de 164.128.164.89. Las vulnerabilidades encontradas son muy amplias, pero
hemos encontrado algunas como CVE-2019-1552 la cual “permite a los usuarios que no son de
confianza modificar la configuración predeterminada de OpenSSL, insertar certificados de CA,
modificar (o incluso reemplazar) módulos de motor existentes, etc.” (NVD, 2019), mientras
tanto otra vulnerabilidad es CVE-2018-0737, la cual se ha demostrado que el algoritmo de
generación de claves OpenSSL RSA es vulnerable a un ataque de canal lateral de sincronización
de caché. Un atacante con suficiente acceso para montar ataques de tiempo de caché durante el
proceso de generación de la clave RSA podría recuperar la clave privada. (CVE, 2017)
En si una de las vulnerabilidades más comunes es dejar credenciales de acceso por defecto
como “admin” y tener mal configurado el equipo, puesto a que estos son los principales blancos
de ataques.
Conclusiones
Ser conscientes de los peligros existentes y vulnerabilidades que puedan presentar los equipos
o las malas configuraciones realizadas, permite analizar y corregir a tiempo posibles ataques no
deseado, es por ello que esta herramienta de SHODAN que facilita la búsqueda de dispositivos
conectados a internet puede ser empleada tanto para el beneficio y seguridad, así como su
antagonista, y ser empleada para explotar las vulnerabilidades y desencadenar en consecuencias
indeseadas por hacking o ciberataques.
Las vulnerabilidades encontradas en SOLUCIONES AVANZADAS INFORMATICAS Y
TELECOMUNICACIONES SAITEL, afectan directamente al triángulo CIA en su
“Accesibilidad” ya que al generarse una denegación de servicio sería muy complicado volver a
acceder a dicho servicio y por ende se necesitaría solucionarlo o más que eso prevenirlo
mediante la restricción del uso del ancho de banda por aquellos hosts que cometan violaciones
o a su vez tratar de limitar el tráfico excesivo de un único host.
Por otro lado, las vulnerabilidades de Swisscom (Schweiz) AG se enfocan en sí a la propia
implementación física del sistema informático, y además en el otro tipo de vulnerabilidad señala
que se puede lograr modificaciones en determinada configuración, por ende, también se obtiene
acceso a clave privada, por lo cual, en el triángulo CIA se afecta tanto a la confidencialidad
como la integridad de los datos. Las mitigaciones posibles en este caso son buscar la
actualización de firmware de los fabricantes y corregirlo.
2
En si las vulnerabilidades encontradas en Saitel se enfoca en Apache, mientras tanto en
Swisscom (Schweiz) AG con dirección IP: 164.128.164.89 se enfocan en OpenSLL
Por lo tanto, las vulnerabilidades especificadas se las puede detallar en la Base de datos
Nacional de Vulnerabilidades (NVD), donde la escala de riesgo permite ver que índice de
vulnerabilidad presenta, además el código de vulnerabilidades y amenazas comunes (CVE)
facilita distinguir y clasificar los riesgos de vulnerabilidad. Por otro lado, BugTraq permite tener
discusión detallada acerca de vulnerabilidades y posibles soluciones.
Referencias
CVE. (2013). CVE-2014-0117. Obtenido de Common Vulnerabilities and Exposures:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0117
CVE. (30 de Noviembre de 2017). CVE-2018-0737. Obtenido de Common Vulnerabilities and

Exposures: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0737
NVD. (30 de Julio de 2019). Detalle de CVE-2019-1552. Obtenido de BASE DE DATOS

NACIONAL DE VULNERABILIDAD: https://nvd.nist.gov/vuln/detail/CVE-2019-
1552
Anexos (Desde la siguiente página.)

-Reporte de SHODAN para los dos casos analizados.
3
Shodan
Maps
Images
Monitor
Developer
More...
Search...
138.185.137.109 Regular View Raw Data History © OpenMapTiles Satellite | © MapTiler © OpenStreetMap contributors
// LAST UPDATE: 2021-11-05
General Information Open Ports
Country Ecuador 22 80 8080
City Ibarra
// 22 /
TCP 507766849 | 2021-10-15T01:37:58.241849
SOLUCIONES AVANZADAS INFORMATICAS Y

Organization
TELECOMUNICACIONES SAITEL
OpenSSH 8.0
SOLUCIONES AVANZADAS INFORMATICAS Y SSH-2.0-OpenSSH_8.0
ISP
TELECOMUNICACIONES SAITEL Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQDO0F/S5H6M7F6n2Crc5NiutyDNutFax/XYrGaQ
fWQNXvki
ASN AS263805 wRqlauqyeN1Z95u93z1wLk/31VwaFWJOejSOpQqTNE3fsIoy3Vy3fBd6Dgx8iblSh7pN+iYye

lbU
VGAGEt569ir97WHX+AzvepRkBZnQ5EXqqP6IUngRaVQI7g0/Cc1l7C+LfdSGqPSsEe4jkgr+H
0NU
F5GKUOE84+e3028LDE3e6ZqKI54ddKOSuwkHKsZ8oBW0xRUbNxKgeq0ZGlYZ6hgZjOEPSkVUa
qMB
j+txXPYNtyb1hjALds8iNpAdiZBNi1d3f/KyGl0lJzs8daxdOyvA4FbBaxphBVDUU3UqPasky
MuA
Web Technologies xp7rR0LPyh6f1s+rmtWIvJlM+D/kpzYOOBCB3BlnTcA5iPhTXpyKgIZZ2Dcuyl0HFp1n1QfeH

RUa
SJNm1smwNWyVdQs9U2zZsdojsVHOxrP8qZKxBWSLCADapv80IZ8nXYgVwTXk2ebsYgTt6nNps
BOOTSTRAP
6q7
vvaQ5gRNOE0=
Fingerprint: aa:c7:6a:5d:f4:fe:e2:14:7a:be:fd:c1:ad:3d:c4:94
Kex Algorithms:
curve25519-sha256
Vulnerabilities curve25519-sha256@libssh.org
ecdh-sha2-nistp256
Note: the device may not be impacted by all of these issues. The vulnerabilities are implied ecdh-sha2-nistp384
based on the software and version. ecdh-sha2-nistp521
diffie-hellman-group-exchange-sha256
diffie-hellman-group14-sha256
CVE-2014-0117 The mod_proxy module in the Apache diffie-hellman-group18-sha512
HTTP Server 2.4.x before 2.4.10, when a diffie-hellman-group-exchange-sha1
reverse proxy is enabled, allows remote

attackers to cause a denial of service Server Host Key Algorithms:
rsa-sha2-512
(child-process crash) via a crafted HTTP

rsa-sha2-256
Connection header. ssh-rsa
ecdsa-sha2-nistp256
ssh-ed25519
CVE-2014-0118 The deflate_in_filter function in
mod_deflate.c in the mod_deflate module Encryption Algorithms:
aes256-gcm@openssh.com
in the Apache HTTP Server before 2.4.10,

chacha20-poly1305@openssh.com
when request body decompression is aes256-ctr
enabled, allows remote attackers to aes256-cbc
aes128-gcm@openssh.com
cause a denial of service (resource aes128-ctr
consumption) via crafted request data aes128-cbc
that decompresses to a much larger size.

MAC Algorithms:
hmac-sha2-256-etm@openssh.com
hmac-sha1-etm@openssh.com
CVE-2016-0736 In Apache HTTP Server versions 2.4.0 to

umac-128-etm@openssh.com
2.4.23, mod_session_crypto was hmac-sha2-512-etm@openssh.com
encrypting its data/cookie using the hmac-sha2-256
hmac-sha1
configured ciphers with possibly either umac-128@openssh.com
CBC or ECB modes of operation (AES256- hmac-sha2-512
CBC by default), hence no selectable or Compression Algorithms:
none
builtin authenticated encryption. This zlib@openssh.com
made it vulnerable to padding oracle
attacks, particularly with CBC.
// 80 /
TCP
423226475 | 2021-11-05T20:49:12.202150
CVE-2015-3185 The ap_some_auth_required function in

server/request.c in the Apache HTTP
Apache httpd 2.4.6
Server 2.4.x before 2.4.14 does not
consider that a Require directive may be HTTP/1.1 403 Forbidden
associated with an authorization setting Date: Fri, 05 Nov 2021 20:49:11 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
rather than an authentication setting, Last-Modified: Thu, 16 Oct 2014 13:20:58 GMT
which allows remote attackers to bypass ETag: "1321-5058a1e728280"
Accept-Ranges: bytes
intended access restrictions in

Content-Length: 4897
opportunistic circumstances by Content-Type: text/html; charset=UTF-8
leveraging the presence of a module that
relies on the 2.2 API behavior.
// 8080 /
TCP
1393880461 | 2021-10-30T23:54:21.575105
CVE-2015-3184 mod_authz_svn in Apache Subversion

1.7.x before 1.7.21 and 1.8.x before 1.8.14,
HTTP/1.1 200 OK
when using Apache httpd 2.4.x, does not

Date: Sat, 30 Oct 2021 23:54:21 GMT
properly restrict anonymous access, Connection: Keep-Alive
Content-Type: text/html
which allows remote anonymous users to

Content-Length: 109
read hidden files via the path name.
CVE-2018-1312 In Apache httpd 2.2.0 to 2.4.29, when

generating an HTTP Digest authentication
challenge, the nonce sent to prevent
reply attacks was not correctly generated
using a pseudo-random seed. In a cluster
of servers using a common Digest
authentication configuration, HTTP
requests could be replayed across
servers by an attacker without detection.
CVE-2016-4975 Possible CRLF injection allowing HTTP

response splitting attacks for sites which
use mod_userdir. This issue was mitigated
by changes made in 2.4.25 and 2.2.32
which prohibit CR or LF injection into the
"Location" or other outbound header key
or value. Fixed in Apache HTTP Server
2.4.25 (Affected 2.4.1-2.4.23). Fixed in
Apache HTTP Server 2.2.32 (Affected
2.2.0-2.2.31).
CVE-2016-8612 Apache HTTP Server mod_cluster before

version httpd 2.4.23 is vulnerable to an
Improper Input Validation in the protocol
parsing logic in the load balancer
resulting in a Segmentation Fault in the
serving httpd process.
CVE-2014-0226 Race condition in the mod_status module

in the Apache HTTP Server before 2.4.10
allows remote attackers to cause a denial
of service (heap-based buffer overflow),
or possibly obtain sensitive credential
information or execute arbitrary code, via
a crafted request that triggers improper
scoreboard handling within the
status_handler function in
modules/generators/mod_status.c and
the lua_ap_scoreboard_worker function in
modules/lua/lua_request.c.
CVE-2014-3523 Memory leak in the winnt_accept function

in server/mpm/winnt/child.c in the
WinNT MPM in the Apache HTTP Server
2.4.x before 2.4.10 on Windows, when the
default AcceptFilter is enabled, allows
remote attackers to cause a denial of
service (memory consumption) via crafted
requests.
CVE-2017-15710 In Apache httpd 2.0.23 to 2.0.65, 2.2.0 to

2.2.34, and 2.4.0 to 2.4.29,
mod_authnz_ldap, if configured with
AuthLDAPCharsetConfig, uses the
Accept-Language header value to lookup
the right charset encoding when verifying
the user's credentials. If the header value
is not present in the charset conversion
table, a fallback mechanism is used to
truncate it to a two characters value to
allow a quick retry (for example, 'en-US' is
truncated to 'en'). A header value of less
than two characters forces an out of
bound write of one NUL byte to a
memory location that is not part of the
string. In the worst case, quite unlikely, the
process would crash which could be used
as a Denial of Service attack. In the more
likely case, this memory is already
reserved for future use and the issue has
no effect at all.
CVE-2017-15715 In Apache httpd 2.4.0 to 2.4.29, the

expression specified in <FilesMatch>
could match '$' to a newline character in a
malicious filename, rather than matching
only the end of the filename. This could
be exploited in environments where
uploads of some files are are externally
blocked, but only by matching the trailing
portion of the filename.
CVE-2013-6438 The dav_xml_get_cdata function in

main/util.c in the mod_dav module in the
Apache HTTP Server before 2.4.8 does
not properly remove whitespace
characters from CDATA sections, which
allows remote attackers to cause a denial
of service (daemon crash) via a crafted
DAV WRITE request.
CVE-2019- In Apache HTTP server 2.4.0 to 2.4.39,

10098 Redirects configured with mod_rewrite
that were intended to be self-referential
might be fooled by encoded newlines
and redirect instead to an unexpected
URL within the request URL.
CVE-2017-7679 In Apache httpd 2.2.x before 2.2.33 and

2.4.x before 2.4.26, mod_mime can read
one byte past the end of a buffer when
sending a malicious Content-Type
response header.
CVE-2020-1927 In Apache HTTP Server 2.4.0 to 2.4.41,

redirects configured with mod_rewrite
that were intended to be self-referential
might be fooled by encoded newlines
and redirect instead to an an unexpected
URL within the request URL.
CVE-2018-17199 In Apache HTTP Server 2.4 release 2.4.37

and prior, mod_session checks the
session expiry time before decoding the
session. This causes session expiry time
to be ignored for mod_session_cookie
sessions since the expiry time is loaded
when the session is decoded.
CVE-2017-9788 In Apache httpd before 2.2.34 and 2.4.x

before 2.4.27, the value placeholder in
[Proxy-]Authorization headers of type
'Digest' was not initialized or reset before
or between successive key=value
assignments by mod_auth_digest.
Providing an initial key with no '='
assignment could reflect the stale value
of uninitialized pool memory used by the
prior request, leading to leakage of
potentially confidential information, and a
segfault in other cases resulting in denial
of service.
CVE-2014-8109 mod_lua.c in the mod_lua module in the

Apache HTTP Server 2.3.x and 2.4.x
through 2.4.10 does not support an httpd
configuration in which the same Lua
authorization provider is used with
different arguments within different
contexts, which allows remote attackers
to bypass intended access restrictions in
opportunistic circumstances by
leveraging multiple Require directives, as
demonstrated by a configuration that
specifies authorization for one group to
access a certain directory, and
authorization for a second group to
access a second directory.
CVE-2017-9798 Apache httpd allows remote attackers to

read secret data from process memory if
the Limit directive can be set in a user's
.htaccess file, or if httpd.conf has certain
misconfigurations, aka Optionsbleed. This
affects the Apache HTTP Server through
2.2.34 and 2.4.x through 2.4.27. The
attacker sends an unauthenticated
OPTIONS HTTP request when attempting
to read secret data. This is a use-after-
free issue and thus secret data is not
always sent, and the specific data
depends on many factors including
configuration. Exploitation with .htaccess
can be blocked with a patch to the
ap_limit_section function in server/core.c.
CVE-2016-2161 In Apache HTTP Server versions 2.4.0 to

2.4.23, malicious input to
mod_auth_digest can cause the server to
crash, and each instance continues to
crash even for subsequently valid
requests.
CVE-2014-0231 The mod_cgid module in the Apache

HTTP Server before 2.4.10 does not have
a timeout mechanism, which allows
remote attackers to cause a denial of
service (process hang) via a request to a
CGI script that does not read from its stdin
file descriptor.
CVE-2013-4352 The cache_invalidate function in

modules/cache/cache_storage.c in the
mod_cache module in the Apache HTTP
Server 2.4.6, when a caching forward
proxy is enabled, allows remote HTTP
servers to cause a denial of service (NULL
pointer dereference and daemon crash)
via vectors that trigger a missing
hostname value.
CVE-2019-0220 A vulnerability was found in Apache HTTP

Server 2.4.0 to 2.4.38. When the path
component of a request URL contains
multiple consecutive slashes ('/'),
directives such as LocationMatch and
RewriteRule must account for duplicates
in regular expressions while other aspects
of the servers processing will implicitly
collapse them.
CVE-2014-0098 The log_cookie function in

mod_log_config.c in the mod_log_config
module in the Apache HTTP Server
before 2.4.8 allows remote attackers to
cause a denial of service (segmentation
fault and daemon crash) via a crafted
cookie that is not properly handled during
truncation.
CVE-2018-1283 In Apache httpd 2.4.0 to 2.4.29, when

mod_session is configured to forward its
session data to CGI applications
(SessionEnv on, not the default), a remote
user may influence their content by using
a "Session" header. This comes from the
"HTTP_SESSION" variable name used by
mod_session to forward its data to CGIs,
since the prefix "HTTP_" is also used by
the Apache HTTP Server to pass HTTP
header fields, per CGI specifications.
CVE-2016-8743 Apache HTTP Server, in all releases prior

to 2.2.32 and 2.4.25, was liberal in the
whitespace accepted from requests and
sent in response lines and headers.
Accepting these different behaviors
represented a security concern when
httpd participates in any chain of proxies
or interacts with back-end application
servers, either through mod_proxy or
using conventional CGI mechanisms, and
may result in request smuggling,
response splitting and cache pollution.
// PRODUCTS // PRICING // CONTACT US

Monitor Bulk Data Membership support@shodan.io
Search Engine Images API Subscriptions

Developer API Snippets Enterprise
Shodan ® - All rights reserved
Maps
Shodan
Maps
Images
Monitor
Developer
More...
Search...
164.128.164.89 Regular View Raw Data History © OpenMapTiles Satellite | © MapTiler © OpenStreetMap contributors
// TAGS:
honeypot // LAST UPDATE: 2021-11-05
General Information Open Ports
Hostnames 89.164.128.164.static.wline.lns.ent.cust.swisscom.ch 22 23 80 81 443 7001 7547
SWISSCOM.CH 8080 8081 8181 8888 9000 10000 37215

Domains
49152 50000 52869 60001

Country Switzerland
City Zürich
// 22 /
TCP 798345087 | 2021-11-01T04:40:56.580229
Organization Swisscom (Schweiz) AG
OpenSSH 7.6p1 Ubuntu-4ubuntu0.3

ISP Swisscom (Schweiz) AG
SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3
Key type: ssh-rsa
ASN AS3303 Key: AAAAB3NzaC1yc2EAAAADAQABAAABAQDSGBTxMWNbviUS9HRJdtvQ5IuEyps0PTOBQ+XW

GoYX7c+W
2qNU5AXlvyGXJSjX+qLWtT5c4tQI0sBpGWOZDb3sR1TvHqdgEPYEx47UAfmeSs2UjdfeXWCvI
5Da
cc0FH5rgx6NFhPsjwfHFmZ+a1PuIGPbAvKeWWL9+407Q07OQZXC+HM4d3Ajtyus/rbY7mUXru
L9o
wWA30By06WNiKVWZsd9zF9G+RLKeUpdcMS1MnJJnBHiA+UkHzqvTOi+7IAEOf69P8GBjX2BUj
Web Technologies DG3
pY+Fsb88Mqu0gXkJprRZ//7eZRSXkjZJFFmPZOplGB9X9aXNyypM2Lqzh1e4xs9uGNED
Fingerprint: 96:c7:1c:cd:57:00:3e:b8:9b:32:70:f7:5e:45:0b:73
ANGULARJS
Kex Algorithms:
curve25519-sha256
curve25519-sha256@libssh.org
ecdh-sha2-nistp256
ecdh-sha2-nistp384
ecdh-sha2-nistp521
Vulnerabilities diffie-hellman-group14-sha1
Note: the device may not be impacted by all of these issues. The vulnerabilities are implied Server Host Key Algorithms:
based on the software and version. ssh-rsa
ssh-dss
CVE-2019-1552 OpenSSL has internal defaults for a Encryption Algorithms:
aes128-ctr
directory tree where it can find a aes192-ctr
configuration file as well as certificates aes256-ctr
aes256-cbc
used for verification in TLS. This directory

aes192-cbc
is most commonly referred to as aes128-cbc
OPENSSLDIR, and is configurable with the 3des-cbc
blowfish-cbc
--prefix / --openssldir configuration cast128-cbc
options. For OpenSSL versions 1.1.0 and
MAC Algorithms:
1.1.1, the mingw configuration targets

hmac-sha2-512
assume that resulting programs and hmac-sha2-384
hmac-sha2-56
libraries are installed in a Unix-like

hmac-sha1
environment and the default prefix for hmac-md5
program installation as well as for
Compression Algorithms:
OPENSSLDIR should be '/usr/local'. zlib@openssh.com
However, mingw programs are Windows zlib
none
programs, and as such, find themselves

looking at sub-directories of 'C:/usr/local',

which may be world writable, which
enables untrusted users to modify // 23 /
TCP -2011368509 | 2021-10-19T20:38:19.052189
OpenSSL's default configuration, insert CA

certificates, modify (or even replace) buildroot login:
existing engine modules, etc. For
OpenSSL 1.0.2, '/usr/local/ssl' is used as
default for OPENSSLDIR on all Unix and // 80 /
TCP
-1809677894 | 2021-11-03T02:43:11.136019
Windows targets, including Visual C

builds. However, some build instructions HTTP/1.1 200 OK
for the diverse Windows targets on 1.0.2 Server: 360 web server, 792/71644 HTTP Server version 2.0 - TELDAT S.A.,
A10WS/1.00, ADB Broadband HTTP Server, ADH-Web, AR, ASUSTeK UPnP/1.0 Mini
encourage you to specify your own -- UPnPd/1.4, ATS/5.3.0, Adaptec ASM 1.1, AirTies/ASP 1.0 UPnP/1.0 miniupnp
prefix. OpenSSL versions 1.1.1, 1.1.0 and d/1.0, Allegro-Software-RomPager/4.06, AmirHossein Server v1.0, AnWeb/1.4
2p, Android Webcam Server, AnyStor-E, Apache-Coyote/1.1, Apache/2.2.15 (C
1.0.2 are affected by this issue. Due to the
entOS), Apache/2.4.29 (Ubuntu), Apache/2.4.6 (Red Hat Enterprise Linux) P
limited scope of affected deployments HP/7.3.11, Apache/2.4.6 (Red Hat Enterprise Linux) mod_jk/1.2.46 OpenSSL/
this has been assessed as low severity 1.0.2k-fips, App-webs/, ArGoSoft Mail Server Pro for WinNT/2000/XP, Versi
on 1.8 (1.8.9.4), AvigilonGateway/1.0 Microsoft-HTTPAPI/2.0, Avtech, Baby
and therefore we are not creating new Web Server, BigIP, BlueIris-HTTP/1.1, Boa/0.93.15, Boa/0.94.13, Boa/0.94.
releases at this time. Fixed in OpenSSL 14rc20, Boa/0.94.14rc21, Boa/0.94.7, BolidXMLRPC/1.10 (Windows NT) ORION-
BOLID v1.10, BroadWorks, Brovotech/2.0.0, CJServer/1.1, CPWS, CVM, Caddy,
1.1.1d (Affected 1.1.1-1.1.1c). Fixed in
Cam, Cambium HTTP Server, Camera Web Server, CentOS WebPanel: Protected b
OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed y Mod Security, Check Point SVN foundation, Cherokee/1.2.101 (Ubuntu), Ch
in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s). erryPy/2.3.0, CherryPy/3.1.0beta3 WSGI Server, CherryPy/8.1.2, CirCarLife
Scada v4.2.3, Cirpark Scada v4.5.3-rc1, Cisco AWARE 2.0, Citrix Web PN Se
rver, Commvault WebServer, Control4 Web Server, CouchDB/1.6.1 (Erlang OT
CVE-2018-0737 The OpenSSL RSA Key generation P/18), CouchDB/1.6.1 (Erlang OTP/R16B03), CouchDB/2.0.0 (Erlang OTP/17),
Cougar/9.01.01.3841, Cougar/9.01.01.5001, Cowboy, Cross Web Server, D-Lin
algorithm has been shown to be k Web Server 0.01, DNVRS-Webs, DVR-HttpServer/1.0, DVRDVS-Webs, DWS, Dasa
vulnerable to a cache timing side channel nNetwork Solution, Debian/4.0 UPnP/1.0 miniupnpd/1.0, Deluxe Beauty Offic
e, Destiny, DpmptspKarawangkab_HTTP_SERVER, E2EE Server 1.0, EBox, EShare
attack. An attacker with sufficient access
Http Server/1.0, Easy-Web Server/1.0, Embedded HTTP Server., Embedded HTT
to mount cache timing attacks during the PD v1.00, 1999(c) Delta Networks Inc., Embedthis-Appweb/3.2.3, Embedthis-
RSA key generation process could Appweb/3.3.1, Embedthis-http, Entrust, Ericom Access Server, Ericom Acces
s Server x64, FN-Httpd 1.0 [HTTP/1.1], FUJITSU ServerView iRMC S4 Webserv
recover the private key. Fixed in OpenSSL er, FileMakerPro/6.0Fv4 WebCompanion/6.0v3, Flussonic, GSHD/3.0, GeoHttpS
1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in erver, GeoWebServer 4.4.1.0, Ginatex-HTTPServer, GlassFish Server Open So
urce Edition 4.0, GoAhead-Webs, GoAhead-Webs/2.5.0, GoAhead-http, GoTTY,
OpenSSL 1.0.2p-dev (Affected 1.0.2b-
H3C-Miniware-Webs, HFS 2.2f, HFS 2.3 beta, HFS 2.3e, HFS 2.3i, HFS 2.3k,
1.0.2o). HFS 2.3m, HTTP Server, HTTP Server 1.0, HTTP Software 1.1, HTTPD, HTTPD W
eb Server, HTTPD-HR Server powered by Apache, HTTPD_gw 1.0, Hikvision-Web
s, Hipcam, HostGW.com EnterpriseServer built fo SMKN 1 Kaligondang, Http
CVE-2018-0734 The OpenSSL DSA signature algorithm Server, Httpd, Httpd/1.0, Hydra/0.1.8, IBM_HTTP_Server, IIS, IP Webcam Se
has been shown to be vulnerable to a rver, IPC@CHIP, IPCamera-Webs, IPCamera-Webs/2.5.0, IPCamera_Logo, IPOffi
ce/, IceWarp/12.1.1.4 x64, IceWarp/9.4.2, IdeaWebServer/0.83.292, If you
timing side channel attack. An attacker want know, you can ask me, Indy/9.0.11, Intoto Http Server v1.0, InvalidP
could use variations in the signing anda/1.0.0, JAWS/1.0, JAWS/1.0 Jan 21 2017, JBoss-EAP/7, JDVR/4.0, JFinal
4.5, JWS, Jetty(6.1.19), KMS_ACCESS, Keil-EWEB/2.1, Kerio MailServer 6.5.
algorithm to recover the private key. Fixed
2, Kestrel, LINUX-2.6 UPnP/1.0 MiniUPnPd/1.5, LTE Router Webs, Lanswitch
in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in - V100R003 HttpServer 1.1, Linux, HTTP/1.1, DIR-860L Ver 1.01, Linux/2.6.
OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed 18 UPnP/1.0 miniupnpd/1.0, Linux/2.x UPnP/1.0 Avtech/1.0, Linux/3.10.0 eH
omeMediaCenter/1.0, Linux/3.10.104 eHomeMediaCenter/1.0, Linux/3.10.33 UP
in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p). nP/1.0 Teleal-Cling/1.0, Linux/3.14.29 CyberHTTP/1.0, Linux/3.4.39 UPnP/
1.0 Cling/2.0, LiteSpeed, Lotus-Domino, MIPS LINUX/2.4 UPnP/1.0 miniupnp
d/1.0, MJPG-Streamer/0.2, MS-SDK-HttpServer/1.0, MailEnable-HTTP/5.0, Mar
CVE-2019-1551 There is an overflow bug in the x64_64
s, Mathopd/1.5p6, Mbedthis-AppWeb/2.0.4, Mbedthis-Appweb/12.5.0, Mbedthis
Montgomery squaring procedure used in -Appweb/2.4.0, Mbedthis-Appweb/2.4.2, Microsoft-HTTPAPI/1.0, Microsoft-HT
TPAPI/2.0, Microsoft-IIS/10.0, Microsoft-IIS/5.0, Microsoft-IIS/5.1, Micr
exponentiation with 512-bit moduli. No EC
osoft-IIS/6.0, Microsoft-IIS/7.0, Microsoft-IIS/7.5, Microsoft-IIS/8.0, M
algorithms are affected. Analysis suggests icrosoft-IIS/8.5, Microsoft-NetCore/2.0, UPnP/1.0 DLNADOC/1.50, Microsoft
that attacks against 2-prime RSA1024, 3- -WinCE/7.00, Mikrotik HttpProxy, Mini Embedded Web Server, Mini web serve
r 1., Mini web server 1.0 ZTE corp 2005., Mini web server 1.0 ZXIC corp 2
prime RSA1536, and DSA1024 as a result 005., MiniServ/1.890, MistServer/2.14.2, MochiWeb/1.0 (Any of you quaids
of this defect would be very difficult to got a smint?), MonitorServer/0.10.5.363 Python/2.7.5, Monitorix HTTP Serv
er, Monkey, Mono-HTTPAPI/1.0, MoxaHttp/1.0, Mrvl-R1_0, Mrvl-R2_0, NISS, N
perform and are not believed likely.
VR EXT SERVER, NVR Webserver, Net-OS 5.xx UPnP/1.0, NetBox Version 2.8 Bu
Attacks against DH512 are considered just ild 4128, NetEVI/3.10, Netwave IP Camera, Network Camera with Pan/Tilt, N
feasible. However, for an attack the target etwork_Module/1.0 (WXA-50), Nexus/3.13.0-01 (OSS), Nexus/3.9.0-01 (OSS),
Nginx, Nginx Microsoft-HTTPAPI/2.0, Nucleus/4.3 UPnP/1.0 Virata-EmWeb/R6_
would have to re-use the DH512 private 2_0, OPNsense, OceanView-CDN, Oktell LS, OpenBCM/1.07b3, OpenBSD httpd, O
key, which is not recommended anyway. racle Containers for J2EE, Oracle GlassFish Server 3.1.2.2, Oracle XML D
B/Oracle Database, Oracle-Application-Server-10g/10.1.2.0.2 Oracle-HTTP-S
Also applications directly using the low
erver, Oracle-Application-Server-11g, Oracle-HTTP-Server, Oracle-HTTP-Ser
level API BN_mod_exp may be affected if ver-11g, Oracle_WebDb_Listener/2.1, PBX/63.0.2 (CentOS64), PRTG/19.3.51.2
they use BN_FLG_CONSTTIME. Fixed in 830, Pan/Tilt, PanWeb Server/ -, Payara Server 5.193 #badassfish, PrHTTP
D Ver1.0, Proxy, Python/3.6 aiohttp/2.3.10, Qualvision -HTTPServer, REP S
OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed erver, RNOAAA018180026 HTTP Server version 2.0 - TELDAT S.A., Rabbit, Ra
in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t). pidLogic/1.1, Raption v5.8.0, ReeCam IP Camera, RemotelyAnywhere/9.0.856,
Reposify, Resin/2.1.12, Resin/3.0.17, Resin/3.1.8, Rex/12.0.7601.17514, R
omPager/4.07 UPnP/1.0, RomPager/4.51 UPnP/1.0, Router, Router Webserver,
CVE-2018-0732 During key agreement in a TLS SAP, SCADA, SQ-WEBCAM, SRS/3.0.45(OuXuli), SY8033, SY8045, Safe3 Web Fire
wall, Safedog/4.0.0, ScreenConnect/19.4.25542.7213-2135886336 Microsoft-H
handshake using a DH(E) based
TTPAPI/2.0, Serv-U/11.3.0.2, Server, ServiceNow, Servlet 2.5; JBoss-5.0/J
ciphersuite a malicious server can send a BossWeb-2.1, Servlet/2.5 JSP/2.1, SimpleHTTP/0.6 Python/2.7.15+, SinforHt
very large prime value to the client. This tpd/1.0, SmartXFilter, SoftManager Application Server, SonicWALL, Spark,
Start HTTP-Server/1.1, Sun GlassFish Enterprise Server v2.1.1, Swift1.0,
will cause the client to spend an Switch, SyncThru 5, TOPSEC, TP-LINK Router, TWebAP/2.1.2.9, Tas, Techno V
ision Security System Ver. 2.0, Tengine/2.3.2, Thecapital Caphe Websphere
unreasonably long period of time 12.3 build 3.456.234.2600, This is webserver, TibetSystem Server 2.0, Tie
generating a key for this prime resulting in line, Tntnet/2.1, Topsec, TornadoServer/6.0.2, TurnStat webserver, Twiste
dWeb/18.9.0, U S Software Web Server, UBNT Streaming Server v1.2, UCS Pre
a hang until the client has finished. This
mieraExternal v4.0.4.24, UMC Webserver/5.0, UPnP/1.0 DLNADOC/1.50 Allwinn
could be exploited in a Denial Of Service ertech/0.1.0, UPnP/1.0 DLNADOC/1.50 Platinum/1.0.5.13, Unknown, Unspecifi
ed, UPnP/1.0, Unspecified, VAppServer/6.0.0, VB, VB100, VCS-VideoJet-Webs
attack. Fixed in OpenSSL 1.1.0i-dev
erver, VPON Server/1.0, Varnish, Vinahost, Virata-EmWeb/R6_0_1, Virtual W
(Affected 1.1.0-1.1.0h). Fixed in OpenSSL eb 0.9, Vivotek Network Camera, WAF, WCY_WEBServer/1.0, WCY_WEBServer/2.
1.0.2p-dev (Affected 1.0.2-1.0.2o). 0, WDaemon/10.0.0, WDaemon/4.0, WEB SERVER, WMSServer/2.0.1.0, WN/2.4.7,
WS CDN Server, WSGIServer/0.2 CPython/3.7.3, WWW Server/1.1, WWW-Kodeks/
6.4, Warp/3.2.27, Warp/3.2.28, Waveplus HTTPD, Web Express 0.9, Web Serve
CVE-2017-3737 OpenSSL 1.0.2 (starting from version r, Web Switch, Web server, Web-Server/3.0, WebServer, WebServer/1.0 UPnP/
1.0, Webs, WebsServer/2.1.8 PeerSec-MatrixSSL/, Werkzeug/0.9.6 Python/2.
1.0.2b) introduced an "error state"
7.6, WhatsUp, WhatsUp_Gold/8.0, WiJungle, WildDuck API, WildFly/10, WildF
mechanism. The intent was that if a fatal ly/11, WildFly/8, WildFly/9, WindRiver-WebServer/4.7, WindWeb/1.0, Window
error occurred during a handshake then s Server 2008 R2, UPnP/1.0 DLNADOC/1.50, Serviio/1.8, Wing FTP Server(Mar
io Kaserer), Wing FTP Server(MediaSend pty Ltd), Wing FTP Server/3.3.5(),
OpenSSL would move into the error state Winstone Servlet Engine v0.9.10, Wisp/1.0.71.15, WowzaStreamingEngine/4.
and would immediately fail if you 7.1, WowzaStreamingEngine/4.7.7, XDaemon v1.0, XEvil_4.0.0[Beta][V4_0b2
5], Xavante 2.2.0 embeded, Xitami, Yawcam, YouTrack, YxlinkWAF, ZK Web Se
attempted to continue the handshake.
rver, ZSWS/2.2, ZTE web server 1.0 ZTE corp 2015., Zope/(2.13.15, python
This works as designed for the explicit 2.7.3, linux2) ZServer/1.1, Zope/(2.13.27, python 2.7.3, linux2) ZServer/
1.1, Zscaler/5.7, abcd, access to tenda, alphapd, alphapd/2.1.7, alphapd/
handshake functions
2.1.8, antid, axhttpd/1.4.0, axhttpd/1.5.3, beegoServer:1.12.0, bots-webs
(SSL_do_handshake(), SSL_accept() and erver, box, build-in http server, calibre 4.0.0, ccapi-dvrs-production, c
SSL_connect()), however due to a bug it isco-IOS, cloudflare, cloudflare-nginx, cvmd-1.0.0 (r1), dcs-lig-httpd, d
e475d6363d3b9295c4645cd08294af288c1c0de, eHTTP v2.0, eboo server, embedde
does not work correctly if SSL_read() or d http dameon, falcon/2.1, foo, gSOAP/2.7, gen5th/1.33.00, gen5th/1.82.0
SSL_write() is called directly. In that 1, go1984, gunicorn/19.3.0, h2o/2.3.0-DEV@6cde7eb3f, http server 1.0, htt
pd, httpd/1.00, httpd/2.0, httpd_four-faith, httpserver, i-Catcher Consol
scenario, if the handshake fails then a
e, iSpy, jjhttpd v0.1.0, kangle/3.5.8.2, kong/0.14.0, libwww-perl-daemon/
fatal error will be returned in the initial 6.01, lighttpd, lighttpd-Intelbras, lighttpd/1.4.28, lighttpd/1.4.35, lig
function call. If SSL_read()/SSL_write() is httpd/1.4.43, lighttpd/1.4.54, localhost, lwIP/1.4.0 (http://savannah.non
gnu.org/projects/lwip), mORMot (Windows) Microsoft-HTTPAPI/1.0, mORMot (W
subsequently called by the application for indows) Microsoft-HTTPAPI/2.0, micro_httpd, minhttpd, mini_httpd/1.19 19d
the same SSL object then it will succeed ec2003, mini_httpd/1.21 18oct2014, mini_httpd/1.30 26Oct2018, miniupnpd/
1.0 UPnP/1.0, mysrv, nPerf/2.2.0 2019-04-02, nextgen_0.2, nginx, nginx/1.
and the data is passed without being
8.0, ngjit, nostromo 1.9.4, o2switch PowerBoost, openresty, product only,
decrypted/encrypted directly from the rchttpd/1.0, rednetcloud, scada, secure, siyou server, sky_router, squid,
SSL/TLS record layer. In order to exploit squid/3.1.18, staging, sthttpd/2.27.0 03oct2014, thttpd, thttpd-alphanetw
orks/2.23, thttpd/2.25b 29dec2003, thttpd/2.25b-lxc 29dec2003, thttpd/2.2
this issue an application bug would have 7 19Oct2015, tinyproxy/1.10.0, tsbox, uc-httpd 1.0.0, uc-httpd/1.0.0, wai
to be present that resulted in a call to tress, web, webcam 7, webcamXP, webserver, webserver/1.0, wfe, wfust, wil
dix-http-server, wizzardo-http/0.1, yawcam
SSL_read()/SSL_write() being issued after

Content-Type: text/html; charset=UTF-8
having already received a fatal error. Date: Wed, 03 Nov 2021 02:43:10 GMT
OpenSSL version 1.0.2b-1.0.2m are

affected. Fixed in OpenSSL 1.0.2n.

OpenSSL 1.1.0 is not affected.
// 81 /
TCP
-1809677894 | 2021-10-29T13:13:08.042623
CVE-2017-3735 While parsing an IPAddressFamily

extension in an X.509 certificate, it is HTTP/1.1 200 OK
possible to do a one-byte overread. This Server: 360 web server, 792/71644 HTTP Server version 2.0 - TELDAT S.A.,
would result in an incorrect text display of
UPnPd/1.4, ATS/5.3.0, Adaptec ASM 1.1, AirTies/ASP 1.0 UPnP/1.0 miniupnp
the certificate. This bug has been present d/1.0, Allegro-Software-RomPager/4.06, AmirHossein Server v1.0, AnWeb/1.4
since 2006 and is present in all versions 2p, Android Webcam Server, AnyStor-E, Apache-Coyote/1.1, Apache/2.2.15 (C
of OpenSSL before 1.0.2m and 1.1.0g. HP/7.3.11, Apache/2.4.6 (Red Hat Enterprise Linux) mod_jk/1.2.46 OpenSSL/
1.0.2k-fips, App-webs/, ArGoSoft Mail Server Pro for WinNT/2000/XP, Versi
CVE-2021- Calls to EVP_CipherUpdate,
Web Server, BigIP, BlueIris-HTTP/1.1, Boa/0.93.15, Boa/0.94.13, Boa/0.94.
23840 EVP_EncryptUpdate and 14rc20, Boa/0.94.14rc21, Boa/0.94.7, BolidXMLRPC/1.10 (Windows NT) ORION-
EVP_DecryptUpdate may overflow the
output length argument in some cases y Mod Security, Check Point SVN foundation, Cherokee/1.2.101 (Ubuntu), Ch
where the input length is close to the erryPy/2.3.0, CherryPy/3.1.0beta3 WSGI Server, CherryPy/8.1.2, CirCarLife
maximum permissable length for an rver, Commvault WebServer, Control4 Web Server, CouchDB/1.6.1 (Erlang OT
integer on the platform. In such cases the P/18), CouchDB/1.6.1 (Erlang OTP/R16B03), CouchDB/2.0.0 (Erlang OTP/17),
return value from the function call will be
k Web Server 0.01, DNVRS-Webs, DVR-HttpServer/1.0, DVRDVS-Webs, DWS, Dasa
1 (indicating success), but the output nNetwork Solution, Debian/4.0 UPnP/1.0 miniupnpd/1.0, Deluxe Beauty Offic
length value will be negative. This could e, Destiny, DpmptspKarawangkab_HTTP_SERVER, E2EE Server 1.0, EBox, EShare
cause applications to behave incorrectly PD v1.00, 1999(c) Delta Networks Inc., Embedthis-Appweb/3.2.3, Embedthis-
or crash. OpenSSL versions 1.1.1i and Appweb/3.3.1, Embedthis-http, Entrust, Ericom Access Server, Ericom Acces
below are affected by this issue. Users of
er, FileMakerPro/6.0Fv4 WebCompanion/6.0v3, Flussonic, GSHD/3.0, GeoHttpS
these versions should upgrade to erver, GeoWebServer 4.4.1.0, Ginatex-HTTPServer, GlassFish Server Open So
OpenSSL 1.1.1j. OpenSSL versions 1.0.2x urce Edition 4.0, GoAhead-Webs, GoAhead-Webs/2.5.0, GoAhead-http, GoTTY,
and below are affected by this issue. HFS 2.3m, HTTP Server, HTTP Server 1.0, HTTP Software 1.1, HTTPD, HTTPD W
However OpenSSL 1.0.2 is out of support s, Hipcam, HostGW.com EnterpriseServer built fo SMKN 1 Kaligondang, Http
Server, Httpd, Httpd/1.0, Hydra/0.1.8, IBM_HTTP_Server, IIS, IP Webcam Se
and no longer receiving public updates. rver, IPC@CHIP, IPCamera-Webs, IPCamera-Webs/2.5.0, IPCamera_Logo, IPOffi
Premium support customers of OpenSSL ce/, IceWarp/12.1.1.4 x64, IceWarp/9.4.2, IdeaWebServer/0.83.292, If you
want know, you can ask me, Indy/9.0.11, Intoto Http Server v1.0, InvalidP
1.0.2 should upgrade to 1.0.2y. Other users
anda/1.0.0, JAWS/1.0, JAWS/1.0 Jan 21 2017, JBoss-EAP/7, JDVR/4.0, JFinal
should upgrade to 1.1.1j. Fixed in OpenSSL 4.5, JWS, Jetty(6.1.19), KMS_ACCESS, Keil-EWEB/2.1, Kerio MailServer 6.5.
1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL
- V100R003 HttpServer 1.1, Linux, HTTP/1.1, DIR-860L Ver 1.01, Linux/2.6.
1.0.2y (Affected 1.0.2-1.0.2x). 18 UPnP/1.0 miniupnpd/1.0, Linux/2.x UPnP/1.0 Avtech/1.0, Linux/3.10.0 eH
nP/1.0 Teleal-Cling/1.0, Linux/3.14.29 CyberHTTP/1.0, Linux/3.4.39 UPnP/
CVE-2021- The OpenSSL public API function 1.0 Cling/2.0, LiteSpeed, Lotus-Domino, MIPS LINUX/2.4 UPnP/1.0 miniupnp
23841 X509_issuer_and_serial_hash() attempts d/1.0, MJPG-Streamer/0.2, MS-SDK-HttpServer/1.0, MailEnable-HTTP/5.0, Mar
to create a unique hash value based on
-Appweb/2.4.0, Mbedthis-Appweb/2.4.2, Microsoft-HTTPAPI/1.0, Microsoft-HT
the issuer and serial number data TPAPI/2.0, Microsoft-IIS/10.0, Microsoft-IIS/5.0, Microsoft-IIS/5.1, Micr
contained within an X509 certificate. osoft-IIS/6.0, Microsoft-IIS/7.0, Microsoft-IIS/7.5, Microsoft-IIS/8.0, M
icrosoft-IIS/8.5, Microsoft-NetCore/2.0, UPnP/1.0 DLNADOC/1.50, Microsoft
However it fails to correctly handle any -WinCE/7.00, Mikrotik HttpProxy, Mini Embedded Web Server, Mini web serve
errors that may occur while parsing the r 1., Mini web server 1.0 ZTE corp 2005., Mini web server 1.0 ZXIC corp 2
005., MiniServ/1.890, MistServer/2.14.2, MochiWeb/1.0 (Any of you quaids
issuer field (which might occur if the
got a smint?), MonitorServer/0.10.5.363 Python/2.7.5, Monitorix HTTP Serv
issuer field is maliciously constructed). er, Monkey, Mono-HTTPAPI/1.0, MoxaHttp/1.0, Mrvl-R1_0, Mrvl-R2_0, NISS, N
This may subsequently result in a NULL
ild 4128, NetEVI/3.10, Netwave IP Camera, Network Camera with Pan/Tilt, N
pointer deref and a crash leading to a etwork_Module/1.0 (WXA-50), Nexus/3.13.0-01 (OSS), Nexus/3.9.0-01 (OSS),
potential denial of service attack. The Nginx, Nginx Microsoft-HTTPAPI/2.0, Nucleus/4.3 UPnP/1.0 Virata-EmWeb/R6_
2_0, OPNsense, OceanView-CDN, Oktell LS, OpenBCM/1.07b3, OpenBSD httpd, O
function X509_issuer_and_serial_hash() is racle Containers for J2EE, Oracle GlassFish Server 3.1.2.2, Oracle XML D
never directly called by OpenSSL itself so B/Oracle Database, Oracle-Application-Server-10g/10.1.2.0.2 Oracle-HTTP-S
applications are only vulnerable if they
ver-11g, Oracle_WebDb_Listener/2.1, PBX/63.0.2 (CentOS64), PRTG/19.3.51.2
use this function directly and they use it 830, Pan/Tilt, PanWeb Server/ -, Payara Server 5.193 #badassfish, PrHTTP
on certificates that may have been D Ver1.0, Proxy, Python/3.6 aiohttp/2.3.10, Qualvision -HTTPServer, REP S
erver, RNOAAA018180026 HTTP Server version 2.0 - TELDAT S.A., Rabbit, Ra
obtained from untrusted sources. pidLogic/1.1, Raption v5.8.0, ReeCam IP Camera, RemotelyAnywhere/9.0.856,
OpenSSL versions 1.1.1i and below are Reposify, Resin/2.1.12, Resin/3.0.17, Resin/3.1.8, Rex/12.0.7601.17514, R
affected by this issue. Users of these
SAP, SCADA, SQ-WEBCAM, SRS/3.0.45(OuXuli), SY8033, SY8045, Safe3 Web Fire
versions should upgrade to OpenSSL 1.1.1j. wall, Safedog/4.0.0, ScreenConnect/19.4.25542.7213-2135886336 Microsoft-H
OpenSSL versions 1.0.2x and below are TTPAPI/2.0, Serv-U/11.3.0.2, Server, ServiceNow, Servlet 2.5; JBoss-5.0/J
BossWeb-2.1, Servlet/2.5 JSP/2.1, SimpleHTTP/0.6 Python/2.7.15+, SinforHt
affected by this issue. However OpenSSL tpd/1.0, SmartXFilter, SoftManager Application Server, SonicWALL, Spark,
1.0.2 is out of support and no longer Start HTTP-Server/1.1, Sun GlassFish Enterprise Server v2.1.1, Swift1.0,
Switch, SyncThru 5, TOPSEC, TP-LINK Router, TWebAP/2.1.2.9, Tas, Techno V
receiving public updates. Premium
support customers of OpenSSL 1.0.2 12.3 build 3.456.234.2600, This is webserver, TibetSystem Server 2.0, Tie
line, Tntnet/2.1, Topsec, TornadoServer/6.0.2, TurnStat webserver, Twiste
should upgrade to 1.0.2y. Other users
should upgrade to 1.1.1j. Fixed in OpenSSL mieraExternal v4.0.4.24, UMC Webserver/5.0, UPnP/1.0 DLNADOC/1.50 Allwinn
1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL ertech/0.1.0, UPnP/1.0 DLNADOC/1.50 Platinum/1.0.5.13, Unknown, Unspecifi
1.0.2y (Affected 1.0.2-1.0.2x). erver, VPON Server/1.0, Varnish, Vinahost, Virata-EmWeb/R6_0_1, Virtual W
eb 0.9, Vivotek Network Camera, WAF, WCY_WEBServer/1.0, WCY_WEBServer/2.
0, WDaemon/10.0.0, WDaemon/4.0, WEB SERVER, WMSServer/2.0.1.0, WN/2.4.7,
CVE-2018-0739 Constructed ASN.1 types with a recursive
definition (such as can be found in PKCS7) 6.4, Warp/3.2.27, Warp/3.2.28, Waveplus HTTPD, Web Express 0.9, Web Serve
could eventually exceed the stack given r, Web Switch, Web server, Web-Server/3.0, WebServer, WebServer/1.0 UPnP/
malicious input with excessive recursion. 7.6, WhatsUp, WhatsUp_Gold/8.0, WiJungle, WildDuck API, WildFly/10, WildF
This could result in a Denial Of Service ly/11, WildFly/8, WildFly/9, WindRiver-WebServer/4.7, WindWeb/1.0, Window
s Server 2008 R2, UPnP/1.0 DLNADOC/1.50, Serviio/1.8, Wing FTP Server(Mar
attack. There are no such structures used
within SSL/TLS that come from untrusted Winstone Servlet Engine v0.9.10, Wisp/1.0.71.15, WowzaStreamingEngine/4.
7.1, WowzaStreamingEngine/4.7.7, XDaemon v1.0, XEvil_4.0.0[Beta][V4_0b2
sources so this is considered safe. Fixed in
OpenSSL 1.1.0h (Affected 1.1.0-1.1.0g). rver, ZSWS/2.2, ZTE web server 1.0 ZTE corp 2015., Zope/(2.13.15, python
Fixed in OpenSSL 1.0.2o (Affected 1.0.2b- 2.7.3, linux2) ZServer/1.1, Zope/(2.13.27, python 2.7.3, linux2) ZServer/
1.0.2n). 2.1.8, antid, axhttpd/1.4.0, axhttpd/1.5.3, beegoServer:1.12.0, bots-webs
erver, box, build-in http server, calibre 4.0.0, ccapi-dvrs-production, c
isco-IOS, cloudflare, cloudflare-nginx, cvmd-1.0.0 (r1), dcs-lig-httpd, d
CVE-2020-1968 The Raccoon attack exploits a flaw in the
TLS specification which can lead to an d http dameon, falcon/2.1, foo, gSOAP/2.7, gen5th/1.33.00, gen5th/1.82.0
attacker being able to compute the pre- 1, go1984, gunicorn/19.3.0, h2o/2.3.0-DEV@6cde7eb3f, http server 1.0, htt
master secret in connections which have e, iSpy, jjhttpd v0.1.0, kangle/3.5.8.2, kong/0.14.0, libwww-perl-daemon/
used a Diffie-Hellman (DH) based 6.01, lighttpd, lighttpd-Intelbras, lighttpd/1.4.28, lighttpd/1.4.35, lig
httpd/1.4.43, lighttpd/1.4.54, localhost, lwIP/1.4.0 (http://savannah.non
ciphersuite. In such a case this would
result in the attacker being able to indows) Microsoft-HTTPAPI/2.0, micro_httpd, minhttpd, mini_httpd/1.19 19d
ec2003, mini_httpd/1.21 18oct2014, mini_httpd/1.30 26Oct2018, miniupnpd/
eavesdrop on all encrypted
communications sent over that TLS 8.0, ngjit, nostromo 1.9.4, o2switch PowerBoost, openresty, product only,
connection. The attack can only be rchttpd/1.0, rednetcloud, scada, secure, siyou server, sky_router, squid,
squid/3.1.18, staging, sthttpd/2.27.0 03oct2014, thttpd, thttpd-alphanetw
exploited if an implementation re-uses a orks/2.23, thttpd/2.25b 29dec2003, thttpd/2.25b-lxc 29dec2003, thttpd/2.2
DH secret across multiple TLS 7 19Oct2015, tinyproxy/1.10.0, tsbox, uc-httpd 1.0.0, uc-httpd/1.0.0, wai
tress, web, webcam 7, webcamXP, webserver, webserver/1.0, wfe, wfust, wil
connections. Note that this issue only dix-http-server, wizzardo-http/0.1, yawcam
impacts DH ciphersuites and not ECDH Content-Type: text/html; charset=UTF-8
Date: Fri, 29 Oct 2021 13:13:07 GMT
ciphersuites. This issue affects OpenSSL

1.0.2 which is out of support and no
longer receiving public updates. OpenSSL

1.1.1 is not vulnerable to this issue. Fixed in
// 443 /
TCP
OpenSSL 1.0.2w (Affected 1.0.2-1.0.2v). -1809677894 | 2021-11-05T17:03:13.006994
CVE-2020-1971 The X.509 GeneralName type is a generic HTTP/1.1 200 OK
Server: 360 web server, 792/71644 HTTP Server version 2.0 - TELDAT S.A.,
type for representing different types of A10WS/1.00, ADB Broadband HTTP Server, ADH-Web, AR, ASUSTeK UPnP/1.0 Mini
names. One of those name types is UPnPd/1.4, ATS/5.3.0, Adaptec ASM 1.1, AirTies/ASP 1.0 UPnP/1.0 miniupnp
d/1.0, Allegro-Software-RomPager/4.06, AmirHossein Server v1.0, AnWeb/1.4
known as EDIPartyName. OpenSSL
provides a function entOS), Apache/2.4.29 (Ubuntu), Apache/2.4.6 (Red Hat Enterprise Linux) P
GENERAL_NAME_cmp which compares HP/7.3.11, Apache/2.4.6 (Red Hat Enterprise Linux) mod_jk/1.2.46 OpenSSL/
different instances of a GENERAL_NAME on 1.8 (1.8.9.4), AvigilonGateway/1.0 Microsoft-HTTPAPI/2.0, Avtech, Baby
to see if they are equal or not. This Web Server, BigIP, BlueIris-HTTP/1.1, Boa/0.93.15, Boa/0.94.13, Boa/0.94.
14rc20, Boa/0.94.14rc21, Boa/0.94.7, BolidXMLRPC/1.10 (Windows NT) ORION-
function behaves incorrectly when both
GENERAL_NAMEs contain an Cam, Cambium HTTP Server, Camera Web Server, CentOS WebPanel: Protected b
EDIPARTYNAME. A NULL pointer y Mod Security, Check Point SVN foundation, Cherokee/1.2.101 (Ubuntu), Ch
erryPy/2.3.0, CherryPy/3.1.0beta3 WSGI Server, CherryPy/8.1.2, CirCarLife
dereference and a crash may occur Scada v4.2.3, Cirpark Scada v4.5.3-rc1, Cisco AWARE 2.0, Citrix Web PN Se
leading to a possible denial of service rver, Commvault WebServer, Control4 Web Server, CouchDB/1.6.1 (Erlang OT
P/18), CouchDB/1.6.1 (Erlang OTP/R16B03), CouchDB/2.0.0 (Erlang OTP/17),
attack. OpenSSL itself uses the
GENERAL_NAME_cmp function for two k Web Server 0.01, DNVRS-Webs, DVR-HttpServer/1.0, DVRDVS-Webs, DWS, Dasa
nNetwork Solution, Debian/4.0 UPnP/1.0 miniupnpd/1.0, Deluxe Beauty Offic
purposes: 1) Comparing CRL distribution
point names between an available CRL Http Server/1.0, Easy-Web Server/1.0, Embedded HTTP Server., Embedded HTT
and a CRL distribution point embedded in PD v1.00, 1999(c) Delta Networks Inc., Embedthis-Appweb/3.2.3, Embedthis-
Appweb/3.3.1, Embedthis-http, Entrust, Ericom Access Server, Ericom Acces
an X509 certificate 2) When verifying that s Server x64, FN-Httpd 1.0 [HTTP/1.1], FUJITSU ServerView iRMC S4 Webserv
a timestamp response token signer er, FileMakerPro/6.0Fv4 WebCompanion/6.0v3, Flussonic, GSHD/3.0, GeoHttpS
erver, GeoWebServer 4.4.1.0, Ginatex-HTTPServer, GlassFish Server Open So
matches the timestamp authority name
(exposed via the API functions H3C-Miniware-Webs, HFS 2.2f, HFS 2.3 beta, HFS 2.3e, HFS 2.3i, HFS 2.3k,
TS_RESP_verify_response and HFS 2.3m, HTTP Server, HTTP Server 1.0, HTTP Software 1.1, HTTPD, HTTPD W
TS_RESP_verify_token) If an attacker can s, Hipcam, HostGW.com EnterpriseServer built fo SMKN 1 Kaligondang, Http
control both items being compared then Server, Httpd, Httpd/1.0, Hydra/0.1.8, IBM_HTTP_Server, IIS, IP Webcam Se
rver, IPC@CHIP, IPCamera-Webs, IPCamera-Webs/2.5.0, IPCamera_Logo, IPOffi
that attacker could trigger a crash. For
example if the attacker can trick a client want know, you can ask me, Indy/9.0.11, Intoto Http Server v1.0, InvalidP
or server into checking a malicious anda/1.0.0, JAWS/1.0, JAWS/1.0 Jan 21 2017, JBoss-EAP/7, JDVR/4.0, JFinal
certificate against a malicious CRL then 2, Kestrel, LINUX-2.6 UPnP/1.0 MiniUPnPd/1.5, LTE Router Webs, Lanswitch
this may occur. Note that some - V100R003 HttpServer 1.1, Linux, HTTP/1.1, DIR-860L Ver 1.01, Linux/2.6.
18 UPnP/1.0 miniupnpd/1.0, Linux/2.x UPnP/1.0 Avtech/1.0, Linux/3.10.0 eH
applications automatically download
CRLs based on a URL embedded in a nP/1.0 Teleal-Cling/1.0, Linux/3.14.29 CyberHTTP/1.0, Linux/3.4.39 UPnP/
certificate. This checking happens prior to
the signatures on the certificate and CRL s, Mathopd/1.5p6, Mbedthis-AppWeb/2.0.4, Mbedthis-Appweb/12.5.0, Mbedthis
being verified. OpenSSL's s_server, -Appweb/2.4.0, Mbedthis-Appweb/2.4.2, Microsoft-HTTPAPI/1.0, Microsoft-HT
s_client and verify tools have support for osoft-IIS/6.0, Microsoft-IIS/7.0, Microsoft-IIS/7.5, Microsoft-IIS/8.0, M
the "-crl_download" option which icrosoft-IIS/8.5, Microsoft-NetCore/2.0, UPnP/1.0 DLNADOC/1.50, Microsoft
-WinCE/7.00, Mikrotik HttpProxy, Mini Embedded Web Server, Mini web serve
implements automatic CRL downloading
and this attack has been demonstrated to 005., MiniServ/1.890, MistServer/2.14.2, MochiWeb/1.0 (Any of you quaids
work against those tools. Note that an got a smint?), MonitorServer/0.10.5.363 Python/2.7.5, Monitorix HTTP Serv
unrelated bug means that affected VR EXT SERVER, NVR Webserver, Net-OS 5.xx UPnP/1.0, NetBox Version 2.8 Bu
versions of OpenSSL cannot parse or ild 4128, NetEVI/3.10, Netwave IP Camera, Network Camera with Pan/Tilt, N
etwork_Module/1.0 (WXA-50), Nexus/3.13.0-01 (OSS), Nexus/3.9.0-01 (OSS),
construct correct encodings of
EDIPARTYNAME. However it is possible to 2_0, OPNsense, OceanView-CDN, Oktell LS, OpenBCM/1.07b3, OpenBSD httpd, O
construct a malformed EDIPARTYNAME racle Containers for J2EE, Oracle GlassFish Server 3.1.2.2, Oracle XML D
that OpenSSL's parser will accept and erver, Oracle-Application-Server-11g, Oracle-HTTP-Server, Oracle-HTTP-Ser
hence trigger this attack. All OpenSSL 1.1.1 ver-11g, Oracle_WebDb_Listener/2.1, PBX/63.0.2 (CentOS64), PRTG/19.3.51.2
830, Pan/Tilt, PanWeb Server/ -, Payara Server 5.193 #badassfish, PrHTTP
and 1.0.2 versions are affected by this
issue. Other OpenSSL releases are out of erver, RNOAAA018180026 HTTP Server version 2.0 - TELDAT S.A., Rabbit, Ra
pidLogic/1.1, Raption v5.8.0, ReeCam IP Camera, RemotelyAnywhere/9.0.856,
support and have not been checked.
Fixed in OpenSSL 1.1.1i (Affected 1.1.1- omPager/4.07 UPnP/1.0, RomPager/4.51 UPnP/1.0, Router, Router Webserver,
1.1.1h). Fixed in OpenSSL 1.0.2x (Affected SAP, SCADA, SQ-WEBCAM, SRS/3.0.45(OuXuli), SY8033, SY8045, Safe3 Web Fire
1.0.2-1.0.2w). TTPAPI/2.0, Serv-U/11.3.0.2, Server, ServiceNow, Servlet 2.5; JBoss-5.0/J
tpd/1.0, SmartXFilter, SoftManager Application Server, SonicWALL, Spark,
CVE-2017-3736 There is a carry propagating bug in the
x86_64 Montgomery squaring procedure Switch, SyncThru 5, TOPSEC, TP-LINK Router, TWebAP/2.1.2.9, Tas, Techno V
in OpenSSL before 1.0.2m and 1.1.0 before ision Security System Ver. 2.0, Tengine/2.3.2, Thecapital Caphe Websphere
12.3 build 3.456.234.2600, This is webserver, TibetSystem Server 2.0, Tie
1.1.0g. No EC algorithms are affected. line, Tntnet/2.1, Topsec, TornadoServer/6.0.2, TurnStat webserver, Twiste
Analysis suggests that attacks against dWeb/18.9.0, U S Software Web Server, UBNT Streaming Server v1.2, UCS Pre
RSA and DSA as a result of this defect
ertech/0.1.0, UPnP/1.0 DLNADOC/1.50 Platinum/1.0.5.13, Unknown, Unspecifi
would be very difficult to perform and are ed, UPnP/1.0, Unspecified, VAppServer/6.0.0, VB, VB100, VCS-VideoJet-Webs
not believed likely. Attacks against DH are
considered just feasible (although very 0, WDaemon/10.0.0, WDaemon/4.0, WEB SERVER, WMSServer/2.0.1.0, WN/2.4.7,
difficult) because most of the work WS CDN Server, WSGIServer/0.2 CPython/3.7.3, WWW Server/1.1, WWW-Kodeks/
necessary to deduce information about a r, Web Switch, Web server, Web-Server/3.0, WebServer, WebServer/1.0 UPnP/
private key may be performed offline. The 1.0, Webs, WebsServer/2.1.8 PeerSec-MatrixSSL/, Werkzeug/0.9.6 Python/2.
amount of resources required for such an
ly/11, WildFly/8, WildFly/9, WindRiver-WebServer/4.7, WindWeb/1.0, Window
attack would be very significant and likely s Server 2008 R2, UPnP/1.0 DLNADOC/1.50, Serviio/1.8, Wing FTP Server(Mar
only accessible to a limited number of io Kaserer), Wing FTP Server(MediaSend pty Ltd), Wing FTP Server/3.3.5(),
Winstone Servlet Engine v0.9.10, Wisp/1.0.71.15, WowzaStreamingEngine/4.
attackers. An attacker would additionally 7.1, WowzaStreamingEngine/4.7.7, XDaemon v1.0, XEvil_4.0.0[Beta][V4_0b2
need online access to an unpatched 5], Xavante 2.2.0 embeded, Xitami, Yawcam, YouTrack, YxlinkWAF, ZK Web Se
system using the target private key in a
2.7.3, linux2) ZServer/1.1, Zope/(2.13.27, python 2.7.3, linux2) ZServer/
scenario with persistent DH parameters 1.1, Zscaler/5.7, abcd, access to tenda, alphapd, alphapd/2.1.7, alphapd/
and a private key that is shared between 2.1.8, antid, axhttpd/1.4.0, axhttpd/1.5.3, beegoServer:1.12.0, bots-webs
multiple clients. This only affects isco-IOS, cloudflare, cloudflare-nginx, cvmd-1.0.0 (r1), dcs-lig-httpd, d
processors that support the BMI1, BMI2 e475d6363d3b9295c4645cd08294af288c1c0de, eHTTP v2.0, eboo server, embedde
d http dameon, falcon/2.1, foo, gSOAP/2.7, gen5th/1.33.00, gen5th/1.82.0
and ADX extensions like Intel Broadwell
1, go1984, gunicorn/19.3.0, h2o/2.3.0-DEV@6cde7eb3f, http server 1.0, htt
(5th generation) and later or AMD Ryzen. pd, httpd/1.00, httpd/2.0, httpd_four-faith, httpserver, i-Catcher Consol
6.01, lighttpd, lighttpd-Intelbras, lighttpd/1.4.28, lighttpd/1.4.35, lig
CVE-2018-5407 Simultaneous Multi-threading (SMT) in httpd/1.4.43, lighttpd/1.4.54, localhost, lwIP/1.4.0 (http://savannah.non
processors can enable local users to gnu.org/projects/lwip), mORMot (Windows) Microsoft-HTTPAPI/1.0, mORMot (W
indows) Microsoft-HTTPAPI/2.0, micro_httpd, minhttpd, mini_httpd/1.19 19d
exploit software vulnerable to timing ec2003, mini_httpd/1.21 18oct2014, mini_httpd/1.30 26Oct2018, miniupnpd/
attacks via a side-channel timing attack 1.0 UPnP/1.0, mysrv, nPerf/2.2.0 2019-04-02, nextgen_0.2, nginx, nginx/1.
on 'port contention'.
rchttpd/1.0, rednetcloud, scada, secure, siyou server, sky_router, squid,
CVE-2017-3738 There is an overflow bug in the AVX2
7 19Oct2015, tinyproxy/1.10.0, tsbox, uc-httpd 1.0.0, uc-httpd/1.0.0, wai
Montgomery multiplication procedure tress, web, webcam 7, webcamXP, webserver, webserver/1.0, wfe, wfust, wil
used in exponentiation with 1024-bit dix-http-server, wizzardo-http/0.1, yawcam
moduli. No EC algorithms are affected. Date: Fri, 05 Nov 2021 17:03:12 GMT
Analysis suggests that attacks against Content-Length: 56859
RSA and DSA as a result of this defect

SSL Certificate
would be very difficult to perform and are
not believed likely. Attacks against Certificate:
Data:
DH1024 are considered just feasible, Version: 3 (0x2)
because most of the work necessary to Serial Number:
58:16:fd:36:05:87:ba:30:e0:c8:85:aa:11:0e:69:df:ec:c4:46:9a
deduce information about a private key

Signature Algorithm: sha256WithRSAEncryption
may be performed offline. The amount of Issuer: C=AU, ST=Some-State, O=Internet Widgits Pty Ltd
resources required for such an attack Validity
Not Before: Oct 1 11:31:27 2021 GMT
would be significant. However, for an Not After : Oct 1 11:31:27 2022 GMT
attack on TLS to be meaningful, the Subject: C=AU, ST=Some-State, O=Internet Widgits Pty Ltd
Subject Public Key Info:
server would have to share the DH1024

Public Key Algorithm: rsaEncryption
private key among multiple clients, which RSA Public-Key: (4096 bit)
is no longer an option since CVE-2016- Modulus:
00:c8:c9:44:b3:96:e5:27:5d:09:ab:37:a1:e2:0d:
0701. This only affects processors that 6a:9c:2a:45:5c:77:58:e9:d0:24:af:ad:2b:9f:81:
support the AVX2 but not ADX extensions a2:ca:21:3e:32:ac:ff:1d:92:7b:53:00:24:40:46:
c4:13:1c:e0:8b:42:68:43:e3:f3:93:05:c7:8c:46:
like Intel Haswell (4th generation). Note:

d3:57:d9:09:d6:c5:4a:3e:00:01:95:44:3c:34:aa:
The impact from this issue is similar to 8e:4f:ce:4d:cb:11:0b:ae:6b:5b:44:b1:7d:0c:0a:
b4:1e:cd:e2:7c:d0:88:be:37:2f:46:19:9a:a5:81:
CVE-2017-3736, CVE-2017-3732 and

1a:6c:4b:f0:5c:3a:9e:50:ee:dd:9b:f1:e6:2a:e8:
CVE-2015-3193. OpenSSL version 1.0.2- 77:d5:47:9c:60:e4:dc:a3:84:3d:e4:63:c2:d4:ea:
1.0.2m and 1.1.0-1.1.0g are affected. Fixed a8:fb:e6:49:50:fb:03:2c:b8:86:d3:db:0d:f1:98:
fd:af:36:69:dd:33:d6:7c:fa:8f:1e:88:14:97:89:
in OpenSSL 1.0.2n. Due to the low severity af:b8:ec:21:c1:7c:75:2e:5b:eb:e4:39:5c:36:7b:
of this issue we are not issuing a new cc:92:af:8e:15:94:8b:45:e9:c5:73:a1:b4:1a:90:
f6:12:67:c4:ca:c1:48:ab:fa:ba:b6:81:b6:21:20:
release of OpenSSL 1.1.0 at this time. The

83:e4:39:dd:18:92:1d:59:02:c6:3b:b1:70:10:bc:
fix will be included in OpenSSL 1.1.0h ff:ae:a8:c3:82:eb:fd:3a:ab:7a:5d:76:d2:9c:7d:
when it becomes available. The fix is also a5:a3:af:9c:2c:6f:e7:ff:c4:62:a7:23:01:90:a9:
3f:41:85:2d:f9:58:39:a2:27:09:78:66:69:c3:db:
13:8d:78:df:dd:77:ef:2c:15:24:f6:6a:43:ec:ed:
available in commit e502cc86d in the 06:9a:99:bf:a5:6c:2a:29:1c:ca:b3:98:a2:2f:d4:
4e:35:9b:cd:3c:82:c8:02:00:78:5f:27:4e:09:37:
OpenSSL git repository. f0:c7:ed:1c:49:28:d1:ac:69:c7:e6:25:30:9d:11:
06:95:e7:84:c3:29:42:22:e9:a3:f9:83:ce:b1:c1:
b5:fb:09:74:09:cd:2a:a4:17:84:f5:7a:c7:fd:d4:
CVE-2019-1559 If an application encounters a fatal 0d:37:e9:d3:1c:2d:84:df:20:a2:d9:aa:7d:c2:74:
protocol error and then calls 7d:00:ac:91:85:21:01:f9:b6:0f:bb:49:6a:2a:cd:
2e:b9:a0:d5:35:7a:f8:7c:73:97:dd:dd:79:4f:25:
SSL_shutdown() twice (once to send a

9a:63:98:da:d9:d2:2a:8a:82:0c:76:e8:f0:70:b5:
close_notify, and once to receive one) b2:6c:7c:72:be:56:29:a4:e7:fb:1a:53:5d:69:88:
then OpenSSL can respond differently to d5:de:b8:6d:d0:46:63:98:72:38:7c:40:57:ab:d8:
27:8c:9e:8a:3d:d9:e0:ae:7e:65:2a:cd:96:55:85:
the calling application if a 0 byte record is ab:f7:c8:fa:d4:ac:e1:c9:ba:fa:c8:73:a8:1e:51:
received with invalid padding compared c0:7f:9b:33:95:9a:fe:2b:3a:46:c6:78:aa:42:73:
2a:21:28:9e:99:a0:a2:b6:28:90:bf:5d:d3:b8:41:
to if a 0 byte record is received with an

26:e0:7b
invalid MAC. If the application then Exponent: 65537 (0x10001)
behaves differently based on that in a way X509v3 extensions:
X509v3 Subject Key Identifier:
that is detectable to the remote peer, then 3B:58:8D:D8:66:E6:9C:3F:52:E3:6D:62:96:47:84:51:CB:23:40:

this amounts to a padding oracle that 16
X509v3 Authority Key Identifier:
could be used to decrypt data. In order

keyid:3B:58:8D:D8:66:E6:9C:3F:52:E3:6D:62:96:47:84:51:CB:
for this to be exploitable "non-stitched" 23:40:16
ciphersuites must be in use. Stitched

X509v3 Basic Constraints: critical
ciphersuites are optimised CA:TRUE
implementations of certain commonly Signature Algorithm: sha256WithRSAEncryption
b1:cc:6b:3c:f6:07:39:a4:19:80:c4:b7:5c:ec:1b:b7:fe:a0:
used ciphersuites. Also the application 83:31:df:b7:5b:65:72:e1:c1:a7:25:19:f7:af:1a:8c:5d:d2:
must call SSL_shutdown() twice even if a 27:90:dd:2d:60:02:be:8a:fd:ff:0a:98:e4:1e:fc:26:3a:ae:
ea:bb:37:c6:ca:6b:2f:cc:74:a8:0e:58:fe:65:3c:a4:a6:15:
protocol error has occurred (applications

b1:2c:b9:dd:57:a2:91:ad:4d:22:9b:d0:c9:5e:16:7e:9d:7d:
should not do this but some do anyway). 25:dc:65:e8:b5:3d:02:97:6b:00:8d:ee:a4:02:93:59:14:a9:
Fixed in OpenSSL 1.0.2r (Affected 1.0.2- 22:79:88:d2:1e:c9:7e:a1:7b:d3:5d:ca:c3:8c:5e:2e:f1:1e:
8d:00:45:2e:3e:09:d3:26:8b:4c:89:22:0b:60:63:e1:48:24:
1.0.2q). ed:5e:01:85:2d:a6:42:b6:d5:c3:7e:a2:7b:5d:fb:5f:c8:6c:
44:37:d8:85:1e:f7:a2:82:ec:02:7f:51:5e:3e:5b:d5:bb:32:
50:c7:cc:c4:f5:31:9f:f1:56:ad:ce:0b:c4:fe:8c:51:92:35:
28:c1:26:a0:ab:55:2d:13:ec:5b:50:8e:2a:f5:f1:c7:b5:58:
be:2c:29:6f:8d:a6:8f:7a:66:b0:bd:02:11:10:b1:5c:f9:5d:
8d:f0:2e:3c:04:36:cb:48:4a:d0:26:ff:69:b8:57:9f:c0:1f:
df:f5:43:54:48:22:4e:56:70:6c:66:f7:41:ea:88:ca:25:76:
e9:37:f9:74:62:1a:4b:5d:69:e3:c9:1d:86:6e:f7:2b:17:0d:
2c:5d:66:76:55:fd:b4:f3:c4:7f:39:56:33:2b:20:7b:77:e1:
3c:c6:f9:fb:72:8c:c6:2a:cc:82:de:09:d2:f7:e5:b1:45:fe:
1d:09:d8:44:b1:3e:fb:c9:39:18:b0:5c:85:b9:54:58:5d:ef:
29:7a:45:ae:fd:70:ad:2e:65:87:f2:30:6f:15:92:36:00:c6:
fa:23:5a:8a:45:19:83:d9:b8:da:91:73:b5:ff:d3:5b:d9:dd:
a2:9a:8f:88:80:6c:89:d7:3d:01:6a:eb:06:c0:86:d8:58:af:
96:ac:c0:ec:84:85:07:2c:bb:5f:73:39:92:6d:b4:d9:76:c8:
d7:64:ea:fb:de:1e:67:36:d0:bc:bf:ec:2a:f2:89:cf:80:45:
47:06:5a:51:78:a1:39:da:81:5b:0f:f0:69:d5:df:e7:ee:bc:
40:a6:cc:68:11:0b:d9:32:9f:4e:25:00:b6:88:d2:64:90:ba:
15:aa:63:5d:47:4f:3c:d6:20:08:d7:85:ee:d1:d3:38:c9:15:
a4:f1:e0:d6:41:31:df:a1:e8:ef:1a:40:dc:2b:0b:b9:38:5d:
e5:c4:af:12:5c:4e:a7:06
// 7001 /
TCP
-1761434524 | 2021-10-30T22:23:59.642857
HTTP/1.1 200 OK
HP/7.3.11, Apache/2.4.6 (Red Hat Enterprise Linux) mod_jk/1.2.46 OpenSSL/
y Mod Security, Check Point SVN foundation, Cherokee/1.2.101 (Ubuntu), Ch
PD v1.00, 1999(c) Delta Networks Inc., Embedthis-Appweb/3.2.3, Embedthis-
HFS 2.3m, HTTP Server, HTTP Server 1.0, HTTP Software 1.1, HTTPD, HTTPD W
racle Containers for J2EE, Oracle GlassFish Server 3.1.2.2, Oracle XML D
Reposify, Resin/2.1.12, Resin/3.0.17, Resin/3.1.8, Rex/12.0.760
// 7547 /
TCP
-1809677894 | 2021-10-30T08:56:35.261441
HTTP/1.1 200 OK
r, Web Switch, Web server, Web-Server/3.0, WebServer, WebServer/1.0 UPnP/
Date: Sat, 30 Oct 2021 08:56:35 GMT
// 8080 /
TCP
-1809677894 | 2021-10-14T22:45:46.435864
HTTP/1.1 200 OK
Date: Thu, 14 Oct 2021 22:45:46 GMT
// 8081 /
TCP
-1761434524 | 2021-11-02T17:12:06.449272
HTTP/1.1 200 OK
// 8181 /
TCP
-1761434524 | 2021-10-23T18:36:24.195528
HTTP/1.1 200 OK
// 8888 /
TCP
-1809677894 | 2021-11-03T21:41:49.198236
HTTP/1.1 200 OK
Date: Wed, 03 Nov 2021 21:41:48 GMT
// 9000 /
TCP
-1809677894 | 2021-11-05T20:31:57.474022
HTTP/1.1 200 OK
Date: Fri, 05 Nov 2021 20:31:52 GMT
// 10000 /
TCP
-1761434524 | 2021-11-04T04:00:51.608389
HTTP/1.1 200 OK
// 37215 /
TCP
-1809677894 | 2021-10-27T00:47:43.853966
HTTP/1.1 200 OK
Date: Wed, 27 Oct 2021 00:47:43 GMT
// 49152 /
TCP
-201727892 | 2021-11-02T23:15:21.800191
HTTP/1.0 200 OK
Date: Tue, 02 Nov 2021 23:15:21 GMT
// 50000 /
TCP
-1761434524 | 2021-11-02T18:41:05.022789
HTTP/1.1 200 OK
// 52869 /
TCP
-1809677894 | 2021-10-21T04:55:23.258876
HTTP/1.1 200 OK
Date: Thu, 21 Oct 2021 04:55:22 GMT
// 60001 /
TCP
-1809677894 | 2021-11-04T03:49:40.250617
HTTP/1.1 200 OK
Date: Thu, 04 Nov 2021 03:49:40 GMT
// PRODUCTS // PRICING // CONTACT US

Monitor Bulk Data Membership support@shodan.io
Search Engine Images API Subscriptions

Developer API Snippets Enterprise
Shodan ® - All rights reserved
Maps

Análisis de Vulnerabilidad en Dispositivos Conectados A Internet Utilizando SHODAN

Cargado por

Información del documento

Título original

Derechos de autor

Formatos disponibles

Compartir este documento

Compartir o incrustar documentos

Opciones para compartir

¿Le pareció útil este documento?

¿Este contenido es inapropiado?

Copyright:

Formatos disponibles

Análisis de Vulnerabilidad en Dispositivos Conectados A Internet Utilizando SHODAN

Cargado por

Copyright:

Formatos disponibles

Análisis de vulnerabilidad en dispositivos conectados a Internet utilizando SHODAN

Villarreal Rosales Jorge Luis1

CVE. (30 de Noviembre de 2017). CVE-2018-0737. Obtenido de Common Vulnerabilities and

NVD. (30 de Julio de 2019). Detalle de CVE-2019-1552. Obtenido de BASE DE DATOS

Anexos (Desde la siguiente página.)

// LAST UPDATE: 2021-11-05

General Information Open Ports

Country Ecuador 22 80 8080

SOLUCIONES AVANZADAS INFORMATICAS Y

ASN AS263805 wRqlauqyeN1Z95u93z1wLk/31VwaFWJOejSOpQqTNE3fsIoy3Vy3fBd6Dgx8iblSh7pN+iYye

Web Technologies xp7rR0LPyh6f1s+rmtWIvJlM+D/kpzYOOBCB3BlnTcA5iPhTXpyKgIZZ2Dcuyl0HFp1n1QfeH

based on the software and version. ecdh-sha2-nistp521

CVE-2014-0117 The mod_proxy module in the Apache diffie-hellman-group18-sha512

HTTP Server 2.4.x before 2.4.10, when a diffie-hellman-group-exchange-sha1

reverse proxy is enabled, allows remote

attackers to cause a denial of service Server Host Key Algorithms:

(child-process crash) via a crafted HTTP

Connection header. ssh-rsa

CVE-2014-0118 The deflate_in_filter function in

mod_deflate.c in the mod_deflate module Encryption Algorithms:

in the Apache HTTP Server before 2.4.10,

when request body decompression is aes256-ctr

enabled, allows remote attackers to aes256-cbc

cause a denial of service (resource aes128-ctr

consumption) via crafted request data aes128-cbc

that decompresses to a much larger size.

CVE-2016-0736 In Apache HTTP Server versions 2.4.0 to

2.4.23, mod_session_crypto was hmac-sha2-512-etm@openssh.com

encrypting its data/cookie using the hmac-sha2-256

configured ciphers with possibly either umac-128@openssh.com

CBC or ECB modes of operation (AES256- hmac-sha2-512

CBC by default), hence no selectable or Compression Algorithms:

builtin authenticated encryption. This zlib@openssh.com

made it vulnerable to padding oracle

attacks, particularly with CBC.

CVE-2015-3185 The ap_some_auth_required function in

Server: Apache/2.4.6 (CentOS) PHP/5.4.16

which allows remote attackers to bypass ETag: "1321-5058a1e728280"

intended access restrictions in

opportunistic circumstances by Content-Type: text/html; charset=UTF-8

leveraging the presence of a module that

relies on the 2.2 API behavior.

CVE-2015-3184 mod_authz_svn in Apache Subversion

when using Apache httpd 2.4.x, does not

properly restrict anonymous access, Connection: Keep-Alive

which allows remote anonymous users to

read hidden files via the path name.

CVE-2018-1312 In Apache httpd 2.2.0 to 2.4.29, when

CVE-2016-4975 Possible CRLF injection allowing HTTP

CVE-2016-8612 Apache HTTP Server mod_cluster before

CVE-2014-0226 Race condition in the mod_status module

CVE-2014-3523 Memory leak in the winnt_accept function

CVE-2017-15710 In Apache httpd 2.0.23 to 2.0.65, 2.2.0 to

CVE-2017-15715 In Apache httpd 2.4.0 to 2.4.29, the

CVE-2013-6438 The dav_xml_get_cdata function in

CVE-2019- In Apache HTTP server 2.4.0 to 2.4.39,

CVE-2017-7679 In Apache httpd 2.2.x before 2.2.33 and

CVE-2020-1927 In Apache HTTP Server 2.4.0 to 2.4.41,

CVE-2018-17199 In Apache HTTP Server 2.4 release 2.4.37

CVE-2017-9788 In Apache httpd before 2.2.34 and 2.4.x

CVE-2014-8109 mod_lua.c in the mod_lua module in the

CVE-2017-9798 Apache httpd allows remote attackers to

CVE-2016-2161 In Apache HTTP Server versions 2.4.0 to