203.201.172.140

Regular View Raw Data Timeline
Last Seen: 2025-01-21

GeneralInformation

Hostnames dnet-172140.dnetsurabaya.id
local.pt-ssi.com
Domains dnetsurabaya.id pt-ssi.com 
Country Indonesia
City Surabaya
Organization Dnet Surabaya
ISP PT. Dutakom Wibawa Putra
ASN AS38778

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2023
CVE-2023-51766
5.3Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim supports <LF>.<CR><LF> but some other popular e-mail servers do not.
2013
CVE-2013-4365
7.5Heap-based buffer overflow in the fcgid_header_bucket_read function in fcgid_bucket.c in the mod_fcgid module before 2.3.9 for the Apache HTTP Server allows remote attackers to have an unspecified impact via unknown vectors.
CVE-2013-2765
5.0The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service (NULL pointer dereference, process crash, and disk consumption) via a POST request with a large body and a crafted Content-Type header.
CVE-2013-0942
4.3Cross-site scripting (XSS) vulnerability in EMC RSA Authentication Agent 7.1 before 7.1.1 for Web for Internet Information Services, and 7.1 before 7.1.1 for Web for Apache, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2013-0941
2.1EMC RSA Authentication API before 8.1 SP1, RSA Web Agent before 5.3.5 for Apache Web Server, RSA Web Agent before 5.3.5 for IIS, RSA PAM Agent before 7.0, and RSA Agent before 6.1.4 for Microsoft Windows use an improper encryption algorithm and a weak key for maintaining the stored data of the node secret for the SecurID Authentication API, which allows local users to obtain sensitive information via cryptographic attacks on this data.
2012
CVE-2012-4360
4.3Cross-site scripting (XSS) vulnerability in the mod_pagespeed module 0.10.19.1 through 0.10.22.4 for the Apache HTTP Server allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-4001
5.0The mod_pagespeed module before 0.10.22.6 for the Apache HTTP Server does not properly verify its host name, which allows remote attackers to trigger HTTP requests to arbitrary hosts via unspecified vectors, as demonstrated by requests to intranet servers.
CVE-2012-3526
5.0The reverse proxy add forward module (mod_rpaf) 0.5 and 0.6 for the Apache HTTP Server allows remote attackers to cause a denial of service (server or application crash) via multiple X-Forwarded-For headers in a request.
2011
CVE-2011-2688
7.5SQL injection vulnerability in mysql/mysql-auth.pl in the mod_authnz_external module 3.2.5 and earlier for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the user field.
CVE-2011-1176
4.3The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module 2.2.11-01 and 2.2.11-02 for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which might allow remote attackers to gain privileges by leveraging the root uid and root gid of an mpm-itk process.
2009
CVE-2009-2299
5.0The Artofdefence Hyperguard Web Application Firewall (WAF) module before 2.5.5-11635, 3.0 before 3.0.3-11636, and 3.1 before 3.1.1-11637, a module for the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via an HTTP request with a large Content-Length value but no POST data.
CVE-2009-0796
2.6Cross-site scripting (XSS) vulnerability in Status.pm in Apache::Status and Apache2::Status in mod_perl1 and mod_perl2 for the Apache HTTP Server, when /perl-status is accessible, allows remote attackers to inject arbitrary web script or HTML via the URI.
2007
CVE-2007-4723
7.5Directory traversal vulnerability in Ragnarok Online Control Panel 4.3.4a, when the Apache HTTP Server is used, allows remote attackers to bypass authentication via directory traversal sequences in a URI that ends with the name of a publicly available page, as demonstrated by a "/...../" sequence and an account_manage.php/login.php final component for reaching the protected account_manage.php page.
1336745745 | 2025-01-20T19:45:37.935139
  
21 / tcp
-586265245 | 2025-01-20T02:23:14.885674
  
22 / tcp
-782673497 | 2025-01-21T01:46:19.114403
  
25 / tcp
-567627901 | 2025-01-17T04:27:13.592779
  
80 / tcp
-39553298 | 2025-01-12T08:58:01.264382
  
81 / tcp
-243750165 | 2025-01-19T06:27:21.998185
  
111 / tcp
-243750165 | 2025-01-14T22:18:04.274425
  
111 / udp
1133575510 | 2025-01-13T02:44:56.776293
  
143 / tcp
1021694896 | 2025-01-12T22:40:44.719623
  
443 / tcp
-208041157 | 2025-01-19T21:15:30.576417
  
445 / tcp
268511832 | 2025-01-18T09:09:03.475440
  
631 / tcp
-175537364 | 2025-01-06T15:16:04.737879
  
5357 / tcp
1765360226 | 2025-01-19T04:42:16.567688
  
8080 / tcp
-822904035 | 2025-01-14T14:10:00.381618
  
10000 / tcp



Contact Us

Shodan ® - All rights reserved