GeneralInformation

Hostnames	cube.akis.at webmail.akis.at
Domains	akis.at
Country	Austria
City	Vienna
Organization	A.K.I.S. GmbH
ISP	AtNOC GmbH
ASN	AS35339
Operating System	Unix

WebTechnologies

JavaScript libraries

jQuery

jQuery UI

UI frameworks

Bootstrap

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2025(2)

CVE-2025-26466

5.9A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to an uncontrolled increase in memory consumption on the server side. Consequently, the server may become unavailable, resulting in a denial of service attack.

CVE-2025-26465

6.8A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.

2024(4)

CVE-2024-11236

9.8In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, uncontrolled long string inputs to ldap_escape() function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write.

CVE-2024-11234

4.8In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, when using streams with configured proxy and "request_fulluri" option, the URI is not properly sanitized which can lead to HTTP request smuggling and allow the attacker to use the proxy to perform arbitrary HTTP requests originating from the server, thus potentially gaining access to resources not normally available to the external user.

CVE-2024-11233

4.8In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, due to an error in convert.quoted-printable-decode filter certain data can lead to buffer overread by one byte, which can in certain circumstances lead to crashes or disclose content of other memory areas.

CVE-2024-6387

8.1A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

2023(1)

CVE-2023-51767

7.0OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.

2013(1)

CVE-2013-2220

7.5Buffer overflow in the radius_get_vendor_attr function in the Radius extension before 1.2.7 for PHP allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large Vendor Specific Attributes (VSA) length value.

2008(1)

CVE-2008-3844

9.3Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.

2007(2)

CVE-2007-3205

5.0The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin.

CVE-2007-2768

4.3OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.

OpenPorts

22 25 80 443

22 / tcp

1355864767 | 2025-04-09T15:06:23.039065

SSH-2.0-OpenSSH_9.6 FreeBSD-20240806
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQC8fY3/qtlpXlAFmqBWjC8WUF6d72KSgrLjuHvfz5DMjeIC
aTgvEGIzNci+UmGqphFu4hEhYw0HjHFpEf1SpYKnYZPRult+7MVqchwzPh5JhUfZ5peeb29f1RlL
J57ymTQebE3vtZXhrxxKlRsQFvCNk3xUatl8tM6yx6Ze9/hE4G60rj7i7egiD1cCNQR5k6AjEyCr
3iduSiICwGXYVY9AlanaRMou/iuGjMRdBmx0y3ZOtmtIPtux6fsbeZ2OdIIQeqR5CSnSKE0+u26b
lweTAB0uvQu3cMXJmX2hXevHdsCSXu7m4spLojIujKxbt3fsO9vrOXCdxg9j+zjO0wdHuoRQMk/J
4Uqpl95/AWxWdsywRh5je/PoHUL4weHYGBCmGkd5QB78eW0FwHajo/M20DaORu5VbQyKttoRBt25
aJx3jmPI8VG6PuN9Mhz44F7wcwhyjO7zt02+Yl5v9tHHDnsilCcXvsSWF6moz3eJVz9e6n1wAUeg
5z9hcjMHsdM=
Fingerprint: 25:3d:28:a7:85:9a:00:12:f7:bd:d8:e2:7f:6b:14:56

Kex Algorithms:
	sntrup761x25519-sha512@openssh.com
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	ext-info-s
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

Vulnerabilities

1 2 3

25 / tcp

1233677698 | 2025-04-12T04:23:32.177288

220 cube.akis.at ESMTP Sendmail 8.18.1/8.18.1; Sat, 12 Apr 2025 06:23:25 +0200 (CEST)
250-cube.akis.at Hello 224.44.32.133 [224.44.32.133] (may be forged), pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-STARTTLS
250-DELIVERBY
250 HELP

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1 (0x1)
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=XX, ST=Some-state, L=Some-city, O=Some-org, CN=webmail.akis.at
        Validity
            Not Before: Jun  7 11:43:27 2017 GMT
            Not After : Jun  7 11:43:27 2018 GMT
        Subject: C=XX, ST=Some-state, L=Some-city, O=Some-org, CN=webmail.akis.at
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:f6:20:c7:bb:65:0b:9f:bc:2f:95:59:2a:0f:27:
                    f5:95:a6:b5:2a:43:f6:67:1d:52:2a:79:6c:67:79:
                    94:25:93:35:c0:ea:b8:a0:d3:91:4e:87:32:49:06:
                    24:4b:dd:ed:6b:83:c0:32:5a:52:a4:a1:87:b4:db:
                    a2:88:69:53:dc:04:a8:d5:85:38:29:7f:bc:44:90:
                    ed:63:f7:a3:d2:66:a6:ef:b3:a3:14:f6:b5:fb:21:
                    bb:3c:39:79:80:e9:a8:ca:a0:9f:f4:b2:e3:c3:ad:
                    56:25:40:8b:40:2c:88:17:d5:03:f4:ea:f9:44:ae:
                    86:05:b2:24:4f:94:75:da:cc:95:c6:5b:a7:bf:b1:
                    58:3f:8e:08:c8:d6:6e:a3:a3:07:55:d7:c5:7a:85:
                    fe:6c:b4:96:ae:ad:ae:a2:34:01:5f:df:dd:96:a0:
                    6c:6b:6a:9c:70:b9:d7:24:2d:4b:aa:e0:17:ea:e5:
                    16:12:6d:3c:dc:d0:b2:09:bd:d5:c3:81:d6:37:fe:
                    d4:bb:65:c2:b5:c3:3f:63:ac:2b:0c:80:5f:b1:42:
                    64:02:26:41:a7:0d:75:41:3c:dc:09:83:b8:ae:8f:
                    8b:9c:f1:6a:c4:df:78:40:77:da:e1:65:54:55:35:
                    c6:f6:ff:aa:32:cd:a9:4b:a7:16:73:0d:26:64:bc:
                    1c:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
            Netscape Comment: 
                OpenSSL Generated Certificate
            X509v3 Subject Key Identifier: 
                8E:83:01:1A:EB:83:42:74:16:F4:E2:41:D5:4D:DC:26:94:41:02:EF
            X509v3 Authority Key Identifier: 
                22:1F:40:D9:A0:74:97:FC:B0:28:FB:BE:ED:92:41:0E:C3:B7:83:E2
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        35:70:b1:ce:69:ff:a8:a3:1f:2a:c0:c0:d3:9b:5e:10:cc:b7:
        bb:13:80:16:c0:54:f8:fb:8f:d3:c4:cc:a9:c8:2b:8e:ef:0a:
        3b:ca:2a:6a:29:de:a9:69:c2:e3:a2:7d:60:78:91:e7:6b:a6:
        60:a0:9f:40:91:01:80:b4:97:c9:6e:87:69:ea:e2:ef:7a:80:
        81:d7:b6:03:b6:07:37:f2:a6:0f:ab:71:d0:1b:ba:cf:ef:7a:
        97:0b:41:87:87:cb:e1:09:e1:7f:07:99:25:5b:b2:3b:5c:d5:
        dc:ab:50:05:f8:c6:a0:40:53:7f:50:2b:7b:0b:da:32:01:ce:
        2b:36:3c:20:95:da:66:e5:4b:ce:4d:b9:1c:6e:c6:d2:bb:86:
        7c:d0:13:1d:d0:6e:fe:7a:38:21:bb:b0:a4:c9:33:c0:df:92:
        e6:6a:e9:7a:c0:df:7c:8d:26:c6:6f:fd:a2:0b:6f:da:92:37:
        5b:ee:44:8c:0b:88:7f:93:4d:4c:6f:d9:ed:d6:1f:cb:eb:22:
        3d:6e:4f:f5:7c:57:f0:53:b5:ba:e5:9a:ba:03:e1:21:dc:d0:
        be:b7:31:8b:64:52:e8:b2:a5:81:f9:41:47:6c:b0:b4:cd:77:
        a8:ee:80:de:fb:dc:0f:b9:ca:5e:31:2b:82:c1:70:87:33:5d:
        98:f1:7b:6a

80 / tcp

-1121567685 | 2025-04-07T08:10:18.294026

Hashes

hash

1008696689

http.dom_hash

1239617585

http.html_hash

-1121567685

http.server_hash

1006625099

http.title_hash

1522695184

301 Moved Permanently

HTTP/1.1 301 Moved Permanently
Server: nginx/1.26.2
Date: Mon, 07 Apr 2025 08:10:18 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://webmail.akis.at/

443 / tcp

-1936683647 | 2025-04-07T08:10:21.457770

Hashes

hash

-1977325250

http.dom_hash

-1101513875

http.favicon.hash

456756173

http.html_hash

-1936683647

http.server_hash

1006625099

http.title_hash

-1133466311

Akis Webmail :: Willkommen bei Akis Webmail

HTTP/1.1 200 OK
Server: nginx/1.26.2
Date: Mon, 07 Apr 2025 08:10:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.3.12
Set-Cookie: roundcube_sessid=9efb9cdeb53a54f125818c40acac4e90; path=/; secure; HttpOnly
Expires: Mon, 07 Apr 2025 08:10:21 GMT
Last-Modified: Mon, 07 Apr 2025 08:10:21 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Frame-Options: sameorigin
Content-Language: de
Strict-Transport-Security: max-age=63072000

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:73:16:2e:c6:33:bc:d6:8d:05:d4:f0:6e:0b:fe:c5:64:84
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R11
        Validity
            Not Before: Mar 26 03:06:44 2025 GMT
            Not After : Jun 24 03:06:43 2025 GMT
        Subject: CN=cube.akis.at
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:bd:37:56:bd:21:c0:4f:72:ec:18:53:ad:bf:0c:
                    ca:35:45:8e:b7:f3:fc:b7:f8:20:ab:69:26:ac:01:
                    14:06:c1:ca:49:99:98:32:bc:ab:17:bd:78:60:3b:
                    7c:1e:f7:6b:04:ea:26:b6:61:04:93:9b:1e:6b:69:
                    b4:25:fd:fa:64:f3:a7:56:7e:93:72:91:28:ba:4e:
                    78:d0:cd:79:86:45:09:1c:e8:20:68:8c:c8:f0:86:
                    d0:a8:61:5d:97:79:2f:5e:a9:ef:44:b7:a7:96:d6:
                    8a:c9:58:a6:3d:d7:00:3a:49:7b:29:a4:cb:61:01:
                    60:88:b8:c6:28:04:c5:a8:f4:7c:16:15:97:2d:ee:
                    98:a2:f1:77:07:92:68:12:77:59:db:23:6e:0d:6e:
                    2f:be:d1:01:20:1e:3a:55:44:8d:53:1a:54:e4:80:
                    2d:93:94:06:60:c3:db:b5:60:b7:9b:1f:00:d5:21:
                    52:6f:b9:a5:47:97:bd:a8:c4:43:02:3c:ec:eb:58:
                    43:9b:62:19:4c:59:d7:88:c7:f8:83:09:92:19:6b:
                    78:24:b1:f0:09:57:c9:eb:c7:17:5c:ea:ea:41:6e:
                    0c:db:8a:f7:38:92:7f:95:5a:74:38:08:b1:b1:7c:
                    aa:0d:02:59:32:3d:17:0c:89:a6:75:e8:fd:f8:9a:
                    a0:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                53:EA:D3:81:C7:F9:49:FF:88:3C:88:31:08:02:37:83:EA:93:D6:92
            X509v3 Authority Key Identifier: 
                C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9
            Authority Information Access: 
                OCSP - URI:http://r11.o.lencr.org
                CA Issuers - URI:http://r11.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:cube.akis.at, DNS:webmail.akis.at
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://r11.c.lencr.org/5.crl
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Mar 26 04:05:15.301 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:84:B4:CB:2E:35:67:20:98:C0:9B:34:
                                2D:60:91:87:D0:9B:9D:68:CC:35:FC:ED:18:54:B8:E2:
                                A9:25:DC:9B:38:02:21:00:AC:D6:70:B5:5F:40:3C:B9:
                                9D:AD:87:0D:EE:51:55:6F:A5:CE:8D:71:08:E8:54:67:
                                AA:52:AC:AF:6E:4F:27:D1
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 7D:59:1E:12:E1:78:2A:7B:1C:61:67:7C:5E:FD:F8:D0:
                                87:5C:14:A0:4E:95:9E:B9:03:2F:D9:0E:8C:2E:79:B8
                    Timestamp : Mar 26 04:05:17.327 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:E2:50:0D:08:8C:EF:6E:65:36:4C:B5:
                                98:58:5C:91:C0:D5:14:F4:92:6F:74:32:BB:4C:D6:78:
                                50:4A:29:2C:5D:02:20:6E:39:AA:99:FA:37:A9:3D:3A:
                                06:CD:0F:72:D8:A8:78:19:42:8D:7D:CE:68:52:46:73:
                                6A:53:E1:B4:4D:34:44
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        b0:6f:26:c9:6b:bb:70:10:29:ce:f0:62:fe:9a:e9:13:6c:f3:
        e9:95:1e:70:b6:37:c2:3c:53:d3:9c:a9:0f:be:53:be:91:db:
        36:d2:02:9f:f0:12:14:2c:e5:43:e2:24:2a:74:ea:a8:e0:6b:
        b0:2e:30:db:b5:ce:85:67:c4:cd:0b:19:0c:9a:27:6e:72:49:
        a0:df:06:35:8b:ac:f9:b9:00:13:41:41:0c:f4:e9:bf:d1:7a:
        10:fc:fb:6a:21:84:7a:9d:c8:3f:10:47:01:22:c5:9c:ab:af:
        dc:c1:d1:ac:5b:0a:aa:d7:14:a4:98:af:18:aa:90:52:ee:c6:
        c4:0d:ed:3c:f6:3b:91:c3:82:ed:1a:a8:65:d7:13:36:cb:c3:
        39:17:ac:09:98:57:16:db:17:e2:5b:78:10:34:ca:6d:36:cc:
        04:03:79:66:e8:0d:20:5a:86:a2:8b:ab:73:be:0c:14:e8:7a:
        3b:03:ac:8d:ba:f5:ab:93:e2:3e:3a:9d:4f:6c:ae:53:b2:b9:
        c3:e5:7a:19:4c:ea:b7:59:ee:d0:97:b1:72:31:ef:b7:b2:f4:
        72:7c:a3:2f:13:a9:49:51:f9:d8:51:4f:90:8b:4d:f0:1b:6f:
        fb:cd:71:db:9d:b4:7f:c0:1b:44:30:65:09:9c:ac:9d:29:d7:
        a4:3c:13:c6

Vulnerabilities

1 1 3

95.129.200.10

Last Seen: 2025-04-12

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

22 / tcp

1355864767 | 2025-04-09T15:06:23.039065

OpenSSH9.6

25 / tcp

1233677698 | 2025-04-12T04:23:32.177288

Sendmail8.18.1/8.18.1

80 / tcp

-1121567685 | 2025-04-07T08:10:18.294026

Hashes

nginx1.26.2

443 / tcp

-1936683647 | 2025-04-07T08:10:21.457770

Hashes

nginx1.26.2

Products

Pricing

Contact Us

95.129.200.10

Last Seen: 2025-04-12

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities All ports Port 22 Port 443 Latest CVSS

OpenPorts

22 / tcp 1355864767 | 2025-04-09T15:06:23.039065

OpenSSH9.6

25 / tcp 1233677698 | 2025-04-12T04:23:32.177288

Sendmail8.18.1/8.18.1

80 / tcp -1121567685 | 2025-04-07T08:10:18.294026

Hashes

nginx1.26.2

443 / tcp -1936683647 | 2025-04-07T08:10:21.457770

Hashes

nginx1.26.2

Products

Pricing

Contact Us

Vulnerabilities

22 / tcp

1355864767 | 2025-04-09T15:06:23.039065

25 / tcp

1233677698 | 2025-04-12T04:23:32.177288

80 / tcp

-1121567685 | 2025-04-07T08:10:18.294026

443 / tcp

-1936683647 | 2025-04-07T08:10:21.457770