{"vulnerability": "cve-2016-2183", "sightings": [{"uuid": "f36c18c0-a2be-42b2-a163-41e328bad4a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-2183", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/115093680188761999", "content": "", "creation_timestamp": "2025-08-26T06:36:28.916487Z"}, {"uuid": "80286d08-cc7a-4c81-8886-c1fc7755a7ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-2183", "type": "published-proof-of-concept", "source": "Telegram/cQf2CT3r4WvnJhAn_Z5tbBdbHlIor2zaa0XkqChp6pgA9CQ", "content": "", "creation_timestamp": "2025-12-13T09:00:04.000000Z"}, {"uuid": "2d857ff8-553b-460f-b6f9-3ec2a3a2b6be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-2183", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/116362045594819401", "content": "", "creation_timestamp": "2026-04-07T06:38:29.141687Z"}, {"uuid": "7cd2f2f0-d241-4e78-9d23-36ba604bbdac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-2183", "type": "seen", "source": "https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3miv663v4rpz2", "content": "", "creation_timestamp": "2026-04-07T06:38:33.050774Z"}, {"uuid": "804d205f-dbc0-45c9-954e-ead94850d3e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-2183", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10542", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-0296\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Birthday attack against 64-bit block ciphers flaw (CVE-2016-2183) was reported for the health checks port (9979) on etcd grpc-proxy component. Even though the CVE-2016-2183 has been fixed in the etcd components, to enable periodic health checks from kubelet, it was necessary to open up a new port (9979) on etcd grpc-proxy, hence this port might be considered as still vulnerable to the same type of vulnerability. The health checks on etcd grpc-proxy do not contain sensitive data (only metrics data), therefore the potential impact related to this vulnerability is minimal. The CVE-2023-0296 has been assigned to this issue to track the permanent fix in the etcd component.\n\ud83d\udccf Published: 2023-01-17T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-04T18:48:51.215Z\n\ud83d\udd17 References:\n1. https://bugzilla.redhat.com/show_bug.cgi?id=2161287", "creation_timestamp": "2025-04-04T19:36:56.000000Z"}, {"uuid": "aabb0827-722d-43e5-a5d7-c412d5f0b4ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-2183", "type": "seen", "source": "https://t.me/ETHICALHACKERSCOMMUNITY2/3548", "content": "\u2521\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2547\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2547\u2501\u2501\u2501\u2501\u2501\u2501\u2547\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2529\n\u2502 192.168.0.10 \u2502 \u2502 \u2502 \u2502\n\u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500 \u2500\u2534\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2534\u2500\u2500\u2500\u2500\u2500\u2500\u2534\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\n\n[Open ports]\n\u250f\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2533\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2533\u2501\u2501\u2501\u2501\u2501\u2501\u2533\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2533\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2533\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2513\n\u2503 ip \u2503 proto \u2503 port \u2503 service \u2503 product \u2503 version \u2503\n\u2521\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2547\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2547\u2501\u2501\u2501\u2501\u2501\u2501\u2547\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2547\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2547\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2529\n\u2502 192.168.0.10 \u2502 tcp \u2502 21 \u2502 ftp \u2502 ProFTPD \u2502 1.3.5 \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 22 \u2502 ssh \u2502 OpenSSH \u2502 6.6.1p1 Ubuntu 2ubuntu2.10 \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 80 \u2502 http \u2502 Apache httpd \u2502 2.4.7 \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 445 \u2502 netbios-ssn \u2502 Samba smbd \u2502 3.X - 4.X \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 631 \u2502 ipp \u2502 CUPS \u2502 1.7 \u2502\n\u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2534\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2534\u2500\u2500\u2500\u2500\u2500\u2500\u2534\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2534\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2534\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\n\n[Vulnerabilities]\n\u250f\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2533\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2533\u2501\u2501\u2501\u2501\u2501\u2501\u2533\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2533\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2513\n\u2503 ip \u2503 proto \u2503 port \u2503 vuln_name \u2503 cve \u2503\n\u2521\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2547\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2547\u2501\u2501\u2501\u2501\u2501\u2501\u2547\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2547\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2529\n\u2502 192.168.0.10 \u2502 tcp \u2502 0 \u2502 TCP Timestamps Information Disclosure (https://www.kitploit.com/search/label/Information%20Disclosure) \u2502 N/A \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 21 \u2502 FTP Unencrypted Cleartext Login \u2502 N/A \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 22 \u2502 Weak MAC Algorithm(s) Supported (SSH) \u2502 N/A \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 22 \u2502 Weak Encryption Algorithm(s) Supported (SSH) \u2502 N/A \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 22 \u2502 Weak Host Key Algorithm(s) (SSH) \u2502 N/A \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 22 \u2502 Weak Key Exchange (KEX) Algorithm(s) Supported (SSH) \u2502 N/A \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 80 \u2502 Test HTTP dangerous methods \u2502 N/A \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 80 \u2502 Drupal Core SQLi Vulnerability (SA-CORE-2014-005) - Active Check \u2502 CVE-2014-3704 \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 80 \u2502 Drupal Coder RCE Vulnerability (SA-CONTRIB-2016-039) - Active Check \u2502 N/A \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 80 \u2502 Sensitive File Disclosure (HTTP) \u2502 N/A \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 80 \u2502 Unprotected Web App / Device Installers (HTTP) \u2502 N/A \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 80 \u2502 Cleartext Transmission of Sensitive Information (https://www.kitploit.com/search/label/Sensitive%20Information) via HTTP \u2502 N/A \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 80 \u2502 jQuery < 1.9.0 XSS Vulnerability \u2502 CVE-2012-6708 \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 80 \u2502 jQuery < 1.6.3 XSS Vulnerability \u2502 CVE-2011-4969 \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 80 \u2502 Drupal 7.0 Information Disclosure Vulnerability - Active Check \u2502 CVE-2011-3730 \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 631 \u2502 SSL/TLS: Report Vulnerable Cipher Suites for HTTPS \u2502 CVE-2016-2183 \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 631 \u2502 SSL/TLS: Report Vulnerable Cipher Suites for HTTPS \u2502 CVE-2016-6329 \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 631 \u2502 SSL/TLS: Report Vulnerable Cipher Suites for HTTPS \u2502 CVE-2020-12872 \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 631 \u2502 SSL/TLS: Deprecated TLSv1.0 and TLSv1.1 Protocol Detection \u2502 CVE-2011-3389 \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 631 \u2502 SSL/TLS: Deprecated TLSv1.0 and TLSv1.1 Protocol Detection \u2502 CVE-2015-0204 \u2502\n\u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2534\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2534\u2500\u2500\u2500\u2500\u2500\u2500\u2534\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2534\u2500\u2500\u2500& #9472;\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\n\n[Users]", "creation_timestamp": "2024-01-08T12:19:23.000000Z"}, {"uuid": "0b9cc534-7b41-44ac-90f3-167e2286a131", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-2183", "type": "seen", "source": "https://t.me/endsodomaofficial/7318", "content": "====== Running in file batch mode with file=\"hosts/ips.txt\" ======\n\n==========================\n/root/Tools/testssl.sh/testssl.sh --quiet --color 0 -U --warnings=batch 77.81.101.111\n\n\n Start 2024-02-14 22:13:09 -->> 77.81.101.111:443 (77.81.101.111) <<--\n\n rDNS (77.81.101.111): --\n Service detected: HTTP\n\n\n Testing vulnerabilities\n\n Heartbleed (CVE-2014-0160) not vulnerable (OK), no heartbeat extension\n CCS (CVE-2014-0224) not vulnerable (OK)\n Ticketbleed (CVE-2016-9244), experiment. not vulnerable (OK)\n ROBOT not vulnerable (OK)\n Secure Renegotiation (RFC 5746) supported (OK)\n Secure Client-Initiated Renegotiation not vulnerable (OK)\n CRIME, TLS (CVE-2012-4929) not vulnerable (OK)\n BREACH (CVE-2013-3587) no gzip/deflate/compress/br HTTP compression (OK) - only supplied \"/\" tested\n POODLE, SSL (CVE-2014-3566) not vulnerable (OK)\n TLS_FALLBACK_SCSV (RFC 7507) Downgrade attack prevention supported (OK)\n SWEET32 (CVE-2016-2183, CVE-2016-6329) not vulnerable (OK)\n FREAK (CVE-2015-0204) not vulnerable (OK)\n DROWN (CVE-2016-0800, CVE-2016-0703) not vulnerable on this host and port (OK)\n make sure you don't use this certificate elsewhere with SSLv2 enabled services, see\n https://search.censys.io/search?resource=hosts&virtual_hosts=INCLUDE&q=84359F27151AC6F21A23D865CCD523FADB0B99CE8E33878E67081E5BFF1D759C\n LOGJAM (CVE-2015-4000), experimental common prime with 2048 bits detected: HAProxy (2048 bits),\n but no DH EXPORT ciphers\n BEAST (CVE-2011-3389) TLS1: ECDHE-RSA-AES256-SHA\n HE-RSA-AES256-SHA\n CDHE-RSA-AES128-SHA\n HE-RSA-AES128-SHA\n ES256-SHA\n ES128-SHA\n VULNERABLE -- but also supports higher protocols TLSv1.1 TLSv1.2 (likely mitigated)\n LUCKY13 (CVE-2013-0169), experimental potentially VULNERABLE, uses cipher block chaining (CBC) ciphers with TLS. Check patches\n Winshock (CVE-2014-6321), experimental not vulnerable (OK)\n RC4 (CVE-2013-2566, CVE-2015-2808) no RC4 ciphers detected (OK)\n\n\n Done 2024-02-14 22:15:15 [ 152s] -->> 77.81.101.111:443 (77.81.101.111) <<--\n\nYou got fucked RealitateaTV MOSSAD ISIS, Zionist Bastard \ud83d\ude01", "creation_timestamp": "2024-02-15T00:49:09.000000Z"}, {"uuid": "13c34206-ab4f-4efb-aa46-e0fd5f69f1c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-2183", "type": "seen", "source": "https://t.me/jokerssec/1351", "content": "====== Running in file batch mode with file=\"hosts/ips.txt\" ======\n\n==========================\n/root/Tools/testssl.sh/testssl.sh --quiet --color 0 -U --warnings=batch 77.81.101.111\n\n\n Start 2024-02-14 22:13:09 -->> 77.81.101.111:443 (77.81.101.111) <<--\n\n rDNS (77.81.101.111): --\n Service detected: HTTP\n\n\n Testing vulnerabilities\n\n Heartbleed (CVE-2014-0160) not vulnerable (OK), no heartbeat extension\n CCS (CVE-2014-0224) not vulnerable (OK)\n Ticketbleed (CVE-2016-9244), experiment. not vulnerable (OK)\n ROBOT not vulnerable (OK)\n Secure Renegotiation (RFC 5746) supported (OK)\n Secure Client-Initiated Renegotiation not vulnerable (OK)\n CRIME, TLS (CVE-2012-4929) not vulnerable (OK)\n BREACH (CVE-2013-3587) no gzip/deflate/compress/br HTTP compression (OK) - only supplied \"/\" tested\n POODLE, SSL (CVE-2014-3566) not vulnerable (OK)\n TLS_FALLBACK_SCSV (RFC 7507) Downgrade attack prevention supported (OK)\n SWEET32 (CVE-2016-2183, CVE-2016-6329) not vulnerable (OK)\n FREAK (CVE-2015-0204) not vulnerable (OK)\n DROWN (CVE-2016-0800, CVE-2016-0703) not vulnerable on this host and port (OK)\n make sure you don't use this certificate elsewhere with SSLv2 enabled services, see\n https://search.censys.io/search?resource=hosts&virtual_hosts=INCLUDE&q=84359F27151AC6F21A23D865CCD523FADB0B99CE8E33878E67081E5BFF1D759C\n LOGJAM (CVE-2015-4000), experimental common prime with 2048 bits detected: HAProxy (2048 bits),\n but no DH EXPORT ciphers\n BEAST (CVE-2011-3389) TLS1: ECDHE-RSA-AES256-SHA\n HE-RSA-AES256-SHA\n CDHE-RSA-AES128-SHA\n HE-RSA-AES128-SHA\n ES256-SHA\n ES128-SHA\n VULNERABLE -- but also supports higher protocols TLSv1.1 TLSv1.2 (likely mitigated)\n LUCKY13 (CVE-2013-0169), experimental potentially VULNERABLE, uses cipher block chaining (CBC) ciphers with TLS. Check patches\n Winshock (CVE-2014-6321), experimental not vulnerable (OK)\n RC4 (CVE-2013-2566, CVE-2015-2808) no RC4 ciphers detected (OK)\n\n\n Done 2024-02-14 22:15:15 [ 152s] -->> 77.81.101.111:443 (77.81.101.111) <<--\n\nYou got fucked RealitateaTV MOSSAD ISIS, Zionist Bastard \ud83d\ude01", "creation_timestamp": "2024-02-15T03:00:05.000000Z"}, {"uuid": "b781c8a6-a062-4d2d-be91-134d4b751051", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-2183", "type": "seen", "source": "https://t.me/marianaalecu/3622", "content": "====== Running in file batch mode with file=\"hosts/ips.txt\" ======\n\n==========================\n/root/Tools/testssl.sh/testssl.sh --quiet --color 0 -U --warnings=batch 77.81.101.111\n\n\n Start 2024-02-14 22:13:09 -->> 77.81.101.111:443 (77.81.101.111) <<--\n\n rDNS (77.81.101.111): --\n Service detected: HTTP\n\n\n Testing vulnerabilities\n\n Heartbleed (CVE-2014-0160) not vulnerable (OK), no heartbeat extension\n CCS (CVE-2014-0224) not vulnerable (OK)\n Ticketbleed (CVE-2016-9244), experiment. not vulnerable (OK)\n ROBOT not vulnerable (OK)\n Secure Renegotiation (RFC 5746) supported (OK)\n Secure Client-Initiated Renegotiation not vulnerable (OK)\n CRIME, TLS (CVE-2012-4929) not vulnerable (OK)\n BREACH (CVE-2013-3587) no gzip/deflate/compress/br HTTP compression (OK) - only supplied \"/\" tested\n POODLE, SSL (CVE-2014-3566) not vulnerable (OK)\n TLS_FALLBACK_SCSV (RFC 7507) Downgrade attack prevention supported (OK)\n SWEET32 (CVE-2016-2183, CVE-2016-6329) not vulnerable (OK)\n FREAK (CVE-2015-0204) not vulnerable (OK)\n DROWN (CVE-2016-0800, CVE-2016-0703) not vulnerable on this host and port (OK)\n make sure you don't use this certificate elsewhere with SSLv2 enabled services, see\n https://search.censys.io/search?resource=hosts&virtual_hosts=INCLUDE&q=84359F27151AC6F21A23D865CCD523FADB0B99CE8E33878E67081E5BFF1D759C\n LOGJAM (CVE-2015-4000), experimental common prime with 2048 bits detected: HAProxy (2048 bits),\n but no DH EXPORT ciphers\n BEAST (CVE-2011-3389) TLS1: ECDHE-RSA-AES256-SHA\n HE-RSA-AES256-SHA\n CDHE-RSA-AES128-SHA\n HE-RSA-AES128-SHA\n ES256-SHA\n ES128-SHA\n VULNERABLE -- but also supports higher protocols TLSv1.1 TLSv1.2 (likely mitigated)\n LUCKY13 (CVE-2013-0169), experimental potentially VULNERABLE, uses cipher block chaining (CBC) ciphers with TLS. Check patches\n Winshock (CVE-2014-6321), experimental not vulnerable (OK)\n RC4 (CVE-2013-2566, CVE-2015-2808) no RC4 ciphers detected (OK)\n\n\n Done 2024-02-14 22:15:15 [ 152s] -->> 77.81.101.111:443 (77.81.101.111) <<--\n\nYou got fucked RealitateaTV MOSSAD ISIS, Zionist Bastard \ud83d\ude01", "creation_timestamp": "2024-02-15T00:48:21.000000Z"}, {"uuid": "104edea4-f30a-45a3-a416-e45ea0e96237", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-2183", "type": "seen", "source": "https://t.me/fucklulzsecisrahell/6294", "content": "====== Running in file batch mode with file=\"hosts/ips.txt\" ======\n\n==========================\n/root/Tools/testssl.sh/testssl.sh --quiet --color 0 -U --warnings=batch 77.81.101.111\n\n\n Start 2024-02-14 22:13:09 -->> 77.81.101.111:443 (77.81.101.111) <<--\n\n rDNS (77.81.101.111): --\n Service detected: HTTP\n\n\n Testing vulnerabilities\n\n Heartbleed (CVE-2014-0160) not vulnerable (OK), no heartbeat extension\n CCS (CVE-2014-0224) not vulnerable (OK)\n Ticketbleed (CVE-2016-9244), experiment. not vulnerable (OK)\n ROBOT not vulnerable (OK)\n Secure Renegotiation (RFC 5746) supported (OK)\n Secure Client-Initiated Renegotiation not vulnerable (OK)\n CRIME, TLS (CVE-2012-4929) not vulnerable (OK)\n BREACH (CVE-2013-3587) no gzip/deflate/compress/br HTTP compression (OK) - only supplied \"/\" tested\n POODLE, SSL (CVE-2014-3566) not vulnerable (OK)\n TLS_FALLBACK_SCSV (RFC 7507) Downgrade attack prevention supported (OK)\n SWEET32 (CVE-2016-2183, CVE-2016-6329) not vulnerable (OK)\n FREAK (CVE-2015-0204) not vulnerable (OK)\n DROWN (CVE-2016-0800, CVE-2016-0703) not vulnerable on this host and port (OK)\n make sure you don't use this certificate elsewhere with SSLv2 enabled services, see\n https://search.censys.io/search?resource=hosts&virtual_hosts=INCLUDE&q=84359F27151AC6F21A23D865CCD523FADB0B99CE8E33878E67081E5BFF1D759C\n LOGJAM (CVE-2015-4000), experimental common prime with 2048 bits detected: HAProxy (2048 bits),\n but no DH EXPORT ciphers\n BEAST (CVE-2011-3389) TLS1: ECDHE-RSA-AES256-SHA\n HE-RSA-AES256-SHA\n CDHE-RSA-AES128-SHA\n HE-RSA-AES128-SHA\n ES256-SHA\n ES128-SHA\n VULNERABLE -- but also supports higher protocols TLSv1.1 TLSv1.2 (likely mitigated)\n LUCKY13 (CVE-2013-0169), experimental potentially VULNERABLE, uses cipher block chaining (CBC) ciphers with TLS. Check patches\n Winshock (CVE-2014-6321), experimental not vulnerable (OK)\n RC4 (CVE-2013-2566, CVE-2015-2808) no RC4 ciphers detected (OK)\n\n\n Done 2024-02-14 22:15:15 [ 152s] -->> 77.81.101.111:443 (77.81.101.111) <<--\n\nYou got fucked RealitateaTV MOSSAD ISIS, Zionist Bastard \ud83d\ude01", "creation_timestamp": "2024-02-15T02:55:48.000000Z"}, {"uuid": "522ecc10-d490-4b85-b662-0e10fcbfb0e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-2183", "type": "seen", "source": "https://t.me/thegoodfatherag/8840", "content": "====== Running in file batch mode with file=\"hosts/ips.txt\" ======\n\n==========================\n/root/Tools/testssl.sh/testssl.sh --quiet --color 0 -U --warnings=batch 77.81.101.111\n\n\n Start 2024-02-14 22:13:09 -->> 77.81.101.111:443 (77.81.101.111) <<--\n\n rDNS (77.81.101.111): --\n Service detected: HTTP\n\n\n Testing vulnerabilities\n\n Heartbleed (CVE-2014-0160) not vulnerable (OK), no heartbeat extension\n CCS (CVE-2014-0224) not vulnerable (OK)\n Ticketbleed (CVE-2016-9244), experiment. not vulnerable (OK)\n ROBOT not vulnerable (OK)\n Secure Renegotiation (RFC 5746) supported (OK)\n Secure Client-Initiated Renegotiation not vulnerable (OK)\n CRIME, TLS (CVE-2012-4929) not vulnerable (OK)\n BREACH (CVE-2013-3587) no gzip/deflate/compress/br HTTP compression (OK) - only supplied \"/\" tested\n POODLE, SSL (CVE-2014-3566) not vulnerable (OK)\n TLS_FALLBACK_SCSV (RFC 7507) Downgrade attack prevention supported (OK)\n SWEET32 (CVE-2016-2183, CVE-2016-6329) not vulnerable (OK)\n FREAK (CVE-2015-0204) not vulnerable (OK)\n DROWN (CVE-2016-0800, CVE-2016-0703) not vulnerable on this host and port (OK)\n make sure you don't use this certificate elsewhere with SSLv2 enabled services, see\n https://search.censys.io/search?resource=hosts&virtual_hosts=INCLUDE&q=84359F27151AC6F21A23D865CCD523FADB0B99CE8E33878E67081E5BFF1D759C\n LOGJAM (CVE-2015-4000), experimental common prime with 2048 bits detected: HAProxy (2048 bits),\n but no DH EXPORT ciphers\n BEAST (CVE-2011-3389) TLS1: ECDHE-RSA-AES256-SHA\n HE-RSA-AES256-SHA\n CDHE-RSA-AES128-SHA\n HE-RSA-AES128-SHA\n ES256-SHA\n ES128-SHA\n VULNERABLE -- but also supports higher protocols TLSv1.1 TLSv1.2 (likely mitigated)\n LUCKY13 (CVE-2013-0169), experimental potentially VULNERABLE, uses cipher block chaining (CBC) ciphers with TLS. Check patches\n Winshock (CVE-2014-6321), experimental not vulnerable (OK)\n RC4 (CVE-2013-2566, CVE-2015-2808) no RC4 ciphers detected (OK)\n\n\n Done 2024-02-14 22:15:15 [ 152s] -->> 77.81.101.111:443 (77.81.101.111) <<--\n\nYou got fucked RealitateaTV MOSSAD ISIS, Zionist Bastard \ud83d\ude01", "creation_timestamp": "2024-02-15T03:24:44.000000Z"}, {"uuid": "c047f746-4105-4f03-bd52-4dc01b957bc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-2183", "type": "seen", "source": "https://t.me/cibsecurity/56622", "content": "\u203c CVE-2023-0296 \u203c\n\nThe Birthday attack against 64-bit block ciphers flaw (CVE-2016-2183) was reported for the health checks port (9979) on etcd grpc-proxy component. Even though the CVE-2016-2183 has been fixed in the etcd components, to enable periodic health checks from kubelet, it was necessary to open up a new port (9979) on etcd grpc-proxy, hence this port might be considered as still vulnerable to the same type of vulnerability. The health checks on etcd grpc-proxy do not contain sensitive data (only metrics data), therefore the potential impact related to this vulnerability is minimal. The CVE-2023-0296 has been assigned to this issue to track the permanent fix in the etcd component.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-18T00:15:22.000000Z"}]}