Closed g0d33p3rsec closed 4 months ago
I'm noticing that most hosts seem to be vulnerable to CVE-2008-3844 when I run them through Shodan.
https://www.shodan.io/host/166.62.28.145
compare with the host that was being used yesterday
https://www.shodan.io/host/50.87.249.228
This is a vuln that has consistently shown up on hosts related to this activity group.
Nice notice, Thanks for sharing
Blacklist domain as
Comments
Domain records
Hosts specific records, not used by DNS RPZ firewalls
No response
Screenshots
Screenshot
![334983428-dd6b6b66-b16e-48c9-95f6-11f78b605127](https://github.com/mypdns/matrix/assets/108126637/5c9b6611-ecf8-45d1-a18b-16525dbf9e14) ![334983477-7928e2b8-c621-4853-b62d-1674658f33b5](https://github.com/mypdns/matrix/assets/108126637/3d316bb3-88da-40c9-98e4-5229997cab88) ![334983533-136e606c-640d-4acc-bac2-8710662ef8e5](https://github.com/mypdns/matrix/assets/108126637/f41ef0f4-3360-4591-b3d7-2333ab339833) ![334986747-fad6385d-5532-4025-93e9-a13e866fcbb8](https://github.com/mypdns/matrix/assets/108126637/8cb21480-66ec-4ff2-a609-d285d5415acb) ![334986784-b66b4954-59b3-4a4f-9846-51c6222849e1](https://github.com/mypdns/matrix/assets/108126637/d086cda7-7ffb-48f2-ada0-80273291a871)Links to external sources