[nsp-sec] ASN list with weak Debian/OpenSSL keys
Florian Weimer
fweimer at bfk.de
Fri Jan 23 10:18:40 EST 2009
The following hosts use SSL certificates on port 443/TCP which are
affected by CVE-2008-0166 and should be considered compromised. Data
is about one hour old, based on a fresh scan seeded with this list:
<http://www.codefromthe70s.org/sslblacklist-badcerts.aspx>
Note that the list is outdated (with regard to certificate
replacements) and probably incomplete. The list is currently making
its round, and it might hit more public venues soon (if it hasn't
happened yet).
Affected parties can contact <security at debian.org> for assistance
(including proof that the key is indeed compromised).
71 | 15.224.168.118 | secure.instalogo.com
174 | 38.99.42.140 | www.adrive.com
174 | 38.99.42.169 | www.adrive.com
217 | 160.94.230.14 | www.meded.umn.edu
286 | 193.172.43.20 | shop.mcdos.nl
702 | 194.175.112.13 | webmail.agencynet.de
760 | 131.130.183.109 | whav.aussereurop.univie.ac.at
786 | 131.251.137.13 | cardiffmail.cf.ac.uk
786 | 193.62.203.34 | enigma.sanger.ac.uk
786 | 193.62.203.57 | enigma.sanger.ac.uk
1133 | 130.89.175.60 | ibbs.os.utwente.nl
1221 | 203.41.80.20 | secure.cardaccess.com.au
1668 | 205.188.111.229 | youroldhouse.thisoldhouse.com
1835 | 130.225.157.48 | www.wayf.dk
1835 | 192.38.94.11 | password.dtu.dk
1930 | 193.136.126.41 | www.fct.unl.pt
2110 | 193.95.151.175 | secure.hostelworld.com
2110 | 193.95.151.177 | secure.hostels.com
2110 | 193.95.151.178 | secure.bookhostels.com
2819 | 195.39.35.110 | www.ifortuna.sk
2819 | 195.39.69.116 | www.datart.sk
2828 | 64.2.3.20 | store.untangle.com
2856 | 81.138.247.171 | www.gamepackpro.com
2914 | 198.173.110.198 | www.photovu.com
3209 | 88.79.222.140 | www.fortisfinanz.de
3221 | 193.40.0.71 | proposals.etf.ee
3320 | 80.152.163.142 | www.comtecgermany.de
3320 | 195.145.169.215 | kvv.mobilesticket.de
4323 | 206.169.213.211 | www.adrive.com
4589 | 195.177.34.38 | www.probierpioniere.de
5400 | 62.134.61.172 | ssl.bayern.de
5400 | 195.200.71.173 | www.elternimnetz.de
5430 | 194.97.53.102 | www.dallmayr-versand.de
5432 | 195.238.0.114 | e-care.skynet.be
5464 | 62.112.132.205 | www.teleson.de
5483 | 195.228.254.231 | www.boltertekelo.hu
5521 | 212.1.40.27 | gewinnspiel.deutschepost.de
5617 | 80.48.120.47 | multizakupy.pl
6364 | 209.208.1.41 | www.popsci.com
6547 | 66.18.17.67 | www.mailfoundry.com
6666 | 62.111.65.138 | evolver.gea.de
6666 | 62.111.105.133 | www.salesking.eu
6724 | 81.169.131.131 | shop.mikromarken.de
6724 | 81.169.157.252 | www.line5.net
6724 | 85.214.55.223 | www.gsgsgnsm.de
6724 | 85.214.89.115 | www.sanumvitalis.de
6724 | 85.214.120.44 | www.aokplus-online.de
6730 | 195.141.81.27 | www.sanitas.com
6740 | 213.235.186.102 | www.foxinus.cz
6805 | 195.71.215.204 | anmeldung.cityweb.de
6805 | 217.188.246.72 | www.viega.de
7018 | 12.108.93.221 | warriornet.rc.edu
7136 | 140.99.57.76 | scanner.masecure.com
7575 | 130.194.11.65 | mail.monash.edu.au
7781 | 205.207.162.162 | www.gelaskins.com
8001 | 66.246.133.216 | www.lostgolfballs.com
8358 | 195.70.62.185 | www.computeremporium.hu
8404 | 194.56.218.149 | secure-graenichen.format-ag.ch
8422 | 87.79.24.244 | www.awbkoeln.de
8426 | 80.168.69.144 | ticket.uk.clara.net
8426 | 80.168.118.75 | ticket.uk.clara.net
8560 | 87.106.28.229 | www.ime.de
8890 | 193.0.96.17 | irk.uw.edu.pl
8893 | 80.252.111.201 | www.humpty.de
8893 | 212.48.104.193 | www.mcs-verkauf.com
8972 | 85.25.61.250 | secure.weidelt.de
8972 | 85.25.93.167 | www.aktivat.de
8972 | 85.25.127.103 | www.online-ssl.de
8972 | 85.25.133.34 | images.loesdau.de
8972 | 217.118.22.134 | gmx.youniik.com
9063 | 217.11.58.90 | www.raumobil.de
9167 | 195.184.117.150 | secure.trifork.com
9431 | 130.216.33.104 | wiki.cs.auckland.ac.nz
9431 | 130.216.33.106 | www.cs.auckland.ac.nz
10316 | 69.64.68.63 | secure.sqlmanager.net
11106 | 140.177.205.32 | store.wolfram.com
11388 | 66.40.7.77 | thankyou.duoservers.com
11401 | 209.240.234.1 | signup.duluth.cpinternet.com
11426 | 71.77.9.181 | secure.bonkabonka.com
12260 | 206.212.242.42 | secure.weonlydo.com
12322 | 88.191.40.148 | www.memotoo.com
12407 | 212.117.74.238 | www.fortknox.de
12859 | 213.154.235.47 | www.docdatapayments.com
13030 | 194.105.159.23 | plazes.com
13301 | 85.14.220.149 | vserver.schneider-consulting.it
13768 | 69.90.102.17 | pos.e-xact.com
14618 | 75.101.129.207 | www.messagesling.com
14745 | 64.74.196.213 | docs.jbosson.redhat.com
15318 | 132.206.28.137 | www.martlet.mcgill.ca
15395 | 78.136.9.161 | surveys.globalepanel.com
15395 | 78.136.9.163 | rec1.globalepanel.com
15395 | 78.136.9.165 | www3.globalepanel.com
15555 | 80.249.168.193 | www.cbmondemand.com
15598 | 62.146.108.150 | ssl.buffed.de
15830 | 81.201.103.164 | www.freelancermap.de
16097 | 86.56.35.10 | webmail.infocity.de
16097 | 86.56.35.94 | my.infocity.de
16243 | 87.249.105.147 | www.alamo.nl
16245 | 217.116.232.249 | gigahost.dk
16265 | 62.212.66.94 | wiki.tmm.cx
16265 | 85.17.237.129 | www.zaplive.tv
16265 | 91.184.54.81 | www.hc-medien.eu
17554 | 202.68.199.151 | www.mo-call.com
17746 | 60.234.40.45 | www.hostingdirect.co.nz
20676 | 83.236.182.199 | gutscheine.balitherme.de
20676 | 87.234.42.210 | ibe.flightconex.de
20676 | 92.198.29.51 | milibib.missing-link.de
20773 | 80.237.154.24 | www.tierschutzbund.de
20773 | 80.237.197.15 | www.drkcms.de
20773 | 80.237.197.22 | spenden.drk.de
20773 | 87.230.73.54 | www.nicknumber.de
20773 | 87.230.84.245 | www.games-freak.com
20773 | 217.115.154.100 | www.computerwissen-shop.de
20773 | 217.115.156.225 | www.aids-stiftung.de
20792 | 213.216.16.240 | www.toner-dumping.de
20804 | 82.177.35.4 | gamma.pwsz.bialapodlaska.pl
21631 | 65.162.166.210 | cartxl.net
22489 | 69.55.231.118 | videosift.com
23342 | 209.237.240.191 | incircle.wiu.edu
23342 | 209.237.247.66 | www.noisebridge.net
23372 | 63.208.77.75 | www.ascentmp.com
23498 | 74.213.174.127 | www.remotecontrolwarehouse.com
24006 | 202.160.48.115 | www.perweek.co.nz
24437 | 130.95.128.135 | webmail-5.ucs.uwa.edu.au
24679 | 81.3.1.82 | www.messermarkt.at
24679 | 83.246.70.136 | xml.amprice.de
24679 | 83.246.90.48 | survey.simon-kucher.com
24940 | 78.46.52.79 | www.svgopen.org
24940 | 78.46.78.140 | bplaced.net
24940 | 78.47.31.50 | konto.onvista-bank.de
24940 | 78.47.42.49 | www.mitfahrzug.de
24940 | 78.47.57.66 | www.kreisalarm.de
24940 | 78.47.76.55 | www.ich-zapfe.de
24940 | 78.47.195.109 | ccp.netcup.net
24940 | 78.47.222.134 | my.xlogon.net
24940 | 85.10.199.90 | www.sms77.de
24940 | 85.10.210.248 | www.workdress.de
24940 | 88.198.22.114 | www.ichbinleise.ch
24940 | 88.198.34.214 | www.multielectronics.de
24940 | 88.198.39.58 | secure.muenchner-singles.de
24940 | 88.198.44.46 | www.mr-money.de
24940 | 88.198.71.11 | ssl.luupo.de
24940 | 88.198.71.28 | ssl.luupo.de
24940 | 88.198.76.48 | abbocshop.concertopro.ch
24940 | 213.239.212.242 | www.dailyme.tv
24940 | 213.239.234.50 | www.metropipe.net
25074 | 195.246.172.31 | www.insurancecity.de
25220 | 85.197.78.2 | www.officepartner.net
25220 | 85.197.78.242 | www1.aldi-blumenservice.de
25220 | 85.197.78.243 | www2.aldi-blumenservice.de
25560 | 217.24.219.102 | www.baseline-vertrieb.de
25560 | 217.24.219.152 | www.buy-it24.com
25560 | 217.24.219.153 | www.dalewohndesign.com
25560 | 217.24.219.156 | www.freihausdeutschland.de
25560 | 217.24.219.164 | www.technic-shop-online.de
25560 | 217.24.219.203 | www.hotopp-24.de
26228 | 64.151.72.164 | wiki.hjksolutions.com
26277 | 64.235.56.28 | www.clearcheckbook.com
27258 | 69.27.136.17 | mail.atlascomm.net
27325 | 64.20.231.77 | www.joinrudy2008.com
28716 | 80.94.114.136 | www.casacenina.com
29097 | 217.26.48.106 | www.mail2web.ch
29169 | 217.70.184.11 | mail.gandi.net
29169 | 217.70.184.36 | api.ote.gandi.net
29422 | 83.145.192.163 | secure.inst.fi
29518 | 83.233.30.91 | rarbg.com
29551 | 193.24.255.201 | billing.gamigogames.de
29551 | 193.24.255.209 | itemshop.fiesta-online.de
29624 | 82.212.222.147 | www.sport-saller.de
29691 | 217.150.243.4 | ticketsystem.dynamic-support.ch
29791 | 74.63.32.57 | customer.wholesaleinternet.com
30496 | 72.249.39.26 | www.moneytrackin.com
30496 | 72.249.127.182 | coderanger.net
31100 | 217.119.55.200 | youni-mobile.de
31103 | 84.19.169.7 | www.tele-thorwarth.de
31103 | 217.114.223.18 | www.hotelreservierung.de
31197 | 82.197.152.14 | www.lambertz-shop.de
31239 | 89.31.135.154 | shop.libratel.at
31333 | 83.151.24.34 | admin.vollmar.net
31442 | 83.137.102.59 | www.dfg-vk.de
31442 | 83.137.103.37 | www.einkaufstrolley.de
31521 | 83.137.169.235 | www.gabal-verlag.de
31621 | 193.23.48.224 | ssl.aukro.cz
31621 | 193.23.48.227 | ssl.teszvesz.hu
32400 | 216.139.224.57 | www.myautoforex.com
32613 | 70.38.42.169 | developer.opencloud.com
32613 | 72.55.161.230 | www.mobivox.com
33070 | 72.32.61.140 | www.within3.com
34011 | 77.91.239.14 | www.baumschule-horstmann.de
34011 | 77.91.239.16 | www.pflanzotheke.de
34432 | 85.158.182.42 | www.mobile2day.com
34432 | 85.158.183.84 | www.lobigo.com
34762 | 77.241.85.12 | www.abk.be
34764 | 193.28.153.5 | ssl.vps4less.de
35170 | 193.239.28.248 | www.1a-apo.de
35219 | 85.119.217.98 | www.megamobile.be
35425 | 80.68.85.103 | secure.retaileyes.co.uk
35425 | 89.16.180.74 | inet.argonaudio.com
36024 | 72.249.185.106 | console.rimuhosting.com
36351 | 74.86.250.106 | click4play.ssl.subhub.com
39392 | 88.86.111.150 | obchod.viry.cz
40127 | 134.174.150.107 | drosophila.med.harvard.edu
40963 | 89.187.73.21 | shop.unitednude.com
41391 | 213.238.52.144 | www.parkfoxx.de
41470 | 79.140.45.2 | www.lld-shop.de
42311 | 91.190.244.103 | www.simply-connect.de
42366 | 194.0.201.133 | www.atb-tuning.de
42800 | 193.33.200.11 | www.ghelir.ro
43541 | 78.24.10.34 | www.edisk.cz
44684 | 93.93.128.21 | www.we7.com
47885 | 195.228.74.177 | www.bidder.hu
--
Florian Weimer <fweimer at bfk.de>
BFK edv-consulting GmbH http://www.bfk.de/
Kriegsstraße 100 tel: +49-721-96201-1
D-76133 Karlsruhe fax: +49-721-96201-99
More information about the nsp-security
mailing list