- Description
- ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
- Source
- secalert@redhat.com
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 7.4
- Impact score
- 5.2
- Exploitability score
- 2.2
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 5.8
- Impact score
- 4.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:P/A:N
- Hype score
- Not currently trending
CVE-2023-44487 CVE-2021-23017 CVE-2021-3618 141.95.17.178 port 22 | 80 | 9100 #Anonymous
@saw11b
12 Apr 2025
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
{"cpes":openbsd:openssh:8.4p1","cpe:/o:debian:debian_linux","cpe:/a:f5:nginx:1.18.0"],"hostnames":["https://t.co/KQeBMZwqHr",],"ip":"23.95.39.61","ports":[21,22,80,443,5222,5269],"tags":["eol-product"],"vulns":["CVE-2023-44487","CVE-2021-23017","CVE-2021-3618"]}
@portknock
10 Mar 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
{"hostnames":["https://t.co/lsjL6hNT8q","https://t.co/Lurbv4tXGG"],"ip":"104.131.14.208","ports":[22,25,80,443,3000,3001],"tags":["cloud","self-signed","starttls","eol-product"],"vulns":["CVE-2021-23017","CVE-2021-3618","CVE-2023-44487"]}
@ClumsyLulzReal
17 Nov 2024
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "777D8DB3-65CF-4A12-BCCE-30849CE07762",
"versionEndExcluding": "1.21.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sendmail:sendmail:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2E5DF525-823F-49D0-BDD2-6BCE5EE0F66B",
"versionEndExcluding": "8.17"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vsftpd_project:vsftpd:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CA84E5A7-7557-4805-902B-E8069F5F4091",
"versionEndExcluding": "3.0.4"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194"
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835"
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
],
"operator": "OR"
}
]
}
]