CGI abuses : WebSTAR Statistical information disclosure

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.55625

Categoría: CGI abuses

Título: WebSTAR Statistical information disclosure

Resumen: NOSUMMARY

Descripción: Description:

The server appears to be a WebSTAR server responding to
URL requests containing the string M_A_C_H_T_T_P_V_E_R_S_I_O_N
This gives out sensitive information regarding the configuration
of the system, how busy it is, and how long it has been running.

In addition, these requests do not show up in any logs, allowing
an attacker to use this for denial of service requests.

Solution: Upgrade to a later version.
http://mail-archives.apache.org/mod_mbox/httpd-dev/199607.mbox/%3C199607132341.SAA06955@sierra.zyzzyva.com%3E

Risk factor : Medium

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.55625
Categoría:	CGI abuses
Título:	WebSTAR Statistical information disclosure
Resumen:	NOSUMMARY
Descripción:	Description: The server appears to be a WebSTAR server responding to URL requests containing the string M_A_C_H_T_T_P_V_E_R_S_I_O_N This gives out sensitive information regarding the configuration of the system, how busy it is, and how long it has been running. In addition, these requests do not show up in any logs, allowing an attacker to use this for denial of service requests. Solution: Upgrade to a later version. http://mail-archives.apache.org/mod_mbox/httpd-dev/199607.mbox/%3C199607132341.SAA06955@sierra.zyzzyva.com%3E Risk factor : Medium
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com