Done
Details
Assignee
Dmitri HerdtDmitri HerdtReporter
Cobalt IOCobalt IOHB Backlog Status
NBSprint
NonePriority
Minor
Details
Details
Assignee
Dmitri Herdt
Dmitri Herdt
Reporter
Cobalt IO
Cobalt IO
HB Backlog Status
NB
Sprint
None
Priority
Minor
PagerDuty
PagerDuty
PagerDuty
Created February 5, 2022 at 5:50 PM
Updated July 6, 2022 at 5:44 PM
Resolved May 25, 2022 at 1:37 PM
Overview
If you are running a web server, it often shows the world what type of server it is, its version number, and the operating system. This information is available in header fields and can be acquired using a web browser to make a simple HTTP request to any web application. It is often called the web server banner and is ignored by most people with the exception of malicious ones.
Attackers can perform banner grabbing using even simple TCP tools like telnet or netcat. Then they launch targeted attacks against your web server and version. In addition, if a particular web server version is known to be vulnerable to a specific exploit, the attacker would just need to use that exploit as part of their assault on the target web server.
Browser URL
http://onmspentest.eastus.cloudapp.azure.com/opennms/,http://onmspentest.eastus.cloudapp.azure.com/opennms/login.jsp;jsessionid=node0yljowjflzk1dtqpnef0lea8i1089.node0Steps To Reproduce
Log in to the application with valid credentials.
Capture any request using proxy interception tool like BurpSuite or WebBrowser.
Observe that the Server Response Header disclosing the Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k in the server response headers.
Suggested Fix
As a best practice, do not expose the specific software version.
Cobalt URL
#PT9265_7