Details
-
Bug
-
Status: Resolved (View Workflow)
-
Minor
-
Resolution: Done
-
None
-
None
-
Horizon - May 11 - 25
-
NB
Description
Overview
If you are running a web server, it often shows the world what type of server it is, its version number, and the operating system. This information is available in header fields and can be acquired using a web browser to make a simple HTTP request to any web application. It is often called the web server banner and is ignored by most people with the exception of malicious ones.
Attackers can perform banner grabbing using even simple TCP tools like telnet or netcat. Then they launch targeted attacks against your web server and version. In addition, if a particular web server version is known to be vulnerable to a specific exploit, the attacker would just need to use that exploit as part of their assault on the target web server.
Browser URL
Steps To Reproduce
- Log in to the application with valid credentials.
- Capture any request using proxy interception tool like BurpSuite or WebBrowser.
- Observe that the Server Response Header disclosing the Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k in the server response headers.
Suggested Fix
As a best practice, do not expose the specific software version.
