Vulnerabilities
1
 min read

In Page Banner Information Leak

The server returned a version banner string in the response content. Such information leaks may allow attackers to further target specific issues impacting the product and version in use.

Summary

The server returned a version banner string in the response content. Such information leaks may allow attackers to further target specific issues impacting the product and version in use.

Risk

Medium

Solution

Configure the server to prevent such information leaks. For example: Under Tomcat, this is done via the 'server' directive and implementation of custom error pages. Under Apache, this is done via the 'ServerSignature' and 'ServerTokens' directives.

References

Scan and protect your web application from hackers

Run our automated penetration testing and vulnerability assessment to protect your web application from hackers.

Thank you for registering
Oops! Something went wrong.

Latest Articles

View All Articles

Server Leaks Information via 'X-Powered-By' HTTP Response Header Field(s)

The web/application server is leaking information via one or more “X-Powered-By” HTTP response headers.

Vulnerabilities
1
 min read

Strict-Transport-Security Header

HTTP Strict Transport Security (HSTS).

Vulnerabilities
1
 min read

Heartbleed OpenSSL Vulnerability (Indicative)

The TLS and DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets.

Vulnerabilities
1
 min read