Dave Floyd wrote:
I need to fix this Vulnerability, So can someone please check the
vulnerability and let me know the best way to fix the HTTP Service /
Server Version.
The server allows capture of the HTTP service banner. Service banners
can contain sensitive information, such as application and Operating
System (OS) version numbers. An attacker can use the version
information from your Web server to determine if there are any known
vulnerabilities present, or can use such information to create attacks
towards the specific application or OS.
SSL HTTP/1.1 200 OK Server: Apache-Coyote/1.1 X-Powered-By: Servlet
2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA
date=200807181417)/JBossWeb-2.0 ETag: W/1570-1216412442000
Last-Modified: Fri, 18 Jul 2008 20:20:42 GMT Content-Type: text/html
Content-Length: 1570 Date: Wed, 11 Mar 2009 02:11:24 GMT
Sukhjeet
Hi,
Following the random spray of posts on this subject, it would appear
that you are looking on the wrong mail list. Your message woiuld appear
to be coming from Apache-Coyote not Apache-httpd. They are separate
products:
http://tomcat.apache.org/tomcat-4.1-doc/config/coyote.html
and
http://httpd.apache.org/
Although all the advice, that has previously been given, is very
useful, it does not directly relate to the product you are trying to
configure. You might find more relevant help here:
http://jakarta.apache.org/site/mail.html.
and, when you have exhausted all of those, and the JBoss list too, you
might finally be able to bask in the satisfaction of knowing which
webserver software you are really responsible for.
:-)
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
" from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
