httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Singh, Sukhjeet" <sukhjeet.si...@fiserv.com>
Subject RE: [users@httpd] Fixing HTTP Service / Server Version Detected
Date Wed, 10 Jun 2009 13:35:51 GMT
Thanks for your help Dave...!!

Sukhjeet

-----Original Message-----
From: Dave Floyd [mailto:dave.floyd@pa.press.net] 
Sent: Wednesday, June 10, 2009 6:58 PM
To: users@httpd.apache.org
Subject: Re: [users@httpd] Fixing HTTP Service / Server Version Detected

>I need to fix this Vulnerability, So can someone please check the 
>vulnerability and let me know the best way to fix the HTTP Service 
>/ Server Version.
>
>The server allows capture of the HTTP service banner. Service 
>banners can contain sensitive information, such as application and 
>Operating System (OS) version numbers. An attacker can use the 
>version information from your Web server to determine if there are 
>any known vulnerabilities present, or can use such information to 
>create attacks towards the specific application or OS.
>
>SSL HTTP/1.1 200 OK Server: Apache-Coyote/1.1 X-Powered-By: Servlet 
>2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA 
>date=200807181417)/JBossWeb-2.0 ETag: W/1570-1216412442000 
>Last-Modified: Fri, 18 Jul 2008 20:20:42 GMT Content-Type: text/html 
>Content-Length: 1570 Date: Wed, 11 Mar 2009 02:11:24 GMT
>
>Sukhjeet

Hi,
	Following the random spray of posts on this subject, it would 
appear that you are looking on the wrong mail list. Your message 
woiuld appear to be coming from Apache-Coyote not Apache-httpd. They 
are separate products:

http://tomcat.apache.org/tomcat-4.1-doc/config/coyote.html
and
http://httpd.apache.org/

	Although all the advice, that has previously been given, is 
very useful, it does not directly relate to the product you are 
trying to configure. You might find more relevant help here: 
http://jakarta.apache.org/site/mail.html.


rgds

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message