Raptor Firewall 6.5 HTTP Proxy Detection

medium Nessus Plugin ID 10730

Synopsis

A firewall / HTTP proxy is running in front of the remote web server.

Description

Raptor FW 6.5 appears to be running in front of the remote web server. By sending an invalid HTTP request to a web server behind the Raptor firewall, the HTTP proxy itself will respond. The server banner of Raptor FW version 6.5 is always 'Simple, Secure Web Server 1.1'. A remote attacker could use this information to mount further attacks.

Solution

Patch httpd / httpd.exe by hand.

Plugin Details

Severity: Medium

ID: 10730

File Name: raptor_detect.nasl

Version: 1.23

Type: remote

Family: Firewalls

Published: 8/23/2001

Updated: 4/11/2022

Configuration: Enable thorough checks

Asset Inventory: true

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: cpe:/a:symantec:raptor_firewall