检测

插件

Nessus 的 Web Servers 系列

ID	名称	严重性
146591	OpenSSL 1.0.2 < 1.0.2y 多个漏洞	low
146489	SaltStack 未经身份验证的 RCE（直接检查）	critical
146451	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.18 / 9.0.x <= 9.0.5.5 目录遍历 (CVE-2020-4782)	medium
146374	OpenSSL 1.0.2 < 1.0.2w 漏洞	low
146314	Apache Flink 本地文件包含漏洞（直接检查）	high
146313	Apache Flink Web UI 检测	info
146273	SAP BusinessObjects Business Intelligence 平台 Web 检测。	info
146272	SAP BusinessObjects Business Intelligence 平台 SSRF 漏洞（直接检查）	medium
145705	SAP NetWeaver AS Java 和 AS ABAP 多个漏洞（2021 年 1 月）	high
145535	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.18 / 9.0.x <= 9.0.5.6 XXE (6408244)	high
145069	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.18 / 9.0.x <= 9.0.5.5 信息泄露 (6339255)	low
145061	IBM HTTP Server 7.0.0.0 <= 7.0.0.41 / 8.0.0.0 < 8.0.0.13 / 8.5.0.0 < 8.5.5.11 / 9.0.0.0 < 9.0.0.2 多个漏洞 (548231)	critical
145045	IBM WebSphere eXtreme Scale 8.6.1 < 8.6.1.4 (6397682)	medium
145032	IBM WebSphere eXtreme Scale (Linux)	info
144969	Apache Unomi RCE（直接检查）	critical
144968	Apache Unomi 检测。	info
144780	IBM HTTP Server 7.0.0.0 <= 7.0.0.43 / 8.0.0.0 <= 8.0.0.14 / 8.5.0.0 < 8.5.5.14 / 9.0.0.0 < 9.0.0.8 多个漏洞 (569295)	high
144779	IBM HTTP Server 7.0.0.0 <= 7.0.0.43 信息泄露 (567509)	high
144778	IBM HTTP Server 7.0.0.0 < 7.0.0.45 / 8.0.0.0 < 8.0.0.14 / 8.5.0.0 < 8.5.5.12 / 9.0.0.0 < 9.0.0.5 多个漏洞 (563615)	critical
144777	IBM HTTP Server 7.0.0.0 < 7.0.0.43 / 8.0.0.0 < 8.0.0.14 / 8.5.0.0 < 8.5.5.12 / 9.0.0.0 < 9.0.0.3 响应拆分 (289001)	high
144776	IBM HTTP Server 8.0.0.0 <= 8.0.0.11 / 8.5.0.0 <= 8.5.5.6 (533837)	medium
144775	IBM HTTP Server 7.0.0.0 <= 7.0.0.45 / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 < 8.5.5.17 / 9.0.0.0 < 9.0.5.1 多个漏洞 (964768)	medium
144774	IBM HTTP Server 7.0.0.0 <= 7.0.0.45 / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 < 8.5.5.16 / 9.0.0.0 < 9.0.5.0 多个漏洞 (880413)	high
144773	IBM HTTP Server 7.0.0.0 <= 7.0.0.43 / 8.0.0.0 <= 8.0.0.14 / 8.5.0.0 < 8.5.5.14 / 9.0.0.0 < 9.0.0.8 多个漏洞 (569301)	critical
144768	IBM HTTP Server 8.5.0.0 <= 8.5.5.1 / 8.0.0.0 <= 8.0.0.8 / 7.0.0.0 <= 7.0.0.31 / 6.1.0.0 <= 6.1.0.47 (505927)	high
144767	IBM HTTP Server 8.5.0.0 <= 8.5.5.4 / 8.0.0.0 <= 8.0.0.10 / 7.0.0.0 <= 7.0.0.35 / 6.1.0.0 <= 6.1.0.47 / 6.0.0.0 <= 6.0.2.43 (521711)	medium
144766	IBM HTTP Server 8.0.x < 8.0.0.9 / 8.5.x < 8.5.5.3 (247195)	low
144708	IBM HTTP Server 8.5.0.0 <= 8.5.5.0 / 8.0.0.0 <= 8.0.0.6 / 7.0.0.0 <= 7.0.0.29 / 6.1.0.0 <= 6.1.0.45 (227047)	medium
144707	IBM HTTP Server 6.1.0.0 <= 6.1.0.47 / 7.0.0.0 < 7.0.0.39 / 8.0.0.0 < 8.0.0.12 / 8.5.0.0 < 8.5.5.7 堆栈缓冲区溢出 (536441)	critical
144645	已安装 JFrog Artifactory (Linux)	info
144633	已安装 IBM MQ Server/Client (Linux)	info
144304	IBM HTTP Server 6.1.0.0 <= 6.1.0.47 / 7.0.0.0 < 7.0.0.39 / 8.0.0.0 < 8.0.0.12 / 8.5.0.0 < 8.5.5.7 HTTP 请求走私 (533835)	medium
144303	IBM HTTP Server 8.5.0.0 <= 8.5.5.5 / 8.0.0.0 <= 8.0.0.10 / 7.0.0.0 <= 7.0.0.37 信息泄露 (260001)	medium
144302	IBM HTTP Server 7.0.0.0 < 7.0.0.43 / 8.0.0.0 < 8.0.0.13 / 8.5.0.0 < 8.5.5.11 / 9.0.0.0 < 9.0.0.1 HTTP 重定向 (548223)	high
144298	IBM HTTP Server 8.5.0.0 <= 8.5.0.2 / 8.0.0.0 <= 8.0.0.6 / 7.0.0.0 <= 7.0.0.27 / 6.1.0.0 <= 6.1.0.45 (491407)	low
144291	IBM HTTP Server 7.0.0.0 < 7.0.0.33 / 8.0.0.0 < 8.0.0.9 / 8.5.0.0 < 8.5.5.2 缓冲区溢出 (244199)	medium
144290	IBM HTTP Server 8.5.0.0 <= 8.5.5.1 / 8.0.0.0 <= 8.0.0.8 / 7.0.0.0 <= 7.0.0.31 / 6.1.0.0 <= 6.1.0.47 (242057)	medium
144289	IBM HTTP Server 8.5.0.0 <= 8.5.5.2 / 8.0.0.0 <= 8.0.0.9 / 7.0.0.0 <= 7.0.0.33 / 6.1.0.0. <= 6.1.0.47 / 6.0.2.0 <= 6.0.2.43 多个漏洞 (509275)	high
144288	IBM HTTP Server 8.5.0.0 <= 8.5.5.2 / 8.0.0.0 <= 8.0.0.8 / 7.0.0.0 <= 7.0.0.31 / 6.1.0.0 <= 6.1.0.47 / 6.0.0.0 <= 6.0.2.43 (509677)	high
144287	IBM HTTP Server 8.5.0.0 <= 8.5.5.5 / 8.0.0.0 <= 8.0.0.10 / 7.0.0.0 <= 7.0.0.37 / 6.1.0.0 <= 6.1.0.47 / 6.0.0.0 <= 6.0.2.43 (257477)	medium
144286	IBM HTTP Server 8.5.0.0 <= 8.5.5.6 / 8.0.0.0 <= 8.0.0.11 / 7.0.0.0 <= 7.0.0.37 / 6.1.0.0 <= 6.1.0.47 (535175)	high
144090	IBM HTTP Server 8.5.0.0 <= 8.5.5.5 / 8.0.0.0 <= 8.0.0.10 / 7.0.0.0 <= 7.0.0.37 / 6.1.0.0 <= 6.1.0.47 / 6.0.0.0 <= 6.0.2.43 (528295)	medium
144084	IBM HTTP Server 8.5.0.0 <= 8.5.5.0 / 8.0.0.0 <= 8.0.0.6 / 7.0.0.0 <= 7.0.0.29 / 6.1.0.0 <= 6.1.0.45 (491411)	medium
144083	IBM HTTP Server 8.5.0.0 <= 8.5.5.8 / 8.0.0.0 <= 8.0.0.12 多个漏洞 (538705)	medium
144081	SAP NetWeaver AS Java 和 AS ABAP 多个漏洞（2020 年 12 月）	critical
144080	IBM HTTP Server 8.5.0.0 <= 8.5.5.1 / 8.0.0.0 <= 8.0.0.8 / 7.0.0.0 <= 7.0.0.31 / 6.1.0.0 <= 6.1.0.47 (238371)	high
144079	IBM HTTP Server 7.0.0.0 < 7.0.0.45 / 8.0.0.0 < 8.0.0.15 / 8.5.0.0 < 8.5.5.13 / 9.0.0.0 < 9.0.0.6 Sweet32：生日攻击 (553351)	high
144075	IBM HTTP Server 7.0.0.0 < 7.0.0.45 / 8.0.0.0 < 8.0.0.15 / 8.5.0.0 < 8.5.5.14 / 9.0.0.0 < 9.0.0.7 信息泄露 (304539)	high
144074	IBM HTTP Server 7.0.0.0 < 7.0.0.45 / 8.0.0.0 < 8.0.0.15 / 8.5.0.0 < 8.5.5.13 / 9.0.0.0 < 9.0.0.6 多个漏洞 (298437)	high
144073	IBM HTTP Server 9.0.0.0 < 9.0.0.11 安全绕过 (869064)	high

检测

Nessus 的 Web Servers 系列

low

critical

medium

low

high

info

info

medium

high

high

low

critical

medium

info

critical

info

high

high

critical

high

medium

medium

high

critical

high

medium

low

medium

critical

info

info

medium

medium

high

low

medium

medium

high

high

medium

high

medium

medium

medium

critical

high

high

high

high

high