检测

插件

Nessus 的 Web Servers 系列

ID	名称	严重性
144079	IBM HTTP Server 7.0.0.0 < 7.0.0.45 / 8.0.0.0 < 8.0.0.15 / 8.5.0.0 < 8.5.5.13 / 9.0.0.0 < 9.0.0.6 Sweet32：生日攻击 (553351)	high
144075	IBM HTTP Server 7.0.0.0 < 7.0.0.45 / 8.0.0.0 < 8.0.0.15 / 8.5.0.0 < 8.5.5.14 / 9.0.0.0 < 9.0.0.7 信息泄露 (304539)	high
144074	IBM HTTP Server 7.0.0.0 < 7.0.0.45 / 8.0.0.0 < 8.0.0.15 / 8.5.0.0 < 8.5.5.13 / 9.0.0.0 < 9.0.0.6 多个漏洞 (298437)	high
144073	IBM HTTP Server 9.0.0.0 < 9.0.0.11 安全绕过 (869064)	high
144070	IBM HTTP Server 7.0.0.0 <= 7.0.0.45 / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 < 8.5.5.18 / 9.0.0.0 < 9.0.5.4 多个漏洞 (6191631)	medium
144063	IBM HTTP Server 9.0.0.0 < 9.0.0.3 欺骗 (6324789)	medium
144054	Apache Tomcat 8.5.0 < 8.5.60 多个漏洞	high
144053	OpenSSL 1.0.2 < 1.0.2x 漏洞	medium
144050	Apache Tomcat 9.0.0.M1 < 9.0.40 多个漏洞	high
144047	OpenSSL 1.1.1 < 1.1.1i 漏洞	medium
143441	已安装 IBM HTTP 服务器 (Linux)	info
143265	已安装 IBM WebSphere Application Server (Linux)	info
143152	Intel 主动管理技术 (AMT) 多个漏洞 (INTEL-SA-00391)（远程检查）	critical
142960	HTTPS 服务器中缺少 HSTS (RFC 6797)	medium
142640	Apache HTTP Server 站点枚举	info
142594	Oracle WebLogic Server RCE (CVE-2020-14882)	critical
142224	IBM WebSphere Application Server 6.1.0.x <= 6.1.0.47 / 7.0.0.x < 7.0.0.39 / 8.0.0.x < 8.0.0.12 / 8.5.x < 8.5.5.8 HTTP 响应拆分 (CVE-2015-2017)	medium
142212	Oracle Fusion Middleware Oracle HTTP Server（2020 年 10 月 CPU）	critical
142142	IBM WebSphere Application Server 8.0.0.x < 8.0.0.11 / 8.5.x < 8.5.5.6 XSS (CVE-2014-8917)	medium
142141	IBM WebSphere Application Server 6.1.0.x <= 6.1.0.47 / 7.0.0.x < 7.0.0.43 / 8.0.0.x < 8.0.0.13 / 8.5.x < 8.5.5.10 XXE (CVE-2015-0254)	critical
142140	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.14 / 9.x < 9.0.0.8 安全绕过 (CVE-2015-0899)	high
142139	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.15 / 9.x < 9.0.0.10 安全绕过 (CVE-2014-7810)	medium
142138	IBM WebSphere Application Server 7.0.0.x < 7.0.0.43 / 8.0.0.x < 8.0.0.13 / 8.5.x < 8.5.5.10 / 9.0.x < 9.0.0.1 DoS (CVE-2016-2960)	low
142137	Nostromo < 1.9.7 远程代码执行	critical
142136	Nostromo HTTP 服务器检测	info
142060	IBM WebSphere Application Server 7.0.0.x < 7.0.0.41 / 8.0.0.x < 8.0.0.13 / 8.5.x < 8.5.5.10 MiTM (CVE-2016-0306)	medium
142059	IBM WebSphere Application Server 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.18 / 9.0.x < 9.0.5.5 SSRF (CVE-2019-17566)	high
141920	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.14 / 9.0.x < 9.0.0.8 信息泄露 (CVE-2017-1743)	medium
141919	IBM WebSphere Application Server 7.0.0.x < 7.0.0.45 / 8.0.0.x < 8.0.0.14 / 8.5.x < 8.5.5.13 / 9.0.x < 9.0.0.5 HTTP 响应拆分 (CVE-2017-1503)	medium
141918	IBM WebSphere Application Server 6.1.0.x < 6.1.0.47 / 7.0.0.x < 7.0.0.31 / 8.0.0.x < 8.0.0.7 / 8.5.x < 8.5.5.1 点击劫持 (CVE-2013-1571)	medium
141917	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.14 / 9.0.x < 9.0.0.8 信息泄露 (CVE-2012-5783)	medium
141916	IBM WebSphere Application Server 9.0.0.4 弱加密 (CVE-2017-1504)	medium
141915	IBM WebSphere Application Server 9.0.x < 9.0.0.9 MITM (CVE-2018-8039)	high
141914	IBM WebSphere Application Server 6.1.0.x <= 6.1.0.47 / 7.0.0.x < 7.0.0.39 / 8.0.0.x < 8.0.0.11 / 8.5.x < 8.5.5.7 LogJam (CVE-2015-4000)	low
141853	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.17 / 9.0.x < 9.0.5.2 Beanutils 漏洞 (CVE-2019-10086)	high
141852	IBM WebSphere Application Server 7.0.0.x < 7.0.0.45 / 8.0.0.x < 8.0.0.15 / 8.5.x < 8.5.5.13 / 9.0.x < 9.0.0.7 信息泄露 (CVE-2017-1681)	low
141851	IBM WebSphere Application Server 8.0.0.x < 8.0.0.14 / 8.5.x < 8.5.5.12 / 9.0.x < 9.0.0.5 弱安全绑定 (CVE-2017-1501)	medium
141850	IBM WebSphere Application Server 7.0.0.x < 7.0.0.43 / 8.0.0.x < 8.0.0.13 / 8.5.x < 8.5.5.11 / 9.0.x < 9.0.0.1 FileUpload DoS (CVE-2016-3092)	medium
141566	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.14 / 9.0.x <= 9.0.0.9 多个漏洞 (711865)	high
141565	IBM WebSphere Application Server 8.0.0.x < 8.0.0.13 / 8.5.x < 8.5.5.11 / 9.0.x < 9.0.0.2 信息泄露 (CVE-2016-9736)	medium
141564	IBM WebSphere Application Server 8.0.0.x < 8.0.0.15 / 8.5.x < 8.5.5.13 / 9.0.x < 9.0.0.7 RCE (CVE-2016-1000031)	critical
141563	IBM WebSphere Application Server 9.0.x < 9.0.0.7 DoS (CVE-2017-12624)	medium
141562	IBM WebSphere Application Server 9.0.x < 9.0.5.3 DoS (CVE-2019-12406)	medium
141561	IBM WebSphere Application Server 8.0.0.x < 8.0.0.15 / 8.5.x < 8.5.5.13 多个漏洞 (296865)	high
141498	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.17 / 9.0.x < 9.0.5.1 文件遍历 (CVE-2019-4268)	medium
141497	IBM WebSphere Application Server 8.5.x < 8.5.5.15 / 9.0.0.x < 9.0.0.11 XSS (CVE-2019-4030)	medium
141473	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.19 / 9.0.x < 9.0.5.6 信息泄露 (CVE-2020-4576)	high
141472	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.17 / 9.0.x < 9.0.5.1 XSS (CVE-2019-4270)	medium
141469	IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.18 / 9.0.x < 9.0.5.6 XSS (CVE-2020-4578)	medium
141468	IBM WebSphere Application Server 8.5.x < 8.5.5.16 / 9.0.x < 9.0.5.0 XSS (CVE-2019-4271)	low

检测

Nessus 的 Web Servers 系列

high

high

high

high

medium

medium

high

medium

high

medium

info

info

critical

medium

info

critical

medium

critical

medium

critical

high

medium

low

critical

info

medium

high

medium

medium

medium

medium

medium

high

low

high

low

medium

medium

high

medium

critical

medium

medium

high

medium

medium

high

medium

medium

low