检测

Nessus 的 Web Servers 系列

ID名称严重性
140735HTTP 走私检测
medium
140655Microsoft Internet Information Services (IIS) 站点枚举
info
140504SAP NetWeaver AS Java 多个 XSS (2953112)
medium
140464IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.14 / 9.0.x <= 9.0.0.9 XSS (729547)
medium
140463IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.13 / 9.0.x <= 9.0.0.7 信息泄露 (715271)
medium
140462IBM WebSphere Application Server 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.13 / 9.0.x <= 9.0.0.8 信息泄露 (711983)
high
140453IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x <= 8.5.5.17 / 9.0.x <= 9.0.5.4 RCE (6255074)
high
139871IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.17 / 9.0.x < 9.0.5.4 RCE (6258333)
critical
139615已安装 Microsoft Internet Information Services (IIS)
info
139583SAP NetWeaver AS Java DoS (2941315)
high
139574Apache 2.4.x < 2.4.46 多个漏洞
critical
139065IBM WebSphere Application Server 8.5.x < 8.5.5.18 服务器端请求伪造 (6209099)
medium
138882Cisco Small Business Router Web UI 检测
info
138878IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.18 / 9.0.x < 9.0.5.5 RCE (6250059)
high
138851Apache Tomcat 7.0.27 < 7.0.105
high
138762SAP NetWeaver:身份验证绕过 (CVE-2020-6287)(直接检查)
critical
138591Apache Tomcat 9.0.0.M1 < 9.0.37 多个漏洞
high
138574Apache Tomcat 8.5.0 < 8.5.57 多个漏洞
high
138509Oracle WebLogic IIOP JNDI 查找 RCE 直接检查
critical
138506SAP NetWeaver AS Java 多个漏洞
critical
138499SAP Netweaver Application Server (AS) HTTP 服务器检测
info
138098Apache Tomcat 9.0.0.M1 < 9.0.36
high
138097Apache Tomcat 8.5.0 < 8.5.56
high
138091IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.18 / 9.0.x < 9.0.5.5 信息泄露 (CVE-2020-4449)
high
138074Oracle WebLogic Server Java 对象反序列化 RCE (CVE-2020-2883)
critical
137398IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.18 / 9.0.x < 9.0.5.4 远程代码执行 (CVE-2020-4448)
critical
137368IBM WebSphere Application Server 8.5.x < 8.5.5.18 / 9.0.x < 9.0.5.5 RCE (CVE-2020-4450)
critical
136931Apache Traffic Server - HTTP 走私和缓存中毒
medium
136897IBM WebSphere Application Server 7.0.0.0 <= 7.0.0.45 / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.14 / 9.0.0.0 <= 9.0.0.9 XSS
medium
136892IBM WebSphere Application Server 管理控制台 7.0.0.0 <= 7.0.0.45 / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.14 / 9.0.0.0 <= 9.0.0.9 XSS
medium
136807Apache Tomcat 8.5.0 < 8.5.55
high
136806Apache Tomcat 9.0.0 < 9.0.35
high
136770Apache Tomcat 7.0.0 < 7.0.104
high
136764IBM MQ 控制台检测
info
136763IBM MQ 默认凭据
critical
136426IBM WebSphere Application Server 9.0.0.0 < 9.0.0.9 信息泄露 (CVE-2018-1957)
medium
136410IBM WebSphere Application Server 7.0 < 7.0.0.46 / 8.0 < 8.0.0.16 / 8.5 < 8.5.5.18 / 9.0 < 9.0.5.4 / Liberty 17.0.0.3 < 20.0.0.5 信息泄露
medium
136340已安装 nginx (Linux/UNIX)
info
136183IBM WebSphere Application Server 7.0.0.0 <= 7.0.0.45 / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.14 / 9.0.0.0 <= 9.0.0.9 跨站脚本漏洞
medium
136180IBM WebSphere Application Server 7.x / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.14 / 9.0.0.0 <= 9.0.0.9 目录遍历漏洞
medium
135919OpenSSL 1.1.1d < 1.1.1g 漏洞
high
135771IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.15 / 9.x < 9.0.0.10 XSS (CVE-2018-1794)
medium
135720IBM WebSphere Application Server 7.0.0.0 <= 7.0.0.45 / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.15 / 9.0.0.0 <= 9.0.0.10 连接欺骗漏洞
medium
135702IBM WebSphere Application Server 7.0.0.0 <= 7.0.0.45 / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.17 / 9.0.0.0 <= 9.0.5.3 权限提升 (CVE-2020-4362)
high
135677Oracle Fusion Middleware Oracle HTTP 服务器(2020 年 4 月 CPU)
high
135290Apache 2.4.x < 2.4.42 多个漏洞
medium
135180IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.18 / 9.0.x < 9.0.5.4 权限提升 (CVE-2020-4276)
high
134862Apache Tomcat AJP 连接器请求注入 (Ghostcat)
critical
134220nginx < 1.17.7 信息泄露
medium
133845Apache Tomcat 9.0.0.M1 < 9.0.31 多个漏洞
critical