This script is Copyright (C) 2003-2016 Tenable Network Security, Inc.
The remote web server allows credentials to be transmitted in
The remote Sambar server allows users to log in without using SSL. A
man-in-the-middle attacker can exploit this to capture the passwords
of the users of this server. The attacker can then use these to access
the web mail accounts and modify the web pages on behalf of the users
of the system.
Use Sambar on top of SSL.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.2
Public Exploit Available : false
Family: Web Servers
Nessus Plugin ID: 11585 ()
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.