This script is Copyright (C) 2010-2011 Tenable Network Security, Inc.
The remote web server seems to transmit credentials using Basic
The remote web server contains web pages that are protected by
'Basic' authentication over HTTPS.
While this is not in itself a security flaw, in some organizations,
the use of 'Basic' authentication is discouraged as, depending on the
underlying implementation, it may be vulnerable to account
brute-forcing or may encourage Man-in-The-Middle (MiTM) attacks.
Make sure that the use of HTTP 'Basic' authentication is in line with
your organization's security policy.
Risk factor :
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now