Secure HyperText Transfer Protocol (S-HTTP) Detection

This script is Copyright (C) 2003-2017 Tenable Network Security, Inc.

Synopsis :

The remote web server encrypts traffic using an obsolete protocol.

Description :

The remote web server accepts connections encrypted using Secure
HyperText Transfer Protocol (S-HTTP), a cryptographic layer that was
defined in 1999 by RFC 2660 and never widely implemented.

See also :

Solution :

Rare or obsolete code is often poorly tested. Thus, it would be
safer to disable support for S-HTTP and use HTTPS instead.

Risk factor :

Medium / CVSS Base Score : 5.0

Family: Service detection

Nessus Plugin ID: 11720 ()

Bugtraq ID:


Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now