Web Servers Family for Nessus

ID	Name	Severity
90925	Acme mini_httpd Protocol String Handling Memory Disclosure	medium
90891	OpenSSL 1.0.2 < 1.0.2h Multiple Vulnerabilities	high
90890	OpenSSL 1.0.1 < 1.0.1t Multiple Vulnerabilities	high
90889	OpenSSL 1.0.2 < 1.0.2c Vulnerability	critical
90888	OpenSSL 1.0.1 < 1.0.1o Vulnerability	critical
90709	Oracle WebLogic Server Java Object Deserialization RCE (April 2016 CPU)	critical
90681	Oracle GlassFish Server 2.1.1.x < 2.1.1.27 NSS ASN.1 Decoder RCE (April 2016 CPU)	critical
90628	Oracle iPlanet Web Server 7.0.x < 7.0.23 NSS ASN.1 Decoder RCE (April 2016 CPU)	critical
90624	HP System Management Homepage (SMH) AddXECert Remote DoS	low
90318	Apache Tomcat XSRF Token Disclosure	high
90316	IBM WebSphere Application Server 7.0 < 7.0.0.41 / 8.0 < 8.0.0.12 / 8.5 < 8.5.5.9 OAuth Provider XSS	medium
90251	HP System Management Homepage < 7.2.6 Multiple Vulnerabilities (FREAK)	high
90150	HP System Management Homepage < 7.5.4 Multiple Vulnerabilities (Logjam)	critical
89082	OpenSSL 1.0.2 < 1.0.2g Multiple Vulnerabilities	critical
89081	OpenSSL 1.0.1 < 1.0.1s Multiple Vulnerabilities	critical
88937	Apache Tomcat 8.0.0.RC1 < 8.0.32 multiple vulnerabilities	high
88936	Apache Tomcat 7.0.0 < 7.0.68 multiple vulnerabilities	high
88935	Apache Tomcat 6.0.x < 6.0.45 Multiple Vulnerabilities	high
10704	Apache Multiviews Arbitrary Directory Listing	medium
10698	WebLogic Server Encoded Request Directory Listing	medium
88530	OpenSSL 1.0.2 < 1.0.2f Multiple Vulnerabilities	high
88529	OpenSSL 1.0.1 < 1.0.1r Vulnerability	high
88490	Web Server Error Page Information Disclosure	medium
88099	Web Server HTTP Header Information Disclosure	medium
88098	Apache Server ETag Header Information Disclosure	medium
88022	Oracle GlassFish Embedded Server Vulnerabilities (January 2016 CPU)	medium
88020	HP Virtual Table Server Detection	info
87538	IBM HTTP Server SSL/TLS RC4 Stream Cipher Key Invariance (Bar Mitzvah)	medium
87505	Symantec Endpoint Protection Manager Java Object Deserialization RCE (SYM15-011)	high
87312	JBoss Java Object Deserialization RCE	critical
87241	Apache Traffic Server 5.3.x < 5.3.2 HTTP2 Multiple Vulnerabilities	critical
87240	Apache Traffic Server 5.3.x < 5.3.1 'url_sig' Plugin Multiple Vulnerabilities	critical
87222	OpenSSL 1.0.2 < 1.0.2e Multiple Vulnerabilities	high
87221	OpenSSL 1.0.1 < 1.0.1q Multiple Vulnerabilities	high
87220	OpenSSL 1.0.0 < 1.0.0t Multiple Vulnerabilities	medium
87219	OpenSSL 0.9.8 < 0.9.8zh Vulnerability	medium
87171	IBM WebSphere Java Object Deserialization RCE	critical
87011	Oracle WebLogic Java Object Deserialization RCE	critical
86884	nginx 1.9.x < 1.9.6 HTTPv2 PRI Double-Free DoS	high
86569	Oracle Fusion Middleware Oracle HTTP Server Multiple Vulnerabilities (October 2015 CPU)	high
86481	Oracle GlassFish Server Unspecified Information Disclosure (October 2015 CPU)	medium
86322	IBM Domino ZMerge Database Security Bypass	high
86019	IBM HTTP Server 6.0 <= 6.0.2.43 (FP43) / 6.1 <= 6.1.0.47 (FP47) / 7.0 < 7.0.0.39 (FP39) / 8.0 < 8.0.0.11 (FP11) / 8.5 < 8.5.5.7 (FP7) Named Pipe DoS	medium
86018	IBM HTTP Server 6.1 <= 6.1.0.47 (FP47) / 7.0 < 7.0.0.39 (FP39) / 8.0 < 8.0.0.12 (FP12) / 8.5 < 8.5.5.7 (FP7) Multiple Vulnerabilities	high
85805	HTTP/2 Cleartext Detection	info
85766	HP System Management Homepage Single Sign On Parameter Handling RCE	critical
85628	Tenable SecurityCenter Multiple Apache Vulnerabilities (TNS-2015-11)	medium
85602	Web Application Cookies Not Marked Secure	info
85601	Web Application Cookies Not Marked HttpOnly	info
85582	Web Application Potentially Vulnerable to Clickjacking	medium

Detections

Analytics

Web Servers Family for Nessus

medium

high

high

critical

critical

critical

critical

critical

low

high

medium

high

critical

critical

critical

high

high

high

medium

medium

high

high

medium

medium

medium

medium

info

medium

high

critical

critical

critical

high

high

medium

medium

critical

critical

high

high

medium

high

medium

high

info

critical

medium

info

info

medium