<div dir="ltr"><div><div>That fixed it.<br><br></div>Thanks<br><br></div>Robin<br></div><br><div class="gmail_quote"><div dir="ltr">On Wed, 24 Feb 2016 at 06:10 Sullo <<a href="mailto:csullo@gmail.com">csullo@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Robin--<br>
<br>
Thanks for pointing this out--finally got a chance to take a look at<br>
it. I've committed some changes to report the correct header when it's<br>
in www-authenticate (which is why it was blank) and also only alert 1<br>
time for each of the 3 possible headers. So at max you could have 3<br>
reports if your target had all 3 issues, which seems unlikely.<br>
<br>
Please test if you can to see if this resolves it.<br>
<br>
-Sullo<br>
<br>
<br>
On Wed, Feb 17, 2016 at 4:13 AM, Robin Wood <robin@digi.ninja> wrote:<br>
> I've just ran a scan and in the results got 18 copies of this issue<br>
> for one of the IPs:<br>
><br>
> + OSVDB-630: GET Microsoft Exchange Systems (CAS and OWA) may reveal<br>
> their internal or real IP in the WWW-Authenticate header via a request<br>
> over HTTP/1.0. The value is "".<br>
><br>
> Looking in the save file the internal IP is there:<br>
><br>
> HTTP/1.1 401 Unauthorized<br>
> content-type: text/html<br>
> server: Microsoft-IIS/7.0<br>
> www-authenticate: Basic realm="10.2.0.18"<br>
> x-powered-by: <a href="http://ASP.NET" rel="noreferrer" target="_blank">ASP.NET</a><br>
> date: Tue, 16 Feb 2016 16:51:21 GMT<br>
> connection: keep-alive<br>
> content-length: 1293<br>
><br>
> The repeated results are caused by it hitting 18 different directories<br>
> which I think is a good idea but I think it should de-duplicate the<br>
> results so there is only a single issue raised if they all match.<br>
><br>
> Robin<br>
> _______________________________________________<br>
> Nikto is sponsored by Netsparker, a false positive free web application security scanner and Netsparker Cloud online scanner.<br>
> Visit <a href="https://www.netsparker.com/" rel="noreferrer" target="_blank">https://www.netsparker.com/</a> for more information.<br>
> _______________________________________________<br>
> Nikto-discuss mail list<br>
> <a href="mailto:Nikto-discuss@attrition.org" target="_blank">Nikto-discuss@attrition.org</a><br>
> <a href="https://attrition.org/mailman/listinfo/nikto-discuss" rel="noreferrer" target="_blank">https://attrition.org/mailman/listinfo/nikto-discuss</a><br>
<br>
<br>
<br>
--<br>
<br>
<a href="http://www.cirt.net" rel="noreferrer" target="_blank">http://www.cirt.net</a> | <a href="http://rvasec.com/" rel="noreferrer" target="_blank">http://rvasec.com/</a><br>
</blockquote></div>