[Nikto-discuss] weak etag vulnerability?

David Lodge dave at cirt.net
Wed Jun 10 21:20:08 UTC 2009


> I got a Nikto report of item 999984 as below. It seemed to be a weak
> etag. But I can’t find any other reference from Nikto report to this
> item. 
>  no OSVDB ID like other items. How can I further verify if it’s a real
> vulnerability or false positive?
> 
> <item id="999984">
> <description>ETag header found on server, fields: 0xW/26
> 0x1244346013000 </description>
> 
> Is it just an informational item which Nikto reported? Are you aware
> if there is any vulnerability associated with it?

This item is just an informational vulnerability, on some web servers
(e.g. Apache), the etag includes information including the inode, which
could be used to mount an attack on say, NFS exports.

As there's nothing in the above I'd say it was informational and can be
ignored. I'd only report an etag if it included something like inode.

Hope that helps

dave



More information about the Nikto-discuss mailing list