[Nikto-discuss] internal IP not pulled out

Robin Wood robin at digi.ninja
Wed Feb 17 03:13:57 CST 2016


I've just ran a scan and in the results got 18 copies of this issue
for one of the IPs:

+ OSVDB-630: GET Microsoft Exchange Systems (CAS and OWA) may reveal
their internal or real IP in the WWW-Authenticate header via a request
over HTTP/1.0. The value is "".

Looking in the save file the internal IP is there:

HTTP/1.1 401 Unauthorized
content-type: text/html
server: Microsoft-IIS/7.0
www-authenticate: Basic realm="10.2.0.18"
x-powered-by: ASP.NET
date: Tue, 16 Feb 2016 16:51:21 GMT
connection: keep-alive
content-length: 1293

The repeated results are caused by it hitting 18 different directories
which I think is a good idea but I think it should de-duplicate the
results so there is only a single issue raised if they all match.

Robin


More information about the Nikto-discuss mailing list