<plugin_id>65</plugin_id>
<plugin_name>HTTP 1.1 support detection</plugin_name>
<plugin_family>HTTP</plugin_family>
<plugin_created_date>2003/11/15</plugin_created_date>
<plugin_created_name>Marc Ruef</plugin_created_name>
<plugin_created_email>marc dot ruef at computec dot ch</plugin_created_email>
<plugin_created_web>http://www.computec.ch</plugin_created_web>
<plugin_created_company>computec.ch</plugin_created_company>
<plugin_updated_name>Marc Ruef</plugin_updated_name>
<plugin_updated_email>marc dot ruef at computec dot ch</plugin_updated_email>
<plugin_updated_web>http://www.computec.ch</plugin_updated_web>
<plugin_updated_company>computec.ch</plugin_updated_company>
<plugin_updated_date>2004/11/14</plugin_updated_date>
<plugin_version>2.0</plugin_version>
<plugin_changelog>Corrected the severity and added the NetRecon rating in version 1.3. Corrected the plugin structure and added the accuracy values in 1.4. Improved the pattern matching and introduced the plugin changelog in 2.0</plugin_changelog>
<plugin_protocol>tcp</plugin_protocol>
<plugin_port>80</plugin_port>
<plugin_procedure_detection>open|send HEAD / HTTP/1.1\nHost: $DHOST\n\n|sleep|close|pattern_not_exists HTTP/#.# 505 * OR HTTP/#.# 400 *</plugin_procedure_detection>
<plugin_detection_accuracy>98</plugin_detection_accuracy>
<plugin_comment>This plugin was written with the ATK Attack Editor.</plugin_comment>
<bug_affected>Nearly every newer http web server</bug_affected>
<bug_not_affected>Specialized web servers</bug_not_affected>
<bug_vulnerability_class>Configuration</bug_vulnerability_class>
<bug_description>The http web server reacted on HTTP/1.1 in a usual GET request normal. An attacker can detect so support of the http protocol in version 1.0.</bug_description>
<bug_solution>A service if not needed should be de-installed or disabled. If this is not possible, an access control list (ACL) with firewalling should be applied to this port. </bug_solution>
<bug_fixing_time>1 hour</bug_fixing_time>
<bug_exploit_availability>Yes</bug_exploit_availability>
<bug_remote>Yes</bug_remote>
<bug_local>Yes</bug_local>
<bug_severity>Low</bug_severity>
<bug_popularity>9</bug_popularity>
<bug_simplicity>8</bug_simplicity>
<bug_impact>2</bug_impact>
<bug_risk>3</bug_risk>
<bug_nessus_risk>None</bug_nessus_risk>
<bug_netrecon_rating>42</bug_netrecon_rating>
<bug_check_tool>Nessus is able to do the same check.</bug_check_tool>
<source_cve>CVE-1999-0633</source_cve>
<source_nessus_id>10582</source_nessus_id>
<source_literature>Hacking Exposed: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray and George Kurtz, February 25, 2003, 4th Edition, McGraw-Hill Osborne Media, ISBN 0072227427</source_literature>
<source_misc>http://www.computec.ch</source_misc>