Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:10386
Category:Web Servers
Title:Response Time / No 404 Error Code Check
Summary:This VT tests if the remote web server does not reply with a 404; error code and checks if it is replying to the scanners requests in a reasonable amount of time.
Description:Summary:
This VT tests if the remote web server does not reply with a 404
error code and checks if it is replying to the scanners requests in a reasonable amount of time.

Vulnerability Insight:
This web server might show the following issues:

- it is [mis]configured in that it does not return '404 Not Found' error codes when a non-existent
file is requested, perhaps returning a site map, search page, authentication page or redirect instead.

The Scanner might enabled some counter measures for that, however they might be insufficient. If a
great number of security issues are reported for this port, they might not all be accurate.

- it doesn't response in a reasonable amount of time to various HTTP requests sent by this VT.

In order to keep the scan total time to a reasonable amount, the remote web server might not be
tested. If the remote server should be tested it has to be fixed to have it reply to the scanners
requests in a reasonable amount of time.

Alternatively the 'Maximum response time (in seconds)' preference could be raised to a higher
value if longer scan times are accepted.

CVSS Score:
0.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:N

CopyrightCopyright (C) 2006 RD / H D Moore

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.