Summary
This web server supports S-HTTP, a cryptographic layer that was defined in 1999 by RFC 2660.
S-HTTP has never been widely implemented and you should use HTTPS instead.
As rare or obsolete code is often badly tested, it would be safer to use another server or disable this layer somehow.
Severity
Classification
-
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Arora Common Name SSL Certificate Spoofing Vulnerability (Linux)
- Adobe Reader Information Disclosure & Denial of Service Vulnerabilities (Windows)
- Apple Safari 'Webkit' Multiple Vulnerabilities-01 Mar14 (Mac OS X)
- Apple QuickTime Multiple Arbitrary Code Execution Vulnerabilities (Win)
- Apple Safari Webkit Multiple Vulnerabilities - June13 (Mac OS X)