burp-vulners-scanner icon indicating copy to clipboard operation
burp-vulners-scanner copied to clipboard

Published 20 hours ago verified publisher icon vulnersCom

false positive (high/firm) for IIS (7.5)

Open drwetter opened this issue 7 years ago • 0 comments

Hello,

I doubt this is a valid finding (high, firm) as it looks to me the server banner was just taken and a lookup was performed:

screenshot_20170829_123541

For this the IIS from 2008R2 shouldn't have been patched. One cannot tell from the outside -- at least not by looking at this banner.

Can this be either taken out or at least changed to info/firm, then at least not supplying the CVEs?

Thx, Dirk

drwetter avatar Aug 29 '17 10:08 drwetter