2110099 : Unencrypted HTTP traffic over SSL has been detected
- Event Description
- Products that have this security check
- Affected platforms
- How to remove this vulnerability
- Information about this document
Unencrypted HTTP traffic over the Secure Socket Layer (SSL) port has been detected. SSL is a security protocol used to privately communicate over the Internet. Unencrypted HTTP traffic over the SSL port could indicate that an attacker is attempting to conduct malicious activity.
- BlackICE Agent for Server
- BlackICE PC Protection
- BlackICE Server Protection
- IBM Security Host Protection for Desktops
- IBM Security Host Protection for Servers (Unix)
- IBM Security Host Protection for Servers (Windows)
- IBM Security Network Protection
- Proventia Network IDS
- Proventia Network IPS
- Proventia Network MFS
- Proventia Server IPS for Linux technology
- RealSecure Desktop
- RealSecure Desktop Protector 3.6
- RealSecure Network
- RealSecure Server Sensor
- Virtual Server Protection for Vmware
This signature detects a valid HTTP request and response on port 443 that is not encrypted.
|False Positive:||Some servers may be configured (or misconfigured) so that they accept unencrypted HTTP traffic on port 443 and if so, the traffic may be considered legitimate.|
- Apple Mac OSCisco IOSCompaq Tru64 4.0Data General DG/UXHP HP-UXIBM AIXIBM OS2Linux KernelMicrosoft Windows 2000Microsoft Windows 2003 ServerMicrosoft Windows 95Microsoft Windows 98Microsoft Windows 98SEMicrosoft Windows MeMicrosoft Windows NT 4.0Microsoft Windows XPNovell NetWareSCO SCO UnixSGI IRIXSun SolarisWind River BSDOS
No remedy currently available.
The information contained in this document may change without notice, and may have been altered or changed if you have received it from a source other than Internet Security Systems. Use of this information constitutes acceptance for use in an "AS IS" condition, without warranties of any kind, and any use of this information is at the user's own risk. Internet Security Systems disclaims all warranties, either expressed or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Internet Security Systems be liable for any damages whatsoever, including direct, indirect, incidental, consequential or special damages, arising from the use or dissemination hereof, even if Internet Security Systems has been advised of the possibility of such damages.
Copyright © 1997 – 2014 IBM Internet Security Systems. All rights reserved.
This page was created on Wed Jul 16 00:52:02 2014