search

intrigueio / intrigue-ident

Application and Service Fingerprinting
https://core.intrigue.io
Other
131 stars 40 forks source link

Misidentification of "Apache Coyote 1.1" #51

Open epicfaace opened 4 years ago

epicfaace commented 4 years ago

Intrigue ident misidentifies Apache Tomcat as "Apache Coyote 1.1". In fact, the "Apache-Coyote/1.1" "Server" header is only sent back from versions of Apache Tomcat from 4.1.x to 8.0.x (see https://tomcat.apache.org/tomcat-7.0-doc/security-howto.html).

I get a result such as the following:

cpe: "cpe:2.3:a:apache:coyote:1.1:"
hide: false
inference: true
issues: null
match_details: "Apache coyote application server - server header"
match_type: "content_headers"
method: "ident"
product: "Coyote"
tags: ["Application Server"]
0: "Application Server"
tasks: null
type: "fingerprint"
update: null
vendor: "Apache"
version: "1.1"
jcran commented 4 years ago

Sorry for the delayed response on this, we're looking into it and will get this addressed. Thank you @epicfaace!