HTTP Server Version

This is a variation of Technology Disclosure. In this case, it is not only the web server or other software that is disclosed, but also the version of the web server. This makes the whole situation much more dangerous, as an attacker can now perform even more targeted attacks.

HTTP Server headers are often indexed in specific search engines as well. If a web server is exposed towards the Internet and discloses its version, it is safe to say someone will run an automated attack against it within hours after a vulnerability in the software has become publicly known.

What can happen, example and remediation?

Please see the article about Technology Disclosure. As this finding is just a variation of that, all the details are the same.