Overview

CVE-2013-4961 (Software Version Numbers Were Revealed)

Posted August 15, 2013
Assessed Risk Level: Low

The Apache and Phusion Passenger software versions used for the application are revealed by the web server in the HTTP response headers. Displaying version information could allow an attacker to determine which vulnerabilities are present, particularly in cases involving an outdated software version with published vulnerabilities.

Status

Affected Versions: Puppet Enterprise 2.x, 3.0.0
Resolved in Puppet Enterprise 3.0.1.

Overview

CVE-2013-4961 (Software Version Numbers Were Revealed)

Posted August 15, 2013

Assessed Risk Level: Low

Status