Synopsis
Some web pages require authentication.
Description
The remote web server requires HTTP authentication for the following pages. Several authentication schemes are available :
- Basic is the simplest, but the credentials are sent in cleartext.
- NTLM provides an SSO in a Microsoft environment, but it cannot be used on both the proxy and the web server. It is also weaker than Digest.
- Digest is a cryptographically strong scheme. Credentials are never sent in cleartext, although they may still be cracked by a dictionary attack.
Plugin Details
File Name: protected_web_pages.nasl
Supported Sensors: Nessus
Vulnerability Information
Excluded KB Items: Settings/disable_cgi_scanning