Synopsis
The remote host is vulnerable to a flaw that allows attackers to retrieve sensitive files or data.
Description
The remote host is running the IPCop web interface. This interface allows administrators to remotely access and configure the underlying firewall. Because compromise of a firewall can lead to much more serious attacks, care should be taken to harden the IPCop web interface. Critical information (such as firewall configuration, administrative login, etc.) should not be passed across the network unencrypted.
Solution
Ensure that only valid users can query the IPCop interface. Require the use of SSL from remote users.