Config Files Version Header Enabled
Description
Detects when ASP.NET applications are configured to expose version information in HTTP headers via 'enableVersionHeader' setting. Exposing version information can help attackers identify vulnerable framework versions to exploit, making this a potential information disclosure vulnerability.
Detection Strategy
• Scans web.config files for ASP.NET configuration settings
• Looks for <system.web> sections containing <httpRuntime> elements
• Identifies when enableVersionHeader attribute is explicitly set to 'true'
• Reports vulnerability at the line and column where this insecure configuration is found
Vulnerable code example
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.web>
<httpRuntime
executionTimeout="300"
enableVersionHeader="true" <!-- Vulnerable: Exposes version information that could help attackers -->
/>
</system.web>...✅ Secure code example
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.web>
<httpRuntime
executionTimeout="300"
enableVersionHeader="false" <!-- Safe: Prevents exposure of version information in headers -->
/>
</system.web>...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.