I had a vulnerability scan done recently and I'm having trouble finding any information on 1 of the items. My setup is ESXi 5.1 with vCenter Server running on Win2008 R2 SP1.
Web Server Internal IP address or network name available
CVE: CVE-2000-0649 CVE-2002-0419
Impact: An attacker could determine information about your internal network structure from information in http headers.
Seems like there is some sort of http hearer leak of some kind. I was flagged for a few other vCenter items on port 9090 but I was able to find a VMware KB article which states that "there is no potential to obtain sensitive data from this exploit". I realize that port 9090 and 9443 is needed for the Web Client. Anyone have any info on this?? Thanks a lot.