Details

Return a custom reply message when something goes wrong, instead of the default reply message Jetty replies with.

Avoid information leakage by showing custom error messages.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Use a custom HttpBinding to be in control of the message mapping to construct the custom reply message.

This control applies to the following type of system Unix.

Source

• Tenable.com/audits