Please read carefully and check if the version of your Zammad system is affected by this vulnerability. Please send information regarding vulnerabilities in Zammad to: security at zammad.com
HTTP response headers from the Zammad application include the type and version of the web server software deployed for the system. An attacker could use this information to find public vulnerabilities and target attacks against specific types and versions of the server.
It is also possible to determine the exact version of the NginX/Apache2 used by the application from the HTTP response headers that were configured with the example/default configuration.
Special 🙏 and 🤘 and ❤️ to:
N: Guardian Project
N: Center for Digital Resilience
N: TÜV Rheinland i-sec GmbH
D: Security Researcher
Existing Webserver/Reverse Proxies installations can't be updated automatically. Therefore manual action is required.
For NginX: Extend your "server" block with "server_tokens off;" as in https://github.com/zammad/zammad/blob/develop/contrib/nginx/zammad.conf
For Apache2: Extend your "VirtualHost" with "ServerTokens Prod" and "ServerSignature Off" as in https://github.com/zammad/zammad/blob/develop/contrib/apache2/zammad_ssl.conf
Online version of this advisory: https://zammad.com/news/security-advisory-zaa-2020-08
Send all remarks to security issues to security @ zammad.com.