Family: CGI abuses --> Category: attack
Apache for Windows CGI Source Code Disclosure Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Tries to read source of print-env.pl with Apache for Windows
Detailed Explanation for this Vulnerability Test
The remote web server is affected by an information disclosure issue.
The version of Apache for Windows installed on the remote host can be
tricked into disclosing the source of its CGI scripts because of a
configuration issue. Specifically, if the CGI directory is located
within the document root, then requests that alter the case of the
directory name will bypass the mod_cgi cgi-script handler and be
treated as requests for ordinary files.
See also :
Reconfigure Apache so that the scripts directory is located outside of
the document root.
Low / CVSS Base Score : 2
Click HERE for more information and discussions on this network vulnerability scan.