|
Family: Remote file access --> Category: infos
Apache2 double slash dir index Vulnerability Scan
Vulnerability Scan Summary sends a GET // HTTP/1.0
Detailed Explanation for this Vulnerability Test
It is possible to obtain the listing of the content of the
remote web server root by sending the request :
GET // HTTP/1.0
This vulnerability usually affects the default Apache
configuration which is shipped with Red Hat Linux, although
it might affect other Linux distributions or other web server.
A possible hacker may exploit this flaw the browse the content
of the remote web root and possibly find hidden links into it.
Solution : Use index files instead of default welcome pages
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|