Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: Remote file access --> Category: infos

Check for Apache Multiple / vulnerability Vulnerability Scan


Vulnerability Scan Summary
Send multiple /'s to Windows Apache Server

Detailed Explanation for this Vulnerability Test

Synopsis:

It is possible to obtain the list of the contents of the remote directory.

Description :

Certain versions of Apache for Win32 have a bug wherein remote users
can list directory entries. Specifically, by appending multiple /'s
to the HTTP GET command, the remote Apache server will list all files
and subdirectories within the web root (as defined in httpd.conf).

Solution :

Upgrade to the most recent version of Apache at www.apache.org

Threat Level:

Medium / CVSS Base Score : 4
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:C)

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.