Family: Remote file access --> Category: infos
Check for Apache Multiple / vulnerability Vulnerability Scan
Vulnerability Scan Summary
Send multiple /'s to Windows Apache Server
Detailed Explanation for this Vulnerability Test
It is possible to obtain the list of the contents of the remote directory.
Certain versions of Apache for Win32 have a bug wherein remote users
can list directory entries. Specifically, by appending multiple /'s
to the HTTP GET command, the remote Apache server will list all files
and subdirectories within the web root (as defined in httpd.conf).
Upgrade to the most recent version of Apache at www.apache.org
Medium / CVSS Base Score : 4
Click HERE for more information and discussions on this network vulnerability scan.