Family: CGI abuses --> Category: infos
MacOS X Finder reveals contents of Apache Web directories Vulnerability Scan
Vulnerability Scan Summary
Checks for .DS_Store
Detailed Explanation for this Vulnerability Test
MacOS X creates a hidden file, '.DS_Store' in each directory that has
been viewed with the 'Finder'. This file contains a list of the
contents of the directory, giving a possible hacker information on the
structure and contents of your website.
Solution: Use a directive in httpd.conf to forbid
retrieval of this file:
Order allow, deny
Deny from all
and restart Apache.
Threat Level: Medium
(possibly High depending on the sensitivity of your web content)
Click HERE for more information and discussions on this network vulnerability scan.