|
Family: CGI abuses --> Category: infos
MacOS X Finder reveals contents of Apache Web files Vulnerability Scan
Vulnerability Scan Summary MacOS X Finder reveals contents of Apache Web files
Detailed Explanation for this Vulnerability Test
MacOS X creates a hidden file, '.FBCIndex' in each directory that has been
viewed with the Finder. This file contains the content of the files present
in the directory, giving a possible hacker information on the HTML tags, JavaScript,
passwords, or any other sensitive word used inside those files.
Solution: Use a directive in httpd.conf to restrict access to
'hidden' files:
Order allow, deny
Deny from all
And restart Apache.
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|