|
Family: CGI abuses --> Category: infos
Read any file thanks to ~nobody/ Vulnerability Scan
Vulnerability Scan Summary Searches for the existence of /~nobody/etc/passwd
Detailed Explanation for this Vulnerability Test
It is possible to access arbitrary files on the remote
web server by appending ~nobody/ in front of their
name (as in ~nobody/etc/passwd).
This problem is due to a misconfiguration in your Apache
server that sets UserDir to ./.
Solution : Set UserDir to public_html/ or something else
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|