Family: Web Servers --> Category: infos
shtml.exe reveals full path Vulnerability Scan
Vulnerability Scan Summary
Retrieve the real path using shtml.exe
Detailed Explanation for this Vulnerability Test
The shtml.exe CGI which comes with FrontPage 2000
reveals the full path to the remote web root when
it is given a non-existent file as an argument.
This is useful to a possible hacker who can gain more
knowledge against the remote host.
Solution : Install Windows 2000 SP3
Threat Level: Low
Click HERE for more information and discussions on this network vulnerability scan.