Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.11909
Category:Remote file access
Title:Apache2 double slash dir index
Summary:NOSUMMARY
Description:Description:

It is possible to obtain the listing of the content of the
remote web server root by sending the request :

GET // HTTP/1.0

This vulnerability usually affects the default Apache
configuration which is shipped with Red Hat Linux, although
it might affect other Linux distributions or other web server.

An attacker may exploit this flaw the browse the content
of the remote web root and possibly find hidden links into it.

Solution : Use index files instead of default welcome pages
Risk factor : Medium

Cross-Ref: BugTraq ID: 8898
Common Vulnerability Exposure (CVE) ID: CVE-2003-1138
http://www.securityfocus.com/bid/8898
Bugtraq: 20031027 Root Directory Listing on RH default apache (Google Search)
http://www.securityfocus.com/archive/1/342578
Copyright(C) 2003 Tenable Network Security

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.