Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:10156
Category:CGI abuses
Title:Netscape FastTrack 'get'
Summary:NOSUMMARY
Description:Description:
When the remote web server is
issued a request with a lower-case 'get', it will return
a directory listing even if a default page such as index.html is
present.

Example :

get / HTTP/1.0

Will return a listing of the root directory.

This allows an attacker to gain valuable information about the
directory structure of the remote host and could reveal the
presence of files which are not intended to be visible.

Solution : Upgrade your server to the latest version.

Risk factor : Medium

Cross-Ref: BugTraq ID: 481
Common Vulnerability Exposure (CVE) ID: CVE-1999-0239
http://www.osvdb.org/122
XForce ISS Database: fastrack-get-directory-list
CopyrightThis script is Copyright (C) 1999 Renaud Deraison

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.