|Title:||WebActive world readable log file|
It is possible to obtain the remote WebActive logfile by
requesting the file /active.log
An attacker may use this to obtain valuable information about
your site, such as who visits it and how popular it is.
Solution : use another web server, as WebActive is not maintained.
If you are using WindowsNT, then remove read access to this
Risk factor : Low
BugTraq ID: 1497|
Common Vulnerability Exposure (CVE) ID: CVE-2000-0642
Bugtraq: 20000711 Lame DoS in WEBactive win65/NT server (Google Search)
XForce ISS Database: webactive-active-log(5184)
|Copyright||This script is Copyright (C) 2000 Renaud Deraison|
|This is only one of 74190 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.