|Title:||Directory listing through WebDAV|
|Summary:||Checks the presence of WebDAV|
The WebDAV module can be used to obtain a listing of the
remote web server directories even if they have a default
page such as index.html.
This allows an attacker to gain valuable information about the
directory structure of the remote host and could reveal the
presence of files which are not intended to be visible.
Solution : disable the WebDAV module, or restrict its access to
authenticated and trusted clients.
Risk factor : Low
BugTraq ID: 1656|
Common Vulnerability Exposure (CVE) ID: CVE-2000-0869
@stake Security Advisory: A090700-3
SuSE Security Announcement: 20000907 (Google Search)
XForce ISS Database: apache-webdav-directory-listings(5204)
|Copyright||This script is Copyright (C) 2000 Renaud Deraison|
|This is only one of 58962 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.