| VID |
210036 |
| Severity |
20 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
A file which is presumed to be a statistics information file about web server has been found on the web server. The statistics information file can allow attackers to obtain sensitive information such as data traffic, files that are referenced a lot, files that are referenced little, arbitrary file's location, related url. It can help remote atackers to attack the web server in detail.
* Platforms Affected:
Any HTTP server Any version
Any operating system Any version |
| Recommendation |
Take the following steps:
- Delete the file if it's not necessary.
- Restrict the permission of the directory.
- Change the file name to an unguessed name.
- Move the file to location where remote access is not allowed |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
