| VID |
210037 |
| Severity |
20 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
A file which is presumed to be a document file has been found on the web server. this file type is usually found in the directory where application software is installed. The document file can allow attackers to obtain sensitive information such as software's version, the directory where software is installed. It can help remote atackers to attack the web server in detail.
* Platforms Affected:
Any HTTP server Any version
Any operating system Any version |
| Recommendation |
Take the following steps:
- Delete the file if it's not necessary.
- Restrict the permission of the directory.
- Change the file name to an unguessed name.
- Move the file to location where remote access is not allowed |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
