| VID |
210038 |
| Severity |
20 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
A file which is presumed to be a log file has been found on the web server. The log file can allow attackers to obtain sensitive information like web server's information. It can help remote atackers to attack the web server in detail.
* Platforms Affected:
Any HTTP server Any version
Any operating system Any version |
| Recommendation |
Take the following steps:
- Delete the file if it's not necessary.
- Restrict the permission of the directory.
- Change the file name to an unguessed name.
- Move the file to location where remote access is not allowed |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
