| VID |
21605 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The Web server has an Web directory being vulnerable to a directory listing vulnerability. The listing information of the affected Web directory might help a remote attacker to launch further attacks against the affected Web server.
* Platforms Affected:
Any HTTP server Any version
Any operating system Any version |
| Recommendation |
Modify the configuration of the affected Web virtual directory to prevent directory listing.
Ex) Apache: httpd.conf
<Directory "/var/www/aaa">
Options Indexes FollowSymLinks MultiViews <- delete "Indexes"
</Directory> |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
