| VID |
21820 |
| Severity |
10 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
A Web directory was found by the Dictionary-based Brute-Force attack. A brute-force attack is an attempt to discover a directory by systematically trying every possible words from a dictionary file. This check will perform a brute force attack using the dictionary file specified in a scan policy that contains a list of the most common directories.
* Note: By default, this check uses the 'Conf\Webapp_folders.txt' file as the dictionary file, as defined by the Policy Editor, and the depth level of recursive calls for discovering directories is '2'.
* Platforms Affected:
Any HTTP server Any version
Any operating system Any version |
| Recommendation |
|
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
