Nessus Plugin #11714
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
Non-Existant Page Physical Path Disclosure Vulnerability
- Family:
- CGI abuses
- Category:
- infos
- Copyright:
- This script is Copyright (C) 2003 Michel Arboi
- Summary:
- Tests for a Generic Physical Path Disclosure Vulnerability
- Version:
- $Revision: 1.8 $
- Cve_id:
- CAN-2003-0456, CVE-2001-1372
- Bugtraq_id:
- 3341, 4035, 4261, 5054, 8075
- Xrefs:
- -
- Description:
Your web server reveals the physical path of the webroot
when asked for a non-existent page.
Whilst printing errors to the output is useful for debugging applications,
this feature should not be enabled on production servers.
Solution : Upgrade your server or reconfigure it
Risk factor : Low
Generiert am 27.04.2005 um 18:49:54 Uhr.