header-logo
Suggest Exploit
vendor:
Apache HTTP Server
by:
SecurityFocus
5
CVSS
MEDIUM
Apache Directory Indexing
N/A
CWE
Product Name: Apache HTTP Server
Affected Version From: Apache 1.3.x
Affected Version To: Apache 1.3.x
Patch Exists: No
Related CWE: N/A
CPE: o:apache:apache_http_server
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

Apache Directory Indexing

A possible vulnerability exists in Apache that could cause directory contents to be disclosed when directory indexing is enabled, despite the presence of an 'index.html' file. The problem is likely the result of an error in 'multiview' functionality provided as part of Apache's content negotiation support. Exploitation of this problem may lead to the dislosure of sensitive information to attackers.

Mitigation:

Disable directory indexing in Apache.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/3009/info

A possible vulnerability exists in Apache that could cause directory contents to be disclosed when directory indexing is enabled, despite the presence of an 'index.html' file.

The problem is likely the result of an error in "multiview" functionality provided as part of Apache's content negotiation support. Exploitation of this problem may lead to the dislosure of sensitive information to attackers. 

http://target-webserver/?M=A
http://target-webserver/?S=D

Navigation

Suggest Exploit

Services By CQR