lamby
commented
7 years ago Please vet these before mass-filing...
Closed prasanna15540 closed 7 years ago
lamby
commented
7 years ago Please vet these before mass-filing...
sir/mam, i have found DIRECTORY LISTING BUGS IN these URLs: http://webconverger.org/blog/2015/ http://webconverger.org/blog/2017/ http://webconverger.org/blog/2008/ http://webconverger.org/blog/2012/ http://webconverger.org/blog/2016/ http://webconverger.org/blog/entry/ http://webconverger.org/ikiwiki/login-selector/ http://webconverger.org/img/2014/ http://webconverger.org/img/2015/ http://webconverger.org/img/2016/ https://webconverger.org/static/2015/
SECURITY IMPACT An attacker can see the files located in the directory and could potentially access files which disclose sensitive information.
ACTIONS TO TAKE
1.Change your server configuration file. A recommended configuration for the requested directory should be in the following format:
<Directory /{YOUR DIRECTORY}> Options FollowSymLinks
2.Remove the Indexes option from configuration. Do not forget to remove MultiViews, as well. Configure the web server to disallow directory listing requests. 3.Ensure that the latest security patches have been applied to the web server and the current stable version of the software is in use.
Please patch this vulnerability as soon as possible.
Thanking you PRASANNA DASH