How to Buy
This script is Copyright (C) 1999-2015 Tenable Network Security, Inc.
It is possible to use the remote web server to read arbitrary files on the
The remote HTTP server allows an attacker to read arbitrary files
on the remote host with the privileges of the web server, simply by
adding a slash in front of its name.
For instance, 'GET //etc/passwd' will return the contents of the
remote file '/etc/passwd'.
Upgrade your web server or change it.
Risk factor :
Medium / CVSS Base Score : 5.0
Family: Web Servers
Nessus Plugin ID: 10286 ()
CVE ID: CVE-1999-1456
Nessus Professional: Scan unlimited IPs, run compliance checks & moreNessus Cloud: The power of Nessus for teams – from the cloud
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.