SilverStream Directory Listing

medium Nessus Plugin ID 10846

Synopsis

The remote application server is affected by an information disclosure vulnerability.

Description

The SilverStream application server running on the remote host currenly has directory listings enabled. An unauthenticated, remote attacker may use this issue to gain more knowledge about the service and possibly to retrieve sensitive files.

Solution

Reconfigure the server to disable directory listings.

See Also

http://www.nessus.org/u?4c550d49

Plugin Details

Severity: Medium

ID: 10846

File Name: silverstream_dirlisting.nasl

Version: 1.18

Type: remote

Family: Web Servers

Published: 2/6/2002

Updated: 6/12/2020

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

Vulnerability Publication Date: 11/14/2000