This script is Copyright (C) 2003-2014 Tenable Network Security, Inc.
The remote web server is affected by an information disclosure
It is possible to obtain the listing of the content of the remote web
server root by sending the request 'GET // HTTP/1.0' This
vulnerability usually affects the default Apache configuration which
is shipped with Red Hat Linux, although it might affect other Linux
distributions or other web server.
An attacker can exploit this flaw to browse the contents of the remote
web server and possibly find hidden links.
See also :
Create an index file for each directory instead of default welcome
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.5
Public Exploit Available : true
Family: Web Servers
Nessus Plugin ID: 11909 (apache2_double_slash.nasl)
Bugtraq ID: 8898
CVE ID: CVE-2003-1138
Upgrade to Nessus Professional today!
Start your free Nessus Cloud trial now!
Begin Free Trial
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.