HTTP Methods Allowed (per directory)

This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.


Synopsis :

This plugin determines which HTTP methods are allowed on various CGI
directories.

Description :

By calling the OPTIONS method, it is possible to determine which HTTP
methods are allowed on each directory.

As this list may be incomplete, the plugin also tests - if 'Thorough
tests' are enabled or 'Enable web applications tests' is set to 'yes'
in the scan policy - various known HTTP methods on each directory and
considers them as unsupported if it receives a response code of 400,
403, 405, or 501.

Note that the plugin output is only informational and does not
necessarily indicate the presence of any security vulnerabilities.

Solution :

n/a

Risk factor :

None

Family: Web Servers

Nessus Plugin ID: 43111 ()

Bugtraq ID:

CVE ID: