Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Plugin Spotlight: Office Files List

Attackers have access to a great deal of public information about your organization. Public web sites, domain records, routing information and several other sources can provide an attacker with useful information to launch attacks. Public documents posted on your web site contain metadata that can be very useful to an attacker. Metadata, in the context of the documents created within your organization, is information about the document itself. This can include who created it, their email address, the creation date, the software used to create and publish it and the software version and platform. This information can then be used to create client-side attacks that specifically target individuals and the software they are using.


Nessus plugin 11419, Office files list, attempts to discover the documents that are located on the target web site. Currently this plugin checks for the following document types:

*.docMS Word
*.wriWrite
*.xlsMS Excel
*.pptMS PowerPoint
*.csvGeneric Spreadsheet
*.difspreadsheet
*.rtf Generic Word Processor
*.pdfAdobe Acrobat PDF
*.sxwOpen Office Writer
*.sxiOpen Office Presentation
*.sxcOpen Office Spreadsheet
*.sdw StarWriter
*.sdd StarImpress
*.sdc StarCalc

Running this plugin against web sites produces a report that lists each document and type found:

OfficeFilesList.png

When performing vulnerability scans and assessments against your web servers, make sure you also examine the documents being distributed on the web server. Manual inspection is required to ensure that no sensitive information is contained within the document. A further step is required to ensure that document metadata has been removed. Periodic audits using Nessus, especially of your public facing web servers, will aid in the discovery of documents that may leak too much information to attackers. Plugin 11419 helps you find this information before the attackers do.You may also consider implementing a “Metadata Scrubber”, such as the Office add-in made freely available by Microsoft called “Remove hidden data”.

Resources

Subscribe to the Tenable Blog

Subscribe
Try for Free Buy Now

Try Tenable.io Vulnerability Management

FREE FOR 60 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.