Apple Mac OS X Find-By-Content .DS_Store Web Directory Listing

This script is Copyright (C) 2001-2017 Tenable Network Security, Inc.

Synopsis :

It is possible to get the list of files present in the remote directory.

Description :

It is possible to read a '.DS_Store' file on the remote web server.

This file is created by MacOS X Finder; it is used to remember the icons
position on the desktop, among other things, and contains the list of files
and directories present in the remote directory.

Note that deleted files may still be present in this .DS_Store file.

See also :

Solution :

- Configure your web server so as to prevent the download of .DS_Store files
- Mac OS X users should configure their workstation to disable the creation
of .DS_Store files on network shares.

Risk factor :

Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.2
Public Exploit Available : true

Family: Web Servers

Nessus Plugin ID: 10756 ()

Bugtraq ID: 3316

CVE ID: CVE-2001-1446

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now