Apache on Mac OS X HFS+ Arbitrary File Source Disclosure

This script is Copyright (C) 2004-2016 Tenable Network Security, Inc.

Synopsis :

The remote web server is affected by an information disclosure

Description :

The remote host seems to be running Mac OS X or Mac OS X Server.

There is a flaw in the remote web server that allows an attacker to
obtain the source code of any given file on the remote web server by
reading it through its data fork directly. An attacker may exploit
this flaw to obtain the source code of remote scripts.

Solution :

Install the latest Apple Security Patches.

Risk factor :

Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.3
Public Exploit Available : false

Family: Web Servers

Nessus Plugin ID: 15927 (hfs_fork_source.nasl)

Bugtraq ID: 11802

CVE ID: CVE-2004-1083

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now