CERN httpd Virtual Web Path Disclosure
Medium Nessus Plugin ID 10037
SynopsisThe remote web server has an information disclosure vulnerability.
DescriptionThe remote host appears to be running CERN httpd. It was possible to get the physical location of a virtual web directory by issuing the request :
GET /cgi-bin/ls HTTP/1.0
A remote attacker could use this information to mount further attacks.
SolutionCERN httpd is no longer maintained. Switch to using an actively supported web server.