Apache for Windows Multiple Forward Slash Directory Listing
Medium Nessus Plugin ID 10440
SynopsisIt is possible to obtain the list of the contents of the remote directory.
DescriptionCertain versions of Apache for Win32 have a bug wherein remote users can list directory entries. Specifically, by appending multiple /'s to the HTTP GET command, the remote Apache server will list all files and subdirectories within the web root (as defined in httpd.conf).
SolutionUpgrade to the most recent version of Apache at www.apache.org