Apache UserDir Directive Username Enumeration
Medium Nessus Plugin ID 10766
SynopsisThe remote Apache server can be used to guess the presence of a given user name on the remote host.
DescriptionWhen configured with the 'UserDir' option, requests to URLs containing a tilde followed by a username will redirect the user to a given subdirectory in the user home.
For instance, by default, requesting /~root/ displays the HTML contents from /root/public_html/.
If the username requested does not exist, then Apache will reply with a different error code. Therefore, an attacker may exploit this vulnerability to guess the presence of a given user name on the remote host.
SolutionIn httpd.conf, set the 'UserDir' to 'disabled'.