HTTP Methods Allowed (per directory)

info Nessus Plugin ID 43111


This plugin determines which HTTP methods are allowed on various CGI directories.


By calling the OPTIONS method, it is possible to determine which HTTP methods are allowed on each directory.

The following HTTP methods are considered insecure:

Many frameworks and languages treat 'HEAD' as a 'GET' request, albeit one without any body in the response. If a security constraint was set on 'GET' requests such that only 'authenticatedUsers' could access GET requests for a particular servlet or resource, it would be bypassed for the 'HEAD' version. This allowed unauthorized blind submission of any privileged GET request.

As this list may be incomplete, the plugin also tests - if 'Thorough tests' are enabled or 'Enable web applications tests' is set to 'yes' in the scan policy - various known HTTP methods on each directory and considers them as unsupported if it receives a response code of 400, 403, 405, or 501.

Note that the plugin output is only informational and does not necessarily indicate the presence of any security vulnerabilities.

See Also

Plugin Details

Severity: Info

ID: 43111

File Name: web_directory_options.nasl

Version: 1.12

Type: remote

Family: Web Servers

Published: 12/10/2009

Updated: 4/11/2022

Configuration: Enable thorough checks

Vulnerability Information