Jump to content

  • You cannot start a new topic
  • You cannot reply to this topic

Enumerate web directories Rate Topic   - - - - -

 
  • Earl
  • Member
  • Members
  • Join Date: 30-Oct 07
  • 44 posts

Posted 16 February 2008 - 05:59 PM #1

Hi,
I recent ran a scanner on my server and came across these results

Plugin "Directory Scanner"
Category "General remote services (Misc.)"
Priority Ranking "Low Priority"
Synopsis : It is possible to enumerate web directories. Description : This plugin attempts to determine the presence of various common dirs on the remote web server.

Risk factor : None Plugin output : The following directories were discovered: /payments, /icons, /manual While this is not, in and of itself, a bug, you should manually inspect these directories to ensure that they are in compliance with company security standards Other references : OWASP:OWASP-CM-006


I checked my .htaccess file in payments folder for example and found only entry
"Options -Indexes"

Should I be concerned about this?
Earl
Cs-Cart 1.3.5 sp2 | Linux VPS Hosting | MySql 5.0.27 | PHP 5.2.6