[BlueOnyx:11126] Re: /icons/: Directory indexing found
Ken - Precision Web Hosting, Inc
kenlists at precisionweb.net
Wed Aug 8 13:11:09 -05 2012
----- Original Message -----
From: "Richard Barker" <rc at probass.com>
To: "BlueOnyx General Mailing List" <blueonyx at blueonyx.it>
Sent: Wednesday, August 08, 2012 10:18 AM
Subject: [BlueOnyx:11121] /icons/: Directory indexing found
>
> How does one turn this off?
>
> TCP 443 http
> Title: Web server vulnerability Impact: /icons/: Directory indexing
> found. Risk Factor: High/ CVSS2 Base Score: 10.0 CVE: CVE-1999-0569
> http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-1999-0569
>
> TCP 80 http
> Title: Web server vulnerability Impact: /icons/: Directory indexing
> found. Risk Factor: High/ CVSS2 Base Score: 10.0 CVE: CVE-1999-0569
> http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-1999-0569
>
> Found this in the httpd.conf
> Alias /icons/ "/var/www/icons/"
>
> <Directory "/var/www/icons">
> Options Indexes MultiViews
> AllowOverride None
> Order allow,deny
> Allow from all
> </Directory>
> #
> # AddIcon* directives tell the server which icon to show for different
> # files or filename extensions. These are only displayed for
> # FancyIndexed directories.
> #
> AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
>
> AddIconByType (TXT,/icons/text.gif) text/*
> AddIconByType (IMG,/icons/image2.gif) image/*
> AddIconByType (SND,/icons/sound2.gif) audio/*
> AddIconByType (VID,/icons/movie.gif) video/*
>
> AddIcon /icons/binary.gif .bin .exe
> AddIcon /icons/binhex.gif .hqx
> AddIcon /icons/tar.gif .tar
> AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
> AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
> AddIcon /icons/a.gif .ps .ai .eps
> AddIcon /icons/layout.gif .html .shtml .htm .pdf
> AddIcon /icons/text.gif .txt
> AddIcon /icons/c.gif .c
> AddIcon /icons/p.gif .pl .py
> AddIcon /icons/f.gif .for
> AddIcon /icons/dvi.gif .dvi
> AddIcon /icons/uuencoded.gif .uu
> AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
> AddIcon /icons/tex.gif .tex
> AddIcon /icons/bomb.gif core
>
> AddIcon /icons/back.gif ..
> AddIcon /icons/hand.right.gif README
> AddIcon /icons/folder.gif ^^DIRECTORY^^
> AddIcon /icons/blank.gif ^^BLANKICON^^
>
>
> Thank you in advance,
> RC
>
>
> --
> +---------------------------------------------+
> Richard C. Barker Sr.
>
> +---------------------------------------------+
>
Richard
Just add an index page:
echo 'Icons' >> /var/www/icons/index.html
echo 'Icons' >> /var/www/icons/small/index.html
----
Ken Marcus
Precision Web Hosting, Inc.
http://www.precisionweb.net
More information about the Blueonyx
mailing list