Download Netsparker

Directory Listing Enabled on ASP.NET Server

Netsparker identified a directory listing (ASP.NET server).

The web server responded with a list of files located in the target directory.


An attacker can see the files located in the directory and could potentially access files which disclose sensitive information.

Actions to Take

  1. Configure the web server to disallow directory listing requests.
  2. Ensure that the latest security patches have been applied to the web server and the current stable version of the software is in use.

External References

Go back to the Complete list of Vulnerability Checks.