Download Netsparker
Pricing
Blog
Contact
Netsparker

Internal Directory or File Path Leakage on Unix / Linux System

Netsparker identified a possible internal path disclosure (*nix) in the document.

Impact

There is no direct impact; however, this information can help an attacker identify other vulnerabilities or help during the exploitation of other identified vulnerabilities.

Remedy

First, ensure this is not a false positive. Due to the nature of the issue, Netsparker could not confirm that this file path was actually the real file path of the target web server.
  • Error messages should be disabled.
  • Remove this kind of sensitive data from the output.

External References


Go back to the Complete list of Vulnerability Checks.