Code: p662 Severity: Warning
Description: This event is generated when an attempt is made to retrieve a protected system file on a host via a web request. Impact: Information Gathering. Corrective: Webservers should not be allowed to view or execute files and binaries outside of it's designated web root or cgi-bin. This file may also be requested on a command line should the attacker gain access to the machine. Making the file read only by the superuser on the system will disallow viewing of the file by other users.
|
