Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Want to avoid/secure Web Server Sample Pages which can provide more data about Server/Services running.

Posted on 2009-05-04
2
Medium Priority
?
202 Views
Last Modified: 2012-05-06
Numerous, known vulnerabilities are associated with Web site sample pages, including information gathering, buffer overflows, and/or disruption of services. A malicious user could use these vulnerabilities to instigate destructive actions against the host device.
Evidence:https://xx.xx.xx.xx/favicon.ico
Note:XS is used for IP
I want to remove this vulnerability...?
0
Comment
Question by:Brijeshk9
2 Comments
 
LVL 14

Accepted Solution

by:
agriesser earned 1500 total points
ID: 24302436
If your scanner found the favicon.ico file to be an evidence for a vulnerability, I'm wondering what the resaon for that is.

The favicon.ico file is an image used for displaying left to your URL address bar in your browser, f.ex. when you look at experts exchange, left to the url bar where it says "http://www.experts-exchange.com" there 's a orange X symbol, that's the favicon.ico of this website.

Mostly every website has a favicon.ico file, so I don't see why this would be a security issue...
Is there any more information you can get us from your scanner, like the reason why it found this file to be harmful or anything like that?

Of course, it might be that someone replaced your favicon.ico file with something else, so make sure that it is still the file that was originally uploaded and not something else.
0
 

Author Closing Comment

by:Brijeshk9
ID: 31577882
Thnaks..!
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you've heard about htaccess and it sounds like it does what you want, but you're not sure how it works... well, you're in the right place. Read on. Some Basics #1. It's a file and its filename is .htaccess (yes, with a dot in the front). #…
Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc. This document explains the different types of consol…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.
Suggested Courses
Course of the Month21 days, 5 hours left to enroll

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question