Solved

Want to avoid/secure Web Server Sample Pages which can provide more data about Server/Services running.

Posted on 2009-05-04
2
195 Views
Last Modified: 2012-05-06
Numerous, known vulnerabilities are associated with Web site sample pages, including information gathering, buffer overflows, and/or disruption of services. A malicious user could use these vulnerabilities to instigate destructive actions against the host device.
Evidence:https://xx.xx.xx.xx/favicon.ico
Note:XS is used for IP
I want to remove this vulnerability...?
0
Comment
Question by:Brijeshk9
2 Comments
 
LVL 14

Accepted Solution

by:
agriesser earned 500 total points
ID: 24302436
If your scanner found the favicon.ico file to be an evidence for a vulnerability, I'm wondering what the resaon for that is.

The favicon.ico file is an image used for displaying left to your URL address bar in your browser, f.ex. when you look at experts exchange, left to the url bar where it says "http://www.experts-exchange.com" there 's a orange X symbol, that's the favicon.ico of this website.

Mostly every website has a favicon.ico file, so I don't see why this would be a security issue...
Is there any more information you can get us from your scanner, like the reason why it found this file to be harmful or anything like that?

Of course, it might be that someone replaced your favicon.ico file with something else, so make sure that it is still the file that was originally uploaded and not something else.
0
 

Author Closing Comment

by:Brijeshk9
ID: 31577882
Thnaks..!
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Write an app 10 70
Access_log 17 148
aix unix tar error 3 73
ignore other .htaccess 2 58
I have been running these systems for a few years now and I am just very happy with them.   I just wanted to share the manual that I have created for upgrades and other things.  Oooh yes! FreeBSD makes me happy (as a server), no maintenance and I al…
If you've heard about htaccess and it sounds like it does what you want, but you're not sure how it works... well, you're in the right place. Read on. Some Basics #1. It's a file and its filename is .htaccess (yes, with a dot in the front). #…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question