?
Solved

Want to avoid/secure Web Server Sample Pages which can provide more data about Server/Services running.

Posted on 2009-05-04
2
Medium Priority
?
200 Views
Last Modified: 2012-05-06
Numerous, known vulnerabilities are associated with Web site sample pages, including information gathering, buffer overflows, and/or disruption of services. A malicious user could use these vulnerabilities to instigate destructive actions against the host device.
Evidence:https://xx.xx.xx.xx/favicon.ico
Note:XS is used for IP
I want to remove this vulnerability...?
0
Comment
Question by:Brijeshk9
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 14

Accepted Solution

by:
agriesser earned 1500 total points
ID: 24302436
If your scanner found the favicon.ico file to be an evidence for a vulnerability, I'm wondering what the resaon for that is.

The favicon.ico file is an image used for displaying left to your URL address bar in your browser, f.ex. when you look at experts exchange, left to the url bar where it says "http://www.experts-exchange.com" there 's a orange X symbol, that's the favicon.ico of this website.

Mostly every website has a favicon.ico file, so I don't see why this would be a security issue...
Is there any more information you can get us from your scanner, like the reason why it found this file to be harmful or anything like that?

Of course, it might be that someone replaced your favicon.ico file with something else, so make sure that it is still the file that was originally uploaded and not something else.
0
 

Author Closing Comment

by:Brijeshk9
ID: 31577882
Thnaks..!
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction As you’re probably aware the HTTP protocol offers basic / weak authentication, which in combination with the relevant configuration on your web server, provides the ability to password protect all or part of your host.  If you were not…
Hi, in this article I'm going to teach you how to run your own site, and how to let people in (without IP). I'll talk about and explain each step... :) By the way, everything in this Tutorial is completely free and legal. This article is for …
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Suggested Courses
Course of the Month7 days, 19 hours left to enroll

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question