Solved

Want to avoid/secure Web Server Sample Pages which can provide more data about Server/Services running.

Posted on 2009-05-04
2
196 Views
Last Modified: 2012-05-06
Numerous, known vulnerabilities are associated with Web site sample pages, including information gathering, buffer overflows, and/or disruption of services. A malicious user could use these vulnerabilities to instigate destructive actions against the host device.
Evidence:https://xx.xx.xx.xx/favicon.ico
Note:XS is used for IP
I want to remove this vulnerability...?
0
Comment
Question by:Brijeshk9
2 Comments
 
LVL 14

Accepted Solution

by:
agriesser earned 500 total points
ID: 24302436
If your scanner found the favicon.ico file to be an evidence for a vulnerability, I'm wondering what the resaon for that is.

The favicon.ico file is an image used for displaying left to your URL address bar in your browser, f.ex. when you look at experts exchange, left to the url bar where it says "http://www.experts-exchange.com" there 's a orange X symbol, that's the favicon.ico of this website.

Mostly every website has a favicon.ico file, so I don't see why this would be a security issue...
Is there any more information you can get us from your scanner, like the reason why it found this file to be harmful or anything like that?

Of course, it might be that someone replaced your favicon.ico file with something else, so make sure that it is still the file that was originally uploaded and not something else.
0
 

Author Closing Comment

by:Brijeshk9
ID: 31577882
Thnaks..!
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction As you’re probably aware the HTTP protocol offers basic / weak authentication, which in combination with the relevant configuration on your web server, provides the ability to password protect all or part of your host.  If you were not…
If you are running a LAMP infrastructure, this little code snippet is very helpful if you are serving lots of HTML, JavaScript and CSS-related information. The mod_deflate module, which is part of the Apache 2.2 application, provides the DEFLATE…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question