In a particular sharepoint application i am doing a assessment on, OWSSVR.DLL is avaialbale which allows me to download project schema and list information in form of XML data using URL's like
The files which are downloaded is not having any critical infomation.
Want to confirm
1) Is it really a security issue.
2) What maximum can be acheived using this if we get to know GUIDs of different list.
3) What can be done to prevent this , is downloading information with OWSSVR.DLL a standard feature which cant be done away with in MOSS.