-
Bug
-
Resolution: Done-Errata
-
Major
-
6.11.0
-
False
-
-
False
-
CLOSED
-
foreman-installer-3.12.0-0.2.rc1
-
11,400
-
Platform
-
-
-
Important
-
None
Description of problem:
Apache Multiviews Arbitrary Directory Listing Issue on Red Hat Capsule
Version-Release number of selected component (if applicable):
How reproducible:
100%
Steps to Reproduce:
-------------------
1.Try to access the Capsule URL through your browser or using the curl command:
curl https://capsule.example.com/?M=A
Actual results:
--------------
Nessus was able to exploit the issue using the following request :
curl https://capsule.example.com/?M=A
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<html>
<head>
<title>Index of /</title>
</head>
<body>
<h1>Index of /</h1>
<table>
<tr><th valign="top"><img src="/icons/blank.gif" alt="[ICO]"></th><th><a href="?C=N;O=D">Name</a></th><th><a href="?C=M;O=A">Last modified</a></th><th><a href="?C=S;O=A">Size</a></th><th><a href="?C=D;O=A">Description</a></th></tr>
<tr><th colspan="5"><hr></th></tr>
<tr><td valign="top"><img src="/icons/folder.gif" alt="[DIR]"></td><td><a href="cgi-bin/">cgi-bin/</a></td><td align="right">2022-03-22 11:36 </td><td align="right"> - </td><td> </td></tr>
<tr><td valign="top"><img src="/icons/folder.gif" alt="[DIR]"></td><td><a href="html/">html/</a></td><td align="right">2022-03-22 11:36 </td><td align="right"> - </td><td> </td></tr>
<tr><th colspan="5"><hr></th></tr>
</table>
</body></html>
Expected results:
This Nessus vulnerability (CVE-2001-0731 ) should be fixed.
Additional info:
- is cloned by
-
SAT-28696 Apache Multiviews Arbitrary Directory Listing Issue on Red Hat Capsule
- Closed
- is related to
-
SAT-26837 On capsules, a user can read the directory cgi-bin of the server
- Closed
- external trackers
- links to
-
RHBA-2024:140284 Important: Satellite 6.16.0 release