Root Dot Dot contents.gifindex.gif

Root Dot Dot

The scan engine succeeded in accessing the directory above the root directory of the server. The WWW server returned a listing of this directory. A potential intruder could obtain a listing of the directory above the directory set aside for WWW files. This would provide additional information for planning an attack, or could allow an intruder to download files elsewhere in the file system.

Risk: Medium

Fix: Check with the vendor and documentation of your WWW server software for information on correct configuration. If necessary, install a more recent (and secure) version of the server.