Local File Inclusion (LFI) Vulnerability

Allgemeines Forum zum Thema Apache Friends. Bei Problemen mit XAMPP bitte entweder das Linux- oder das Windows-Forum benutzen. Hier geht's wirklich nur ganz allgemein um Apache Friends.

Local File Inclusion (LFI) Vulnerability

Postby ASHISH27091987 » 11. May 2016 10:27

We got some vulnerabilities on apache server in vulnerability assessment. Can someone please let us know the settings we need to do to avoid these :-

1) Directory Inclusion : User can traverse from one directory to another by using (

https://Server.fqdn/DIR1/..\..\DIR2\login.aspx) through browser . We want to avoid this.


Regards,
Ashish Vashistha
ASHISH27091987
 
Posts: 2
Joined: 11. May 2016 10:22
XAMPP version: 2.2
Operating System: RHEL

Re: Local File Inclusion (LFI) Vulnerability

Postby ASHISH27091987 » 12. May 2016 06:51

Can someone please help on this?
ASHISH27091987
 
Posts: 2
Joined: 11. May 2016 10:22
XAMPP version: 2.2
Operating System: RHEL

Re: Local File Inclusion (LFI) Vulnerability

Postby JJ_Tagy » 12. May 2016 11:26

The easiest settings are to not configure XAMPP to be exposed to the Internet. It is a development package.
JJ_Tagy
 
Posts: 678
Joined: 30. January 2012 13:44
Operating System: Windows 10 Pro x64


Return to Apache Friends

Who is online

Users browsing this forum: No registered users and 2 guests