presish
Posts: 96
Joined: Mon Nov 17, 2014 9:40 pm

Directory Traversal Vulnerability

Tue Aug 20, 2019 6:24 pm

Hi Group,

I have my Pi3 (Jessie) connected to my network and keep getting this vulnerability warning. I turned off my apache2 web server and fixed my port 80 issue but have no idea how to fix the remaining port issues. I need to fix these vulnerabilities without removing my SSH access. Is this easily fixed by adjust permissions to files or do I need to do something else? I don't know if they are related but just had to make that clear.
PORT STATE SERVICE

22/tcp open ssh

8080/tcp open http-proxy

| http-passwd: Directory traversal found.

| Payload: "/../../../../../../../etc/passwd"

| Printing first 250 bytes:

8443/tcp open https-alt

| http-passwd: Directory traversal found.

| Payload: "/../../../../../../../etc/passwd"

| Printing first 250 bytes:

Return to “Networking and servers”