Detections
Analytics
Movable Type mt.cfg Information Disclosure
medium Nessus Plugin ID 16170
Language:
Synopsis
A web application running on the remote host is disclosing sensitive information.Description
The remote host is running Movable Type. The file 'mt.cfg' is publicly accessible, and contains information that should not be exposed.Solution
Configure your web server not to serve .cfg files.Plugin Details
Severity: Medium
ID: 16170
File Name: movabletype_cfg.nasl
Version: 1.16
Type: remote
Family: CGI abuses
Published: 1/14/2005
Updated: 6/5/2024
Configuration: Enable paranoid mode, Enable thorough checks
Supported Sensors: Nessus
Enable CGI Scanning: true
Vulnerability Information
CPE: cpe:/a:sixapart:movable_type
Required KB Items: Settings/ParanoidReport, www/movabletype
Excluded KB Items: Settings/disable_cgi_scanning
Exploited by Nessus: true