400397 : Dangerous HTTP Method PUT Allowed

Risk 4 : Web Services
Web Servers contains a flaw that may allow a remote attacker to upload arbitrary files. The issue is triggered when the HTTP method 'PUT' is allowed. It is possible that the flaw may allow a remote attacker to upload arbitrary files resulting in a loss of integrity.
Solution:
Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround: Disable the PUT method if it is not essential for your site.
References:
CVSS Information:
Low Attack Complexity, Partial Confidentiality Impact, Partial Integrity Impact, Partial Availability Impact
Credit:
Nikto / OSVDB : 2010-03-18
New Search
Keywords
Risk Factor
Start Date
End Date
Browse