====== Path Truncation Attack ======

Examing directory listing by removing the filename portion of the URL.

===== Exploited Vulnerability =====

[[security:risk:default_server_configuration|Security sensitive default server configurations]].

===== Remedy ====

Disable directory listings in the web server configuration and make sure each directory has an index file located in it.

===== Additional Information =====

  * See [[security:web_application_security|web application security]] and [[catalog|security attacks catalog]].