Path Truncation Attack

Examing directory listing by removing the filename portion of the URL.

Security sensitive default server configurations.

Disable directory listings in the web server configuration and make sure each directory has an index file located in it.

• See web application security and security attacks catalog.