Live from the PaulDotCom Security Weekly Studio....
Email: psw@pauldotcom.com(Bandwidth provided by OSHEAN)
- Want to register for any SANS conference? Please visit http://www.pauldotcom.com/sans/ for our referral program.
- Sponsored by Core Security, listen for the discount code at the end of the show
- Sponsored by Syngress, be the first to post the answer to the question at the end of the show and win a free book!
- Please go update our frapper map!
- Want some cool PaulDotCom Gear? Do you hack naked? Check out our Cafepress Store!
- Full Show Notes
Email: psw@pauldotcom.com
Audio Feeds: 
Well, here are some plugins that could give you interesting info, I dunno which ones you want exactly:
Nessus Plugin 24004 -> It enumerates WebDAV-enabled directories.
Nessus Plugin 10704 -> Apache Directory Listing
Nessus Plugin 10526 -> IIS : Directory listing through WebDAV
Nessus Plugin 10505 -> Directory listing through WebDAV
Nessus Plugin 10121 -> /scripts directory browsable
Here are a few of the Nessus plugins that allow directory traversal.
Nessus Plugin ID 11032
Description:
This plugin attempts to determine the presence of various
common dirs on the remote web server
--------------------------
Nessus Plugin ID 14229
Description:
The remote web server is vulnerable to a path traversal vulnerability.
An attacker may exploit this flaw to read arbitrary files on the remote
system with the privileges of the http process.
------------------------------
Nessus Plugin ID 10526
Description:
It is possible to retrieve the listing of the remote
directories accessible via HTTP, rather than their index.html,
using the Index Server service which provides WebDav capabilities
to this server.
This problem allows an attacker to gain more knowledge
about the remote host, and may make him aware of hidden
HTML files.