Apache Default Configuration Vulnerability

CVE-2000-1016 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The default configuration of Apache (httpd.conf) on SuSE 6.4 includes an alias for the /usr/doc directory, which allows remote attackers to read package documentation and obtain system configuration information via an HTTP request for the /doc/packages URL.

Learn more about our Cis Benchmark Audit For Apache Http Server.