Apache UserDir Vulnerability: Username Enumeration via Error Codes
CVE-2001-1013 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
Apache on Red Hat Linux with with the UserDir directive enabled generates different error codes when a username exists and there is no public_html directory and when the username does not exist, which could allow remote attackers to determine valid usernames on the server.
Learn more about our Cis Benchmark Audit For Distribution Independent Linux.