Vulnerabilities > CVE-2000-1016 - Unspecified vulnerability in Suse Linux 6.3/6.4
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
The default configuration of Apache (httpd.conf) on SuSE 6.4 includes an alias for the /usr/doc directory, which allows remote attackers to read package documentation and obtain system configuration information via an HTTP request for the /doc/packages URL.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 2 |
Exploit-Db
| description | S.u.S.E. Linux 6.3/6.4 Installed Package Disclosure Vulnerability. CVE-2000-1016. Remote exploit for linux platform |
| id | EDB-ID:20236 |
| last seen | 2016-02-02 |
| modified | 2000-09-21 |
| published | 2000-09-21 |
| reporter | t0maszek |
| source | https://www.exploit-db.com/download/20236/ |
| title | S.u.S.E. Linux 6.3/6.4 Installed Package Disclosure Vulnerability |
Nessus
| NASL family | CGI abuses |
| NASL id | DOC_PACKAGE_BROWSEABLE.NASL |
| description | The /doc/packages directory is browsable. This directory contains the versions of the packages installed on this host. A remote attacker can use this information to mount further attacks. This plugin has been deprecated. Webmirror3 (plugin ID 10662) will identify a browsable directory. |
| last seen | 2018-06-14 |
| modified | 2018-06-13 |
| plugin id | 10518 |
| published | 2000-09-25 |
| reporter | Tenable |
| source | https://www.tenable.com/plugins/index.php?view=single&id=10518 |
| title | /doc/packages Directory Browsable (deprecated) |