Lucene search
HistoryJan 22, 2001 - 5:00 a.m.
CVE-2000-1016
suse 6.4
apache
default configuration
http request
cve-2000-1016
6.5 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.019 Low
EPSS
Percentile
88.6%
The default configuration of Apache (httpd.conf) on SuSE 6.4 includes an alias for the /usr/doc directory, which allows remote attackers to read package documentation and obtain system configuration information via an HTTP request for the /doc/packages URL.
Affected configurations
Node
susesuse_linuxMatch6.3
ORsusesuse_linuxMatch6.4
| CPE | Name | Operator | Version |
|---|---|---|---|
| suse:suse_linux | suse suse linux | eq | 6.3 |
| suse:suse_linux | suse suse linux | eq | 6.4 |
Related
nessus
nessus
/doc/packages Directory Browsable (deprecated)
2000-09-25 00:00:00
nvd
nvd
CVE-2000-1016
2000-12-11 05:00:00
cvelist
cvelist
CVE-2000-1016
2001-01-22 05:00:00
6.5 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.019 Low
EPSS
Percentile
88.6%
Related for CVE-2000-1016