DEBIAN-CVE-2002-0654
Apache 2.0 through 2.0.39 on Windows, OS2, and Netware allows remote attackers to determine the full pathname of the server via 1 a request for a .var file, which leaks the pathname in the resulting error message, or 2 via an error message that occurs when a script child process cannot be invoked...