Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-1016


Vulnerability Score 5.0 5.0
CVE Id CVE-2000-1016
Last Modified 05 Sep 2008 04:22:26
Published 11 Dec 2000 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



The default configuration of Apache (httpd.conf) on SuSE 6.4 includes an alias for the /usr/doc directory, which allows remote attackers to read package documentation and obtain system configuration information via an HTTP request for the /doc/packages URL.

Vulnerable Systems

Operating System

  • Suse Linux 6.3

  • Suse Linux 6.4


XF - suse-installed-packages-exposed

BID - 1707

BUGTRAQ - 20000921 httpd.conf in Suse 6.4

Last Updated: 27 May 2016 10:35:58