| VID |
22146 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The /doc/packages directory in the Web server is browsable.
By submitting a specific URL to the web server ("http://hosts.any/doc/packages/"), any user from any host may obtain a list of packages installed on a S.u.S.E 6.3 or 6.4 system. This problem is due to a configuration in the Apache httpd.conf supplied with S.u.S.E that permits anyone to request documents from this webroot subdirectory. The end result is that attackers will know what packages the victim has installed, which can assist in executing more complicated attacks.
* Platforms Affected:
SuSE Linux 6.3, 6.4
* References:
http://online.securityfocus.com/bid/1707
http://www.iss.net/security_center/static/5276.php |
| Recommendation |
Restrict access to the /doc directory on the Web server by modifying the Apache configuration file.
To edit the Apache configuration file:
Open the Apache configuration file (/etc/httpd/httpd.conf) and find the following text (line 801):
<Directory /usr/doc>
Options FollowSymLinks Indexes +Includes
AllowOverride None
</Directory>
Replace that text with the following text:
<Directory /usr/doc>
order deny,allow
deny from all
allow from localhost
Options Indexes FollowSymLinks +Includes
AllowOverride None
</Directory> |
| Related URL |
CVE-2000-1016 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
