The default configuration of Apache (httpd.conf) on SuSE 6.4 includes an alias for the /usr/doc directory, which allows remote malicious users to read package documentation and obtain system configuration information via an HTTP request for the /doc/packages URL.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
suse suse linux 6.3 |
||
suse suse linux 6.4 |