13 lines
No EOL
449 B
Text
13 lines
No EOL
449 B
Text
source: http://www.securityfocus.com/bid/318/info
|
|
|
|
|
|
The Debian GNU/Linux 2.1 apache package by default allows anyone to view /usr/doc via the web, remotely. This is because srm.conf is preconfigured with the line:
|
|
|
|
Alias /doc/ /usr/doc/
|
|
|
|
Boa is also preconfigured this way.
|
|
|
|
|
|
lynx http://some.host/doc
|
|
|
|
This will provide you with all of the information in /usr/doc, which could be used to find vulnerable software on the remote machine. |