header-logo
Suggest Exploit
vendor:
Debian GNU/Linux 2.1
by:
SecurityFocus
4.3
CVSS
MEDIUM
Directory Traversal
22
CWE
Product Name: Debian GNU/Linux 2.1
Affected Version From: Debian GNU/Linux 2.1
Affected Version To: Debian GNU/Linux 2.1
Patch Exists: NO
Related CWE: N/A
CPE: o:debian:debian_linux:2.1
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Linux
2002

Debian GNU/Linux 2.1 Apache Package Vulnerability

The Debian GNU/Linux 2.1 apache package by default allows anyone to view /usr/doc via the web, remotely. This is because srm.conf is preconfigured with the line: Alias /doc/ /usr/doc/. Boa is also preconfigured this way. An attacker can use the command lynx http://some.host/doc to view all of the information in /usr/doc, which could be used to find vulnerable software on the remote machine.

Mitigation:

Disable the Alias directive in srm.conf or configure it to point to a directory that does not contain sensitive information.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/318/info


The Debian GNU/Linux 2.1 apache package by default allows anyone to view /usr/doc via the web, remotely. This is because srm.conf is preconfigured with the line:

Alias /doc/ /usr/doc/

Boa is also preconfigured this way. 


lynx http://some.host/doc

This will provide you with all of the information in /usr/doc, which could be used to find vulnerable software on the remote machine.

Navigation

Suggest Exploit

Services By CQR