SkipNavigation
Home | FAQ | Contact | Privacy Policy
US-CERT
American Flag
  Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information


 
 View Notes By
  Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric
 Other Documents
  Technical Alerts

Technical Bulletins

Alerts

Security Tips
 

Vulnerability Note VU#898480

MandrakeSoft Mandrake Linux Apache default configuration sample programs disclose server information

Overview

The default installation of Apache on MandrakeSoft Mandrake Linux includes sample programs which may unnecessarily disclose information about the server.

I. Description

MandrakeSoft produces a Linux distribution called Mandrake Linux that includes the Apache web server. The default installation of Apache on Mandrake Linux includes a number of sample programs. When accessed via an HTTP request, these programs display configuration settings such as environment variables, path names, and internal addresses.

II. Impact

Apache running on a Mandrake Linux system may disclose configuration information via an HTTP request for a sample program.

III. Solution

Install Updated Package

Install an updated Apache package when available.
Remove Vulnerable Programs
Remove the sample programs or block access to them using UNIX file permissions.

Systems Affected

VendorStatusDate Updated
MandrakeSoftVulnerable5-Dec-2001

References


http://www.procheckup.com/vuln.html

Credit

The CERT Coordination Center thanks ProCheckup Ltd for reporting this vulnerability.

This document was written by Art Manion

Other Information

Date Public11/20/2001
Date First Published11/20/2001 04:13:48 PM
Date Last Updated12/06/2002
CERT Advisory 
CVE Name 
US-CERT Technical Alerts 
Metric3.15
Document Revision15

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

 
Page Corner Image
Copyright 2001 Carnegie Mellon University
Disclaimers and copyright information
Get Adobe Reader Get Adobe Reader