CVE-1999-0678

CVSS 2.0 Score 5 of 10 (medium)

Details

Published Jan 17, 1999
Updated: Nov 20, 2024

Summary

CVE-1999-0678 is a vulnerability affecting the default configuration of Apache web servers running on Debian GNU/Linux. The ServerRoot setting is incorrectly set to /usr/doc, permitting remote users to access documentation files for the entire server. This issue can potentially lead to unauthorized information disclosure. It is recommended that system administrators change the ServerRoot to a more secure location to mitigate this risk. This configuration error has been present since the early releases of Debian and could impact a large number of systems if left unaddressed.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Apache Software Foundation Apache HTTP Server

Affected Vendors

  • Apache Software Foundation