Debian Doc Bug
--------------

CVE Number: 
CVE-1999-0678

Details:
The doc directory was found on the system. On Debian systems, this can
reveal not only what packages are loaded on the system but in some cases
version numbers as well. This information could be used by an attacker to help
plan an attack against the web server.

Fix:
Edit the srm.conf file and remove "Alias /doc/ /usr/doc/", and then stop and
restart the web server.

Related URLs:
None

$Id: debian-doc,v 1.1 2000/11/21 15:40:12 loveless Exp $
