CVE-1999-0678

Apache - Info Disclosure

Title source: llm

Description

A default configuration of Apache on Debian GNU/Linux sets the ServerRoot to /usr/doc, which allows remote users to read documentation files for the entire server.

Exploits (2)

exploitdb WRITEUP VERIFIED

by anonymous · textremotelinux

https://www.exploit-db.com/exploits/19253

View Code ZIP pw:eip

nomisec WRITEUP

by lto7777777 · poc

https://github.com/lto7777777/CVE-1999-0678

View Code ZIP pw:eip

References (1)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/318

Scores

EPSS 0.2045

EPSS Percentile 95.6%

Details

Status published

Products (1)

apache/http_server

Published Jan 17, 1999

Tracked Since Feb 18, 2026