Summary
Requesting the URI /server-info gives information about your Apache configuration.
Solution
If you don't use this feature, comment the appropriate section in your httpd.conf file. If you really need it, limit its access to the administrator's machine.
Severity
Classification
-
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Apache Tomcat AJP Request Remote Denial Of Service Vulnerability
- Adobe Products Unspecified Cross-Site Scripting Vulnerability June-2011 (Windows)
- Apple Safari 'setInterval()' Address Bar Spoofing Vulnerability (Win)
- Apache Tomcat Multiple Vulnerabilities - 02 Mar14
- Asterisk Missing ACL Check Remote Security Bypass Vulnerability