The /doc directory is browsable. /doc shows the content of the /usr/doc directory and therefore it shows which programs and - important! - the version of the installed programs.
Use access restrictions for the /doc directory. If you use Apache you might use this in your access.conf: <Directory /usr/doc> AllowOverride None order deny,allow deny from all allow from localhost </Directory>
- Apache ActiveMQ 'Cron Jobs' Cross Site Scripting Vulnerability
- Apache Tomcat HTTP BIO Connector Information Disclosure Vulnerability
- AdaptCMS Lite Cross Site Scripting and Remote File Include Vulnerabilities
- Apache Commons Daemon 'jsvc' Information Disclosure Vulnerability
- AfterLogic WebMail Pro Multiple Cross Site Scripting Vulnerabilities