source: http://www.securityfocus.com/bid/1707/info By submitting a specific url to the web server ("http://hosts.any/doc/packages/") , any user from any host may obtain a list of packages installed on a S.u.S.E 6.3 or 6.4 system. This problem is due to a configuration in the Apache httpd.conf supplied with S.u.S.E that permits anyone to request documents from this webroot subdirectory. The end result is that attackers will know what packages the victim has installed, which can assist in executing more complicated attacks. Request "http://target/doc/packages/" with a web browser.
Related ExploitsTrying to match CVEs (1): CVE-2000-1016
Trying to match OSVDBs (1): 417
Other Possible E-DB Search Terms: S.u.S.E. Linux 6.3/6.4, S.u.S.E. Linux 6.3, S.u.S.E. Linux