Unrated severityNVD Advisory· Published Jan 17, 1999· Updated Jun 16, 2026
CVE-1999-0678
CVE-1999-0678
Description
A default configuration of Apache on Debian GNU/Linux sets the ServerRoot to /usr/doc, which allows remote users to read documentation files for the entire server.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
19- cpe:2.3:a:apache:http_server:-:*:*:*:*:*:*:*
- osv-coords16 versionspkg:apk/chainguard/apache2pkg:apk/chainguard/apache2-compatpkg:apk/chainguard/apache2-configpkg:apk/chainguard/apache2-config-compatpkg:apk/chainguard/apache2-datapkg:apk/chainguard/apache2-devpkg:apk/chainguard/apache2-docpkg:apk/chainguard/apache2-utilspkg:apk/wolfi/apache2pkg:apk/wolfi/apache2-compatpkg:apk/wolfi/apache2-configpkg:apk/wolfi/apache2-config-compatpkg:apk/wolfi/apache2-datapkg:apk/wolfi/apache2-devpkg:apk/wolfi/apache2-docpkg:apk/wolfi/apache2-utils
< 2.4.66-r0+ 15 more
- (no CPE)range: < 2.4.66-r0
- (no CPE)range: < 2.4.66-r0
- (no CPE)range: < 2.4.66-r0
- (no CPE)range: < 2.4.66-r0
- (no CPE)range: < 2.4.66-r0
- (no CPE)range: < 2.4.66-r0
- (no CPE)range: < 2.4.66-r0
- (no CPE)range: < 2.4.66-r0
- (no CPE)range: < 2.4.66-r0
- (no CPE)range: < 2.4.66-r0
- (no CPE)range: < 2.4.66-r0
- (no CPE)range: < 2.4.66-r0
- (no CPE)range: < 2.4.66-r0
- (no CPE)range: < 2.4.66-r0
- (no CPE)range: < 2.4.66-r0
- (no CPE)range: < 2.4.66-r0
Patches
Vulnerability mechanics
References
1- www.securityfocus.com/bid/318nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.