The Debian GNU/Linux 2.1 apache package by default allows anyone to view /usr/doc via the web, remotely. This is because srm.conf is preconfigured with the line:
Alias /doc/ /usr/doc/
Boa is also preconfigured this way.
This will provide you with all of the information in /usr/doc, which could be used to find vulnerable software on the remote machine.
Apache HTTP Server on Debian /usr/doc Directory Information Disclosure
Remote / Network Access
Loss of Confidentiality
Currently, there are no known upgrades or patches to correct this vulnerability. It is possible to temporarily work around the flaw by implementing the following workaround (credit ISS): Remove the line from the srm.conf configuration file that serves the /usr/doc directory. The line should resemble the following: Alias /doc/ /usr/doc/.