GEN:SID 1:1520
Message WEB-MISC server-info access
Summary Access to the "/server-info" url was detected.  Using the Apache webserver,
this url is generally handled by the mod_info module, which will happily
disclose valuable information about your webserver which may aid in their
attack.
Impact If mod_info is in use and the attacking host is allowed to access it, they
will be able to see every possible configuration option that your Apache
server is using.  This includes ACLs, modules, file and directory names, and
other valuable information that will help an attacker determine ways of
attacking your server.
Detailed Information The mod_info module "provides a comprehensive overview of the server
configuration including all installed modules and directives in the
configuration files" for the Apache webserver.  Successfully accessing the url
that is handle by mod_info may give an attacker valuable information about
your server.
Affected Systems  
Attack Scenarios As part of an attack against your Apache webserver, an attacker may try to
access "/server-info" which is typically handled by the mod_info module.  If
cuessful, this will give them valuable information about your webserver,
including all modules, versions, file names and directories, usernames, and
ACLs.  This will help them determine what ways to attack your Apache server,
or ways to attack the machine itself.
Ease of Attack Trivial.  All that is needed is the ability to access this host + url:

`lynx http://victim/server-info`
Corrective Action Determine if server-info exists on the victim in question, and if the attacker
is allowed to access it.  If so, evaluate what information the attacker would
have gained.  If mod_info is necessary on this server, consider restricting
access to it via Apache directives, i.e.:


<Location /server-info>
    SetHandler server-info
    Order deny,allow
    Deny from all
    Allow from .yourdomain.net
</Location>

Additional References  
Rule References url: httpd.apache.org/docs/mod/mod_info.html