The Apache "ExecCGI" setting for all "Options" directives for the OS root should be configured appropriately.
(1) ExecCGI / -ExecCGI/ +ExecCGI / None
(1) Apache configuration file: Options directive (in OS root Directory directive)
1.5.1 Restrict Options for the OS Root Directory (Level 1, Scorable)
Set the value for Options to None. Page 33
Rule Title: Web server options for the OS root must be disabled.
STIG ID: WA00545 W22 Rule ID: SV-33182r1_rule Vuln ID: V-26324
Severity: CAT II Class: Unclass
Rule Title: Web server options for the OS root must be disabled.
STIG ID: WA00545 A22 Rule ID: SV-33213r1_rule Vuln ID: V-26324
Severity: CAT II Class: Unclass
CIS
Security Configuration Benchmark For Apache Web Server 2.2
Version 3.1.0
June 11th, 2012
CIS
2008-06-11
Version 3.1.0
Prose (PDF)
DISA STIG
Apache SERVER 2.2 for Windows
Release: 1 Benchmark Date: 23 Nov 2011
DISA
2011-11-23
V1R1
Prose (PDF)
DISA STIG
Apache SERVER 2.2 for Unix
Release: 1 Benchmark Date: 23 Nov 2011
DISA
2011-11-23
V1R1
Prose (PDF)