The default installation of Caldera OpenLinux 2.3 includes the CGI program rpm_query, which allows remote attackers to determine what packages are installed on the system.
http://www.securityfocus.com/bid/1036
http://archives.neohapsis.com/archives/bugtraq/2000-03/0029.html