Apache includes two sample Common Gateway Interface (CGI) scripts,
test-cgi. A production Web server must contain only components that are operationally necessary. These components have the potential to disclose critical information about the system to an attacker.
As a security best practice, delete the CGI scripts from the cgi-bin directory.
prinenvscripts, run the rm /usr/share/doc/packages/apache2/test-cgi and rm /usr/share/doc/packages/apache2/printenv commands.