[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#307134: CAN-2005-1344 htdigest buffer overflow

Package: apache2
Severity: normal
Tags: security

I've verified that the htdigest from apache2 has the buffer overflow
described at http://www.lucaercoli.it/advs/htdigest.txt

I dont know of any exploit vectors, as noted it doiesn't work unless
something passes user-supplied parameters to htdigest or its made suid.

-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.4.27-2-686-smp
Locale: LANG=, LC_CTYPE= (charmap=ANSI_X3.4-1968)

see shy jo

Reply to: