Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1078

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2006-1078
Last Modified 05 Sep 2008 05:00:58
Published 08 Mar 2006 07:02:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2006-1078

Summary

Multiple buffer overflows in htpasswd, as used in Acme thttpd 2.25b, and possibly other products such as Apache, might allow local users to gain privileges via (1) a long command line argument and (2) a long line in a file. NOTE: since htpasswd is normally installed as a non-setuid program, and the exploit is through command line options, perhaps this issue should not be included in CVE. However, if there are some typical or recommended configurations that use htpasswd with sudo privileges, or common products that access htpasswd remotely, then perhaps it should be included.

Vulnerable Systems

Application

  • Acme Labs Thttpd 2.25b


References

BID - 16972

BUGTRAQ - 20060305 htpasswd bufferoverflow and command execution in thttpd-2.25b.

MLIST - [thttpd] 20060305 Re: htpasswd.c security issues

MLIST - [thttpd] 20060305 htpasswd.c security issues

XF - apache-htpasswd-strcpy-bo(31236)

XF - thttpd-command-file-bo(25216)

FULLDISC - 20041029 Apache 1.3.33 local buffer overflow in apache 1.3.31 not fixed in .33?

BUGTRAQ - 20041029 Re: local buffer overflow in htpasswd for apache 1.3.31 not fixed in .33?

FULLDISC - 20070102 Apache 1.3.37 htpasswd buffer overflow vulnerability

MISC - http://issues.apache.org/bugzilla/show_bug.cgi?id=41279

MISC - http://issues.apache.org/bugzilla/show_bug.cgi?id=31975

FULLDISC - 20040916 FlowSecurity.org: Local Stack Overflow on htpasswd apache 1.3.31 advsory.


Last Updated: 27 May 2016 10:41:54