Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1079

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2006-1079
Last Modified 08 Nov 2012 12:00:00
Published 08 Mar 2006 07:02:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2006-1079

Summary

htpasswd, as used in Acme thttpd 2.25b and possibly other products such as Apache, might allow local users to gain privileges via shell metacharacters in a command line argument, which is used in a call to the system function. NOTE: since htpasswd is normally installed as a non-setuid program, and the exploit is through command line options, perhaps this issue should not be included in CVE. However, if there are some typical or recommended configurations that use htpasswd with sudo privileges, or common products that access htpasswd remotely, then perhaps it should be included.

Vulnerable Systems

Application

  • Acme Labs Thttpd 2.25b


References

BID - 16972

BUGTRAQ - 20060305 htpasswd bufferoverflow and command execution in thttpd-2.25b.

OSVDB - 23828

MLIST - [thttpd] 20060305 Re: htpasswd.c security issues

MLIST - [thttpd] 20060305 htpasswd.c security issues

XF - thttpd-command-line-bo(25217)


Last Updated: 27 May 2016 10:41:54