Apache utility vulnerability

Date May 27, 2005

Ubuntu Security Notice USN-133-1 May 26, 2005
apache vulnerability

http://xforce.iss.net/xforce/xfdb/17413

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The following packages are affected:

apache-utils

The problem can be corrected by upgrading the affected package to
version 1.3.31-6ubuntu0.7. In general, a standard system upgrade is
sufficient to effect the necessary changes.

Details follow:

A buffer overflow was discovered in the “htpasswd” utility. This could
be exploited to execute arbitrary code with the privileges of the user
invoking htpasswd. This is only a security vulnerability if you have a
website that offers a public interface to htpasswd without checking
the input beforehand; however, this is very unusual.

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>