VULHUB ™

A buffer overflow vulnerability exists in the htpasswd utility included with Apache. The vulnerability is due to improper bounds checking when copying user-supplied 'password' data into local buffers. Since the program is not setuid, this vulnerability does not have a local impact. However, this may be an issue if the software is called from a CGI script. An attacker may be able to supply malformed data to the program which will cause the overflow to occur.

A buffer overflow vulnerability exists in the htpasswd utility included with Apache. The vulnerability is due to improper bounds checking when copying user-supplied 'password' data into local buffers. Since the program is not setuid, this vulnerability does not have a local impact. However, this may be an issue if the software is called from a CGI script. An attacker may be able to supply malformed data to the program which will cause the overflow to occur.