VULHUB ™

A vulnerability has been discovered in the Mod_Survey Apache module. The problem occurs due to a design error when handling nonexistent survey names. Specifically, before verifying the existence of a remotely requested survey the SYSBASE variable is initialized, resulting in the creation of a directory. This could be exploited to consume the available inodes or hard drive space on a target systems hard disk.

A vulnerability has been discovered in the Mod_Survey Apache module. The problem occurs due to a design error when handling nonexistent survey names. Specifically, before verifying the existence of a remotely requested survey the SYSBASE variable is initialized, resulting in the creation of a directory. This could be exploited to consume the available inodes or hard drive space on a target systems hard disk.