CVE-2005-1344
Published: 2 May 2005
Buffer overflow in htdigest in Apache 2.0.52 may allow attackers to execute arbitrary code via a long realm argument. NOTE: since htdigest is normally only locally accessible and not setuid or setgid, there are few attack vectors which would lead to an escalation of privileges, unless htdigest is executed from a CGI program. Therefore this may not be a vulnerability.
Priority
Status
Package | Release | Status |
---|---|---|
apache Launchpad, Ubuntu, Debian |
dapper |
Not vulnerable
|
edgy |
Not vulnerable
|
|
feisty |
Not vulnerable
|
|
upstream |
Needs triage
|
|
apache2 Launchpad, Ubuntu, Debian |
dapper |
Released
(2.0.55-4ubuntu2.2)
|
edgy |
Released
(2.0.55-4ubuntu4.1)
|
|
feisty |
Released
(2.2.3-3.2ubuntu0.1)
|
|
upstream |
Needs triage
|