Apache HTDigest Insecure Temporary File Vulnerability

Apache HTDigest Insecure Temporary File Vulnerability

Apache creates temporary files insecurely for htdigest. As a result, it is possible for local attackers to read or corrupt the Apache password file. If the attacker can write custom-data to the password file, it may be possible to gain unauthorized access to resources protected by htpasswd. Alternatively, an attacker could reportedly read the password file and gain unauthorized access to credentials.