• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Multiple Apache HTDigest Buffer Overflow Vulnerabilities

Buffer overflow vulnerabilities have been reported to exist in the htdigest utility included with Apache. The vulnerability is due to improper bounds checking when copying user-supplied data into local buffers.

This may be an issue if htdigest is called from a CGI script. An attacker may be able to supply malformed data to the program which will cause the overflow to occur.