CVE-2005-1344
CVE-2005-1344
Buffer overflow in htdigest in Apache 2.0.52 may allow attackers to execute arbitrary code via a long realm argument. NOTE: since htdigest is normally only locally accessible and not setuid or setgid, there are few attack vectors which would lead to an escalation of privileges, unless htdigest is executed from a CGI program. Therefore this may not be a vulnerability.
Affected products
n/a · n/apublic PoCs found — 2
exploitdbwww.exploit-db.com/exploits/25624unverifiedexploitdbwww.exploit-db.com/exploits/25625unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.htmlhttp://lists.apple.com/archives/security-announce/2005//Aug/msg00001.htmlhttp://lists.apple.com/archives/security-announce/2005/May/msg00001.htmlhttp://www.lucaercoli.it/advs/htdigest.txthttp://www.osvdb.org/12848http://www.securiteam.com/unixfocus/5EP061FEKC.htmlhttp://www.securityfocus.com/bid/13537