N/A

Buffer overflow in htdigest in Apache 2.0.52 may allow attackers to execute arbitrary code via a long realm argument. NOTE: since htdigest is normally only locally accessible and not setuid or setgid, there are few attack vectors which would lead to an escalation of privileges, unless htdigest is executed from a CGI program. Therefore this may not be a vulnerability.

N/A

N/A

Apache HTDigest域命令行参数溢出漏洞

Apache是一款流行的WEB服务程序，htdigest是其中捆绑的一个工具，用于为HTTP用户的摘要认证创建和更新用户名，域和口令。 htdigest程序对于参数的处理缺少充分的缓冲区边界检查，本地攻击者可能利用此漏洞在主机上执行任意指令。

N/A

N/A