CVE-2002-1658

Buffer overflow in htdigest in Apache 1.3.26 and 1.3.27 may allow attackers to execute arbitrary code via a long user argument. NOTE: since htdigest is normally only locally accessible and not setuid or setgid, there are few attack vectors which would lead to an escalation of privileges, unless htdigest is executed from a CGI program. Therefore this may not be a vulnerability.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apache:http_server:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.9:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.11:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.12:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.14:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.17:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.18:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.19:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.20:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.22:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.23:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.24:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.25:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.26:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.27:*:*:*:*:*:*:*

History

No history.

Information

Published : 2002-12-31 05:00

Updated : 2024-02-04 16:31


NVD link : CVE-2002-1658

Mitre link : CVE-2002-1658

CVE.ORG link : CVE-2002-1658


JSON object : View

Products Affected

apache

  • http_server