Apache version up to 1.3.33 htpasswd local overflow

Description
  • <div class="bb-coolbox"><span class="bb-dark">This alert was generated using only banner information. It may be a false positive. </span></div><br/>A buffer overflow vulnerability exists in the htpasswd utility included with Apache. The vulnerability is due to improper bounds checking when copying user-supplied 'user' data into local buffers. <br/><br/><span class="bb-navy">Affected Apache versions (up to 1.3.33).</span><br/>
Remediation
  • Make sure htpasswd does not run setuid and is not accessible through any CGI scripts.
References
Severity
Classification
Tags