Author: JT Smith
Posted on Net-security.org: “A problem was discovered in the ht://Dig web indexing and
searching
program. Nergal reported a vulnerability in htsearch that
allows a
remote user to pass the -c parameter, to use a specific
config file,
to the htsearch program when running as a CGI. A malicious
user could
point to a file like /dev/zero and force the CGI to stall
until it
times out. Repeated attacks could result in a DoS. As
well, if the
user has write permission on the server and can create a
file with
certain entries, they can point the server to it and
retrieve any file
readable by the webserver UID.”
searching
program. Nergal reported a vulnerability in htsearch that
allows a
remote user to pass the -c parameter, to use a specific
config file,
to the htsearch program when running as a CGI. A malicious
user could
point to a file like /dev/zero and force the CGI to stall
until it
times out. Repeated attacks could result in a DoS. As
well, if the
user has write permission on the server and can create a
file with
certain entries, they can point the server to it and
retrieve any file
readable by the webserver UID.”
Category:
- Linux
