Author: JT Smith
Posted at LWN.net: “ht://Dig is a powerfull indexing and information gathering tool for the
web. ht://Dig’s search engine htsearch could be run by a http server
as CGI program or standalone as commandline tool.
Due to insufficient checking of the running environment it is possible
to use commandline options via CGI. An remote attacker could use the -c
option to specify /dev/zero as an alternate config file to causes a
denial of service for some minutes.
To read files with the privilege of the http server by abusing the -c
option an attacker needs write access to the server running htsearch.”
web. ht://Dig’s search engine htsearch could be run by a http server
as CGI program or standalone as commandline tool.
Due to insufficient checking of the running environment it is possible
to use commandline options via CGI. An remote attacker could use the -c
option to specify /dev/zero as an alternate config file to causes a
denial of service for some minutes.
To read files with the privilege of the http server by abusing the -c
option an attacker needs write access to the server running htsearch.”
Category:
- Linux
