Luca Ercoli discovered that the “htdigest” program did not perform any bounds checking when it copied the “user” and “realm” arguments into local buffers. If this program is used in remotely callable CGI scripts, this could be exploited by a remote attacker to execute arbitrary code with the privileges of the CGI script.
The problem can be corrected by updating your system to the following package versions:
6 May 2005
A security issue affects these releases of Ubuntu and its derivatives:
Luca Ercoli discovered that the “htdigest” program did not perform any bounds checking when it copied the “user” and “realm” arguments into local buffers. If this program is used in remotely callable CGI scripts, this could be exploited by a remote attacker to execute arbitrary code with the privileges of the CGI script.
The problem can be corrected by updating your system to the following package versions:
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
Vulmon