漏洞信息详情
ht://Dig远程拒绝服务/文件泄露漏洞
- CNNVD编号:CNNVD-200112-062
- 危害等级: 中危
![图片[1]-ht://Dig远程拒绝服务/文件泄露漏洞-一一网](https://www.proyy.com/skycj/data/images/2021-05-11/30f462579bec41fc25e0b1d57503e6d6.png)
- CVE编号:
CVE-2001-0834
- 漏洞类型:
输入验证
- 发布时间:
2001-12-06
- 威胁类型:
远程
- 更新时间:
2005-09-14
- 厂 商:
suse - 漏洞来源:
This vulnerability… -
漏洞简介
htdig (ht://Dig) 3.1.5及其更早版本的htsearch CGI程序存在漏洞。远程攻击者可以使用-c选项规格化替换配置文件,该漏洞可以(1)通过规格化超大文件如/dev/zero拒绝服务(CPU消耗),或(2)通过上传规格化目标文件的替换配置文件读取任意文件。
漏洞公告
It is recommended by Hewlett-Packard Company that customers download the RPMs listed in the following Red Hat Security Advisory:
2002-03-12 RHSA-2001:139 Updated htdig packages are available
http://rhn.redhat.com/errata/RHSA-2001-139.html
Upgrades available.
ht://Dig Group ht://Dig 3.1.5 -7
-
Caldera 3.1 Server htdig-3.1.5-8.i386.rpm
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/RPMS
ht://Dig Group ht://Dig 3.1.5
-
Conectiva 5.0 htdig-3.1.5-2U50_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/htdig-3.1.5-2U50_1cl.i386
.rpm -
Conectiva 5.1 htdig-3.1.5-2U51_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/htdig-3.1.5-2U51_1cl.i386
.rpm -
Conectiva 6.0 htdig-3.1.5-5U60_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/htdig-3.1.5-5U60_1cl.i386
.rpm -
Conectiva 7.0 htdig-3.1.5-10U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/htdig-3.1.5-10U70_1cl.i38
6.rpm -
Debian 2.2 all htdig-doc_3.1.5-2.0potato.1_all.deb
http://security.debian.org/dists/stable/updates/main/binary-all/htdig-
doc_3.1.5-2.0potato.1_all.deb -
Debian 2.2 alpha htdig_3.1.5-2.0potato.1_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/ -
Debian 2.2 arm htdig_3.1.5-2.0potato.1_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/htdig_
3.1.5-2.0potato.1_arm.deb -
Debian 2.2 i386 htdig_3.1.5-2.0potato.1_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/htdig
_3.1.5-2.0potato.1_i386.deb -
Debian 2.2 m68k htdig_3.1.5-2.0potato.1_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/htdig
_3.1.5-2.0potato.1_m68k.deb -
Debian 2.2 ppc htdig_3.1.5-2.0potato.1_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/ht
dig_3.1.5-2.0potato.1_powerpc.deb -
Debian 2.2 sparc htdig_3.1.5-2.0potato.1_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/ -
ht://Dig Group ht://Dig 3.16
http://www.htdig.org/files/snapshots/ -
MandrakeSoft 7.2 htdig-3.1.5-6.1mdk.i586.rpm
http://www.linux-mandrake.com/en/ftp.php3 -
MandrakeSoft 8.0 htdig-3.1.5-9.1mdk.i586.rpm
http://www.linux-mandrake.com/en/ftp.php3 -
MandrakeSoft 8.0 ppc htdig-3.1.5-9.1mdk.ppc.rpm
http://www.linux-mandrake.com/en/ftp.php3 -
SuSE 6.3 alpha htdig-3.1.5-177.alpha.rpm
ftp://ftp.suse.com/pub/suse/axp/update/6.3/n2/htdig-3.1.5-177.alpha.rp
m -
SuSE 6.3 i386 htdig-3.1.5-304.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/6.3/n2/htdig-3.1.5-304.i386.rp
m -
SuSE 6.4 alpha htdig-3.1.5-177.alpha.rpm
ftp://ftp.suse.com/pub/suse/axp/update/6.4/n2/htdig-3.1.5-177.alpha.rp
m -
SuSE 6.4 i386 htdig-3.1.5-304.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/6.4/n2/htdig-3.1.5-304.i386.rp
m -
SuSE 6.4 ppc htdig-3.1.5-208.ppc.rpm
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/n2/htdig-3.1.5-208.ppc.rpm -
SuSE 7.0 alpha htdig-3.1.5-177.alpha.rpm
ftp://ftp.suse.com/pub/suse/axp/update/7.0/n2/htdig-3.1.5-177.alpha.rp
m -
SuSE 7.0 i386 htdig-3.1.5-304.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/7.0/n2/htdig-3.1.5-304.i386.rp
m -
SuSE 7.0 ppc htdig-3.1.5-208.ppc.rpm
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/n2/htdig-3.1.5-208.ppc.rpm -
SuSE 7.0 sparc htdig-3.1.5-212.sparc.rpm
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/n2/htdig-3.1.5-212.sparc.
rpm -
SuSE 7.1 alpha htdig-3.1.5-177.alpha.rpm
ftp://ftp.suse.com/pub/suse/axp/update/7.1/n1/htdig-3.1.5-177.alpha.rp
m -
SuSE 7.1 i386 htdig-3.1.5-304.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/7.1/n1/htdig-3.1.5-304.i386.rp
m -
SuSE 7.1 ppc htdig-3.1.5-209.ppc.rpm
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/n1/htdig-3.1.5-209.ppc.rpm -
SuSE 7.1 sparc htdig-3.1.5-212.sparc.rpm
ftp://ftp.suse.com/pub/suse/sparc/update/7.1/n1/htdig-3.1.5-212.sparc.
rpm -
SuSE 7.2 i386 htdig-3.1.5-304.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/7.2/n1/htdig-3.1.5-304.i386.rp
m -
SuSE 7.3 i386 htdig-3.1.5-304.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/7.3/n1/htdig-3.1.5-304.i386.rp
m
ht://Dig Group ht://Dig 3.2 0b3
-
ht://Dig Group ht://Dig 3.2.0b4
http://www.htdig.org/files/snapshots/ -
RedHat htdig-3.2.0-1.b4.0.71.alpha.rpmRed Hat 7.1 Alpha.
ftp://updates.redhat.com/7.1/en/os/alpha/htdig-3.2.0-1.b4.0.71.alpha.r
pm -
RedHat htdig-3.2.0-1.b4.0.71.i386.rpmRed Hat 7.1 i386.
ftp://updates.redhat.com/7.1/en/os/i386/htdig-
参考网址
来源: DEBIAN
名称: DSA-080
链接:http://www.debian.org/security/2001/dsa-080
来源: BUGTRAQ
名称: 20011007 Re: Bug found in ht://Dig htsearch CGI
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=100260195401753&w=2
来源: CONECTIVA
名称: CLA-2001:429
链接:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000429
来源: sourceforge.net
链接:http://sourceforge.net/tracker/index.php?func=detail&aid=458013&group_id=4593&atid=104593
来源: sourceforge.net
链接:http://sourceforge.net/tracker/index.php?func=detail&aid=458013&group_id=4593&atid=104593
来源: XF
名称: htdig-htsearch-retrieve-files(7263)
链接:http://xforce.iss.net/static/7263.php
来源: XF
名称: htdig-htsearch-infinite-loop(7262)
链接:http://xforce.iss.net/static/7262.php
来源: BID
名称: 3410
链接:http://www.securityfocus.com/bid/3410
来源: REDHAT
名称: RHSA-2001:139
链接:http://www.redhat.com/support/errata/RHSA-2001-139.html
来源: SUSE
名称: SuSE-SA:2001:035
链接:http://www.novell.com/linux/security/advisories/2001_035_htdig_txt.html
来源: MANDRAKE
名称: MDKSA-2001:083
链接:http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-083.php3
来源: CALDERA
名称: CSSA-2001-035.0
链接:http://www.calderasystems.com/support/security/advisories/CSSA-2001-035.0.txt
![[桜井宁宁]COS和泉纱雾超可爱写真福利集-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/4d3cf227a85d7e79f5d6b4efb6bde3e8.jpg)
![[桜井宁宁] 爆乳奶牛少女cos写真-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/d40483e126fcf567894e89c65eaca655.jpg)
