lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Thu, 26 May 2005 14:42:58 +0200
From: Martin Pitt <>
Subject: [USN-133-1] Apache utility vulnerability

Ubuntu Security Notice USN-133-1	       May 26, 2005
apache vulnerability

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The following packages are affected:


The problem can be corrected by upgrading the affected package to
version 1.3.31-6ubuntu0.7. In general, a standard system upgrade is
sufficient to effect the necessary changes.

Details follow:

A buffer overflow was discovered in the "htpasswd" utility. This could
be exploited to execute arbitrary code with the privileges of the user
invoking htpasswd. This is only a security vulnerability if you have a
website that offers a public interface to htpasswd without checking
the input beforehand; however, this is very unusual.

  Source archives:
      Size/MD5:   370216 e4b146fdb5a84579cf72543dcba25278
      Size/MD5:     1102 695ade9c26134605755f605d8de5c829
      Size/MD5:   370555 e3b320d767ecddf64a4c439dcf69a20a
      Size/MD5:     1102 a686975f257bfdbf6cc5cb3b7eb33fc0
      Size/MD5:  3104170 ca475fbb40087eb157ec51334f260d1b

  Architecture independent packages:
      Size/MD5:   329680 ea1b574aba9bca4c3ac298b5bfd24fc8
      Size/MD5:  1186734 9a5f2ca0ed6a222a61fa646145ce2840

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)
      Size/MD5:   873476 ede05d37c8b5ac6566aa31104493894a
      Size/MD5:  9131366 2b06dc22c63cbf20521bda43e715dd28
      Size/MD5:   520708 8f81def40bf552cb50a3f36123375880
      Size/MD5:   510738 1d033b2179669b4450af2e5ee1077c13
      Size/MD5:   271492 ea3f8ba1ede1456edbacfcc8233b7c37
      Size/MD5:   398240 b6973f41949ba3a9f6634887d02eb861
      Size/MD5:   491604 1f0450ce55f9fc7a2204790900cdd289

  i386 architecture (x86 compatible Intel/AMD)
      Size/MD5:   838554 613569f8f1f8e2142308cf3ee8d98484
      Size/MD5:  9080588 68a2c0dd50fa206c6934e9be3ef130fb
      Size/MD5:   494356 bc7952904183ca0c78dec618a5b7b10f
      Size/MD5:   484052 036bbeea1f293a9f76a03cb593628ddd
      Size/MD5:   265296 620c32f9fc129cfd6e28bd3fbb7abe95
      Size/MD5:   377510 b95d6936e5c65389f43ab5a9c7bc19b4
      Size/MD5:   484974 9447a769568c36df5a365c46f6de30c2

  powerpc architecture (Apple Macintosh G3/G4/G5)
      Size/MD5:   917590 308c593f853c66f850ee26ad033cbbf0
      Size/MD5:  9226022 7e832b879a9ff0660f6e68d5e08c37ba
      Size/MD5:   511372 35a07437c37d73b22e3901089942c238
      Size/MD5:   507178 b8bef2e3cb964a064c97cd834300d5c2
      Size/MD5:   278630 5c2b8515f4792bc6851e9dd5e9c55a05
      Size/MD5:   395680 b8eb63089f5e6f584ae952c12e6c0c0c
      Size/MD5:   488976 5d2e37fca4d74b40d0f57abd5190df67

Download attachment "signature.asc" of type "application/pgp-signature" (190 bytes)

Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia -

Powered by blists - more mailing lists