ISS X-Force Database: htdig-htsearch-infinite-loop(7262): ht://dig htsearch.cgi allows a remote attacker to cause infinite loop on system

ht://dig htsearch.cgi allows a remote attacker to cause infinite loop on system

htdig-htsearch-infinite-loop (7262)

Low Risk

Description:

The ht://dig program is vulnerable to a denial of service attack, caused by a vulnerability in the htsearch CGI. A remote attacker can pass a -c parameter to ht://dig and specify a file such as /dev/zero to cause the system to enter an infinite loop.

Consequences:

Denial of Service

Remedy:

For Caldera OpenLinux Workstation and Server 3.1:
Upgrade to the latest version of htdig (3.1.5-8 or later), as listed in Caldera International, Inc. Security Advisory CSSA-2001-035.0. See References.

For Conectiva Linux 5.0:
Upgrade to the latest version of htdig (3.1.5-2U50_1cl or later), as listed in Conectiva Linux Security Announcement CLA-2001:429. See References.

For Conectiva Linux 5.1:
Upgrade to the latest version of htdig (3.1.5-2U51_1cl or later), as listed in Conectiva Linux Security Announcement CLA-2001:429. See References.

For Conectiva Linux 6.0:
Upgrade to the latest version of htdig (3.1.5-5U60_1cl or later), as listed in Conectiva Linux Security Announcement CLA-2001:429. See References.

For Conectiva Linux 7.0:
Upgrade to the latest version of htdig (3.1.5-10U70_1cl or later), as listed in Conectiva Linux Security Announcement CLA-2001:429. See References.

For Debian GNU/Linux 2.2 (potato):
Upgrade to the latest version of htdig (3.1.5-2.0potato.1 or later), as listed in DSA-080-1. See References.

For Red Hat Linux 7.1:
Upgrade to the latest version of htdig (3.2.0-1.b4.0.71 or later), as listed in Red Hat Linux Errata Advisory RHSA-2001:139-11. See References.

For Red Hat Linux 7.2:
Upgrade to the latest version of htdig (3.2.0-2.011302 or later), as listed in Red Hat Linux Errata Advisory RHSA-2001:139-11. See References.

For HP Secure OS Software for Linux 1.0:
Apply the RHSA-2001-139 RPMs, as listed in Hewlett-Packard Company Security Bulletin HPSBTL0205-041. See References.

For other distributions:
Contact your vendor for upgrade or patch information.

References:

Caldera International, Inc. Security Advisory CSSA-2001-035.0: Linux - Remote File View Problem in htdig.
Conectiva Linux Announcement CLSA-2001:429: ht://Dig DoS and remote exposure.
Hewlett-Packard Company Security Bulletin HPSBTL0205-041: Security vulnerability in htdig. (From SecurityFocus archive.)
BID-3410: ht://Dig Remote Denial of Service/File Disclosure Vulnerability
CVE-2001-0834: htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of service (CPU consumption) by specifying a large file such as /dev/zero, or (2) read arbitrary files by uploading an alternate configuration file that specifies the target file.
DSA-080: htdig -- unauthorized gathering of data
MDKSA-2001:083: Updated htdig packages fix insecurities in htsearch
RHSA-2001-139: Updated htdig packages are available

Platforms Affected:

Conectiva Linux 5.0
Conectiva Linux 5.1
Conectiva Linux 6.0
Conectiva Linux 7.0
Debian Debian Linux 2.2
HP Secure OS 1.0
ht://Dig Group ht://Dig
RedHat Linux 7
RedHat Linux 7.1
RedHat Linux 7.2
RedHat Linux 7.3
SCO Caldera OpenLinux Server 3.1
SCO Caldera OpenLinux Workstation 3.1

Reported:

Oct 09, 2001

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page