CVE-2001-0834 - OpenCVE

htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of service (CPU consumption) by specifying a large file such as /dev/zero, or (2) read arbitrary files by uploading an alternate configuration file that specifies the target file.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Debian	Debian Linux
Suse	Suse Linux
Conectiva	Linux
Htdig	Htdig

Configuration 1 [-]

OR	cpe:2.3:a:htdig:htdig::::::::
	cpe:2.3:o:conectiva:linux:5.0:::::::*
	cpe:2.3:o:conectiva:linux:5.1:::::::*
	cpe:2.3:o:conectiva:linux:6.0:::::::*
	cpe:2.3:o:conectiva:linux:7.0:::::::*

Configuration 2 [-]

OR	cpe:2.3:o:debian:debian_linux:2.2:::::::*
	cpe:2.3:o:suse:suse_linux:6.3:::::::*
	cpe:2.3:o:suse:suse_linux:6.4:::::::*
	cpe:2.3:o:suse:suse_linux:7.0:::::::*
	cpe:2.3:o:suse:suse_linux:7.1:::::::*
	cpe:2.3:o:suse:suse_linux:7.2:::::::*
	cpe:2.3:o:suse:suse_linux:7.3:::::::*

References

Link	Resource
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000429	Patch Vendor Advisory
http://marc.info/?l=bugtraq&m=100260195401753&w=2
http://sourceforge.net/tracker/index.php?func=detail&aid=458013&group_id=4593&atid=104593
http://www.calderasystems.com/support/security/advisories/CSSA-2001-035.0.txt
http://www.debian.org/security/2001/dsa-080	Patch Vendor Advisory
http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-083.php3
http://www.novell.com/linux/security/advisories/2001_035_htdig_txt.html
http://www.redhat.com/support/errata/RHSA-2001-139.html
http://www.securityfocus.com/bid/3410
https://exchange.xforce.ibmcloud.com/vulnerabilities/7262
https://exchange.xforce.ibmcloud.com/vulnerabilities/7263

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2002-03-09T05:00:00

Updated: 2002-02-26T00:00:00

Reserved: 2001-11-22T00:00:00

Link: CVE-2001-0834

JSON object: View

NVD Information

Status : Modified

Published: 2001-12-06T05:00:00.000

Modified: 2017-10-10T01:29:53.687

Link: CVE-2001-0834

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2001-10-07T00:00:00", "descriptions": [{"lang": "en", "value": "htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of service (CPU consumption) by specifying a large file such as /dev/zero, or (2) read arbitrary files by uploading an alternate configuration file that specifies the target file."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2002-02-26T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "DSA-080", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2001/dsa-080"}, {"name": "CSSA-2001-035.0", "tags": ["vendor-advisory", "x_refsource_CALDERA"], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-035.0.txt"}, {"name": "CLA-2001:429", "tags": ["vendor-advisory", "x_refsource_CONECTIVA"], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000429"}, {"name": "3410", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/3410"}, {"name": "SuSE-SA:2001:035", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://www.novell.com/linux/security/advisories/2001_035_htdig_txt.html"}, {"name": "htdig-htsearch-retrieve-files(7263)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7263"}, {"name": "20011007 Re: Bug found in ht://Dig htsearch CGI", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=100260195401753&w=2"}, {"name": "MDKSA-2001:083", "tags": ["vendor-advisory", "x_refsource_MANDRAKE"], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-083.php3"}, {"name": "htdig-htsearch-infinite-loop(7262)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7262"}, {"tags": ["x_refsource_MISC"], "url": "http://sourceforge.net/tracker/index.php?func=detail&aid=458013&group_id=4593&atid=104593"}, {"name": "RHSA-2001:139", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2001-139.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0834", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of service (CPU consumption) by specifying a large file such as /dev/zero, or (2) read arbitrary files by uploading an alternate configuration file that specifies the target file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "DSA-080", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2001/dsa-080"}, {"name": "CSSA-2001-035.0", "refsource": "CALDERA", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-035.0.txt"}, {"name": "CLA-2001:429", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000429"}, {"name": "3410", "refsource": "BID", "url": "http://www.securityfocus.com/bid/3410"}, {"name": "SuSE-SA:2001:035", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2001_035_htdig_txt.html"}, {"name": "htdig-htsearch-retrieve-files(7263)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7263"}, {"name": "20011007 Re: Bug found in ht://Dig htsearch CGI", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=100260195401753&w=2"}, {"name": "MDKSA-2001:083", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-083.php3"}, {"name": "htdig-htsearch-infinite-loop(7262)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7262"}, {"name": "http://sourceforge.net/tracker/index.php?func=detail&aid=458013&group_id=4593&atid=104593", "refsource": "MISC", "url": "http://sourceforge.net/tracker/index.php?func=detail&aid=458013&group_id=4593&atid=104593"}, {"name": "RHSA-2001:139", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2001-139.html"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0834", "datePublished": "2002-03-09T05:00:00", "dateReserved": "2001-11-22T00:00:00", "dateUpdated": "2002-02-26T00:00:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:htdig:htdig:*:*:*:*:*:*:*:*", "matchCriteriaId": "43CC50AC-510B-4340-AF87-872992FC38DB", "versionEndIncluding": "3.1.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:conectiva:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "537A5C29-D770-4755-A6AB-8916754E14DB", "vulnerable": true}, {"criteria": "cpe:2.3:o:conectiva:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "E3AC05A9-04DA-4ED3-94D8-3254384CB724", "vulnerable": true}, {"criteria": "cpe:2.3:o:conectiva:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "DCE4BBA3-7332-45EE-8C29-BE5A473B559D", "vulnerable": true}, {"criteria": "cpe:2.3:o:conectiva:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "97177EF7-8FC4-4D4D-A8D9-3628AA0035FB", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "58B90124-0543-4226-BFF4-13CCCBCCB243", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "0AD0FF64-05DF-48C2-9BB5-FD993121FB2E", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "7786607A-362E-4817-A17E-C76D6A1F737D", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "819868A7-EB1E-4CA9-8D71-72F194E5EFEB", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0519FF7D-363E-4530-9E63-6EA3E88432DC", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "FAE3FF4F-646F-4E05-A08A-C9399DEF60F1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of service (CPU consumption) by specifying a large file such as /dev/zero, or (2) read arbitrary files by uploading an alternate configuration file that specifies the target file."}], "id": "CVE-2001-0834", "lastModified": "2017-10-10T01:29:53.687", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2001-12-06T05:00:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000429"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=100260195401753&w=2"}, {"source": "cve@mitre.org", "url": "http://sourceforge.net/tracker/index.php?func=detail&aid=458013&group_id=4593&atid=104593"}, {"source": "cve@mitre.org", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-035.0.txt"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.debian.org/security/2001/dsa-080"}, {"source": "cve@mitre.org", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-083.php3"}, {"source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/2001_035_htdig_txt.html"}, {"source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2001-139.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/3410"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7262"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7263"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}