ht://Dig htsearch.cgi -c Parameter DoS

2001-09-03T04:31:00
ID OSVDB:654
Type osvdb
Reporter Nergal(nergal@7bulls.com)
Modified 2001-09-03T04:31:00

Description

Vulnerability Description

ht://Dig contains a flaw that may allow a remote denial of service. The issue is triggered when passing a -c parameter to the 'htsearch.cgi' script and specify a file such as /dev/zero, which causes the script to enter an infinite loop, and will result in loss of availability for the application.

Solution Description

Upgrade to version 3.1.6 (stable) or 3.2.0b4 (development) or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

ht://Dig contains a flaw that may allow a remote denial of service. The issue is triggered when passing a -c parameter to the 'htsearch.cgi' script and specify a file such as /dev/zero, which causes the script to enter an infinite loop, and will result in loss of availability for the application.

Manual Testing Notes

http://[victim]/cgi-bin/htsearch?-c/dev/zero

References:

Vendor URL: http://www.htdig.org/ Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Related OSVDB ID: 7591 Nessus Plugin ID:10784 ISS X-Force ID: 7262 CVE-2001-0834 Bugtraq ID: 3410