Vulnerability Name:

CVE-2002-1658 (CCN-10414)

Assigned:2002-10-16
Published:2002-10-16
Updated:2017-07-11
Summary:Buffer overflow in htdigest in Apache 1.3.26 and 1.3.27 may allow attackers to execute arbitrary code via a long user argument.
Note: since htdigest is normally only locally accessible and not setuid or setgid, there are few attack vectors which would lead to an escalation of privileges, unless htdigest is executed from a CGI program. Therefore this may not be a vulnerability.
CVSS v3 Severity:5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
3.4 Low (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
4.6 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
3.4 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: CCN
Type: BugTraq Mailing List, Wed Oct 16 2002 - 17:32:26 CDT
Apache 1.3.26

Source: MITRE
Type: CNA
CVE-2002-1658

Source: CCN
Type: Apache Web site
Welcome! - The Apache HTTP Server Project

Source: BUGTRAQ
Type: UNKNOWN
20021016 Apache 1.3.26

Source: CCN
Type: OSVDB ID: 18233
Apache HTTP Server htdigest user Variable Overfow

Source: CCN
Type: BID-5981
Multiple Apache HTDigest and HTPassWD Component Vulnerabilites

Source: BID
Type: UNKNOWN
5993

Source: CCN
Type: BID-5993
Multiple Apache HTDigest Buffer Overflow Vulnerabilities

Source: XF
Type: UNKNOWN
apache-htdigest-bo(10414)

Source: XF
Type: UNKNOWN
apache-htdigest-bo(10414)

Source: MISC
Type: Exploit
https://sardonix.org/audit/apache-45.html

Vulnerable Configuration:Configuration 1:
  • cpe:/a:apache:http_server:1.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.4:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.6:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.9:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.11:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.12:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.14:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.17:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.18:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.19:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.20:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.22:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.23:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.24:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.25:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.26:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.27:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:apache:http_server:1.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.19:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.26:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.6:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.9:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.12:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.20:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.23:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.17:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.14:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.11:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.27:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.24:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.22:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.4:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.18:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:1.3.25:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    apache http server 1.3.1
    apache http server 1.3.3
    apache http server 1.3.4
    apache http server 1.3.6
    apache http server 1.3.9
    apache http server 1.3.11
    apache http server 1.3.12
    apache http server 1.3.14
    apache http server 1.3.17
    apache http server 1.3.18
    apache http server 1.3.19
    apache http server 1.3.20
    apache http server 1.3.22
    apache http server 1.3.23
    apache http server 1.3.24
    apache http server 1.3.25
    apache http server 1.3.26
    apache http server 1.3.27
    apache http server 1.3.1
    apache http server 1.3.19
    apache http server 1.3.26
    apache http server 1.3.6
    apache http server 1.3.9
    apache http server 1.3.12
    apache http server 1.3.20
    apache http server 1.3.23
    apache http server 1.3.17
    apache http server 1.3.14
    apache http server 1.3.11
    apache http server 1.3.27
    apache http server 1.3.3
    apache http server 1.3.24
    apache http server 1.3.22
    apache http server 1.3.4
    apache http server 1.3.18
    apache http server 1.3.25