漏洞类别:Web server漏洞等级: 
漏洞信息
Apache contains two helper programs, "htdigest" and "htpasswd", that insecurely create files in the /tmp directory. This may result in a race condition.
漏洞危害
Using a symbolic link, a malicious local user can exploit this vulnerability to append data to root-only writeable files.
解决方案
Download and install the latest Apache sources, which are available for download from Apache HTTP Server Project's Web site. Note that Apache Version 1.3.20 contains calls to tmpname() in "htdigest" and "htpasswd". These functions are described as insecure in the man pages.
If you are using the Immunix Linux distribution, download Apache 1.3.14-3, the latest Apache HTTPd distributed with Immunix Linux.
If you are using the Debian distribution, some of these issues are fixed in Apache 1.3.27. Please read Debian's advisory DSA 195-1 for more information: http://www.debian.org/security/2002/dsa-195.
0day
文章评论