CVE-2002-1658

Name of the Vulnerable Software and Affected Versions Apache versions 1.3.26 through 1.3.27

Description A buffer overflow issue exists in the htdigest component, potentially allowing attackers to execute arbitrary code via a long user argument. However, since htdigest is typically only locally accessible and not setuid or setgid, there are limited attack vectors that could lead to an escalation of privileges, unless htdigest is executed from a CGI program.

Recommendations For Apache versions 1.3.26 and 1.3.27, consider restricting access to the htdigest component to minimize the risk of exploitation, especially if it is executed from a CGI program. At the moment, there is no information about a newer version that contains a fix for this issue.