CVE-2006-1078

Name of the Vulnerable Software and Affected Versions Acme thttpd version 2.25b htpasswd (affected versions not specified)

Description Multiple buffer overflows in htpasswd might allow local users to gain privileges via a long command line argument and a long line in a file. This issue is potentially significant if htpasswd is used with sudo privileges or accessed remotely in certain configurations.

Recommendations For Acme thttpd version 2.25b, consider restricting access to the htpasswd utility until a patch is available. As a temporary workaround, avoid using long command line arguments and long lines in files with htpasswd. Restrict access to htpasswd to minimize the risk of exploitation, especially if it is used with sudo privileges or accessed remotely. At the moment, there is no information about a newer version that contains a fix for this vulnerability.