CVE-2006-1079

Name of the Vulnerable Software and Affected Versions htpasswd versions 2.25b and earlier

Description The issue allows local users to gain privileges via shell metacharacters in a command line argument, which is used in a call to the system function. This could potentially be exploited in configurations where htpasswd is used with sudo privileges or accessed remotely.

Recommendations For htpasswd version 2.25b and earlier, consider restricting the use of command line options to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using htpasswd with sudo privileges or remote access to reduce the risk of privilege escalation.