6.4
CVE-2001-0834
- EPSS 2.51%
- Published 06.12.2001 05:00:00
- Last modified 03.04.2025 01:03:51
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of service (CPU consumption) by specifying a large file such as /dev/zero, or (2) read arbitrary files by uploading an alternate configuration file that specifies the target file.
Data is provided by the National Vulnerability Database (NVD)
Debian ≫ Debian Linux Version2.2
Suse ≫ Suse Linux Version6.3
Suse ≫ Suse Linux Version6.4
Suse ≫ Suse Linux Version7.0
Suse ≫ Suse Linux Version7.1
Suse ≫ Suse Linux Version7.2
Suse ≫ Suse Linux Version7.3
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.51% | 0.839 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 6.4 | 10 | 4.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:P
|