To: bugtraq@securityfocus.com
Subject: local buffer overflow in htpasswd for apache 1.3.31 not fixed in .33?
This was posted on the full-disclosure list sept 16 2004 by Luiz Fernando.
http://archives.neohapsis.com/archives/fulldisclosure/2004-09/0547.html
The nessus check for this vulnerability recommends upgrading to Apache version 1.3.32:
http://cgi.nessus.org/plugins/dump.php3?id=14771
I just brought this up as it had not been fixed yet, but debian mistakenly gave me credit for it.