To: bugtraq@securityfocus.com
Subject: local buffer overflow in htpasswd for apache 1.3.31 not fixed in .33?

This was posted on the full-disclosure list sept 16 2004 by
Luiz Fernando.

http://archives.neohapsis.com/archives/fulldisclosure/2004-09/0547.html

The nessus check for this vulnerability recommends upgrading to
Apache version 1.3.32:

http://cgi.nessus.org/plugins/dump.php3?id=14771

I just brought this up as it had not been fixed yet, but debian mistakenly gave me credit for it.

http://www.debian.org/security/2004/dsa-594