← CVECheck
HomeVulnerabilities

CVE-2001-0834 — MEDIUM severity vulnerability (htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier a)

htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of service (CPU consumption) by specifying a large file such as /dev/zero, or (2) read arbitrary files by uploading an alternate c

CVE IDCVE-2001-0834
SeverityMEDIUM
CVSS score6.4
CVSS vectorAV:N/AC:L/Au:N/C:P/I:N/A:P
CWENVD-CWE-Other
StatusModified
Published2001-12-06
Last modified2026-04-16
Descriptionhtsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of service (CPU consumption) by specifying a large file such as /dev/zero, or (2) read arbitrary files by uploading an alternate configuration file that specifies the target file.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →