Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2005-0085

Published: 27/04/2005 Updated: 11/10/2017
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Htdig

Vulnerability Summary

Cross-site scripting (XSS) vulnerability in ht://dig (htdig) prior to 3.1.6-r7 allows remote malicious users to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message.

Vulnerable Product Search on Vulmon Subscribe to Product

htdig htdig 3.2.0b3

htdig htdig 3.2.0b4

htdig htdig 3.1.5

htdig htdig 3.1.5_7

htdig htdig 3.2.0b5

htdig htdig 3.2.0b6

htdig htdig 3.1.5_8

htdig htdig 3.1.6

htdig htdig 3.2.0

htdig htdig 3.2.0b2

mandrakesoft mandrake linux corporate server 2.1

suse suse linux 8.2

suse suse linux 9.0

mandrakesoft mandrake linux corporate server 3.0

suse suse linux 9.1

mandrakesoft mandrake linux 10.0

redhat fedora core core_3.0

suse suse linux 8.0

suse suse linux 9.2

mandrakesoft mandrake linux 10.1

suse suse linux 8.1

Vendor Advisories

Red Hat: htdig security update
Synopsis htdig security update Type/Severity Security Advisory: Moderate Topic Updated htdig packages that fix a security flaw are now available forRed Hat Enterprise Linux 4This update has been rated as having moderate security impact by the Red HatSecurity Response Team Description The ...
Debian CVElist Bug Report Logs: htdig: Unescaped output in htsearch and qtest causes security problems.
Debian Bug report logs - #305996 htdig: Unescaped output in htsearch and qtest causes security problems Package: htdig; Maintainer for htdig is Debian QA Group <packages@qadebianorg>; Source for htdig is src:htdig (PTS, buildd, popcon) Reported by: Helge Kreutzmann <kreutzm@itpuni-hannoverde> Date: Sat, 23 Apr 2 ...
Debian Security Advisories: DSA-680-1 htdig -- unsanitised input
Michael Krax discovered a cross site scripting vulnerability in ht://dig, a web search system for an intranet or small internet For the stable distribution (woody) this problem has been fixed in version 316-3woody1 For the unstable distribution (sid) this problem has been fixed in version 316-11 We recommend that you upgrade your htdig packa ...

References

NVD-CWE-Otherhttp://www.debian.org/security/2005/dsa-680http://www.securityfocus.com/bid/12442http://www.gentoo.org/security/en/glsa/glsa-200502-16.xmlhttp://www.redhat.com/support/errata/RHSA-2005-073.htmlhttp://securitytracker.com/id?1013078ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.46/SCOSA-2005.46.txthttp://secunia.com/advisories/14255http://secunia.com/advisories/17414http://secunia.com/advisories/17415http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00002.htmlhttp://secunia.com/advisories/14276http://secunia.com/advisories/14303http://secunia.com/advisories/14795http://secunia.com/advisories/15007http://www.redhat.com/support/errata/RHSA-2005-090.htmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2005:063https://exchange.xforce.ibmcloud.com/vulnerabilities/19223https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10878https://access.redhat.com/errata/RHSA-2005:090https://www.debian.org/security/./dsa-680https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693CVE-2024-30851CVE-2024-34460CVE-2024-2887localCVE-2024-27956remote code executionCVE-2024-34475privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook