Lucene search
RedHatRHSA-2005:090HistoryFeb 15, 2005 - 12:00 a.m.
(RHSA-2005:090) htdig security update
2005-02-1500:00:00
access.redhat.com
14
0.023 Low
EPSS
Percentile
89.8%
The ht://Dig system is a Web search and indexing system for a small domain
or intranet.
Michael Krax reported a cross-site scripting bug affecting htdig. An
attacker could construct a carefully crafted URL which can cause a web
browser to execute malicious script once visited. The Common
Vulnerabilities and Exposures project has assigned the name CAN-2005-0085
to this issue.
Users of htdig should upgrade to these updated packages, which contain a
backported patch, and are not vulnerable to this issue.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | any | s390 | htdig | < 3.2.0b6-3.40.1 | htdig-3.2.0b6-3.40.1.s390.rpm |
| RedHat | any | src | htdig | < 3.2.0b6-3.40.1 | htdig-3.2.0b6-3.40.1.src.rpm |
| RedHat | any | x86_64 | htdig | < 3.2.0b6-3.40.1 | htdig-3.2.0b6-3.40.1.x86_64.rpm |
| RedHat | any | i386 | htdig-web | < 3.2.0b6-3.40.1 | htdig-web-3.2.0b6-3.40.1.i386.rpm |
| RedHat | any | ppc | htdig | < 3.2.0b6-3.40.1 | htdig-3.2.0b6-3.40.1.ppc.rpm |
| RedHat | any | ia64 | htdig-web | < 3.2.0b6-3.40.1 | htdig-web-3.2.0b6-3.40.1.ia64.rpm |
| RedHat | any | s390x | htdig | < 3.2.0b6-3.40.1 | htdig-3.2.0b6-3.40.1.s390x.rpm |
| RedHat | any | ppc | htdig-web | < 3.2.0b6-3.40.1 | htdig-web-3.2.0b6-3.40.1.ppc.rpm |
| RedHat | any | x86_64 | htdig-web | < 3.2.0b6-3.40.1 | htdig-web-3.2.0b6-3.40.1.x86_64.rpm |
| RedHat | any | s390x | htdig-web | < 3.2.0b6-3.40.1 | htdig-web-3.2.0b6-3.40.1.s390x.rpm |
Related
nessus
nessus
ht://Dig htsearch.cgi config Parameter XSS
2005-02-08 00:00:00
RHEL 4 : htdig (RHSA-2005:090)
2005-02-22 00:00:00
SuSE9 Security Update : htdig (YOU Patch Number 9833)
2009-09-24 00:00:00
openvas
openvas
SLES9: Security update for htdig
2009-10-10 00:00:00
FreeBSD Ports: htdig
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200502-16 (htdig)
2008-09-24 00:00:00
osv
osv
htdig - unsanitised input
2005-02-14 00:00:00
cvelist
cvelist
CVE-2005-0085
2005-02-15 05:00:00
freebsd
freebsd
htdig -- cross site scripting vulnerability
2005-02-03 00:00:00
gentoo
gentoo
ht://Dig: Cross-site scripting vulnerability
2005-02-13 00:00:00
debiancve
debiancve
CVE-2005-0085
2005-04-27 04:00:00
securityvulns
securityvulns
nvd
nvd
CVE-2005-0085
2005-04-27 04:00:00
cve
cve
CVE-2005-0085
2005-04-27 04:00:00
ubuntucve
ubuntucve
CVE-2005-0085
2005-04-27 00:00:00
debian
debian