EUVD-2005-0086

Malware in sbrugna...

SUSE CVE-2005-0085

Cross-site scripting XSS vulnerability in ht://dig htdig before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message...

ht://Dig 3.2 Htsearch Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26610/info ht://Dig is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue allows an attacker to execute arbitrary HTML or script code in a...

Fedora Update for htdig FEDORA-2007-3907

Check for the Version of htdig OpenVAS Vulnerability Test Fedora Update for htdig FEDORA-2007-3907 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

ht://Dig Htsearch跨站脚本漏洞

ht://Dig是一款用来webserver的索引和搜索文件的应用程序。 ht://Dig不正确过滤用户提交的URI数据，远程攻击者可以利用漏洞进行跨站脚本攻击，获得敏感信息。 问题是由于'sytnax.html'脚本对用户提交的WEB参数缺少过滤，提交恶意脚本代码作为参数数据，可导致获得目标用户敏感信息。 测试方法 http://foo.bar/cgi-bin/htsearch?config=&restrict=&exclude=&method=and&format=builtin-long&sort=scriptalert"foo"/script&words=foo ht://Dig...

ht:Dig 3.2 - Htsearch Cross-Site Scripting

ht:Dig 3.2 - Htsearch Cross-Site Scripting source: https://www.securityfocus.com/bid/26610/info ht://Dig is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue allows an attacker to execute arbitrary HTML or script code...

ht://Dig 3.2 - Htsearch Cross-Site Scripting

source: https://www.securityfocus.com/bid/26610/info ht://Dig is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue allows an attacker to execute arbitrary HTML or script code in a user's browser session in the context...

CVE-2005-0085

Cross-site scripting XSS vulnerability in ht://dig htdig before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message...

CVE-2005-0085

Cross-site scripting XSS vulnerability in ht://dig htdig before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message...

Mandrake Linux Security Advisory : htdig (MDKSA-2005:063)

A cross-site scripting vulnerability in ht://dig was discovered by Michael Krax. The updated packages have been patched to correct this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Mandrake Linux Security...

CVE-2005-0085

Cross-site scripting XSS vulnerability in ht://dig htdig before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message...

CVE-2005-0085

The CVE-2005-0085 entry concerns ht://dig (htdig) prior to version 3.1.6-r7, which is vulnerable to cross-site scripting (XSS). The root cause is that the config parameter is not properly sanitized before being displayed in an error message, allowing a remote attacker to trigger arbitrary web scr...

CVE-2005-0085

Cross-site scripting XSS vulnerability in ht://dig htdig before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message...

[Full-Disclosure] [ GLSA 200502-16 ] ht://Dig: Cross-site scripting vulnerability

Gentoo Linux Security Advisory GLSA 200502-16 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

GLSA-200502-16 : ht://Dig: XSS vulnerability

The remote host is affected by the vulnerability described in GLSA-200502-16 ht://Dig: XSS vulnerability Michael Krax discovered that ht://Dig fails to validate the 'config' parameter before displaying an error message containing the parameter. This flaw could allow an attacker to conduct...

ht://Dig HTTP indexing and searching system crossite scripting

Crossite scripting vulnerability during error message generation...

ht://Dig config Parameter XSS

Binary data 2592.prm...

ht://Dig htsearch.cgi words Parameter XSS

The 'htsearch' CGI, which is part of the ht://Dig package, is vulnerable to cross-site scripting attacks, through the 'words' variable. With a specially crafted URL, an attacker can cause arbitrary code execution resulting in a loss of integrity. %NASLMINLEVEL 70300 C Tenable Network Security, In...

Mandrake Linux Security Advisory : htdig (MDKSA-2001:083)

A problem was discovered in the ht://Dig web indexing and searching program. Nergal reported a vulnerability in htsearch that allows a remote user to pass the -c parameter, to use a specific config file, to the htsearch program when running as a CGI. A malicious user could point to a file like...

[SECURITY] [DSA 080-1] New ht://Dig packages fix vulnerability

---------------------------------------------------------------------------- Debian Security Advisory DSA 080-1 [email protected] http://www.debian.org/security/ Martin Schulze October 17th, 2001 - ---------------------------------------------------------------------------- Package : htdig...