Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message.

This update fixes a cross-site scripting vulnerability that can be exploited remotely. (CVE-2005-0085)

Michael Krax reports a vulnerability within htdig. The vulnerability lies within an unsanitized config parameter, allowing a malicious attacker to execute arbitrary scripting code on the target's browser.
This might allow the attacker to obtain the user's cookies which are associated with the site, including cookies used for authentication.

A cross-site scripting vulnerability in ht://dig was discovered by Michael Krax. The updated packages have been patched to correct this issue.

The remote Redhat Enterprise Linux 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2005:090 advisory.

    The ht://Dig system is a Web search and indexing system for a small domain     or intranet.

    Michael Krax reported a cross-site scripting bug affecting htdig. An     attacker could construct a carefully crafted URL which can cause a web     browser to execute malicious script once visited.  The Common     Vulnerabilities and Exposures project has assigned the name CAN-2005-0085     to this issue.

    Users of htdig should upgrade to these updated packages, which contain a     backported patch, and are not vulnerable to this issue.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote host is affected by the vulnerability described in GLSA-200502-16 (ht://Dig: XSS vulnerability)

    Michael Krax discovered that ht://Dig fails to validate the     'config' parameter before displaying an error message containing the     parameter. This flaw could allow an attacker to conduct cross-site     scripting attacks.
  Impact :

    By sending a carefully crafted message, an attacker can inject and     execute script code in the victim's browser window. This allows to     modify the behaviour of ht://Dig, and/or leak session information such     as cookies to the attacker.
  Workaround :

    There is no known workaround at this time.

Michael Krax discovered a cross site scripting vulnerability in ht://dig, a web search system for an intranet or small internet.

The remote host is running a version of ht://Dig which is vulnerable to an unspecified cross-site scripting attack. An attacker can exploit this flaw to steal information from unsuspecting users.

The remote version of htsearch appears to be vulnerable to a remote Cross-Site Scripting (XSS) attack. An attacker exploiting this flaw would need to be able to entice a user into clicking on a malicious URL that would contain embedded script code designed to exploit trust and execute within the client browser.

ID	Name	Product	Family	Severity
41345	SuSE9 Security Update : htdig (YOU Patch Number 9833)	Nessus	SuSE Local Security Checks	medium
21443	FreeBSD : htdig -- XSS vulnerability (673aec6f-1cae-11da-bc01-000e0c2e438a)	Nessus	FreeBSD Local Security Checks	medium
17669	Mandrake Linux Security Advisory : htdig (MDKSA-2005:063)	Nessus	Mandriva Local Security Checks	medium
17182	RHEL 4 : htdig (RHSA-2005:090)	Nessus	Red Hat Local Security Checks	medium
16453	GLSA-200502-16 : ht://Dig: XSS vulnerability	Nessus	Gentoo Local Security Checks	medium
16391	Debian DSA-680-1 : htdig - unsanitised input	Nessus	Debian Local Security Checks	medium
16317	ht://Dig htsearch.cgi config Parameter XSS	Nessus	CGI abuses : XSS	medium
2592	ht://Dig config Parameter XSS	Nessus Network Monitor	CGI	low

Detections

Analytics

CVE-2005-0085

medium

Tenable Plugins

medium

medium

medium

medium

medium

medium

medium

low