Family: Red Hat Local Security Checks --> Category: infos
RHSA-2005-090: htdig Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the htdig packages
Detailed Explanation for this Vulnerability Test
Updated htdig packages that fix a security flaw are now available for
Red Hat Enterprise Linux 4.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
The ht://Dig system is a Web search and indexing system for a small domain
Michael Krax reported a cross-site scripting bug affecting htdig. An
attacker could construct a carefully crafted URL which can cause a web
browser to execute malicious script once visited. The Common
Vulnerabilities and Exposures project has assigned the name CVE-2005-0085
to this issue.
Users of htdig should upgrade to these updated packages, which contain a
backported patch, and are not vulnerable to this issue.
Solution : http://rhn.redhat.com/errata/RHSA-2005-090.html
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.