CVE-2005-0085

htdig - Cross-Site Scripting via Config Parameter

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message.

References (18)

Core 18

Core References

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/15007

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/14795

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10878

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2005-073.html

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/14255

Vendor Advisory vendor-advisory x_refsource_mandrake

http://www.mandriva.com/security/advisories?name=MDKSA-2005:063

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/17415

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/19223

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/14303

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/14276

Patch, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/12442

Third Party Advisory vendor-advisory x_refsource_gentoo

http://www.gentoo.org/security/en/glsa/glsa-200502-16.xml

Patch, Vendor Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2005/dsa-680

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/17414

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2005-090.html

Vendor Advisory vendor-advisory x_refsource_fedora

http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00002.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1013078

Various Sources vendor-advisory x_refsource_sco

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.46/SCOSA-2005.46.txt

Scores

EPSS 0.0473

EPSS Percentile 89.5%

Details

Status published

Products (21)

htdig/htdig 3.1.5

htdig/htdig 3.1.5_7

htdig/htdig 3.1.5_8

htdig/htdig 3.1.6

htdig/htdig 3.2.0

htdig/htdig 3.2.0b2

htdig/htdig 3.2.0b3

htdig/htdig 3.2.0b4

htdig/htdig 3.2.0b5

htdig/htdig 3.2.0b6

... and 11 more

Published Apr 27, 2005

Tracked Since Feb 18, 2026