FreeBSD Local Security Checks : FreeBSD Ports: htdig

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.55217

Categoría: FreeBSD Local Security Checks

Título: FreeBSD Ports: htdig

Resumen: The remote host is missing an update to the system; as announced in the referenced advisory.

Descripción: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following package is affected: htdig

CVE-2005-0085
Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before
3.1.6-r7 allows remote attackers to execute arbitrary web script or
HTML via the config parameter, which is not properly sanitized before
it is displayed in an error message.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2005-0085
BugTraq ID: 12442
http://www.securityfocus.com/bid/12442
Debian Security Information: DSA-680 (Google Search)
http://www.debian.org/security/2005/dsa-680
http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00002.html
http://www.gentoo.org/security/en/glsa/glsa-200502-16.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2005:063
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10878
http://www.redhat.com/support/errata/RHSA-2005-073.html
http://www.redhat.com/support/errata/RHSA-2005-090.html
SCO Security Bulletin: SCOSA-2005.46
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.46/SCOSA-2005.46.txt
http://securitytracker.com/id?1013078
http://secunia.com/advisories/14255
http://secunia.com/advisories/14276
http://secunia.com/advisories/14303
http://secunia.com/advisories/14795
http://secunia.com/advisories/15007
http://secunia.com/advisories/17414
http://secunia.com/advisories/17415
XForce ISS Database: htdig-config-xss(19223)
https://exchange.xforce.ibmcloud.com/vulnerabilities/19223

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.55217
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: htdig
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: htdig CVE-2005-0085 Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0085 BugTraq ID: 12442 http://www.securityfocus.com/bid/12442 Debian Security Information: DSA-680 (Google Search) http://www.debian.org/security/2005/dsa-680 http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00002.html http://www.gentoo.org/security/en/glsa/glsa-200502-16.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:063 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10878 http://www.redhat.com/support/errata/RHSA-2005-073.html http://www.redhat.com/support/errata/RHSA-2005-090.html SCO Security Bulletin: SCOSA-2005.46 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.46/SCOSA-2005.46.txt http://securitytracker.com/id?1013078 http://secunia.com/advisories/14255 http://secunia.com/advisories/14276 http://secunia.com/advisories/14303 http://secunia.com/advisories/14795 http://secunia.com/advisories/15007 http://secunia.com/advisories/17414 http://secunia.com/advisories/17415 XForce ISS Database: htdig-config-xss(19223) https://exchange.xforce.ibmcloud.com/vulnerabilities/19223
Copyright	Copyright (C) 2008 E-Soft Inc.