|Category:||Debian Local Security Checks|
|Title:||Debian Security Advisory DSA 1429-1 (htdig)|
|Summary:||Debian Security Advisory DSA 1429-1 (htdig)|
The remote host is missing an update to htdig
announced via advisory DSA 1429-1.
Michael Skibbe discovered that htdig, a WWW search system for an intranet
or small internet, did not adequately quote values submitted to the search
script, allowing remote attackers to inject arbitrary script or HTML
into specially crafted links.
For the stable distribution (etch), this problem has been fixed in version
For the old stable distribution (sarge), this problem was not present.
For the unstable distribution (sid), this problem has been fixed in version
We recommend that you upgrade your htdig package.
Common Vulnerability Exposure (CVE) ID: CVE-2007-6110|
Debian Security Information: DSA-1429 (Google Search)
SuSE Security Announcement: SUSE-SR:2007:025 (Google Search)
BugTraq ID: 26610
|Copyright||Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com|
|This is only one of 54701 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.