RedHat Update For Htdig RHSA-2007:1095-01 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

The ht://Dig system is a complete World Wide Web indexing and searching system for a small domain or intranet. A cross-site scripting flaw was discovered in a htdig search page. An attacker could construct a carefully crafted URL, which once visited by an unsuspecting user, could cause a user's Web browser to execute malicious script in the context of the visited htdig search Web page. (CVE-2007-6110) Users of htdig are advised to upgrade to these updated packages, which contain backported patch to resolve this issue.

Affected

htdig on Red Hat Enterprise Linux AS version 4, Red Hat Enterprise Linux ES version 4, Red Hat Enterprise Linux WS version 4, Red Hat Enterprise Linux (v. 5 server)

References

https://www.redhat.com/archives/rhsa-announce/2007-December/msg00001.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2007-6110
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

RedHat Security Advisory RHSA-2009:1243
RedHat Security Advisory RHSA-2009:0360
RedHat Security Advisory RHSA-2009:1039
RedHat Security Advisory RHSA-2009:1082
RedHat Security Advisory RHSA-2009:1615

RedHat Update for htdig RHSA-2007:1095-01

Take action and discover your vulnerabilities