AXSA:2008-16:01

リリース日: 
2008/01/31 Thursday - 14:30
題名: 
htdig-3.2.0b6-9.0.1
影響のあるチャネル: 
Asianux Server 3 for ia64
Asianux Server 3 for ppc
Asianux Server 3 for x86_64
Asianux Server 3 for x86
Severity: 
Moderate
Description: 

The ht://Dig system is a complete world wide web indexing and searching system for a small domain or intranet. This system is not meant to replace the need for powerful internet-wide search systems like Lycos, Infoseek,Webcrawler and AltaVista. Instead it is meant to cover the search needs for a single company, campus, or even a particular sub section of a web site. As opposed to some WAIS-based or web-server based search engines, ht://Dig can span several web servers at a site. The type of these different web servers doesn't matter as long as they understand the HTTP 1.0 protocol. ht://Dig is also used by KDE to search KDE's HTML documentation.
Cross-site scripting (XSS) vulnerability in htsearch in htdig 3.2.0b6 allows remote attackers to inject arbitrary web script or HTML via the sort parameter. (CVE-2007-6110)

解決策: 

パッケージをアップデートしてください。

追加情報: 

N/A

ダウンロード: 
File not found: /var/www/html/asianux/sites/tsn.asianux.com/files/private/buginfo//3819_htdig.txt
File not found: /var/www/html/asianux/sites/tsn.asianux.com/files/private/buginfo//3819_htdig-web.txt
File not found: /var/www/html/asianux/sites/tsn.asianux.com/files/private/buginfo//3819_htdig.txt
File not found: /var/www/html/asianux/sites/tsn.asianux.com/files/private/buginfo//3819_htdig-web.txt
File not found: /var/www/html/asianux/sites/tsn.asianux.com/files/private/buginfo//3819_htdig.txt
File not found: /var/www/html/asianux/sites/tsn.asianux.com/files/private/buginfo//3819_htdig-web.txt
File not found: /var/www/html/asianux/sites/tsn.asianux.com/files/private/buginfo//3819_htdig.txt
File not found: /var/www/html/asianux/sites/tsn.asianux.com/files/private/buginfo//3819_htdig-web.txt
Copyright© 2007-2015 Asianux. All rights reserved.