CVE-2005-0085

NONE EPSS 80.9%
Published Apr 27, 200521y ago · Modified Jun 16, 20262w ago
Find Similar
Published Apr 27, 2005 21y ago
Last Modified Jun 16, 2026 2w ago

Description

Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message.

Threat Intelligence

EPSS Exploit Probability
80.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 27

VendorProductVersionRange
htdightdig3.1.5any
htdightdig3.1.5_7any
htdightdig3.1.5_8any
htdightdig3.1.6any
htdightdig3.2.0any
htdightdig3.2.0b2any
htdightdig3.2.0b3any
htdightdig3.2.0b4any
htdightdig3.2.0b5any
htdightdig3.2.0b6any
mandrakesoftmandrake_linux10.0any
mandrakesoftmandrake_linux10.0any
mandrakesoftmandrake_linux10.1any
mandrakesoftmandrake_linux10.1any
mandrakesoftmandrake_linux_corporate_server2.1any
mandrakesoftmandrake_linux_corporate_server2.1any
mandrakesoftmandrake_linux_corporate_server3.0any
mandrakesoftmandrake_linux_corporate_server3.0any
redhatfedora_corecore_3.0any
susesuse_linux8.0any
susesuse_linux8.0any
susesuse_linux8.1any
susesuse_linux8.2any
susesuse_linux9.0any
susesuse_linux9.0any
susesuse_linux9.1any
susesuse_linux9.2any

References 18

  • ftp.sco.com ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.46/SCOSA-2005.46.txt
  • secunia.com http://secunia.com/advisories/14255
  • secunia.com http://secunia.com/advisories/14276
  • secunia.com http://secunia.com/advisories/14303
  • secunia.com http://secunia.com/advisories/14795
  • secunia.com http://secunia.com/advisories/15007
  • secunia.com http://secunia.com/advisories/17414
  • secunia.com http://secunia.com/advisories/17415
  • securitytracker.com http://securitytracker.com/id?1013078
  • debian.org http://www.debian.org/security/2005/dsa-680
    PatchVendor Advisory
  • gentoo.org http://www.gentoo.org/security/en/glsa/glsa-200502-16.xml
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2005:063
  • redhat.com http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00002.html
  • redhat.com http://www.redhat.com/support/errata/RHSA-2005-073.html
  • redhat.com http://www.redhat.com/support/errata/RHSA-2005-090.html
  • securityfocus.com http://www.securityfocus.com/bid/12442
    PatchVendor Advisory
  • exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/19223
  • oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10878

Remediation

  • debian.org http://www.debian.org/security/2005/dsa-680
    PatchVendor Advisory
  • securityfocus.com http://www.securityfocus.com/bid/12442
    PatchVendor Advisory