Scientific Linux: htdig CVE-2007-6110 Moderate Cross-Site Scripting Issue

Dec 03, 2007 •

LinuxSecurity Advisories

1 - 2 min read

Scientific Large Esm H500

Topics Covered

security advisory moderate security issue cross-site scripting htdig scientific linux

Moderate: htdig security update

Date: Mon, 3 Dec 2007 14:58:26 -0600
Reply-To: Troy Dawson 
Sender: Security Errata for Scientific Linux

From: Troy Dawson 
Subject: Security ERRATA for htdig on SL5.x, SL4.x i386/x86_64
Comments: To: "This email address is being protected from spambots. You need JavaScript enabled to view it."

Synopsis:	Moderate: htdig security update
Issue date:	2007-12-03
CVE Names:	CVE-2007-6110

A cross-site scripting flaw was discovered in a htdig search page. An
attacker could construct a carefully crafted URL, which once visited by an
unsuspecting user, could cause a user's Web browser to execute malicious
script in the context of the visited htdig search Web page. (CVE-2007-6110)

SL 4.x

 SRPMS:
htdig-3.2.0b6-4.el4_6.src.rpm
 i386:
htdig-3.2.0b6-4.el4_6.i386.rpm
htdig-web-3.2.0b6-4.el4_6.i386.rpm
 x86_64:
htdig-3.2.0b6-4.el4.x86_64.rpm
htdig-web-3.2.0b6-4.el4.x86_64.rpm

SL 5.x

 SRPMS:
htdig-3.2.0b6-9.0.1.el5_1.src.rpm
 i386:
htdig-3.2.0b6-9.0.1.el5.i386.rpm
htdig-web-3.2.0b6-9.0.1.el5.i386.rpm

 x86_64:
htdig-3.2.0b6-9.0.1.el5.x86_64.rpm
htdig-web-3.2.0b6-9.0.1.el5.x86_64.rpm

-Connie Sieh
-Troy Dawson

Powered By

Linux Security Footer

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Your message here