SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   ht//Dig Vendors:   ht//Dig Group
ht://Dig Search Engine Software May Allow Cross-Site Scripting Attacks
SecurityTracker Alert ID:  1004661
SecurityTracker URL:  http://securitytracker.com/id/1004661
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Jul 1 2002
Impact:   Disclosure of authentication information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information, User access via network
Exploit Included:  Yes  

Description:   An input validation vulnerability was reported in the ht://Dig search engine software. A remote user may be able to conduct cross-site scripting attacks against users of web sites that have deployed ht://Dig.

According to the report, a remote user can create the following type of URL that will, when loaded by the target user, cause arbitrary scripting code to be displayed by the target user's browser:

http://[host]/cgi-bin/htsearch.cgi?words=%22%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E

The code will appear to originate from the host running ht://Dig and will run in the security context of that host. As a result, the code may be able to access the target user's cookies associated with that site (if any), access content submitted to that site by the target user via a web form, or take actions on that site acting as the target user.

Other users report recent versions of the product may not be vulnerable. One user indicates that 3.2.0b3 appears to be vulnerable and another user indicates that 3.2.0b4-011302 (from a Red Hat distribution) is not vulnerable.

Impact:   For any site running ht://Dig, a remote user may be able to access the target user's cookies associated with that site (if any), access content submitted to that site by the target user via a web form, or take actions on that site acting as the target user.
Solution:   No solution was available at the time of this entry.
Vendor URL:  www.htdig.org/ (Links to External Site)
Cause:   Input validation error
Underlying OS:  Linux (Any), UNIX (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
(Vendor Issues Fix) Re: ht://Dig Search Engine Software May Allow Cross-Site Scripting Attacks
The vendor has issued a fix.



 Source Message Contents

Subject:  XSS in HTDIG


Eg;

http://www.anyhost.com/cgi-bin/htsearch.cgi?words=%22%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E

(all URLS must be on one line)

Apologies if this is a known issue.
Apologies also for posting about XSS, too, but
this is not an isolated website, but a commonly
used service.

=====
-----BEGIN GEEK CODE BLOCK-----
  Version: 3.1 www.geekcode.com
GIT d--(---) s-:-- a-- C++++ UL@ P--- L++>+++ E---(-) W+++(-)$ N-(--) o-- K++ w(+)(-) O? !M ?V(-) PS+++@ PE-- Y+ PGP++ t+ 5-(++) X(+)
 R tv(--) b+>+++ DI++ D-(Quake+++) G+++ e* h r++>+++ y+(+++)
-----END GEEK CODE BLOCK-----

__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC