Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> Fedora Local Security Checks >> Fedora Core 3 2005-367: htdig

Vulnerability Assessment Details

Fedora Core 3 2005-367: htdig

Vulnerability Assessment Summary
Check for the version of the htdig package

Detailed Explanation for this Vulnerability Assessment

The remote host is missing the patch for the advisory FEDORA-2005-367 (htdig).

The ht://Dig system is a complete world wide web indexing and searching
system for a small domain or intranet. This system is not meant to replace
the need for powerful internet-wide search systems like Lycos, Infoseek,
Webcrawler and AltaVista. Instead it is meant to cover the search needs for
a single company, campus, or even a particular sub section of a web site. As
opposed to some WAIS-based or web-server based search engines, ht://Dig can
span several web servers at a site. The type of these different web servers
doesn't matter as long as they understand the HTTP 1.0 protocol.
ht://Dig is also used by KDE to search KDE's HTML documentation.

ht://Dig was developed at San Diego State University as a way to search the
various web servers on the campus network.

* Tue Apr 19 2005 Phil Knirsch 3:3.2.0b6-3.FC3.1
- Fixed security bug with unescaped output in htsearch and qtest (#144127)
- Removed .la and .a libs from package (#145649)

Solution : Get the newest Fedora Updates
Network Security Threat Level: High

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2005 Tenable Network Security

Cables, Connectors