Vulnerabilities > CVE-2000-0208 - Unspecified vulnerability in Htdig
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
The htdig (ht://Dig) CGI program htsearch allows remote attackers to read arbitrary files by enclosing the file name with backticks (`) in parameters to htsearch.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 5 |
Exploit-Db
description | The ht://Dig Group ht://Dig 3.1.1/3.1.2/3.1.3/3.1.4/3.2 .0b1 Arbitrary File Inclusion. CVE-2000-0208. Remote exploit for unix platform |
id | EDB-ID:19785 |
last seen | 2016-02-02 |
modified | 2000-02-29 |
published | 2000-02-29 |
reporter | Geoff Hutchison |
source | https://www.exploit-db.com/download/19785/ |
title | The ht://Dig Group ht://Dig 3.1.1/3.1.2/3.1.3/3.1.4/3.2 .0b1 - Arbitrary File Inclusion |
Nessus
NASL family | CGI abuses |
NASL id | HTDIG.NASL |
description | The |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 10105 |
published | 2000-03-03 |
reporter | This script is Copyright (C) 2000-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/10105 |
title | ht://Dig < 3.1.5 htsearch CGI Multiple Vulnerabilities |
code |
|