HTTP: ht://dig Arbitrary File Inclusion

This signature detects attempts to exploit a vulnerability in ht://dig, a Web content search engine for UNIX. Because ht://dig improperly validates form input, attackers can pass a maliciously crafted variable to the htsearch CGI script to read files accessible to the program user.

Extended Description

ht://dig is a web content search engine for Unix platforms. The software is set up to allow for file inclusion from configuration files. Any string surrounded by the opening singlw quote character ( ` ) is taken as a path to a file for inclusion, for example: some_parameter: `var/htdig/some_file` htdig will also allow included files to be specified via form input. Therefore, any file can be specified for inclusion into a variable by any web user.

Affected Products

The_ht://dig_group ht://dig

References

BugTraq: 1026

CVE: CVE-2000-0208

URL: http://archives.neohapsis.com/archives/bugtraq/2000-02/0385.html http://securityfocus.com/bid/1026 http://xforce.iss.net/static/4052.php

Short Name

HTTP:CGI:HTDIG-INCLUSION

Severity

Minor

Recommended

False

Recommended Action

None

HTTP: ht://dig Arbitrary File Inclusion

Extended Description

Affected Products

References

Found a potential security threat?