Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-1191


Vulnerability Score 5.0 5.0
CVE Id CVE-2000-1191
Last Modified 21 Aug 2010 12:05:12
Published 31 Aug 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



htsearch program in htDig 3.2 beta, 3.1.6, 3.1.5, and earlier allows remote attackers to determine the physical path of the server by requesting a non-existent configuration file using the config parameter, which generates an error message that includes the full path.

Vulnerable Systems



XF - htdig-htsearch-path-disclosure(7367)

BID - 4366

Last Updated: 27 May 2016 10:36:04