If you specify a config that doesn't exist htsearch
discloses the directory that the config files are located
RH 9.0 installed from RPM
htdig version 3.2.0b5
This is an old vulnerability that was resolved in 3.1.5,
but it's back.
I figured I'd give you a heads up so you don't end up
back in bugtraq for the same thing. I like you guys! thx
for the great search tool...
--begin Sample: --
htsearch detected an error. Please report this to the
webmaster of this site by sending an e-mail to:
email@example.com The error message is:
Unable to read configuration file '/etc/revuew.conf'
This was resolved in the past by simply truncating the
path from the error message.