CVE-2000-1191

Name: CVE-2000-1191
Creator: NVD / NIST
Published: 2001-08-31T04:00:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 3.05%

Last modified Jun 16, 2026

CVE-2000-1191 is a vulnerability of currently unknown severity. htsearch program in htDig 3.2 beta, 3.1.6, 3.1.5, and earlier allows remote attackers to determine the physical path of the server by requesting a non-existent configuration file using the config parameter, which generates an error message that includes the full path.. EPSS estimates a 3.05% chance of exploitation in the next 30 days.

Description

htsearch program in htDig 3.2 beta, 3.1.6, 3.1.5, and earlier allows remote attackers to determine the physical path of the server by requesting a non-existent configuration file using the config parameter, which generates an error message that includes the full path.

Metrics

EPSS Probability

3.05%

85.9th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-209

Affected Software

Vendor	Product	Versions	Update
Htdig Project	Htdig	<= 3.1.6	—
Htdig Project	Htdig	3.2.0	Beta1

References

http://www.securiteam.com/exploits/htDig_reveals_web_server_configuration_paths.htmlBroken Link
http://www.securityfocus.com/bid/4366Third Party Advisory, VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/7367Third Party Advisory, VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10526Third Party Advisory
http://www.securiteam.com/exploits/htDig_reveals_web_server_configuration_paths.htmlBroken Link
http://www.securityfocus.com/bid/4366Third Party Advisory, VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/7367Third Party Advisory, VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10526Third Party Advisory

Timeline

Published: Aug 31, 2001
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2000-1191?

How severe is CVE-2000-1191?

Severity scoring for CVE-2000-1191 is pending analysis. The EPSS model estimates a 3.05% probability of exploitation in the next 30 days.

How do I fix CVE-2000-1191?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2000-1191?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST