OpenPKG Corporation → Security → Security Advisories

OpenPKG Security Advisory

OpenPKG-SA-2005.026

Publisher Name:          OpenPKG GmbH
Publisher Home:          http://openpkg.com/

Advisory Id (public):    OpenPKG-SA-2005.026
Advisory Type:           OpenPKG Security Advisory (SA)
Advisory Directory:      http://openpkg.com/go/OpenPKG-SA
Advisory Document:       http://openpkg.com/go/OpenPKG-SA-2005.026
Advisory Published:      2010-02-09 15:51 UTC

Issue Id (internal):     OpenPKG-SI-20051203.03
Issue First Created:     2005-12-03
Issue Last Modified:     2006-11-28
Issue Revision:          06


Subject Name:            Lynx
Subject Summary:         Interactive Full-Screen Client for HTTP/HTTPS/FTP
                         Protocols
Subject Home:            http://lynx.isc.org/
Subject Versions:        * <= 2.8.5

Vulnerability Id:        CVE-2005-2929, CVE-2005-3120
Vulnerability Scope:     global (not OpenPKG specific)

Attack Feasibility:      run-time
Attack Vector:           
Attack Impact:           arbitrary code execution

Description:
    According to a iDEFENSE security advisory [0], a command injection
    vulnerability exists in the Lynx [2] WWW textual client. The
    vulnerability could allow attackers to execute arbitrary commands
    with the privileges of the underlying user. The problem specifically
    exists within the feature to execute local "cgi-bin" programs via the
    "lynxcgi:" URI handler. CVE-2005-2929
    
    Additionally, according to a security advisory from Ulf Harnhammar
    [1], a stack-based buffer overflow in the "HTrjis" function in Lynx
    allows remote NNTP servers to execute arbitrary code via certain
    article headers containing Asian characters that cause Lynx to
    add extra escape (ESC) characters. CVE-2005-3120

References:
    [0] http://www.idefense.com/application/poi/display?id=338
    [1] http://lists.grok.org.uk/pipermail/full-disclosure/2005-October/038019.html
    [2] http://lynx.isc.org/
    [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2929
    [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3120


Primary Package Name:    lynx
Primary Package Home:    http://openpkg.org/go/package/lynx

Affected Distribution:   Affected Branch:  Affected Package:
OpenPKG Community        2.3-SOLID         lynx-2.8.5-2.3.0
OpenPKG Community        2.4-SOLID         lynx-2.8.5-2.4.0
OpenPKG Community        2.5-SOLID         lynx-2.8.5-2.5.0
OpenPKG Community        CURRENT           lynx-2.8.5-20051030

Corrected Distribution:  Corrected Branch: Corrected Package:
OpenPKG Community        2.3-SOLID         lynx-2.8.5-2.3.1
OpenPKG Community        2.4-SOLID         lynx-2.8.5-2.4.1
OpenPKG Community        2.5-SOLID         lynx-2.8.5-2.5.1
OpenPKG Community        CURRENT           lynx-2.8.5.5-20051203

→ Plain Text Version

Latest Advisories:
2007.023 perl
2007.022 bind
2007.021 wordpress
2007.020 php
2007.019 php
2007.018 freetype
2007.017 ratbox
2007.016 gd
2007.015 quagga
2007.014 bind
→ more...

Validation: XHTML | CSS

Organisations
Products
- OpenPKG Community
- Features
- Technology Pitch
- Package Database
- Registration
  - Registration Overview
  - Registry Service
- Download
  - Download Policy
  - Download Service
- Sales
  - Request
Services
Security
Documentation
- Flyer
- Presentation
- Showcase
- Article
- Thesis
- Tutorial
- Packaging
- F.A.Q
Community
My OpenPKG