SCO Security Advisory - Ulf Harnhammar has reported a vulnerability in Lynx, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the HTrjis() function in the handling of article headers sent from NNTP (Network News Transfer Protocol) servers. This can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into visiting a malicious web site which redirects to a malicious NNTP server via the nntp: URI handler. Successful exploitation allows execution of arbitrary code.
3a4f408a9e7a6a4943c8178a7eda2a2ee13c50995972d5fa0fc6e533172fbd78Debian Security Advisory DSA 876-1 - Ulf Harnhammar discovered a buffer overflow in lynx, a text-mode browser for the WWW that can be remotely exploited. During the handling of Asian characters when connecting to an NNTP server lynx can be tricked to write past the boundary of a buffer which can lead to the execution of arbitrary code.
9863bf4acde2d69cc8bf57071ecd7280225e5830b46f5ad7be68cfbdadfdfd10Debian Security Advisory DSA 874-1 - Ulf Harnhammar discovered a buffer overflow in lynx, a text-mode browser for the WWW that can be remotely exploited. During the handling of Asian characters when connecting to an NNTP server lynx can be tricked to write past the boundary of a buffer which can lead to the execution of arbitrary code.
c3cdb5dc0597cb675af085a8a9f2f22c27928649a42bcd473c01bb660ab67d8aUbuntu Security Notice USN-206-1 - Ulf Harnhammar discovered a remote vulnerability in Lynx when connecting to a news server (NNTP). The function that added missing escape chararacters to article headers did not check the size of the target buffer. Specially crafted news entries could trigger a buffer overflow, which could be exploited to execute arbitrary code with the privileges of the user running lynx. In order to exploit this, the user is not even required to actively visit a news site with Lynx since a malicious HTML page could automatically redirect to an nntp:// URL with malicious news items.
4b6361b06b6efcaf52522e3904afc75117232a9f7bf5c7fb14936353de5f181dMandriva Linux Security Update Advisory - Ulf Harnhammar discovered a remote buffer overflow in lynx versions 2.8.2 through 2.8.5
48154abcdff3ecaa89fc76b7d19a1d5210df7e297fbbe99f9d51d9641259ff78Gentoo Linux Security Advisory GLSA 200510-15 - When accessing a NNTP URL, Lynx connects to a NNTP server and retrieves information about the available articles in the target newsgroup. Ulf Harnhammar discovered a buffer overflow in a function that handles the escaping of special characters. Versions less than 2.8.5-r1 are affected.
96ff7abb18de7be6479057dae7e292abc783d595f4362e1a32011d9530ef2b88
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed