Gentoo Archives: gentoo-announce

From: Alex Legler <a3li@g.o>
To: gentoo-announce@l.g.o
Cc: bugtraq@×××××××××××××.com, full-disclosure@××××××××××××××.uk, security-alerts@×××××××××××××.com
Subject: [gentoo-announce] [ GLSA 200909-15 ] Lynx: Arbitrary command execution
Date: Sat, 12 Sep 2009 16:46:46
Message-Id: 20090912182956.76d6a1f8@neon
1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2 Gentoo Linux Security Advisory GLSA 200909-15
3 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4 http://security.gentoo.org/
5 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6
7 Severity: Normal
8 Title: Lynx: Arbitrary command execution
9 Date: September 12, 2009
10 Bugs: #243058
11 ID: 200909-15
12
13 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
14
15 Synopsis
16 ========
17
18 An incomplete fix for an issue related to the Lynx URL handler might
19 allow for the remote execution of arbitrary commands.
20
21 Background
22 ==========
23
24 Lynx is a fully-featured WWW client for users running
25 cursor-addressable, character-cell display devices such as vt100
26 terminals and terminal emulators.
27
28 Affected packages
29 =================
30
31 -------------------------------------------------------------------
32 Package / Vulnerable / Unaffected
33 -------------------------------------------------------------------
34 1 www-client/lynx < 2.8.6-r4 >= 2.8.6-r4
35
36 Description
37 ===========
38
39 Clint Ruoho reported that the fix for CVE-2005-2929 (GLSA 200511-09)
40 only disabled the lynxcgi:// handler when not using the advanced mode.
41
42 Impact
43 ======
44
45 A remote attacker can entice a user to access a malicious HTTP server,
46 causing Lynx to execute arbitrary commands. NOTE: The advanced mode is
47 not enabled by default. Successful exploitation requires the
48 "lynxcgi://" protocol to be registered with lynx on the victim's
49 system.
50
51 Workaround
52 ==========
53
54 There is no known workaround at this time.
55
56 Resolution
57 ==========
58
59 All Lynx users should upgrade to the latest version:
60
61 # emerge --sync
62 # emerge --ask --oneshot --verbose =www-client/lynx-2.8.6-r4
63
64 References
65 ==========
66
67 [ 1 ] CVE-2005-2929
68 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2929
69 [ 2 ] CVE-2008-4690
70 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4690
71 [ 3 ] GLSA 200511-09
72 http://www.gentoo.org/security/en/glsa/glsa-200511-09.xml
73
74 Availability
75 ============
76
77 This GLSA and any updates to it are available for viewing at
78 the Gentoo Security Website:
79
80 http://security.gentoo.org/glsa/glsa-200909-15.xml
81
82 Concerns?
83 =========
84
85 Security is a primary focus of Gentoo Linux and ensuring the
86 confidentiality and security of our users machines is of utmost
87 importance to us. Any security concerns should be addressed to
88 security@g.o or alternatively, you may file a bug at
89 https://bugs.gentoo.org.
90
91 License
92 =======
93
94 Copyright 2009 Gentoo Foundation, Inc; referenced text
95 belongs to its owner(s).
96
97 The contents of this document are licensed under the
98 Creative Commons - Attribution / Share Alike license.
99
100 http://creativecommons.org/licenses/by-sa/2.5

Attachments

File name MIME type
signature.asc application/pgp-signature