Paketname
links
Datum
2006-11-20
Advisory ID
MDKSA-2006:216
Betroffene Versionen
2006.0 i586 , 2006.0 x86_64 , 2007.0 x86_64 , 2007.0 i586

Problembeschreibung

The links web browser with smbclient installed allows remote attackers
to execute arbitrary code via shell metacharacters in an smb:// URI, as
demonstrated by using PUT and GET statements.

Corporate 3.0 is not affected by this issue, as that version of links
does not have smb:// URI support.

Updated packages have disabled access to smb:// URIs.

Aktualisierte Pakete

2006.0 i586

 ea08f62d39a09dea86b7d1a5cb51e327  2006.0/i586/links-2.1-0.pre18.5.1.20060mdk.i586.rpm
 adbcd46c1caf25846b7ff382ac6eee7d  2006.0/i586/links-common-2.1-0.pre18.5.1.20060mdk.i586.rpm
 e87b887c09df5e888c097766e7ec619c  2006.0/i586/links-graphic-2.1-0.pre18.5.1.20060mdk.i586.rpm 
 ee822254533bf4719ee94223161b7de0  2006.0/SRPMS/links-2.1-0.pre18.5.1.20060mdk.src.rpm

2006.0 x86_64

 796b482155ea5ab249bbe1baabcdd419  2006.0/x86_64/links-2.1-0.pre18.5.1.20060mdk.x86_64.rpm
 5f897e5f5d1c712b547bce7fdb7b61d4  2006.0/x86_64/links-common-2.1-0.pre18.5.1.20060mdk.x86_64.rpm
 93e5c42924fcafb2fc121c0d69b7f398  2006.0/x86_64/links-graphic-2.1-0.pre18.5.1.20060mdk.x86_64.rpm 
 ee822254533bf4719ee94223161b7de0  2006.0/SRPMS/links-2.1-0.pre18.5.1.20060mdk.src.rpm

2007.0 x86_64

 fe702c658fd4b931c8c79efd9c77010b  2007.0/x86_64/links-2.1-0.pre18.13.1mdv2007.0.x86_64.rpm
 5d8d03edf4217e9d3a6ab7f006c5613a  2007.0/x86_64/links-common-2.1-0.pre18.13.1mdv2007.0.x86_64.rpm
 e1c5effc08dfbc2e2c8b1bc351f4ea50  2007.0/x86_64/links-debug-2.1-0.pre18.13.1mdv2007.0.x86_64.rpm
 8fd02e550d5310ae74e48f002d7da45b  2007.0/x86_64/links-graphic-2.1-0.pre18.13.1mdv2007.0.x86_64.rpm 
 04961b71a4a04032a6e335dcaf91aa9d  2007.0/SRPMS/links-2.1-0.pre18.13.1mdv2007.0.src.rpm

2007.0 i586

 27f5da60ae0072b509e17326146922c1  2007.0/i586/links-2.1-0.pre18.13.1mdv2007.0.i586.rpm
 b4dac2435e4622cabf537c4df1749d83  2007.0/i586/links-common-2.1-0.pre18.13.1mdv2007.0.i586.rpm
 d33ab06111f877fbccb8f85ceb4044af  2007.0/i586/links-graphic-2.1-0.pre18.13.1mdv2007.0.i586.rpm 
 04961b71a4a04032a6e335dcaf91aa9d  2007.0/SRPMS/links-2.1-0.pre18.13.1mdv2007.0.src.rpm

Referenzen