Paketname
lynx
Datum
2003-02-24
Advisory ID
MDKSA-2003:023
Betroffene Versionen
8.1 i586 , SNF7.2 i586 , 8.1 i586 , 8.0 i586 , 9.0 i586 , 8.2 i586 , MNF8.2 i586 , 8.0 i586 , 8.2 i586 , 7.2 i586

Problembeschreibung

A vulnerability was discovered in lynx, a text-mode web browser. The HTTP queries that lynx constructs are from arguments on the command line or the $WWW_HOME environment variable, but lynx does not properly sanitize special characters such as carriage returns or linefeeds. Extra headers can be inserted into the request because of this, which can cause scripts that use lynx to fetch data from the wrong site from servers that use virtual hosting.

Aktualisierte Pakete

8.1 i586

 3e342d5aed2f987fc156784a2a49e113  ia64/8.1/RPMS/lynx-2.8.5-0.10mdk.dev.8.ia64.rpm
3dc147ad3ce860da0b476b28c958b55b  ia64/8.1/SRPMS/lynx-2.8.5-0.10mdk.dev.8.src.rpm

SNF7.2 i586

 51b4a07587e21fae8c22ee96dda08165  snf7.2/RPMS/lynx-2.8.5-0.10mdk.dev.8.i586.rpm
3dc147ad3ce860da0b476b28c958b55b  snf7.2/SRPMS/lynx-2.8.5-0.10mdk.dev.8.src.rpm

8.1 i586

 d70d1dc68846e77601e7648ad31e8407  8.1/RPMS/lynx-2.8.5-0.10mdk.dev.8.i586.rpm
3dc147ad3ce860da0b476b28c958b55b  8.1/SRPMS/lynx-2.8.5-0.10mdk.dev.8.src.rpm

8.0 i586

 0e9f7fac97a924915829181b129feb64  8.0/RPMS/lynx-2.8.5-0.10mdk.dev.8.i586.rpm
3dc147ad3ce860da0b476b28c958b55b  8.0/SRPMS/lynx-2.8.5-0.10mdk.dev.8.src.rpm

9.0 i586

 59fd26d160a9168588b3dde6a0405c5e  9.0/RPMS/lynx-2.8.5-0.10mdk.dev.8.i586.rpm
3dc147ad3ce860da0b476b28c958b55b  9.0/SRPMS/lynx-2.8.5-0.10mdk.dev.8.src.rpm

8.2 i586

 c2bc5c894bddc46b4ab7711691ba5b71  8.2/RPMS/lynx-2.8.5-0.10mdk.dev.8.i586.rpm
3dc147ad3ce860da0b476b28c958b55b  8.2/SRPMS/lynx-2.8.5-0.10mdk.dev.8.src.rpm

MNF8.2 i586

 c2bc5c894bddc46b4ab7711691ba5b71  mnf8.2/RPMS/lynx-2.8.5-0.10mdk.dev.8.i586.rpm
3dc147ad3ce860da0b476b28c958b55b  mnf8.2/SRPMS/lynx-2.8.5-0.10mdk.dev.8.src.rpm

8.0 i586

 8bead3da1f305cc99fa00b7e6e1b21fc  ppc/8.0/RPMS/lynx-2.8.5-0.10mdk.dev.8.ppc.rpm
3dc147ad3ce860da0b476b28c958b55b  ppc/8.0/SRPMS/lynx-2.8.5-0.10mdk.dev.8.src.rpm

8.2 i586

 ead8f99e26c7aaeb59782b0f85150840  ppc/8.2/RPMS/lynx-2.8.5-0.10mdk.dev.8.ppc.rpm
3dc147ad3ce860da0b476b28c958b55b  ppc/8.2/SRPMS/lynx-2.8.5-0.10mdk.dev.8.src.rpm

7.2 i586

 51b4a07587e21fae8c22ee96dda08165  7.2/RPMS/lynx-2.8.5-0.10mdk.dev.8.i586.rpm
3dc147ad3ce860da0b476b28c958b55b  7.2/SRPMS/lynx-2.8.5-0.10mdk.dev.8.src.rpm

Referenzen