MDKSA-2003:023
- Package name
- lynx
- Date
- 2003-02-24
- Advisory ID
- MDKSA-2003:023
- Affected versions
- 8.1 i586 , SNF7.2 i586 , 8.1 i586 , 8.0 i586 , 9.0 i586 , 8.2 i586 , MNF8.2 i586 , 8.0 i586 , 8.2 i586 , 7.2 i586
Problem description
A vulnerability was discovered in lynx, a text-mode web browser. The HTTP queries that lynx constructs are from arguments on the command line or the $WWW_HOME environment variable, but lynx does not properly sanitize special characters such as carriage returns or linefeeds. Extra headers can be inserted into the request because of this, which can cause scripts that use lynx to fetch data from the wrong site from servers that use virtual hosting.
Updated packages
8.1 i586
3e342d5aed2f987fc156784a2a49e113 ia64/8.1/RPMS/lynx-2.8.5-0.10mdk.dev.8.ia64.rpm 3dc147ad3ce860da0b476b28c958b55b ia64/8.1/SRPMS/lynx-2.8.5-0.10mdk.dev.8.src.rpm
SNF7.2 i586
51b4a07587e21fae8c22ee96dda08165 snf7.2/RPMS/lynx-2.8.5-0.10mdk.dev.8.i586.rpm 3dc147ad3ce860da0b476b28c958b55b snf7.2/SRPMS/lynx-2.8.5-0.10mdk.dev.8.src.rpm
8.1 i586
d70d1dc68846e77601e7648ad31e8407 8.1/RPMS/lynx-2.8.5-0.10mdk.dev.8.i586.rpm 3dc147ad3ce860da0b476b28c958b55b 8.1/SRPMS/lynx-2.8.5-0.10mdk.dev.8.src.rpm
8.0 i586
0e9f7fac97a924915829181b129feb64 8.0/RPMS/lynx-2.8.5-0.10mdk.dev.8.i586.rpm 3dc147ad3ce860da0b476b28c958b55b 8.0/SRPMS/lynx-2.8.5-0.10mdk.dev.8.src.rpm
9.0 i586
59fd26d160a9168588b3dde6a0405c5e 9.0/RPMS/lynx-2.8.5-0.10mdk.dev.8.i586.rpm 3dc147ad3ce860da0b476b28c958b55b 9.0/SRPMS/lynx-2.8.5-0.10mdk.dev.8.src.rpm
8.2 i586
c2bc5c894bddc46b4ab7711691ba5b71 8.2/RPMS/lynx-2.8.5-0.10mdk.dev.8.i586.rpm 3dc147ad3ce860da0b476b28c958b55b 8.2/SRPMS/lynx-2.8.5-0.10mdk.dev.8.src.rpm
MNF8.2 i586
c2bc5c894bddc46b4ab7711691ba5b71 mnf8.2/RPMS/lynx-2.8.5-0.10mdk.dev.8.i586.rpm 3dc147ad3ce860da0b476b28c958b55b mnf8.2/SRPMS/lynx-2.8.5-0.10mdk.dev.8.src.rpm
8.0 i586
8bead3da1f305cc99fa00b7e6e1b21fc ppc/8.0/RPMS/lynx-2.8.5-0.10mdk.dev.8.ppc.rpm 3dc147ad3ce860da0b476b28c958b55b ppc/8.0/SRPMS/lynx-2.8.5-0.10mdk.dev.8.src.rpm
8.2 i586
ead8f99e26c7aaeb59782b0f85150840 ppc/8.2/RPMS/lynx-2.8.5-0.10mdk.dev.8.ppc.rpm 3dc147ad3ce860da0b476b28c958b55b ppc/8.2/SRPMS/lynx-2.8.5-0.10mdk.dev.8.src.rpm
7.2 i586
51b4a07587e21fae8c22ee96dda08165 7.2/RPMS/lynx-2.8.5-0.10mdk.dev.8.i586.rpm 3dc147ad3ce860da0b476b28c958b55b 7.2/SRPMS/lynx-2.8.5-0.10mdk.dev.8.src.rpm