Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2005:839
HistoryNov 12, 2005 - 1:33 a.m.

lynx security update

2005-11-1201:33:47
CentOS Project
lists.centos.org
54

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.018 Low

EPSS

Percentile

88.2%

JSON

CentOS Errata and Security Advisory CESA-2005:839

Lynx is a text-based Web browser.

An arbitrary command execute bug was found in the lynx “lynxcgi:” URI
handler. An attacker could create a web page redirecting to a malicious URL
which could execute arbitrary code as the user running lynx. The Common
Vulnerabilities and Exposures project assigned the name CVE-2005-2929 to
this issue.

Users should update to this erratum package, which contains a backported
patch to correct this issue.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2005-November/074565.html
https://lists.centos.org/pipermail/centos-announce/2005-November/074566.html
https://lists.centos.org/pipermail/centos-announce/2005-November/074568.html
https://lists.centos.org/pipermail/centos-announce/2005-November/074569.html
https://lists.centos.org/pipermail/centos-announce/2005-November/074570.html
https://lists.centos.org/pipermail/centos-announce/2005-November/074571.html
https://lists.centos.org/pipermail/centos-announce/2005-November/074573.html
https://lists.centos.org/pipermail/centos-announce/2005-November/074574.html
https://lists.centos.org/pipermail/centos-announce/2005-November/074575.html

Affected packages:
lynx

Upstream details at:
https://access.redhat.com/errata/RHSA-2005:839

Related

nessus 7
nvd 2
openvas 4
redhat 1
ubuntucve 2
debiancve 2
cvelist 2
gentoo 2
securityvulns 1
centos 1
cve 2
prion 1
nessus
nessus
Fedora Core 3 : lynx-2.8.5-18.0.2 (2005-1078)
2005-11-15 00:00:00
GLSA-200511-09 : Lynx: Arbitrary command execution
2005-11-15 00:00:00
RHEL 2.1 / 3 / 4 : lynx (RHSA-2005:839)
2005-11-15 00:00:00
nvd
nvd
CVE-2005-2929
2005-11-18 06:03:00
CVE-2008-4690
2008-10-22 18:00:01
openvas
openvas
Gentoo Security Advisory GLSA 200511-09 (lynx)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200511-09 (lynx)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200909-15 (lynx)
2009-09-15 00:00:00
redhat
redhat
(RHSA-2005:839) lynx security update
2005-11-11 00:00:00
ubuntucve
ubuntucve
CVE-2005-2929
2005-11-18 00:00:00
CVE-2008-4690
2008-10-22 00:00:00
debiancve
debiancve
CVE-2005-2929
2005-11-18 11:00:00
CVE-2008-4690
2008-10-22 18:00:01
cvelist
cvelist
CVE-2005-2929
2005-11-18 11:00:00
CVE-2008-4690
2008-10-22 17:00:00
gentoo
gentoo
Lynx: Arbitrary command execution
2005-11-13 00:00:00
Lynx: Arbitrary command execution
2009-09-12 00:00:00
securityvulns
securityvulns
[Full-disclosure] iDefense Security Advisory 11.11.05: Multiple Vendor Lynx Command Injection Vulnerability
2005-11-11 00:00:00
centos
centos
lynx security update
2005-11-13 22:59:14
cve
cve
CVE-2005-2929
2005-11-18 11:00:00
CVE-2008-4690
2008-10-22 18:00:01
prion
prion
Sql injection
2008-10-22 18:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.018 Low

EPSS

Percentile

88.2%

JSON
Related for CESA-2005:839
nessus7nvd2openvas4redhat1ubuntucve2debiancve2cvelist2gentoo2securityvulns1centos1cve2prion1