Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2005:839-01
HistoryNov 13, 2005 - 10:59 p.m.

lynx security update

2005-11-1322:59:14
CentOS Project
lists.centos.org
43

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.018 Low

EPSS

Percentile

88.2%

JSON

CentOS Errata and Security Advisory CESA-2005:839-01

Lynx is a text-based Web browser.

An arbitrary command execute bug was found in the lynx “lynxcgi:” URI
handler. An attacker could create a web page redirecting to a malicious URL
which could execute arbitrary code as the user running lynx. The Common
Vulnerabilities and Exposures project assigned the name CVE-2005-2929 to
this issue.

Users should update to this erratum package, which contains a backported
patch to correct this issue.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2005-November/074579.html

Affected packages:
lynx

OSVersionArchitecturePackageVersionFilename
CentOS2i386lynx< 2.8.4-18.1.2lynx-2.8.4-18.1.2.i386.rpm

Related

nessus 7
cve 2
openvas 4
redhat 1
ubuntucve 2
debiancve 2
securityvulns 1
gentoo 2
cvelist 2
centos 1
nvd 2
prion 1
nessus
nessus
Fedora Core 4 : lynx-2.8.5-23.2 (2005-1079)
2005-11-15 00:00:00
CentOS 3 / 4 : lynx (CESA-2005:839)
2006-07-03 00:00:00
GLSA-200511-09 : Lynx: Arbitrary command execution
2005-11-15 00:00:00
cve
cve
CVE-2005-2929
2005-11-18 11:00:00
CVE-2008-4690
2008-10-22 18:00:01
openvas
openvas
Gentoo Security Advisory GLSA 200511-09 (lynx)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200511-09 (lynx)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200909-15 (lynx)
2009-09-15 00:00:00
redhat
redhat
(RHSA-2005:839) lynx security update
2005-11-11 00:00:00
ubuntucve
ubuntucve
CVE-2005-2929
2005-11-18 00:00:00
CVE-2008-4690
2008-10-22 00:00:00
debiancve
debiancve
CVE-2005-2929
2005-11-18 11:00:00
CVE-2008-4690
2008-10-22 18:00:01
securityvulns
securityvulns
[Full-disclosure] iDefense Security Advisory 11.11.05: Multiple Vendor Lynx Command Injection Vulnerability
2005-11-11 00:00:00
gentoo
gentoo
Lynx: Arbitrary command execution
2005-11-13 00:00:00
Lynx: Arbitrary command execution
2009-09-12 00:00:00
cvelist
cvelist
CVE-2005-2929
2005-11-18 11:00:00
CVE-2008-4690
2008-10-22 17:00:00
centos
centos
lynx security update
2005-11-12 01:33:47
nvd
nvd
CVE-2005-2929
2005-11-18 06:03:00
CVE-2008-4690
2008-10-22 18:00:01
prion
prion
Sql injection
2008-10-22 18:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.018 Low

EPSS

Percentile

88.2%

JSON
Related for CESA-2005:839-01
nessus7cve2openvas4redhat1ubuntucve2debiancve2securityvulns1gentoo2cvelist2centos1nvd2prion1