7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.843 High
EPSS
Percentile
98.5%
CentOS Errata and Security Advisory CESA-2006:0742
Elinks is a text mode Web browser used from the command line that supports
rendering modern web pages.
An arbitrary file access flaw was found in the Elinks SMB protocol handler.
A malicious web page could have caused Elinks to read or write files with
the permissions of the user running Elinks. (CVE-2006-5925)
All users of Elinks are advised to upgrade to this updated package, which
resolves this issue by removing support for the SMB protocol from Elinks.
Note: this issue did not affect the Elinks package shipped with Red Hat
Enterprise Linux 3, or the Links package shipped with Red Hat Enterprise
Linux 2.1.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2006-November/075574.html
https://lists.centos.org/pipermail/centos-announce/2006-November/075575.html
https://lists.centos.org/pipermail/centos-announce/2006-November/075576.html
https://lists.centos.org/pipermail/centos-announce/2006-November/075577.html
Affected packages:
elinks
Upstream details at:
https://access.redhat.com/errata/RHSA-2006:0742
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 4 | x86_64 | elinks | < 0.9.2-3.3 | elinks-0.9.2-3.3.x86_64.rpm |
CentOS | 4 | i386 | elinks | < 0.9.2-3.3 | elinks-0.9.2-3.3.i386.rpm |
CentOS | 4 | ia64 | elinks | < 0.9.2-3.3 | elinks-0.9.2-3.3.ia64.rpm |
CentOS | 4 | s390 | elinks | < 0.9.2-3.3 | elinks-0.9.2-3.3.s390.rpm |
CentOS | 4 | s390x | elinks | < 0.9.2-3.3 | elinks-0.9.2-3.3.s390x.rpm |