Lucene search

[email protected]NVD:CVE-2005-3120

HistoryOct 17, 2005 - 8:06 p.m.

CVE-2005-3120

2005-10-1720:06:00

CWE-131

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.8 High

AI Score

Confidence

High

0.044 Low

EPSS

Percentile

92.4%

JSON

Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.

Affected configurations

NVD

Node

invisible-islandlynxRange≤2.8.6

Node

debiandebian_linuxMatch3.0

debiandebian_linuxMatch3.1

References

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.7/SCOSA-2006.7.txt

ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.47/SCOSA-2005.47.txt

lists.grok.org.uk/pipermail/full-disclosure/2005-October/038019.html

lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html

secunia.com/advisories/17150

secunia.com/advisories/17216

secunia.com/advisories/17230

secunia.com/advisories/17231

secunia.com/advisories/17238

secunia.com/advisories/17248

secunia.com/advisories/17340

secunia.com/advisories/17360

secunia.com/advisories/17444

secunia.com/advisories/17445

secunia.com/advisories/17480

secunia.com/advisories/18376

secunia.com/advisories/18584

secunia.com/advisories/20383

securitytracker.com/id?1015065

slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.423056

support.avaya.com/elmodocs2/security/ASA-2006-010.htm

www.debian.org/security/2005/dsa-874

www.debian.org/security/2005/dsa-876

www.debian.org/security/2006/dsa-1085

www.gentoo.org/security/en/glsa/glsa-200510-15.xml

www.mandriva.com/security/advisories?name=MDKSA-2005:186

www.novell.com/linux/security/advisories/2005_25_sr.html

www.openpkg.org/security/OpenPKG-SA-2005.026-lynx.html

www.redhat.com/support/errata/RHSA-2005-803.html

www.securityfocus.com/archive/1/419763/100/0/threaded

www.securityfocus.com/archive/1/435689/30/4740/threaded

www.securityfocus.com/bid/15117

bugzilla.redhat.com/bugzilla/show_bug.cgi?id=170253

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9257

usn.ubuntu.com/206-1/

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.8 High

AI Score

Confidence

High

0.044 Low

EPSS

Percentile

92.4%

JSON

Related for NVD:CVE-2005-3120

openvas12 nessus12 securityvulns1 osv3 debian5 ubuntu1 debiancve1 gentoo1 slackware1 centos2 ubuntucve1 freebsd1 cvelist1 redhat1 cve1