ID OPENVAS:830558 Type openvas Reporter Copyright (C) 2009 Greenbone Networks GmbH Modified 2017-07-06T00:00:00
Description
Check for the Version of lynx
###############################################################################
# OpenVAS Vulnerability Test
#
# Mandriva Update for lynx MDVSA-2008:218 (lynx)
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_insight = "A vulnerability was found in the Lynxcgi: URI handler that could allow
an attacker to create a web page redirecting to a malicious URL that
would execute arbitrary code as the user running Lynx, if they were
using the non-default Advanced user mode (CVE-2008-4690).
This update corrects these issues and, in addition, makes Lynx always
prompt the user before loading a lynxcgi: URI. As well, the default
lynx.cfg configuration file marks all lynxcgi: URIs as untrusted.";
tag_affected = "lynx on Mandriva Linux 2008.0,
Mandriva Linux 2008.0/X86_64,
Mandriva Linux 2008.1,
Mandriva Linux 2008.1/X86_64,
Mandriva Linux 2009.0,
Mandriva Linux 2009.0/X86_64";
tag_solution = "Please Install the Updated Packages.";
if(description)
{
script_xref(name : "URL" , value : "http://lists.mandriva.com/security-announce/2008-10/msg00046.php");
script_id(830558);
script_version("$Revision: 6568 $");
script_tag(name:"last_modification", value:"$Date: 2017-07-06 15:04:21 +0200 (Thu, 06 Jul 2017) $");
script_tag(name:"creation_date", value:"2009-04-09 14:26:37 +0200 (Thu, 09 Apr 2009)");
script_tag(name:"cvss_base", value:"10.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_xref(name: "MDVSA", value: "2008:218");
script_cve_id("CVE-2008-4690");
script_name( "Mandriva Update for lynx MDVSA-2008:218 (lynx)");
script_summary("Check for the Version of lynx");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2009 Greenbone Networks GmbH");
script_family("Mandrake Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/mandriva_mandrake_linux", "ssh/login/release");
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "insight" , value : tag_insight);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-rpm.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "MNDK_2008.0")
{
if ((res = isrpmvuln(pkg:"lynx", rpm:"lynx~2.8.6~2.1mdv2008.0", rls:"MNDK_2008.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "MNDK_2008.1")
{
if ((res = isrpmvuln(pkg:"lynx", rpm:"lynx~2.8.6~2.1mdv2008.1", rls:"MNDK_2008.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "MNDK_2009.0")
{
if ((res = isrpmvuln(pkg:"lynx", rpm:"lynx~2.8.6~2.1mdv2009.0", rls:"MNDK_2009.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
{"href": "http://plugins.openvas.org/nasl.php?oid=830558", "history": [{"lastseen": "2017-07-02T21:13:54", "differentElements": ["modified", "sourceData"], "edition": 1, "bulletin": {"href": "http://plugins.openvas.org/nasl.php?oid=830558", "history": [], "naslFamily": "Mandrake Local Security Checks", "id": "OPENVAS:830558", "title": "Mandriva Update for lynx MDVSA-2008:218 (lynx)", "description": "Check for the Version of lynx", "published": "2009-04-09T00:00:00", "type": "openvas", "bulletinFamily": "scanner", "hashmap": [{"key": "sourceData", "hash": "9c4f1b5a13e3dca114985e0a92099e50"}, {"key": "cvss", "hash": "2bdabeb49c44761f9565717ab0e38165"}, {"key": "reporter", "hash": "b7e844243a0b30893b9118e3563e6521"}, {"key": "published", "hash": "441cd946ad6d6710f6ff5e5e3f896a71"}, {"key": "naslFamily", "hash": "559385d24c9285e685f63d04129394ee"}, {"key": "pluginID", "hash": "5c0fcd5da04c6519f59e6db20a80f97b"}, {"key": "type", "hash": "47c1f692ea47a21f716dad07043ade01"}, {"key": "description", "hash": "6c88cb34fb301b03eac2afb25a91bc40"}, {"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "modified", "hash": "62f567f562bbeddeaf1e6db6eec3283c"}, {"key": "title", "hash": "67b49ff67b959f76bf23670692aec7d5"}, {"key": "references", "hash": "a4d03e0eef552cf094fc04c2df58f2c1"}, {"key": "href", "hash": "112edee22874bdb3b5cb7e848129cd30"}, {"key": "cvelist", "hash": "cca4703d4bdf0b61d1d6723840cd1cd7"}], "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for lynx MDVSA-2008:218 (lynx)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability was found in the Lynxcgi: URI handler that could allow\n an attacker to create a web page redirecting to a malicious URL that\n would execute arbitrary code as the user running Lynx, if they were\n using the non-default Advanced user mode (CVE-2008-4690).\n\n This update corrects these issues and, in addition, makes Lynx always\n prompt the user before loading a lynxcgi: URI. As well, the default\n lynx.cfg configuration file marks all lynxcgi: URIs as untrusted.\";\n\ntag_affected = \"lynx on Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64,\n Mandriva Linux 2008.1,\n Mandriva Linux 2008.1/X86_64,\n Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-10/msg00046.php\");\n script_id(830558);\n script_version(\"$Revision: 3236 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-05-06 14:49:44 +0200 (Fri, 06 May 2016) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:26:37 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2008:218\");\n script_cve_id(\"CVE-2008-4690\");\n script_name( \"Mandriva Update for lynx MDVSA-2008:218 (lynx)\");\n\n script_summary(\"Check for the Version of lynx\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"HostDetails/OS/cpe:/o:mandriva:linux\", \"login/SSH/success\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"lynx\", rpm:\"lynx~2.8.6~2.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"lynx\", rpm:\"lynx~2.8.6~2.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"lynx\", rpm:\"lynx~2.8.6~2.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "pluginID": "830558", "hash": "7dc7cda0778406ba347e84b53c2844ed5cd9e5148b1fb112dab46ae172881e75", "modified": "2016-05-06T00:00:00", "edition": 1, "cvelist": ["CVE-2008-4690"], "lastseen": "2017-07-02T21:13:54", "viewCount": 0, "enchantments": {}, "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "objectVersion": "1.3", "references": ["2008:218", "http://lists.mandriva.com/security-announce/2008-10/msg00046.php"]}}], "naslFamily": "Mandrake Local Security Checks", "id": "OPENVAS:830558", "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "published": "2009-04-09T00:00:00", "description": "Check for the Version of lynx", "title": "Mandriva Update for lynx MDVSA-2008:218 (lynx)", "bulletinFamily": "scanner", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for lynx MDVSA-2008:218 (lynx)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability was found in the Lynxcgi: URI handler that could allow\n an attacker to create a web page redirecting to a malicious URL that\n would execute arbitrary code as the user running Lynx, if they were\n using the non-default Advanced user mode (CVE-2008-4690).\n\n This update corrects these issues and, in addition, makes Lynx always\n prompt the user before loading a lynxcgi: URI. As well, the default\n lynx.cfg configuration file marks all lynxcgi: URIs as untrusted.\";\n\ntag_affected = \"lynx on Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64,\n Mandriva Linux 2008.1,\n Mandriva Linux 2008.1/X86_64,\n Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-10/msg00046.php\");\n script_id(830558);\n script_version(\"$Revision: 6568 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:04:21 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:26:37 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2008:218\");\n script_cve_id(\"CVE-2008-4690\");\n script_name( \"Mandriva Update for lynx MDVSA-2008:218 (lynx)\");\n\n script_summary(\"Check for the Version of lynx\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"lynx\", rpm:\"lynx~2.8.6~2.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"lynx\", rpm:\"lynx~2.8.6~2.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"lynx\", rpm:\"lynx~2.8.6~2.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "pluginID": "830558", "hash": "67fddc139791c5407f3f0f2862b1a8f7b61a8d2ce49e3402ab83e47df0ba0330", "references": ["2008:218", "http://lists.mandriva.com/security-announce/2008-10/msg00046.php"], "edition": 2, "cvelist": ["CVE-2008-4690"], "lastseen": "2017-07-24T12:56:18", "viewCount": 1, "enchantments": {"score": {"value": 7.0, "vector": "NONE", "modified": "2017-07-24T12:56:18"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2008-4690"]}, {"type": "nessus", "idList": ["SUSE_11_0_LYNX-081030.NASL", "FEDORA_2008-9597.NASL", "FEDORA_2008-9952.NASL", "FEDORA_2008-9550.NASL", "MANDRIVA_MDVSA-2008-218.NASL", "SUSE_LYNX-5720.NASL", "REDHAT-RHSA-2008-0965.NASL", "GENTOO_GLSA-200909-15.NASL", "SL_20081027_LYNX_ON_SL3_X.NASL", "ORACLELINUX_ELSA-2008-0965.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:860692", "OPENVAS:1361412562310830558", "OPENVAS:860644", "OPENVAS:860349", "OPENVAS:136141256231064884", "OPENVAS:870126", "OPENVAS:880143", "OPENVAS:1361412562310880125", "OPENVAS:1361412562310880230", "OPENVAS:1361412562310870126"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:9390", "SECURITYVULNS:DOC:20775"]}, {"type": "redhat", "idList": ["RHSA-2008:0965"]}, {"type": "oraclelinux", "idList": ["ELSA-2008-0965"]}, {"type": "gentoo", "idList": ["GLSA-200909-15"]}, {"type": "centos", "idList": ["CESA-2008:0965-01", "CESA-2008:0965"]}], "modified": "2017-07-24T12:56:18"}, "vulnersScore": 7.0}, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cvelist", "hash": "cca4703d4bdf0b61d1d6723840cd1cd7"}, {"key": "cvss", "hash": "2bdabeb49c44761f9565717ab0e38165"}, {"key": "description", "hash": "6c88cb34fb301b03eac2afb25a91bc40"}, {"key": "href", "hash": "112edee22874bdb3b5cb7e848129cd30"}, {"key": "modified", "hash": "774d0176dfa389c0c71e9e200f95a6ba"}, {"key": "naslFamily", "hash": "559385d24c9285e685f63d04129394ee"}, {"key": "pluginID", "hash": "5c0fcd5da04c6519f59e6db20a80f97b"}, {"key": "published", "hash": "441cd946ad6d6710f6ff5e5e3f896a71"}, {"key": "references", "hash": "a4d03e0eef552cf094fc04c2df58f2c1"}, {"key": "reporter", "hash": "b7e844243a0b30893b9118e3563e6521"}, {"key": "sourceData", "hash": "50ef6d02dc17445ad13a2163bfa374bf"}, {"key": "title", "hash": "67b49ff67b959f76bf23670692aec7d5"}, {"key": "type", "hash": "47c1f692ea47a21f716dad07043ade01"}], "objectVersion": "1.3", "modified": "2017-07-06T00:00:00"}
{"cve": [{"lastseen": "2019-05-29T18:09:28", "bulletinFamily": "NVD", "description": "lynx 2.8.6dev.15 and earlier, when advanced mode is enabled and lynx is configured as a URL handler, allows remote attackers to execute arbitrary commands via a crafted lynxcgi: URL, a related issue to CVE-2005-2929. NOTE: this might only be a vulnerability in limited deployments that have defined a lynxcgi: handler.", "modified": "2017-09-29T01:32:00", "id": "CVE-2008-4690", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4690", "published": "2008-10-22T18:00:00", "title": "CVE-2008-4690", "type": "cve", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:28", "bulletinFamily": "software", "description": "\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2008:218\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : lynx\r\n Date : October 28, 2008\r\n Affected: 2008.0, 2008.1, 2009.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n A vulnerability was found in the Lynxcgi: URI handler that could allow\r\n an attacker to create a web page redirecting to a malicious URL that\r\n would execute arbitrary code as the user running Lynx, if they were\r\n using the non-default Advanced user mode (CVE-2008-4690).\r\n \r\n This update corrects these issues and, in addition, makes Lynx always\r\n prompt the user before loading a lynxcgi: URI. As well, the default\r\n lynx.cfg configuration file marks all lynxcgi: URIs as untrusted.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4690\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Linux 2008.0:\r\n 2a6a4130c12d3d45d926b49713420272 2008.0/i586/lynx-2.8.6-2.1mdv2008.0.i586.rpm \r\n aa0ff44a80fa5b485b54f52d12b485f2 2008.0/SRPMS/lynx-2.8.6-2.1mdv2008.0.src.rpm\r\n\r\n Mandriva Linux 2008.0/X86_64:\r\n dcabb93ba8e48a0a96a632d2c8b11cb4 2008.0/x86_64/lynx-2.8.6-2.1mdv2008.0.x86_64.rpm \r\n aa0ff44a80fa5b485b54f52d12b485f2 2008.0/SRPMS/lynx-2.8.6-2.1mdv2008.0.src.rpm\r\n\r\n Mandriva Linux 2008.1:\r\n 1e04683750a061eecbe58c1b4fe7b173 2008.1/i586/lynx-2.8.6-2.1mdv2008.1.i586.rpm \r\n 68ddd2a1b9f991c11793a51dfbe9d9cb 2008.1/SRPMS/lynx-2.8.6-2.1mdv2008.1.src.rpm\r\n\r\n Mandriva Linux 2008.1/X86_64:\r\n 3ae02ae07a01e65aa16e3317e2d7afb0 2008.1/x86_64/lynx-2.8.6-2.1mdv2008.1.x86_64.rpm \r\n 68ddd2a1b9f991c11793a51dfbe9d9cb 2008.1/SRPMS/lynx-2.8.6-2.1mdv2008.1.src.rpm\r\n\r\n Mandriva Linux 2009.0:\r\n 65c1c0a4cf6a8758bc8506b9a7b1d3c4 2009.0/i586/lynx-2.8.6-2.1mdv2009.0.i586.rpm \r\n 0026bfc6799a2242afd794932ce0b5a8 2009.0/SRPMS/lynx-2.8.6-2.1mdv2009.0.src.rpm\r\n\r\n Mandriva Linux 2009.0/X86_64:\r\n 0ad22b9ff40e6c7b8fc8ce25c4ef51cc 2009.0/x86_64/lynx-2.8.6-2.1mdv2009.0.x86_64.rpm \r\n 0026bfc6799a2242afd794932ce0b5a8 2009.0/SRPMS/lynx-2.8.6-2.1mdv2009.0.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 (GNU/Linux)\r\n\r\niD8DBQFJB1LHmqjQ0CJFipgRAqQNAJwJ7ePHFR/FopDId6tWFKhc0kLHPQCeKF/e\r\nr+RQJ0K1ymIZKh/t9S9NxI4=\r\n=gays\r\n-----END PGP SIGNATURE-----", "modified": "2008-10-29T00:00:00", "published": "2008-10-29T00:00:00", "id": "SECURITYVULNS:DOC:20775", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:20775", "title": "[ MDVSA-2008:218 ] lynx", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:31", "bulletinFamily": "software", "description": "It's possible to execute code in Advanced Mode by redirecting to lynxcgi: URI.", "modified": "2008-10-29T00:00:00", "published": "2008-10-29T00:00:00", "id": "SECURITYVULNS:VULN:9390", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:9390", "title": "lynx code execution", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2017-07-25T10:56:26", "bulletinFamily": "scanner", "description": "Check for the Version of lynx", "modified": "2017-07-10T00:00:00", "published": "2009-02-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=860644", "id": "OPENVAS:860644", "title": "Fedora Update for lynx FEDORA-2008-9952", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for lynx FEDORA-2008-9952\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"lynx on Fedora 10\";\ntag_insight = \"Lynx is a text-based Web browser. Lynx does not display any images,\n but it does support frames, tables, and most other HTML tags. One\n advantage Lynx has over graphical browsers is speed; Lynx starts and\n exits quickly and swiftly displays webpages.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00065.html\");\n script_id(860644);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-17 17:07:33 +0100 (Tue, 17 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-9952\");\n script_cve_id(\"CVE-2008-4690\");\n script_name( \"Fedora Update for lynx FEDORA-2008-9952\");\n\n script_summary(\"Check for the Version of lynx\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC10\")\n{\n\n if ((res = isrpmvuln(pkg:\"lynx\", rpm:\"lynx~2.8.6~18.fc10\", rls:\"FC10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:10", "bulletinFamily": "scanner", "description": "Check for the Version of lynx", "modified": "2017-07-10T00:00:00", "published": "2009-02-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=860349", "id": "OPENVAS:860349", "title": "Fedora Update for lynx FEDORA-2008-9550", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for lynx FEDORA-2008-9550\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"lynx on Fedora 9\";\ntag_insight = \"Lynx is a text-based Web browser. Lynx does not display any images,\n but it does support frames, tables, and most other HTML tags. One\n advantage Lynx has over graphical browsers is speed; Lynx starts and\n exits quickly and swiftly displays webpages.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00066.html\");\n script_id(860349);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-17 17:07:33 +0100 (Tue, 17 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-9550\");\n script_cve_id(\"CVE-2008-4690\");\n script_name( \"Fedora Update for lynx FEDORA-2008-9550\");\n\n script_summary(\"Check for the Version of lynx\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC9\")\n{\n\n if ((res = isrpmvuln(pkg:\"lynx\", rpm:\"lynx~2.8.6~17.fc9\", rls:\"FC9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:01", "bulletinFamily": "scanner", "description": "Check for the Version of lynx", "modified": "2017-07-10T00:00:00", "published": "2009-02-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=860692", "id": "OPENVAS:860692", "title": "Fedora Update for lynx FEDORA-2008-9597", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for lynx FEDORA-2008-9597\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"lynx on Fedora 8\";\ntag_insight = \"Lynx is a text-based Web browser. Lynx does not display any images,\n but it does support frames, tables, and most other HTML tags. One\n advantage Lynx has over graphical browsers is speed; Lynx starts and\n exits quickly and swiftly displays webpages.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00143.html\");\n script_id(860692);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-17 17:07:33 +0100 (Tue, 17 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-9597\");\n script_cve_id(\"CVE-2008-4690\");\n script_name( \"Fedora Update for lynx FEDORA-2008-9597\");\n\n script_summary(\"Check for the Version of lynx\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"lynx\", rpm:\"lynx~2.8.6~12.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:39:15", "bulletinFamily": "scanner", "description": "Check for the Version of lynx", "modified": "2018-04-06T00:00:00", "published": "2009-04-09T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830558", "id": "OPENVAS:1361412562310830558", "type": "openvas", "title": "Mandriva Update for lynx MDVSA-2008:218 (lynx)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for lynx MDVSA-2008:218 (lynx)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability was found in the Lynxcgi: URI handler that could allow\n an attacker to create a web page redirecting to a malicious URL that\n would execute arbitrary code as the user running Lynx, if they were\n using the non-default Advanced user mode (CVE-2008-4690).\n\n This update corrects these issues and, in addition, makes Lynx always\n prompt the user before loading a lynxcgi: URI. As well, the default\n lynx.cfg configuration file marks all lynxcgi: URIs as untrusted.\";\n\ntag_affected = \"lynx on Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64,\n Mandriva Linux 2008.1,\n Mandriva Linux 2008.1/X86_64,\n Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-10/msg00046.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830558\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:26:37 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2008:218\");\n script_cve_id(\"CVE-2008-4690\");\n script_name( \"Mandriva Update for lynx MDVSA-2008:218 (lynx)\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of lynx\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"lynx\", rpm:\"lynx~2.8.6~2.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"lynx\", rpm:\"lynx~2.8.6~2.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"lynx\", rpm:\"lynx~2.8.6~2.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:12", "bulletinFamily": "scanner", "description": "Check for the Version of lynx", "modified": "2017-07-10T00:00:00", "published": "2009-02-27T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=880230", "id": "OPENVAS:880230", "title": "CentOS Update for lynx CESA-2008:0965 centos3 x86_64", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for lynx CESA-2008:0965 centos3 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Lynx is a text-based Web browser.\n\n An arbitrary command execution flaw was found in the Lynx "lynxcgi:" URI\n handler. An attacker could create a web page redirecting to a malicious URL\n that could execute arbitrary code as the user running Lynx in the\n non-default "Advanced" user mode. (CVE-2008-4690)\n \n Note: In these updated lynx packages, Lynx will always prompt users before\n loading a "lynxcgi:" URI. Additionally, the default lynx.cfg configuration\n file now marks all "lynxcgi:" URIs as untrusted by default.\n \n A flaw was found in a way Lynx handled ".mailcap" and ".mime.types"\n configuration files. Files in the browser's current working directory were\n opened before those in the user's home directory. A local attacker, able to\n convince a user to run Lynx in a directory under their control, could\n possibly execute arbitrary commands as the user running Lynx. (CVE-2006-7234)\n \n All users of Lynx are advised to upgrade to this updated package, which\n contains backported patches correcting these issues.\";\n\ntag_affected = \"lynx on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-October/015353.html\");\n script_id(880230);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 09:02:20 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0965\");\n script_cve_id(\"CVE-2008-4690\", \"CVE-2006-7234\");\n script_name( \"CentOS Update for lynx CESA-2008:0965 centos3 x86_64\");\n\n script_summary(\"Check for the Version of lynx\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"lynx\", rpm:\"lynx~2.8.5~11.3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:41:57", "bulletinFamily": "scanner", "description": "Check for the Version of lynx", "modified": "2018-04-06T00:00:00", "published": "2009-02-27T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880143", "id": "OPENVAS:1361412562310880143", "title": "CentOS Update for lynx CESA-2008:0965-01 centos2 i386", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for lynx CESA-2008:0965-01 centos2 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Lynx is a text-based Web browser.\n\n An arbitrary command execution flaw was found in the Lynx "lynxcgi:" URI\n handler. An attacker could create a web page redirecting to a malicious URL\n that could execute arbitrary code as the user running Lynx in the\n non-default "Advanced" user mode. (CVE-2008-4690)\n \n Note: In these updated lynx packages, Lynx will always prompt users before\n loading a "lynxcgi:" URI. Additionally, the default lynx.cfg configuration\n file now marks all "lynxcgi:" URIs as untrusted by default.\n \n A flaw was found in a way Lynx handled ".mailcap" and ".mime.types"\n configuration files. Files in the browser's current working directory were\n opened before those in the user's home directory. A local attacker, able to\n convince a user to run Lynx in a directory under their control, could\n possibly execute arbitrary commands as the user running Lynx. (CVE-2006-7234)\n \n All users of Lynx are advised to upgrade to this updated package, which\n contains backported patches correcting these issues.\";\n\ntag_affected = \"lynx on CentOS 2\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-October/015360.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880143\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 09:02:20 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0965-01\");\n script_cve_id(\"CVE-2008-4690\", \"CVE-2006-7234\");\n script_name( \"CentOS Update for lynx CESA-2008:0965-01 centos2 i386\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of lynx\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS2\")\n{\n\n if ((res = isrpmvuln(pkg:\"lynx-0\", rpm:\"lynx-0~2.8.4~18.1.2\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:56:22", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory GLSA 200909-15.", "modified": "2017-07-07T00:00:00", "published": "2009-09-15T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=64884", "id": "OPENVAS:64884", "title": "Gentoo Security Advisory GLSA 200909-15 (lynx)", "type": "openvas", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"An incomplete fix for an issue related to the Lynx URL handler might allow\n for the remote execution of arbitrary commands.\";\ntag_solution = \"All Lynx users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose =www-client/lynx-2.8.6-r4\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200909-15\nhttp://bugs.gentoo.org/show_bug.cgi?id=243058\nhttp://www.gentoo.org/security/en/glsa/glsa-200511-09.xml\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200909-15.\";\n\n \n \n\nif(description)\n{\n script_id(64884);\n script_version(\"$Revision: 6595 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:19:55 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-15 22:46:32 +0200 (Tue, 15 Sep 2009)\");\n script_cve_id(\"CVE-2005-2929\", \"CVE-2008-4690\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200909-15 (lynx)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"www-client/lynx\", unaffected: make_list(\"ge 2.8.6-r4\"), vulnerable: make_list(\"lt 2.8.6-r4\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:18", "bulletinFamily": "scanner", "description": "Check for the Version of lynx", "modified": "2017-07-10T00:00:00", "published": "2009-02-27T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=880125", "id": "OPENVAS:880125", "title": "CentOS Update for lynx CESA-2008:0965 centos4 x86_64", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for lynx CESA-2008:0965 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Lynx is a text-based Web browser.\n\n An arbitrary command execution flaw was found in the Lynx "lynxcgi:" URI\n handler. An attacker could create a web page redirecting to a malicious URL\n that could execute arbitrary code as the user running Lynx in the\n non-default "Advanced" user mode. (CVE-2008-4690)\n \n Note: In these updated lynx packages, Lynx will always prompt users before\n loading a "lynxcgi:" URI. Additionally, the default lynx.cfg configuration\n file now marks all "lynxcgi:" URIs as untrusted by default.\n \n A flaw was found in a way Lynx handled ".mailcap" and ".mime.types"\n configuration files. Files in the browser's current working directory were\n opened before those in the user's home directory. A local attacker, able to\n convince a user to run Lynx in a directory under their control, could\n possibly execute arbitrary commands as the user running Lynx. (CVE-2006-7234)\n \n All users of Lynx are advised to upgrade to this updated package, which\n contains backported patches correcting these issues.\";\n\ntag_affected = \"lynx on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-October/015358.html\");\n script_id(880125);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 09:02:20 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0965\");\n script_cve_id(\"CVE-2008-4690\", \"CVE-2006-7234\");\n script_name( \"CentOS Update for lynx CESA-2008:0965 centos4 x86_64\");\n\n script_summary(\"Check for the Version of lynx\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"lynx\", rpm:\"lynx~2.8.5~18.2.el4_7.1\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:38:28", "bulletinFamily": "scanner", "description": "Check for the Version of lynx", "modified": "2018-04-06T00:00:00", "published": "2009-02-27T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880274", "id": "OPENVAS:1361412562310880274", "type": "openvas", "title": "CentOS Update for lynx CESA-2008:0965 centos3 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for lynx CESA-2008:0965 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Lynx is a text-based Web browser.\n\n An arbitrary command execution flaw was found in the Lynx "lynxcgi:" URI\n handler. An attacker could create a web page redirecting to a malicious URL\n that could execute arbitrary code as the user running Lynx in the\n non-default "Advanced" user mode. (CVE-2008-4690)\n \n Note: In these updated lynx packages, Lynx will always prompt users before\n loading a "lynxcgi:" URI. Additionally, the default lynx.cfg configuration\n file now marks all "lynxcgi:" URIs as untrusted by default.\n \n A flaw was found in a way Lynx handled ".mailcap" and ".mime.types"\n configuration files. Files in the browser's current working directory were\n opened before those in the user's home directory. A local attacker, able to\n convince a user to run Lynx in a directory under their control, could\n possibly execute arbitrary commands as the user running Lynx. (CVE-2006-7234)\n \n All users of Lynx are advised to upgrade to this updated package, which\n contains backported patches correcting these issues.\";\n\ntag_affected = \"lynx on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-October/015352.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880274\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 09:02:20 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0965\");\n script_cve_id(\"CVE-2008-4690\", \"CVE-2006-7234\");\n script_name( \"CentOS Update for lynx CESA-2008:0965 centos3 i386\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of lynx\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"lynx\", rpm:\"lynx~2.8.5~11.3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:53", "bulletinFamily": "scanner", "description": "Oracle Linux Local Security Checks ELSA-2008-0965", "modified": "2018-09-28T00:00:00", "published": "2015-10-08T00:00:00", "id": "OPENVAS:1361412562310122547", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122547", "title": "Oracle Linux Local Check: ELSA-2008-0965", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2008-0965.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122547\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-08 14:47:45 +0300 (Thu, 08 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2008-0965\");\n script_tag(name:\"insight\", value:\"ELSA-2008-0965 - lynx security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2008-0965\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2008-0965.html\");\n script_cve_id(\"CVE-2006-7234\", \"CVE-2008-4690\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"lynx\", rpm:\"lynx~2.8.5~28.1.el5_2.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2019-11-03T12:30:06", "bulletinFamily": "scanner", "description": "This update of lynx fixes a security bug that can be exploited by\nremote attackers to execute arbitrary commands when advanced mode is\nenabled and lynx is used as URL handler (CVE-2008-4690)", "modified": "2019-11-02T00:00:00", "id": "SUSE_LYNX-5720.NASL", "href": "https://www.tenable.com/plugins/nessus/34984", "published": "2008-12-01T00:00:00", "title": "openSUSE 10 Security Update : lynx (lynx-5720)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update lynx-5720.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(34984);\n script_version (\"1.7\");\n script_cvs_date(\"Date: 2019/10/25 13:36:32\");\n\n script_cve_id(\"CVE-2008-4690\");\n\n script_name(english:\"openSUSE 10 Security Update : lynx (lynx-5720)\");\n script_summary(english:\"Check for the lynx-5720 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of lynx fixes a security bug that can be exploited by\nremote attackers to execute arbitrary commands when advanced mode is\nenabled and lynx is used as URL handler (CVE-2008-4690)\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected lynx package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:lynx\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/10/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/12/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2019 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.2|SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.2 / 10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.2\", reference:\"lynx-2.8.6_rel2-19\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"lynx-2.8.6-48.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lynx\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-01T02:55:03", "bulletinFamily": "scanner", "description": "A vulnerability was found in the Lynxcgi: URI handler that could allow\nan attacker to create a web page redirecting to a malicious URL that\nwould execute arbitrary code as the user running Lynx, if they were\nusing the non-default Advanced user mode (CVE-2008-4690).\n\nThis update corrects these issues and, in addition, makes Lynx always\nprompt the user before loading a lynxcgi: URI. As well, the default\nlynx.cfg configuration file marks all lynxcgi: URIs as untrusted.", "modified": "2019-11-02T00:00:00", "id": "MANDRIVA_MDVSA-2008-218.NASL", "href": "https://www.tenable.com/plugins/nessus/38035", "published": "2009-04-23T00:00:00", "title": "Mandriva Linux Security Advisory : lynx (MDVSA-2008:218)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2008:218. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(38035);\n script_version (\"1.11\");\n script_cvs_date(\"Date: 2019/08/02 13:32:50\");\n\n script_cve_id(\"CVE-2008-4690\");\n script_xref(name:\"MDVSA\", value:\"2008:218\");\n\n script_name(english:\"Mandriva Linux Security Advisory : lynx (MDVSA-2008:218)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Mandriva Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability was found in the Lynxcgi: URI handler that could allow\nan attacker to create a web page redirecting to a malicious URL that\nwould execute arbitrary code as the user running Lynx, if they were\nusing the non-default Advanced user mode (CVE-2008-4690).\n\nThis update corrects these issues and, in addition, makes Lynx always\nprompt the user before loading a lynxcgi: URI. As well, the default\nlynx.cfg configuration file marks all lynxcgi: URIs as untrusted.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected lynx package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lynx\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.0\", reference:\"lynx-2.8.6-2.1mdv2008.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2008.1\", reference:\"lynx-2.8.6-2.1mdv2008.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.0\", reference:\"lynx-2.8.6-2.1mdv2009.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-01T02:26:39", "bulletinFamily": "scanner", "description": " - Mon Nov 10 2008 Jiri Moskovcak <jmoskovc at redhat.com>\n 2.8.6-17\n\n - Fixed CVE-2008-4690 lynx: remote arbitrary command\n execution. via a crafted lynxcgi: URL (thoger)\n\n - Fri May 30 2008 Jiri Moskovcak <jmoskovc at redhat.com>\n 2.8.6-16\n\n - updated to latest stable upstream version 2.8.6rel5\n\n - Fri May 23 2008 Dennis Gilmore <dennis at ausil.us> -\n 2.8.6-15.1\n\n - minor rebuild on sparc\n\n - Sat May 17 2008 Dennis Gilmore <dennis at ausil.us> -\n 2.8.6-15\n\n - even with the patches it still built wrong in koji.\n\n - limit -j to 24 for sparc\n\n - Thu May 8 2008 Dennis Gilmore <dennis at ausil.us> -\n 2.8.6-14\n\n - patch from ajax to fix parallel builds\n\n - additional patch from me for parallel builds\n\n - set default home page to start.fedoraproject.org\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2019-11-02T00:00:00", "id": "FEDORA_2008-9550.NASL", "href": "https://www.tenable.com/plugins/nessus/35016", "published": "2008-12-03T00:00:00", "title": "Fedora 9 : lynx-2.8.6-17.fc9 (2008-9550)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-9550.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(35016);\n script_version (\"1.14\");\n script_cvs_date(\"Date: 2019/08/02 13:32:28\");\n\n script_cve_id(\"CVE-2008-4690\");\n script_bugtraq_id(15395);\n script_xref(name:\"FEDORA\", value:\"2008-9550\");\n\n script_name(english:\"Fedora 9 : lynx-2.8.6-17.fc9 (2008-9550)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Mon Nov 10 2008 Jiri Moskovcak <jmoskovc at redhat.com>\n 2.8.6-17\n\n - Fixed CVE-2008-4690 lynx: remote arbitrary command\n execution. via a crafted lynxcgi: URL (thoger)\n\n - Fri May 30 2008 Jiri Moskovcak <jmoskovc at redhat.com>\n 2.8.6-16\n\n - updated to latest stable upstream version 2.8.6rel5\n\n - Fri May 23 2008 Dennis Gilmore <dennis at ausil.us> -\n 2.8.6-15.1\n\n - minor rebuild on sparc\n\n - Sat May 17 2008 Dennis Gilmore <dennis at ausil.us> -\n 2.8.6-15\n\n - even with the patches it still built wrong in koji.\n\n - limit -j to 24 for sparc\n\n - Thu May 8 2008 Dennis Gilmore <dennis at ausil.us> -\n 2.8.6-14\n\n - patch from ajax to fix parallel builds\n\n - additional patch from me for parallel builds\n\n - set default home page to start.fedoraproject.org\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=468184\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-December/016976.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?baf14d3e\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected lynx package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:lynx\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:9\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/12/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 9.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC9\", reference:\"lynx-2.8.6-17.fc9\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lynx\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-01T02:26:39", "bulletinFamily": "scanner", "description": " - Mon Nov 10 2008 Jiri Moskovcak <jmoskovc at redhat.com>\n - 2.8.6-12\n\n - Fixed CVE-2008-4690 lynx: remote arbitrary command\n execution. via a crafted lynxcgi: URL (thoger)\n\n - Fri May 30 2008 Jiri Moskovcak <jmoskovc at redhat.com>\n - 2.8.6-11\n\n - updated to latest upstream version 2.8.6rel5\n\n - Resolves: #214205\n\n - Wed Jan 9 2008 Jiri Moskovcak <jmoskovc at redhat.com>\n - 2.8.6-10\n\n - added telnet, rsh, zip and unzip to BuildRequires\n\n - Resolves: #430508\n\n - Wed Jan 9 2008 Jiri Moskovcak <jmoskovc at redhat.com>\n - 2.8.6-9\n\n - fixed crash when using formatting character ", "modified": "2019-11-02T00:00:00", "id": "FEDORA_2008-9597.NASL", "href": "https://www.tenable.com/plugins/nessus/35017", "published": "2008-12-03T00:00:00", "title": "Fedora 8 : lynx-2.8.6-12.fc8 (2008-9597)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-9597.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(35017);\n script_version (\"1.12\");\n script_cvs_date(\"Date: 2019/08/02 13:32:28\");\n\n script_cve_id(\"CVE-2008-4690\");\n script_xref(name:\"FEDORA\", value:\"2008-9597\");\n\n script_name(english:\"Fedora 8 : lynx-2.8.6-12.fc8 (2008-9597)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Mon Nov 10 2008 Jiri Moskovcak <jmoskovc at redhat.com>\n - 2.8.6-12\n\n - Fixed CVE-2008-4690 lynx: remote arbitrary command\n execution. via a crafted lynxcgi: URL (thoger)\n\n - Fri May 30 2008 Jiri Moskovcak <jmoskovc at redhat.com>\n - 2.8.6-11\n\n - updated to latest upstream version 2.8.6rel5\n\n - Resolves: #214205\n\n - Wed Jan 9 2008 Jiri Moskovcak <jmoskovc at redhat.com>\n - 2.8.6-10\n\n - added telnet, rsh, zip and unzip to BuildRequires\n\n - Resolves: #430508\n\n - Wed Jan 9 2008 Jiri Moskovcak <jmoskovc at redhat.com>\n - 2.8.6-9\n\n - fixed crash when using formatting character '$' in\n translation\n\n - Resolves: #426449\n\n - Tue Dec 11 2007 Ivana Varekova <varekova at\n redhat.com> - 2.8.6-8\n\n - add default-colors option, change default setting\n (#409211)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=468184\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-December/017053.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?de3b6107\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected lynx package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:lynx\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:8\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/12/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 8.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC8\", reference:\"lynx-2.8.6-12.fc8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lynx\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-01T02:26:39", "bulletinFamily": "scanner", "description": " - Fri Nov 7 2008 Jiri Moskovcak <jmoskovc at redhat.com> -\n 2.8.6-18\n\n - Fixed CVE-2008-4690 lynx: remote arbitrary command\n execution. via a crafted lynxcgi: URL (thoger)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2019-11-02T00:00:00", "id": "FEDORA_2008-9952.NASL", "href": "https://www.tenable.com/plugins/nessus/37326", "published": "2009-04-23T00:00:00", "title": "Fedora 10 : lynx-2.8.6-18.fc10 (2008-9952)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-9952.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(37326);\n script_version (\"1.11\");\n script_cvs_date(\"Date: 2019/08/02 13:32:28\");\n\n script_cve_id(\"CVE-2008-4690\");\n script_xref(name:\"FEDORA\", value:\"2008-9952\");\n\n script_name(english:\"Fedora 10 : lynx-2.8.6-18.fc10 (2008-9952)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Fri Nov 7 2008 Jiri Moskovcak <jmoskovc at redhat.com> -\n 2.8.6-18\n\n - Fixed CVE-2008-4690 lynx: remote arbitrary command\n execution. via a crafted lynxcgi: URL (thoger)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=468184\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-December/016975.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?335b18a4\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected lynx package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:lynx\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"lynx-2.8.6-18.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lynx\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-03T12:17:23", "bulletinFamily": "scanner", "description": "This update of lynx fixes a security bug that can be exploited by\nremote attackers to execute arbitrary commands when advanced mode is\nenabled and lynx is used as URL handler (CVE-2008-4690)", "modified": "2019-11-02T00:00:00", "id": "SUSE_11_0_LYNX-081030.NASL", "href": "https://www.tenable.com/plugins/nessus/40062", "published": "2009-07-21T00:00:00", "title": "openSUSE Security Update : lynx (lynx-275)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update lynx-275.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(40062);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/10/25 13:36:31\");\n\n script_cve_id(\"CVE-2008-4690\");\n\n script_name(english:\"openSUSE Security Update : lynx (lynx-275)\");\n script_summary(english:\"Check for the lynx-275 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of lynx fixes a security bug that can be exploited by\nremote attackers to execute arbitrary commands when advanced mode is\nenabled and lynx is used as URL handler (CVE-2008-4690)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=439149\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=439427\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected lynx package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:lynx\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/10/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"lynx-2.8.6-109.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lynx\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-01T03:14:12", "bulletinFamily": "scanner", "description": "From Red Hat Security Advisory 2008:0965 :\n\nAn updated lynx package that corrects two security issues is now\navailable for Red Hat Enterprise Linux 2.1, 3, 4, and 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nLynx is a text-based Web browser.\n\nAn arbitrary command execution flaw was found in the Lynx ", "modified": "2019-11-02T00:00:00", "id": "ORACLELINUX_ELSA-2008-0965.NASL", "href": "https://www.tenable.com/plugins/nessus/67759", "published": "2013-07-12T00:00:00", "title": "Oracle Linux 3 / 4 / 5 : lynx (ELSA-2008-0965)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2008:0965 and \n# Oracle Linux Security Advisory ELSA-2008-0965 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(67759);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/10/25 13:36:07\");\n\n script_cve_id(\"CVE-2006-7234\", \"CVE-2008-4690\");\n script_bugtraq_id(15395);\n script_xref(name:\"RHSA\", value:\"2008:0965\");\n\n script_name(english:\"Oracle Linux 3 / 4 / 5 : lynx (ELSA-2008-0965)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2008:0965 :\n\nAn updated lynx package that corrects two security issues is now\navailable for Red Hat Enterprise Linux 2.1, 3, 4, and 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nLynx is a text-based Web browser.\n\nAn arbitrary command execution flaw was found in the Lynx 'lynxcgi:'\nURI handler. An attacker could create a web page redirecting to a\nmalicious URL that could execute arbitrary code as the user running\nLynx in the non-default 'Advanced' user mode. (CVE-2008-4690)\n\nNote: In these updated lynx packages, Lynx will always prompt users\nbefore loading a 'lynxcgi:' URI. Additionally, the default lynx.cfg\nconfiguration file now marks all 'lynxcgi:' URIs as untrusted by\ndefault.\n\nA flaw was found in a way Lynx handled '.mailcap' and '.mime.types'\nconfiguration files. Files in the browser's current working directory\nwere opened before those in the user's home directory. A local\nattacker, able to convince a user to run Lynx in a directory under\ntheir control, could possibly execute arbitrary commands as the user\nrunning Lynx. (CVE-2006-7234)\n\nAll users of Lynx are advised to upgrade to this updated package,\nwhich contains backported patches correcting these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-October/000774.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-October/000775.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-October/000776.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected lynx package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:lynx\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/10/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 3 / 4 / 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"lynx-2.8.5-11.3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"lynx-2.8.5-11.3\")) flag++;\n\nif (rpm_check(release:\"EL4\", reference:\"lynx-2.8.5-18.2.el4_7.1\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"lynx-2.8.5-28.1.el5_2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lynx\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-01T02:15:08", "bulletinFamily": "scanner", "description": "An updated lynx package that corrects two security issues is now\navailable for Red Hat Enterprise Linux 2.1, 3, 4, and 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nLynx is a text-based Web browser.\n\nAn arbitrary command execution flaw was found in the Lynx ", "modified": "2019-11-02T00:00:00", "id": "CENTOS_RHSA-2008-0965.NASL", "href": "https://www.tenable.com/plugins/nessus/34503", "published": "2008-10-28T00:00:00", "title": "CentOS 3 / 4 / 5 : lynx (CESA-2008:0965)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0965 and \n# CentOS Errata and Security Advisory 2008:0965 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(34503);\n script_version(\"1.17\");\n script_cvs_date(\"Date: 2019/10/25 13:36:04\");\n\n script_cve_id(\"CVE-2006-7234\", \"CVE-2008-4690\");\n script_bugtraq_id(15395);\n script_xref(name:\"RHSA\", value:\"2008:0965\");\n\n script_name(english:\"CentOS 3 / 4 / 5 : lynx (CESA-2008:0965)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated lynx package that corrects two security issues is now\navailable for Red Hat Enterprise Linux 2.1, 3, 4, and 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nLynx is a text-based Web browser.\n\nAn arbitrary command execution flaw was found in the Lynx 'lynxcgi:'\nURI handler. An attacker could create a web page redirecting to a\nmalicious URL that could execute arbitrary code as the user running\nLynx in the non-default 'Advanced' user mode. (CVE-2008-4690)\n\nNote: In these updated lynx packages, Lynx will always prompt users\nbefore loading a 'lynxcgi:' URI. Additionally, the default lynx.cfg\nconfiguration file now marks all 'lynxcgi:' URIs as untrusted by\ndefault.\n\nA flaw was found in a way Lynx handled '.mailcap' and '.mime.types'\nconfiguration files. Files in the browser's current working directory\nwere opened before those in the user's home directory. A local\nattacker, able to convince a user to run Lynx in a directory under\ntheir control, could possibly execute arbitrary commands as the user\nrunning Lynx. (CVE-2006-7234)\n\nAll users of Lynx are advised to upgrade to this updated package,\nwhich contains backported patches correcting these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-October/015350.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?02eef948\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-October/015351.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c1525496\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-October/015352.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a7b1b1d7\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-October/015353.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5fae6bf1\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-October/015358.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5220406d\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-October/015359.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0706c97f\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-October/015361.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1efb3594\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-October/015362.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?86c96ef1\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected lynx package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:lynx\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/10/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/10/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/10/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 3.x / 4.x / 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", reference:\"lynx-2.8.5-11.3\")) flag++;\n\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"lynx-2.8.5-18.2.el4_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"lynx-2.8.5-18.2.c4.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"lynx-2.8.5-18.2.el4_7.1\")) flag++;\n\nif (rpm_check(release:\"CentOS-5\", reference:\"lynx-2.8.5-28.1.el5_2.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lynx\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-01T02:40:20", "bulletinFamily": "scanner", "description": "The remote host is affected by the vulnerability described in GLSA-200909-15\n(Lynx: Arbitrary command execution)\n\n Clint Ruoho reported that the fix for CVE-2005-2929 (GLSA 200511-09)\n only disabled the lynxcgi:// handler when not using the advanced mode.\n \nImpact :\n\n A remote attacker can entice a user to access a malicious HTTP server,\n causing Lynx to execute arbitrary commands. NOTE: The advanced mode is\n not enabled by default. Successful exploitation requires the\n ", "modified": "2019-11-02T00:00:00", "id": "GENTOO_GLSA-200909-15.NASL", "href": "https://www.tenable.com/plugins/nessus/40962", "published": "2009-09-14T00:00:00", "title": "GLSA-200909-15 : Lynx: Arbitrary command execution", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200909-15.\n#\n# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(40962);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2019/08/02 13:32:45\");\n\n script_cve_id(\"CVE-2005-2929\", \"CVE-2008-4690\");\n script_bugtraq_id(15395);\n script_xref(name:\"GLSA\", value:\"200909-15\");\n\n script_name(english:\"GLSA-200909-15 : Lynx: Arbitrary command execution\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200909-15\n(Lynx: Arbitrary command execution)\n\n Clint Ruoho reported that the fix for CVE-2005-2929 (GLSA 200511-09)\n only disabled the lynxcgi:// handler when not using the advanced mode.\n \nImpact :\n\n A remote attacker can entice a user to access a malicious HTTP server,\n causing Lynx to execute arbitrary commands. NOTE: The advanced mode is\n not enabled by default. Successful exploitation requires the\n 'lynxcgi://' protocol to be registered with lynx on the victim's\n system.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200511-09\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200909-15\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Lynx users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-client/lynx-2.8.6-r4'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:lynx\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-client/lynx\", unaffected:make_list(\"ge 2.8.6-r4\"), vulnerable:make_list(\"lt 2.8.6-r4\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Lynx\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-03T12:12:47", "bulletinFamily": "scanner", "description": "An arbitrary command execution flaw was found in the Lynx ", "modified": "2019-11-02T00:00:00", "id": "SL_20081027_LYNX_ON_SL3_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60486", "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : lynx on SL3.x, SL4.x, SL5.x i386/x86_64", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(60486);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/10/25 13:36:17\");\n\n script_cve_id(\"CVE-2006-7234\", \"CVE-2008-4690\");\n\n script_name(english:\"Scientific Linux Security Update : lynx on SL3.x, SL4.x, SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Scientific Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An arbitrary command execution flaw was found in the Lynx 'lynxcgi:'\nURI handler. An attacker could create a web page redirecting to a\nmalicious URL that could execute arbitrary code as the user running\nLynx in the non-default 'Advanced' user mode. (CVE-2008-4690)\n\nNote: In these updated lynx packages, Lynx will always prompt users\nbefore loading a 'lynxcgi:' URI. Additionally, the default lynx.cfg\nconfiguration file now marks all 'lynxcgi:' URIs as untrusted by\ndefault.\n\nA flaw was found in a way Lynx handled '.mailcap' and '.mime.types'\nconfiguration files. Files in the browser's current working directory\nwere opened before those in the user's home directory. A local\nattacker, able to convince a user to run Lynx in a directory under\ntheir control, could possibly execute arbitrary commands as the user\nrunning Lynx. (CVE-2006-7234)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0810&L=scientific-linux-errata&T=0&P=2192\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f75789ca\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected lynx package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL3\", reference:\"lynx-2.8.5-11.3\")) flag++;\n\nif (rpm_check(release:\"SL4\", reference:\"lynx-2.8.5-18.2.el4_7.1\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"lynx-2.8.5-28.1.el5_2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2019-05-29T18:33:40", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2008:0965\n\n\nLynx is a text-based Web browser.\n\nAn arbitrary command execution flaw was found in the Lynx \"lynxcgi:\" URI\nhandler. An attacker could create a web page redirecting to a malicious URL\nthat could execute arbitrary code as the user running Lynx in the\nnon-default \"Advanced\" user mode. (CVE-2008-4690)\n\nNote: In these updated lynx packages, Lynx will always prompt users before\nloading a \"lynxcgi:\" URI. Additionally, the default lynx.cfg configuration\nfile now marks all \"lynxcgi:\" URIs as untrusted by default.\n\nA flaw was found in a way Lynx handled \".mailcap\" and \".mime.types\"\nconfiguration files. Files in the browser's current working directory were\nopened before those in the user's home directory. A local attacker, able to\nconvince a user to run Lynx in a directory under their control, could\npossibly execute arbitrary commands as the user running Lynx. (CVE-2006-7234)\n\nAll users of Lynx are advised to upgrade to this updated package, which\ncontains backported patches correcting these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2008-October/015350.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-October/015351.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-October/015352.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-October/015353.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-October/015358.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-October/015359.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-October/015361.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-October/015362.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-October/015363.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-October/015364.html\n\n**Affected packages:**\nlynx\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2008-0965.html", "modified": "2008-10-31T17:55:23", "published": "2008-10-27T20:12:24", "href": "http://lists.centos.org/pipermail/centos-announce/2008-October/015350.html", "id": "CESA-2008:0965", "title": "lynx security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:06", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2008:0965-01\n\n\nLynx is a text-based Web browser.\n\nAn arbitrary command execution flaw was found in the Lynx \"lynxcgi:\" URI\nhandler. An attacker could create a web page redirecting to a malicious URL\nthat could execute arbitrary code as the user running Lynx in the\nnon-default \"Advanced\" user mode. (CVE-2008-4690)\n\nNote: In these updated lynx packages, Lynx will always prompt users before\nloading a \"lynxcgi:\" URI. Additionally, the default lynx.cfg configuration\nfile now marks all \"lynxcgi:\" URIs as untrusted by default.\n\nA flaw was found in a way Lynx handled \".mailcap\" and \".mime.types\"\nconfiguration files. Files in the browser's current working directory were\nopened before those in the user's home directory. A local attacker, able to\nconvince a user to run Lynx in a directory under their control, could\npossibly execute arbitrary commands as the user running Lynx. (CVE-2006-7234)\n\nAll users of Lynx are advised to upgrade to this updated package, which\ncontains backported patches correcting these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2008-October/015360.html\n\n**Affected packages:**\n\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/rh21as-errata.html", "modified": "2008-10-28T22:46:30", "published": "2008-10-28T22:46:30", "href": "http://lists.centos.org/pipermail/centos-announce/2008-October/015360.html", "id": "CESA-2008:0965-01", "title": " security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:56", "bulletinFamily": "unix", "description": "### Background\n\nLynx is a fully-featured WWW client for users running cursor-addressable, character-cell display devices such as vt100 terminals and terminal emulators. \n\n### Description\n\nClint Ruoho reported that the fix for CVE-2005-2929 (GLSA 200511-09) only disabled the lynxcgi:// handler when not using the advanced mode. \n\n### Impact\n\nA remote attacker can entice a user to access a malicious HTTP server, causing Lynx to execute arbitrary commands. NOTE: The advanced mode is not enabled by default. Successful exploitation requires the \"lynxcgi://\" protocol to be registered with lynx on the victim's system. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Lynx users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/lynx-2.8.6-r4\"", "modified": "2009-09-12T00:00:00", "published": "2009-09-12T00:00:00", "id": "GLSA-200909-15", "href": "https://security.gentoo.org/glsa/200909-15", "type": "gentoo", "title": "Lynx: Arbitrary command execution", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:34:25", "bulletinFamily": "unix", "description": "[2.8.5-28.1.1]\n- add patch for CVE-2008-4690 (rhbz#468184)\n - prompt user before executing commands from the lynxcgi: handler,\n even in the advanced user mode\n - mark all lynxcgi: URIs as untrusted in the default lynx.cfg\n- add patch to prevent lynx from opening configuration files in the\n current working directory (CVE to be assigned) (rhbz#214205)", "modified": "2008-10-27T00:00:00", "published": "2008-10-27T00:00:00", "id": "ELSA-2008-0965", "href": "http://linux.oracle.com/errata/ELSA-2008-0965.html", "title": "lynx security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:44:39", "bulletinFamily": "unix", "description": "Lynx is a text-based Web browser.\n\nAn arbitrary command execution flaw was found in the Lynx \"lynxcgi:\" URI\nhandler. An attacker could create a web page redirecting to a malicious URL\nthat could execute arbitrary code as the user running Lynx in the\nnon-default \"Advanced\" user mode. (CVE-2008-4690)\n\nNote: In these updated lynx packages, Lynx will always prompt users before\nloading a \"lynxcgi:\" URI. Additionally, the default lynx.cfg configuration\nfile now marks all \"lynxcgi:\" URIs as untrusted by default.\n\nA flaw was found in a way Lynx handled \".mailcap\" and \".mime.types\"\nconfiguration files. Files in the browser's current working directory were\nopened before those in the user's home directory. A local attacker, able to\nconvince a user to run Lynx in a directory under their control, could\npossibly execute arbitrary commands as the user running Lynx. (CVE-2006-7234)\n\nAll users of Lynx are advised to upgrade to this updated package, which\ncontains backported patches correcting these issues.", "modified": "2019-03-22T23:42:46", "published": "2008-10-27T04:00:00", "id": "RHSA-2008:0965", "href": "https://access.redhat.com/errata/RHSA-2008:0965", "type": "redhat", "title": "(RHSA-2008:0965) Important: lynx security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}
