Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-874-1
HistoryOct 27, 2005 - 12:00 a.m.

lynx - buffer overflow

2005-10-2700:00:00
Google
osv.dev
3

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON

Ulf Härnhammar discovered a buffer overflow in lynx, a text-mode
browser for the WWW that can be remotely exploited. During the
handling of Asian characters when connecting to an NNTP server lynx
can be tricked to write past the boundary of a buffer which can lead
to the execution of arbitrary code.

For the old stable distribution (woody) this problem has been fixed in
version 2.8.4.1b-3.3.

For the stable distribution (sarge) this problem has been fixed in
version 2.8.5-2sarge1.

For the unstable distribution (sid) this problem will be fixed soon.

We recommend that you upgrade your lynx package.

CPENameOperatorVersion
lynxeq2.8.5-2

Related

osv 2
nessus 12
securityvulns 1
openvas 12
debian 5
gentoo 1
ubuntu 1
debiancve 1
slackware 1
ubuntucve 1
centos 2
freebsd 1
cve 1
redhat 1
osv
osv
lynx-ssl - buffer overflow
2005-10-27 00:00:00
lynx-cur - several vulnerabilities
2006-06-01 00:00:00
nessus
nessus
RHEL 4 : lynx (RHSA-2005:803)
2005-10-19 00:00:00
Debian DSA-874-1 : lynx - buffer overflow
2006-10-14 00:00:00
CentOS 3 / 4 : lynx (CESA-2005:803)
2006-07-03 00:00:00
securityvulns
securityvulns
[USN-206-1] Lynx vulnerability
2005-10-19 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-876-1)
2008-01-17 00:00:00
Slackware Advisory SSA:2005-310-03 lynx
2012-09-11 00:00:00
Slackware: Security Advisory (SSA:2005-310-03)
2012-09-10 00:00:00
debian
debian
[SECURITY] [DSA 876-1] New lynx-ssl packages fix arbitrary code execution
2005-10-27 12:43:16
[SECURITY] [DSA 874-1] New lynx packages fix arbitrary code execution
2005-10-27 00:00:00
[SECURITY] [DSA 874-1] New lynx packages fix arbitrary code execution
2005-10-27 07:58:24
gentoo
gentoo
Lynx: Buffer overflow in NNTP processing
2005-10-17 00:00:00
ubuntu
ubuntu
Lynx vulnerability
2005-10-17 00:00:00
debiancve
debiancve
CVE-2005-3120
2005-10-17 20:06:00
slackware
slackware
lynx
2005-11-06 13:03:17
ubuntucve
ubuntucve
CVE-2005-3120
2005-10-17 00:00:00
centos
centos
lynx security update
2005-10-18 04:24:55
lynx security update
2005-10-17 10:29:06
freebsd
freebsd
lynx -- remote buffer overflow
2005-10-17 00:00:00
cve
cve
CVE-2005-3120
2005-10-17 20:06:00
redhat
redhat
(RHSA-2005:803) lynx security update
2005-10-17 00:00:00

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON
Related for OSV:DSA-874-1
osv2nessus12securityvulns1openvas12debian5gentoo1ubuntu1debiancve1slackware1ubuntucve1centos2freebsd1cve1redhat1