5.1 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.008 Low
EPSS
Percentile
79.7%
ELinks is a text-based web browser. ELinks does not display any images, but
it does support frames, tables, and most other HTML tags.
It was found that ELinks performed client credentials delegation during the
client-to-server GSS security mechanisms negotiation. A rogue server could
use this flaw to obtain the client’s credentials and impersonate that
client to other servers that are using GSSAPI. (CVE-2012-4545)
This issue was discovered by Marko Myllynen of Red Hat.
All ELinks users are advised to upgrade to this updated package, which
contains a backported patch to resolve the issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 5 | s390x | elinks-debuginfo | <Â 0.11.1-8.el5_9 | elinks-debuginfo-0.11.1-8.el5_9.s390x.rpm |
RedHat | 5 | x86_64 | elinks | <Â 0.11.1-8.el5_9 | elinks-0.11.1-8.el5_9.x86_64.rpm |
RedHat | 5 | i386 | elinks | <Â 0.11.1-8.el5_9 | elinks-0.11.1-8.el5_9.i386.rpm |
RedHat | 5 | s390x | elinks | <Â 0.11.1-8.el5_9 | elinks-0.11.1-8.el5_9.s390x.rpm |
RedHat | 6 | x86_64 | elinks-debuginfo | <Â 0.12-0.21.pre5.el6_3 | elinks-debuginfo-0.12-0.21.pre5.el6_3.x86_64.rpm |
RedHat | 5 | ppc | elinks-debuginfo | <Â 0.11.1-8.el5_9 | elinks-debuginfo-0.11.1-8.el5_9.ppc.rpm |
RedHat | 6 | ppc64 | elinks | <Â 0.12-0.21.pre5.el6_3 | elinks-0.12-0.21.pre5.el6_3.ppc64.rpm |
RedHat | 5 | i386 | elinks-debuginfo | <Â 0.11.1-8.el5_9 | elinks-debuginfo-0.11.1-8.el5_9.i386.rpm |
RedHat | 6 | s390x | elinks-debuginfo | <Â 0.12-0.21.pre5.el6_3 | elinks-debuginfo-0.12-0.21.pre5.el6_3.s390x.rpm |
RedHat | 6 | src | elinks | <Â 0.12-0.21.pre5.el6_3 | elinks-0.12-0.21.pre5.el6_3.src.rpm |