5 matches found
Debian Security Advisory DSA 210-1 (lynx, lynx-ssl)
The remote host is missing an update to lynx, lynx-ssl announced via advisory DSA 210-1. OpenVAS Vulnerability Test $Id: deb2101.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 210-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian DSA-210-1 : lynx - CRLF injection
lynx a text-only web browser did not properly check for illegal characters in all places, including processing of command line options, which could be used to insert extra HTTP headers in a request. For Debian GNU/Linux 2.2/potato this has been fixed in version 2.8.3-1.1 of the lynx package and...
CVE-2002-1405
The CVE-2002-1405 issue affects Lynx 2.8.4 and earlier and describes a CRLF injection flaw that lets an attacker add extra HTTP headers via a URL containing encoded CR/LF characters on the command line. Public advisories (Debian DSA-210, RHSA-2003:030, RHSA-2003:030) indicate that updated Lynx pa...
CVE-2002-1405
CRLF injection vulnerability in Lynx 2.8.4 and earlier allows remote attackers to inject false HTTP headers into an HTTP request that is provided on the command line, via a URL containing encoded carriage return, line feed, and other whitespace characters...
CVE-2002-1405
CRLF injection vulnerability in Lynx 2.8.4 and earlier allows remote attackers to inject false HTTP headers into an HTTP request that is provided on the command line, via a URL containing encoded carriage return, line feed, and other whitespace characters...