MiracleLinux 4 : elinks-0.12-0.21.pre5.AXS4 (AXSA:2013-110:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2013-110:01 advisory. Links is a text-based Web browser. Links does not display any images, but it does support frames, tables and most other HTML tags. Links' advantage over...

Oracle: Security Advisory (ELSA-2013-0250)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for elinks FEDORA-2013-18347

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 5 / 6 : elinks (ELSA-2013-0250)

The remote Oracle Linux 5 / 6 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2013-0250 advisory. 0.12-0.21.pre5 - do not delegate GSSAPI credentials CVE-2012-4545 Tenable has extracted the preceding description block directly from the Oracle Linux...

Mandriva Linux Security Advisory : elinks (MDVSA-2013:075)

Updated elinks package fixes security vulnerability : Marko Myllynen discovered that ELinks, a powerful text-mode browser, incorrectly delegates user credentials during GSS-Negotiate CVE-2012-4545. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in thi...

RedHat Update for elinks RHSA-2013:0250-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for elinks CESA-2013:0250 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

RHEL 5 / 6 : elinks (RHSA-2013:0250)

An updated elinks package that fixes one security issue is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...

CentOS 5 / 6 : elinks (CESA-2013:0250)

An updated elinks package that fixes one security issue is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...

Scientific Linux Security Update : elinks on SL5.x, SL6.x i386/x86_64 (20130211)

It was found that ELinks performed client credentials delegation during the client-to-server GSS security mechanisms negotiation. A rogue server could use this flaw to obtain the client's credentials and impersonate that client to other servers that are using GSSAPI. CVE-2012-4545 %NASLMINLEVEL...

elinks security update

0.12-0.21.pre5 - do not delegate GSSAPI credentials CVE-2012-4545...

Fedora Update for elinks FEDORA-2013-0207

Check for the Version of elinks OpenVAS Vulnerability Test Fedora Update for elinks FEDORA-2013-0207 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

Fedora Update for elinks FEDORA-2013-0265

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora 18 : elinks-0.12-0.32.pre5.fc18 (2013-0207)

do not delegate GSSAPI credentials CVE-2012-4545 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

Fedora 17 : elinks-0.12-0.29.pre5.fc17 (2013-0265)

do not delegate GSSAPI credentials CVE-2012-4545 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

CVE-2012-4545

The httpnegotiatecreatecontext function in protocol/http/httpnegotiate.c in ELinks 0.12 before 0.12pre6, when using HTTP Negotiate or GSS-Negotiate authentication, delegates user credentials through GSSAPI, which allows remote servers to authenticate as the client via the delegated credentials...

CVE-2012-4545

CVE-2012-4545 affects ELinks 0.12 up to (but not including) 0.12pre6, where using HTTP Negotiate or GSS-Negotiate authentication delegates user credentials via GSSAPI. This can allow a remote server to authenticate as the client using delegated credentials. The CVSS score from NVD is 5.1 (Medium)...

[SECURITY] [DSA 2592-1] elinks security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2592-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff December 28, 2012 http://www.debian.org/security/faq -...