MiracleLinux 4 : elinks-0.12-0.21.pre5.AXS4 (AXSA:2013-110:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2013-110:01 advisory. Links is a text-based Web browser. Links does not display any images, but it does support frames, tables and most other HTML tags. Links' advantage over...

MiracleLinux 3 : elinks-0.11.1-8.AXS3 (AXSA:2013-101:01)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2013-101:01 advisory. Links is a text-based Web browser. Links does not display any images, but it does support frames, tables and most other HTML tags. Links' advantage over...

EUVD-2012-4473

Malware in sbrugna...

EUVD-2008-7183

Malware in sbrugna...

EUVD-2007-2022

Malware in sbrugna...

EUVD-2007-5015

Malware in sbrugna...

Denial Of Service (DoS)

elinks is vulnerable to denial of service DoS. The vulnerability exists as a off-by-one buffer overflow flaw was discovered in the way ELinks handled its internal cache of string representations for HTML special entities. A remote attacker could use this flaw to create a specially-crafted HTML fi...

Authentication Bypass

elinks is vulnerable to authentication bypass attacks. The vulnerability exists as the httpnegotiatecreatecontext function in protocol/http/httpnegotiate.c in ELinks 0.12 before 0.12pre6, when using HTTP Negotiate or GSS-Negotiate authentication, delegates user credentials through GSSAPI, which...

ELinks and Twibright Links Unauthorized Access Vulnerability

ELinks is an open source text-only browser for Linux.Twibright Links is a text-only web browser developed by the Twibright Labs organization that renders graphics and font-size variations with antialiasing and supports JavaScript. A security vulnerability exists in ELinks version 0.12 and Twibrig...

DEBIAN-CVE-2012-6709

ELinks 0.12 and Twibright Links 2.3 have Missing SSL Certificate Validation...

DEBIAN-CVE-2012-4545

The httpnegotiatecreatecontext function in protocol/http/httpnegotiate.c in ELinks 0.12 before 0.12pre6, when using HTTP Negotiate or GSS-Negotiate authentication, delegates user credentials through GSSAPI, which allows remote servers to authenticate as the client via the delegated credentials...

CVE-2012-4545

The httpnegotiatecreatecontext function in protocol/http/httpnegotiate.c in ELinks 0.12 before 0.12pre6, when using HTTP Negotiate or GSS-Negotiate authentication, delegates user credentials through GSSAPI, which allows remote servers to authenticate as the client via the delegated credentials...

CVE-2008-7224

Buffer overflow in entitycache in ELinks before 0.11.4rc0 allows remote attackers to cause a denial of service crash via a crafted link...

Ubuntu Update for elinks vulnerability USN-519-1

Ubuntu Update for Linux kernel vulnerabilities USN-519-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN5191.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for elinks vulnerability USN-519-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Ubuntu 6.06 LTS / 6.10 / 7.04 : elinks vulnerability (USN-457-1)

Arnaud Giersch discovered that elinks incorrectly attempted to load gettext catalogs from a relative path. If a user were tricked into running elinks from a specific directory, a local attacker could execute code with user privileges. Note that Tenable Network Security has extracted the preceding...

elinks reveals POST data to HTTPS proxy

ELinks before 0.11.3, when sending a POST request for an https URL, appends the body and content headers of the POST request to the CONNECT request in cleartext, which allows remote attackers to sniff sensitive data that would have been protected by TLS. NOTE: this issue only occurs when a proxy ...

CVE-2007-5034

ELinks before 0.11.3, when sending a POST request for an https URL, appends the body and content headers of the POST request to the CONNECT request in cleartext, which allows remote attackers to sniff sensitive data that would have been protected by TLS. NOTE: this issue only occurs when a proxy ...