222 matches found
Scientific Linux Security Update : elinks on SL5.x, SL6.x i386/x86_64 (20130211)
It was found that ELinks performed client credentials delegation during the client-to-server GSS security mechanisms negotiation. A rogue server could use this flaw to obtain the client's credentials and impersonate that client to other servers that are using GSSAPI. CVE-2012-4545 %NASLMINLEVEL...
RHEL 5 / 6 : elinks (RHSA-2013:0250)
An updated elinks package that fixes one security issue is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...
elinks security update
CentOS Errata and Security Advisory CESA-2013:0250 An updated elinks package that fixes one security issue is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS...
Moderate: Red Hat Security Advisory: elinks security update
An updated elinks package that fixes one security issue is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...
Fedora Update for elinks FEDORA-2013-0207
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scripttagname:"affected",...
Fedora Update for elinks FEDORA-2013-0207
Check for the Version of elinks OpenVAS Vulnerability Test Fedora Update for elinks FEDORA-2013-0207 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...
Fedora Update for elinks FEDORA-2013-0265
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for elinks FEDORA-2013-0265
Check for the Version of elinks OpenVAS Vulnerability Test Fedora Update for elinks FEDORA-2013-0265 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...
[SECURITY] Fedora 17 Update: elinks-0.12-0.29.pre5.fc17
Elinks is a text-based Web browser. Elinks does not display any images, but it does support frames, tables and most other HTML tags. Elinks' advantage over graphical browsers is its speed--Elinks starts and exits quickly and swiftly displays Web pages...
[SECURITY] Fedora 18 Update: elinks-0.12-0.32.pre5.fc18
Elinks is a text-based Web browser. Elinks does not display any images, but it does support frames, tables and most other HTML tags. Elinks' advantage over graphical browsers is its speed--Elinks starts and exits quickly and swiftly displays Web pages...
Fedora 17 : elinks-0.12-0.29.pre5.fc17 (2013-0265)
do not delegate GSSAPI credentials CVE-2012-4545 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Fedora 18 : elinks-0.12-0.32.pre5.fc18 (2013-0207)
do not delegate GSSAPI credentials CVE-2012-4545 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
CVE-2012-4545
The httpnegotiatecreatecontext function in protocol/http/httpnegotiate.c in ELinks 0.12 before 0.12pre6, when using HTTP Negotiate or GSS-Negotiate authentication, delegates user credentials through GSSAPI, which allows remote servers to authenticate as the client via the delegated credentials...
CVE-2012-4545
The httpnegotiatecreatecontext function in protocol/http/httpnegotiate.c in ELinks 0.12 before 0.12pre6, when using HTTP Negotiate or GSS-Negotiate authentication, delegates user credentials through GSSAPI, which allows remote servers to authenticate as the client via the delegated credentials...
DEBIAN-CVE-2012-4545
The httpnegotiatecreatecontext function in protocol/http/httpnegotiate.c in ELinks 0.12 before 0.12pre6, when using HTTP Negotiate or GSS-Negotiate authentication, delegates user credentials through GSSAPI, which allows remote servers to authenticate as the client via the delegated credentials...
Authentication flaw
The httpnegotiatecreatecontext function in protocol/http/httpnegotiate.c in ELinks 0.12 before 0.12pre6, when using HTTP Negotiate or GSS-Negotiate authentication, delegates user credentials through GSSAPI, which allows remote servers to authenticate as the client via the delegated credentials...
CVE-2012-4545
The httpnegotiatecreatecontext function in protocol/http/httpnegotiate.c in ELinks 0.12 before 0.12pre6, when using HTTP Negotiate or GSS-Negotiate authentication, delegates user credentials through GSSAPI, which allows remote servers to authenticate as the client via the delegated credentials...
CVE-2012-4545
The httpnegotiatecreatecontext function in protocol/http/httpnegotiate.c in ELinks 0.12 before 0.12pre6, when using HTTP Negotiate or GSS-Negotiate authentication, delegates user credentials through GSSAPI, which allows remote servers to authenticate as the client via the delegated credentials...
CVE-2012-4545
The httpnegotiatecreatecontext function in protocol/http/httpnegotiate.c in ELinks 0.12 before 0.12pre6, when using HTTP Negotiate or GSS-Negotiate authentication, delegates user credentials through GSSAPI, which allows remote servers to authenticate as the client via the delegated credentials...
CVE-2012-4545
CVE-2012-4545 affects ELinks 0.12 up to (but not including) 0.12pre6, where using HTTP Negotiate or GSS-Negotiate authentication delegates user credentials via GSSAPI. This can allow a remote server to authenticate as the client using delegated credentials. The CVSS score from NVD is 5.1 (Medium)...