EUVD-2004-1611

Malware in sbrugna...

EUVD-2010-2814

Malware in sbrugna...

CVE-1999-0371

Lynx allows a local user to overwrite sensitive files through /tmp symlinks...

Medium: lynx

Issue Overview: Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data. CVE-2021-38165 Affected Packages: lynx Issue Correction: Run dnf update lynx --releasever 2023.3.20240219 to updat...

SUSE CVE-2008-4690

lynx 2.8.6dev.15 and earlier, when advanced mode is enabled and lynx is configured as a URL handler, allows remote attackers to execute arbitrary commands via a crafted lynxcgi: URL, a related issue to CVE-2005-2929. NOTE: this might only be a vulnerability in limited deployments that have define...

The vulnerability of the Red Hat Linux operating system allows a remote attacker to compromise the integrity of protected information.

The vulnerability of the lynx-2.8.3 package for the Red Hat Linux operating system can lead to a breach of protected information. This vulnerability can be exploited remotely...

Heap overflow

Heap-based buffer overflow in the converttoidna function in WWW/Library/Implementation/HTParse.c in Lynx 2.8.8dev.1 through 2.8.8dev.4 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a malformed URL containing a % percent character in...

CVE-2008-4690

lynx 2.8.6dev.15 and earlier, when advanced mode is enabled and lynx is configured as a URL handler, allows remote attackers to execute arbitrary commands via a crafted lynxcgi: URL, a related issue to CVE-2005-2929. NOTE: this might only be a vulnerability in limited deployments that have define...

CVE-2008-4690

lynx 2.8.6dev.15 and earlier, when advanced mode is enabled and lynx is configured as a URL handler, allows remote attackers to execute arbitrary commands via a crafted lynxcgi: URL, a related issue to CVE-2005-2929. NOTE: this might only be a vulnerability in limited deployments that have define...

Lynx < 2.8.6 dev15 Arbitary Code Execution

Binary data 3287.prm...

CVE-2004-1617

Lynx, lynx-ssl, and lynx-cur before 2.8.6dev.8 allow remote attackers to cause a denial of service infinite loop via a web page or HTML email that contains invalid HTML including 1 a TEXTAREA tag with a large COLS value and 2 a large tag name in an element that is not terminated, as demonstrated ...

CVE-2002-1405

CRLF injection vulnerability in Lynx 2.8.4 and earlier allows remote attackers to inject false HTTP headers into an HTTP request that is provided on the command line, via a URL containing encoded carriage return, line feed, and other whitespace characters...

Mandrake Linux Security Advisory : lynx (MDKSA-2003:023)

A vulnerability was discovered in lynx, a text-mode web browser. The HTTP queries that lynx constructs are from arguments on the command line or the $WWWHOME environment variable, but lynx does not properly sanitize special characters such as carriage returns or linefeeds. Extra headers can be...

Lynx 2.8.x - Command Line URL CRLF Injection

Lynx 2.8.x - Command Line URL CRLF Injection source: https://www.securityfocus.com/bid/5499/info A CRLF injection vulnerability has been reported for Lynx that may allow an attacker to include extra HTTP headers when viewing web pages. If Lynx is called from the command line, carriage return and...

Lynx format string vulnerability in URL logging.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The vendor has been notified, but since this is a low risk I am releasing early. Vapid Labs Larry W. Cashdollar Bug Report Summary: lynx has a format string vulnerability in LYUtils.c line 7995 due to a bad call to syslog, where the format argument is...

CVE-1999-0371

Lynx allows a local user to overwrite sensitive files through /tmp symlinks...

lynx.2.8.2.extern.txt

-----BEGIN PGP SIGNED MESSAGE----- SuSE Security Announcement Package: lynx-2.8.2 and older Date: Thu Sep 16 21:29:15 CEST 1999 Affected: all Linux distributions using lynx-2.8.2 and older A security hole was discovered in the package mentioned above. Please update as soon as possible or disable...

lynxtmp.txt

Date: Tue, 9 Feb 1999 20:57:30 -0500 From: Juan Diego Bolanos To: [email protected] Subject: Lynx /tmp problem Hi Aleph, please filter this if already posted.... ------ Hello.... I have found a bug in Lynx all versions, except the latest stable release... lynx create temporary files in /tmp in...

lynx-2.8.x-BOF.txt

Date: Sun, 6 Sep 1998 00:53:24 +0200 From: Michal Zalewski To: [email protected] Subject: Sendmail, lynx, Netscape, sshd, Linux kernel twice Bugs in lynx 2.8.x including latest development versions: ----------------------------------------------------------- Trivial overflows in protocol...