Links: Arbitrary Samba command execution
Gentoo Linux Security Advisory
||GLSA 200612-16 / links
||December 14, 2006
||December 14, 2006: 01
All supported architectures
Links does not properly validate "smb://" URLs, making it vulnerable to the
execution of arbitrary Samba commands.
Links is a web browser running in both graphics and text modes.
Teemu Salmela discovered that Links does not properly validate "smb://"
URLs when it runs smbclient commands.
A remote attacker could entice a user to browse to a specially crafted
"smb://" URL and execute arbitrary Samba commands, which would allow
the overwriting of arbitrary local files or the upload or the download
of arbitrary files. This vulnerability can be exploited only if
"smbclient" is installed on the victim's computer, which is provided by
the "samba" Gentoo package.
There is no known workaround at this time.
All Links users should upgrade to the latest version:
Code Listing 3.1: Resolution
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/links-2.1_pre26"