Gentoo Logo

Lynx: Arbitrary command execution

Content:

1.  Gentoo Linux Security Advisory

Version Information

Advisory Reference GLSA 200909-15 / lynx
Release Date September 12, 2009
Latest Revision September 12, 2009: 01
Impact normal
Exploitable remote
Package Vulnerable versions Unaffected versions Architecture(s)
www-client/lynx < 2.8.6-r4 >= 2.8.6-r4 All supported architectures

Related bugreports: #243058

Synopsis

An incomplete fix for an issue related to the Lynx URL handler might allow for the remote execution of arbitrary commands.

2.  Impact Information

Background

Lynx is a fully-featured WWW client for users running cursor-addressable, character-cell display devices such as vt100 terminals and terminal emulators.

Description

Clint Ruoho reported that the fix for CVE-2005-2929 (GLSA 200511-09) only disabled the lynxcgi:// handler when not using the advanced mode.

Impact

A remote attacker can entice a user to access a malicious HTTP server, causing Lynx to execute arbitrary commands. NOTE: The advanced mode is not enabled by default. Successful exploitation requires the "lynxcgi://" protocol to be registered with lynx on the victim's system.

3.  Resolution Information

Workaround

There is no known workaround at this time.

Resolution

All Lynx users should upgrade to the latest version:

Code Listing 3.1: Resolution

# emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/lynx-2.8.6-r4"

4.  References

Print

Page updated September 12, 2009

Summary: This is a Gentoo Linux Security Advisory

Security Team
Contact Address

Donate to support our development efforts.

Copyright 2001-2012 Gentoo Foundation, Inc. Questions, Comments? Contact us.