lynx-2.8.5-28.1.1.1AXS3
エラータID: AXSA:2008-523:02
Lynx is a text-based Web browser. Lynx does not display any images, but it does support frames, tables, and most other HTML tags. One advantage Lynx has over graphical browsers is speed; Lynx starts and exits quickly and swiftly displays webpages.
Fixed bugs:
CVE-2006-7234
Untrusted search path vulnerability in Lynx before 2.8.6rel.4 allows local users to execute arbitrary code via malicious (1) .mailcap and (2) mime.types files in the current working directory.
CVE-2008-4690
lynx 2.8.6dev.15 and earlier, when advanced mode is enabled and lynx is configured as a URL handler, allows remote attackers to execute arbitrary commands via a crafted lynxcgi: URL, a related issue to CVE-2005-2929.
NOTE: this might only be a vulnerability in limited deployments that have defined a lynxcgi: handler.
CVE-2005-2929
Lynx 2.8.5, and other versions before 2.8.6dev.15, allows remote attackers to execute arbitrary commands via (1) lynxcgi:, (2) lynxexec, and (3) lynxprog links, which are not properly restricted in the default configuration in some environments.
Update packages.
Lynx 2.8.5, and other versions before 2.8.6dev.15, allows remote attackers to execute arbitrary commands via (1) lynxcgi:, (2) lynxexec, and (3) lynxprog links, which are not properly restricted in the default configuration in some environments.
lynx 2.8.6dev.15 and earlier, when advanced mode is enabled and lynx is configured as a URL handler, allows remote attackers to execute arbitrary commands via a crafted lynxcgi: URL, a related issue to CVE-2005-2929. NOTE: this might only be a vulnerability in limited deployments that have defined a lynxcgi: handler.
Untrusted search path vulnerability in Lynx before 2.8.6rel.4 allows local users to execute arbitrary code via malicious (1) .mailcap and (2) mime.types files in the current working directory.
From Asianux Server 3 SP1 updated packages.
Asianux Server 3 for x86
- lynx-2.8.5-28.1.1.1AXS3.i386.rpm
MD5: 5ae7b61cbb039c2b3544c537e43f3a55
SHA-256: c8e591f5e97c559ee1a3766435f7bb55dce2d90d056dfcf1a3f3dcf5b0992003
Size: 1.87 MB
Asianux Server 3 for x86_64
- lynx-2.8.5-28.1.1.1AXS3.x86_64.rpm
MD5: 9d93b927538234183c08026b6eb2b0cc
SHA-256: 552bf34bf9d885815256b605c5cfd020a1641e717d7d9a039296fa10b8dd6b40
Size: 1.90 MB