SECURITY: lynx web browser

Subject: SECURITY: lynx web browser
From: Dan Burcaw (dburcaw@terraplex.com)
Date: Thu Sep 16 1999 - 17:13:06 MDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: David Barnum: "X problem"
• Previous message: Jason Titus: "AltiVec and Open Source"

The Yellow Dog Linux Security Team has released an updated version of lynx
to fix a recently discovered security vulnerability. lynx is the popular
full-featured, text-based web browser.

Below is a summary of this YDL update.

Package: lynx
Date: September 15, 1999
Problem:
When lynx calls external programs for protocols (i.e.: telnet), the
location is passed unchecked. This can be used to activate commandline
parameters. For example, this reference <A HREF="telnet://-n.rhosts">click
me</A> would activate the tracefile options on the telnet client. The
result of this would be that the .rhosts file in the current directory
would be created or overwritten.

Depending on the external programs called by lynx, files can be created or
truncated, or even remote commands being executed if (i.e.: ssh or rsh)
would be configured in lynx.

The Yellow Dog Linux Security Team advises that all users with lynx
installed upgrade to this fixed version. You can check if you have lynx
installed by running:

rpm -qi lynx

Urgency: MEDIUM
Solution: rpm -Uvh
ftp://ftp.yellowdoglinux.com/pub/yellowdog/updates/champion-1.1/RPMS/lynx-2.8.3pre9-1.ppc.rpm

Dan

Terra Soft Solutions, Inc.
   Yellow Dog Linux
   "The Ultimate Companion for a Dedicated Server"
   http://www.yellowdoglinux.com/

• Next message: David Barnum: "X problem"
• Previous message: Jason Titus: "AltiVec and Open Source"

This archive was generated by hypermail 2a24 : Fri Oct 01 1999 - 16:13:44 MDT