Re: LYNX-DEV VU#5135 (Lynx vulnerability?) (fwd)

[H E Nelson]

> Henry, I assume you are using lynx 2.7.1 ?  Since the original report didn't

Sorry for the hasty report (at 23:30 or so, just wanted to get home).
My test was with Lynx Version 2.7.1ac-0.28-Styles on SunOS 5.5.1
Generic_103640-03 sun4m sparc SUNW,SPARCstation-4.  This image was
compiled with gcc version 2.7.2.2, using the ncurses-4.0-970405+
library.  Used `TeraTerm' (telnet-like) to log on via a LAN.

> sort of Unix, I wasn't sure of the specifics.  I know that on _my_ platform
> (solaris 2.5.1, lynx 2.7.1) I got an error from cp when I attempted at

Confirmed.  The error which kills cp seems to this know-nothing to be
what opens up the shell (sh) in the first place.

> Is anyone looking into resolving this problem ASAP in lynx 2.7.1 ?

Sure hope so.  This one is NOT a crying-wolf situation.

__Henry
;
; To UNSUBSCRIBE:  Send a mail message to address@hidden
;                  with "unsubscribe lynx-dev" (without the
;                  quotation marks) on a line by itself.
;