[Lynx-dev] Re: iDEFENSE Security Advisory [IDEF1089] Multiple Vendor Lyn

lynx-dev

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Lynx-dev] Re: iDEFENSE Security Advisory [IDEF1089] Multiple Vendor Lyn

From:	Thorsten Glaser
Subject:	[Lynx-dev] Re: iDEFENSE Security Advisory [IDEF1089] Multiple Vendor Lynx Command Injection Vulnerability
Date:	Thu, 3 Nov 2005 12:26:49 +0000 (UTC)

Greg MacManus dixit:

FYI

>Other vendors are suspected as also being vulnerable. The following
>vendors include Lynx packages that are not susceptible to exploitation
>as the "lynxcgi" feature is not compiled into Lynx by default:
>
>    * The FreeBSD Project
>    * OpenBSD 

The MirOS Project (another BSD) also does not compile in lynxcgi
support, according to the PoC exploit.

bye,
//mirabile
-- 
> emacs als auch vi zum Kotzen finde (joe rules) und pine für den einzig
> bedienbaren textmode-mailclient halte (und ich hab sie alle ausprobiert). ;)
Hallooooo, ich bin der Holger ("Hallo Holger!"), und ich bin ebenfalls
... pine-User, und das auch noch gewohnheitsmäßig ("Oooooooohhh").  [aus dasr]

[Prev in Thread]

Current Thread

[Next in Thread]

[Lynx-dev] Re: iDEFENSE Security Advisory [IDEF1089] Multiple Vendor Lynx Command Injection Vulnerability, Thorsten Glaser <=

Prev by Date: Re: [Lynx-dev] http://www.coachusa.com/rockland/
Next by Date: Re: [Lynx-dev] http://www.coachusa.com/rockland/
Previous by thread: [Lynx-dev] http://www.coachusa.com/rockland/
Next by thread: [Lynx-dev] freebsd syslog compile error
Index(es):
- Date
- Thread