 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.51200 |
| Kategorie: | Red Hat Local Security Checks |
| Titel: | RedHat Security Advisory RHSA-2003:030 |
| Zusammenfassung: | NOSUMMARY |
| Beschreibung: | Description: The remote host is missing updates announced in advisory RHSA-2003:030. Updated Lynx packages fix an error in the way Lynx parses its command line arguments which can lead to faked headers being sent to a Web server. Lynx is a character-cell Web browser, suitable for running on terminals such as the VT100. Lynx constructs its HTTP queries from the command line (or WWW_HOME environment variable) without regard to special characters such as carriage returns or linefeeds. When given a URL containing such special characters, extra headers could be inserted into the request. This could cause scripts using Lynx to fetch data from the wrong site from servers with virtual hosting. Users of Lynx are advised to upgrade to these erratum packages which contain a patch to correct this isssue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2003-030.html http://www.mail-archive.com/bugtraq@securityfocus.com/msg08897.html Risk factor : Medium CVSS Score: 5.0 |
| Querverweis: |
BugTraq ID: 5499 Common Vulnerability Exposure (CVE) ID: CVE-2002-1405 http://www.securityfocus.com/bid/5499 Bugtraq: 20020819 Lynx CRLF Injection (Google Search) http://marc.info/?l=bugtraq&m=102978118411977&w=2 Bugtraq: 20020822 Lynx CRLF Injection, part two (Google Search) http://marc.info/?l=bugtraq&m=103003793418021&w=2 Caldera Security Advisory: CSSA-2002-049.0 ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-049.0.txt Debian Security Information: DSA-210 (Google Search) http://www.debian.org/security/2002/dsa-210 http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:023 http://www.redhat.com/support/errata/RHSA-2003-029.html http://www.redhat.com/support/errata/RHSA-2003-030.html http://www.trustix.net/errata/misc/2002/TSL-2002-0085-lynx-ssl.asc.txt http://www.iss.net/security_center/static/9887.php |
| Copyright | Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |