Test ID:	1.3.6.1.4.1.25623.1.0.55806
Category:	Slackware Local Security Checks
Title:	Slackware: Security Advisory (SSA:2005-310-03)
Summary:	The remote host is missing an update for the 'Lynx' package(s) announced via the SSA:2005-310-03 advisory.
Description:	Summary: The remote host is missing an update for the 'Lynx' package(s) announced via the SSA:2005-310-03 advisory. Vulnerability Insight: New Lynx packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix a security issue. An overflow could result in the execution of arbitrary code when using Lynx to connect to a malicious NNTP server. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: [link moved to references] Here are the details from the Slackware 10.2 ChangeLog: +--------------------------+ patches/packages/lynx-2.8.5rel.5-i486-1.tgz: Upgraded to lynx-2.8.5rel.5. Fixes an issue where the handling of Asian characters when using lynx to connect to an NNTP server (is this a common use?) could result in a buffer overflow causing the execution of arbitrary code. For more details, see: [link moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'Lynx' package(s) on Slackware 8.1, Slackware 9.0, Slackware 9.1, Slackware 10.0, Slackware 10.1, Slackware 10.2, Slackware current. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2005-3120 BugTraq ID: 15117 http://www.securityfocus.com/bid/15117 Bugtraq: 20060602 Re: [SECURITY] [DSA 1085-1] New lynx-cur packages fix several vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/435689/30/4740/threaded Debian Security Information: DSA-1085 (Google Search) http://www.debian.org/security/2006/dsa-1085 Debian Security Information: DSA-874 (Google Search) http://www.debian.org/security/2005/dsa-874 Debian Security Information: DSA-876 (Google Search) http://www.debian.org/security/2005/dsa-876 http://www.securityfocus.com/archive/1/419763/100/0/threaded http://lists.grok.org.uk/pipermail/full-disclosure/2005-October/038019.html http://www.gentoo.org/security/en/glsa/glsa-200510-15.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:186 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=170253 http://www.openpkg.org/security/OpenPKG-SA-2005.026-lynx.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9257 http://www.redhat.com/support/errata/RHSA-2005-803.html SCO Security Bulletin: SCOSA-2005.47 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.47/SCOSA-2005.47.txt SCO Security Bulletin: SCOSA-2006.7 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.7/SCOSA-2006.7.txt http://securitytracker.com/id?1015065 http://secunia.com/advisories/17150 http://secunia.com/advisories/17216 http://secunia.com/advisories/17230 http://secunia.com/advisories/17231 http://secunia.com/advisories/17238 http://secunia.com/advisories/17248 http://secunia.com/advisories/17340 http://secunia.com/advisories/17360 http://secunia.com/advisories/17444 http://secunia.com/advisories/17445 http://secunia.com/advisories/17480 http://secunia.com/advisories/18376 http://secunia.com/advisories/18584 http://secunia.com/advisories/20383 http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.423056 SuSE Security Announcement: SUSE-SR:2005:025 (Google Search) http://www.novell.com/linux/security/advisories/2005_25_sr.html http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html https://usn.ubuntu.com/206-1/
Copyright	Copyright (C) 2012 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.