Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.56170
Category:Conectiva Local Security Checks
Title:Conectiva Security Advisory CLSA-2005:1053
Summary:NOSUMMARY
Description:Description:

The remote host is missing updates announced in
advisory CLSA-2005:1053.

An arbitrary command execution vulnerability was discovered
in the lynx 'lynxcgi:' URI handler. An attacker could create
a web page that redirects to a malicious URL which could
execute arbitrary commands as the user running lynx.

Solution:
The apt tool can be used to perform RPM package upgrades
by running 'apt-get update' followed by 'apt-get upgrade'

http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=001053
http://lynx.browser.org/

Risk factor : High

CVSS Score:
7.5

Cross-Ref: BugTraq ID: 15395
Common Vulnerability Exposure (CVE) ID: CVE-2005-2929
http://www.securityfocus.com/bid/15395
http://www.securityfocus.com/archive/1/419763/100/0/threaded
http://www.gentoo.org/security/en/glsa/glsa-200511-09.xml
http://www.idefense.com/application/poi/display?id=338&type=vulnerabilities
http://www.mandriva.com/security/advisories?name=MDKSA-2005:211
http://www.openpkg.org/security/OpenPKG-SA-2005.026-lynx.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9712
http://www.redhat.com/support/errata/RHSA-2005-839.html
SCO Security Bulletin: SCOSA-2005.55
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.55/SCOSA-2005.55.txt
SCO Security Bulletin: SCOSA-2006.7
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.7/SCOSA-2006.7.txt
http://securitytracker.com/id?1015195
http://secunia.com/advisories/17372
http://secunia.com/advisories/17512
http://secunia.com/advisories/17546
http://secunia.com/advisories/17556
http://secunia.com/advisories/17576
http://secunia.com/advisories/17666
http://secunia.com/advisories/17757
http://secunia.com/advisories/18051
http://secunia.com/advisories/18376
http://secunia.com/advisories/18659
http://securityreason.com/securityalert/173
http://www.vupen.com/english/advisories/2005/2394
XForce ISS Database: lynx-lynxcgi-command-execute(23119)
https://exchange.xforce.ibmcloud.com/vulnerabilities/23119
CopyrightCopyright (c) 2006 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.