Описание
Lynx 2.8.5, and other versions before 2.8.6dev.15, allows remote attackers to execute arbitrary commands via (1) lynxcgi:, (2) lynxexec, and (3) lynxprog links, which are not properly restricted in the default configuration in some environments.
Lynx 2.8.5, and other versions before 2.8.6dev.15, allows remote attackers to execute arbitrary commands via (1) lynxcgi:, (2) lynxexec, and (3) lynxprog links, which are not properly restricted in the default configuration in some environments.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2005-2929
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23119
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9712
- http://secunia.com/advisories/17372
- http://secunia.com/advisories/17512
- http://secunia.com/advisories/17546
- http://secunia.com/advisories/17556
- http://secunia.com/advisories/17576
- http://secunia.com/advisories/17666
- http://secunia.com/advisories/17757
- http://secunia.com/advisories/18051
- http://secunia.com/advisories/18376
- http://secunia.com/advisories/18659
- http://securityreason.com/securityalert/173
- http://securitytracker.com/id?1015195
- http://support.avaya.com/elmodocs2/security/ASA-2006-035.htm
- http://www.gentoo.org/security/en/glsa/glsa-200511-09.xml
- http://www.idefense.com/application/poi/display?id=338&type=vulnerabilities
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:211
- http://www.openpkg.org/security/OpenPKG-SA-2005.026-lynx.html
- http://www.redhat.com/support/errata/RHSA-2005-839.html
- http://www.securityfocus.com/archive/1/419763/100/0/threaded
- http://www.securityfocus.com/bid/15395
- http://www.vupen.com/english/advisories/2005/2394
EPSS
CVE ID
Связанные уязвимости
Lynx 2.8.5, and other versions before 2.8.6dev.15, allows remote attackers to execute arbitrary commands via (1) lynxcgi:, (2) lynxexec, and (3) lynxprog links, which are not properly restricted in the default configuration in some environments.
Lynx 2.8.5, and other versions before 2.8.6dev.15, allows remote attackers to execute arbitrary commands via (1) lynxcgi:, (2) lynxexec, and (3) lynxprog links, which are not properly restricted in the default configuration in some environments.
Lynx 2.8.5, and other versions before 2.8.6dev.15, allows remote attackers to execute arbitrary commands via (1) lynxcgi:, (2) lynxexec, and (3) lynxprog links, which are not properly restricted in the default configuration in some environments.
Lynx 2.8.5, and other versions before 2.8.6dev.15, allows remote attac ...
EPSS