Lynx Malformed HTML Infinite Loop Denial Of Service Vulnerability

Lynx Malformed HTML Infinite Loop Denial Of Service Vulnerability

Solution:
OpenBSD has reportedly released an independent fix for this issue. Symantec has not confirmed this.

Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.commailto:vuldb@securityfocus.com

Please see the references for vendor advisories and fixes.

University of Kansas Lynx 2.8.4

Debian lynx-ssl_2.8.4.1b-3.3_alpha.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.4 .1b-3.3_alpha.deb

Debian lynx-ssl_2.8.4.1b-3.3_arm.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.4 .1b-3.3_arm.deb

Debian lynx-ssl_2.8.4.1b-3.3_hppa.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.4 .1b-3.3_hppa.deb

Debian lynx-ssl_2.8.4.1b-3.3_i386.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.4 .1b-3.3_i386.deb

Debian lynx-ssl_2.8.4.1b-3.3_ia64.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.4 .1b-3.3_ia64.deb

Debian lynx-ssl_2.8.4.1b-3.3_m68k.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.4 .1b-3.3_m68k.deb

Debian lynx-ssl_2.8.4.1b-3.3_mips.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.4 .1b-3.3_mips.deb

Debian lynx-ssl_2.8.4.1b-3.3_mipsel.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.4 .1b-3.3_mipsel.deb

Debian lynx-ssl_2.8.4.1b-3.3_powerpc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.4 .1b-3.3_powerpc.deb

Debian lynx-ssl_2.8.4.1b-3.3_s390.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.4 .1b-3.3_s390.deb

Debian lynx-ssl_2.8.4.1b-3.3_sparc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.4 .1b-3.3_sparc.deb

Debian lynx_2.8.4.1b-3.4_alpha.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.4.1b-3.4_ alpha.deb

Debian lynx_2.8.4.1b-3.4_arm.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.4.1b-3.4_ arm.deb

Debian lynx_2.8.4.1b-3.4_hppa.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.4.1b-3.4_ hppa.deb

Debian lynx_2.8.4.1b-3.4_i386.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.4.1b-3.4_ i386.deb

Debian lynx_2.8.4.1b-3.4_ia64.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.4.1b-3.4_ ia64.deb

Debian lynx_2.8.4.1b-3.4_m68k.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.4.1b-3.4_ m68k.deb

Debian lynx_2.8.4.1b-3.4_mips.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.4.1b-3.4_ mips.deb

Debian lynx_2.8.4.1b-3.4_mipsel.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.4.1b-3.4_ mipsel.deb

Debian lynx_2.8.4.1b-3.4_powerpc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.4.1b-3.4_ powerpc.deb

Debian lynx_2.8.4.1b-3.4_s390.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.4.1b-3.4_ s390.deb

Debian lynx_2.8.4.1b-3.4_sparc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.4.1b-3.4_ sparc.deb

University of Kansas Lynx 2.8.5

Debian lynx-cur-wrapper_2.8.5-2.5woody1_all.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/l/lynx-cur/lynx-cur-wrapp er_2.8.5-2.5woody1_all.deb

Debian lynx-cur_2.8.5-2.5woody1_alpha.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/l/lynx-cur/lynx-cur_2.8.5 -2.5woody1_alpha.deb

Debian lynx-cur_2.8.5-2.5woody1_arm.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/l/lynx-cur/lynx-cur_2.8.5 -2.5woody1_arm.deb

Debian lynx-cur_2.8.5-2.5woody1_hppa.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/l/lynx-cur/lynx-cur_2.8.5 -2.5woody1_hppa.deb

Debian lynx-cur_2.8.5-2.5woody1_i386.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/l/lynx-cur/lynx-cur_2.8.5 -2.5woody1_i386.deb

Debian lynx-cur_2.8.5-2.5woody1_ia64.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/l/lynx-cur/lynx-cur_2.8.5 -2.5woody1_ia64.deb

Debian lynx-cur_2.8.5-2.5woody1_m68k.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/l/lynx-cur/lynx-cur_2.8.5 -2.5woody1_m68k.deb

Debian lynx-cur_2.8.5-2.5woody1_mips.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/l/lynx-cur/lynx-cur_2.8.5 -2.5woody1_mips.deb

Debian lynx-cur_2.8.5-2.5woody1_mipsel.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/l/lynx-cur/lynx-cur_2.8.5 -2.5woody1_mipsel.deb

Debian lynx-cur_2.8.5-2.5woody1_powerpc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/l/lynx-cur/lynx-cur_2.8.5 -2.5woody1_powerpc.deb

Debian lynx-cur_2.8.5-2.5woody1_s390.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/l/lynx-cur/lynx-cur_2.8.5 -2.5woody1_s390.deb

Debian lynx-cur_2.8.5-2.5woody1_sparc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/l/lynx-cur/lynx-cur_2.8.5 -2.5woody1_sparc.deb

Debian lynx_2.8.5-2sarge2_alpha.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5-2sarge2 _alpha.deb

Debian lynx_2.8.5-2sarge2_amd64.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5-2sarge2 _amd64.deb

Debian lynx_2.8.5-2sarge2_arm.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5-2sarge2 _arm.deb

Debian lynx_2.8.5-2sarge2_hppa.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5-2sarge2 _hppa.deb

Debian lynx_2.8.5-2sarge2_i386.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5-2sarge2 _i386.deb

Debian lynx_2.8.5-2sarge2_ia64.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5-2sarge2 _ia64.deb

Debian lynx_2.8.5-2sarge2_m68k.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5-2sarge2 _m68k.deb

Debian lynx_2.8.5-2sarge2_mips.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5-2sarge2 _mips.deb

Debian lynx_2.8.5-2sarge2_mipsel.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5-2sarge2 _mipsel.deb

Debian lynx_2.8.5-2sarge2_powerpc.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5-2sarge2 _powerpc.deb

Debian lynx_2.8.5-2sarge2_s390.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5-2sarge2 _s390.deb

Debian lynx_2.8.5-2sarge2_sparc.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5-2sarge2 _sparc.deb

University of Kansas Lynx 2.8.6

Debian lynx-cur-wrapper_2.8.6-9sarge1_all.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/l/lynx-cur/lynx-cur-wrapp er_2.8.6-9sarge1_all.deb

Debian lynx-cur_2.8.6-9sarge1_alpha.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/l/lynx-cur/lynx-cur_2.8.6 -9sarge1_alpha.deb

Debian lynx-cur_2.8.6-9sarge1_amd64.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/l/lynx-cur/lynx-cur_2.8.6 -9sarge1_amd64.deb

Debian lynx-cur_2.8.6-9sarge1_arm.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/l/lynx-cur/lynx-cur_2.8.6 -9sarge1_arm.deb

Debian lynx-cur_2.8.6-9sarge1_hppa.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/l/lynx-cur/lynx-cur_2.8.6 -9sarge1_hppa.deb

Debian lynx-cur_2.8.6-9sarge1_i386.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/l/lynx-cur/lynx-cur_2.8.6 -9sarge1_i386.deb

Debian lynx-cur_2.8.6-9sarge1_ia64.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/l/lynx-cur/lynx-cur_2.8.6 -9sarge1_ia64.deb

Debian lynx-cur_2.8.6-9sarge1_m68k.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/l/lynx-cur/lynx-cur_2.8.6 -9sarge1_m68k.deb

Debian lynx-cur_2.8.6-9sarge1_mips.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/l/lynx-cur/lynx-cur_2.8.6 -9sarge1_mips.deb

Debian lynx-cur_2.8.6-9sarge1_mipsel.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/l/lynx-cur/lynx-cur_2.8.6 -9sarge1_mipsel.deb

Debian lynx-cur_2.8.6-9sarge1_powerpc.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/l/lynx-cur/lynx-cur_2.8.6 -9sarge1_powerpc.deb

Debian lynx-cur_2.8.6-9sarge1_s390.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/l/lynx-cur/lynx-cur_2.8.6 -9sarge1_s390.deb

Debian lynx-cur_2.8.6-9sarge1_sparc.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/l/lynx-cur/lynx-cur_2.8.6 -9sarge1_sparc.deb