|
|
Lynx Command Line URL CRLF Injection Vulnerability
|
Bugtraq ID:
|
5499
|
|
Class:
|
Input Validation Error
|
|
CVE:
|
CAN-2002-1405
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
Aug 19 2002 12:00AM
|
|
Updated:
|
Aug 19 2002 12:00AM
|
|
Credit:
|
Discovery credited to Ulf Harnhammar <ulfh@update.uu.se>.
|
|
Vulnerable:
|
University of Kansas Lynx 2.8.5 dev.8
+
MandrakeSoft Linux Mandrake 9.0
+
MandrakeSoft Linux Mandrake 8.2 ppc
+
MandrakeSoft Linux Mandrake 8.2
+
MandrakeSoft Linux Mandrake 8.1 ia64
+
MandrakeSoft Linux Mandrake 8.1
+
MandrakeSoft Linux Mandrake 8.0 ppc
+
MandrakeSoft Linux Mandrake 8.0
+
MandrakeSoft Linux Mandrake 7.2
+
MandrakeSoft Multi Network Firewall 2.0
+
MandrakeSoft Single Network Firewall 7.2
University of Kansas Lynx 2.8.4 rel.1
University of Kansas Lynx 2.8.4
+
Caldera OpenLinux Server 3.1.1
+
Caldera OpenLinux Server 3.1
+
Caldera OpenLinux Workstation 3.1.1
+
Caldera OpenLinux Workstation 3.1
+
Conectiva Linux 8.0
+
Conectiva Linux 7.0
+
Debian Linux 3.0
+
RedHat Linux for iSeries 7.1
+
RedHat Linux for pSeries 7.1
+
Sun Linux 5.0.6
+
Trustix Secure Linux 1.5
+
Trustix Secure Linux 1.2
+
Trustix Secure Linux 1.1
University of Kansas Lynx 2.8.3 rel.1
University of Kansas Lynx 2.8.3
+
Debian Linux 2.2
University of Kansas Lynx 2.8.2 rel.1
Links Links 0.96
ELinks ELinks 0.3.2
ELinks ELinks 0.2.4
|
|
|
|
Not Vulnerable:
|
ELinks ELinks 0.4 pre15
|
|
|
