Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2003:023: lynx Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the lynx package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2003:023 (lynx).
A vulnerability was discovered in lynx, a text-mode web browser. The HTTP
queries that lynx constructs are from arguments on the command line or the
$WWW_HOME environment variable, but lynx does not properly sanitize special
characters such as carriage returns or linefeeds. Extra headers can be inserted
into the request because of this, which can cause scripts that use lynx to fetch
data from the wrong site from servers that use virtual hosting.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2003:023
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.