Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2006:216: links Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the links package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2006:216 (links).
The links web browser with smbclient installed allows remote attackers
to execute arbitrary code via shell metacharacters in an smb:// URI, as
demonstrated by using PUT and GET statements.
Corporate 3.0 is not affected by this issue, as that version of links
does not have smb:// URI support.
Updated packages have disabled access to smb:// URIs.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:216
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.