|
Family: Debian Local Security Checks --> Category: infos
[DSA1076] DSA-1076-1 lynx Vulnerability Scan
Vulnerability Scan Summary DSA-1076-1 lynx
Detailed Explanation for this Vulnerability Test
Michal Zalewski discovered that lynx, the popular text-mode WWW
Browser, is not able to grok invalid HTML including a TEXTAREA tag
with a large COLS value and a large tag name in an element that is not
terminated, and loops forever trying to render the broken HTML.
For the old stable distribution (woody) this problem has been fixed in
version 2.8.4.1b-3.4.
For the stable distribution (sarge) this problem has been fixed in
version 2.8.5-2sarge2.
For the unstable distribution (sid) this problem has been fixed in
version 2.8.5-2sarge2.
We recommend that you upgrade your lynx package.
Solution : http://www.debian.org/security/2006/dsa-1076
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|