|
Family: Debian Local Security Checks --> Category: infos
[DSA210] DSA-210-1 lynx Vulnerability Scan
Vulnerability Scan Summary DSA-210-1 lynx
Detailed Explanation for this Vulnerability Test
lynx (a text-only web browser) did not properly check for illegal
characters in all places, including processing of command line options,
which could be used to insert extra HTTP headers in a request.
For Debian GNU/Linux 2.2/potato this has been fixed in version 2.8.3-1.1
of the lynx package and version 2.8.3.1-1.1 of the lynx-ssl package.
For Debian GNU/Linux 3.0/woody this has been fixed in version 2.8.4.1b-3.2
of the lynx package and version 1:2.8.4.1b-3.1 of the lynx-ssl package.
Solution : http://www.debian.org/security/2002/dsa-210
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|