CVE-2002-1405 Information

Feb 14, 2021 cve

Description

CRLF injection vulnerability in Lynx 2.8.4 and earlier allows remote attackers to inject false HTTP headers into an HTTP request that is provided on the command line via a URL containing encoded carriage return line feed and other whitespace characters.

Reference

ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-049.0.txt http://marc.info/?l=bugtraq&m=102978118411977&w=2 http://marc.info/?l=bugtraq&m=103003793418021&w=2 http://www.debian.org/security/2002/dsa-210 http://www.iss.net/security_center/static/9887.php http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:023 http://www.redhat.com/support/errata/RHSA-2003-029.html http://www.redhat.com/support/errata/RHSA-2003-030.html http://www.securityfocus.com/bid/5499 http://www.trustix.net/errata/misc/2002/TSL-2002-0085-lynx-ssl.asc.txt

Share on: