CVE-2005-3120 Information
Description
Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.
Reference
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.7/SCOSA-2006.7.txt ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.47/SCOSA-2005.47.txt http://lists.grok.org.uk/pipermail/full-disclosure/2005-October/038019.html http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html http://secunia.com/advisories/17150 http://secunia.com/advisories/17216 http://secunia.com/advisories/17230 http://secunia.com/advisories/17231 http://secunia.com/advisories/17238 http://secunia.com/advisories/17248 http://secunia.com/advisories/17340 http://secunia.com/advisories/17360 http://secunia.com/advisories/17444 http://secunia.com/advisories/17445 http://secunia.com/advisories/17480 http://secunia.com/advisories/18376 http://secunia.com/advisories/18584 http://secunia.com/advisories/20383 http://securitytracker.com/id?1015065 http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.423056 http://support.avaya.com/elmodocs2/security/ASA-2006-010.htm http://www.debian.org/security/2005/dsa-874 http://www.debian.org/security/2005/dsa-876 http://www.debian.org/security/2006/dsa-1085 http://www.gentoo.org/security/en/glsa/glsa-200510-15.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:186 http://www.novell.com/linux/security/advisories/2005_25_sr.html http://www.openpkg.org/security/OpenPKG-SA-2005.026-lynx.html http://www.redhat.com/support/errata/RHSA-2005-803.html http://www.securityfocus.com/archive/1/419763/100/0/threaded http://www.securityfocus.com/archive/1/435689/30/4740/threaded http://www.securityfocus.com/bid/15117 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=170253 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A9257 https://usn.ubuntu.com/206-1/
Share on: