ALT-PU-2018-1970-1
Closed vulnerabilities
Published: 2005-10-17
BDU:2015-02648
Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
Severity: HIGH (7.5)
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
References:
Published: 2004-10-18
BDU:2015-04083
Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
Severity: HIGH (7.5)
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
References:
Published: 1970-01-01
BDU:2015-04084
Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
Severity: HIGH (7.5)
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
References:
Published: 2008-10-27
BDU:2015-06413
Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
Severity: CRITICAL (10.0)
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
References:
Published: 2008-10-27
BDU:2015-06414
Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
Severity: CRITICAL (10.0)
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
References:
Published: 2008-10-27
BDU:2015-08355
Уязвимости операционной системы CentOS, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
Severity: CRITICAL (10.0)
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
References:
Published: 2008-10-27
BDU:2015-08356
Уязвимости операционной системы CentOS, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
Severity: CRITICAL (10.0)
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
References:
Published: 2005-11-18
Modified: 2025-04-03
Modified: 2025-04-03
CVE-2005-2929
Lynx 2.8.5, and other versions before 2.8.6dev.15, allows remote attackers to execute arbitrary commands via (1) lynxcgi:, (2) lynxexec, and (3) lynxprog links, which are not properly restricted in the default configuration in some environments.
Severity: HIGH (7.5)
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
References:
- ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.7/SCOSA-2006.7.txt
- ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.55/SCOSA-2005.55.txt
- http://secunia.com/advisories/17372
- http://secunia.com/advisories/17512
- http://secunia.com/advisories/17546
- http://secunia.com/advisories/17556
- http://secunia.com/advisories/17576
- http://secunia.com/advisories/17666
- http://secunia.com/advisories/17757
- http://secunia.com/advisories/18051
- http://secunia.com/advisories/18376
- http://secunia.com/advisories/18659
- http://securityreason.com/securityalert/173
- http://securitytracker.com/id?1015195
- http://support.avaya.com/elmodocs2/security/ASA-2006-035.htm
- http://www.gentoo.org/security/en/glsa/glsa-200511-09.xml
- http://www.idefense.com/application/poi/display?id=338&type=vulnerabilities
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:211
- http://www.openpkg.org/security/OpenPKG-SA-2005.026-lynx.html
- http://www.redhat.com/support/errata/RHSA-2005-839.html
- http://www.securityfocus.com/archive/1/419763/100/0/threaded
- http://www.securityfocus.com/bid/15395
- http://www.vupen.com/english/advisories/2005/2394
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23119
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9712
- ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.7/SCOSA-2006.7.txt
- ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.55/SCOSA-2005.55.txt
- http://secunia.com/advisories/17372
- http://secunia.com/advisories/17512
- http://secunia.com/advisories/17546
- http://secunia.com/advisories/17556
- http://secunia.com/advisories/17576
- http://secunia.com/advisories/17666
- http://secunia.com/advisories/17757
- http://secunia.com/advisories/18051
- http://secunia.com/advisories/18376
- http://secunia.com/advisories/18659
- http://securityreason.com/securityalert/173
- http://securitytracker.com/id?1015195
- http://support.avaya.com/elmodocs2/security/ASA-2006-035.htm
- http://www.gentoo.org/security/en/glsa/glsa-200511-09.xml
- http://www.idefense.com/application/poi/display?id=338&type=vulnerabilities
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:211
- http://www.openpkg.org/security/OpenPKG-SA-2005.026-lynx.html
- http://www.redhat.com/support/errata/RHSA-2005-839.html
- http://www.securityfocus.com/archive/1/419763/100/0/threaded
- http://www.securityfocus.com/bid/15395
- http://www.vupen.com/english/advisories/2005/2394
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23119
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9712
Published: 2005-10-17
Modified: 2025-04-03
Modified: 2025-04-03
CVE-2005-3120
Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.
Severity: HIGH (7.5)
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Severity: CRITICAL (9.8)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
- ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.7/SCOSA-2006.7.txt
- ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.47/SCOSA-2005.47.txt
- http://lists.grok.org.uk/pipermail/full-disclosure/2005-October/038019.html
- http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html
- http://secunia.com/advisories/17150
- http://secunia.com/advisories/17216
- http://secunia.com/advisories/17230
- http://secunia.com/advisories/17231
- http://secunia.com/advisories/17238
- http://secunia.com/advisories/17248
- http://secunia.com/advisories/17340
- http://secunia.com/advisories/17360
- http://secunia.com/advisories/17444
- http://secunia.com/advisories/17445
- http://secunia.com/advisories/17480
- http://secunia.com/advisories/18376
- http://secunia.com/advisories/18584
- http://secunia.com/advisories/20383
- http://securitytracker.com/id?1015065
- http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.423056
- http://support.avaya.com/elmodocs2/security/ASA-2006-010.htm
- http://www.debian.org/security/2005/dsa-874
- http://www.debian.org/security/2005/dsa-876
- http://www.debian.org/security/2006/dsa-1085
- http://www.gentoo.org/security/en/glsa/glsa-200510-15.xml
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:186
- http://www.novell.com/linux/security/advisories/2005_25_sr.html
- http://www.openpkg.org/security/OpenPKG-SA-2005.026-lynx.html
- http://www.redhat.com/support/errata/RHSA-2005-803.html
- http://www.securityfocus.com/archive/1/419763/100/0/threaded
- http://www.securityfocus.com/archive/1/435689/30/4740/threaded
- http://www.securityfocus.com/bid/15117
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=170253
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9257
- https://usn.ubuntu.com/206-1/
- ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.7/SCOSA-2006.7.txt
- ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.47/SCOSA-2005.47.txt
- http://lists.grok.org.uk/pipermail/full-disclosure/2005-October/038019.html
- http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html
- http://secunia.com/advisories/17150
- http://secunia.com/advisories/17216
- http://secunia.com/advisories/17230
- http://secunia.com/advisories/17231
- http://secunia.com/advisories/17238
- http://secunia.com/advisories/17248
- http://secunia.com/advisories/17340
- http://secunia.com/advisories/17360
- http://secunia.com/advisories/17444
- http://secunia.com/advisories/17445
- http://secunia.com/advisories/17480
- http://secunia.com/advisories/18376
- http://secunia.com/advisories/18584
- http://secunia.com/advisories/20383
- http://securitytracker.com/id?1015065
- http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.423056
- http://support.avaya.com/elmodocs2/security/ASA-2006-010.htm
- http://www.debian.org/security/2005/dsa-874
- http://www.debian.org/security/2005/dsa-876
- http://www.debian.org/security/2006/dsa-1085
- http://www.gentoo.org/security/en/glsa/glsa-200510-15.xml
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:186
- http://www.novell.com/linux/security/advisories/2005_25_sr.html
- http://www.openpkg.org/security/OpenPKG-SA-2005.026-lynx.html
- http://www.redhat.com/support/errata/RHSA-2005-803.html
- http://www.securityfocus.com/archive/1/419763/100/0/threaded
- http://www.securityfocus.com/archive/1/435689/30/4740/threaded
- http://www.securityfocus.com/bid/15117
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=170253
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9257
- https://usn.ubuntu.com/206-1/
Published: 2008-10-27
Modified: 2025-04-09
Modified: 2025-04-09
CVE-2006-7234
Untrusted search path vulnerability in Lynx before 2.8.6rel.4 allows local users to execute arbitrary code via malicious (1) .mailcap and (2) mime.types files in the current working directory.
Severity: MEDIUM (4.6)
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
References:
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=396949
- http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html
- http://secunia.com/advisories/32407
- http://secunia.com/advisories/32416
- http://secunia.com/advisories/33568
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:217
- http://www.openwall.com/lists/oss-security/2008/10/25/3
- http://www.redhat.com/support/errata/RHSA-2008-0965.html
- http://www.securityfocus.com/bid/31917
- http://www.securitytracker.com/id?1021107
- https://bugzilla.redhat.com/show_bug.cgi?id=214205
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46132
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9719
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=396949
- http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html
- http://secunia.com/advisories/32407
- http://secunia.com/advisories/32416
- http://secunia.com/advisories/33568
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:217
- http://www.openwall.com/lists/oss-security/2008/10/25/3
- http://www.redhat.com/support/errata/RHSA-2008-0965.html
- http://www.securityfocus.com/bid/31917
- http://www.securitytracker.com/id?1021107
- https://bugzilla.redhat.com/show_bug.cgi?id=214205
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46132
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9719
Published: 2008-10-22
Modified: 2025-04-09
Modified: 2025-04-09
CVE-2008-4690
lynx 2.8.6dev.15 and earlier, when advanced mode is enabled and lynx is configured as a URL handler, allows remote attackers to execute arbitrary commands via a crafted lynxcgi: URL, a related issue to CVE-2005-2929. NOTE: this might only be a vulnerability in limited deployments that have defined a lynxcgi: handler.
Severity: CRITICAL (10.0)
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
References:
- http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html
- http://secunia.com/advisories/32416
- http://secunia.com/advisories/32967
- http://secunia.com/advisories/33568
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:217
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:218
- http://www.openwall.com/lists/oss-security/2008/10/09/2
- http://www.redhat.com/support/errata/RHSA-2008-0965.html
- http://www.securitytracker.com/id?1021105
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46228
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11204
- https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00066.html
- https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00143.html
- http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html
- http://secunia.com/advisories/32416
- http://secunia.com/advisories/32967
- http://secunia.com/advisories/33568
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:217
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:218
- http://www.openwall.com/lists/oss-security/2008/10/09/2
- http://www.redhat.com/support/errata/RHSA-2008-0965.html
- http://www.securitytracker.com/id?1021105
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46228
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11204
- https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00066.html
- https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00143.html