HIGH7.5
Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
CVSS 2.0ВЫСОКАЯ 7.5
CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P
Серьёзность:
Закрытые проблемы (11)
HIGH7.5
Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
CVSS 2.0ВЫСОКАЯ 7.5
CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:PHIGH7.5
Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
CVSS 2.0ВЫСОКАЯ 7.5
CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:PCRITICAL10.0
Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
CVSS 2.0КРИТИЧЕСКАЯ 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:CCRITICAL10.0
Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
CVSS 2.0КРИТИЧЕСКАЯ 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:CCRITICAL10.0
Уязвимости операционной системы CentOS, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
CVSS 2.0КРИТИЧЕСКАЯ 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:CCRITICAL10.0
Уязвимости операционной системы CentOS, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
CVSS 2.0КРИТИЧЕСКАЯ 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:CHIGH7.5
Lynx 2.8.5, and other versions before 2.8.6dev.15, allows remote attackers to execute arbitrary commands via (1) lynxcgi:, (2) lynxexec, and (3) lynxprog links, which are not properly restricted in the default configuration in some environments.
CVSS 2.0ВЫСОКАЯ 7.5
CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:PСсылки
- ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.7/SCOSA-2006.7.txt
- ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.55/SCOSA-2005.55.txt
- http://secunia.com/advisories/17372
- http://secunia.com/advisories/17512
- http://secunia.com/advisories/17546
- http://secunia.com/advisories/17556
- http://secunia.com/advisories/17576
- http://secunia.com/advisories/17666
- http://secunia.com/advisories/17757
- http://secunia.com/advisories/18051
- http://secunia.com/advisories/18376
- http://secunia.com/advisories/18659
- http://securityreason.com/securityalert/173
- http://securitytracker.com/id?1015195
- http://support.avaya.com/elmodocs2/security/ASA-2006-035.htm
- http://www.gentoo.org/security/en/glsa/glsa-200511-09.xml
- http://www.idefense.com/application/poi/display?id=338&type=vulnerabilities
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:211
- http://www.openpkg.org/security/OpenPKG-SA-2005.026-lynx.html
- http://www.redhat.com/support/errata/RHSA-2005-839.html
- http://www.securityfocus.com/archive/1/419763/100/0/threaded
- http://www.securityfocus.com/bid/15395
- http://www.vupen.com/english/advisories/2005/2394
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23119
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9712
- ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.7/SCOSA-2006.7.txt
- ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.55/SCOSA-2005.55.txt
- http://secunia.com/advisories/17372
- http://secunia.com/advisories/17512
- http://secunia.com/advisories/17546
- http://secunia.com/advisories/17556
- http://secunia.com/advisories/17576
- http://secunia.com/advisories/17666
- http://secunia.com/advisories/17757
- http://secunia.com/advisories/18051
- http://secunia.com/advisories/18376
- http://secunia.com/advisories/18659
- http://securityreason.com/securityalert/173
- http://securitytracker.com/id?1015195
- http://support.avaya.com/elmodocs2/security/ASA-2006-035.htm
- http://www.gentoo.org/security/en/glsa/glsa-200511-09.xml
- http://www.idefense.com/application/poi/display?id=338&type=vulnerabilities
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:211
- http://www.openpkg.org/security/OpenPKG-SA-2005.026-lynx.html
- http://www.redhat.com/support/errata/RHSA-2005-839.html
- http://www.securityfocus.com/archive/1/419763/100/0/threaded
- http://www.securityfocus.com/bid/15395
- http://www.vupen.com/english/advisories/2005/2394
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23119
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9712
CRITICAL9.8
Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.
CVSS 2.0ВЫСОКАЯ 7.5
CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:PCVSS 3.xКРИТИЧЕСКАЯ 9.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HСсылки
- ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.7/SCOSA-2006.7.txt
- ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.47/SCOSA-2005.47.txt
- http://lists.grok.org.uk/pipermail/full-disclosure/2005-October/038019.html
- http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html
- http://secunia.com/advisories/17150
- http://secunia.com/advisories/17216
- http://secunia.com/advisories/17230
- http://secunia.com/advisories/17231
- http://secunia.com/advisories/17238
- http://secunia.com/advisories/17248
- http://secunia.com/advisories/17340
- http://secunia.com/advisories/17360
- http://secunia.com/advisories/17444
- http://secunia.com/advisories/17445
- http://secunia.com/advisories/17480
- http://secunia.com/advisories/18376
- http://secunia.com/advisories/18584
- http://secunia.com/advisories/20383
- http://securitytracker.com/id?1015065
- http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.423056
- http://support.avaya.com/elmodocs2/security/ASA-2006-010.htm
- http://www.debian.org/security/2005/dsa-874
- http://www.debian.org/security/2005/dsa-876
- http://www.debian.org/security/2006/dsa-1085
- http://www.gentoo.org/security/en/glsa/glsa-200510-15.xml
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:186
- http://www.novell.com/linux/security/advisories/2005_25_sr.html
- http://www.openpkg.org/security/OpenPKG-SA-2005.026-lynx.html
- http://www.redhat.com/support/errata/RHSA-2005-803.html
- http://www.securityfocus.com/archive/1/419763/100/0/threaded
- http://www.securityfocus.com/archive/1/435689/30/4740/threaded
- http://www.securityfocus.com/bid/15117
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=170253
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9257
- https://usn.ubuntu.com/206-1/
- ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.7/SCOSA-2006.7.txt
- ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.47/SCOSA-2005.47.txt
- http://lists.grok.org.uk/pipermail/full-disclosure/2005-October/038019.html
- http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html
- http://secunia.com/advisories/17150
- http://secunia.com/advisories/17216
- http://secunia.com/advisories/17230
- http://secunia.com/advisories/17231
- http://secunia.com/advisories/17238
- http://secunia.com/advisories/17248
- http://secunia.com/advisories/17340
- http://secunia.com/advisories/17360
- http://secunia.com/advisories/17444
- http://secunia.com/advisories/17445
- http://secunia.com/advisories/17480
- http://secunia.com/advisories/18376
- http://secunia.com/advisories/18584
- http://secunia.com/advisories/20383
- http://securitytracker.com/id?1015065
- http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.423056
- http://support.avaya.com/elmodocs2/security/ASA-2006-010.htm
- http://www.debian.org/security/2005/dsa-874
- http://www.debian.org/security/2005/dsa-876
- http://www.debian.org/security/2006/dsa-1085
- http://www.gentoo.org/security/en/glsa/glsa-200510-15.xml
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:186
- http://www.novell.com/linux/security/advisories/2005_25_sr.html
- http://www.openpkg.org/security/OpenPKG-SA-2005.026-lynx.html
- http://www.redhat.com/support/errata/RHSA-2005-803.html
- http://www.securityfocus.com/archive/1/419763/100/0/threaded
- http://www.securityfocus.com/archive/1/435689/30/4740/threaded
- http://www.securityfocus.com/bid/15117
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=170253
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9257
- https://usn.ubuntu.com/206-1/
MEDIUM4.6
Untrusted search path vulnerability in Lynx before 2.8.6rel.4 allows local users to execute arbitrary code via malicious (1) .mailcap and (2) mime.types files in the current working directory.
CVSS 2.0СРЕДНЯЯ 4.6
CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:PСсылки
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=396949
- http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html
- http://secunia.com/advisories/32407
- http://secunia.com/advisories/32416
- http://secunia.com/advisories/33568
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:217
- http://www.openwall.com/lists/oss-security/2008/10/25/3
- http://www.redhat.com/support/errata/RHSA-2008-0965.html
- http://www.securityfocus.com/bid/31917
- http://www.securitytracker.com/id?1021107
- https://bugzilla.redhat.com/show_bug.cgi?id=214205
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46132
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9719
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=396949
- http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html
- http://secunia.com/advisories/32407
- http://secunia.com/advisories/32416
- http://secunia.com/advisories/33568
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:217
- http://www.openwall.com/lists/oss-security/2008/10/25/3
- http://www.redhat.com/support/errata/RHSA-2008-0965.html
- http://www.securityfocus.com/bid/31917
- http://www.securitytracker.com/id?1021107
- https://bugzilla.redhat.com/show_bug.cgi?id=214205
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46132
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9719
CRITICAL10.0
lynx 2.8.6dev.15 and earlier, when advanced mode is enabled and lynx is configured as a URL handler, allows remote attackers to execute arbitrary commands via a crafted lynxcgi: URL, a related issue to CVE-2005-2929. NOTE: this might only be a vulnerability in limited deployments that have defined a lynxcgi: handler.
CVSS 2.0КРИТИЧЕСКАЯ 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:CСсылки
- http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html
- http://secunia.com/advisories/32416
- http://secunia.com/advisories/32967
- http://secunia.com/advisories/33568
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:217
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:218
- http://www.openwall.com/lists/oss-security/2008/10/09/2
- http://www.redhat.com/support/errata/RHSA-2008-0965.html
- http://www.securitytracker.com/id?1021105
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46228
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11204
- https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00066.html
- https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00143.html
- http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html
- http://secunia.com/advisories/32416
- http://secunia.com/advisories/32967
- http://secunia.com/advisories/33568
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:217
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:218
- http://www.openwall.com/lists/oss-security/2008/10/09/2
- http://www.redhat.com/support/errata/RHSA-2008-0965.html
- http://www.securitytracker.com/id?1021105
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46228
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11204
- https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00066.html
- https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00143.html