Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: Lynx user? Upgrade it! - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Lynx user? Upgrade it!
If you are a lynx user, prepare yourself to upgrade it.
According to an advisory from iDefense, there is a Command Injection Vulnerability on it, that "could allow attackers to execute arbitrary commands with the privileges of the underlying user.".

Some patch links:

Development version 2.8.6dev.15 has been released to address this issue
and is available from the following URLs:

 http://lynx.isc.org/current/lynx2.8.6dev.15.tar.Z
 http://lynx.isc.org/current/lynx2.8.6dev.15.tar.bz2
 http://lynx.isc.org/current/lynx2.8.6dev.15.tar.gz
 http://lynx.isc.org/current/lynx2.8.6dev.15.zip

Alternately, an incremental patch is available at:
 http://lynx.isc.org/current/2.8.6dev.15.patch.gz

-------------------------------------------------------------------
Handler on Duty: Pedro Bueno (pbueno //%%// isc. sans. org)
Pedro

155 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!