• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Lynx Malformed HTML Infinite Loop Denial Of Service Vulnerability

Bugtraq ID:	11443
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2004-1617
Remote:	Yes
Local:	No
Published:	Oct 18 2004 12:00AM
Updated:	Nov 28 2006 11:10PM
Credit:	Discovery is credited to Michal Zalewski.
Vulnerable:	University of Kansas Lynx 2.8.6 University of Kansas Lynx 2.8.5 dev.8 + MandrakeSoft Linux Mandrake 9.0 + MandrakeSoft Linux Mandrake 8.2 ppc + MandrakeSoft Linux Mandrake 8.2 + MandrakeSoft Linux Mandrake 8.1 ia64 + MandrakeSoft Linux Mandrake 8.1 + MandrakeSoft Linux Mandrake 8.0 ppc + MandrakeSoft Linux Mandrake 8.0 + MandrakeSoft Linux Mandrake 7.2 + MandrakeSoft Multi Network Firewall 2.0 + MandrakeSoft Single Network Firewall 7.2 University of Kansas Lynx 2.8.5 dev.5 University of Kansas Lynx 2.8.5 dev.4 University of Kansas Lynx 2.8.5 dev.3 University of Kansas Lynx 2.8.5 dev.2 University of Kansas Lynx 2.8.5 + MandrakeSoft Corporate Server 3.0 x86_64 + MandrakeSoft Corporate Server 3.0 + MandrakeSoft Corporate Server 2.1 x86_64 + MandrakeSoft Corporate Server 2.1 + MandrakeSoft Linux Mandrake 2006.0 x86_64 + MandrakeSoft Linux Mandrake 2006.0 + MandrakeSoft Linux Mandrake 10.2 x86_64 + MandrakeSoft Linux Mandrake 10.2 + MandrakeSoft Linux Mandrake 10.1 x86_64 + MandrakeSoft Linux Mandrake 10.1 + MandrakeSoft Multi Network Firewall 2.0 + Ubuntu Ubuntu Linux 5.10 powerpc + Ubuntu Ubuntu Linux 5.10 i386 + Ubuntu Ubuntu Linux 5.10 amd64 + Ubuntu Ubuntu Linux 5.0 4 powerpc + Ubuntu Ubuntu Linux 5.0 4 i386 + Ubuntu Ubuntu Linux 5.0 4 amd64 + Ubuntu Ubuntu Linux 4.1 ppc + Ubuntu Ubuntu Linux 4.1 ia64 + Ubuntu Ubuntu Linux 4.1 ia32 University of Kansas Lynx 2.8.4 rel.1 University of Kansas Lynx 2.8.4 + Caldera OpenLinux Server 3.1.1 + Caldera OpenLinux Server 3.1 + Caldera OpenLinux Workstation 3.1.1 + Caldera OpenLinux Workstation 3.1 + Conectiva Linux 8.0 + Conectiva Linux 7.0 + Debian Linux 3.0 + RedHat Linux for iSeries 7.1 + RedHat Linux for pSeries 7.1 + Sun Linux 5.0.6 + Trustix Secure Linux 1.5 + Trustix Secure Linux 1.2 + Trustix Secure Linux 1.1 University of Kansas Lynx 2.8.3 rel.1 University of Kansas Lynx 2.8.3 pre.5 University of Kansas Lynx 2.8.3 dev2x University of Kansas Lynx 2.8.3 dev.22 University of Kansas Lynx 2.8.3 + Debian Linux 2.2 University of Kansas Lynx 2.8.2 rel.1 University of Kansas Lynx 2.8.1 University of Kansas Lynx 2.8 University of Kansas Lynx 2.7 Debian Linux 3.1 sparc Debian Linux 3.1 s/390 Debian Linux 3.1 ppc Debian Linux 3.1 mipsel Debian Linux 3.1 mips Debian Linux 3.1 m68k Debian Linux 3.1 ia-64 Debian Linux 3.1 ia-32 Debian Linux 3.1 hppa Debian Linux 3.1 arm Debian Linux 3.1 amd64 Debian Linux 3.1 alpha Debian Linux 3.1 Debian Linux 3.0 sparc Debian Linux 3.0 s/390 Debian Linux 3.0 ppc Debian Linux 3.0 mipsel Debian Linux 3.0 mips Debian Linux 3.0 m68k Debian Linux 3.0 ia-64 Debian Linux 3.0 ia-32 Debian Linux 3.0 hppa Debian Linux 3.0 arm Debian Linux 3.0 alpha Debian Linux 3.0
Not Vulnerable: