|
|
Lynx URI Handlers Arbitrary Command Execution Vulnerability
|
Bugtraq ID:
|
15395
|
|
Class:
|
Input Validation Error
|
|
CVE:
|
CVE-2005-2929
CVE-2008-4690
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
Nov 11 2005 12:00AM
|
|
Updated:
|
Jan 19 2009 08:52PM
|
|
Credit:
|
vade79 is credited with the discovery of this vulnerability.
|
|
Vulnerable:
|
University of Kansas Lynx 2.8.6 dev9
University of Kansas Lynx 2.8.6 dev8
University of Kansas Lynx 2.8.6 dev7
University of Kansas Lynx 2.8.6 dev6
University of Kansas Lynx 2.8.6 dev5
University of Kansas Lynx 2.8.6 dev4
University of Kansas Lynx 2.8.6 dev3
University of Kansas Lynx 2.8.6 dev2
University of Kansas Lynx 2.8.6 dev14
University of Kansas Lynx 2.8.6 dev13
University of Kansas Lynx 2.8.6 dev12
University of Kansas Lynx 2.8.6 dev11
University of Kansas Lynx 2.8.6 dev10
University of Kansas Lynx 2.8.6 dev1
University of Kansas Lynx 2.8.5 dev.8
+
MandrakeSoft Linux Mandrake 9.0
+
MandrakeSoft Linux Mandrake 8.2 ppc
+
MandrakeSoft Linux Mandrake 8.2
+
MandrakeSoft Linux Mandrake 8.1 ia64
+
MandrakeSoft Linux Mandrake 8.1
+
MandrakeSoft Linux Mandrake 8.0 ppc
+
MandrakeSoft Linux Mandrake 8.0
+
MandrakeSoft Linux Mandrake 7.2
+
MandrakeSoft Multi Network Firewall 2.0
+
MandrakeSoft Single Network Firewall 7.2
University of Kansas Lynx 2.8.5 dev.5
University of Kansas Lynx 2.8.5 dev.4
University of Kansas Lynx 2.8.5 dev.3
University of Kansas Lynx 2.8.5 dev.2
University of Kansas Lynx 2.8.5
+
MandrakeSoft Corporate Server 3.0 x86_64
+
MandrakeSoft Corporate Server 3.0
+
MandrakeSoft Corporate Server 2.1 x86_64
+
MandrakeSoft Corporate Server 2.1
+
MandrakeSoft Linux Mandrake 2006.0 x86_64
+
MandrakeSoft Linux Mandrake 2006.0
+
MandrakeSoft Linux Mandrake 10.2 x86_64
+
MandrakeSoft Linux Mandrake 10.2
+
MandrakeSoft Linux Mandrake 10.1 x86_64
+
MandrakeSoft Linux Mandrake 10.1
+
MandrakeSoft Multi Network Firewall 2.0
+
Ubuntu Ubuntu Linux 5.10 powerpc
+
Ubuntu Ubuntu Linux 5.10 i386
+
Ubuntu Ubuntu Linux 5.10 amd64
+
Ubuntu Ubuntu Linux 5.0 4 powerpc
+
Ubuntu Ubuntu Linux 5.0 4 i386
+
Ubuntu Ubuntu Linux 5.0 4 amd64
+
Ubuntu Ubuntu Linux 4.1 ppc
+
Ubuntu Ubuntu Linux 4.1 ia64
+
Ubuntu Ubuntu Linux 4.1 ia32
University of Kansas Lynx 2.8.4 rel.1
University of Kansas Lynx 2.8.4
+
Caldera OpenLinux Server 3.1.1
+
Caldera OpenLinux Server 3.1
+
Caldera OpenLinux Workstation 3.1.1
+
Caldera OpenLinux Workstation 3.1
+
Conectiva Linux 8.0
+
Conectiva Linux 7.0
+
Debian Linux 3.0
+
RedHat Linux for iSeries 7.1
+
RedHat Linux for pSeries 7.1
+
Sun Linux 5.0.6
+
Trustix Secure Linux 1.5
+
Trustix Secure Linux 1.2
+
Trustix Secure Linux 1.1
University of Kansas Lynx 2.8.3 rel.1
University of Kansas Lynx 2.8.3 pre.5
University of Kansas Lynx 2.8.3 dev2x
University of Kansas Lynx 2.8.3 dev.22
University of Kansas Lynx 2.8.3
+
Debian Linux 2.2
University of Kansas Lynx 2.8.2 rel.1
University of Kansas Lynx 2.8.1
University of Kansas Lynx 2.8
University of Kansas Lynx 2.7
Trustix Secure Linux 3.0
Trustix Secure Linux 2.2
SGI ProPack 3.0 SP6
SCO Unixware 7.1.4
SCO Unixware 7.1.3
S.u.S.E. SLE SDK 9
S.u.S.E. SLE SDK 10 SP2
S.u.S.E. Novell Linux Desktop 9.0
RedHat Linux 9.0 i386
RedHat Linux 7.3 i386
RedHat Fedora 9 0
RedHat Fedora 8 0
RedHat Fedora Core4
RedHat Fedora Core3
RedHat Fedora Core2
RedHat Fedora Core1
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux WS 2.1 IA64
RedHat Enterprise Linux WS 2.1
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux ES 3
RedHat Enterprise Linux ES 2.1 IA64
RedHat Enterprise Linux ES 2.1
RedHat Enterprise Linux Desktop 5 client
RedHat Enterprise Linux AS 4
RedHat Enterprise Linux AS 3
RedHat Enterprise Linux AS 2.1 IA64
RedHat Enterprise Linux AS 2.1
RedHat Enterprise Linux 5 server
RedHat Desktop 4.0
RedHat Desktop 3.0
RedHat Advanced Workstation for the Itanium Processor 2.1 IA64
RedHat Advanced Workstation for the Itanium Processor 2.1 IA64
RedHat Advanced Workstation for the Itanium Processor 2.1
OpenPKG OpenPKG 2.5
OpenPKG OpenPKG 2.4
OpenPKG OpenPKG 2.3
OpenPKG OpenPKG Current
MandrakeSoft Multi Network Firewall 2.0
MandrakeSoft Linux Mandrake 2009.0 x86_64
MandrakeSoft Linux Mandrake 2009.0
MandrakeSoft Linux Mandrake 2008.1 x86_64
MandrakeSoft Linux Mandrake 2008.1
MandrakeSoft Linux Mandrake 2008.0 x86_64
MandrakeSoft Linux Mandrake 2008.0
MandrakeSoft Corporate Server 4.0 x86_64
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
MandrakeSoft Corporate Server 4.0
Gentoo Linux
Conectiva Linux 10.0
Avaya Intuity Audix R5 0
|
|
|
|
Not Vulnerable:
|
University of Kansas Lynx 2.8.6 dev15
|
|
|
