Red Hat Bugzilla – Bug 170253
CAN-2005-3120 lynx buffer overflow
Last modified: 2008-10-26 05:09:29 EDT
Ulf Harnhammar found a flaw in Lynx that can be triggered when Lynx connects to
a NNTP server. A malicious news server could cause a buffer overflow, leading
to the potential of arbitrary code execution as the user running lynx. This
issue requires a victim connects to the malicious news server, however this
could be forced by a redirect from any malicious web page.
Embargo set for 20051017
Created attachment 119760 [details]
Proposed patch from Thomas Dickey for lynx 2.8.6dev.14
Public today, removing embargo:
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.
From User-Agent: XML-RPC
lynx-2.8.5-23.1 has been pushed for FC4, which should resolve this issue. If these problems are still present in this version, then please make note of it in this bug report.