Bug 170253 (CVE-2005-3120) - CAN-2005-3120 lynx buffer overflow
Summary: CAN-2005-3120 lynx buffer overflow
Alias: CVE-2005-3120
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Tim Waugh
QA Contact: Brian Brock
Depends On:
TreeView+ depends on / blocked
Reported: 2005-10-10 09:20 UTC by Mark J. Cox
Modified: 2022-06-07 07:08 UTC (History)
2 users (show)

Fixed In Version: RHSA-2005-803
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2005-10-17 07:44:27 UTC

Attachments (Terms of Use)
Proposed patch from Thomas Dickey for lynx 2.8.6dev.14 (10.68 KB, text/plain)
2005-10-10 09:20 UTC, Mark J. Cox
no flags Details

System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2005:803 0 normal SHIPPED_LIVE Critical: lynx security update 2005-10-17 04:00:00 UTC

Description Mark J. Cox 2005-10-10 09:20:45 UTC
Ulf Harnhammar found a flaw in Lynx that can be triggered when Lynx connects to
a NNTP server.  A malicious news server could cause a buffer overflow, leading
to the potential of arbitrary code execution as the user running lynx.  This
issue requires a victim connects to the malicious news server, however this
could be forced by a redirect from any malicious web page.

Embargo set for 20051017

Comment 1 Mark J. Cox 2005-10-10 09:20:46 UTC
Created attachment 119760 [details]
Proposed patch from Thomas Dickey for lynx 2.8.6dev.14

Comment 6 Mark J. Cox 2005-10-17 07:28:07 UTC
Public today, removing embargo:

Comment 7 Red Hat Bugzilla 2005-10-17 07:44:27 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.


Comment 8 Fedora Update System 2005-10-17 16:20:40 UTC
From User-Agent: XML-RPC

lynx-2.8.5-23.1 has been pushed for FC4, which should resolve this issue.  If these problems are still present in this version, then please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.