Back to search
CVE-2005-2929
Published: Nov 18, 2005
Modified: Aug 7, 2024
PUBLISHED
Description
Lynx 2.8.5, and other versions before 2.8.6dev.15, allows remote attackers to execute arbitrary commands via (1) lynxcgi:, (2) lynxexec, and (3) lynxprog links, which are not properly restricted in the default configuration in some environments.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
17556
third-party-advisory
x_refsource_SECUNIA
18376
third-party-advisory
x_refsource_SECUNIA
17666
third-party-advisory
x_refsource_SECUNIA
15395
vdb-entry
x_refsource_BID
ADV-2005-2394
vdb-entry
x_refsource_VUPEN
17546
third-party-advisory
x_refsource_SECUNIA
17576
third-party-advisory
x_refsource_SECUNIA
OpenPKG-SA-2005.026
vendor-advisory
x_refsource_OPENPKG
17757
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:9712
vdb-entry
signature
x_refsource_OVAL
20051110 Multiple Vendor Lynx Command Injection Vulnerability
third-party-advisory
x_refsource_IDEFENSE
lynx-lynxcgi-command-execute(23119)
vdb-entry
x_refsource_XF
FLSA:152832
vendor-advisory
x_refsource_FEDORA
GLSA-200511-09
vendor-advisory
x_refsource_GENTOO
18659
third-party-advisory
x_refsource_SECUNIA
RHSA-2005:839
vendor-advisory
x_refsource_REDHAT
173
third-party-advisory
x_refsource_SREASON
18051
third-party-advisory
x_refsource_SECUNIA
17512
third-party-advisory
x_refsource_SECUNIA
MDKSA-2005:211
vendor-advisory
x_refsource_MANDRIVA
17372
third-party-advisory
x_refsource_SECUNIA
1015195
vdb-entry
x_refsource_SECTRACK
http://support.avaya.com/elmodocs2/security/ASA-2006-035.htm
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now