7.5

CVE-2005-2929

Lynx 2.8.5, and other versions before 2.8.6dev.15, allows remote attackers to execute arbitrary commands via (1) lynxcgi:, (2) lynxexec, and (3) lynxprog links, which are not properly restricted in the default configuration in some environments.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
University Of KansasLynx Version2.8.5
University Of KansasLynx Version2.8.6
University Of KansasLynx Version2.8.6_dev13
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4.92% 0.91
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.7/SCOSA-2006.7.txt
http://secunia.com/advisories/18376
Vendor Advisory
http://www.openpkg.org/security/OpenPKG-SA-2005.026-lynx.html
http://www.securityfocus.com/archive/1/419763/100/0/threaded
http://secunia.com/advisories/17666
Vendor Advisory
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.55/SCOSA-2005.55.txt
http://secunia.com/advisories/17372
Vendor Advisory
http://secunia.com/advisories/17512
Vendor Advisory
http://secunia.com/advisories/17546
Vendor Advisory
http://secunia.com/advisories/17556
Vendor Advisory
http://secunia.com/advisories/17576
Vendor Advisory
http://secunia.com/advisories/17757
Vendor Advisory
http://secunia.com/advisories/18051
Vendor Advisory
http://secunia.com/advisories/18659
Vendor Advisory
http://securityreason.com/securityalert/173
http://securitytracker.com/id?1015195
http://support.avaya.com/elmodocs2/security/ASA-2006-035.htm
http://www.gentoo.org/security/en/glsa/glsa-200511-09.xml
http://www.idefense.com/application/poi/display?id=338&type=vulnerabilities
Patch
Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2005:211
http://www.redhat.com/support/errata/RHSA-2005-839.html
http://www.securityfocus.com/bid/15395
http://www.vupen.com/english/advisories/2005/2394
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/23119
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9712