USN-206-1: Lynx vulnerability

17 October 2005

lynx vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 5.10
  • Ubuntu 5.04
  • Ubuntu 4.10

Software Description

Details

Ulf Harnhammar discovered a remote vulnerability in Lynx when connecting to a news server (NNTP). The function that added missing escape chararacters to article headers did not check the size of the target buffer. Specially crafted news entries could trigger a buffer overflow, which could be exploited to execute arbitrary code with the privileges of the user running lynx. In order to exploit this, the user is not even required to actively visit a news site with Lynx since a malicious HTML page could automatically redirect to an nntp:// URL with malicious news items.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 5.10
lynx
Ubuntu 5.04
lynx
Ubuntu 4.10
lynx

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

References