OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
security_at_caldera.com
Date: Mon Nov 18 2002 - 18:26:42 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    To: bugtraqsecurityfocus.com announcelists.caldera.com security-alertslinuxsecurity.com full-disclosurelists.netsys.com

    ______________________________________________________________________________

                            SCO Security Advisory

    Subject: Linux: lynx CRLF injection vulnerability
    Advisory number: CSSA-2002-049.0
    Issue date: 2002 November 18
    Cross reference:
    ______________________________________________________________________________

    1. Problem Description

            If lynx is given a url with some special characters on
            the command line, it will include faked headers in the HTTP
            query. This feature can be used to force scripts (that use Lynx
            for downloading files) to access the wrong site on a web server
            with multiple virtual hosts.

    2. Vulnerable Supported Versions

            System Package
            ----------------------------------------------------------------------

            OpenLinux 3.1.1 Server prior to lynx-2.8.4-1.i386.rpm

            OpenLinux 3.1.1 Workstation prior to lynx-2.8.4-1.i386.rpm

            OpenLinux 3.1 Server prior to lynx-2.8.4-1.i386.rpm

            OpenLinux 3.1 Workstation prior to lynx-2.8.4-1.i386.rpm

    3. Solution

            The proper solution is to install the latest packages. Many
            customers find it easier to use the Caldera System Updater, called
            cupdate (or kcupdate under the KDE environment), to update these
            packages rather than downloading and installing them by hand.

    4. OpenLinux 3.1.1 Server

            4.1 Package Location

            ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2002-049.0/RPMS

            4.2 Packages

            86aa0c385c7b4789aa33fe57dc209490 lynx-2.8.4-1.i386.rpm

            4.3 Installation

            rpm -Fvh lynx-2.8.4-1.i386.rpm

            4.4 Source Package Location

            ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2002-049.0/SRPMS

            4.5 Source Packages

            2b48e8130471668d9562fc10a5969d02 lynx-2.8.4-1.src.rpm

    5. OpenLinux 3.1.1 Workstation

            5.1 Package Location

            ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2002-049.0/RPMS

            5.2 Packages

            bd467354192cc42c87abb4be5650749f lynx-2.8.4-1.i386.rpm

            5.3 Installation

            rpm -Fvh lynx-2.8.4-1.i386.rpm

            5.4 Source Package Location

            ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2002-049.0/SRPMS

            5.5 Source Packages

            cf32748b277276e5f43a6f4111bb1ff2 lynx-2.8.4-1.src.rpm

    6. OpenLinux 3.1 Server

            6.1 Package Location

            ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2002-049.0/RPMS

            6.2 Packages

            02bb0b77cf7f6014c6ad5a386e5bc763 lynx-2.8.4-1.i386.rpm

            6.3 Installation

            rpm -Fvh lynx-2.8.4-1.i386.rpm

            6.4 Source Package Location

            ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2002-049.0/SRPMS

            6.5 Source Packages

            61828e229e2794c46376c95354c8859c lynx-2.8.4-1.src.rpm

    7. OpenLinux 3.1 Workstation

            7.1 Package Location

            ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2002-049.0/RPMS

            7.2 Packages

            d0b3580c93c3790d88eb0c4d18a75e58 lynx-2.8.4-1.i386.rpm

            7.3 Installation

            rpm -Fvh lynx-2.8.4-1.i386.rpm

            7.4 Source Package Location

            ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2002-049.0/SRPMS

            7.5 Source Packages

            2c321eabba1a1d8172893de42f58af59 lynx-2.8.4-1.src.rpm

    8. References

            Specific references for this advisory:
                    none

            SCO security resources:
                    http://www.sco.com/support/security/index.html

            This security fix closes SCO incidents sr868660, fz525986,
            erg712118.

    9. Disclaimer

            SCO is not responsible for the misuse of any of the information
            we provide on this website and/or through our security
            advisories. Our advisories are a service to our customers intended
            to promote secure installation and use of SCO products.

    10. Acknowledgements

            SCO would like to thank Ulf Harnhammar for the discovery and
            analysis of this vulnerability.

    ______________________________________________________________________________

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.0.6 (SCO_SV)
    Comment: For info see http://www.gnupg.org

    iEYEARECAAYFAj3ZhUIACgkQbluZssSXDTFNygCgmnS4g5fkEUSCnkd8vyq9WtXC
    nbgAoO21y7RUBVTEwdTe0+fp8fR+YFBP
    =Kp+N
    -----END PGP SIGNATURE-----