Date: Thu, 16 Sep 1999 17:13:06 -0600 (MDT) From: Dan Burcaw <dburcaw@terraplex.com> To: yellowdog-general@lists.yellowdoglinux.com Subject: SECURITY: lynx web browser The Yellow Dog Linux Security Team has released an updated version of lynx to fix a recently discovered security vulnerability. lynx is the popular full-featured, text-based web browser. Below is a summary of this YDL update. Package: lynx Date: September 15, 1999 Problem: When lynx calls external programs for protocols (i.e.: telnet), the location is passed unchecked. This can be used to activate commandline parameters. For example, this reference <A HREF="telnet://-n.rhosts">click me</A> would activate the tracefile options on the telnet client. The result of this would be that the .rhosts file in the current directory would be created or overwritten. Depending on the external programs called by lynx, files can be created or truncated, or even remote commands being executed if (i.e.: ssh or rsh) would be configured in lynx. The Yellow Dog Linux Security Team advises that all users with lynx installed upgrade to this fixed version. You can check if you have lynx installed by running: rpm -qi lynx Urgency: MEDIUM Solution: rpm -Uvh ftp://ftp.yellowdoglinux.com/pub/yellowdog/updates/champion-1.1/RPMS/lynx-2.8.3pre9-1.ppc.rpm Dan Terra Soft Solutions, Inc. Yellow Dog Linux "The Ultimate Companion for a Dedicated Server" http://www.yellowdoglinux.com/