[LWN Logo]

Date: Thu, 16 Sep 1999 17:13:06 -0600 (MDT)
From: Dan Burcaw <dburcaw@terraplex.com>
To: yellowdog-general@lists.yellowdoglinux.com
Subject: SECURITY: lynx web browser

The Yellow Dog Linux Security Team has released an updated version of lynx
to fix a recently discovered security vulnerability. lynx is the popular
full-featured, text-based web browser.

Below is a summary of this YDL update.

Package: lynx
Date: September 15, 1999
When lynx calls external programs for protocols (i.e.: telnet), the
location is passed unchecked. This can be used to activate commandline
parameters. For example, this reference <A HREF="telnet://-n.rhosts">click
me</A> would activate the tracefile options on the telnet client. The
result of this would be that the .rhosts file in the current directory
would be created or overwritten.

Depending on the external programs called by lynx, files can be created or
truncated, or even remote commands being executed if (i.e.: ssh or rsh)
would be configured in lynx.

The Yellow Dog Linux Security Team advises that all users with lynx
installed upgrade to this fixed version. You can check if you have lynx
installed by running:

rpm -qi lynx

Urgency: MEDIUM
Solution: rpm -Uvh


Terra Soft Solutions, Inc.
   Yellow Dog Linux
   "The Ultimate Companion for a Dedicated Server"