FreeBSD : lynx -- remote buffer overflow (c01170bf-4990-11da-a1b8-000854d03344)

high Nessus Plugin ID 21506

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

Ulf Harnhammar reports :

When Lynx connects to an NNTP server to fetch information about the available articles in a newsgroup, it will call a function called HTrjis() with the information from certain article headers. The function adds missing ESC characters to certain data, to support Asian character sets. However, it does not check if it writes outside of the char array buf, and that causes a remote stack-based buffer overflow.

Solution

Update the affected packages.

See Also

http://www.nessus.org/u?a40354e4

http://www.nessus.org/u?1447932b

Plugin Details

Severity: High

ID: 21506

File Name: freebsd_pkg_c01170bf499011daa1b8000854d03344.nasl

Version: 1.16

Type: local

Published: 5/13/2006

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:ja-lynx, p-cpe:/a:freebsd:freebsd:lynx, p-cpe:/a:freebsd:freebsd:lynx-ssl, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 10/30/2005

Vulnerability Publication Date: 10/17/2005

Reference Information

CVE: CVE-2005-3120