Title: Format String Vulnerablity in Lynx |
Author: Larry W. Cashdollar, @_larry0 |
Date: 2001-12-27 |
CVE-ID:[CVE-none] |
CWE: |
Download Site: http://lynx.browser.org/ |
Vendor: Lynx |
Vendor Notified: 2001-12-27 |
Vendor Contact: bugtraq |
Advisory: http://www.vapid.dhs.org/advisories/lynx_format_string_vulnerability.html |
Description: Lynx is a text browser for the World Wide Web |
Vulnerability: lynx has a format string vulnerability in LYUtils.c line 7995 due to a bad call to syslog(), where the format argument is omitted.
Risk: Low
Version: Lynx compiled from FreeBSD ports collection. Also tested in 2.8.5dev.5.gz
[larryc@harod ~ $] lynx --version
Lynx Version 2.8.4rel.1 (17 Jul 2001)
Built on freebsd4.4 Dec 25 2001 23:04:31
Details
line 7995 in LYUtils.c reads:
syslog (LOG_INFO|LOG_LOCAL5, buf);
The reason this is low priority is the bug can only big triggered if sysloging URL's is enabled.
(./configure --enable-syslog)
|
Export: JSON TEXT XML |
Exploit Code:
|
Screen Shots: |
Notes: 97554 |
Larry W. Cashdollar
Larry Cashdollar
Larry W. Cashdollar vulnerability
Larry Cashdollar advisory