Scientific Linux Security Update : lynx on SL3.x, SL4.x, SL5.x i386/x86_64

This script is Copyright (C) 2012 Tenable Network Security, Inc.


Synopsis :

The remote Scientific Linux host is missing a security update.

Description :

An arbitrary command execution flaw was found in the Lynx 'lynxcgi:'
URI handler. An attacker could create a web page redirecting to a
malicious URL that could execute arbitrary code as the user running
Lynx in the non-default 'Advanced' user mode. (CVE-2008-4690)

Note: In these updated lynx packages, Lynx will always prompt users
before loading a 'lynxcgi:' URI. Additionally, the default lynx.cfg
configuration file now marks all 'lynxcgi:' URIs as untrusted by
default.

A flaw was found in a way Lynx handled '.mailcap' and '.mime.types'
configuration files. Files in the browser's current working directory
were opened before those in the user's home directory. A local
attacker, able to convince a user to run Lynx in a directory under
their control, could possibly execute arbitrary commands as the user
running Lynx. (CVE-2006-7234)

See also :

http://www.nessus.org/u?28be28ae

Solution :

Update the affected lynx package.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Family: Scientific Linux Local Security Checks

Nessus Plugin ID: 60486 ()

Bugtraq ID:

CVE ID: CVE-2006-7234
CVE-2008-4690