Detections
Analytics
Fedora 9 : lynx-2.8.6-17.fc9 (2008-9550)
critical Nessus Plugin ID 35016
Synopsis
The remote Fedora host is missing a security update.Description
- Mon Nov 10 2008 Jiri Moskovcak <jmoskovc at redhat.com> 2.8.6-17- Fixed CVE-2008-4690 lynx: remote arbitrary command execution. via a crafted lynxcgi: URL (thoger)
- Fri May 30 2008 Jiri Moskovcak <jmoskovc at redhat.com> 2.8.6-16
- updated to latest stable upstream version 2.8.6rel5
- Fri May 23 2008 Dennis Gilmore <dennis at ausil.us> - 2.8.6-15.1
- minor rebuild on sparc
- Sat May 17 2008 Dennis Gilmore <dennis at ausil.us> - 2.8.6-15
- even with the patches it still built wrong in koji.
- limit -j to 24 for sparc
- Thu May 8 2008 Dennis Gilmore <dennis at ausil.us> - 2.8.6-14
- patch from ajax to fix parallel builds
- additional patch from me for parallel builds
- set default home page to start.fedoraproject.org
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected lynx package.See Also
Plugin Details
Severity: Critical
ID: 35016
File Name: fedora_2008-9550.nasl
Version: 1.15
Type: local
Agent: unix
Family: Fedora Local Security Checks
Published: 12/3/2008
Updated: 1/11/2021
Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 7.4
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: p-cpe:/a:fedoraproject:fedora:lynx, cpe:/o:fedoraproject:fedora:9
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list
Exploit Ease: No known exploits are available
Patch Publication Date: 12/2/2008
Reference Information
CVE: CVE-2008-4690
BID: 15395
FEDORA: 2008-9550