Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 579
Alerts This Week
Warning Icon 1 579

Gentoo: 200701-27 Normal: ELinks Samba Command Exploit Threat

gentoo
Calendar Grey January 31, 2007
Dist Gentoo Esm H88
Random code execution flaw in ELinks impacts Gentoo systems; update immediately to reduce threats.
ELinks does not properly validate "smb://" URLs, making it vulnerable to the execution of arbitrary Samba commands.

Summary

Gentoo Linux Security Advisory GLSA 200701-27 https://security.gentoo.org/ Severity: Normal Title: ELinks: Arbitrary Samba command execution Date: January 30, 2007 Bugs: #155358 ID: 200701-27

Synopsis ======= ELinks does not properly validate "smb://" URLs, making it vulnerable to the execution of arbitrary Samba commands.
Background ========= ELinks is a text mode web browser.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-client/elinks < 0.11.2 >= 0.11.2
========== Teemu Salmela discovered an error in the validation code of "smb://" URLs used by ELinks, the same issue as reported in GLSA 200612-16 concerning Links.
Impact ===== A remote attacker cou...

Read the Full Advisory

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround