Vulnerabilities > CVE-2017-1000211 - Use After Free vulnerability in Lynx Project Lynx 2.8.9
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
NONE Availability impact
NONE Summary
Lynx before 2.8.9dev.16 is vulnerable to a use after free in the HTML parser resulting in memory disclosure, because HTML_put_string() can append a chunk onto itself.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Common Weakness Enumeration (CWE)
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2017-BF172B2035.NASL description - update to the latest upstream pre-release (fixes CVE-2017-1000211) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2017-12-28 plugin id 105476 published 2017-12-28 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/105476 title Fedora 26 : lynx (2017-bf172b2035) NASL family SuSE Local Security Checks NASL id OPENSUSE-2017-1332.NASL description This update for lynx fixes the following issues : Security issue fixed : - CVE-2017-1000211: Fix use after free in the HTMLparser that can resulting in memory disclosure (bsc#1068885). This update was imported from the SUSE:SLE-12:Update update project. last seen 2020-06-05 modified 2017-12-14 plugin id 105226 published 2017-12-14 reporter This script is Copyright (C) 2017-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/105226 title openSUSE Security Update : lynx (openSUSE-2017-1332) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2020-1410.NASL description According to the version of the lynx package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Lynx is a text-based Web browser. Lynx does not display any images,but it does support frames, tables, and most other HTML tags. One advantage Lynx has over graphical browsers is speed Lynx starts and exits quickly and swiftly displays web pages.Security Fix(es):Lynx before 2.8.9dev.16 is vulnerable to a use after free in the HTML parser resulting in memory disclosure, because HTML_put_string() can append a chunk onto itself.(CVE-2017-1000211) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-06 modified 2020-04-15 plugin id 135539 published 2020-04-15 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135539 title EulerOS 2.0 SP3 : lynx (EulerOS-SA-2020-1410) NASL family Debian Local Security Checks NASL id DEBIAN_DLA-1175.NASL description It was discovered that there was a use-after-free vulnerability in the HTML parser of lynx-cur, a terminal-based web browser. This could have led to memory/information disclosure. For Debian 7 last seen 2020-03-17 modified 2017-11-20 plugin id 104678 published 2017-11-20 reporter This script is Copyright (C) 2017-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/104678 title Debian DLA-1175-1 : lynx-cur security update
References
- http://lynx.invisible-island.net/current/CHANGES.html
- http://lynx.invisible-island.net/current/CHANGES.html
- http://www.securityfocus.com/bid/102180
- http://www.securityfocus.com/bid/102180
- https://github.com/ThomasDickey/lynx-snapshots/commit/280a61b300a1614f6037efc0902ff7ecf17146e9
- https://github.com/ThomasDickey/lynx-snapshots/commit/280a61b300a1614f6037efc0902ff7ecf17146e9
- https://lists.debian.org/debian-lts-announce/2017/11/msg00021.html
- https://lists.debian.org/debian-lts-announce/2017/11/msg00021.html