Ulf Harnhammar discovered a remote vulnerability in Lynx when connecting to a news server (NNTP). The function that added missing escape chararacters to article headers did not check the size of the target buffer. Specially crafted news entries could trigger a buffer overflow, which could be exploited to execute arbitrary code with the privileges of the user running lynx. In order to exploit this, the user is not even required to actively visit a news site with Lynx since a malicious HTML page could automatically redirect to an nntp:// URL with malicious news items.
The problem can be corrected by updating your system to the following package versions:
17 October 2005
A security issue affects these releases of Ubuntu and its derivatives:
Ulf Harnhammar discovered a remote vulnerability in Lynx when connecting to a news server (NNTP). The function that added missing escape chararacters to article headers did not check the size of the target buffer. Specially crafted news entries could trigger a buffer overflow, which could be exploited to execute arbitrary code with the privileges of the user running lynx. In order to exploit this, the user is not even required to actively visit a news site with Lynx since a malicious HTML page could automatically redirect to an nntp:// URL with malicious news items.
The problem can be corrected by updating your system to the following package versions:
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.