About Ubuntu

=========================================================== Ubuntu Security Notice USN-206-1 October 17, 2005 lynx vulnerability CAN-2005-3120 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) Ubuntu 5.04 (Hoary Hedgehog) Ubuntu 5.10 (Breezy Badger) The following packages are affected: lynx The problem can be corrected by upgrading the affected package to version 2.8.5-1ubuntu1.1 (for Ubuntu 4.10), 2.8.5-2ubuntu0.5.04 (for Ubuntu 5.04), or 2.8.5-2ubuntu0.5.10 (for Ubuntu 5.10). In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Ulf Harnhammar discovered a remote vulnerability in Lynx when connecting to a news server (NNTP). The function that added missing escape chararacters to article headers did not check the size of the target buffer. Specially crafted news entries could trigger a buffer overflow, which could be exploited to execute arbitrary code with the privileges of the user running lynx. In order to exploit this, the user is not even required to actively visit a news site with Lynx since a malicious HTML page could automatically redirect to an nntp:// URL with malicious news items.