National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

CVE-2005-3120 Detail

Description

Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.

Source:  MITRE      Last Modified:  10/17/2005

Quick Info

CVE Dictionary Entry:
CVE-2005-3120
Original release date:
10/17/2005
Last revised:
10/10/2017
Source:
US-CERT/NIST

Impact

CVSS Severity (version 2.0):
CVSS v2 Base Score:
7.5 HIGH
Vector:
(AV:N/AC:L/Au:N/C:P/I:P/A:P) (legend)
Impact Subscore:
6.4
Exploitability Subscore:
10.0
CVSS Version 2 Metrics:
Access Vector:
Network exploitable
Access Complexity:
Low
Authentication:
Not required to exploit
Impact Type:
Provides user account access, Allows partial confidentiality, integrity, and availability violation; Allows unauthorized disclosure of information; Allows disruption of service

Vendor Statements (disclaimer)

Official Statement from Red Hat (03/14/2007)

Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink Resource Type Source Name
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.7/SCOSA-2006.7.txt External Source SCO SCOSA-2006.7
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.47/SCOSA-2005.47.txt External Source SCO SCOSA-2005.47
http://lists.grok.org.uk/pipermail/full-disclosure/2005-October/038019.html Patch; Vendor Advisory External Source FULLDISC 20051017 Lynx Remote Buffer Overflow
http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html External Source TRUSTIX TSLSA-2005-0059
http://securitytracker.com/id?1015065 External Source SECTRACK 1015065
http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.423056 External Source SLACKWARE SSA:2005-310-03
http://support.avaya.com/elmodocs2/security/ASA-2006-010.htm External Source CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-010.htm
http://www.debian.org/security/2005/dsa-874 External Source DEBIAN DSA-874
http://www.debian.org/security/2005/dsa-876 External Source DEBIAN DSA-876
http://www.debian.org/security/2006/dsa-1085 External Source DEBIAN DSA-1085
http://www.gentoo.org/security/en/glsa/glsa-200510-15.xml External Source GENTOO GLSA-200510-15
http://www.mandriva.com/security/advisories?name=MDKSA-2005:186 External Source MANDRIVA MDKSA-2005:186
http://www.novell.com/linux/security/advisories/2005_25_sr.html External Source SUSE SUSE-SR:2005:025
http://www.openpkg.org/security/OpenPKG-SA-2005.026-lynx.html External Source OPENPKG OpenPKG-SA-2005.026
http://www.redhat.com/support/errata/RHSA-2005-803.html Vendor Advisory External Source REDHAT RHSA-2005:803
http://www.securityfocus.com/archive/1/archive/1/419763/100/0/threaded External Source FEDORA FLSA:152832
http://www.securityfocus.com/archive/1/archive/1/435689/30/4740/threaded External Source BUGTRAQ 20060602 Re: [SECURITY] [DSA 1085-1] New lynx-cur packages fix several vulnerabilities
http://www.securityfocus.com/bid/15117 External Source BID 15117
http://www.ubuntulinux.org/support/documentation/usn/usn-206-1 External Source UBUNTU USN-206-1
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=170253 Vendor Advisory External Source MISC https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=170253
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9257 External Source OVAL oval:org.mitre.oval:def:9257

References to Check Content

Identifier:
oval:org.mitre.oval:def:9257
Check System:
http://oval.mitre.org/XMLSchema/oval-definitions-5
Hyperlink:
http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:9257

Technical Details

Vulnerability Type (View All)

Change History 3 change records found - show changes