CVE-2006-5925

Related Files

Ubuntu Security Notice 851-1

Posted Oct 22, 2009

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 851-1 - Teemu Salmela discovered that Elinks did not properly validate input when processing smb:// URLs. If a user were tricked into viewing a malicious website and had smbclient installed, a remote attacker could execute arbitrary code with the privileges of the user invoking the program. Jakub Wilk discovered a logic error in Elinks, leading to a buffer overflow. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.

tags | advisory, remote, denial of service, overflow, arbitrary

systems | linux, ubuntu

advisories | CVE-2006-5925, CVE-2008-7224

SHA-256 | e385b5ee805aa042cb99249b4cb78fb23686a76ab8c16f9c3744e2d076a8fa2c

Download | Favorite | View

OpenPKG Security Advisory 2006.43

Posted Dec 28, 2006

Authored by OpenPKG Foundation | Site openpkg.org

OpenPKG Security Advisory - The Links web browser versions below 2.1pre26 suffer from an arbitrary code execution vulnerability.

tags | advisory, web, arbitrary, code execution

advisories | CVE-2006-5925

SHA-256 | ccd24a8032dfc6e3f207ae8646c3ad418869265a3599f98dba7bb0efa58e46ac

Download | Favorite | View

Debian Linux Security Advisory 1240-1

Posted Dec 22, 2006

Authored by Debian | Site debian.org

Debian Security Advisory 1240-1 - Teemu Salmela discovered that the links2 character mode web browser performs insufficient sanitizing of smb:// URIs, which might lead to the execution of arbitrary shell commands.

tags | advisory, web, arbitrary, shell

systems | linux, debian

advisories | CVE-2006-5925

SHA-256 | 2fb87b3e15f1f071ef980b8d812b18f940443fa77e4eaea8cb13734a864200cd

Download | Favorite | View

Debian Linux Security Advisory 1228-1

Posted Dec 6, 2006

Authored by Debian | Site debian.org

Debian Security Advisory 1228-1 - Teemu Salmela discovered that the elinks character mode web browser performs insufficient sanitizing of smb:// URIs, which might lead to the execution of arbitrary shell commands.

tags | advisory, web, arbitrary, shell

systems | linux, debian

advisories | CVE-2006-5925

SHA-256 | e1f2cf0b745dc84e94b07a769ffacfbeca83f0f01fcf41c0d6a909221bc0f2df

Download | Favorite | View

Debian Linux Security Advisory 1226-1

Posted Dec 6, 2006

Authored by Debian | Site debian.org

Debian Security Advisory 1226-1 - Teemu Salmela discovered that the links character mode web browser performs insufficient sanitizing of smb:// URIs, which might lead to the execution of arbitrary shell commands.

tags | advisory, web, arbitrary, shell

systems | linux, debian

advisories | CVE-2006-5925

SHA-256 | 663357653cd8e772e98a4eaf6f33bbb444e0a01338c6bbdc50cec7955ddea496

Download | Favorite | View

Mandriva Linux Security Advisory 2006.216

Posted Nov 21, 2006

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-216 - The links web browser with smbclient installed allows remote attackers to execute arbitrary code via shell metacharacters in an smb:// URI, as demonstrated by using PUT and GET statements.

tags | advisory, remote, web, arbitrary, shell

systems | linux, mandriva

advisories | CVE-2006-5925

SHA-256 | c2c7aa8b98b93e61147ccde3c66134caa316b1758c6d60228184ba7b3d20dc2d

Download | Favorite | View