[26788] in bugtraq
Re: Lynx CRLF Injection, part two
daemon@ATHENA.MIT.EDU (Ulf Harnhammar)
Fri Aug 23 13:30:39 2002
Date: Fri, 23 Aug 2002 11:24:01 +0200 (CEST)
From: Ulf Harnhammar <ulfh@update.uu.se>
To: Alberto Devesa <alberto.devesa@m-centric.com>
In-Reply-To: <20020823090352.F0C513E@mail.m-centric.com>
Message-ID: <Pine.LNX.4.21.0208231105330.11922-100000@Tempo.Update.UU.SE>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
On Fri, 23 Aug 2002, Alberto Devesa wrote:
> The same bug seems to affects to the links browser. I have tested it with the
> 0.96 version. Links is another console browser with extended capabilities not
> supported by lynx like frames, colors and menus.
Yes. The enhanced version elinks is also affected. Some versions of
links and elinks URL-encode the space character, so you have to use tab
characters instead of spaces to exploit this.
Both the links and the elinks maintainers were notified on the 13th of
August, but as they both live in the Czech Republic, they have been
affected by the recent floods in Central Europe. Because of this dilemma,
it is possible that they would appreciate a patch for this security hole
from some experienced C programmer (unlike myself).
// Ulf Harnhammar
ulfh@update.uu.se
