oss-sec mailing list archives
Re: CVE request:Lynx invalid URL parsing with '?'
From: <cve-assign () mitre org>
Date: Fri, 4 Nov 2016 03:03:42 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
lynx "http://google.com?@hackdog.me/" wrongly make lynx send a request to hackdog.me
Use CVE-2016-9179. - -- CVE Assignment Team M/S M300, 202 Burlington Road, Bedford, MA 01730 USA [ A PGP key is available for encrypted communications at http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJYHDILAAoJEHb/MwWLVhi2dR0P/2Zr1VU0tQcBP4Tu543JzPV6 CiHZdspG7fRKuCOaH8QHFHXFWksirFSumHfSPSLt8QjQ9IQJc9iCqan/0Zg4A/5C yNSnpqdHMfGMK/z+oiuFBNbqEu3ik1DS63a3KR/H9O1qqfyDAx3BeAbXIV3GLNi1 JqspcJy6XB/O0s2N5K8FfjG2/mwhAX+tESncJB7qssqR4x6DXfADXCeYmGcaE3Y2 iucJGwM8mtJRWLibqIbg8zbtVImCkRMD5XC00ZbVY/i8+4DwE972Z1solumACD0i bI4y1T+5I8MEndCJiZ2viHqD/BItfjaPS6swEnV713WE1/5xTT1b/ser/lSZ0OwE /0lB04X1OmlU/cO2c+zzarkYlJYAzIZz6PedMy0oSO5CkZ3RsyqkTTxj9EueE12F Fcwoe01zZGNUmbz+C+2ObAn+nP7uFowG59ojfbOBE0oTpFBXiR9EypvkshehwU9S M0vgX+PZ8CTH8+Cy83f9A3JPdIDkdJYg59QOWZ5FslI0PdgTPxyKNfxobesf/nFV VmTMa6ht8uxfYZ/9w9BnwwJOC0641SvxpMBa2fRaUFiY8Iham+UOa6IljtVd5y2F hL7C2lVNracS2pCUSvL8JobCjaA5HPgKni/jf1chHjkRtMouWu0jDi8hdZQwI6W4 tyL6v/kL4pVDf4OSBXw9 =21bX -----END PGP SIGNATURE-----
Current thread:
- CVE request:Lynx invalid URL parsing with '?' redrain root (Nov 03)
- Re: CVE request:Lynx invalid URL parsing with '?' Leo Famulari (Nov 03)
- Re: CVE request:Lynx invalid URL parsing with '?' cve-assign (Nov 04)
- Re: CVE request:Lynx invalid URL parsing with '?' Thomas Dickey (Nov 04)
- Message not available
- Re: [FD] [oss-security] CVE request:Lynx invalid URL parsing with '?' Michal Zalewski (Nov 05)