CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2012-6709
https://notcve.org/view.php?id=CVE-2012-6709
ELinks 0.12 and Twibright Links 2.3 have Missing SSL Certificate Validation. ELinks 0.12 y Twibright Links 2.3 tienen una falta de validación de certificados SSL. • https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=694658 https://bugzilla.redhat.com/show_bug.cgi?id=881399 • CWE-295: Improper Certificate Validation •
CVSS: 5.1EPSS: 0%CPEs: 5EXPL: 0CVE-2012-4545 – elinks: Improper delegation of client credentials during GSS negotiation
https://notcve.org/view.php?id=CVE-2012-4545
The http_negotiate_create_context function in protocol/http/http_negotiate.c in ELinks 0.12 before 0.12pre6, when using HTTP Negotiate or GSS-Negotiate authentication, delegates user credentials through GSSAPI, which allows remote servers to authenticate as the client via the delegated credentials. La función http_negotiate_create_context en protocol/http/http_negotiate.c en ELinks v0,12 antes de 0.12pre6, cuando se utiliza la autenticación HTTP Negotiate or GSS-Negotiate, delega las credenciales de usuario a través de GSSAPI, lo que permite a los servidores remotos para autenticar el cliente a través de las credenciales delegadas. • http://bugzilla.elinks.cz/show_bug.cgi?id=1124 http://repo.or.cz/w/elinks.git/blobdiff/89056e21fc7ab8e1c2d4e06ec9d0c6d01e70669a..da18694ff7dd0b67dfcb3c417fb0579b1e7d02d7:/src/protocol/http/http_negotiate.c http://rhn.redhat.com/errata/RHSA-2013-0250.html http://secunia.com/advisories/51569 http://www.debian.org/security/2012/dsa-2592 http://www.mandriva.com/security/advisories?name=MDVSA-2013:075 http://www.securityfocus.com/bid/57065 https://exchange.xforce.ibmcloud.com/vulnerabilities/80882 https:&# • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 1%CPEs: 4EXPL: 1CVE-2008-7224 – elinks: entity_cache static array buffer overflow (off-by-one)
https://notcve.org/view.php?id=CVE-2008-7224
Buffer overflow in entity_cache in ELinks before 0.11.4rc0 allows remote attackers to cause a denial of service (crash) via a crafted link. Desbordamiento de búfer en entity_cache de ELinks anterior a v0.11.4rc0, permite a atacantes remotos provocar una denegación de servicio (caída) a través de un enlace manipulado. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347 http://linuxfromscratch.org/pipermail/elinks-users/2008-February/001604.html http://osvdb.org/41949 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10126 https://access.redhat.com/security/cve/CVE-2008-7224 https://bugzilla.redhat.com/show_bug.cgi?id=523258 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-193: Off-by-one Error •
CVSS: 4.3EPSS: 1%CPEs: 2EXPL: 0CVE-2007-5034 – elinks reveals POST data to HTTPS proxy
https://notcve.org/view.php?id=CVE-2007-5034
ELinks before 0.11.3, when sending a POST request for an https URL, appends the body and content headers of the POST request to the CONNECT request in cleartext, which allows remote attackers to sniff sensitive data that would have been protected by TLS. NOTE: this issue only occurs when a proxy is defined for https. ELinks anterior a la versión 0.11.3, cuando envía una petición POST para un URL https, añade el cuerpo y cabeceras de contenido de la petición POST a la petición CONNECT en texto plano, lo que permite a atacantes remotos recoger (sniff) datos sensible que deberían de haberse protegido con TLS. NOTA: esta vulnerabilidad sólo ocurre cuando el proxy está definido por https. • http://bugzilla.elinks.cz/show_bug.cgi?id=937 http://secunia.com/advisories/26936 http://secunia.com/advisories/26949 http://secunia.com/advisories/26956 http://secunia.com/advisories/27038 http://secunia.com/advisories/27062 http://secunia.com/advisories/27125 http://secunia.com/advisories/27132 http://www.debian.org/security/2007/dsa-1380 http://www.redhat.com/support/errata/RHSA-2007-0933.html http://www.securityfocus.com/archive/1/481606/100/0/threaded http:/ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 2CVE-2007-2027 – ELinks Relative 0.10.6/011.1 - Path Arbitrary Code Execution
https://notcve.org/view.php?id=CVE-2007-2027
Untrusted search path vulnerability in the add_filename_to_string function in intl/gettext/loadmsgcat.c for Elinks 0.11.1 allows local users to cause Elinks to use an untrusted gettext message catalog (.po file) in a "../po" directory, which can be leveraged to conduct format string attacks. Una vulnerabilidad de ruta (path) de búsqueda no confiable en la función add_filename_to_string en el archivo intl/gettext/loadmsgcat.c para Elinks versión 0.11.1, permite a usuarios locales causar que Elinks use un catálogo de mensajes gettext no confiable (archivo .po) en un directorio "../po", que puede ser aprovechado para conducir ataques de cadena de formato. • https://www.exploit-db.com/exploits/29954 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=417789 http://osvdb.org/35668 http://secunia.com/advisories/25169 http://secunia.com/advisories/25198 http://secunia.com/advisories/25255 http://secunia.com/advisories/25550 http://security.gentoo.org/glsa/glsa-200706-03.xml http://www.securityfocus.com/bid/23844 http://www.trustix.org/errata/2007/0017 http://www.ubuntu.com/usn/usn-457-1 http://www.vupen.com/engli • CWE-134: Use of Externally-Controlled Format String •