Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
slackwareSlackware Linux ProjectSSA-2008-210-04
HistoryJul 29, 2008 - 5:32 a.m.

[slackware-security] links

2008-07-2905:32:36
Slackware Linux Project
www.slackware.com
12

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.001

Percentile

46.2%

JSON

New links packages are available for Slackware 11.0, 12.0, 12.1, and -current
to fix a security issue when using proxies.

More details about this issue may be found in the Common
Vulnerabilities and Exposures (CVE) database:

https://vulners.com/cve/CVE-2008-3329

Here are the details from the Slackware 12.1 ChangeLog:

patches/packages/links-2.1-i486-1_slack12.1.tgz:
Upgraded to links-2.1.
Unspecified vulnerability in Links before 2.1, when “only proxies” is
enabled, has unknown impact and attack vectors related to providing
“URLs to external programs.”
For more information, see:
https://vulners.com/cve/CVE-2008-3329
(* Security fix *)

Where to find the new packages:

HINT: Getting slow download speeds from ftp.slackware.com?
Give slackware.osuosl.org a try. This is another primary FTP site
for Slackware that can be considerably faster than downloading
directly from ftp.slackware.com.

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating additional FTP and rsync hosting
to the Slackware project! :-)

Also see the “Get Slack” section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 11.0:
ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/links-2.1-i486-1_slack11.0.tgz

Updated package for Slackware 12.0:
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/links-2.1-i486-1_slack12.0.tgz

Updated package for Slackware 12.1:
ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/links-2.1-i486-1_slack12.1.tgz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/links-2.1-i486-1.tgz

MD5 signatures:

Slackware 11.0 package:
938eccef79b71343d4e2f13ef4454450 links-2.1-i486-1_slack11.0.tgz

Slackware 12.0 package:
0207e7720de54574ef773a0e1f3a35e8 links-2.1-i486-1_slack12.0.tgz

Slackware 12.1 package:
343b0f3f6b33d1097faafa66c777651b links-2.1-i486-1_slack12.1.tgz

Slackware -current package:
f137305bc4c7ea5fd0670760b10d653d links-2.1-i486-1.tgz

Installation instructions:

Upgrade the package as root:
> upgradepkg links-2.1-i486-1_slack12.1.tgz

Related

openvas 2
redhatcve 1
cve 1
debiancve 1
ubuntucve 1
nessus 1
prion 1
seebug 1
cvelist 1
nvd 1
openvas
openvas
Slackware Advisory SSA:2008-210-04 links
2012-09-11 00:00:00
Slackware: Security Advisory (SSA:2008-210-04)
2012-09-10 00:00:00
redhatcve
redhatcve
CVE-2008-3329
2015-10-30 10:14:46
cve
cve
CVE-2008-3329
2008-07-27 22:41:00
debiancve
debiancve
CVE-2008-3329
2008-07-27 22:41:00
ubuntucve
ubuntucve
CVE-2008-3329
2008-07-27 00:00:00
nessus
nessus
Slackware 11.0 / 12.0 / 12.1 / current : links (SSA:2008-210-04)
2008-07-29 00:00:00
prion
prion
Design/Logic Flaw
2008-07-27 22:41:00
seebug
seebug
Links 'only proxies'存在未明安全漏洞
2008-07-30 00:00:00
cvelist
cvelist
CVE-2008-3329
2008-07-27 22:00:00
nvd
nvd
CVE-2008-3329
2008-07-27 22:41:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.001

Percentile

46.2%

JSON
Related for SSA-2008-210-04
openvas2redhatcve1cve1debiancve1ubuntucve1nessus1prion1seebug1cvelist1nvd1