Full Disclosure mailing list archives
Re: [oss-security] CVE request:Lynx invalid URL parsing with '?'
From: Thomas Dickey <dickey () his com>
Date: Fri, 4 Nov 2016 08:07:22 -0400
On Thu, Nov 03, 2016 at 05:58:14PM +0800, redrain root wrote:
I can't find any bugtracker in lynx ,so i will disclose by this mail and sent to the author dickey () invisible-island net. redrain (rootredrain () gmail com) Date:2016-11-03 Version: 2.8.8pre.4、2.8.9dev.8 and earlier Platform: Linux and Windows Vendor: http://lynx.browser.org/ Vendor Notified: 2016-11-03 VULNERABILITY ------------------------- Lynx doesn't parse the authority component of the URL correctly when the host name part ends with '?', and could instead be tricked into
Actually, it does parse correctly. Go read RFC 1738. What can be improved here is adding some warnings about a few of the cases where users can be confused by legal URL syntax. I'm working on that. -- Thomas E. Dickey <dickey () invisible-island net> http://invisible-island.net ftp://invisible-island.net
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- [oss-security] CVE request:Lynx invalid URL parsing with '?' redrain root (Nov 04)
- Re: [oss-security] CVE request:Lynx invalid URL parsing with '?' Thomas Dickey (Nov 04)
- Re: [oss-security] CVE request:Lynx invalid URL parsing with '?' Leo Famulari (Nov 04)
- Re: [oss-security] CVE request:Lynx invalid URL parsing with '?' Thomas Dickey (Nov 04)
- Re: [oss-security] CVE request:Lynx invalid URL parsing with '?' Michal Zalewski (Nov 05)