Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> Gentoo Local Security Checks >> [GLSA-200701-06] w3m: Format string vulnerability

Vulnerability Assessment Details

[GLSA-200701-06] w3m: Format string vulnerability
Vulnerability Assessment Summary
w3m: Format string vulnerability

Detailed Explanation for this Vulnerability Assessment
The remote host is affected by the vulnerability described in GLSA-200701-06
(w3m: Format string vulnerability)


w3m in -dump or -backend mode does not correctly handle printf() format
string specifiers in the Common Name (CN) field of an X.509 SSL
certificate.

Impact

A possible hacker could entice a user to visit a malicious website that would
load a specially crafted X.509 SSL certificate containing "%n" or other
format string specifiers, possibly resulting in the execution of
arbitrary code with the rights of the user running w3m.

Workaround

There is no known workaround at this time.

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6772


Solution:
All w3m users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/w3m-0.5.1-r4"


Network Security Threat Level: Medium


Networks Security ID:

Vulnerability Assessment Copyright: (C) 2007 Michel Arboi
Cables, Connectors


SanDisk 1TB Ultra Dual Drive Go USB Type-C Flash Drive, Black - SDDDC3-1T00-G46 picture

SanDisk 1TB Ultra Dual Drive Go USB Type-C Flash Drive, Black - SDDDC3-1T00-G46

$109.99


SanDisk 128GB Ultra Dual Drive USB Type-C, USB 3.1 Flash Drive - SDDDC2-032G-G46 picture

SanDisk 128GB Ultra Dual Drive USB Type-C, USB 3.1 Flash Drive - SDDDC2-032G-G46

$10.99


SanDisk 128GB Ultra Flair USB 3.0 Flash Drive - SDCZ73-128G-G46 picture

SanDisk 128GB Ultra Flair USB 3.0 Flash Drive - SDCZ73-128G-G46

$12.99


SanDisk 256GB Ultra Dual Drive USB Type-C, USB 3.1 Flash Drive - SDDDC2-256G-A46 picture

SanDisk 256GB Ultra Dual Drive USB Type-C, USB 3.1 Flash Drive - SDDDC2-256G-A46

$21.99


Sandisk 16GB 32GB 64GB 128GB Cruzer Blade Flash Drive Memory Stick USB Lot Pack picture

Sandisk 16GB 32GB 64GB 128GB Cruzer Blade Flash Drive Memory Stick USB Lot Pack

$4.99


2TB USB 3.0 Flash Drive Memory Photo Stick for iPhone Android iPad Type C 3 IN1 picture

2TB USB 3.0 Flash Drive Memory Photo Stick for iPhone Android iPad Type C 3 IN1

$13.00


USB 3.0 Flash Drive 32GB 64GB 128GB Memory Stick Thumb Stick Lot Pack picture

USB 3.0 Flash Drive 32GB 64GB 128GB Memory Stick Thumb Stick Lot Pack

$5.99


Mechanical Style Flash Drive USB 3.0 High Speed 16TB Large Capacity Waterproof picture

Mechanical Style Flash Drive USB 3.0 High Speed 16TB Large Capacity Waterproof

$8.34


1TB/2TB USB 3.0 Flash Drive Thumb U Disk Memory Stick Pen PC Laptop Storage lot picture

1TB/2TB USB 3.0 Flash Drive Thumb U Disk Memory Stick Pen PC Laptop Storage lot

$388.39


USB Flash Drive Memory Stick Pendrive Thumb Drive 4GB, 8GB, 32GB, 64GB 128GB LOT picture

USB Flash Drive Memory Stick Pendrive Thumb Drive 4GB, 8GB, 32GB, 64GB 128GB LOT

$242.38


Discussions

No Discussions have been posted on this vulnerability.