SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com





Category:   Application (Web Browser)  >   ELinks Vendors:   elinks.or.cz
(Red Hat Issues Fix) ELinks May Disclose POST Request Data in Clear Text to Remote Users
SecurityTracker Alert ID:  1018765
SecurityTracker URL:  http://securitytracker.com/id/1018765
CVE Reference:   CVE-2007-5034   (Links to External Site)
Date:  Oct 3 2007
Impact:   Disclosure of system information, Disclosure of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 0.11.3
Description:   A vulnerability was reported in ELinks. A remote user can obtain potentially sensitive data.

When ELinks makes a POST request to an https URL and there is a proxy defined for https, ELinks will add the body and Content-* headers of the POST request to the CONNECT request in cleartext.

A remote user monitoring network communications between the target user and the proxy can obtain potentially sensitive data. The proxy itself also can obtain potentially sensitive data.

The original advisory is available at:

http://bugzilla.elinks.cz/show_bug.cgi?id=937

Kalle Olavi Niemitalo reported this vulnerability.
Impact:   A remote user can monitor network communications to obtain potentially sensitive data.
Solution:   Red Hat has released a fix.

The Red Hat advisory is available at:

https://rhn.redhat.com/errata/RHSA-2007-0933.html
Vendor URL:  www.elinks.cz/ (Links to External Site)
Cause:   Access control error
Underlying OS:   Linux (Red Hat Enterprise)

Message History:   This archive entry is a follow-up to the message listed below.
Oct 3 2007 ELinks May Disclose POST Request Data in Clear Text to Remote Users


 Source Message Contents
Date:  Wed, 3 Oct 2007 11:51:15 -0400
Subject:  [RHSA-2007:0933-01] Moderate: elinks security update


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ---------------------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          Moderate: elinks security update
Advisory ID:       RHSA-2007:0933-01
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2007-0933.html
Issue date:        2007-10-03
Updated on:        2007-10-03
Product:           Red Hat Enterprise Linux
CVE Names:         CVE-2007-5034 
- ---------------------------------------------------------------------

1. Summary:

An updated ELinks package that corrects a security vulnerability is now
available for Red Hat Enterprise Linux 4 and 5.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64

3. Problem description:

ELinks is a text mode Web browser used from the command line that supports
rendering modern web pages.

An information disclosure flaw was found in the way ELinks passes https
POST data to a proxy server. POST data sent via a proxy to an https site is
not properly encrypted by ELinks, possibly allowing the disclosure of
sensitive information. (CVE-2007-5034)

All users of Elinks are advised to upgrade to this updated package, which
contains a backported patch that resolves this issue.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.  

This update is available via Red Hat Network.  Details on how to use 
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

5. Bug IDs fixed (http://bugzilla.redhat.com/):

297611 - CVE-2007-5034 elinks reveals POST data to HTTPS proxy

6. RPMs required:

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/elinks-0.9.2-3.3.5.2.src.rpm
f04cc8143e0eeb2479926cfdd47517bc  elinks-0.9.2-3.3.5.2.src.rpm

i386:
740855a258e36afc4bd02b2dc939f6d0  elinks-0.9.2-3.3.5.2.i386.rpm
317ad4c79abc3d4568fee5e2c9ac4569  elinks-debuginfo-0.9.2-3.3.5.2.i386.rpm

ia64:
d27d29fc20f082fd5c4e3d16a1f1b96f  elinks-0.9.2-3.3.5.2.ia64.rpm
b8cc871fe0778f6f53c99d4286ecc974  elinks-debuginfo-0.9.2-3.3.5.2.ia64.rpm

ppc:
2901b97c6ad3dd7fae25a44348b82812  elinks-0.9.2-3.3.5.2.ppc.rpm
7a16ed80746799f184ca44be4a096bb5  elinks-debuginfo-0.9.2-3.3.5.2.ppc.rpm

s390:
1d225484d90ff04080c3d570dd54e8d5  elinks-0.9.2-3.3.5.2.s390.rpm
4e84ed71e7c0f40106d6aeb254615c08  elinks-debuginfo-0.9.2-3.3.5.2.s390.rpm

s390x:
f9d32215514a0c003d315cb8a22305bc  elinks-0.9.2-3.3.5.2.s390x.rpm
bb7f869803f4066e57cd65438016ec72  elinks-debuginfo-0.9.2-3.3.5.2.s390x.rpm

x86_64:
ca4941f6358b9b351285bb7268ee368c  elinks-0.9.2-3.3.5.2.x86_64.rpm
947a60d3793dd1769afba31fe0598b49  elinks-debuginfo-0.9.2-3.3.5.2.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/elinks-0.9.2-3.3.5.2.src.rpm
f04cc8143e0eeb2479926cfdd47517bc  elinks-0.9.2-3.3.5.2.src.rpm

i386:
740855a258e36afc4bd02b2dc939f6d0  elinks-0.9.2-3.3.5.2.i386.rpm
317ad4c79abc3d4568fee5e2c9ac4569  elinks-debuginfo-0.9.2-3.3.5.2.i386.rpm

x86_64:
ca4941f6358b9b351285bb7268ee368c  elinks-0.9.2-3.3.5.2.x86_64.rpm
947a60d3793dd1769afba31fe0598b49  elinks-debuginfo-0.9.2-3.3.5.2.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/elinks-0.9.2-3.3.5.2.src.rpm
f04cc8143e0eeb2479926cfdd47517bc  elinks-0.9.2-3.3.5.2.src.rpm

i386:
740855a258e36afc4bd02b2dc939f6d0  elinks-0.9.2-3.3.5.2.i386.rpm
317ad4c79abc3d4568fee5e2c9ac4569  elinks-debuginfo-0.9.2-3.3.5.2.i386.rpm

ia64:
d27d29fc20f082fd5c4e3d16a1f1b96f  elinks-0.9.2-3.3.5.2.ia64.rpm
b8cc871fe0778f6f53c99d4286ecc974  elinks-debuginfo-0.9.2-3.3.5.2.ia64.rpm

x86_64:
ca4941f6358b9b351285bb7268ee368c  elinks-0.9.2-3.3.5.2.x86_64.rpm
947a60d3793dd1769afba31fe0598b49  elinks-debuginfo-0.9.2-3.3.5.2.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/elinks-0.9.2-3.3.5.2.src.rpm
f04cc8143e0eeb2479926cfdd47517bc  elinks-0.9.2-3.3.5.2.src.rpm

i386:
740855a258e36afc4bd02b2dc939f6d0  elinks-0.9.2-3.3.5.2.i386.rpm
317ad4c79abc3d4568fee5e2c9ac4569  elinks-debuginfo-0.9.2-3.3.5.2.i386.rpm

ia64:
d27d29fc20f082fd5c4e3d16a1f1b96f  elinks-0.9.2-3.3.5.2.ia64.rpm
b8cc871fe0778f6f53c99d4286ecc974  elinks-debuginfo-0.9.2-3.3.5.2.ia64.rpm

x86_64:
ca4941f6358b9b351285bb7268ee368c  elinks-0.9.2-3.3.5.2.x86_64.rpm
947a60d3793dd1769afba31fe0598b49  elinks-debuginfo-0.9.2-3.3.5.2.x86_64.rpm

Red Hat Enterprise Linux Desktop (v. 5 client):

SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/elinks-0.11.1-5.1.0.1.el5.src.rpm
df97aa87a94550dd9c6b8b3ab4e6f717  elinks-0.11.1-5.1.0.1.el5.src.rpm

i386:
7b4b7287bc524c45dc55a702ea6243ea  elinks-0.11.1-5.1.0.1.el5.i386.rpm
073d91f669aacc7a121c82c3437ddeff  elinks-debuginfo-0.11.1-5.1.0.1.el5.i386.rpm

x86_64:
5cd0b473ae6d27f879f48aa2085e6380  elinks-0.11.1-5.1.0.1.el5.x86_64.rpm
536aff78098fdccca9afc5a2b2b43bf5  elinks-debuginfo-0.11.1-5.1.0.1.el5.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/elinks-0.11.1-5.1.0.1.el5.src.rpm
df97aa87a94550dd9c6b8b3ab4e6f717  elinks-0.11.1-5.1.0.1.el5.src.rpm

i386:
7b4b7287bc524c45dc55a702ea6243ea  elinks-0.11.1-5.1.0.1.el5.i386.rpm
073d91f669aacc7a121c82c3437ddeff  elinks-debuginfo-0.11.1-5.1.0.1.el5.i386.rpm

ia64:
7bc784e2951af8725c9876a28c942c5d  elinks-0.11.1-5.1.0.1.el5.ia64.rpm
15bf78d4bab60a721c2dd815522cd34c  elinks-debuginfo-0.11.1-5.1.0.1.el5.ia64.rpm

ppc:
04978852cf223ad9d338eea7e4fffe07  elinks-0.11.1-5.1.0.1.el5.ppc.rpm
b085052c86f584b8a7f3dcfb01a490f8  elinks-debuginfo-0.11.1-5.1.0.1.el5.ppc.rpm

s390x:
32cce00b9e70804720d80e5c2dd80960  elinks-0.11.1-5.1.0.1.el5.s390x.rpm
987063ebff12a8d7358d854f671388a3  elinks-debuginfo-0.11.1-5.1.0.1.el5.s390x.rpm

x86_64:
5cd0b473ae6d27f879f48aa2085e6380  elinks-0.11.1-5.1.0.1.el5.x86_64.rpm
536aff78098fdccca9afc5a2b2b43bf5  elinks-debuginfo-0.11.1-5.1.0.1.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5034
http://www.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2007 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFHA7pqXlSAg2UNWIIRAqU+AKCaV1t53hJ9xjc26607pniXoIEr2ACfXKhv
oGS7xQLedqabAGZlQtgeH1I=
=8v5x
-----END PGP SIGNATURE-----



-- 
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us

Copyright 2012, SecurityGlobal.net LLC