elinks
Page content
- Author: voroskoi
- Vulnerable: 0.11.1-5
- Unaffected: 0.11.1-6siwenna1
Teemu Salmela has discovered a vulnerability in ELinks, which can be exploited by malicious people to expose sensitive information and manipulate data. The vulnerability is caused due to an error in the validation of “smb://” URLs when ELinks runs smbclient commands. This can be exploited to download and overwrite local files or upload local files to a SMB share by injecting smbclient commands in the “smb://” URL. Successful exploitation allows exposure of sensitive information or manipulation of data, but requires that the user visits a malicious “smb://” URL or gets redirected to such an URL by a malicious URL, and that the user has the smbclient program installed.
- Bug Tracker URL: http://bugs.frugalware.org/task/1468