package elinks forwarded 399188 http://bugzilla.elinks.cz/show_bug.cgi?id=841 quit
Stefan Fritsch <[EMAIL PROTECTED]> writes: > A vulnerability has been found in elinks: > Links web browser 1.00pre12 and Elinks 0.9.2 with smbclient installed > allows remote attackers to execute arbitrary code via shell > metacharacters in an smb:// URI, as demonstrated by using PUT and GET > statements. I have fixed this upstream by forcing --disable-smb in configure.in. So far, the change is only in Git and not in any released version.
pgp5nkQbo4eKD.pgp
Description: PGP signature
