CVE-2005-3120: CVE-2005-3120

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2005-3120

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Lynx NNTP文章首部处理缓冲区溢出漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Lynx是一个基于文本的WWW浏览器。它不能够显示图像或Java句柄，所以执行速度非常快。 Lynx在处理某些畸形的NNTP文章首部时存在缓冲区溢出，成功利用这个漏洞的攻击者可以完全控制EIP、EBX、EBP、ESI和EDI，导致在目标系统中执行任意代码。当Lynx连接到NNTP服务器获取新闻组中的文章时，会用某些文章首部的信息调用HTrjis()函数。该函数将缺失的ESC字符添加到某些数据以支持亚洲字符组。但是，函数没有检查是否将字符写到了字符数组缓冲区之外，导致栈溢出。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2005-3120

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2005-3120

Please Login to view more intelligence information

http://support.avaya.com/elmodocs2/security/ASA-2006-010.htmx_refsource_CONFIRM
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=170253x_refsource_MISC
http://secunia.com/advisories/17340third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/17480third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/17445third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/17444third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/18376third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/17248third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/17231third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/17150third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/17360third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/17238third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/15117vdb-entryx_refsource_BID
http://secunia.com/advisories/17230third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/18584third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/17216third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/20383third-party-advisoryx_refsource_SECUNIA
http://www.debian.org/security/2005/dsa-874vendor-advisoryx_refsource_DEBIAN
http://www.debian.org/security/2005/dsa-876vendor-advisoryx_refsource_DEBIAN
http://securitytracker.com/id?1015065vdb-entryx_refsource_SECTRACK
http://www.debian.org/security/2006/dsa-1085vendor-advisoryx_refsource_DEBIAN
https://usn.ubuntu.com/206-1/vendor-advisoryx_refsource_UBUNTU
http://www.securityfocus.com/archive/1/419763/100/0/threadedvendor-advisoryx_refsource_FEDORA
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.7/SCOSA-2006.7.txtvendor-advisoryx_refsource_SCO
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.47/SCOSA-2005.47.txtvendor-advisoryx_refsource_SCO
http://www.redhat.com/support/errata/RHSA-2005-803.htmlvendor-advisoryx_refsource_REDHAT
http://www.gentoo.org/security/en/glsa/glsa-200510-15.xmlvendor-advisoryx_refsource_GENTOO
http://www.mandriva.com/security/advisories?name=MDKSA-2005:186vendor-advisoryx_refsource_MANDRIVA
http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.htmlvendor-advisoryx_refsource_TRUSTIX
http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.423056vendor-advisoryx_refsource_SLACKWARE
http://www.novell.com/linux/security/advisories/2005_25_sr.htmlvendor-advisoryx_refsource_SUSE
http://www.openpkg.org/security/OpenPKG-SA-2005.026-lynx.htmlvendor-advisoryx_refsource_OPENPKG
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9257vdb-entrysignaturex_refsource_OVAL
http://lists.grok.org.uk/pipermail/full-disclosure/2005-October/038019.htmlmailing-listx_refsource_FULLDISC
http://www.securityfocus.com/archive/1/435689/30/4740/threadedmailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2005-3120

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2005-3120

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2005-3120

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2005-3120

III. Intelligence Information for CVE-2005-3120

IV. Related Vulnerabilities

V. Comments for CVE-2005-3120

Leave a comment