View Issue Details

IDProjectCategoryView StatusLast Update
0000117AlmaLinux-8lynxpublic2021-08-12 16:49
Reportermoredaylight Assigned To 
PrioritynormalSeverityminorReproducibilityhave not tried
Status newResolutionopen 
Summary0000117: CVE-2021-38165: Lynx through 2.8.9 can expose credentials via SNI
Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data.
Steps To ReproduceIf you have an HTTPS server listening on localhost, this is pretty easy to reproduce.

Use tcpdump or wireshark to watch traffic.
tcpdump -vvA -i lo port 443

Attempt to connect to localhost passing credentials in the URL.
lynx https://user:[email protected]/

You will see "user:[email protected]" in the plaintext of the tcpdump output.
TagsNo tags attached.


There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2021-08-12 16:49 moredaylight New Issue