← All Preprints

Whitepaper: Potential privilege escalation vulnerability via the file system when Lynx web browser is accessed through guest shell applications

Oct 2020 Albert, N.

Abstract

This whitepaper discusses an unintended configuration-based (non-technical) vulnerability that allows guest users in a poorly secured shell application to exploit loose security restrictions in the Lynx text-based web browser to bypass security mechanisms and access sensitive system information, allowing malicious users to potentially obtain root access to a system and compromise the entire machine. The vulnerability stems from default security settings in the Lynx browser that allow full system access. The factors that allow a successful exploit to occur are discussed as well as several possible mitigations.

Suggested Citation: Albert, N. Whitepaper: Potential privilege escalation vulnerability via the file system when Lynx web browser is accessed through guest shell applications (10/11/2020). Available at https://public.interlinked.us/3

Paper statistics

Abstract ViewsDownloads
11916