CVE Vulnerabilities

CVE-2004-1487

Published: Apr 27, 2005 | Modified: Oct 03, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

wget 1.8.x and 1.9.x allows a remote malicious web server to overwrite certain files via a redirection URL containing a .. that resolves to the IP address of the malicious server, which bypasses wgets filtering for .. sequences.

Affected Software

Name Vendor Start Version End Version
Wget Gnu 1.8 1.8
Wget Gnu 1.8.1 1.8.1
Wget Gnu 1.8.2 1.8.2
Wget Gnu 1.9 1.9
Wget Gnu 1.9.1 1.9.1
Red Hat Enterprise Linux 3 RedHat wget-0:1.10.1-1.30E.1 *
Red Hat Enterprise Linux 4 RedHat wget-0:1.10.1-2.4E.1 *
Wget Ubuntu dapper *
Wget Ubuntu devel *
Wget Ubuntu edgy *
Wget Ubuntu feisty *

References