CVE Vulnerabilities

CVE-2004-2014

Published: Dec 31, 2004 | Modified: Oct 03, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
2.6 LOW
AV:L/AC:H/Au:N/C:N/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
UNTRIAGED

Wget 1.9 and 1.9.1 allows local users to overwrite arbitrary files via a symlink attack on the name of the file being downloaded.

Affected Software

Name Vendor Start Version End Version
Wget Gnu 1.5.3 (including) 1.5.3 (including)
Wget Gnu 1.6 (including) 1.6 (including)
Wget Gnu 1.7 (including) 1.7 (including)
Wget Gnu 1.7.1 (including) 1.7.1 (including)
Wget Gnu 1.8 (including) 1.8 (including)
Wget Gnu 1.8.1 (including) 1.8.1 (including)
Wget Gnu 1.8.2 (including) 1.8.2 (including)
Wget Gnu 1.9 (including) 1.9 (including)
Wget Gnu 1.9.1 (including) 1.9.1 (including)
Red Hat Enterprise Linux 3 RedHat wget-0:1.10.1-1.30E.1 *
Red Hat Enterprise Linux 4 RedHat wget-0:1.10.1-2.4E.1 *
Wget Ubuntu dapper *
Wget Ubuntu devel *
Wget Ubuntu edgy *
Wget Ubuntu feisty *

References