SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   wget Vendors:   GNU [multiple authors]
wget HTTP Redirect Bug Lets Remote Users Write Files on the Target System
SecurityTracker Alert ID:  1036133
SecurityTracker URL:  http://securitytracker.com/id/1036133
CVE Reference:   CVE-2016-4971   (Links to External Site)
Updated:  Jul 10 2016
Original Entry Date:  Jun 20 2016
Impact:   Modification of system information, Modification of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 1.18
Description:   A vulnerability was reported in wget. A remote user can write files on the target system.

A remote server can return a specially crafted HTTP redirect message with an FTP server Location value to cause the target user's wget application to download and write or overwrite an arbitrary file from the specified FTP server to the target user's current directory.

Some demonstration exploit code is available at:

http://legalhackers.com/advisories/Wget-Arbitrary-File-Upload-Vulnerability-Exploit.txt

Dawid Golunski (via Beyond Security's SecuriTeam) reported this vulnerability.

Impact:   A remote user can write files on the target system.
Solution:   The vendor has issued a fix (1.18).

The vendor's advisory is available at:

https://lists.gnu.org/archive/html/info-gnu/2016-06/msg00004.html

Vendor URL:  www.gnu.org/software/wget/ (Links to External Site)
Cause:   Access control error
Underlying OS:  Linux (Any), UNIX (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Jun 20 2016 (Ubuntu Issues Fix) wget HTTP Redirect Bug Lets Remote Users Write Files on the Target System
Ubuntu has issued a fix for Ubuntu Linux 12.04 LTS, 14.04 LTS, 15.10, and 16.04 LTS.
May 23 2017 (Palo Alto Networks Issues Fix for Palo Alto PAN-OS) wget HTTP Redirect Bug Lets Remote Users Write Files on the Target System
Palo Alto Networks has issued a fix for Palo Alto PAN-OS.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC