SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   wget Vendors:   GNU [multiple authors]
(Ubuntu Issues Fix) wget HTTP Redirect Bug Lets Remote Users Write Files on the Target System
SecurityTracker Alert ID:  1036135
SecurityTracker URL:  http://securitytracker.com/id/1036135
CVE Reference:   CVE-2016-4971   (Links to External Site)
Date:  Jun 20 2016
Impact:   Modification of system information, Modification of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 1.18
Description:   A vulnerability was reported in wget. A remote user can write files on the target system.

A remote server can return a specially crafted HTTP redirect message with an FTP server Location value to cause the target user's wget application to download and write or overwrite an arbitrary file from the specified FTP server to the target user's current directory.

Some demonstration exploit code is available at:

http://legalhackers.com/advisories/Wget-Arbitrary-File-Upload-Vulnerability-Exploit.txt

Dawid Golunski (via Beyond Security's SecuriTeam) reported this vulnerability.

Impact:   A remote user can write files on the target system.
Solution:   Ubuntu has issued a fix.

The Ubuntu advisory is available at:

http://www.ubuntu.com/usn/usn-3012-1

Vendor URL:  www.ubuntu.com/usn/usn-3012-1 (Links to External Site)
Cause:   Access control error
Underlying OS:  Linux (Ubuntu)
Underlying OS Comments:  12.04 LTS, 14.04 LTS, 15.10, 16.04 LTS

Message History:   This archive entry is a follow-up to the message listed below.
Jun 20 2016 wget HTTP Redirect Bug Lets Remote Users Write Files on the Target System



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC