MDKSA-2002:086
- Nom du paquet
- wget
- Date
- 2002-12-11
- Advisory ID
- MDKSA-2002:086
- Affected versions
- 8.1 i586 , SNF7.2 i586 , 8.1 i586 , 8.0 i586 , 9.0 i586 , 8.2 i586 , 8.0 i586 , 8.2 i586 , 7.2 i586
Problem description
A vulnerability in all versions of wget prior to and including 1.8.2 was discovered by Steven M. Christey. The bug permits a malicious FTP server to create or overwriet files anywhere on the local file system by sending filenames beginning with "/" or containing "/../". This can be used to make vulnerable FTP clients write files that can later be used for attack against the client machine.
Updated packages
8.1 i586
de7f59b11fa67fe6dd87a282b7ae47f4 ia64/8.1/RPMS/wget-1.8.2-3.1mdk.ia64.rpm d84e6c60c2b8a1df2fdfd37022325df0 ia64/8.1/SRPMS/wget-1.8.2-3.1mdk.src.rpm
SNF7.2 i586
56f86210d618f4659468b03cca5f5367 snf7.2/RPMS/wget-1.8.2-3.1mdk.i586.rpm d84e6c60c2b8a1df2fdfd37022325df0 snf7.2/SRPMS/wget-1.8.2-3.1mdk.src.rpm
8.1 i586
86909f6a3f8c1cb14177047efdbf508d 8.1/RPMS/wget-1.8.2-3.1mdk.i586.rpm d84e6c60c2b8a1df2fdfd37022325df0 8.1/SRPMS/wget-1.8.2-3.1mdk.src.rpm
8.0 i586
b998782770af6b72e98d77840fe1d11a 8.0/RPMS/wget-1.8.2-3.1mdk.i586.rpm d84e6c60c2b8a1df2fdfd37022325df0 8.0/SRPMS/wget-1.8.2-3.1mdk.src.rpm
9.0 i586
f7658d3f4e94bf736bf02d053a597e0a 9.0/RPMS/wget-1.8.2-3.1mdk.i586.rpm d84e6c60c2b8a1df2fdfd37022325df0 9.0/SRPMS/wget-1.8.2-3.1mdk.src.rpm
8.2 i586
6d851936f51c179f2412b5cb3323eb01 8.2/RPMS/wget-1.8.2-3.1mdk.i586.rpm d84e6c60c2b8a1df2fdfd37022325df0 8.2/SRPMS/wget-1.8.2-3.1mdk.src.rpm
8.0 i586
83bcfaa286ca31287910d0de7ad885db ppc/8.0/RPMS/wget-1.8.2-3.1mdk.ppc.rpm d84e6c60c2b8a1df2fdfd37022325df0 ppc/8.0/SRPMS/wget-1.8.2-3.1mdk.src.rpm
8.2 i586
d9b9435e30763b13a852a7ed191fc7cf ppc/8.2/RPMS/wget-1.8.2-3.1mdk.ppc.rpm d84e6c60c2b8a1df2fdfd37022325df0 ppc/8.2/SRPMS/wget-1.8.2-3.1mdk.src.rpm
7.2 i586
56f86210d618f4659468b03cca5f5367 7.2/RPMS/wget-1.8.2-3.1mdk.i586.rpm d84e6c60c2b8a1df2fdfd37022325df0 7.2/SRPMS/wget-1.8.2-3.1mdk.src.rpm