MDKSA-2005:204
- Nom du paquet
- wget
- Date
- 2005-11-01
- Advisory ID
- MDKSA-2005:204
- Affected versions
- MNF2.0 i586 , 10.2 x86_64 , 10.2 i586 , 10.1 i586 , CS3.0 x86_64 , CS3.0 i586 , 10.1 x86_64
Problem description
Hugo Vazquez Carames discovered a race condition when writing output
files in wget. After wget determined the output file name, but before
the file was actually opened, a local attacker with write permissions
to the download directory could create a symbolic link with the name
of the output file. This could be exploited to overwrite arbitrary
files with the permissions of the user invoking wget. The time window
of opportunity for the attacker is determined solely by the delay of
the first received data packet.
The updated packages have been patched to correct this issue.
Updated packages
MNF2.0 i586
f834aa6b814014c20b6d97fd7a893ea6 mnf/2.0/RPMS/wget-1.9.1-4.3.M20mdk.i586.rpm 00f1b8920df39e3f4fc35eea07879168 mnf/2.0/SRPMS/wget-1.9.1-4.3.M20mdk.src.rpm
10.2 x86_64
36dfb01a50fcdec20d379001f2054ba4 x86_64/10.2/RPMS/wget-1.9.1-5.2.102mdk.i586.rpm 82584cb410bcb5104f44d3429675e7e5 x86_64/10.2/SRPMS/wget-1.9.1-5.2.102mdk.src.rpm
10.2 i586
36dfb01a50fcdec20d379001f2054ba4 10.2/RPMS/wget-1.9.1-5.2.102mdk.i586.rpm 82584cb410bcb5104f44d3429675e7e5 10.2/SRPMS/wget-1.9.1-5.2.102mdk.src.rpm
10.1 i586
28b67f788c7ed5f28ca7e752b15a9eb8 10.1/RPMS/wget-1.9.1-4.3.101mdk.i586.rpm b0b856e5eeb63f608476877942f6a216 10.1/SRPMS/wget-1.9.1-4.3.101mdk.src.rpm
CS3.0 x86_64
e3796c54a067d9ef54d08f779fe3ec9d x86_64/corporate/3.0/RPMS/wget-1.9.1-4.3.C30mdk.x86_64.rpm 8ce78a19c89331fdb7527e6a4674376c x86_64/corporate/3.0/SRPMS/wget-1.9.1-4.3.C30mdk.src.rpm
CS3.0 i586
91f8d363d41afb43943f3f5569e2e83c corporate/3.0/RPMS/wget-1.9.1-4.3.C30mdk.i586.rpm 8ce78a19c89331fdb7527e6a4674376c corporate/3.0/SRPMS/wget-1.9.1-4.3.C30mdk.src.rpm
10.1 x86_64
d2fc09595e4bf4267c7cc7d9d5def8ee x86_64/10.1/RPMS/wget-1.9.1-4.3.101mdk.x86_64.rpm b0b856e5eeb63f608476877942f6a216 x86_64/10.1/SRPMS/wget-1.9.1-4.3.101mdk.src.rpm