[arch-security] [ASA-201606-19] wget: arbitrary file overwrite
anthraxx at archlinux.org
Mon Jun 20 11:01:11 UTC 2016
Arch Linux Security Advisory ASA-201606-19
Date : 2016-06-20
CVE-ID : CVE-2016-4971
Package : wget
Type : arbitrary file overwrite
Remote : Yes
Link : https://wiki.archlinux.org/index.php/CVE
The package wget before version 1.18-1 is vulnerable to arbitrary file
overwrite that could lead to potential code execution.
Upgrade to 1.18-1.
# pacman -Syu "wget>=1.18-1"
The problem has been fixed upstream in version 1.18.
GNU Wget when supplied with a malicious website link can be tricked
into saving an arbitrary remote file supplied by an attacker, with
arbitrary content and filename under the current directory. This can
lead to potential code execution by creating system scripts (such as
.bash_profile and others) within home directory as well as other
unauthorized actions (such as request sniffing by proxy modification,
or arbitrary system file retrieval) by uploading .wgetrc configuration
Because of this vulnerability, an attacker is able to overwrite an
arbitrary file in the victim's current directory.
A remote attacker is able to overwrite an arbitrary file in the
victim's current directory that could potentially lead to code
execution by creating system scripts that are executed.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 819 bytes
Desc: OpenPGP digital signature
More information about the arch-security