CVE-2014-4877
Published: 29 October 2014
Absolute path traversal vulnerability in GNU Wget before 1.16, when recursion is enabled, allows remote FTP servers to write to arbitrary files, and consequently execute arbitrary code, via a LIST response that references the same filename within two entries, one of which indicates that the filename is for a symlink.
Priority
Status
Package | Release | Status |
---|---|---|
wget Launchpad, Ubuntu, Debian |
lucid |
Released
(1.12-1.1ubuntu2.2)
|
precise |
Released
(1.13.4-2ubuntu1.2)
|
|
trusty |
Released
(1.15-1ubuntu1.14.04.1)
|
|
upstream |
Released
(1.16)
|
|
utopic |
Released
(1.15-1ubuntu1.14.10.1)
|
|
Patches: upstream: http://git.savannah.gnu.org/cgit/wget.git/commit/?id=18b0979357ed7dc4e11d4f2b1d7e0f5932d82aa7 upstream: http://git.savannah.gnu.org/cgit/wget.git/commit/?id=69c45cba4382fcaabe3d86876bd5463dc34f442c |
References
- http://lists.gnu.org/archive/html/bug-wget/2014-10/msg00150.html
- https://community.rapid7.com/community/metasploit/blog/2014/10/28/r7-2014-15-gnu-wget-ftp-symlink-arbitrary-filesystem-access
- https://ubuntu.com/security/notices/USN-2393-1
- https://www.cve.org/CVERecord?id=CVE-2014-4877
- NVD
- Launchpad
- Debian