7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.023 Low
EPSS
Percentile
89.7%
CentOS Errata and Security Advisory CESA-2005:812-00
GNU Wget is a file retrieval utility that can use either the HTTP or
FTP protocols.
A stack based buffer overflow bug was found in the wget implementation of
NTLM authentication. An attacker could execute arbitrary code on a user’s
machine if the user can be tricked into connecting to a malicious web
server using NTLM authentication. The Common Vulnerabilities and Exposures
project has assigned the name CVE-2005-3185 to this issue.
All users of wget are advised to upgrade to these updated packages, which
contain a backported patch that resolves this issue.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2005-November/074539.html
Affected packages:
wget
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 2 | i386 | wget | < 1.10.2-0.AS21 | wget-1.10.2-0.AS21.i386.rpm |