CentOS Errata and Security Advisory CESA-2005:812-00
GNU Wget is a file retrieval utility that can use either the HTTP or FTP protocols.
A stack based buffer overflow bug was found in the wget implementation of NTLM authentication. An attacker could execute arbitrary code on a user's machine if the user can be tricked into connecting to a malicious web server using NTLM authentication. The Common Vulnerabilities and Exposures project has assigned the name CVE-2005-3185 to this issue.
All users of wget are advised to upgrade to these updated packages, which contain a backported patch that resolves this issue.
Merged security bulletin from advisories: http://lists.centos.org/pipermail/centos-announce/2005-November/024415.html
Affected packages: wget
Upstream details at: https://rhn.redhat.com/errata/rh21as-errata.html