Vulners
Lucene search
CentOS 6 / 7 : wget (CESA-2014:1764)
| Reporter | Title | Published | Views | Family All 97 |
|---|---|---|---|---|
 | GNU Wget FTP Symlink Arbitrary Filesystem Access Exploit | 1 Nov 201400:00 | – | zdt |
 | IBM Security Network Protection / IBM QRadar Network Security / XGS Technote Index | 31 Jan 202100:10 | – | ibm |
| Security Bulletin: Multiple vulnerabilities in IBM Security Network Protection (CVE-2014-3567, CVE-2014-4877, CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, CVE-2014-3568) | 16 Jun 201821:22 | – | ibm |
 | Medium: wget | 5 Nov 201400:00 | – | amazon |
 | Amazon Linux AMI : wget (ALAS-2014-442) | 6 Nov 201400:00 | – | nessus |
| Debian DLA-82-1 : wget security update | 26 Mar 201500:00 | – | nessus |
| Debian DSA-3062-1 : wget - security update | 4 Nov 201400:00 | – | nessus |
| EulerOS Virtualization 3.0.1.0 : wget (EulerOS-SA-2019-1417) | 14 May 201900:00 | – | nessus |
| Fedora 21 : wget-1.16-3.fc21 (2014-15347) | 7 Dec 201400:00 | – | nessus |
| Fedora 20 : wget-1.16-3.fc20 (2014-15385) | 24 Nov 201400:00 | – | nessus |
10
| Source | Link |
|---|---|
| nessus | www.nessus.org/u |
| nessus | www.nessus.org/u |
| cve | www.cve.mitre.org/cgi-bin/cvename.cgi |
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2014:1764 and
# CentOS Errata and Security Advisory 2014:1764 respectively.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(78751);
script_version("1.12");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/04");
script_cve_id("CVE-2014-4877");
script_bugtraq_id(70751);
script_xref(name:"RHSA", value:"2014:1764");
script_name(english:"CentOS 6 / 7 : wget (CESA-2014:1764)");
script_summary(english:"Checks rpm output for the updated package");
script_set_attribute(
attribute:"synopsis",
value:"The remote CentOS host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"An updated wget package that fixes one security issue is now available
for Red Hat Enterprise Linux 6 and 7.
Red Hat Product Security has rated this update as having Moderate
security impact. A Common Vulnerability Scoring System (CVSS) base
score, which gives a detailed severity rating, is available from the
CVE link in the References section.
The wget package provides the GNU Wget file retrieval utility for
HTTP, HTTPS, and FTP protocols.
A flaw was found in the way Wget handled symbolic links. A malicious
FTP server could allow Wget running in the mirror mode (using the '-m'
command line option) to write an arbitrary file to a location writable
to by the user running Wget, possibly leading to code execution.
(CVE-2014-4877)
Note: This update changes the default value of the --retr-symlinks
option. The file symbolic links are now traversed by default and
pointed-to files are retrieved rather than creating a symbolic link
locally.
Red Hat would like to thank the GNU Wget project for reporting this
issue. Upstream acknowledges HD Moore of Rapid7, Inc as the original
reporter.
All users of wget are advised to upgrade to this updated package,
which contains a backported patch to correct this issue."
);
# https://lists.centos.org/pipermail/centos-announce/2014-October/020720.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?04597618"
);
# https://lists.centos.org/pipermail/centos-announce/2014-October/020721.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?4aa3eaf7"
);
script_set_attribute(attribute:"solution", value:"Update the affected wget package.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-4877");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:wget");
script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:6");
script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:7");
script_set_attribute(attribute:"vuln_publication_date", value:"2014/10/29");
script_set_attribute(attribute:"patch_publication_date", value:"2014/10/30");
script_set_attribute(attribute:"plugin_publication_date", value:"2014/10/31");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"CentOS Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/CentOS/release");
if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS");
os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS");
os_ver = os_ver[1];
if (! preg(pattern:"^(6|7)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 6.x / 7.x", "CentOS " + os_ver);
if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu);
flag = 0;
if (rpm_check(release:"CentOS-6", reference:"wget-1.12-5.el6_6.1")) flag++;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"wget-1.14-10.el7_0.1")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "wget");
}
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
04 Jan 2021 00:00Current
7.4High risk
Vulners AI Score7.4
CVSS 29.3
EPSS0.74311