| Reporter | Title | Published | Views | Family All 98 |
|---|---|---|---|---|
| GNU Wget FTP Symlink Arbitrary Filesystem Access Exploit | 1 Nov 201400:00 | – | zdt | |
| IBM Security Network Protection / IBM QRadar Network Security / XGS Technote Index | 31 Jan 202100:10 | – | ibm | |
| Security Bulletin: Multiple vulnerabilities in IBM Security Network Protection (CVE-2014-3567, CVE-2014-4877, CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, CVE-2014-3568) | 16 Jun 201821:22 | – | ibm | |
| Medium: wget | 5 Nov 201400:00 | – | amazon | |
| Amazon Linux AMI : wget (ALAS-2014-442) | 6 Nov 201400:00 | – | nessus | |
| CentOS 6 / 7 : wget (CESA-2014:1764) | 31 Oct 201400:00 | – | nessus | |
| Debian DLA-82-1 : wget security update | 26 Mar 201500:00 | – | nessus | |
| Debian DSA-3062-1 : wget - security update | 4 Nov 201400:00 | – | nessus | |
| EulerOS Virtualization 3.0.1.0 : wget (EulerOS-SA-2019-1417) | 14 May 201900:00 | – | nessus | |
| Fedora 21 : wget-1.16-3.fc21 (2014-15347) | 7 Dec 201400:00 | – | nessus |
| Source | Link |
|---|---|
| nessus | www.nessus.org/u |
| cve | www.cve.mitre.org/cgi-bin/cvename.cgi |
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text is (C) Scientific Linux.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(78854);
script_version("1.6");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_cve_id("CVE-2014-4877");
script_name(english:"Scientific Linux Security Update : wget on SL6.x, SL7.x i386/x86_64 (20141030)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Scientific Linux host is missing one or more security
updates."
);
script_set_attribute(
attribute:"description",
value:
"A flaw was found in the way Wget handled symbolic links. A malicious
FTP server could allow Wget running in the mirror mode (using the '-m'
command line option) to write an arbitrary file to a location writable
to by the user running Wget, possibly leading to code execution.
(CVE-2014-4877)
Note: This update changes the default value of the --retr-symlinks
option. The file symbolic links are now traversed by default and
pointed-to files are retrieved rather than creating a symbolic link
locally."
);
# https://listserv.fnal.gov/scripts/wa.exe?A2=ind1411&L=scientific-linux-errata&T=0&P=207
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?924046ee"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected wget and / or wget-debuginfo packages."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:wget");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:wget-debuginfo");
script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");
script_set_attribute(attribute:"vuln_publication_date", value:"2014/10/29");
script_set_attribute(attribute:"patch_publication_date", value:"2014/10/30");
script_set_attribute(attribute:"plugin_publication_date", value:"2014/11/04");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Scientific Linux Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
os_ver = os_ver[1];
if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 7.x", "Scientific Linux " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
flag = 0;
if (rpm_check(release:"SL6", reference:"wget-1.12-5.el6_6.1")) flag++;
if (rpm_check(release:"SL6", reference:"wget-debuginfo-1.12-5.el6_6.1")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"wget-1.14-10.el7_0.1")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"wget-debuginfo-1.14-10.el7_0.1")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "wget / wget-debuginfo");
}
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation