12 matches found
Linux Distros Unpatched Vulnerability : CVE-2010-2252
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Wget 1.12 and earlier uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allows remote...
RHEL 4 : wget (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - wget: multiple HTTP client download filename vulnerability OCERT 2010-001 CVE-2010-2252 Note that Nessus has not...
RHEL 3 : wget (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 3 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - wget: multiple HTTP client download filename vulnerability OCERT 2010-001 CVE-2010-2252 Note that Nessus has not...
Oracle: Security Advisory (ELSA-2014-0151)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OracleVM 3.3 : wget (OVMSA-2014-0036)
The remote OracleVM system is missing necessary patches to address critical security updates : - Fix CVE-2014-4877 wget: FTP symlink arbitrary filesystem access 1156133 - Fix the parsing of weblink when doing recursive retrieving 960137 - Fix errors found by static analysis of source code 873216 ...
RedHat Update for wget RHSA-2014:0151-01
Check for the Version of wget OpenVAS Vulnerability Test RedHat Update for wget RHSA-2014:0151-01 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...
Scientific Linux Security Update : wget on SL6.x i386/x86_64 (20140210)
It was discovered that wget used a file name provided by the server when saving a downloaded file. This could cause wget to create a file with a different name than expected, possibly allowing the server to execute arbitrary code on the client. CVE-2010-2252 Note: With this update, wget always us...
wget security and bug fix update
1.12-1.11 - Add --trust-server-names option to fix CVE-2010-2252 833831 1.12-1.10 - Build wget again with partial RELRO. LDFLAGS changed due to openssl rebase. 1.12-1.9 - Fix wget to recognize certificates with alternative names 1060113...
FreeBSD Ports: wget, wget-devel
The remote host is missing an update to the system as announced in the referenced advisory. VID d754b7d2-b6a7-11df-826c-e464a695cb21 OpenVAS Vulnerability Test $ Description: Auto generated from VID d754b7d2-b6a7-11df-826c-e464a695cb21 Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...
Mandriva Update for wget MDVSA-2010:170 (wget)
Check for the Version of wget OpenVAS Vulnerability Test Mandriva Update for wget MDVSA-2010:170 wget Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
Mandriva Linux Security Advisory : wget (MDVSA-2010:170)
A vulnerability has been found and corrected in wget : GNU Wget 1.12 and earlier uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a 3xx redirect to a URL with a...
CVE-2010-2252
CVE-2010-2252 affects GNU Wget 1.12 and earlier, where a 3xx redirect process can cause a server-provided filename to be used for destination files, potentially leading to arbitrary file writes or code execution via dotfiles in a home directory. Connected docs confirm affected package versions an...