Linux Distros Unpatched Vulnerability : CVE-2016-4971

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource. CVE-2016-4971 Note that...

Security Bulletin: A vulnerability with GNU wget affects IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data (CVE-2016-4971)

Summary A vulnerability with GNU wget affects IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data CVE-2016-4971. Please see below for details on how to remediate this issue. Vulnerability Details CVEID:CVE-2016-4971 DESCRIPTION: GNU wget could allow a remote attacker to traverse...

Slackware: Security Advisory (SSA:2016-165-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GNU Wget < 1.18 - Arbitrary File Upload / Remote Code Execution Exploit (2)

Exploit Title: GNU Wget 1.18 - Arbitrary File Upload / Remote Code Execution 2 Original Exploit Author: Dawid Golunski Exploit Author: liewehacksie Version: GNU Wget 1.18 CVE: CVE-2016-4971 import http.server import socketserver import socket import sys class...

GNU wget Arbitrary File Upload / Code Execution

Exploit Title: GNU Wget 1.18 - Arbitrary File Upload / Remote Code Execution 2 Original Exploit Author: Dawid Golunski Exploit Author: liewehacksie Version: GNU Wget 1.18 CVE: CVE-2016-4971 import http.server import socketserver import socket import sys class...

GNU Wget &lt; 1.18 - Arbitrary File Upload (2)

Exploit Title: GNU Wget 1.18 - Arbitrary File Upload / Remote Code Execution 2 Original Exploit Author: Dawid Golunski Exploit Author: liewehacksie Version: GNU Wget 1.18 CVE: CVE-2016-4971 import http.server import socketserver import socket import sys class...

Huawei EulerOS: Security Advisory for wget (EulerOS-SA-2016-1064)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WGET Vulnerability

The wget library has been found to contain a vulnerability CVE 2016-4971. wget allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource. Palo Alto Networks software makes use of the vulnerable library and may be affected. Ref PAN-59677/ CVE...

Scientific Linux Security Update : wget on SL7.x x86_64 (20161103)

Security Fixes : - It was found that wget used a file name provided by the server for the downloaded file when following an HTTP redirect to a FTP server resource. This could cause wget to create a file with a different name than expected, possibly allowing the server to execute arbitrary code on...

CentOS 7 : wget (CESA-2016:2587)

An update for wget is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

wget security update

CentOS Errata and Security Advisory CESA-2016:2587 An update for wget is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Oracle Linux 7 : wget (ELSA-2016-2587)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2016-2587 advisory. - Fix CVE-2016-4971 1345778 - Added support for non-ASCII URLs Related: CVE-2016-4971 Tenable has extracted the preceding description block directly from the...

RHEL 7 : wget (RHSA-2016:2587)

An update for wget is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

RedHat Update for wget RHSA-2016:2587-02

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux: Security Advisory (ALAS-2016-720)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2016-0323 Updated wget packages fix security vulnerability

GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource CVE-2016-4971. Fixed a potential race condition by creating files with .tmp ext and making them accessible to the current user only CVE-2016-7098...

SUSE SLES11 Security Update : wget (SUSE-SU-2016:2358-1)

This update for wget fixes the following issues : - CVE-2016-4971: A HTTP to FTP redirection file name confusion vulnerability was fixed. bsc984060. - CVE-2016-7098: A potential race condition was fixed by creating files with .tmp ext and making them accessible to the current user only. bsc995964...

openSUSE Security Update : wget (openSUSE-2016-1067)

This update for wget fixes the following issues : - Fix for HTTP to a FTP redirection file name confusion vulnerability bsc984060, CVE-2016-4971. - Work around a libidn vulnerability bsc937096, CVE-2015-2059. - Fix for wget fails with basicauth: Failed writing HTTP request: Bad file descriptor...

SUSE SLED12 / SLES12 Security Update : wget (SUSE-SU-2016:2226-1)

This update for wget fixes the following issues : - Fix for HTTP to a FTP redirection file name confusion vulnerability bsc984060, CVE-2016-4971. - Work around a libidn vulnerability bsc937096, CVE-2015-2059. - Fix for wget fails with basicauth: Failed writing HTTP request: Bad file descriptor...

openSUSE Security Update : wget (openSUSE-2016-973)

This update for wget fixes the following issue : - CVE-2016-4971: HTTP to a FTP redirection file name confusion vulnerability boo984060. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...