SUSE: Security Advisory (SUSE-SU-2016:2358-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WGET Vulnerability

The wget library has been found to contain a vulnerability CVE 2016-4971. wget allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource. Palo Alto Networks software makes use of the vulnerable library and may be affected. Ref PAN-59677/ CVE...

wget: Lack of filename checking allows arbitrary file upload via FTP redirect

It was found that wget used a file name provided by the server for the downloaded file when following a HTTP redirect to a FTP server resource. This could cause wget to create a file with a different name than expected, possibly allowing the server to execute arbitrary code on the client...

SUSE-SU-2016:2358-1 Security update for wget

This update for wget fixes the following issues: - CVE-2016-4971: A HTTP to FTP redirection file name confusion vulnerability was fixed. bsc984060. - CVE-2016-7098: A potential race condition was fixed by creating files with .tmp ext and making them accessible to the current user only. bsc995964...

ALPINE-CVE-2016-4971

GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource...

CVE-2016-4971

GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource...

USN-3012-1: Wget vulnerability

Dawid Golunski discovered that Wget incorrectly handled filenames when being redirected from an HTTP to an FTP URL. A malicious server could possibly use this issue to overwrite local files...

UBUNTU-CVE-2016-4971

GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource...