6 matches found
HTTP Cookie Injection
wget is vulnerable to HTTP cookie injection attacks. The vulnerability exists as GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the respnew function in http.c via a \r\n sequence in a continuation line...
GNU Wget: Cookie injection
Background GNU Wget is a free software package for retrieving files using HTTP, HTTPS and FTP, the most widely-used Internet protocols. Description A vulnerability was discovered in GNU Wget’s respnew function which does not validate \r\n sequences in continuation lines. Impact A remote attacker...
GNU Wget Cookie Injection Vulnerability
GNU Wget is a free software package for retrieving files using the most widely used Internet protocols HTTP, HTTPS, FTP and FTPS. A cookie injection vulnerability exists in the respnew function in http.c in GNU Wget before 1.19.5. An attacker can exploit this vulnerability for cookie injection vi...
Design/Logic Flaw
GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the respnew function in http.c via a \r\n sequence in a continuation line...
CVE-2018-0494
GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the respnew function in http.c via a \r\n sequence in a continuation line...
CVE-2018-0494
GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the respnew function in http.c via a \r\n sequence in a continuation line...