DSA-3062 wget - security update
|
Información sobre el sistema
|
|
|
Software afectado |
Debian |
Descripción
|
HD Moore of Rapid7 discovered a symlink attack in Wget, a command-lineutility to retrieve files via HTTP, HTTPS, and FTP. The vulnerabilityallows to create arbitrary files on the users system when Wget runs inrecursive mode against a malicious FTP server. Arbitrary file creationmay override content of users files or permit remote code execution withthe user privilege.
More info:
https://www.debian.org/security/2014/dsa-3062 |
Identificadores estándar
|
Propiedad |
Valor |
CVE |
CVE-2014-4877 and DSA-3062. |