exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2010-170

Mandriva Linux Security Advisory 2010-170
Posted Sep 3, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-170 - GNU Wget 1.12 and earlier uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a 3xx redirect to a URL with a.wgetrc filename followed by a 3xx redirect to a URL with a crafted filename, and possibly execute arbitrary code as a consequence of writing to a dotfile in a home directory.

tags | advisory, remote, arbitrary
systems | linux, mandriva
advisories | CVE-2010-2252
SHA-256 | 7e88aed1075989ac769d24f2faa6e97354507085f73aec9d9b3c569aa00eb29c

Mandriva Linux Security Advisory 2010-170

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2010:170
http://www.mandriva.com/security/
_______________________________________________________________________

Package : wget
Date : September 2, 2010
Affected: 2008.0, 2009.0, 2009.1, 2010.0, 2010.1, Corporate 4.0,
Enterprise Server 5.0
_______________________________________________________________________

Problem Description:

A vulnerability has been found and corrected in wget:

GNU Wget 1.12 and earlier uses a server-provided filename instead of
the original URL to determine the destination filename of a download,
which allows remote servers to create or overwrite arbitrary files
via a 3xx redirect to a URL with a .wgetrc filename followed by a
3xx redirect to a URL with a crafted filename, and possibly execute
arbitrary code as a consequence of writing to a dotfile in a home
directory (CVE-2010-2252).

Packages for 2008.0 and 2009.0 are provided as of the Extended
Maintenance Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490

The updated packages have been patched to correct this issue.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2252
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2008.0:
2f1452708ed6febe407e1c116158bd53 2008.0/i586/wget-1.10.2-6.2mdv2008.0.i586.rpm
21dd2f19ceeb8b36ab09963eda907d0b 2008.0/SRPMS/wget-1.10.2-6.2mdv2008.0.src.rpm

Mandriva Linux 2008.0/X86_64:
befd1e73b9ffd3d01d75e7bc9bc63bcc 2008.0/x86_64/wget-1.10.2-6.2mdv2008.0.x86_64.rpm
21dd2f19ceeb8b36ab09963eda907d0b 2008.0/SRPMS/wget-1.10.2-6.2mdv2008.0.src.rpm

Mandriva Linux 2009.0:
355096fbe1677276227ea873583693b0 2009.0/i586/wget-1.11.4-1.2mdv2009.0.i586.rpm
cdf5a30faa17484a2866837e08b3550f 2009.0/SRPMS/wget-1.11.4-1.2mdv2009.0.src.rpm

Mandriva Linux 2009.0/X86_64:
a4085e07b09d67b8f295584ab35ddfbc 2009.0/x86_64/wget-1.11.4-1.2mdv2009.0.x86_64.rpm
cdf5a30faa17484a2866837e08b3550f 2009.0/SRPMS/wget-1.11.4-1.2mdv2009.0.src.rpm

Mandriva Linux 2009.1:
d3d6016f347ac5d7b01edbb7b6c5cd5f 2009.1/i586/wget-1.11.4-2.2mdv2009.1.i586.rpm
9d8270a9b8de5d56f44a44c93e8011ed 2009.1/SRPMS/wget-1.11.4-2.2mdv2009.1.src.rpm

Mandriva Linux 2009.1/X86_64:
940dd4720eb792e825dfa68997df35be 2009.1/x86_64/wget-1.11.4-2.2mdv2009.1.x86_64.rpm
9d8270a9b8de5d56f44a44c93e8011ed 2009.1/SRPMS/wget-1.11.4-2.2mdv2009.1.src.rpm

Mandriva Linux 2010.0:
798c72df6dcbba66b6a8a84ed39da2f8 2010.0/i586/wget-1.12-1.1mdv2010.0.i586.rpm
b907b039a3103699de15cfc8e4dd895b 2010.0/SRPMS/wget-1.12-1.1mdv2010.0.src.rpm

Mandriva Linux 2010.0/X86_64:
02ec17f7b8fe8d4b32d0ecd1578e8e9f 2010.0/x86_64/wget-1.12-1.1mdv2010.0.x86_64.rpm
b907b039a3103699de15cfc8e4dd895b 2010.0/SRPMS/wget-1.12-1.1mdv2010.0.src.rpm

Mandriva Linux 2010.1:
b670d7af035db4c61a1dc925bd2586cf 2010.1/i586/wget-1.12-4.1mdv2010.1.i586.rpm
d237c820d5bd93b560c0c370bf645607 2010.1/SRPMS/wget-1.12-4.1mdv2010.1.src.rpm

Mandriva Linux 2010.1/X86_64:
1d4e7f9d9fd44937207e1f9905ac2d99 2010.1/x86_64/wget-1.12-4.1mdv2010.1.x86_64.rpm
d237c820d5bd93b560c0c370bf645607 2010.1/SRPMS/wget-1.12-4.1mdv2010.1.src.rpm

Corporate 4.0:
de7e81f0336ff2366876ae2ff334c03a corporate/4.0/i586/wget-1.10-1.4.20060mlcs4.i586.rpm
1e64e31099b37e35e23b6aa64c6618fe corporate/4.0/SRPMS/wget-1.10-1.4.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
38bc352a335d0ab431b76c6889b020ec corporate/4.0/x86_64/wget-1.10-1.4.20060mlcs4.x86_64.rpm
1e64e31099b37e35e23b6aa64c6618fe corporate/4.0/SRPMS/wget-1.10-1.4.20060mlcs4.src.rpm

Mandriva Enterprise Server 5:
c079b55002ddd85953d889e8636f69e0 mes5/i586/wget-1.11.4-1.2mdvmes5.1.i586.rpm
d5b1e38ec6dc55ff0edfb9d07ff4551b mes5/SRPMS/wget-1.11.4-1.2mdv2009.0.src.rpm
3d8118d89968bc2fd0fe68455362494a mes5/SRPMS/wget-1.11.4-1.2mdvmes5.1.src.rpm

Mandriva Enterprise Server 5/X86_64:
63c67375cbc4539a081d7563bd7ddb79 mes5/x86_64/wget-1.11.4-1.2mdvmes5.1.x86_64.rpm
d5b1e38ec6dc55ff0edfb9d07ff4551b mes5/SRPMS/wget-1.11.4-1.2mdv2009.0.src.rpm
3d8118d89968bc2fd0fe68455362494a mes5/SRPMS/wget-1.11.4-1.2mdvmes5.1.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFMf/BhmqjQ0CJFipgRAn0dAKCiHbjaDcjp9KH55a/7Srbgpy3A1ACfUGHR
Plzv1YaAjqNBe/kQDTFjFIM=
=WofG
-----END PGP SIGNATURE-----

Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close