exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

CVE-2010-2252

Status Candidate

Overview

GNU Wget 1.12 and earlier uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a 3xx redirect to a URL with a .wgetrc filename followed by a 3xx redirect to a URL with a crafted filename, and possibly execute arbitrary code as a consequence of writing to a dotfile in a home directory.

Related Files

Red Hat Security Advisory 2014-0151-01
Posted Feb 10, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0151-01 - The wget package provides the GNU Wget file retrieval utility for HTTP, HTTPS, and FTP protocols. Wget provides various useful features, such as the ability to work in the background while the user is logged out, recursive retrieval of directories, file name wildcard matching or updating files in dependency on file timestamp comparison. It was discovered that wget used a file name provided by the server when saving a downloaded file. This could cause wget to create a file with a different name than expected, possibly allowing the server to execute arbitrary code on the client.

tags | advisory, web, arbitrary, protocol
systems | linux, redhat
advisories | CVE-2010-2252
SHA-256 | 717dbc82ea79c91d9538b6f147db7b2dd6acd325272744b0caa4401f82b731ca
Gentoo Linux Security Advisory 201110-10
Posted Oct 14, 2011
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201110-10 - Insecure usage of server provided filenames may allow the creation or overwriting of local files when using wget. Versions less than 1.12-r2 are affected.

tags | advisory, local
systems | linux, gentoo
advisories | CVE-2010-2252
SHA-256 | 57dae58b35db5d84d829246ae2e2948d8086cfde9ce02247b86fb1f06da2ba7e
Mandriva Linux Security Advisory 2010-170
Posted Sep 3, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-170 - GNU Wget 1.12 and earlier uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a 3xx redirect to a URL with a.wgetrc filename followed by a 3xx redirect to a URL with a crafted filename, and possibly execute arbitrary code as a consequence of writing to a dotfile in a home directory.

tags | advisory, remote, arbitrary
systems | linux, mandriva
advisories | CVE-2010-2252
SHA-256 | 7e88aed1075989ac769d24f2faa6e97354507085f73aec9d9b3c569aa00eb29c
Ubuntu Security Notice 982-1
Posted Sep 3, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 982-1 - It was discovered that Wget would use filenames provided by the server when following 3xx redirects. If a user or automated system were tricked into downloading a file from a malicious site, a remote attacker could create the file with an arbitrary name (e.g. .wgetrc), and possibly run arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2010-2252
SHA-256 | be7c4fe29817c72f9305a6d624c17041f6d9550cee4300c4b5f9e9f8162ce554
Debian Linux Security Advisory 2088-1
Posted Aug 6, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2088-1 - It was discovered that wget, a command line tool for downloading files from the WWW, uses server-provided file names when creating local files. This may lead to code execution in some scenarios.

tags | advisory, local, code execution
systems | linux, debian
advisories | CVE-2010-2252
SHA-256 | f2965cab14d4c005e6ced247c1b2fa71227caae9d016b3197226d34ffd158fb4
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close