[v3.0] wget: FTP symlink arbitrary filesystem access (CVE-2014-4877)
Absolute path traversal vulnerability in GNU Wget before 1.16, when recursion is enabled, allows remote FTP servers to write to arbitrary files, and consequently execute arbitrary code, via a LIST response that references the same filename within two entries, one of which indicates that the filename is for a symlink.
References:
http://seclists.org/oss-sec/2014/q4/453
https://bugzilla.redhat.com/show\_bug.cgi?id=1139181
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4877
COMMIT:
http://git.savannah.gnu.org/cgit/wget.git/commit/?id=18b0979357ed7dc4e11d4f2b1d7e0f5932d82aa7
(from redmine: issue id 3574, created on 2014-11-26, closed on 2014-12-08)
- Relations:
- parent #3571 (closed)
- Changesets:
- Revision 1e8ccfea by Natanael Copa on 2014-12-05T10:22:48Z:
main/wget: security upgrade to 1.16 (CVE-2014-4877)
fixes #3574