Directory traversal vulnerability in wget prior to 1.8.2-4 allows a remote FTP server to create or overwrite files as the wget user via filenames containing (1) /absolute/path or (2) .. (dot dot) sequences.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnu wget 1.5.3 |
||
gnu wget 1.6 |
||
gnu wget 1.7 |
||
gnu wget 1.7.1 |
||
gnu wget 1.8 |
||
gnu wget 1.8.1 |
||
gnu wget 1.8.2 |
||
sun cobalt raq xtr |