Published: 16/06/2003 Updated: 11/07/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Buffer overflow in url_filename function for wget 1.8.1 allows malicious users to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long URL.

Vulnerable Product	Search on Vulmon	Subscribe to Product
immunix immunix 7

Two problems have been found in the wget package as distributed in Debian GNU/Linux: Stefano Zacchiroli found a buffer overrun in the url_filename function, which would make wget segfault on very long URLs Steven M Christey discovered that wget did not verify the FTP server response to a NLST command: it must not contain any directory infor ...

NVD-CWE-Other http://www.debian.org/security/2002/dsa-209 http://www.redhat.com/support/errata/RHSA-2003-372.html ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-003.0.txt http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000716 ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc http://marc.info/?l=bugtraq&m=105474357016184&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/10851 https://nvd.nist.gov https://www.debian.org/security/./dsa-209

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2002-1565

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect