5

CVE-2004-1487

Exploit
wget 1.8.x and 1.9.x allows a remote malicious web server to overwrite certain files via a redirection URL containing a ".." that resolves to the IP address of the malicious server, which bypasses wget's filtering for ".." sequences.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GnuWget Version1.8
GnuWget Version1.8.1
GnuWget Version1.8.2
GnuWget Version1.9
GnuWget Version1.9.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.66% 0.735
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.redhat.com/support/errata/RHSA-2005-771.html
https://usn.ubuntu.com/145-1/
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=261755
Vendor Advisory
Exploit
http://marc.info/?l=bugtraq&m=110269474112384&w=2
http://securitytracker.com/id?1012472
http://www.securityfocus.com/bid/11871
Vendor Advisory
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/18420
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11682