ALT-PU-2018-1667-1
Closed vulnerabilities
Published: 2018-05-06
BDU:2018-01512
Уязвимость консольной утилиты для загрузки файлов wget, связанной с недостаточной проверкой вводимых данных, позволяющая нарушителю оказать воздействие на целостность данных
Severity: MEDIUM (6.5)
Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
References:
Published: 2018-05-07
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2018-0494
GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the resp_new function in http.c via a \r\n sequence in a continuation line.
Severity: MEDIUM (6.5)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
References:
- 104129
- 104129
- 1040838
- 1040838
- RHSA-2018:3052
- RHSA-2018:3052
- https://git.savannah.gnu.org/cgit/wget.git/commit/?id=1fc9c95ec144499e69dc8ec76dbe07799d7d82cd
- https://git.savannah.gnu.org/cgit/wget.git/commit/?id=1fc9c95ec144499e69dc8ec76dbe07799d7d82cd
- [debian-lts-announce] 20180511 [SECURITY] [DLA 1375-1] wget security update
- [debian-lts-announce] 20180511 [SECURITY] [DLA 1375-1] wget security update
- https://lists.gnu.org/archive/html/bug-wget/2018-05/msg00020.html
- https://lists.gnu.org/archive/html/bug-wget/2018-05/msg00020.html
- https://savannah.gnu.org/bugs/?53763
- https://savannah.gnu.org/bugs/?53763
- GLSA-201806-01
- GLSA-201806-01
- https://sintonen.fi/advisories/gnu-wget-cookie-injection.txt
- https://sintonen.fi/advisories/gnu-wget-cookie-injection.txt
- USN-3643-1
- USN-3643-1
- USN-3643-2
- USN-3643-2
- DSA-4195
- DSA-4195
- 44601
- 44601