Debian Security Advisory
DSA-209-1 wget -- directory traversal
- Date Reported:
- 12 Dec 2002
- Affected Packages:
- wget
- Vulnerable:
- Yes
- Security database references:
- In the Bugtraq database (at SecurityFocus): BugTraq ID 6352.
In Mitre's CVE dictionary: CVE-2002-1344, CVE-2002-1565. - More information:
-
Two problems have been found in the wget package as distributed in Debian GNU/Linux:
- Stefano Zacchiroli found a buffer overrun in the url_filename function, which would make wget segfault on very long URLs
- Steven M. Christey discovered that wget did not verify the FTP server response to a NLST command: it must not contain any directory information, since that can be used to make an FTP client overwrite arbitrary files.
Both problems have been fixed in version 1.5.3-3.1 for Debian GNU/Linux 2.2/potato and version 1.8.1-6.1 for Debian GNU/Linux 3.0/woody.
- Fixed in:
-
Debian GNU/Linux 2.2 (potato)
- Source:
- http://security.debian.org/pool/updates/main/w/wget/wget_1.5.3-3.1.diff.gz
- http://security.debian.org/pool/updates/main/w/wget/wget_1.5.3.orig.tar.gz
- http://security.debian.org/pool/updates/main/w/wget/wget_1.5.3-3.1.dsc
- http://security.debian.org/pool/updates/main/w/wget/wget_1.5.3.orig.tar.gz
- alpha (DEC Alpha):
- http://security.debian.org/pool/updates/main/w/wget/wget_1.5.3-3.1_alpha.deb
- arm (ARM):
- http://security.debian.org/pool/updates/main/w/wget/wget_1.5.3-3.1_arm.deb
- i386 (Intel ia32):
- http://security.debian.org/pool/updates/main/w/wget/wget_1.5.3-3.1_i386.deb
- m68k (Motorola Mc680x0):
- http://security.debian.org/pool/updates/main/w/wget/wget_1.5.3-3.1_m68k.deb
- powerpc (PowerPC):
- http://security.debian.org/pool/updates/main/w/wget/wget_1.5.3-3.1_powerpc.deb
- sparc (Sun SPARC/UltraSPARC):
- http://security.debian.org/pool/updates/main/w/wget/wget_1.5.3-3.1_sparc.deb
Debian GNU/Linux 3.0 (woody)
- Source:
- http://security.debian.org/pool/updates/main/w/wget/wget_1.8.1.orig.tar.gz
- http://security.debian.org/pool/updates/main/w/wget/wget_1.8.1-6.1.diff.gz
- http://security.debian.org/pool/updates/main/w/wget/wget_1.8.1-6.1.dsc
- http://security.debian.org/pool/updates/main/w/wget/wget_1.8.1-6.1.diff.gz
- alpha (DEC Alpha):
- http://security.debian.org/pool/updates/main/w/wget/wget_1.8.1-6.1_alpha.deb
- arm (ARM):
- http://security.debian.org/pool/updates/main/w/wget/wget_1.8.1-6.1_arm.deb
- hppa (HP PA RISC):
- http://security.debian.org/pool/updates/main/w/wget/wget_1.8.1-6.1_hppa.deb
- i386 (Intel ia32):
- http://security.debian.org/pool/updates/main/w/wget/wget_1.8.1-6.1_i386.deb
- ia64 (Intel ia64):
- http://security.debian.org/pool/updates/main/w/wget/wget_1.8.1-6.1_ia64.deb
- m68k (Motorola Mc680x0):
- http://security.debian.org/pool/updates/main/w/wget/wget_1.8.1-6.1_m68k.deb
- mips (MIPS (Big Endian)):
- http://security.debian.org/pool/updates/main/w/wget/wget_1.8.1-6.1_mips.deb
- powerpc (PowerPC):
- http://security.debian.org/pool/updates/main/w/wget/wget_1.8.1-6.1_powerpc.deb
- s390 (IBM S/390):
- http://security.debian.org/pool/updates/main/w/wget/wget_1.8.1-6.1_s390.deb
- sparc (Sun SPARC/UltraSPARC):
- http://security.debian.org/pool/updates/main/w/wget/wget_1.8.1-6.1_sparc.deb
MD5 checksums of the listed files are available in the original advisory.