Dangerous Vulnerability Fixed In Wget

jones_supa writes: A critical flaw has been found and patched in the open source Wget file retrieval utility that is widely used on UNIX systems. The vulnerability is publicly identified as CVE-2014-4877. "It was found that wget was susceptible to a symlink attack which could create arbitrary files, directories or symbolic links and set their permissions when retrieving a directory recursively through FTP," developer Vasyl Kaigorodov writes in Red Hat Bugzilla. A malicious FTP server can stomp over your entire filesystem, tweets HD Moore, chief research officer at Rapid 7, who is the original reporter of the bug.

rapid7.com metasploit & kb.cert.org advisory

- The disclosure is here:

https://community.rapid7.com/c...

- Vulnerability Note VU#685996 (kb.cert.org):

http://www.kb.cert.org/vuls/id...

Nothing to see here, move along

[gweihir]

Bug found, bug fixed, another venerable tool got even better. This is just business as usual.

Re:Nothing to see here, move along

[gweihir]

Very moderately so. Of course, you should not wget to not trustworthy servers until you have a patched version. But you should not do that anyways, even with the patched version. The biggest risk is still what you get from the server, even if it is confined to its intended place.

Of course, for clueless people using insecure practice, this issue may have some importance. The others are not really at risk and will get the information anyways from the vulnerability information feed of their choice.