正文

GNU Wget输入验证漏洞

admin
admin V管理员 /0 评论 /7 阅读
0105
此篇文章发布距今已超过1226天,您需要注意文章的内容或图片是否可用!

漏洞信息详情

GNU Wget输入验证漏洞

  • CNNVD编号:CNNVD-201007-041
    • <!--
  • 危害等级: 中危-->
  • 危害等级: 中危
  • CVE编号: CVE-2010-2252
  • 漏洞类型: 输入验证
  • 发布时间: 2010-07-08
  • 威胁类型: 远程
  • 更新时间: 2010-07-08
  • 厂        商: gnu
  • 漏洞来源:

漏洞简介

GNU Wget是GNU计划开发的一套用于在网络上进行下载的自由软件,它支持通过HTTP、HTTPS以及FTP这三个最常见的TCP/IP协议下载。

GNU Wget 1.12以及之前的版本使用服务器提供的文件名而不是原始的URL来确定下载的目标文件名。远程服务器可以利用3xx重定向到含有.wgetrc文件名的URL,紧接着利用3xx重定向到含有伪造的文件名的URL来创建或者覆盖任意的文件,并且可能由于将此写入主目录dotfile中而执行任意代码。

漏洞公告

目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接

Debian Linux 5.0 ia-64

Debian mahara-apache2_1.0.4-4+lenny6_all.deb

http://security.debian.org/pool/updates/main/m/mahara/mahara-apache2_1 .0.4-4+lenny6_all.deb

Debian mahara_1.0.4-4+lenny6_all.deb

http://security.debian.org/pool/updates/main/m/mahara/mahara_1.0.4-4+l enny6_all.deb

Debian Linux 5.0 alpha

Debian mahara_1.0.4-4+lenny6_all.deb

http://security.debian.org/pool/updates/main/m/mahara/mahara_1.0.4-4+l enny6_all.deb

Debian mahara-apache2_1.0.4-4+lenny6_all.deb

http://security.debian.org/pool/updates/main/m/mahara/mahara-apache2_1 .0.4-4+lenny6_all.deb

Debian Linux 5.0 ia-32

Debian mahara-apache2_1.0.4-4+lenny6_all.deb

http://security.debian.org/pool/updates/main/m/mahara/mahara-apache2_1 .0.4-4+lenny6_all.deb

Debian mahara_1.0.4-4+lenny6_all.deb

http://security.debian.org/pool/updates/main/m/mahara/mahara_1.0.4-4+l enny6_all.deb

Debian Linux 5.0 s/390

Debian mahara-apache2_1.0.4-4+lenny6_all.deb

http://security.debian.org/pool/updates/main/m/mahara/mahara-apache2_1 .0.4-4+lenny6_all.deb

Debian mahara_1.0.4-4+lenny6_all.deb

http://security.debian.org/pool/updates/main/m/mahara/mahara_1.0.4-4+l enny6_all.deb

Debian Linux 5.0 mipsel

Debian mahara-apache2_1.0.4-4+lenny6_all.deb

http://security.debian.org/pool/updates/main/m/mahara/mahara-apache2_1 .0.4-4+lenny6_all.deb

Debian mahara_1.0.4-4+lenny6_all.deb

http://security.debian.org/pool/updates/main/m/mahara/mahara_1.0.4-4+l enny6_all.deb

Debian Linux 5.0 hppa

Debian mahara-apache2_1.0.4-4+lenny6_all.deb

http://security.debian.org/pool/updates/main/m/mahara/mahara-apache2_1 .0.4-4+lenny6_all.deb

Debian mahara_1.0.4-4+lenny6_all.deb

http://security.debian.org/pool/updates/main/m/mahara/mahara_1.0.4-4+l enny6_all.deb

Debian Linux 5.0 m68k

Debian mahara-apache2_1.0.4-4+lenny6_all.deb

http://security.debian.org/pool/updates/main/m/mahara/mahara-apache2_1 .0.4-4+lenny6_all.deb

Debian mahara_1.0.4-4+lenny6_all.deb

http://security.debian.org/pool/updates/main/m/mahara/mahara_1.0.4-4+l enny6_all.deb

Debian Linux 5.0 arm

Debian mahara_1.0.4-4+lenny6_all.deb

http://security.debian.org/pool/updates/main/m/mahara/mahara_1.0.4-4+l enny6_all.deb

Debian mahara-apache2_1.0.4-4+lenny6_all.deb

http://security.debian.org/pool/updates/main/m/mahara/mahara-apache2_1 .0.4-4+lenny6_all.deb

Debian Linux 5.0 armel

Debian mahara-apache2_1.0.4-4+lenny6_all.deb

http://security.debian.org/pool/updates/main/m/mahara/mahara-apache2_1 .0.4-4+lenny6_all.deb

Debian mahara_1.0.4-4+lenny6_all.deb

http://security.debian.org/pool/updates/main/m/mahara/mahara_1.0.4-4+l enny6_all.deb

Debian Linux 5.0

Debian mahara_1.0.4-4+lenny6_all.deb

http://security.debian.org/pool/updates/main/m/mahara/mahara_1.0.4-4+l enny6_all.deb

Debian mahara-apache2_1.0.4-4+lenny6_all.deb

http://security.debian.org/pool/updates/main/m/mahara/mahara-apache2_1 .0.4-4+lenny6_all.deb

Debian Linux 5.0 amd64

Debian mahara_1.0.4-4+lenny6_all.deb

http://security.debian.org/pool/updates/main/m/mahara/mahara_1.0.4-4+l enny6_all.deb

Debian mahara-apache2_1.0.4-4+lenny6_all.deb

http://security.debian.org/pool/updates/main/m/mahara/mahara-apache2_1 .0.4-4+lenny6_all.deb

Debian Linux 5.0 mips

Debian mahara-apache2_1.0.4-4+lenny6_all.deb

http://security.debian.org/pool/updates/main/m/mahara/mahara-apache2_1 .0.4-4+lenny6_all.deb

Debian mahara_1.0.4-4+lenny6_all.deb

http://security.debian.org/pool/updates/main/m/mahara/mahara_1.0.4-4+l enny6_all.deb

Debian Linux 5.0 powerpc

Debian mahara-apache2_1.0.4-4+lenny6_all.deb

http://security.debian.org/pool/updates/main/m/mahara/mahara-apache2_1 .0.4-4+lenny6_all.deb

Debian mahara_1.0.4-4+lenny6_all.deb

http://security.debian.org/pool/updates/main/m/mahara/mahara_1.0.4-4+l enny6_all.deb

Debian Linux 5.0 sparc

Debian mahara-apache2_1.0.4-4+lenny6_all.deb

http://security.debian.org/pool/updates/main/m/mahara/mahara-apache2_1 .0.4-4+lenny6_all.deb

Debian mahara_1.0.4-4+lenny6_all.deb

http://security.debian.org/pool/updates/main/m/mahara/mahara_1.0.4-4+l enny6_all.deb

参考网址

来源: bugzilla.redhat.com

链接:https://bugzilla.redhat.com/show_bug.cgi?id=602797

来源: bugzilla.redhat.com

链接:https://bugzilla.redhat.com/show_bug.cgi?id=591580

来源: MISC

链接:http://www.ocert.org/advisories/ocert-2010-001.html

来源: MLIST

名称: [oss-security] 20100609 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability

链接:http://marc.info/?l=oss-security&m=127611288927500&w=2

来源: MLIST

名称: [oss-security] 20100521 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability

链接:http://marc.info/?l=oss-security&m=127441275821210&w=2

来源: MLIST

名称: [oss-security] 20100520 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability

链接:http://marc.info/?l=oss-security&m=127432968701342&w=2

来源: MLIST

名称: [oss-security] 20100519 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability

链接:http://marc.info/?l=oss-security&m=127427572721591&w=2

来源: MLIST

名称: [oss-security] 20100518 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability

链接:http://marc.info/?l=oss-security&m=127422615924593&w=2

来源: MLIST

名称: [oss-security] 20100518 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability

链接:http://marc.info/?l=oss-security&m=127416905831994&w=2

来源: MLIST

名称: [oss-security] 20100517 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability

链接:http://marc.info/?l=oss-security&m=127412569216380&w=2

来源: MLIST

名称: [oss-security] 20100517 [oCERT-2010-001] multiple http client unexpected download filename vulnerability

链接:http://marc.info/?l=oss-security&m=127411372529485&w=2

来源: MLIST

名称: [bug-wget] 20100521 Re: security risk of unexpected download filenames

链接:http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00034.html

来源: MLIST

名称: [bug-wget] 20100520 Re: security risk of unexpected download filenames

链接:http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00033.html

来源: MLIST

名称: [bug-wget] 20100521 Re: security risk of unexpected download filenames

链接:http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00032.html

来源: MLIST

名称: [bug-wget] 20100520 Re: security risk of unexpected download filenames

链接:http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00031.html

来源: MLIST

名称: [bug-wget] 20100520 security risk of unexpected download filenames

链接:http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00023.html

受影响实体

  • Gnu Wget:1.9  
    <!--
    2000-1-1
    -->
  • Gnu Wget:1.8.2  
    <!--
    2000-1-1
    -->
  • Gnu Wget:1.8.1  
    <!--
    2000-1-1
    -->
  • Gnu Wget:1.8  
    <!--
    2000-1-1
    -->
  • Gnu Wget:1.7.1  
    <!--
    2000-1-1
    -->

补丁

  • wget-1.11.4-CVE-2010-2252
    <!--
    2010-6-10
    -->