RHEL 2.1 : wget (RHSA-2003:372)

This script is Copyright (C) 2004-2014 Tenable Network Security, Inc.

Synopsis :

The remote Red Hat host is missing a security update.

Description :

Updated wget packages that correct a buffer overrun are now available.

GNU Wget is a file-retrieval utility that uses the HTTP and FTP

A buffer overflow in the url_filename function for wget 1.8.1 allows
attackers to cause a segmentation fault via a long URL. Red Hat does
not believe that this issue is exploitable to allow an attacker to be
able to run arbitrary code. The Common Vulnerabilities and Exposures
project (cve.mitre.org) has assigned the name CVE-2002-1565 to this

Users of wget should install the erratum package, which contains a
backported security patch and is not vulnerable to this issue.

See also :


Solution :

Update the affected wget package.

Risk factor :

High / CVSS Base Score : 7.5

Family: Red Hat Local Security Checks

Nessus Plugin ID: 12436 ()

Bugtraq ID:

CVE ID: CVE-2002-1565

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial