RHEL 2.1 / 3 / 4 : wget (RHSA-2005:771)

medium Nessus Plugin ID 19833

Synopsis

The remote Red Hat host is missing a security update.

Description

Updated wget package that fixes several security issues is now available.

This update has been rated as having low security impact by the Red Hat Security Response Team.

GNU Wget is a file retrieval utility that can use either the HTTP or FTP protocols.

A bug was found in the way wget writes files to the local disk. If a malicious local user has write access to the directory wget is saving a file into, it is possible to overwrite files that the user running wget has write access to. (CVE-2004-2014)

A bug was found in the way wget filters redirection URLs. It is possible for a malicious Web server to overwrite files the user running wget has write access to. Note: in order for this attack to succeed the local DNS would need to resolve '..' to an IP address, which is an unlikely situation. (CVE-2004-1487)

A bug was found in the way wget displays HTTP response codes. It is possible that a malicious web server could inject a specially crafted terminal escape sequence capable of misleading the user running wget.
(CVE-2004-1488)

Users should upgrade to this updated package, which contains a version of wget that is not vulnerable to these issues.

Solution

Update the affected wget package.

See Also

https://access.redhat.com/security/cve/cve-2004-1487

https://access.redhat.com/security/cve/cve-2004-1488

https://access.redhat.com/security/cve/cve-2004-2014

https://access.redhat.com/errata/RHSA-2005:771

Plugin Details

Severity: Medium

ID: 19833

File Name: redhat-RHSA-2005-771.nasl

Version: 1.25

Type: local

Agent: unix

Published: 10/5/2005

Updated: 1/14/2021

Supported Sensors: Agentless Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Vulnerability Information

CPE: p-cpe:/a:redhat:enterprise_linux:wget, cpe:/o:redhat:enterprise_linux:2.1, cpe:/o:redhat:enterprise_linux:3, cpe:/o:redhat:enterprise_linux:4

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 9/27/2005

Vulnerability Publication Date: 12/31/2004

Reference Information

CVE: CVE-2004-1487, CVE-2004-1488, CVE-2004-2014

BID: 11871

RHSA: 2005:771