Ubuntu 10.04 LTS / 12.04 LTS / 14.04 LTS / 14.10 : wget vulnerability (USN-2393-1)
High Nessus Plugin ID 78763
SynopsisThe remote Ubuntu host is missing a security-related patch.
DescriptionHD Moore discovered that Wget contained a path traversal vulnerability when downloading symlinks using FTP. A malicious remote FTP server or a man in the middle could use this issue to cause Wget to overwrite arbitrary files, possibly leading to arbitrary code execution.
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpdate the affected wget package.