SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

[Forgot Password]

Paid content will be excluded from the download.

Download | Alert*

CVE

CVE-2014-4877

Date: (C)2014-10-30 (M)2023-12-22

Absolute path traversal vulnerability in GNU Wget before 1.16, when recursion is enabled, allows remote FTP servers to write to arbitrary files, and consequently execute arbitrary code, via a LIST response that references the same filename within two entries, one of which indicates that the filename is for a symlink.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 9.3
Exploit Score: 8.6
Impact Score: 10.0

CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE

Reference:

SUSE-SU-2014:1366

SUSE-SU-2014:1408

http://lists.gnu.org/archive/html/bug-wget/2014-10/msg00150.html

http://advisories.mageia.org/MGASA-2014-0431.html

http://git.savannah.gnu.org/cgit/wget.git/commit/?id=18b0979357ed7dc4e11d4f2b1d7e0f5932d82aa7

http://git.savannah.gnu.org/cgit/wget.git/commit/?id=b4440d96cf8173d68ecaa07c36b8f4316ee794d0

http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html

https://bugzilla.redhat.com/show_bug.cgi?id=1139181

https://community.rapid7.com/community/metasploit/blog/2014/10/28/r7-2014-15-gnu-wget-ftp-symlink-arbitrary-filesystem-access

https://github.com/rapid7/metasploit-framework/pull/4088

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722

https://kc.mcafee.com/corporate/index?page=content&id=SB10106

openSUSE-SU-2014:1380

cpe:/a:gnu:wget:1.12
cpe:/a:gnu:wget
cpe:/a:gnu:wget:1.13
cpe:/a:gnu:wget:1.14
...

oval:org.secpod.oval:def:1600121
oval:org.secpod.oval:def:203471
oval:org.secpod.oval:def:1500793
oval:org.secpod.oval:def:702268
...

© SecPod Technologies