ALAS-2017-916 ---- wgetID: oval:org.secpod.oval:def:1600796 | Date: (C)2017-11-02 (M)2023-12-20 |
Class: PATCH | Family: unix |
Heap-based buffer overflow in HTTP protocol handlingA heap-based buffer overflow, when processing chunked encoded HTTP responses, was found in wget. By tricking an unsuspecting user into connecting to a malicious HTTP server, an attacker could exploit this flaw to potentially execute arbitrary code. Stack-based buffer overflow in HTTP protocol handlingA stack-based buffer overflow when processing chunked, encoded HTTP responses was found in wget. By tricking an unsuspecting user into connecting to a malicious HTTP server, an attacker could exploit this flaw to potentially execute arbitrary code
Platform: |
Amazon Linux AMI |