[Forgot Password]
Login  Register Subscribe

24003

 
 

131573

 
 

108741

 
 

909

 
 

85475

 
 

134

Paid content will be excluded from the download.


Download | Alert*
OVAL

RHSA-2017:3075-01 -- Redhat wget

ID: oval:org.secpod.oval:def:502187Date: (C)2017-10-31   (M)2018-01-27
Class: PATCHFamily: unix




The wget packages provide the GNU Wget file retrieval utility for HTTP, HTTPS, and FTP protocols. Security Fix: * A stack-based and a heap-based buffer overflow flaws were found in wget when processing chunked encoded HTTP responses. By tricking an unsuspecting user into connecting to a malicious HTTP server, an attacker could exploit these flaws to potentially execute arbitrary code. Red Hat would like to thank the GNU Wget project for reporting these issues.

Platform:
Red Hat Enterprise Linux 7
Product:
wget
Reference:
RHSA-2017:3075-01
CVE-2017-13089
CVE-2017-13090
CVE    2
CVE-2017-13090
CVE-2017-13089
CPE    5
cpe:/a:gnu:wget:1.19.1
cpe:/a:gnu:wget
cpe:/o:debian:debian_linux:9.0
cpe:/o:debian:debian_linux:8.0
...

© SecPod Technologies