Symbolic Link Vulnerability in Wget 1.5.3 by GNU
CVE-1999-0402

Currently unrated

Key Information:

Vendor: Gnu
Status: Wget
Vendor: CVE Published:; 2 January 1999

What is CVE-1999-0402?

The wget 1.5.3 version by GNU includes a vulnerability that allows the program to follow symbolic links when modifying file permissions. Instead of adjusting permissions on the symlink itself, wget mistakenly alters the target file, potentially leading to unauthorized access or modifications. This oversight can be exploited by attackers to gain elevated privileges or compromise system security.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-...

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Jun 7, 1999
Vulnerability published
Jan 2, 1999

Gnu

What is CVE-1999-0402?

References

Timeline