CVE-2002-1344

Currently unrated

Key Information:

Vendor: Gnu
Status: Wget; Cobalt Raq Xtr
Vendor: CVE Published:; 18 December 2002

Summary

Directory traversal vulnerability in wget before 1.8.2-4 allows a remote FTP server to create or overwrite files as the wget user via filenames containing (1) /absolute/path or (2) .. (dot dot) sequences.

References

http://distro.conectiva.com/atualizacoes/?id=a&anuncio=00...

vendor-advisoryx_refsource_CONECTIVA

ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-003.0.txt

vendor-advisoryx_refsource_SCO

https://www.debian.org/security/2002/dsa-209

vendor-advisoryx_refsource_DEBIAN

EPSS Score

16% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 18, 2002
Vulnerability Reserved
Dec 9, 2002