Directory Traversal Vulnerability in Wget by GNU
CVE-2002-1344

Currently unrated

Key Information:

Vendor: Gnu
Status: Wget; Cobalt Raq Xtr
Vendor: CVE Published:; 18 December 2002

What is CVE-2002-1344?

The vulnerability in Wget prior to version 1.8.2-4 enables remote FTP servers to exploit directory traversal techniques, allowing them to create or overwrite files on the system. This is achieved through carefully crafted filenames that include absolute paths or dot dot (..) sequences, potentially compromising system integrity and security. Users of the affected versions should upgrade to secure versions immediately to mitigate these risks.

References

http://distro.conectiva.com/atualizacoes/?id=a&anuncio=00...

vendor-advisoryx_refsource_CONECTIVA

ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-003.0.txt

vendor-advisoryx_refsource_SCO

https://www.debian.org/security/2002/dsa-209

vendor-advisoryx_refsource_DEBIAN

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 18, 2002
Vulnerability Reserved
Dec 9, 2002

Gnu

What is CVE-2002-1344?

References

Timeline