CVE-2002-1344 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2002-1344
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2002-1344

Description: Directory traversal vulnerability in wget before 1.8.2-4 allows a remote FTP server to create or overwrite files as the wget user via filenames containing (1) /absolute/path or (2) .. (dot dot) sequences.

CVE Status: Candidate

References: XF http://www.iss.net/security_center/static/10820.php VULNWATCH http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0102.html SCO REDHAT http://www.redhat.com/support/errata/RHSA-2002-256.html http://www.redhat.com/support/errata/RHSA-2002-229.html OPENPKG http://www.openpkg.com/security/advisories/OpenPKG-SA-2003.007.html MANDRAKE http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-086.php DEBIAN http://marc.theaimsgroup.com/?l=bugtraq&m=103973388702700&w=2 CONECTIVA http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000552 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000552 CIAC http://www.ciac.org/ciac/bulletins/n-022.shtml CERT-VN 210148 CALDERA http://www.securityfocus.com/archive/1/archive/1/307045/30/26300/threaded BUGTRAQ http://marc.theaimsgroup.com/?l=bugtraq&m=104033016703851&w=2 http://marc.theaimsgroup.com/?l=bugtraq&m=103962838628940&w=2 BID 6352 6360

Return to the previous page.