Vulnerabilities

CVE-2014-4877

by Fred · 29/10/2014

Absolute path traversal vulnerability in GNU Wget before 1.16, when recursion is enabled, allows remote FTP servers to write to arbitrary files, and consequently execute arbitrary code, via a LIST response that references the same filename within two entries, one of which indicates that the filename is for a symlink.

Date published : 2014-10-29

http://www.securityfocus.com/bid/70751

http://www.kb.cert.org/vuls/id/685996

Similar

Tags: Cybersecurity Alert