Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1488

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-1488
Last Modified 21 Aug 2010 12:22:36
Published 27 Apr 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-1488

Summary

wget 1.8.x and 1.9.x does not filter or quote control characters when displaying HTTP responses to the terminal, which may allow remote malicious web servers to inject terminal escape sequences and execute arbitrary code.

Vulnerable Systems

Application

  • Gnu Wget 1.8

  • Gnu Wget 1.8.1

  • Gnu Wget 1.8.2

  • Gnu Wget 1.9

  • Gnu Wget 1.9.1


References

XF - wget-terminal-overwrite(18421)

UBUNTU - USN-145-1

BID - 11871

SECTRACK - 1012472

BUGTRAQ - 20041209 wget: Arbitrary file overwriting/appending/creating and other vulnerabilities

MISC - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=261755

REDHAT - RHSA-2005:771

SUSE - SUSE-SR:2006:016

SECUNIA - 20960


Last Updated: 27 May 2016 10:39:03