Welcome to our website
wget Update for Mandrake Linux
Posted by philipp on: 12/12/2002 12:22 PM [ Print | 0 comment(s) ]
MandrakeSoft has released a wget package security update for Mandrake Linux
A vulnerability in all versions of wget prior to and including 1.8.2 was discovered by Steven M. Christey. The bug permits a malicious FTP server to create or overwriet files anywhere on the local file system by sending filenames beginning with "/" or containing "/../". This can be used to make vulnerable FTP clients write files that can later be used for attack against the client machine.