AnNyung Official Homepage Home > Update [ 1.2 ]  

HOME
What is AnNyung
Documents
Packages System
White Paper
Download
Update
  . 3.x [RSS]
  . 2.x [RSS]
  . 1.3 [RSS]
  . 1.2 [RSS]
  . 1.1 [RSS]
  . 1.0 [RSS]
FAQ
Hardware
RoadMap
Gallery

  Go oops.org
  AnNyung banner 88x31

  AnNyung 1 banner 80x15
  AnNyung 2 banner 80x15
  AnNyung 3 banner 80x15
  AnNyung banner 80x15
  AnNyung banner 80x15



wget 보안 업데이트
Web Browser 로는 FTP 접속이 불가능 합니다.

문서번호 : 1128867699
업데이트 : 2005.10.09


상세내용

CAN-2004-1487:
wget 1.8.x and 1.9.x allows a remote malicious web server to overwrite certain
files via a redirection URL containing a ".." that resolves to the IP address
of the malicious server, which bypasses wget's filtering for ".." sequences.

CAN-2004-1488:
wget 1.8.x and 1.9.x does not filter or quote control characters when displaying
HTTP responses to the terminal, which may allow remote malicious web servers to
inject terminal escape sequences and execute arbitrary code.

CAN-2004-2014:
Wget 1.9 and 1.9.1 allows local users to overwrite arbitrary files via a symlink
attack on the name of the file being downloaded.


Autoupdates 지원 : 지원


update 패키지

  RPMS :

    . wget-1.10.1-2.i686.rpm


  SRPMS :

    . wget-1.10.1-2.src.rpm


참고 :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1487
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1488
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-2014



    



 Home > Update [ 1.2 ]

Copyright 2024 OOPS Development Organization 
LAST MODIFIED: 2018/04/10