#VU33335 Input validation error in wget - CVE-2010-2252

Cybersecurity Help s.r.o.

Published: 2010-07-06 | Updated: 2020-08-03

Vulnerability identifier: #VU33335

Vulnerability risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2010-2252

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
wget
Server applications / File servers (FTP/HTTP)

Vendor: GNU

Description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

GNU Wget 1.12 and earlier uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a 3xx redirect to a URL with a .wgetrc filename followed by a 3xx redirect to a URL with a crafted filename, and possibly execute arbitrary code as a consequence of writing to a dotfile in a home directory.

Mitigation
Install update from vendor's website.

Vulnerable software versions

wget: 1.5.3 - 1.12

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Input validation error in wget (Alpine package)

Gentoo update for Wget

Input validation error in GNU wget