Lucene search
GoogleOSV:DLA-536-1HistoryJun 30, 2016 - 12:00 a.m.
wget - security update
2016-06-3000:00:00
Google
osv.dev
13
EPSS
0.955
Percentile
99.4%
On a server redirect from HTTP to a FTP resource, wget would trust
the HTTP server and uses the name in the redirected URL as the
destination filename.
This behaviour was changed and now it works similarly as a redirect
from HTTP to another HTTP resource so the original name is used as
the destination file. To keep the previous behaviour the user must
provide --trust-server-names.
For Debian 7 Wheezy, these problems have been fixed in version
1.13.4-3+deb7u3.
We recommend that you upgrade your wget packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: <https://wiki.debian.org/LTS>
References
Related
openvas
openvas
Fedora Update for wget FEDORA-2016-2db8cbc2fd
2016-06-18 00:00:00
Fedora Update for wget FEDORA-2016-e14374472f
2016-06-19 00:00:00
Amazon Linux: Security Advisory (ALAS-2016-720)
2016-10-26 00:00:00
alpinelinux
alpinelinux
CVE-2016-4971
2016-06-30 17:59:07
cvelist
cvelist
CVE-2016-4971
2016-06-30 17:00:00
slackware
slackware
[slackware-security] wget
2016-06-13 07:12:06
ibm
ibm
exploitdb
exploitdb
GNU Wget < 1.18 - Arbitrary File Upload (2)
2021-04-30 00:00:00
GNU Wget < 1.18 - Arbitrary File Upload / Remote Code Execution
2016-07-06 00:00:00
nessus
nessus
RHEL 7 : wget (RHSA-2016:2587)
2016-11-04 00:00:00
Oracle Linux 7 : wget (ELSA-2016-2587)
2016-11-11 00:00:00
Fedora 23 : wget (2016-2db8cbc2fd)
2016-07-14 00:00:00
gentoo
gentoo
GNU Wget: Multiple vulnerabilities
2016-10-29 00:00:00
osv
osv
CVE-2016-4971
2016-06-30 17:59:00
wget-1.18-2.3 on GA media
2024-06-15 00:00:00
cve
cve
CVE-2016-4971
2016-06-30 17:59:07
exploitpack
exploitpack
GNU Wget 1.18 - Arbitrary File Upload Remote Code Execution
2016-07-06 00:00:00
redhatcve
redhatcve
CVE-2016-4971
2016-06-14 08:18:41
amazon
amazon
Medium: wget
2016-07-14 16:30:00
zdt
zdt
GNU Wget < 1.18 - Arbitrary File Upload / Remote Code Execution
2016-07-06 00:00:00
GNU Wget < 1.18 - Arbitrary File Upload / Remote Code Execution Exploit (2)
2021-04-30 00:00:00
checkpoint_advisories
checkpoint_advisories
GNU wget HTTP Redirect Arbitrary File Overwrite (CVE-2016-4971)
2016-07-06 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: wget-1.18-1.fc22
2016-06-18 04:19:51
[SECURITY] Fedora 24 Update: wget-1.18-1.fc24
2016-06-18 19:04:34
[SECURITY] Fedora 23 Update: wget-1.18-1.fc23
2016-06-17 16:02:22
prion
prion
Cross site request forgery (csrf)
2016-06-30 17:59:00
centos
centos
wget security update
2016-11-25 15:51:17
f5
f5
K55181425 : Wget vulnerability CVE-2016-4971
2016-07-13 00:00:00
SOL55181425 - Wget vulnerability CVE-2016-4971
2016-07-13 00:00:00
redhat
redhat
(RHSA-2016:2587) Moderate: wget security and bug fix update
2016-11-03 06:07:15
nvd
nvd
CVE-2016-4971
2016-06-30 17:59:07
debian
debian
[SECURITY] [DLA 536-1] wget security update
2016-06-30 20:12:28
packetstorm
packetstorm
GNU wget Arbitrary File Upload / Code Execution
2021-04-30 00:00:00
GNU Wget Arbitrary File Upload / Potential Remote Code Execution
2016-07-06 00:00:00
paloalto
paloalto
WGET Vulnerability
2017-05-23 03:00:03
freebsd
freebsd
wget -- HTTP to FTP redirection file name confusion vulnerability
2016-06-09 00:00:00
cloudfoundry
cloudfoundry
USN-3012-1 Wget vulnerability | Cloud Foundry
2016-07-13 00:00:00
ubuntucve
ubuntucve
CVE-2016-4971
2016-06-10 00:00:00
archlinux
archlinux
wget: arbitrary file overwrite
2016-06-20 00:00:00
debiancve
debiancve
CVE-2016-4971
2016-06-30 17:59:07
ubuntu
ubuntu
Wget vulnerability
2016-06-20 00:00:00
mageia
mageia
Updated wget packages fix security vulnerability
2016-09-28 08:59:24
oraclelinux
oraclelinux
wget security and bug fix update
2016-11-09 00:00:00