GNU Wget is a file retrieval utility that can use either the HTTP or
FTP protocols.
A stack based buffer overflow bug was found in the wget implementation of
NTLM authentication. An attacker could execute arbitrary code on a user’s
machine if the user can be tricked into connecting to a malicious web
server using NTLM authentication. The Common Vulnerabilities and Exposures
project has assigned the name CVE-2005-3185 to this issue.
All users of wget are advised to upgrade to these updated packages, which
contain a backported patch that resolves this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | x86_64 | wget | < 1.10.2-0.40E | wget-1.10.2-0.40E.x86_64.rpm |
RedHat | any | ia64 | wget | < 1.10.2-0.40E | wget-1.10.2-0.40E.ia64.rpm |
RedHat | any | ia64 | wget | < 1.10.2-0.30E | wget-1.10.2-0.30E.ia64.rpm |
RedHat | any | ppc | wget | < 1.10.2-0.40E | wget-1.10.2-0.40E.ppc.rpm |
RedHat | any | ppc | wget | < 1.10.2-0.30E | wget-1.10.2-0.30E.ppc.rpm |
RedHat | any | x86_64 | wget | < 1.10.2-0.30E | wget-1.10.2-0.30E.x86_64.rpm |
RedHat | any | s390 | wget | < 1.10.2-0.40E | wget-1.10.2-0.40E.s390.rpm |
RedHat | any | i386 | wget | < 1.10.2-0.40E | wget-1.10.2-0.40E.i386.rpm |
RedHat | any | i386 | wget | < 1.10.2-0.AS21 | wget-1.10.2-0.AS21.i386.rpm |
RedHat | any | ia64 | wget | < 1.10.2-0.AS21 | wget-1.10.2-0.AS21.ia64.rpm |