Описание
Race condition in wget 1.17 and earlier, when used in recursive or mirroring mode to download a single file, might allow remote servers to bypass intended access list restrictions by keeping an HTTP connection open.
Race condition in wget 1.17 and earlier, when used in recursive or mirroring mode to download a single file, might allow remote servers to bypass intended access list restrictions by keeping an HTTP connection open.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2016-7098
- https://lists.debian.org/debian-lts-announce/2020/01/msg00031.html
- https://www.exploit-db.com/exploits/40824
- http://lists.gnu.org/archive/html/bug-wget/2016-08/msg00083.html
- http://lists.gnu.org/archive/html/bug-wget/2016-08/msg00134.html
- http://lists.opensuse.org/opensuse-updates/2016-09/msg00044.html
- http://lists.opensuse.org/opensuse-updates/2017-01/msg00007.html
- http://www.openwall.com/lists/oss-security/2016/08/27/2
- http://www.securityfocus.com/bid/93157
Связанные уязвимости
Race condition in wget 1.17 and earlier, when used in recursive or mirroring mode to download a single file, might allow remote servers to bypass intended access list restrictions by keeping an HTTP connection open.
Race condition in wget 1.17 and earlier, when used in recursive or mirroring mode to download a single file, might allow remote servers to bypass intended access list restrictions by keeping an HTTP connection open.
Race condition in wget 1.17 and earlier, when used in recursive or mirroring mode to download a single file, might allow remote servers to bypass intended access list restrictions by keeping an HTTP connection open.
Race condition in wget 1.17 and earlier, when used in recursive or mir ...
