[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] [oCERT-2010-001] multiple http client unexpected download filename vulnerability
From: Solar Designer <solar () openwall ! com>
Date: 2010-05-21 3:32:31
Message-ID: 20100521033231.GA22338 () openwall ! com
[Download RAW message or body]
On Fri, May 21, 2010 at 12:53:12AM +0400, Solar Designer wrote:
> I brought this issue to the bug-wget list:
>
> [Bug-wget] security risk of unexpected download filenames
> http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00023.html
Micah, the previous wget maintainer who is still active on the bug-wget
list, has commented on the issue:
http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00031.html
http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00033.html
It sounds like he does not mind a fix like Florian's patch getting
included upstream. We'll see what the current maintainers say.
In another bug-wget posting, I described an attack that does not involve
a Unix user's home directory and a dot-file:
http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00032.html
It works against wget of a file into a website "document root" tree and
it may take advantage of index.html taking precedence over index.php.
Alexander
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic