From secure@conectiva.com.br Fri Dec 13 15:53:42 2002 From: secure@conectiva.com.br To: conectiva-updates@papaleguas.conectiva.com.br, lwn@lwn.net, bugtraq@securityfocus.com, security-alerts@linuxsecurity.com Date: Fri, 13 Dec 2002 18:23:29 -0200 Subject: [CLA-2002:552] Conectiva Linux Security Announcement - wget -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- CONECTIVA LINUX SECURITY ANNOUNCEMENT - -------------------------------------------------------------------------- PACKAGE : wget SUMMARY : Directory transversal vulnerability DATE : 2002-12-13 18:23:00 ID : CLA-2002:552 RELEVANT RELEASES : 6.0, 7.0, 8 - ------------------------------------------------------------------------- DESCRIPTION GNU wget is a freely available network utility to retrieve files using HTTP and FTP. Steven M. Christey reported[1] a vulnerability[2] in some ftp clients, including wget up to version 1.8.2 (inclusive). The vulnerability resides in the way wget handles server answers to LIST and multiple GET requests. If the filenames in the answer begin with characters pointing to parent directories (like "../" or "/"), wget can download files to that location, thus overwritting arbitrary files. The version 1.8.2 distributed together with this advisory fixes that vulnerability and some other minor bugs besides adding some new features[3]. SOLUTION All wget users are advised to upgrade. REFERENCES: 1.http://www.kb.cert.org/vuls/id/210409 2.http://marc.theaimsgroup.com/?l=bugtraq&m=87602746719482 3.http://cvs.sunsite.dk/viewcvs.cgi/wget/NEWS?rev=WGET_1_8&content-type=text/plain 4.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1344 UPDATED PACKAGES ftp://atualizacoes.conectiva.com.br/6.0/RPMS/wget-1.8.2-1U60_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/wget-1.8.2-1U60_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/wget-1.8.2-1U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/wget-1.8.2-1U70_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/wget-1.8.2-1U80_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/8/SRPMS/wget-1.8.2-1U80_1cl.src.rpm ADDITIONAL INSTRUCTIONS Users of Conectiva Linux version 6.0 or higher may use apt to perform upgrades of RPM packages: - run: apt-get update - after that, execute: apt-get upgrade Detailed instructions reagarding the use of apt and upgrade examples can be found at http://distro.conectiva.com.br/atualizacoes/#apt?idioma=en - ------------------------------------------------------------------------- All packages are signed with Conectiva's GPG key. The key and instructions on how to import it can be found at http://distro.conectiva.com.br/seguranca/chave/?idioma=en Instructions on how to check the signatures of the RPM packages can be found at http://distro.conectiva.com.br/seguranca/politica/?idioma=en - ------------------------------------------------------------------------- All our advisories and generic update instructions can be viewed at http://distro.conectiva.com.br/atualizacoes/?idioma=en - ------------------------------------------------------------------------- subscribe: conectiva-updates-subscribe@papaleguas.conectiva.com.br unsubscribe: conectiva-updates-unsubscribe@papaleguas.conectiva.com.br -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE9+kHA42jd0JmAcZARAqvhAJ9jJ4ZgqtOsgGgKAMpnFH/WqShzFgCgnnBL rv2Mn2ncZ7rng7X35C/5phw= =pqbz -----END PGP SIGNATURE-----