CVE-2014-4877 symlink arbitrary filesystem access

Bug #1386711 reported by Tod Beardsley on 2014-10-28
This bug affects 3 people
Affects Status Importance Assigned to Milestone
wget (Ubuntu)

Bug Description

wget prior to 1.16 allows for a web server to write arbitrary files on the client side. A Metasploit module is available for testing:

the disclosure is here:

Redhat's bug is here:

Vulnerable on:

Description: Ubuntu 13.10
Release: 13.10

Package version:

  Installed: 1.14-2ubuntu1
  Candidate: 1.14-2ubuntu1
  Version table:
 *** 1.14-2ubuntu1 0
        500 saucy/main amd64 Packages
        100 /var/lib/dpkg/status

CVE References

Tod Beardsley (todb-0) on 2014-10-28
information type: Private Security → Public Security
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in wget (Ubuntu):
status: New → Confirmed
Seth Arnold (seth-arnold) wrote :
Changed in wget (Ubuntu):
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers