Comment 2TSB Re: This one is really serious


wget prior to 1.16 allows for a web server to write arbitrary files on the client side


This one is really serious (Score: 2, Informative)

by on 2014-10-29 12:37 (#2TS4)

I think this one has bigger potential than the bash-bug recently discussed. Very few are passing stuff down to a bash shell unfiltered comparing to downloading with wget. Aren't almost all admins pasting in urls and downloading with wget on servers if they need a file from the net? It will not help if you checked the MD5 sum of what you downloaded as the vulnerability was in the client and not in the package you downloaded.

It is enough that one important server get compromized by this vulnerability and it will spread like a wild fire. An exploit will for sure check if the computer wget is running on also is running a web server. If it does, it will probably infect the web server for further spreading.

Re: This one is really serious (Score: 4, Informative)

by on 2014-10-29 15:08 (#2TSB)

Note that it applies only to using wget with both an FTP connexion and recursive flags, which significantly reduces it's potential.

Not to say that it is not a serious one, it is, but it's not as bad as wget on a http url for a single file (which is something I do daily). Now, that would be really messy.


Time Reason Points Voter
2014-10-29 15:15 Informative +1
2014-10-29 15:47 Informative +1
2014-10-29 20:37 Informative +1

Junk Status

Not marked as junk