Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2002:086: wget Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the wget package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2002:086 (wget).
A vulnerability in all versions of wget prior to and including 1.8.2 was
discovered by Steven M. Christey. The bug permits a malicious FTP server to
create or overwriet files anywhere on the local file system by sending filenames
beginning with '/' or containing '/../'. This can be used to make vulnerable FTP
clients write files that can later be used for attack against the client
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2002:086
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.