| Revision Date: | 2005-11-03 | Version: | 502 |
| Title: | RHSA-2005:812: wget security update (Important) |
| Description: | GNU Wget is a file retrieval utility that can use either the HTTP or FTP protocols.
A stack based buffer overflow bug was found in the wget implementation of NTLM authentication. An attacker could execute arbitrary code on a user's machine if the user can be tricked into connecting to a malicious web server using NTLM authentication. The Common Vulnerabilities and Exposures project has assigned the name CVE-2005-3185 to this issue.
All users of wget are advised to upgrade to these updated packages, which contain a backported patch that resolves this issue.
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | CVE-2005-3185
RHSA-2005:812-01
|
| Platform(s): | Red Hat Enterprise Linux 3
Red Hat Enterprise Linux 4
| Product(s): | |
| Definition Synopsis |
| Release Information Red Hat Enterprise Linux 3 is installed
AND wget is earlier than 0:1.10.2-0.30E
AND wget is signed with Red Hat master key
OR Package Information
Red Hat Enterprise Linux 4 is installed
AND wget is earlier than 0:1.10.2-0.40E
AND wget is signed with Red Hat master key
|