GNU wget 1.5.3 chmod symlink Vulnerability
BID:1299
Info
GNU wget 1.5.3 chmod symlink Vulnerability
| Bugtraq ID: | 1299 |
| Class: | Unknown |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Feb 02 1999 12:00AM |
| Updated: | Feb 02 1999 12:00AM |
| Credit: | Posted to BugTraq Feb 02, 1999 by Const Kaplinsky <[email protected]> |
| Vulnerable: |
GNU wget 1.5.3 |
| Not Vulnerable: | |
Discussion
GNU wget 1.5.3 chmod symlink Vulnerability
GNU Wget is a freely available network utility to retrieve files from the World Wide Web, using HTTP (Hyper Text Transfer Protocol) and FTP (File Transfer Protocol), the two most widely used Internet protocols. When invoked with the -N option, it tries to chmod downloaded symlinks, but actually permissions are changed at target files. There is the potential to chmod target files to world-writable.
GNU Wget is a freely available network utility to retrieve files from the World Wide Web, using HTTP (Hyper Text Transfer Protocol) and FTP (File Transfer Protocol), the two most widely used Internet protocols. When invoked with the -N option, it tries to chmod downloaded symlinks, but actually permissions are changed at target files. There is the potential to chmod target files to world-writable.
Exploit / POC
GNU wget 1.5.3 chmod symlink Vulnerability
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution / Fix
GNU wget 1.5.3 chmod symlink Vulnerability
Solution:
Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Applying the following patch will ensure that symlink targets are not chmod'd:
- if (f->perms && dlthis)
+ if (f->perms && f->type == FT_PLAINFILE && dlthis)
Solution:
Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Applying the following patch will ensure that symlink targets are not chmod'd:
- if (f->perms && dlthis)
+ if (f->perms && f->type == FT_PLAINFILE && dlthis)
References
GNU wget 1.5.3 chmod symlink Vulnerability
References:
References: