Download
| Alert*
|
oval:org.secpod.oval:def:1600893
A cookie injection flaw was found in wget. An attacker can create a malicious website which, when accessed, overrides cookies belonging to arbitrary domains. oval:org.secpod.oval:def:89002333 This update for wget fixes the following issues: - CVE-2018-0494: Fixed a cookie injection vulnerability by checking for and joining continuation lines oval:org.secpod.oval:def:1000576 The remote host is missing a patch 125215-08 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:1000557 The remote host is missing a patch 125216-08 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:89002064 This update for wget fixes the following issues: - CVE-2018-0494: Fixed Cookie injection vulnerability by checking for and joining continuation lines oval:org.secpod.oval:def:114363 GNU Wget is a file retrieval utility which can use either the HTTP or FTP protocols. Wget features include the ability to work in the background while you are logged out, recursive retrieval of directories, file name wildcard matching, remote file timestamp storage and comparison, use of Rest with F ... oval:org.secpod.oval:def:114364 GNU Wget is a file retrieval utility which can use either the HTTP or FTP protocols. Wget features include the ability to work in the background while you are logged out, recursive retrieval of directories, file name wildcard matching, remote file timestamp storage and comparison, use of Rest with F ... oval:org.secpod.oval:def:2105234 GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the resp_new function in http.c via a \r\n sequence in a continuation line. oval:org.secpod.oval:def:502511 The wget packages provide the GNU Wget file retrieval utility for HTTP, HTTPS, and FTP protocols. Security Fix: * wget: Cookie injection allows malicious website to write arbitrary cookie entries into cookie jar For more details about the security issue, including the impact, a CVSS score, and othe ... oval:org.secpod.oval:def:1700098 A cookie injection flaw was found in wget. An attacker can create a malicious website which, when accessed, overrides cookies belonging to arbitrary domains. oval:org.secpod.oval:def:51092 wget: retrieves files from the web Wget could be made to inject arbitrary cookie values. oval:org.secpod.oval:def:114432 GNU Wget is a file retrieval utility which can use either the HTTP or FTP protocols. Wget features include the ability to work in the background while you are logged out, recursive retrieval of directories, file name wildcard matching, remote file timestamp storage and comparison, use of Rest with F ... oval:org.secpod.oval:def:53325 Harry Sintonen discovered that wget, a network utility to retrieve files from the web, does not properly handle "\r\n" from continuation lines while parsing the Set-Cookie HTTP header. A malicious web server could use this flaw to inject arbitrary cookies to the cookie jar file, adding new or replac ... oval:org.secpod.oval:def:205013 The wget packages provide the GNU Wget file retrieval utility for HTTP, HTTPS, and FTP protocols. Security Fix: * wget: Cookie injection allows malicious website to write arbitrary cookie entries into cookie jar For more details about the security issue, including the impact, a CVSS score, and othe ... oval:org.secpod.oval:def:1502356 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:603395 Harry Sintonen discovered that wget, a network utility to retrieve files from the web, does not properly handle "\r\n" from continuation lines while parsing the Set-Cookie HTTP header. A malicious web server could use this flaw to inject arbitrary cookies to the cookie jar file, adding new or replac ... oval:org.secpod.oval:def:704216 wget: retrieves files from the web Wget could be made to inject arbitrary cookie values. |
