Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Informations
Name MDVSA-2014:212 First vendor Publication 2014-10-29
Vendor Mandriva Last vendor Modification 2014-10-29
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 9.3 Attack Range Network
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Updated wget package fixes security vulnerability:

Wget was susceptible to a symlink attack which could create arbitrary files, directories or symbolic links and set their permissions when retrieving a directory recursively through FTP (CVE-2014-4877).

The default settings in wget have been changed such that wget no longer creates local symbolic links, but rather traverses them and retrieves the pointed-to file in such a retrieval. The old behaviour can be attained by passing the --retr-symlinks=no option to the wget command.

Original Source

Url : http://www.mandriva.com/security/advisories?name=MDVSA-2014:212

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:26933
 
Oval ID: oval:org.mitre.oval:def:26933
Title: ELSA-2014-1764 -- wget security update (moderate)
Description: [1.14-10.1] - Fix CVE-2014-4877 wget: FTP symlink arbitrary filesystem access (#1156135)
Family: unix Class: patch
Reference(s): ELSA-2014-1764
CVE-2014-4877
Version: 3
Platform(s): Oracle Linux 6
Oracle Linux 7
Product(s): wget
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27511
 
Oval ID: oval:org.mitre.oval:def:27511
Title: DSA-3062-1 -- wget security update
Description: HD Moore of Rapid7 discovered a symlink attack in Wget, a command-line utility to retrieve files via HTTP, HTTPS, and FTP. The vulnerability allows to create arbitrary files on the user's system when Wget runs in recursive mode against a malicious FTP server. Arbitrary file creation may override content of user's files or permit remote code execution with the user privilege.
Family: unix Class: patch
Reference(s): DSA-3062-1
CVE-2014-4877
Version: 3
Platform(s): Debian GNU/Linux 7.0
Debian GNU/kFreeBSD 7.0
Product(s): wget
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28220
 
Oval ID: oval:org.mitre.oval:def:28220
Title: USN-2393-1 -- Wget vulnerability
Description: HD Moore discovered that Wget contained a path traversal vulnerability when downloading symlinks using FTP. A malicious remote FTP server or a man in the middle could use this issue to cause Wget to overwrite arbitrary files, possibly leading to arbitrary code execution.
Family: unix Class: patch
Reference(s): USN-2393-1
CVE-2014-4877
Version: 5
Platform(s): Ubuntu 14.10
Ubuntu 14.04
Ubuntu 12.04
Ubuntu 10.04
Product(s): wget
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28354
 
Oval ID: oval:org.mitre.oval:def:28354
Title: RHSA-2014:1764 -- wget security update (Moderate)
Description: The wget package provides the GNU Wget file retrieval utility for HTTP, HTTPS, and FTP protocols. A flaw was found in the way Wget handled symbolic links. A malicious FTP server could allow Wget running in the mirror mode (using the '-m' command line option) to write an arbitrary file to a location writable to by the user running Wget, possibly leading to code execution. (CVE-2014-4877) Note: This update changes the default value of the --retr-symlinks option. The file symbolic links are now traversed by default and pointed-to files are retrieved rather than creating a symbolic link locally. Red Hat would like to thank the GNU Wget project for reporting this issue. Upstream acknowledges HD Moore of Rapid7, Inc as the original reporter. All users of wget are advised to upgrade to this updated package, which contains a backported patch to correct this issue.
Family: unix Class: patch
Reference(s): RHSA-2014:1764
CESA-2014:1764-CentOS 7
CESA-2014:1764-CentOS 6
CVE-2014-4877
Version: 3
Platform(s): Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 7
CentOS Linux 7
CentOS Linux 6
Product(s): wget
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28417
 
Oval ID: oval:org.mitre.oval:def:28417
Title: SUSE-SU-2014:1366-1 -- Security update for wget (important)
Description: wget has been updated to fix one security issue and two non-security issues. This security issue has been fixed: * FTP symlink arbitrary filesystem access (CVE-2014-4877). These non-security issues have been fixed: * Fix displaying of download time (bnc#901276). * Fix 0 size FTP downloads after failure (bnc#885069). Security Issues: * CVE-2014-4877 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4877>
Family: unix Class: patch
Reference(s): SUSE-SU-2014:1366-1
CVE-2014-4877
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Desktop 11
Product(s): wget
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28434
 
Oval ID: oval:org.mitre.oval:def:28434
Title: SUSE-SU-2014:1366-2 -- Security update for wget (important)
Description: wget was updated to fix one security issue and two non-security issues: * FTP symbolic link arbitrary filesystem access (CVE-2014-4877). * Fix displaying of download time (bnc#901276). * Fix 0 size FTP downloads after failure (bnc#885069). Security Issues: * CVE-2014-4877 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4877>
Family: unix Class: patch
Reference(s): SUSE-SU-2014:1366-2
CVE-2014-4877
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
Product(s): wget
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28443
 
Oval ID: oval:org.mitre.oval:def:28443
Title: SUSE-SU-2014:1464-1 -- Security update for wget (moderate)
Description: wget was updated to fix one security issue. This security issue was fixed: - FTP symlink arbitrary filesystem access (CVE-2014-4877).
Family: unix Class: patch
Reference(s): SUSE-SU-2014:1464-1
CVE-2014-4877
Version: 3
Platform(s): SUSE Linux Enterprise Desktop 12
Product(s): wget
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28507
 
Oval ID: oval:org.mitre.oval:def:28507
Title: SUSE-SU-2014:1408-1 -- Security update for wget (important)
Description: wget was updated to fix one security issue: * FTP symbolic link arbitrary filesystem access (CVE-2014-4877). Security Issues: * CVE-2014-4877 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4877>
Family: unix Class: patch
Reference(s): SUSE-SU-2014:1408-1
CVE-2014-4877
Version: 3
Platform(s): SUSE Linux Enterprise Server 10
Product(s): wget
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 33

Snort® IPS/IDS

Date Description
2014-12-04 WGet symlink arbitrary file write attempt
RuleID : 32375 - Revision : 3 - Type : BROWSER-OTHER

Nessus® Vulnerability Scanner

Date Description
2015-05-27 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-1366-2.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-1464-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-1408-1.nasl - Type : ACT_GATHER_INFO
2015-03-30 Name : The remote Mandriva Linux host is missing a security update.
File : mandriva_MDVSA-2015-121.nasl - Type : ACT_GATHER_INFO
2015-03-26 Name : The remote Debian host is missing a security update.
File : debian_DLA-82.nasl - Type : ACT_GATHER_INFO
2014-12-07 Name : The remote Fedora host is missing a security update.
File : fedora_2014-15347.nasl - Type : ACT_GATHER_INFO
2014-12-04 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-1955.nasl - Type : ACT_GATHER_INFO
2014-12-02 Name : The remote Fedora host is missing a security update.
File : fedora_2014-15405.nasl - Type : ACT_GATHER_INFO
2014-11-26 Name : The remote OracleVM host is missing a security update.
File : oraclevm_OVMSA-2014-0036.nasl - Type : ACT_GATHER_INFO
2014-11-24 Name : The remote Fedora host is missing a security update.
File : fedora_2014-15385.nasl - Type : ACT_GATHER_INFO
2014-11-17 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201411-05.nasl - Type : ACT_GATHER_INFO
2014-11-11 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-637.nasl - Type : ACT_GATHER_INFO
2014-11-10 Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_ee7b4f9d66c811e49ae1e8e0b722a85e.nasl - Type : ACT_GATHER_INFO
2014-11-06 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_wget-141105.nasl - Type : ACT_GATHER_INFO
2014-11-06 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2014-442.nasl - Type : ACT_GATHER_INFO
2014-11-04 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20141030_wget_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-11-04 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3062.nasl - Type : ACT_GATHER_INFO
2014-10-31 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2393-1.nasl - Type : ACT_GATHER_INFO
2014-10-31 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-1764.nasl - Type : ACT_GATHER_INFO
2014-10-31 Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2014-1764.nasl - Type : ACT_GATHER_INFO
2014-10-31 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2014-1764.nasl - Type : ACT_GATHER_INFO
2014-10-30 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2014-302-01.nasl - Type : ACT_GATHER_INFO
2014-10-30 Name : The remote Mandriva Linux host is missing a security update.
File : mandriva_MDVSA-2014-212.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
Date Informations
2014-10-31 13:23:59
  • Multiple Updates
2014-10-29 21:28:10
  • Multiple Updates
2014-10-29 17:27:07
  • Multiple Updates
2014-10-29 09:22:00
  • First insertion