Full Disclosure mailing list archives
OpenLinux: wget: Buffer overflow
From: security () sco com
Date: Fri, 3 Oct 2003 16:02:50 -0700
To: announce () lists sco com bugtraq () securityfocus com security-alerts () linuxsecurity com full-disclosure ()
lists netsys com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
______________________________________________________________________________
SCO Security Advisory
Subject: OpenLinux: wget: Buffer overflow
Advisory number: CSSA-2003-025.0
Issue date: 2003 October 03
Cross reference: sr883607 fz528216 erg712410 CAN-2003-1565
______________________________________________________________________________
1. Problem Description
wget is a freely available network utility to retrieve files
using HTTP and FTP.
Stefano Zacchirol found a buffer overflow vulnerability in the
code that handles URLs in wget. An attacker can create a long
(more than 256 characters), specially crafted URL that when
parsed by wget can cause the execution of arbitrary code or
program misbehavior. The packages included in this update fix
the problem by unconditionally terminating long URLs
in all cases.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CAN-2003-1565 to this issue.
2. Vulnerable Supported Versions
System Package
----------------------------------------------------------------------
OpenLinux 3.1.1 Server prior to wget-1.8.2-1.i386.rpm
OpenLinux 3.1.1 Workstation prior to wget-1.8.2-1.i386.rpm
3. Solution
The proper solution is to install the latest packages. Many
customers find it easier to use the Caldera System Updater, called
cupdate (or kcupdate under the KDE environment), to update these
packages rather than downloading and installing them by hand.
4. OpenLinux 3.1.1 Server
4.1 Package Location
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server//RPMS
4.2 Packages
c60a6e417ac41287973735f2c82d461c wget-1.8.2-1.i386.rpm
4.3 Installation
rpm -Fvh wget-1.8.2-1.i386.rpm
4.4 Source Package Location
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server//SRPMS
4.5 Source Packages
8ef3938fd5d49cc029b43c6b21cef9e0 wget-1.8.2-1.src.rpm
5. OpenLinux 3.1.1 Workstation
5.1 Package Location
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation//RPMS
5.2 Packages
1c0c42afd39e6d6183b9abf4cc07d039 wget-1.8.2-1.i386.rpm
5.3 Installation
rpm -Fvh wget-1.8.2-1.i386.rpm
5.4 Source Package Location
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation//SRPMS
5.5 Source Packages
932ee4ea3cc81a649735fcf691352be2 wget-1.8.2-1.src.rpm
6. References
Specific references for this advisory:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-1565
http://marc.theaimsgroup.com/?l=bugtraq&m=105474357016184&w=2
SCO security resources:
http://www.sco.com/support/security/index.html
This security fix closes SCO incidents sr883607 fz528216
erg712410.
7. Disclaimer
SCO is not responsible for the misuse of any of the information
we provide on this website and/or through our security
advisories. Our advisories are a service to our customers intended
to promote secure installation and use of SCO products.
8. Acknowledgements
SCO would like to thank Stefano Zacchirol.
______________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAj998ZcACgkQbluZssSXDTGU0ACg0y9nrB9igVfqXEhvVQ+81FnU
RToAn0aQdzBn9VFiwRyAa1b7ZGU+R+iT
=hgWo
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- OpenLinux: wget: Buffer overflow security (Oct 03)