oss-sec mailing list archives
Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability
From: Solar Designer <solar () openwall com>
Date: Fri, 21 May 2010 07:32:31 +0400
On Fri, May 21, 2010 at 12:53:12AM +0400, Solar Designer wrote:
I brought this issue to the bug-wget list: [Bug-wget] security risk of unexpected download filenames http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00023.html
Micah, the previous wget maintainer who is still active on the bug-wget list, has commented on the issue: http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00031.html http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00033.html It sounds like he does not mind a fix like Florian's patch getting included upstream. We'll see what the current maintainers say. In another bug-wget posting, I described an attack that does not involve a Unix user's home directory and a dot-file: http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00032.html It works against wget of a file into a website "document root" tree and it may take advantage of index.html taking precedence over index.php. Alexander
Current thread:
- [oCERT-2010-001] multiple http client unexpected download filename vulnerability Daniele Bianco (May 17)
- Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability Florian Weimer (May 17)
- Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability Ludwig Nussel (May 18)
- Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability Solar Designer (May 18)
- Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability Ludwig Nussel (May 19)
- Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability Solar Designer (May 19)
- Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability Vincent Danen (Jun 10)
- Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability Solar Designer (May 20)
- Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability Solar Designer (May 20)
- Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability Ludwig Nussel (May 18)
- Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability Florian Weimer (May 17)
- Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability Steven M. Christey (Jun 09)