Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name	HTTP:GNU-WGET-SB
Severity	Major
Recommended	No
Recommended Action	Drop
Category	HTTP
Keywords	GNU Wget CVE-2016-7098 Security Bypass
Release Date	2017/01/19
Update Number	2822
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: GNU Wget CVE-2016-7098 Security Bypass

This signature detects attempts to exploit a known vulnerability against GNU Wget. An attacker can exploit this issue to bypass the security mechanism and perform unauthorized actions.

Extended Description

Race condition in wget 1.17 and earlier, when used in recursive or mirroring mode to download a single file, might allow remote servers to bypass intended access list restrictions by keeping an HTTP connection open.

Affected Products

Gnu wget 1.17

References

BugTraq: 93157
CVE: CVE-2016-7098

Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: GNU Wget CVE-2016-7098 Security Bypass

Extended Description

Affected Products

References