PT-2019-1762 · Gnu+5 · Wget+5

Kusano Kazuhiko

Publicado

2019-04-03

Atualizado

2024-06-15

CVE-2019-5953

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions GNU Wget versions 1.20.1 and earlier

Description The issue is related to a buffer overflow in the Wget console utility, which can be exploited by a remote attacker to execute arbitrary code or cause a denial-of-service. The vulnerability is associated with the handling of specially crafted data in multibyte encoding returned by a server.

Recommendations For GNU Wget versions 1.20.1 and earlier, update to version 1.20.3 to resolve the issue. As a temporary workaround, consider restricting the use of Wget until the update is applied.

Correção

DoS

Buffer Overflow

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119CWE-787

Identificadores relacionados

ALT-PU-2019-1590

BDU:2019-01402

CESA-2019_0983

CESA-2019_1228

CVE-2019-5953

DLA-1760-1

DSA-4425-1

OPENSUSE-SU-2019:1236-1

OPENSUSE-SU-2019_1236-1

OPENSUSE-SU-2019_1281-1

OPENSUSE-SU-2024:11510-1

RHSA-2019:0983

RHSA-2019:1228

RHSA-2019:2979

RHSA-2019:3168

RHSA-2019_0983

RHSA-2019_1228

SUSE-SU-2019:0925-1

SUSE-SU-2019:0956-1

SUSE-SU-2019_0956-1

USN-3943-1

USN-3943-2

Produtos afetados

Alt Linux

Centos

Red Hat

Suse

Ubuntu

Wget

PT-2019-1762 · Gnu+5 · Wget+5

CVE-2019-5953

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 44