CVE-2004-1487

Name of the Vulnerable Software and Affected Versions wget versions 1.8.x through 1.9.x

Description The issue allows a remote malicious web server to overwrite certain files via a redirection URL containing a ".." that resolves to the IP address of the malicious server, which bypasses wget's filtering for ".." sequences.

Recommendations For versions 1.8.x through 1.9.x, as a temporary workaround, consider restricting access to redirection URLs until a patch is available. Avoid using wget to access untrusted web servers that may contain malicious redirection URLs.