PT-2005-1139 · Gnu+1 · Wget+1

Jan Minar

Published

2005-02-15

Updated

2018-10-03

CVE-2004-1488

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions wget versions 1.8.x through 1.9.x

Description The issue allows remote malicious web servers to inject terminal escape sequences and potentially execute arbitrary code by not filtering or quoting control characters when displaying HTTP responses to the terminal.

Recommendations For versions 1.8.x through 1.9.x, update to a version that properly filters or quotes control characters in HTTP responses to prevent the injection of terminal escape sequences.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2004-1488

RHSA-2005:771

RHSA-2005_771

Affected Products

Red Hat

Wget

PT-2005-1139 · Gnu+1 · Wget+1

CVE-2004-1488

Related Identifiers

Affected Products

References · 20