CVE-2010-2252 - Vulnerability Details

Vendors	Products
Gnu	Wget
Redhat	Enterprise Linux

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 6
wget-0:1.12-1.11.el6_5	cpe:/o:redhat:enterprise_linux:6	RHSA-2014:0151	2014-02-10T00:00:00Z

Link	Providers
http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00023.html
http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00031.html
http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00032.html
http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00033.html
http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00034.html
http://marc.info/?l=oss-security&m=127411372529485&w=2
http://marc.info/?l=oss-security&m=127412569216380&w=2
http://marc.info/?l=oss-security&m=127416905831994&w=2
http://marc.info/?l=oss-security&m=127422615924593&w=2
http://marc.info/?l=oss-security&m=127427572721591&w=2
http://marc.info/?l=oss-security&m=127432968701342&w=2
http://marc.info/?l=oss-security&m=127441275821210&w=2
http://marc.info/?l=oss-security&m=127611288927500&w=2
http://rhn.redhat.com/errata/RHSA-2014-0151.html
http://www.ocert.org/advisories/ocert-2010-001.html
http://www.securityfocus.com/bid/65722
https://bugzilla.redhat.com/show_bug.cgi?id=591580
https://bugzilla.redhat.com/show_bug.cgi?id=602797
https://nvd.nist.gov/vuln/detail/CVE-2010-2252
https://www.cve.org/CVERecord?id=CVE-2010-2252

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-05-17T00:00:00", "descriptions": [{"lang": "en", "value": "GNU Wget 1.12 and earlier uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a 3xx redirect to a URL with a .wgetrc filename followed by a 3xx redirect to a URL with a crafted filename, and possibly execute arbitrary code as a consequence of writing to a dotfile in a home directory."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-11-25T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "[oss-security] 20100517 [oCERT-2010-001] multiple http client unexpected download filename vulnerability", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://marc.info/?l=oss-security&m=127411372529485&w=2"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=602797"}, {"name": "[bug-wget] 20100520 Re: security risk of unexpected download filenames", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00031.html"}, {"name": "RHSA-2014:0151", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0151.html"}, {"name": "[bug-wget] 20100520 security risk of unexpected download filenames", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00023.html"}, {"name": "[oss-security] 20100609 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://marc.info/?l=oss-security&m=127611288927500&w=2"}, {"name": "65722", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/65722"}, {"tags": ["x_refsource_MISC"], "url": "http://www.ocert.org/advisories/ocert-2010-001.html"}, {"name": "[oss-security] 20100518 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://marc.info/?l=oss-security&m=127416905831994&w=2"}, {"name": "[bug-wget] 20100521 Re: security risk of unexpected download filenames", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00032.html"}, {"name": "[bug-wget] 20100520 Re: security risk of unexpected download filenames", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00033.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=591580"}, {"name": "[oss-security] 20100521 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://marc.info/?l=oss-security&m=127441275821210&w=2"}, {"name": "[oss-security] 20100517 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://marc.info/?l=oss-security&m=127412569216380&w=2"}, {"name": "[oss-security] 20100520 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://marc.info/?l=oss-security&m=127432968701342&w=2"}, {"name": "[oss-security] 20100519 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://marc.info/?l=oss-security&m=127427572721591&w=2"}, {"name": "[bug-wget] 20100521 Re: security risk of unexpected download filenames", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00034.html"}, {"name": "[oss-security] 20100518 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://marc.info/?l=oss-security&m=127422615924593&w=2"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-2252", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "GNU Wget 1.12 and earlier uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a 3xx redirect to a URL with a .wgetrc filename followed by a 3xx redirect to a URL with a crafted filename, and possibly execute arbitrary code as a consequence of writing to a dotfile in a home directory."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "[oss-security] 20100517 [oCERT-2010-001] multiple http client unexpected download filename vulnerability", "refsource": "MLIST", "url": "http://marc.info/?l=oss-security&m=127411372529485&w=2"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=602797", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=602797"}, {"name": "[bug-wget] 20100520 Re: security risk of unexpected download filenames", "refsource": "MLIST", "url": "http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00031.html"}, {"name": "RHSA-2014:0151", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2014-0151.html"}, {"name": "[bug-wget] 20100520 security risk of unexpected download filenames", "refsource": "MLIST", "url": "http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00023.html"}, {"name": "[oss-security] 20100609 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability", "refsource": "MLIST", "url": "http://marc.info/?l=oss-security&m=127611288927500&w=2"}, {"name": "65722", "refsource": "BID", "url": "http://www.securityfocus.com/bid/65722"}, {"name": "http://www.ocert.org/advisories/ocert-2010-001.html", "refsource": "MISC", "url": "http://www.ocert.org/advisories/ocert-2010-001.html"}, {"name": "[oss-security] 20100518 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability", "refsource": "MLIST", "url": "http://marc.info/?l=oss-security&m=127416905831994&w=2"}, {"name": "[bug-wget] 20100521 Re: security risk of unexpected download filenames", "refsource": "MLIST", "url": "http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00032.html"}, {"name": "[bug-wget] 20100520 Re: security risk of unexpected download filenames", "refsource": "MLIST", "url": "http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00033.html"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=591580", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=591580"}, {"name": "[oss-security] 20100521 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability", "refsource": "MLIST", "url": "http://marc.info/?l=oss-security&m=127441275821210&w=2"}, {"name": "[oss-security] 20100517 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability", "refsource": "MLIST", "url": "http://marc.info/?l=oss-security&m=127412569216380&w=2"}, {"name": "[oss-security] 20100520 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability", "refsource": "MLIST", "url": "http://marc.info/?l=oss-security&m=127432968701342&w=2"}, {"name": "[oss-security] 20100519 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability", "refsource": "MLIST", "url": "http://marc.info/?l=oss-security&m=127427572721591&w=2"}, {"name": "[bug-wget] 20100521 Re: security risk of unexpected download filenames", "refsource": "MLIST", "url": "http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00034.html"}, {"name": "[oss-security] 20100518 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability", "refsource": "MLIST", "url": "http://marc.info/?l=oss-security&m=127422615924593&w=2"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T02:25:07.646Z"}, "title": "CVE Program Container", "references": [{"name": "[oss-security] 20100517 [oCERT-2010-001] multiple http client unexpected download filename vulnerability", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://marc.info/?l=oss-security&m=127411372529485&w=2"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=602797"}, {"name": "[bug-wget] 20100520 Re: security risk of unexpected download filenames", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00031.html"}, {"name": "RHSA-2014:0151", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0151.html"}, {"name": "[bug-wget] 20100520 security risk of unexpected download filenames", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00023.html"}, {"name": "[oss-security] 20100609 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://marc.info/?l=oss-security&m=127611288927500&w=2"}, {"name": "65722", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/65722"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.ocert.org/advisories/ocert-2010-001.html"}, {"name": "[oss-security] 20100518 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://marc.info/?l=oss-security&m=127416905831994&w=2"}, {"name": "[bug-wget] 20100521 Re: security risk of unexpected download filenames", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00032.html"}, {"name": "[bug-wget] 20100520 Re: security risk of unexpected download filenames", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00033.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=591580"}, {"name": "[oss-security] 20100521 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://marc.info/?l=oss-security&m=127441275821210&w=2"}, {"name": "[oss-security] 20100517 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://marc.info/?l=oss-security&m=127412569216380&w=2"}, {"name": "[oss-security] 20100520 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://marc.info/?l=oss-security&m=127432968701342&w=2"}, {"name": "[oss-security] 20100519 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://marc.info/?l=oss-security&m=127427572721591&w=2"}, {"name": "[bug-wget] 20100521 Re: security risk of unexpected download filenames", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00034.html"}, {"name": "[oss-security] 20100518 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://marc.info/?l=oss-security&m=127422615924593&w=2"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2010-2252", "datePublished": "2010-07-06T14:00:00", "dateReserved": "2010-06-09T00:00:00", "dateUpdated": "2024-08-07T02:25:07.646Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2010-05-17T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : GNU Wget 1.12 and earlier uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a 3xx redirect to a URL with a .wgetrc filename followed by a 3xx redirect to a URL with a crafted filename, and possibly execute arbitrary code as a consequence of writing to a dotfile in a home directory. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2016-11-25T19:57:01 (string)

orgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

shortName : mitre (string)

}

references : [ »

0 : { »

name : [oss-security] 20100517 [oCERT-2010-001] multiple http client unexpected download filename vulnerability (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

]

url : http://marc.info/?l=oss-security&m=127411372529485&w=2 (string)

}

1 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://bugzilla.redhat.com/show_bug.cgi?id=602797 (string)

}

2 : { »

name : [bug-wget] 20100520 Re: security risk of unexpected download filenames (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

]

url : http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00031.html (string)

}

3 : { »

name : RHSA-2014:0151 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

]

url : http://rhn.redhat.com/errata/RHSA-2014-0151.html (string)

}

4 : { »

name : [bug-wget] 20100520 security risk of unexpected download filenames (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

]

url : http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00023.html (string)

}

5 : { »

name : [oss-security] 20100609 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

]

url : http://marc.info/?l=oss-security&m=127611288927500&w=2 (string)

}

6 : { »

name : 65722 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

]

url : http://www.securityfocus.com/bid/65722 (string)

}

7 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : http://www.ocert.org/advisories/ocert-2010-001.html (string)

}

8 : { »

name : [oss-security] 20100518 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

]

url : http://marc.info/?l=oss-security&m=127416905831994&w=2 (string)

}

9 : { »

name : [bug-wget] 20100521 Re: security risk of unexpected download filenames (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

]

url : http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00032.html (string)

}

10 : { »

name : [bug-wget] 20100520 Re: security risk of unexpected download filenames (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

]

url : http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00033.html (string)

}

11 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://bugzilla.redhat.com/show_bug.cgi?id=591580 (string)

}

12 : { »

name : [oss-security] 20100521 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

]

url : http://marc.info/?l=oss-security&m=127441275821210&w=2 (string)

}

13 : { »

name : [oss-security] 20100517 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

]

url : http://marc.info/?l=oss-security&m=127412569216380&w=2 (string)

}

14 : { »

name : [oss-security] 20100520 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

]

url : http://marc.info/?l=oss-security&m=127432968701342&w=2 (string)

}

15 : { »

name : [oss-security] 20100519 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

]

url : http://marc.info/?l=oss-security&m=127427572721591&w=2 (string)

}

16 : { »

name : [bug-wget] 20100521 Re: security risk of unexpected download filenames (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

]

url : http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00034.html (string)

}

17 : { »

name : [oss-security] 20100518 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

]

url : http://marc.info/?l=oss-security&m=127422615924593&w=2 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : cve@mitre.org (string)

ID : CVE-2010-2252 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : GNU Wget 1.12 and earlier uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a 3xx redirect to a URL with a .wgetrc filename followed by a 3xx redirect to a URL with a crafted filename, and possibly execute arbitrary code as a consequence of writing to a dotfile in a home directory. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : [oss-security] 20100517 [oCERT-2010-001] multiple http client unexpected download filename vulnerability (string)

refsource : MLIST (string)

url : http://marc.info/?l=oss-security&m=127411372529485&w=2 (string)

}

1 : { »

name : https://bugzilla.redhat.com/show_bug.cgi?id=602797 (string)

refsource : CONFIRM (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=602797 (string)

}

2 : { »

name : [bug-wget] 20100520 Re: security risk of unexpected download filenames (string)

refsource : MLIST (string)

url : http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00031.html (string)

}

3 : { »

name : RHSA-2014:0151 (string)

refsource : REDHAT (string)

url : http://rhn.redhat.com/errata/RHSA-2014-0151.html (string)

}

4 : { »

name : [bug-wget] 20100520 security risk of unexpected download filenames (string)

refsource : MLIST (string)

url : http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00023.html (string)

}

5 : { »

name : [oss-security] 20100609 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability (string)

refsource : MLIST (string)

url : http://marc.info/?l=oss-security&m=127611288927500&w=2 (string)

}

6 : { »

name : 65722 (string)

refsource : BID (string)

url : http://www.securityfocus.com/bid/65722 (string)

}

7 : { »

name : http://www.ocert.org/advisories/ocert-2010-001.html (string)

refsource : MISC (string)

url : http://www.ocert.org/advisories/ocert-2010-001.html (string)

}

8 : { »

name : [oss-security] 20100518 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability (string)

refsource : MLIST (string)

url : http://marc.info/?l=oss-security&m=127416905831994&w=2 (string)

}

9 : { »

name : [bug-wget] 20100521 Re: security risk of unexpected download filenames (string)

refsource : MLIST (string)

url : http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00032.html (string)

}

10 : { »

name : [bug-wget] 20100520 Re: security risk of unexpected download filenames (string)

refsource : MLIST (string)

url : http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00033.html (string)

}

11 : { »

name : https://bugzilla.redhat.com/show_bug.cgi?id=591580 (string)

refsource : CONFIRM (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=591580 (string)

}

12 : { »

name : [oss-security] 20100521 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability (string)

refsource : MLIST (string)

url : http://marc.info/?l=oss-security&m=127441275821210&w=2 (string)

}

13 : { »

name : [oss-security] 20100517 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability (string)

refsource : MLIST (string)

url : http://marc.info/?l=oss-security&m=127412569216380&w=2 (string)

}

14 : { »

name : [oss-security] 20100520 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability (string)

refsource : MLIST (string)

url : http://marc.info/?l=oss-security&m=127432968701342&w=2 (string)

}

15 : { »

name : [oss-security] 20100519 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability (string)

refsource : MLIST (string)

url : http://marc.info/?l=oss-security&m=127427572721591&w=2 (string)

}

16 : { »

name : [bug-wget] 20100521 Re: security risk of unexpected download filenames (string)

refsource : MLIST (string)

url : http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00034.html (string)

}

17 : { »

name : [oss-security] 20100518 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability (string)

refsource : MLIST (string)

url : http://marc.info/?l=oss-security&m=127422615924593&w=2 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-07T02:25:07.646Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : [oss-security] 20100517 [oCERT-2010-001] multiple http client unexpected download filename vulnerability (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

2 : x_transferred (string)

]

url : http://marc.info/?l=oss-security&m=127411372529485&w=2 (string)

}

1 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://bugzilla.redhat.com/show_bug.cgi?id=602797 (string)

}

2 : { »

name : [bug-wget] 20100520 Re: security risk of unexpected download filenames (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

2 : x_transferred (string)

]

url : http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00031.html (string)

}

3 : { »

name : RHSA-2014:0151 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

2 : x_transferred (string)

]

url : http://rhn.redhat.com/errata/RHSA-2014-0151.html (string)

}

4 : { »

name : [bug-wget] 20100520 security risk of unexpected download filenames (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

2 : x_transferred (string)

]

url : http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00023.html (string)

}

5 : { »

name : [oss-security] 20100609 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

2 : x_transferred (string)

]

url : http://marc.info/?l=oss-security&m=127611288927500&w=2 (string)

}

6 : { »

name : 65722 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/bid/65722 (string)

}

7 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : http://www.ocert.org/advisories/ocert-2010-001.html (string)

}

8 : { »

name : [oss-security] 20100518 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

2 : x_transferred (string)

]

url : http://marc.info/?l=oss-security&m=127416905831994&w=2 (string)

}

9 : { »

name : [bug-wget] 20100521 Re: security risk of unexpected download filenames (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

2 : x_transferred (string)

]

url : http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00032.html (string)

}

10 : { »

name : [bug-wget] 20100520 Re: security risk of unexpected download filenames (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

2 : x_transferred (string)

]

url : http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00033.html (string)

}

11 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://bugzilla.redhat.com/show_bug.cgi?id=591580 (string)

}

12 : { »

name : [oss-security] 20100521 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

2 : x_transferred (string)

]

url : http://marc.info/?l=oss-security&m=127441275821210&w=2 (string)

}

13 : { »

name : [oss-security] 20100517 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

2 : x_transferred (string)

]

url : http://marc.info/?l=oss-security&m=127412569216380&w=2 (string)

}

14 : { »

name : [oss-security] 20100520 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

2 : x_transferred (string)

]

url : http://marc.info/?l=oss-security&m=127432968701342&w=2 (string)

}

15 : { »

name : [oss-security] 20100519 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

2 : x_transferred (string)

]

url : http://marc.info/?l=oss-security&m=127427572721591&w=2 (string)

}

16 : { »

name : [bug-wget] 20100521 Re: security risk of unexpected download filenames (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

2 : x_transferred (string)

]

url : http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00034.html (string)

}

17 : { »

name : [oss-security] 20100518 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

2 : x_transferred (string)

]

url : http://marc.info/?l=oss-security&m=127422615924593&w=2 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

assignerShortName : mitre (string)

cveId : CVE-2010-2252 (string)

datePublished : 2010-07-06T14:00:00 (string)

dateReserved : 2010-06-09T00:00:00 (string)

dateUpdated : 2024-08-07T02:25:07.646Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gnu:wget:*:*:*:*:*:*:*:*", "matchCriteriaId": "44513D0B-6636-4977-A3B9-F65CFA70B929", "versionEndIncluding": "1.12", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:wget:1.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "50DD71F2-0B3C-4082-950A-CBFA5C601AEF", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:wget:1.6:*:*:*:*:*:*:*", "matchCriteriaId": "26B3B1B6-3985-4479-93B2-14E1AB52F768", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:wget:1.7:*:*:*:*:*:*:*", "matchCriteriaId": "0BC975AA-0F98-4A3A-B3B4-2152156327D9", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:wget:1.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "7DEDFB88-C435-4FB9-838D-8199690A8F70", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:wget:1.8:*:*:*:*:*:*:*", "matchCriteriaId": "D5BF2616-A99A-4229-A8A6-655155ED5EB1", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:wget:1.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "3A14454E-DDAE-4115-8323-8BB4E17DF208", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:wget:1.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "94E758F9-798B-4C25-A94A-8BF4E3E90B3E", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:wget:1.9:*:*:*:*:*:*:*", "matchCriteriaId": "F88CD81A-7804-4316-8581-41689A318D56", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:wget:1.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "1BE0FCE2-ABB9-4943-96AE-C81277014396", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:wget:1.10:*:*:*:*:*:*:*", "matchCriteriaId": "FDE8FE2E-40EF-4B86-A01E-7777FBDABB59", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:wget:1.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "5E097843-1854-4C5E-BB27-07280EB3EEB2", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:wget:1.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "1047974D-7A5D-4533-996B-2B09EC7E8789", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:wget:1.11:*:*:*:*:*:*:*", "matchCriteriaId": "C40562DA-2B50-4B30-B0D8-B62913FCC680", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:wget:1.11.1:*:*:*:*:*:*:*", "matchCriteriaId": "E5B63798-366A-4778-987D-19307228E13B", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:wget:1.11.2:*:*:*:*:*:*:*", "matchCriteriaId": "90DEBAA0-B537-4EEC-8EA2-E503F26A0496", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:wget:1.11.3:*:*:*:*:*:*:*", "matchCriteriaId": "DEC161C5-5247-4A3C-AB56-6562B0A65D21", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:wget:1.11.4:*:*:*:*:*:*:*", "matchCriteriaId": "4F710A7B-ACF3-4955-97E9-07187069CDBF", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "GNU Wget 1.12 and earlier uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a 3xx redirect to a URL with a .wgetrc filename followed by a 3xx redirect to a URL with a crafted filename, and possibly execute arbitrary code as a consequence of writing to a dotfile in a home directory."}, {"lang": "es", "value": "GNU Wget v1.12 y anteriores usan un nombre de fichero proporcionado por el servidor en lugar de la URL original para determinar el nombre de fichero destino de una descarga, lo que permite a servidores remotos crear o sobreescribir ficheros de su elecci\u00f3n a trav\u00e9s de redirecciones 3xx en una URL con nombre de fichero .wgetrc seguido por la redirecci\u00f3n 3xx en una URL con un nombre de fichero manipulado, y probablemente ejecutar c\u00f3digo de su elecci\u00f3n como consecuencia de escribir un fichero punto en un directorio home."}], "id": "CVE-2010-2252", "lastModified": "2024-11-21T01:16:14.667", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2010-07-06T17:17:13.313", "references": [{"source": "cve@mitre.org", "url": "http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00023.html"}, {"source": "cve@mitre.org", "url": "http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00031.html"}, {"source": "cve@mitre.org", "url": "http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00032.html"}, {"source": "cve@mitre.org", "url": "http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00033.html"}, {"source": "cve@mitre.org", "url": "http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00034.html"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=oss-security&m=127411372529485&w=2"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=oss-security&m=127412569216380&w=2"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=oss-security&m=127416905831994&w=2"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=oss-security&m=127422615924593&w=2"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=oss-security&m=127427572721591&w=2"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=oss-security&m=127432968701342&w=2"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=oss-security&m=127441275821210&w=2"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=oss-security&m=127611288927500&w=2"}, {"source": "cve@mitre.org", "url": "http://rhn.redhat.com/errata/RHSA-2014-0151.html"}, {"source": "cve@mitre.org", "url": "http://www.ocert.org/advisories/ocert-2010-001.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/65722"}, {"source": "cve@mitre.org", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=591580"}, {"source": "cve@mitre.org", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=602797"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00023.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00031.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00032.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00033.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00034.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=oss-security&m=127411372529485&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=oss-security&m=127412569216380&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=oss-security&m=127416905831994&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=oss-security&m=127422615924593&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=oss-security&m=127427572721591&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=oss-security&m=127432968701342&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=oss-security&m=127441275821210&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=oss-security&m=127611288927500&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2014-0151.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ocert.org/advisories/ocert-2010-001.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/65722"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=591580"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=602797"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:gnu:wget:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 44513D0B-6636-4977-A3B9-F65CFA70B929 (string)

versionEndIncluding : 1.12 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:gnu:wget:1.5.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 50DD71F2-0B3C-4082-950A-CBFA5C601AEF (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:gnu:wget:1.6:*:*:*:*:*:*:* (string)

matchCriteriaId : 26B3B1B6-3985-4479-93B2-14E1AB52F768 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:gnu:wget:1.7:*:*:*:*:*:*:* (string)

matchCriteriaId : 0BC975AA-0F98-4A3A-B3B4-2152156327D9 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:gnu:wget:1.7.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 7DEDFB88-C435-4FB9-838D-8199690A8F70 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:gnu:wget:1.8:*:*:*:*:*:*:* (string)

matchCriteriaId : D5BF2616-A99A-4229-A8A6-655155ED5EB1 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:gnu:wget:1.8.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 3A14454E-DDAE-4115-8323-8BB4E17DF208 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:gnu:wget:1.8.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 94E758F9-798B-4C25-A94A-8BF4E3E90B3E (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:gnu:wget:1.9:*:*:*:*:*:*:* (string)

matchCriteriaId : F88CD81A-7804-4316-8581-41689A318D56 (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:gnu:wget:1.9.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 1BE0FCE2-ABB9-4943-96AE-C81277014396 (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:a:gnu:wget:1.10:*:*:*:*:*:*:* (string)

matchCriteriaId : FDE8FE2E-40EF-4B86-A01E-7777FBDABB59 (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:a:gnu:wget:1.10.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 5E097843-1854-4C5E-BB27-07280EB3EEB2 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:a:gnu:wget:1.10.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 1047974D-7A5D-4533-996B-2B09EC7E8789 (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:a:gnu:wget:1.11:*:*:*:*:*:*:* (string)

matchCriteriaId : C40562DA-2B50-4B30-B0D8-B62913FCC680 (string)

vulnerable : true (boolean)

}

14 : { »

criteria : cpe:2.3:a:gnu:wget:1.11.1:*:*:*:*:*:*:* (string)

matchCriteriaId : E5B63798-366A-4778-987D-19307228E13B (string)

vulnerable : true (boolean)

}

15 : { »

criteria : cpe:2.3:a:gnu:wget:1.11.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 90DEBAA0-B537-4EEC-8EA2-E503F26A0496 (string)

vulnerable : true (boolean)

}

16 : { »

criteria : cpe:2.3:a:gnu:wget:1.11.3:*:*:*:*:*:*:* (string)

matchCriteriaId : DEC161C5-5247-4A3C-AB56-6562B0A65D21 (string)

vulnerable : true (boolean)

}

17 : { »

criteria : cpe:2.3:a:gnu:wget:1.11.4:*:*:*:*:*:*:* (string)

matchCriteriaId : 4F710A7B-ACF3-4955-97E9-07187069CDBF (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : GNU Wget 1.12 and earlier uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a 3xx redirect to a URL with a .wgetrc filename followed by a 3xx redirect to a URL with a crafted filename, and possibly execute arbitrary code as a consequence of writing to a dotfile in a home directory. (string)

}

1 : { »

lang : es (string)

value : GNU Wget v1.12 y anteriores usan un nombre de fichero proporcionado por el servidor en lugar de la URL original para determinar el nombre de fichero destino de una descarga, lo que permite a servidores remotos crear o sobreescribir ficheros de su elección a través de redirecciones 3xx en una URL con nombre de fichero .wgetrc seguido por la redirección 3xx en una URL con un nombre de fichero manipulado, y probablemente ejecutar código de su elección como consecuencia de escribir un fichero punto en un directorio home. (string)

}

]

id : CVE-2010-2252 (string)

lastModified : 2024-11-21T01:16:14.667 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : MEDIUM (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : PARTIAL (string)

baseScore : 6.8 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : PARTIAL (string)

vectorString : AV:N/AC:M/Au:N/C:P/I:P/A:P (string)

version : 2.0 (string)

}

exploitabilityScore : 8.6 (number)

impactScore : 6.4 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : true (boolean)

}

]

}

published : 2010-07-06T17:17:13.313 (string)

references : [ »

0 : { »

source : cve@mitre.org (string)

url : http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00023.html (string)

}

1 : { »

source : cve@mitre.org (string)

url : http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00031.html (string)

}

2 : { »

source : cve@mitre.org (string)

url : http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00032.html (string)

}

3 : { »

source : cve@mitre.org (string)

url : http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00033.html (string)

}

4 : { »

source : cve@mitre.org (string)

url : http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00034.html (string)

}

5 : { »

source : cve@mitre.org (string)

url : http://marc.info/?l=oss-security&m=127411372529485&w=2 (string)

}

6 : { »

source : cve@mitre.org (string)

url : http://marc.info/?l=oss-security&m=127412569216380&w=2 (string)

}

7 : { »

source : cve@mitre.org (string)

url : http://marc.info/?l=oss-security&m=127416905831994&w=2 (string)

}

8 : { »

source : cve@mitre.org (string)

url : http://marc.info/?l=oss-security&m=127422615924593&w=2 (string)

}

9 : { »

source : cve@mitre.org (string)

url : http://marc.info/?l=oss-security&m=127427572721591&w=2 (string)

}

10 : { »

source : cve@mitre.org (string)

url : http://marc.info/?l=oss-security&m=127432968701342&w=2 (string)

}

11 : { »

source : cve@mitre.org (string)

url : http://marc.info/?l=oss-security&m=127441275821210&w=2 (string)

}

12 : { »

source : cve@mitre.org (string)

url : http://marc.info/?l=oss-security&m=127611288927500&w=2 (string)

}

13 : { »

source : cve@mitre.org (string)

url : http://rhn.redhat.com/errata/RHSA-2014-0151.html (string)

}

14 : { »

source : cve@mitre.org (string)

url : http://www.ocert.org/advisories/ocert-2010-001.html (string)

}

15 : { »

source : cve@mitre.org (string)

url : http://www.securityfocus.com/bid/65722 (string)

}

16 : { »

source : cve@mitre.org (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=591580 (string)

}

17 : { »

source : cve@mitre.org (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=602797 (string)

}

18 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00023.html (string)

}

19 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00031.html (string)

}

20 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00032.html (string)

}

21 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00033.html (string)

}

22 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://lists.gnu.org/archive/html/bug-wget/2010-05/msg00034.html (string)

}

23 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://marc.info/?l=oss-security&m=127411372529485&w=2 (string)

}

24 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://marc.info/?l=oss-security&m=127412569216380&w=2 (string)

}

25 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://marc.info/?l=oss-security&m=127416905831994&w=2 (string)

}

26 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://marc.info/?l=oss-security&m=127422615924593&w=2 (string)

}

27 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://marc.info/?l=oss-security&m=127427572721591&w=2 (string)

}

28 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://marc.info/?l=oss-security&m=127432968701342&w=2 (string)

}

29 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://marc.info/?l=oss-security&m=127441275821210&w=2 (string)

}

30 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://marc.info/?l=oss-security&m=127611288927500&w=2 (string)

}

31 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://rhn.redhat.com/errata/RHSA-2014-0151.html (string)

}

32 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.ocert.org/advisories/ocert-2010-001.html (string)

}

33 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.securityfocus.com/bid/65722 (string)

}

34 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=591580 (string)

}

35 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=602797 (string)

}

]

sourceIdentifier : cve@mitre.org (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-20 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Show plain JSON

{"affected_release": [{"advisory": "RHSA-2014:0151", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "wget-0:1.12-1.11.el6_5", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2014-02-10T00:00:00Z"}], "bugzilla": {"description": "wget: multiple HTTP client download filename vulnerability [OCERT 2010-001]", "id": "602797", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=602797"}, "csaw": false, "cvss": {"cvss_base_score": "5.8", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "status": "verified"}, "details": ["GNU Wget 1.12 and earlier uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a 3xx redirect to a URL with a .wgetrc filename followed by a 3xx redirect to a URL with a crafted filename, and possibly execute arbitrary code as a consequence of writing to a dotfile in a home directory."], "name": "CVE-2010-2252", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:3", "fix_state": "Will not fix", "package_name": "wget", "product_name": "Red Hat Enterprise Linux 3"}, {"cpe": "cpe:/o:redhat:enterprise_linux:4", "fix_state": "Will not fix", "package_name": "wget", "product_name": "Red Hat Enterprise Linux 4"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "wget", "product_name": "Red Hat Enterprise Linux 5"}], "public_date": "2010-05-17T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2010-2252\nhttps://nvd.nist.gov/vuln/detail/CVE-2010-2252\nhttp://www.ocert.org/advisories/ocert-2010-001.html"], "statement": "Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This has been rated as having Low security impact due to the series of events required to successfully exploit it, and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.", "threat_severity": "Low"}

{

affected_release : [ »

0 : { »

advisory : RHSA-2014:0151 (string)

cpe : cpe:/o:redhat:enterprise_linux:6 (string)

package : wget-0:1.12-1.11.el6_5 (string)

product_name : Red Hat Enterprise Linux 6 (string)

release_date : 2014-02-10T00:00:00Z (string)

}

]

bugzilla : { »

description : wget: multiple HTTP client download filename vulnerability [OCERT 2010-001] (string)

id : 602797 (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=602797 (string)

}

csaw : false (boolean)

cvss : { »

cvss_base_score : 5.8 (string)

cvss_scoring_vector : AV:N/AC:M/Au:N/C:N/I:P/A:P (string)

status : verified (string)

}

details : [ »

0 : GNU Wget 1.12 and earlier uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a 3xx redirect to a URL with a .wgetrc filename followed by a 3xx redirect to a URL with a crafted filename, and possibly execute arbitrary code as a consequence of writing to a dotfile in a home directory. (string)

]

name : CVE-2010-2252 (string)

package_state : [ »

0 : { »

cpe : cpe:/o:redhat:enterprise_linux:3 (string)

fix_state : Will not fix (string)

package_name : wget (string)

product_name : Red Hat Enterprise Linux 3 (string)

}

1 : { »

cpe : cpe:/o:redhat:enterprise_linux:4 (string)

fix_state : Will not fix (string)

package_name : wget (string)

product_name : Red Hat Enterprise Linux 4 (string)

}

2 : { »

cpe : cpe:/o:redhat:enterprise_linux:5 (string)

fix_state : Will not fix (string)

package_name : wget (string)

product_name : Red Hat Enterprise Linux 5 (string)

}

]

public_date : 2010-05-17T00:00:00Z (string)

references : [ »

0 : https://www.cve.org/CVERecord?id=CVE-2010-2252 https://nvd.nist.gov/vuln/detail/CVE-2010-2252 http://www.ocert.org/advisories/ocert-2010-001.html (string)

]

statement : Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This has been rated as having Low security impact due to the series of events required to successfully exploit it, and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/. (string)

threat_severity : Low (string)

}

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object