Gravedad: Medio

  Descripción

An arbitrary file overwrite vulnerability exist in the GNU Wget. The vulnerability is due to Wget trusting the filename provided by an FTP server when the original request is redirected from an HTTP server. A remote attacker can exploit this vulnerability by enticing a user to request a file over HTTP and sending an HTTP redirect to an FTP location hosting a malicious file intended to overwrite a user file such as .bashrc or .wgetrc. Upon successful exploitation, the commands contained in the downloaded file will be executed.

  Revelación de la información

Apply associated Trend Micro DPI Rules.

  Soluciones

  Trend Micro Deep Security DPI Rule Number: 1007871