Wget NULL Character CA SSL Certificate Validation Security Bypass Vulnerability

Wget NULL Character CA SSL Certificate Validation Security Bypass Vulnerability

References:

[wget-notify] [bug #27183] Wget likely suffers from the \0 SSL cert vulnerabilit (Micah Cowan)
changeset: Add NUL-character fix to NEWS file. (Micah Cowan)
changeset: Detect NULs in common name. (Joao Ferreira)
changeset: Only warn of attack if the hostname would have matched. (Micah Cowan)
GNU Wget Homepage (GNU)
ASA-2009-497 (RHSA-2009-1549) (Avaya)
Security Vulnerability in wget(1) Related to Certificate Parsing may Allow Encry (Sun Microsystems)

Privacy Statement
Copyright 2010, SecurityFocus