• info
• discussion
• exploit
• solution
• references

Wget NULL Character CA SSL Certificate Validation Security Bypass Vulnerability

Solution:
Updates are available. Please see the references for more information.


Ubuntu Ubuntu Linux 8.10 powerpc

• Ubuntu wget-udeb_1.11.4-1ubuntu1.1_powerpc.udeb
  http://ports.ubuntu.com/pool/universe/w/wget/wget-udeb_1.11.4-1ubuntu1 .1_powerpc.udeb


• Ubuntu wget_1.11.4-1ubuntu1.1_powerpc.deb
  http://ports.ubuntu.com/pool/main/w/wget/wget_1.11.4-1ubuntu1.1_powerp c.deb

Debian Linux 5.0 alpha

• Debian wget_1.11.4-2+lenny1_alpha.deb
  http://security.debian.org/pool/updates/main/w/wget/wget_1.11.4-2+lenn y1_alpha.deb

Mandriva Linux Mandrake 2008.0

• Mandriva wget-1.10.2-6.1mdv2008.0.i586.rpm
  http://www.mandriva.com/en/download/

Ubuntu Ubuntu Linux 9.04 sparc

• Ubuntu wget-udeb_1.11.4-2ubuntu1.1_sparc.udeb
  http://ports.ubuntu.com/pool/universe/w/wget/wget-udeb_1.11.4-2ubuntu1 .1_sparc.udeb


• Ubuntu wget_1.11.4-2ubuntu1.1_sparc.deb
  http://ports.ubuntu.com/pool/main/w/wget/wget_1.11.4-2ubuntu1.1_sparc. deb

Debian Linux 4.0 amd64

• Debian wget_1.10.2-2+etch1_amd64.deb
  http://security.debian.org/pool/updates/main/w/wget/wget_1.10.2-2+etch 1_amd64.deb

Debian Linux 4.0 ia-32

• Debian wget_1.10.2-2+etch1_i386.deb
  http://security.debian.org/pool/updates/main/w/wget/wget_1.10.2-2+etch 1_i386.deb

Ubuntu Ubuntu Linux 8.10 sparc

• Ubuntu wget-udeb_1.11.4-1ubuntu1.1_sparc.udeb
  http://ports.ubuntu.com/pool/universe/w/wget/wget-udeb_1.11.4-1ubuntu1 .1_sparc.udeb


• Ubuntu wget_1.11.4-1ubuntu1.1_sparc.deb
  http://ports.ubuntu.com/pool/main/w/wget/wget_1.11.4-1ubuntu1.1_sparc. deb

Ubuntu Ubuntu Linux 9.04 lpia

• Ubuntu wget-udeb_1.11.4-2ubuntu1.1_lpia.udeb
  http://ports.ubuntu.com/pool/universe/w/wget/wget-udeb_1.11.4-2ubuntu1 .1_lpia.udeb


• Ubuntu wget_1.11.4-2ubuntu1.1_lpia.deb
  http://ports.ubuntu.com/pool/main/w/wget/wget_1.11.4-2ubuntu1.1_lpia.d eb

Debian Linux 5.0 armel

• Debian wget_1.11.4-2+lenny1_armel.deb
  http://security.debian.org/pool/updates/main/w/wget/wget_1.11.4-2+lenn y1_armel.deb

Debian Linux 5.0 mips

• Debian wget_1.11.4-2+lenny1_mips.deb
  http://security.debian.org/pool/updates/main/w/wget/wget_1.11.4-2+lenn y1_mips.deb

Ubuntu Ubuntu Linux 9.04 amd64

• Ubuntu wget-udeb_1.11.4-2ubuntu1.1_amd64.udeb
  http://security.ubuntu.com/ubuntu/pool/universe/w/wget/wget-udeb_1.11. 4-2ubuntu1.1_amd64.udeb


• Ubuntu wget_1.11.4-2ubuntu1.1_amd64.deb
  http://security.ubuntu.com/ubuntu/pool/main/w/wget/wget_1.11.4-2ubuntu 1.1_amd64.deb

Debian Linux 5.0 sparc

• Debian wget_1.11.4-2+lenny1_sparc.deb
  http://security.debian.org/pool/updates/main/w/wget/wget_1.11.4-2+lenn y1_sparc.deb

Debian Linux 4.0 arm

• Debian wget_1.10.2-2+etch1_arm.deb
  http://security.debian.org/pool/updates/main/w/wget/wget_1.10.2-2+etch 1_arm.deb

Debian Linux 4.0 powerpc

• Debian wget_1.10.2-2+etch1_powerpc.deb
  http://security.debian.org/pool/updates/main/w/wget/wget_1.10.2-2+etch 1_powerpc.deb

Ubuntu Ubuntu Linux 8.10 i386

• Ubuntu wget-udeb_1.11.4-1ubuntu1.1_i386.udeb
  http://security.ubuntu.com/ubuntu/pool/universe/w/wget/wget-udeb_1.11. 4-1ubuntu1.1_i386.udeb


• Ubuntu wget_1.11.4-1ubuntu1.1_i386.deb
  http://security.ubuntu.com/ubuntu/pool/main/w/wget/wget_1.11.4-1ubuntu 1.1_i386.deb

Debian Linux 5.0 s/390

• Debian wget_1.11.4-2+lenny1_s390.deb
  http://security.debian.org/pool/updates/main/w/wget/wget_1.11.4-2+lenn y1_s390.deb

Ubuntu Ubuntu Linux 8.04 LTS lpia

• Ubuntu wget-udeb_1.10.2-3ubuntu1.1_lpia.udeb
  http://ports.ubuntu.com/pool/universe/w/wget/wget-udeb_1.10.2-3ubuntu1 .1_lpia.udeb


• Ubuntu wget_1.10.2-3ubuntu1.1_lpia.deb
  http://ports.ubuntu.com/pool/main/w/wget/wget_1.10.2-3ubuntu1.1_lpia.d eb

Ubuntu Ubuntu Linux 6.06 LTS i386

• Ubuntu wget_1.10.2-1ubuntu1.1_i386.deb
  http://security.ubuntu.com/ubuntu/pool/main/w/wget/wget_1.10.2-1ubuntu 1.1_i386.deb

Debian Linux 5.0 hppa

• Debian wget_1.11.4-2+lenny1_hppa.deb
  http://security.debian.org/pool/updates/main/w/wget/wget_1.11.4-2+lenn y1_hppa.deb

Debian Linux 4.0 sparc

• Debian wget_1.10.2-2+etch1_sparc.deb
  http://security.debian.org/pool/updates/main/w/wget/wget_1.10.2-2+etch 1_sparc.deb

Ubuntu Ubuntu Linux 8.04 LTS i386

• Ubuntu wget-udeb_1.10.2-3ubuntu1.1_i386.udeb
  http://security.ubuntu.com/ubuntu/pool/universe/w/wget/wget-udeb_1.10. 2-3ubuntu1.1_i386.udeb


• Ubuntu wget_1.10.2-3ubuntu1.1_i386.deb
  http://security.ubuntu.com/ubuntu/pool/main/w/wget/wget_1.10.2-3ubuntu 1.1_i386.deb