WGet Insecure File Creation Race Condition Vulnerability

The 'wget' utility has been reported prone to a race-condition vulnerability. The issue exists because wget doesn't lock files that it creates and writes to during file downloads.

A local attacker may exploit this condition to corrupt files with the privileges of the victim who is running the vulnerable version of wget.


 

Privacy Statement
Copyright 2010, SecurityFocus