GNU Wget CVE-2014-4877 Symlink Vulnerability

Bugtraq ID: 70751
Class: Race Condition Error
CVE: CVE-2014-4877
Remote: Yes
Local: No
Published: Oct 27 2014 12:00AM
Updated: Feb 02 2017 12:02AM
Credit: Vendor reported this issue.
Vulnerable: SuSE SUSE Linux Enterprise Server 11 SP1 LTSS
+ Linux kernel 2.6.5
+ Linux kernel 2.6.5
SuSE SUSE Linux Enterprise Server 10 SP4 LTSS
+ Linux kernel 2.6.5
SuSE Linux Enterprise Server 11 SP2 LTSS
Redhat Enterprise Linux Server EUS 6.5
Redhat Enterprise Linux HPC Node EUS 6.5
Oracle Enterprise Linux 6.2
Oracle Enterprise Linux 6
Mandriva Business Server 1 X86 64
Mandriva Business Server 1
HP Insight Control 7.5.1
HP Insight Control 7.5
HP Insight Control 7.4
HP Insight Control 7.3
HP Insight Control 7.2
GNU wget 1.15
Gentoo Linux
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
CentOS CentOS 6
Avaya one-X Client Enablement Services 6.2
Avaya IP Office Server Edition 9.0
Avaya IP Office Server Edition 8.1
Avaya IP Office Application Server 9.0 SP 2
Avaya IP Office Application Server 9.0 SP 1
Avaya IP Office Application Server 9.0
Avaya CMS R17ac.h
Avaya CMS R17ac.g
Avaya CMS r17
Avaya Aura Session Manager 6.3.1
Avaya Aura Session Manager 6.3.3
Avaya Aura Session Manager 6.3
Avaya Aura Experience Portal 6.0.2
+ Avaya Communication Manager Server DEFINITY Server SI/CS
+ Avaya Communication Manager Server S8100
+ Avaya Communication Manager Server S8300
+ Avaya Communication Manager Server S8500
+ Avaya Communication Manager Server S8700
Avaya Aura Experience Portal 6.0.1
+ Avaya Communication Manager Server DEFINITY Server SI/CS
+ Avaya Communication Manager Server S8100
+ Avaya Communication Manager Server S8300
+ Avaya Communication Manager Server S8500
+ Avaya Communication Manager Server S8700
Avaya Aura Experience Portal 7.0
Avaya Aura Experience Portal 6.0 SP2
+ Avaya Communication Manager Server DEFINITY Server SI/CS
+ Avaya Communication Manager Server S8100
+ Avaya Communication Manager Server S8300
+ Avaya Communication Manager Server S8500
+ Avaya Communication Manager Server S8700
Avaya Aura Experience Portal 6.0 SP1
+ Avaya Communication Manager Server DEFINITY Server SI/CS
+ Avaya Communication Manager Server S8100
+ Avaya Communication Manager Server S8300
+ Avaya Communication Manager Server S8500
+ Avaya Communication Manager Server S8700
Avaya Aura Experience Portal 6.0
+ Avaya Communication Manager Server DEFINITY Server SI/CS
+ Avaya Communication Manager Server S8100
+ Avaya Communication Manager Server S8300
+ Avaya Communication Manager Server S8500
+ Avaya Communication Manager Server S8700
Avaya Aura Collaboration Environment 3.0
Avaya Aura Collaboration Environment 2.0
Not Vulnerable: GNU wget 1.16


 

Privacy Statement
Copyright 2010, SecurityFocus