GNU Wget CVE-2016-7098 Security Bypass Vulnerability



GNU Wget is prone to a security-bypass vulnerability.

An attacker can exploit this issue to bypass the security mechanism and perform unauthorized actions.

Information

Bugtraq ID: 93157
Class: Design Error
CVE: CVE-2016-7098

Remote: Yes
Local: No
Published: Sep 26 2016 12:00AM
Updated: Nov 01 2017 12:05AM
Credit: The vendor reported this issue.
Vulnerable: Ubuntu Ubuntu Linux 17.10
Ubuntu Ubuntu Linux 17.04
Ubuntu Ubuntu Linux 16.04 LTS
Ubuntu Ubuntu Linux 14.04 LTS
GNU wget 1.11.4
GNU wget 1.11.3
GNU wget 1.11.2
GNU wget 1.11.1
GNU wget 1.10.2
GNU wget 1.10.1
GNU wget 1.10
GNU wget 1.9.1
+ MandrakeSoft Corporate Server 3.0 x86_64
 + MandrakeSoft Corporate Server 3.0
+ Mandriva Linux Mandrake 10.2 x86_64
 + Mandriva Linux Mandrake 10.2
+ Mandriva Linux Mandrake 10.1 x86_64
 + Mandriva Linux Mandrake 10.1
+ Mandriva Linux Mandrake 10.0 AMD64
 + Mandriva Linux Mandrake 10.0
GNU wget 1.9
GNU wget 1.8.2
+ Immunix Immunix OS 7+
 + MandrakeSoft Corporate Server 2.1 x86_64
 + MandrakeSoft Corporate Server 2.1
+ MandrakeSoft Single Network Firewall 7.2
+ Mandriva Linux Mandrake 9.0
+ Mandriva Linux Mandrake 8.2 ppc
 + Mandriva Linux Mandrake 8.2
+ Mandriva Linux Mandrake 8.1 ia64
 + Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.0 ppc
 + Mandriva Linux Mandrake 8.0
+ Mandriva Linux Mandrake 7.2
+ Redhat Linux 8.0 i386
 + Redhat Linux 7.3 i386
 + Redhat Linux 7.2 ia64
 + Redhat Linux 7.2 i386
 + Redhat Linux 7.1 ia64
 + Redhat Linux 7.1 i386
 + Redhat Linux 7.0 i386
 + Redhat Linux 6.2 i386
 + S.u.S.E. Linux 8.1
+ S.u.S.E. Linux 8.0 i386
 + S.u.S.E. Linux 8.0
+ S.u.S.E. Linux Personal 9.3
+ S.u.S.E. Linux Personal 9.2 x86_64
 + S.u.S.E. Linux Personal 9.2
+ S.u.S.E. Linux Personal 9.1 x86_64
 + S.u.S.E. Linux Personal 9.1
+ S.u.S.E. Linux Personal 9.0 x86_64
 + S.u.S.E. Linux Personal 9.0
+ S.u.S.E. Linux Personal 8.2
+ Trustix Secure Linux 1.5
GNU wget 1.8.1
+ Debian Linux 3.0 sparc
 + Debian Linux 3.0 s/390
 + Debian Linux 3.0 ppc
 + Debian Linux 3.0 mipsel
 + Debian Linux 3.0 mips
 + Debian Linux 3.0 m68k
 + Debian Linux 3.0 ia-64
 + Debian Linux 3.0 ia-32
 + Debian Linux 3.0 hppa
 + Debian Linux 3.0 arm
 + Debian Linux 3.0 alpha
 GNU wget 1.8
GNU wget 1.7.1
GNU wget 1.7
GNU wget 1.6
GNU wget 1.5.3
+ Debian Linux 2.2 sparc
 + Debian Linux 2.2 powerpc
 + Debian Linux 2.2 IA-32
 + Debian Linux 2.2 arm
 + Debian Linux 2.2 alpha
 + Debian Linux 2.2 68k
 GNU wget 1.17
+ Immunix Immunix OS 7+
 + MandrakeSoft Corporate Server 2.1 x86_64
 + MandrakeSoft Corporate Server 2.1
+ MandrakeSoft Single Network Firewall 7.2
+ Mandriva Linux Mandrake 9.0
+ Mandriva Linux Mandrake 8.2 ppc
 + Mandriva Linux Mandrake 8.2
+ Mandriva Linux Mandrake 8.1 ia64
 + Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.0 ppc
 + Mandriva Linux Mandrake 8.0
+ Mandriva Linux Mandrake 7.2
+ Redhat Linux 8.0 i386
 + Redhat Linux 7.3 i386
 + Redhat Linux 7.2 ia64
 + Redhat Linux 7.2 i386
 + Redhat Linux 7.1 ia64
 + Redhat Linux 7.1 i386
 + Redhat Linux 7.0 i386
 + Redhat Linux 6.2 i386
 + S.u.S.E. Linux 8.1
+ S.u.S.E. Linux 8.0 i386
 + S.u.S.E. Linux 8.0
+ S.u.S.E. Linux Personal 9.3
+ S.u.S.E. Linux Personal 9.2 x86_64
 + S.u.S.E. Linux Personal 9.2
+ S.u.S.E. Linux Personal 9.1 x86_64
 + S.u.S.E. Linux Personal 9.1
+ S.u.S.E. Linux Personal 9.0 x86_64
 + S.u.S.E. Linux Personal 9.0
+ S.u.S.E. Linux Personal 8.2
+ Trustix Secure Linux 1.5
GNU wget 1.16
GNU wget 1.15
GNU wget 1.12
GNU wget 1.11


Not Vulnerable:

Exploit


The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.


Source: www.securityfocus.com
Related Posts