Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2016-4971
Deferred
More InfoOfficial Page
Source-secalert@redhat.com
View Known Exploited Vulnerability (KEV) details
Published At-30 Jun, 2016 | 17:59
Updated At-12 Apr, 2025 | 10:46

GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary2.04.3MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
CPE Matches
GNU
gnu
>>wget>>Versions before 1.18(exclusive)
cpe:2.3:a:gnu:wget:*:*:*:*:*:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>12.04
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>14.04
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>15.10
cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>16.04
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
Oracle Corporation
oracle
>>solaris>>10
cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>solaris>>11.3
cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*
Palo Alto Networks, Inc.
paloaltonetworks
>>pan-os>>Versions from 6.1.0(inclusive) to 6.1.16(inclusive)
cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*
Palo Alto Networks, Inc.
paloaltonetworks
>>pan-os>>Versions from 7.0.0(inclusive) to 7.0.14(inclusive)
cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*
Palo Alto Networks, Inc.
paloaltonetworks
>>pan-os>>Versions from 7.1.0(inclusive) to 7.1.9(inclusive)
cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://git.savannah.gnu.org/cgit/wget.git/commit/?id=e996e322ffd42aaa051602da182d03178d0f13e1secalert@redhat.com
Patch
Vendor Advisory
http://lists.gnu.org/archive/html/info-gnu/2016-06/msg00004.htmlsecalert@redhat.com
Mailing List
Patch
Vendor Advisory
http://lists.opensuse.org/opensuse-updates/2016-08/msg00043.htmlsecalert@redhat.com
Broken Link
http://packetstormsecurity.com/files/162395/GNU-wget-Arbitrary-File-Upload-Code-Execution.htmlsecalert@redhat.com
Exploit
Third Party Advisory
VDB Entry
http://rhn.redhat.com/errata/RHSA-2016-2587.htmlsecalert@redhat.com
Broken Link
http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.htmlsecalert@redhat.com
Third Party Advisory
http://www.securityfocus.com/bid/91530secalert@redhat.com
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1036133secalert@redhat.com
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/USN-3012-1secalert@redhat.com
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1343666secalert@redhat.com
Exploit
Issue Tracking
Patch
Third Party Advisory
https://security.gentoo.org/glsa/201610-11secalert@redhat.com
Third Party Advisory
https://security.paloaltonetworks.com/CVE-2016-4971secalert@redhat.com
Third Party Advisory
https://www.exploit-db.com/exploits/40064/secalert@redhat.com
Exploit
Third Party Advisory
VDB Entry
http://git.savannah.gnu.org/cgit/wget.git/commit/?id=e996e322ffd42aaa051602da182d03178d0f13e1af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://lists.gnu.org/archive/html/info-gnu/2016-06/msg00004.htmlaf854a3a-2127-422b-91ae-364da2661108
Mailing List
Patch
Vendor Advisory
http://lists.opensuse.org/opensuse-updates/2016-08/msg00043.htmlaf854a3a-2127-422b-91ae-364da2661108
Broken Link
http://packetstormsecurity.com/files/162395/GNU-wget-Arbitrary-File-Upload-Code-Execution.htmlaf854a3a-2127-422b-91ae-364da2661108
Exploit
Third Party Advisory
VDB Entry
http://rhn.redhat.com/errata/RHSA-2016-2587.htmlaf854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.securityfocus.com/bid/91530af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1036133af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/USN-3012-1af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1343666af854a3a-2127-422b-91ae-364da2661108
Exploit
Issue Tracking
Patch
Third Party Advisory
https://security.gentoo.org/glsa/201610-11af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://security.paloaltonetworks.com/CVE-2016-4971af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://www.exploit-db.com/exploits/40064/af854a3a-2127-422b-91ae-364da2661108
Exploit
Third Party Advisory
VDB Entry
Change History
0Changes found
Details not found