wget (denial of service)

rPSA-2007-0011-1 wget
rPath Update Announcements announce-noreply at rpath.com
Tue Jan 23 03:45:02 EST 2007

Previous message: rPSA-2007-0007-1 kdenetwork
Next message: rPSA-2007-0012-1 ed
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

--------------------------------------------------------------------------------

rPath Security Advisory: 2007-0011-1
Published: 2007-01-23
Products: rPath Linux 1
Rating: Informational
Exposure Level Classification:
Indirect Deterministic Denial of Service
Updated Versions:
wget=/conary.rpath.com at rpl:devel//1/1.10.2-4-0.1

References:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6719
https://issues.rpath.com/browse/RPL-930

Description:
Previous versions of the wget package can crash if they contact a
malicious FTP server. No further vulnerability is enabled by this
minor flaw; system security is not threatened in any way.