wget FTP client code DoS - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

wget FTP client code DoS
Published: 17.01.2007
Source: BUGTRAQ
SecurityVulns ID: 7063
Type: client
Level: 4/10
Description: Multiple blank 220 FTP responses on FTP SYST command cause application crash.

Affected: GNU : wget 1.10
CVE: CVE-2006-6719 (The ftp_syst function in ftp-basic.c in Free Software Foundation (FSF) GNU wget 1.10.2 allows remote attackers to cause a denial of service (application crash) via a malicious FTP server with a large number of blank 220 responses to the SYST command.)

Original document MANDRIVA, [ MDKSA-2007:017 ] - Updated wget packages fix ftp vulnerability (17.01.2007)

Discuss: Read or add your comments to this news (0 comments)