vulnerability

Ubuntu: (Multiple Advisories) (CVE-2017-6508): Wget vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:N/I:P/A:N)	Mar 7, 2017	Oct 26, 2017	Apr 25, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:P/A:N)

Published

Mar 7, 2017

Added

Oct 26, 2017

Modified

Apr 25, 2025

Description

Antti Levomäki, Christian Jalio, and Joonas Pihlaja discovered that Wget
incorrectly handled certain HTTP responses. A remote attacker could use
this issue to cause Wget to crash, resulting in a denial of service, or
possibly execute arbitrary code. (CVE-2017-13089, CVE-2017-13090)

Dawid Golunski discovered that Wget incorrectly handled recursive or
mirroring mode. A remote attacker could possibly use this issue to bypass
intended access list restrictions. (CVE-2016-7098)

Orange Tsai discovered that Wget incorrectly handled CRLF sequences in
HTTP headers. A remote attacker could possibly use this issue to inject
arbitrary HTTP headers. (CVE-2017-6508)

Solution

ubuntu-upgrade-wget

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today