FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

wget -- Access List Bypass / Race Condition

Affected packages
wget <= 1.17


VuXML ID 479c5b91-b6cc-11e6-a04e-3417eb99b9a0
Discovery 2016-11-24
Entry 2016-11-30

Dawid Golunski reports:

GNU wget in version 1.17 and earlier, when used in mirroring/recursive mode, is affected by a Race Condition vulnerability that might allow remote attackers to bypass intended wget access list restrictions specified with -A parameter.


CVE Name CVE-2016-7098