HTTP: GNU wget HTTP Redirect Arbitrary File Overwrite
This signature detects attempts to exploit a known vulnerability against GNU wget. A successful attack can lead to arbitrary file overwrite.
Extended Description
GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource.
Affected Products
Paloaltonetworks pan-os
Short Name
HTTP:STC:GNU-ARBITRARY-FILE
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Arbitrary CVE-2016-4971 File GNU HTTP Overwrite Redirect bid:91530 wget
Release Date
07/28/2016
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3590
False Positive
Unknown
Vendors
Oracle
Gnu
Paloaltonetworks
Canonical
CVSS Score
4.3