CVE-2018-0494

NameCVE-2018-0494
DescriptionGNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the resp_new function in http.c via a \r\n sequence in a continuation line.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-1375-1, DSA-4195-1
NVD severitymedium (attack range: remote)
Debian Bugs898076

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
wget (PTS)jessie (security), jessie1.16-1+deb8u5fixed
stretch (security), stretch1.18-5+deb9u2fixed
buster, sid1.19.5-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
wgetsource(unstable)1.19.5-1medium898076
wgetsourcejessie1.16-1+deb8u5mediumDSA-4195-1
wgetsourcestretch1.18-5+deb9u2mediumDSA-4195-1
wgetsourcewheezy1.13.4-3+deb7u6mediumDLA-1375-1

Notes

https://lists.gnu.org/archive/html/bug-wget/2018-05/msg00020.html
https://savannah.gnu.org/bugs/?53763
https://git.savannah.gnu.org/cgit/wget.git/commit/?id=1fc9c95ec144499e69dc8ec76dbe07799d7d82cd
https://sintonen.fi/advisories/gnu-wget-cookie-injection.txt

Search for package or bug name: Reporting problems