[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-wget] security risk of unexpected download filenames
From: |
Doruk Fisek |
Subject: |
Re: [Bug-wget] security risk of unexpected download filenames |
Date: |
Fri, 11 Jun 2010 20:58:04 +0300 |
Hi,
Thu, 20 May 2010 14:51:30 -0700, Micah Cowan <address@hidden> :
> Hm... a problem with this is that it also applies to the case when
> someone is recursively-fetching, and the remote server is (even
> accidentally) misconfigured to include .htaccess in auto-generated
> indexes (and to allow public reading of that file). No obvious way to
> avoid that situation that I can think of... might be worth documenting
> somewhere.
Is there going to be a development in this issue?
I am the Pardus GNU/Linux maintainer of wget and the security team has a
open security bug for this advisory.
Doruk
--
FISEK INSTITUTE - http://www.fisek.org.tr
- Re: [Bug-wget] security risk of unexpected download filenames,
Doruk Fisek <=
- Re: [Bug-wget] security risk of unexpected download filenames, Solar Designer, 2010/06/12
- Re: [Bug-wget] security risk of unexpected download filenames, Giuseppe Scrivano, 2010/06/12
- Re: [Bug-wget] security risk of unexpected download filenames, Doruk Fisek, 2010/06/14
- Re: [Bug-wget] security risk of unexpected download filenames, Giuseppe Scrivano, 2010/06/20
- Re: [Bug-wget] security risk of unexpected download filenames, Solar Designer, 2010/06/21
- Re: [Bug-wget] security risk of unexpected download filenames, Giuseppe Scrivano, 2010/06/21
- Re: [Bug-wget] security risk of unexpected download filenames, Florian Weimer, 2010/06/21
- Re: [Bug-wget] security risk of unexpected download filenames, Daniel Stenberg, 2010/06/21
- Re: [Bug-wget] security risk of unexpected download filenames, Solar Designer, 2010/06/22
- Re: [Bug-wget] security risk of unexpected download filenames, Daniel Stenberg, 2010/06/22