Our global Cyber Awareness System focuses on the open-source Wget application.



Connectikpeople.co, soon #Retinknow recalls that the open-source Wget application which is most widely used on Linux and Unix systems for retrieving files from the web is vulnerable.

If unfamiliar, GNU Wget is a command-line utility designed to retrieve files from the Web via HTTP, HTTPS, and FTP.  You can install Wget on any Unix-like system, including on others environments, like Microsoft Windows, Mac OS X, OpenVMS, MorphOS and AmigaOS.

The vulnerability reported to the GNU Wget project by HD Moore, chief research officer at Rapid7. The flaw is considered critical since wget is present on nearly every Linux server in the world.

We recommend Users and Administrators, to review fixed Wget project in wget 1.16, which can block the default setting that allowed the setting of local symlinks.

An exploit for the vulnerability is available (download the exploit) on the open-source Metasploit penetration testing Website. Security researchers could test the bug.


Popular Posts