Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: Solar Designer (solaropenwall.com)
Date: Fri Jun 11 2010 - 03:53:25 CDT
Here's a summary of relevant postings to oss-security and bug-wget.
Unofficial patch for wget, by Florian Weimer:
PoC attack on a wget cron job resulting in a .bash_profile overwrite:
Brief description of an attack on a wget cron job not involving a
dot-file nor a home directory (but involving a website tree instead):
Advice on back-porting lftp's fix to versions 3.4.7 through 4.0.5:
On Wed, Jun 09, 2010 at 06:16:39PM +0200, Marcus Meissner wrote:
> Did anyone assign CVE ids for these?
Marcus' reminder has resulted in the following CVE assignments:
CVE-2010-2251 - lftp
CVE-2010-2252 - wget
CVE-2010-2253 - libwww-perl as used in lwp-download