Upstream information

CVE-2006-6719 at MITRE

Description

The ftp_syst function in ftp-basic.c in Free Software Foundation (FSF) GNU wget 1.10.2 allows remote attackers to cause a denial of service (application crash) via a malicious FTP server with a large number of blank 220 responses to the SYST command.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 5
Vector AV:N/AC:L/Au:N/C:N/I:N/A:P
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Partial
SUSE Bugzilla entry: 231063 [RESOLVED / FIXED]

No SUSE Security Announcements cross referenced.

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Server 11 SP1
  • wget >= 1.11.4-1.15.1
Patchnames:
SUSE Linux Enterprise Server 11 SP1 GA wget-1.11.4-1.15.1
SUSE Linux Enterprise Server 11 SP2
  • wget >= 1.11.4-1.15.1
Patchnames:
SUSE Linux Enterprise Server 11 SP2 GA wget-1.11.4-1.15.1
SUSE Linux Enterprise Server 11 SP3
  • wget >= 1.11.4-1.15.1
Patchnames:
SUSE Linux Enterprise Server 11 SP3 GA wget-1.11.4-1.15.1
SUSE Linux Enterprise Server 11 SP4
  • wget >= 1.11.4-1.19.1
Patchnames:
SUSE Linux Enterprise Server 11 SP4 GA wget-1.11.4-1.19.1
SUSE Linux Enterprise Server 11-SECURITY
  • wget-openssl1 >= 1.11.4-1.26.1
Patchnames:
SUSE Linux Enterprise Server 11-SECURITY GA wget-openssl1-1.11.4-1.22.1
SUSE Linux Micro 6.0
  • wget >= 1.21.4-1.12
Patchnames:
SUSE Linux Micro 6.0 GA wget-1.21.4-1.12
SUSE Linux Micro 6.1
  • wget >= 1.24.5-slfo.1.1_1.2
Patchnames:
SUSE Linux Micro 6.1 GA wget-1.24.5-slfo.1.1_1.2
openSUSE Tumbleweed
  • wget >= 1.21.1-2.2
  • wget-lang >= 1.21.1-2.2
Patchnames:
openSUSE-Tumbleweed-2024-11510


SUSE Timeline for this CVE

CVE page created: Fri Jun 28 05:20:52 2013
CVE page last modified: Tue Dec 17 16:13:00 2024