CVE-2018-20483

Name
CVE-2018-20483
Description
set_file_metadata in xattr.c in GNU Wget before 1.20.1 stores a file's origin URL in the user.xdg.origin.url metadata attribute of the extended attributes of the downloaded file, which allows local users to obtain sensitive information (e.g., credentials contained in the URL) by reading this attribute, as demonstrated by getfattr. This also applies to Referer information in the user.xdg.referrer.url metadata attribute. According to 2016-07-22 in the Wget ChangeLog, user.xdg.origin.url was partially based on the behavior of fwrite_xattr in tool_xattr.c in curl.
NVD Severity
medium
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
Exploit https://twitter.com/marcan42/status/1077676739877232640
Release Notes http://git.savannah.gnu.org/cgit/wget.git/tree/NEWS
Third Party Advisory http://www.securityfocus.com/bid/106358
Third Party Advisory https://security.gentoo.org/glsa/201903-08
CONFIRM https://security.netapp.com/advisory/ntap-20190321-0002/
UBUNTU https://usn.ubuntu.com/3943-1/
REDHAT https://access.redhat.com/errata/RHSA-2019:3701

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:gnu:wget:*:*:*:*:*:*:*:* wget >= None < 1.20.1

Vulnerable and fixed packages

Source package Branch Version Maintainer Status