CVE Vulnerability

CVE-2018-20483

set_file_metadata in xattr.c in GNU Wget before 1.20.1 stores a file's origin URL in the user.xdg.origin.url metadata attribute of the extended attributes of the downloaded file, which allows local users to obtain sensitive information (e.g., credentials contained in the URL) by reading this attribute, as demonstrated by getfattr. This also applies to Referer information in the user.xdg.referrer.url metadata attribute. According to 2016-07-22 in the Wget ChangeLog, user.xdg.origin.url was partially based on the behavior of fwrite_xattr in tool_xattr.c in curl.

2.1 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 2.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

Scope

7.8 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://twitter.com/marcan42/status/1077676739877232640 Exploit Third Party Advisory
http://git.savannah.gnu.org/cgit/wget.git/tree/NEWS Release Notes Third Party Advisory
http://www.securityfocus.com/bid/106358 Third Party Advisory VDB Entry
https://security.gentoo.org/glsa/201903-08 Third Party Advisory
https://security.netapp.com/advisory/ntap-20190321-0002/
https://usn.ubuntu.com/3943-1/
https://access.redhat.com/errata/RHSA-2019:3701
Configurations

Configuration 1

cpe:2.3:a:gnu:wget:*:*:*:*:*:*:*:*
Information

Published : 2018-12-26 06:29

Updated : 2020-08-24 05:37

NVD link : CVE-2018-20483

Mitre link : CVE-2018-20483

Products Affected
No products.
CWE
CWE-200