When I try to download FC4-i386-DVD.iso from a particular mirror, I get a buffer overflow. $ strace wget http://mirrors.playboy.com/fedora/4/i386/iso/FC4-i386-DVD.iso *** buffer overflow detected ***: strace terminated ftp://alviss.et.tudelft.nl/pub/fedora/core/4/i386/iso/FC4-i386-DVD.iso works Using curl works.
which wget version is that ? You need at least wget-1.10.2-0.fc4 for files > 2GB such as DVD ISOs.
wget-1.10.2-0.fc4 As I said, the other mirrors work fine.
wget is not sanity checking information returned by the server.
Okay, so the example I gave above does not work any more since the host no longer exists. However, there likely exists a security hole in wget, because it is wrongly making an assumption about the length that a server will return, i.e. that it is not going to be negative. Can you mark this as security please? It's six months old.
I think this is CVE-2006-6719, which has been fixed in wget-1.10.2-11.fc7 and wget-1.10.2-8.fc6.1
In that case, why was this security vulnerability, which I reported a year ago, left open despite the big red warning "wget is not sanity checking information returned by the server." and "Can you mark this as security please"?
It was considered as a minor issue as - it is a only denial of service, not hackable - you'd have to deliberately connect to a malicious server
(In reply to comment #7) > It was considered as a minor issue as > - it is a only denial of service, not hackable In hindsight, yes. But you didn't know this (otherwise you would have patched wget). > - you'd have to deliberately connect to a malicious server You've phrased this misleadingly, and on purpose too. You mean "Connect to a server". You would never "deliberately connect to a mailicious server", you would only "connect to a server", and later find out that it was malicious (perhaps). Stop talking your way around things or you'll end up like your rivals.