Search for vulnerabilities
Vulnerability details: VCID-twgt-4fbp-aaaa
Vulnerability ID VCID-twgt-4fbp-aaaa
Aliases CVE-2004-1488
Summary wget 1.8.x and 1.9.x does not filter or quote control characters when displaying HTTP responses to the terminal, which may allow remote malicious web servers to inject terminal escape sequences and execute arbitrary code.
Status Published
Exploitability 2.0
Weighted Severity 4.5
Risk 9.0
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
rhas Low https://access.redhat.com/errata/RHSA-2005:771
epss 0.01379 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.01379 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.01379 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.01379 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.01943 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.01943 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.01943 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.01943 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.01943 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.01943 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.01943 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.01943 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.01943 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.01943 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.01943 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.01943 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.01943 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.13302 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
epss 0.2192 https://api.first.org/data/v1/epss?cve=CVE-2004-1488
rhbs low https://bugzilla.redhat.com/show_bug.cgi?id=1617414
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2004-1488
Reference id Reference type URL
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=261755
http://marc.info/?l=bugtraq&m=110269474112384&w=2
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-1488.json
https://api.first.org/data/v1/epss?cve=CVE-2004-1488
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1488
http://secunia.com/advisories/20960
http://securitytracker.com/id?1012472
https://exchange.xforce.ibmcloud.com/vulnerabilities/18421
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9750
https://usn.ubuntu.com/145-1/
http://www.novell.com/linux/security/advisories/2006_16_sr.html
http://www.redhat.com/support/errata/RHSA-2005-771.html
http://www.securityfocus.com/bid/11871
1617414 https://bugzilla.redhat.com/show_bug.cgi?id=1617414
cpe:2.3:a:gnu:wget:1.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:wget:1.8:*:*:*:*:*:*:*
cpe:2.3:a:gnu:wget:1.8.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:wget:1.8.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:wget:1.8.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:wget:1.8.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:wget:1.9:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:wget:1.9:*:*:*:*:*:*:*
cpe:2.3:a:gnu:wget:1.9.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:wget:1.9.1:*:*:*:*:*:*:*
CVE-2004-1488 https://nvd.nist.gov/vuln/detail/CVE-2004-1488
CVE-2004-1488;OSVDB-12638 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/24813.pl
CVE-2004-1488;OSVDB-12638 Exploit https://www.securityfocus.com/bid/11871/info
RHSA-2005:771 https://access.redhat.com/errata/RHSA-2005:771
Data source Exploit-DB
Date added Dec. 10, 2004
Description GNU Wget 1.x - Multiple Vulnerabilities
Ransomware campaign use Known
Source publication date Dec. 10, 2004
Exploit type remote
Platform linux
Source update date March 17, 2013
Source URL https://www.securityfocus.com/bid/11871/info
Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2004-1488
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.86008
EPSS Score 0.01379
Published At Dec. 17, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.