ArchLinux: 201606-19: wget: arbitrary file overwrite
Summary
GNU Wget when supplied with a malicious website link can be tricked into saving an arbitrary remote file supplied by an attacker, with arbitrary content and filename under the current directory. This can lead to potential code execution by creating system scripts (such as .bash_profile and others) within home directory as well as other unauthorized actions (such as request sniffing by proxy modification, or arbitrary system file retrieval) by uploading .wgetrc configuration file. Because of this vulnerability, an attacker is able to overwrite an arbitrary file in the victim's current directory.
Resolution
Upgrade to 1.18-1.
# pacman -Syu "wget>=1.18-1"
The problem has been fixed upstream in version 1.18.
References
https://access.redhat.com/security/cve/CVE-2016-4971 https://lists.gnu.org/archive/html/bug-wget/2016-06/msg00033.html https://bugs.archlinux.org/task/49730
Workaround
None.