Quoting Jan Minar <[EMAIL PROTECTED]>:
> (2) Use alternative retrieval programs, such as pavuk, axel, or
> ncftpget.
FWIW pavuk is much worse securitywise than wget. I've been working on patching
pavuk for a few months, and it has lots of strcpy() and sprintf() calls that
lead to buffer overflows
El 09/12/2004, a las 10:14, Jan Minar escribió:
(0) Wget authors are/were incompetent. Everything else is a corollary.
That's a very aggressive stance to take, and not likely to be
productive. Patches, for example, would be more productive.
-- Mauro Tortonesi in a private mail exchange with me
Summary
Product: wget
Versions: 1.8.x
Versions: 1.9.x (to lesser extent)
Versions: Versions < 1.8 are probably vulnerable too
Platforms: Linux, prob