Quoting Jan Minar <[EMAIL PROTECTED]>: > (2) Use alternative retrieval programs, such as pavuk, axel, or > ncftpget.
FWIW pavuk is much worse securitywise than wget. I've been working on patching pavuk for a few months, and it has lots of strcpy() and sprintf() calls that lead to buffer overflows, bad printf() statements that lead to format string bugs and so on. I think lots of people with security expertise would agree that buffer overflows and format string bugs are bigger problems than the types of vulnerabilities you have described in wget, even if the smaller stuff shouldn't be neglected either. -- Ulf Harnhammar http://www.advogato.org/person/metaur/ a member of the Debian Security Audit Project http://www.debian.org/security/audit/