The open-source Wget application which is most widely used on Linux and Unix systems for retrieving files from the web has found vulnerable to a critical flaw.
GNU Wget is a command-line utility designed to retrieve files from the Web using HTTP, HTTPS, and FTP, the most widely used Internet protocols. Wget can be easily installed on any Unix-like system and has been ported to many environments, including Microsoft Windows, Mac OS X, OpenVMS, MorphOS and AmigaOS.
When a recursive directory fetch over FTP server as the target, it would let an attacker „create arbitrary files, directories or symbolic links“ due to a symlink flaw.
