CVE-2017-13089

Name: CVE-2017-13089
Creator: NVD / NIST
Published: 2017-10-27T19:29:00.33+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 79.86%

Last modified Jun 17, 2026

CVE-2017-13089 is a vulnerability of currently unknown severity. The http.c:skip_short_body() function is called in some circumstances, such as when processing redirects. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol() to read each chunk's length, but doesn't check that the chunk length is a non-negative number. EPSS estimates a 79.86% chance of exploitation in the next 30 days.

Description

The http.c:skip_short_body() function is called in some circumstances, such as when processing redirects. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol() to read each chunk's length, but doesn't check that the chunk length is a non-negative number. The code then tries to skip the chunk in pieces of 512 bytes by using the MIN() macro, but ends up passing the negative chunk length to connect.c:fd_read(). As fd_read() takes an int argument, the high 32 bits of the chunk length are discarded, leaving fd_read() with a completely attacker controlled length argument.

Metrics

EPSS Probability

79.86%

99.6th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

Vendor	Product	Versions
Gnu	Wget	<= 1.19.1
Debian	Debian Linux	8.0
Debian	Debian Linux	9.0

References

http://git.savannah.gnu.org/cgit/wget.git/commit/?id=d892291fb8ace4c3b734ea5125770989c215df3fIssue Tracking, Patch, Third Party Advisory
http://www.debian.org/security/2017/dsa-4008Issue Tracking, Third Party Advisory
http://www.securityfocus.com/bid/101592Issue Tracking, Third Party Advisory, VDB Entry
http://www.securitytracker.com/id/1039661Issue Tracking, Third Party Advisory, VDB Entry
https://access.redhat.com/errata/RHSA-2017:3075
https://github.com/r1b/CVE-2017-13089Issue Tracking, Third Party Advisory
https://security.gentoo.org/glsa/201711-06Issue Tracking, Third Party Advisory
https://www.synology.com/support/security/Synology_SA_17_62_Wget
https://www.viestintavirasto.fi/en/cybersecurity/vulnerabilities/2017/haavoittuvuus-2017-037.htmlIssue Tracking, Patch, Third Party Advisory
http://git.savannah.gnu.org/cgit/wget.git/commit/?id=d892291fb8ace4c3b734ea5125770989c215df3fIssue Tracking, Patch, Third Party Advisory
http://www.debian.org/security/2017/dsa-4008Issue Tracking, Third Party Advisory
http://www.securityfocus.com/bid/101592Issue Tracking, Third Party Advisory, VDB Entry
http://www.securitytracker.com/id/1039661Issue Tracking, Third Party Advisory, VDB Entry
https://access.redhat.com/errata/RHSA-2017:3075
https://github.com/r1b/CVE-2017-13089Issue Tracking, Third Party Advisory
https://security.gentoo.org/glsa/201711-06Issue Tracking, Third Party Advisory
https://www.synology.com/support/security/Synology_SA_17_62_Wget
https://www.viestintavirasto.fi/en/cybersecurity/vulnerabilities/2017/haavoittuvuus-2017-037.htmlIssue Tracking, Patch, Third Party Advisory

Timeline

Published: Oct 27, 2017
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2017-13089?

How severe is CVE-2017-13089?

Severity scoring for CVE-2017-13089 is pending analysis. The EPSS model estimates a 79.86% probability of exploitation in the next 30 days.

How do I fix CVE-2017-13089?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2017-13089?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST