Tails before 1.7 includes the wget program but does not prevent automatic fallback from passive FTP to active FTP, which allows remote FTP servers to discover the Tor client IP address by reading a (1) PORT or (2) EPRT command. NOTE: within wget itself, the automatic fallback is not considered a vulnerability by CVE.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2015-12-27T19:00:00
Updated: 2016-11-25T19:57:01
Reserved: 2015-10-01T00:00:00
Link: CVE-2015-7665
JSON object: View
NVD Information
Status : Modified
Published: 2015-12-27T19:59:02.173
Modified: 2016-11-28T19:44:24.520
Link: CVE-2015-7665
JSON object: View
Redhat Information
No data.
CWE