CVE-2009-4444

18 documents5 sources
Severity
6.0MEDIUM
EPSS
58.6%
top 1.79%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Internet Information Services
Timeline
PublishedDec 29
Latest updateMay 2

Description

Microsoft Internet Information Services (IIS) 5.x and 6.x uses only the portion of a filename before a ; (semicolon) character to determine the file extension, which allows remote attackers to bypass intended extension restrictions of third-party upload applications via a filename with a (1) .asp, (2) .cer, or (3) .asa first extension, followed by a semicolon and a safe extension, as demonstrated by the use of asp.dll to handle a .asp;.jpg file.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 6.8 | Impact: 6.4

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-4jh7-wh4m-f4pq: Microsoft Internet Information Services (IIS) 52022-05-02
CVEList
CVE-2009-4444: Microsoft Internet Information Services (IIS) 52009-12-29

💥Exploits & PoCs

13
Exploit-DB
Konica Minolta FTP Utility 1.00 - CWD Command Overflow (SEH)2016-01-11
Exploit-DB
Mini-stream Ripper 3.0.1.1 - '.pls' Universal Local Buffer Overflow2009-12-27
Exploit-DB
PointDev IDEAL Administration 2009 9.7 - Local Buffer Overflow2009-12-05
Exploit-DB
Eureka Email Client - Remote Buffer Overflow2009-11-26
Exploit-DB
Serenity Audio Player Playlist - '.m3u' Local Buffer Overflow2009-11-25

🔍Detection Rules

2
Suricata
ET WEB_SERVER Possible Microsoft Internet Information Services (IIS) .asp Filename Extension Parsing File Upload Security Bypass Attempt (asp)2010-07-30
Suricata
ET WEB_SERVER Possible Microsoft Internet Information Services (IIS) .aspx Filename Extension Parsing File Upload Security Bypass Attempt (aspx)2010-07-30
CVE-2009-4444 (MEDIUM CVSS 6) | Microsoft Internet Information Serv | cvebase.io