CVE-2009-4491
published 2010-01-13CVE-2009-4491: thttpd 2.25b0 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly…
PriorityP353critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
13.47%
96.0th percentile
thttpd 2.25b0 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| acme | thttpd | — | — |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Bugzilla
CVE-2009-4491 thttpd log file sanitization flaw
bugzilla·2010-09-15·CVSS 9.8
CVE-2009-4491 [CRITICAL] CVE-2009-4491 thttpd log file sanitization flaw
CVE-2009-4491 thttpd log file sanitization flaw
thttpd 2.25b0 writes data to a log file without sanitizing non-printable
characters, which might allow remote attackers to modify a window's title,
or possibly execute arbitrary commands or overwrite files, via an HTTP
request containing an escape sequence for a terminal emulator.
http://www.ush.it/team/ush/hack_httpd_escape/adv.txt
There is no upstream patch for this flaw I can find. Upstream seems pretty
slow.
Discussion:
Created thttpd tracking bugs for this issue
Affects: fedora-all [bug 634274]
Bugzilla
CVE-2009-4491 thttpd log file sanitization flaw [fedora-all]
bugzilla·2010-09-15·CVSS 9.8
CVE-2009-4491 [CRITICAL] CVE-2009-4491 thttpd log file sanitization flaw [fedora-all]
CVE-2009-4491 thttpd log file sanitization flaw [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include the bug IDs of the
respective parent bugs filed against the "Security Response" product.
Please mention CVE ids in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=634273
Please note: this issue affects multiple supported ver
Greynoiseio
Malicious Tag Roundup (October 2021)
blogs_greynoiseio·CVSS 10.0
[CRITICAL] Malicious Tag Roundup (October 2021)
CVE Disclosure Early Warning Get an early warning when traffic spikes indicate a high likelihood of new disclosures
Compromised Asset Detection Find out immediately if an asset communicates with a malicious IP address
Vulnerability Prioritization Get real-time insight into active exploitation trends to better understand risk and severity
SOC Efficiency Filter out noisy, low priority and false-positive alerts from mass internet scanners
Incident Investigation Add context to incidents to speed the determinations of scope and timelines
Threat Hunting Quickly identify anomalous behavior and enrich your threat hunting campaigns
Why GreyNoise
CVE Disclosure Early Warning Get an early warning when traffic spikes indicate a high likelihood of new disclosures
Compromised Asset Detection Fin
http://packetstormsecurity.com/files/175949/m-privacy-TightGate-Pro-Code-Execution-Insecure-Permissions.htmlhttp://seclists.org/fulldisclosure/2023/Nov/13http://www.securityfocus.com/archive/1/508830/100/0/threadedhttp://www.ush.it/team/ush/hack_httpd_escape/adv.txthttp://packetstormsecurity.com/files/175949/m-privacy-TightGate-Pro-Code-Execution-Insecure-Permissions.htmlhttp://seclists.org/fulldisclosure/2023/Nov/13http://www.securityfocus.com/archive/1/508830/100/0/threadedhttp://www.ush.it/team/ush/hack_httpd_escape/adv.txt
2010-01-13
Published