CVE-2009-4492
published 2010-01-13CVE-2009-4492: WEBrick 1.3.1 in Ruby 1.8.6 through patchlevel 383, 1.8.7 through patchlevel 248, 1.8.8dev, 1.9.1 through patchlevel 376, and 1.9.2dev writes data to a log…
PriorityP350high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
15.68%
96.4th percentile
WEBrick 1.3.1 in Ruby 1.8.6 through patchlevel 383, 1.8.7 through patchlevel 248, 1.8.8dev, 1.9.1 through patchlevel 376, and 1.9.2dev writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ruby-lang | webrick | — | — |
| ruby-lang | webrick | >= 0 < 1.4.0 | 1.4.0 |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_redhat7.5HIGH
vendor_ubuntu5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
WEBrick Improper Input Validation vulnerability
ghsa·2017-10-24
CVE-2009-4492 [MEDIUM] CWE-20 WEBrick Improper Input Validation vulnerability
WEBrick Improper Input Validation vulnerability
WEBrick 1.3.1 in Ruby 1.8.6 through patchlevel 383, 1.8.7 through patchlevel 248, 1.8.8dev, 1.9.1 through patchlevel 376, and 1.9.2dev writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.
OSV
WEBrick Improper Input Validation vulnerability
osv·2017-10-24
CVE-2009-4492 [MEDIUM] WEBrick Improper Input Validation vulnerability
WEBrick Improper Input Validation vulnerability
WEBrick 1.3.1 in Ruby 1.8.6 through patchlevel 383, 1.8.7 through patchlevel 248, 1.8.8dev, 1.9.1 through patchlevel 376, and 1.9.2dev writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.
Ubuntu
Ruby vulnerabilities
vendor_ubuntu·2010-02-16·CVSS 5.0
CVE-2009-1904 [MEDIUM] Ruby vulnerabilities
Title: Ruby vulnerabilities
Summary: Ruby vulnerabilities
Emmanouel Kellinis discovered that Ruby did not properly handle certain
string operations. An attacker could exploit this issue and possibly
execute arbitrary code with application privileges. (CVE-2009-4124)
Giovanni Pellerano, Alessandro Tanasi, and Francesco Ongaro discovered that
Ruby did not properly sanitize data written to log files. An attacker could
insert specially-crafted data into log files which could affect certain
terminal emulators and cause arbitrary files to be overwritten, or even
possibly execute arbitrary commands. (CVE-2009-4492)
It was discovered that Ruby did not properly handle string arguments that
represent large numbers. An attacker could exploit this and cause a denial
of service. This issue only aff
Red Hat
ruby WEBrick log escape sequence
vendor_redhat·2010-01-11·CVSS 7.5
CVE-2009-4492 [HIGH] ruby WEBrick log escape sequence
ruby WEBrick log escape sequence
WEBrick 1.3.1 in Ruby 1.8.6 through patchlevel 383, 1.8.7 through patchlevel 248, 1.8.8dev, 1.9.1 through patchlevel 376, and 1.9.2dev writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.
No detection rules found.
Bugzilla
CVE-2009-4492 ruby WEBrick log escape sequence
bugzilla·2010-01-11·CVSS 7.5
CVE-2009-4492 [HIGH] CVE-2009-4492 ruby WEBrick log escape sequence
CVE-2009-4492 ruby WEBrick log escape sequence
A vulnerability was found on WEBrick, a part of Ruby's standard library. WEBrick lets attackers to inject malicious escape sequences to its logs, making it possible for dangerous control characters to be executed on a victim's terminal emulator.
We already have a fix for it. Releases for every active branches are to follow this announce. But for a meantime, we recommend you to avoid looking at your WEBrick logs, until you update your WEBrick process.
Detailed description
Terminal escape sequences are used to allow various forms of interaction between a terminal and a inside process. The problem is that those sequences are not intended to be issued by untrusted sources; such as network inputs. So if a remote attacker could inject escape sequ
Greynoiseio
Malicious Tag Roundup (October 2021)
blogs_greynoiseio·CVSS 10.0
[CRITICAL] Malicious Tag Roundup (October 2021)
CVE Disclosure Early Warning Get an early warning when traffic spikes indicate a high likelihood of new disclosures
Compromised Asset Detection Find out immediately if an asset communicates with a malicious IP address
Vulnerability Prioritization Get real-time insight into active exploitation trends to better understand risk and severity
SOC Efficiency Filter out noisy, low priority and false-positive alerts from mass internet scanners
Incident Investigation Add context to incidents to speed the determinations of scope and timelines
Threat Hunting Quickly identify anomalous behavior and enrich your threat hunting campaigns
Why GreyNoise
CVE Disclosure Early Warning Get an early warning when traffic spikes indicate a high likelihood of new disclosures
Compromised Asset Detection Fin
http://secunia.com/advisories/37949http://securitytracker.com/id?1023429http://www.redhat.com/support/errata/RHSA-2011-0908.htmlhttp://www.redhat.com/support/errata/RHSA-2011-0909.htmlhttp://www.ruby-lang.org/en/news/2010/01/10/webrick-escape-sequence-injectionhttp://www.securityfocus.com/archive/1/508830/100/0/threadedhttp://www.securityfocus.com/bid/37710http://www.ush.it/team/ush/hack_httpd_escape/adv.txthttp://www.vupen.com/english/advisories/2010/0089http://secunia.com/advisories/37949http://securitytracker.com/id?1023429http://www.redhat.com/support/errata/RHSA-2011-0908.htmlhttp://www.redhat.com/support/errata/RHSA-2011-0909.htmlhttp://www.ruby-lang.org/en/news/2010/01/10/webrick-escape-sequence-injectionhttp://www.securityfocus.com/archive/1/508830/100/0/threadedhttp://www.securityfocus.com/bid/37710http://www.ush.it/team/ush/hack_httpd_escape/adv.txthttp://www.vupen.com/english/advisories/2010/0089
2010-01-13
Published