CVE-2009-4492 : Detail

CVE-2009-4492

56.8%V3
Network
2010-01-13
19h00 +00:00
2018-10-10
16h57 +00:00
Notifications for a CVE
Stay informed of any changes for a specific CVE.
Notifications manage

CVE Descriptions

WEBrick 1.3.1 in Ruby 1.8.6 through patchlevel 383, 1.8.7 through patchlevel 248, 1.8.8dev, 1.9.1 through patchlevel 376, and 1.9.2dev writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.

CVE Informations

Related Weaknesses

CWE-ID Weakness Name Source
CWE Other No informations.

Metrics

Metrics Score Severity CVSS Vector Source
V2 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P [email protected]

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

Exploit information

Exploit Database EDB-ID : 33489

Publication date : 2010-01-10 23h00 +00:00
Author : evilaliv3
EDB Verified : Yes

source: https://www.securityfocus.com/bid/37710/info Ruby WEBrick is prone to a command-injection vulnerability because it fails to adequately sanitize user-supplied input in log files. Attackers can exploit this issue to execute arbitrary commands in a terminal. Versions *prior to* the following are affected: Ruby 1.8.6 patchlevel 388 Ruby 1.8.7 patchlevel 249 Ruby 1.9.1 patchlevel 378 The following example is available: % xterm -e ruby -rwebrick -e 'WEBrick::HTTPServer.new(:Port=>8080).start' & % wget http://www.example.com:8080/%1b%5d%32%3b%6f%77%6e%65%64%07%0a

Products Mentioned

Configuraton 0

Ruby-lang>>Webrick >> Version 1.3.1

Ruby-lang>>Ruby >> Version From (including) 1.8.6 To (including) 1.8.6.383

Ruby-lang>>Ruby >> Version From (including) 1.8.7 To (including) 1.8.7.248

Ruby-lang>>Ruby >> Version From (including) 1.9.1 To (including) 1.9.1.376

References

http://www.redhat.com/support/errata/RHSA-2011-0909.html
Tags : vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/37949
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2010/0089
Tags : vdb-entry, x_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2011-0908.html
Tags : vendor-advisory, x_refsource_REDHAT
http://www.securityfocus.com/bid/37710
Tags : vdb-entry, x_refsource_BID
http://securitytracker.com/id?1023429
Tags : vdb-entry, x_refsource_SECTRACK