VDB
CVE-2009-4488
CVE-2009-4488
PUBLISHED
Varnish 2.0.6 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator. NOTE: the vendor disputes the significance of this report, stating that "This is not a security problem in Varnish or any other piece of software which writes a logfile. The real problem is the mistaken belief that you can cat(1) a random logfile to your terminal safely.
EPSS 1.92% · 83.7th percentile
Risk Scores
EPSS Score
1.92%
83.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:Pro:16.04:LTS | varnish | 4.1.0-2, 0, 4.0.3-1 |
| Ubuntu:14.04:LTS | varnish | 0, 3.0.4-1ubuntu1, 3.0.4-1ubuntu2 |
Exploit Intelligence
- CIRCL confirmed: CVE-2009-4488 (circl-sighting)
- 20100110 Nginx, Varnish, Cherokee, thttpd, mini-httpd, WEBrick, Orion, AOLserver, Yaws and Boa log escape sequence injection (circl)
- http://www.securityfocus.com/bid/37713 (vulncheck-nvd)
- http://www.ush.it/team/ush/hack_httpd_escape/adv.txt (vulncheck-nvd)
Timeline
- Jan 11, 2010 PoC Published
- Jan 13, 2010 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
References
- https://ubuntu.com/security/CVE-2009-4488 third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2009-4488 third-party-advisory