Lucene search
MitreCVELIST:CVE-2009-4496HistoryJan 13, 2010 - 8:00 p.m.
CVE-2009-4496
2010-01-1320:00:00
mitre
www.cve.org
1
Boa 0.94.14rc21 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window’s title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.
References
lists.fedoraproject.org/pipermail/package-announce/2010-May/041271.html
lists.fedoraproject.org/pipermail/package-announce/2010-May/041274.html
lists.fedoraproject.org/pipermail/package-announce/2010-May/041285.html
secunia.com/advisories/39775
www.securityfocus.com/archive/1/508830/100/0/threaded
www.securityfocus.com/bid/37718
www.ush.it/team/ush/hack_httpd_escape/adv.txt
www.vupen.com/english/advisories/2010/1133
Related
fedora
fedora
[SECURITY] Fedora 12 Update: boa-0.94.14-0.15.rc21.fc12
2010-05-12 17:55:34
[SECURITY] Fedora 11 Update: boa-0.94.14-0.15.rc21.fc11
2010-05-12 17:56:06
[SECURITY] Fedora 13 Update: boa-0.94.14-0.15.rc21.fc13
2010-05-12 17:58:02
openvas
openvas
Fedora Update for boa FEDORA-2010-7645
2010-05-17 00:00:00
cve
cve
CVE-2009-4496
2010-01-13 20:30:00
nessus
nessus
Fedora 11 : boa-0.94.14-0.15.rc21.fc11 (2010-7645)
2010-07-01 00:00:00
Fedora 12 : boa-0.94.14-0.15.rc21.fc12 (2010-7640)
2010-07-01 00:00:00
Fedora 13 : boa-0.94.14-0.15.rc21.fc13 (2010-7599)
2010-07-01 00:00:00
ubuntucve
ubuntucve
CVE-2009-4496
2010-01-13 00:00:00
prion
prion
Design/Logic Flaw
2010-01-13 20:30:00
nvd
nvd
CVE-2009-4496
2010-01-13 20:30:00
mmpc
mmpc
mssecure
mssecure
securityvulns
securityvulns
packetstorm
packetstorm
Nginx, Varnish, Cherokee, etc Log Injection
2010-01-11 00:00:00