Lucene search
MitreCVELIST:CVE-2009-4769HistoryApr 20, 2010 - 2:00 p.m.
CVE-2009-4769
2010-04-2014:00:00
mitre
www.cve.org
2
format string
vulnerabilities
httpdx
remote code execution
ftp server
Multiple format string vulnerabilities in the tolog function in httpdx 1.4, 1.4.5, 1.4.6, 1.4.6b, and 1.5 allow (1) remote attackers to execute arbitrary code via format string specifiers in a GET request to the HTTP server component when logging is enabled, and allow (2) remote authenticated users to execute arbitrary code via format string specifiers in a PWD command to the FTP server component.
References
osvdb.org/60181
osvdb.org/60182
www.metasploit.com/redmine/projects/framework/repository/revisions/7569/entry/modules/exploits/windows/ftp/httpdx_tolog_format.rb
www.metasploit.com/redmine/projects/framework/repository/revisions/7569/entry/modules/exploits/windows/http/httpdx_tolog_format.rb
www.vupen.com/english/advisories/2009/3312
Related
exploitdb
exploitdb
httpdx - 'tolog()' Format String (Metasploit) (1)
2010-08-25 00:00:00
httpdx - 'tolog()' Format String (Metasploit) (2)
2010-08-25 00:00:00
metasploit
metasploit
HTTPDX tolog() Function Format String Vulnerability
2009-11-17 23:54:26
HTTPDX tolog() Function Format String Vulnerability
2009-11-18 04:16:10
cve
cve
CVE-2009-4769
2010-04-20 14:30:01
nvd
nvd
CVE-2009-4769
2010-04-20 14:30:01
prion
prion
Format string
2010-04-20 14:30:00
openvas
openvas
httpdx Multiple Vulnerabilities
2010-07-26 00:00:00
httpdx Multiple Vulnerabilities
2010-07-26 00:00:00