Lucene search
MitreCVELIST:CVE-2009-4490HistoryJan 13, 2010 - 8:00 p.m.
CVE-2009-4490
2010-01-1320:00:00
mitre
www.cve.org
8
mini_httpd 1.19 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window’s title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.
Related
openvas
openvas
Gentoo Security Advisory GLSA 201206-27 (mini_httpd)
2012-08-10 00:00:00
Gentoo Security Advisory GLSA 201206-27 (mini_httpd)
2012-08-10 00:00:00
ubuntucve
ubuntucve
CVE-2009-4490
2010-01-13 00:00:00
cve
cve
CVE-2009-4490
2010-01-13 20:30:00
prion
prion
Design/Logic Flaw
2010-01-13 20:30:00
exploitdb
exploitdb
mini_httpd 1.18 - HTTP Request Escape Sequence Terminal Command Injection
2010-01-11 00:00:00
gentoo
gentoo
mini_httpd: Arbitrary code execution
2012-06-24 00:00:00
debiancve
debiancve
CVE-2009-4490
2010-01-13 20:30:00
nvd
nvd
CVE-2009-4490
2010-01-13 20:30:00
nessus
nessus
GLSA-201206-27 : mini_httpd: Arbitrary code execution
2012-06-25 00:00:00
securityvulns
securityvulns
packetstorm
packetstorm
Nginx, Varnish, Cherokee, etc Log Injection
2010-01-11 00:00:00