Varnish Terminal Escape Sequence in Logs Command Injection Vulnerability

Bugtraq ID: 37713
Class: Input Validation Error
CVE: CVE-2009-4488
Remote: Yes
Local: No
Published: Jan 11 2010 12:00AM
Updated: Jan 11 2010 12:00AM
Credit: Giovanni 'evilaliv3' Pellerano, Alessandro 'jekil' Tanasi, and Francesco 'ascii' Ongaro
Vulnerable: Varnish Varnish 2.0.6
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus