Cherokee Terminal Escape Sequence in Logs Command Injection Vulnerability

Bugtraq ID: 37715
Class: Input Validation Error
CVE: CVE-2009-4489
Remote: Yes
Local: No
Published: Jan 11 2010 12:00AM
Updated: Jan 12 2010 03:21AM
Credit: Giovanni 'evilaliv3' Pellerano, Alessandro 'jekil' Tanasi, and Francesco 'ascii' Ongaro
Vulnerable: Cherokee Cherokee HTTPD 0.99.30
Not Vulnerable: Cherokee Cherokee HTTPD 0.99.34


 

Privacy Statement
Copyright 2010, SecurityFocus