CVE-2009-4769 - OpenCVE

Multiple format string vulnerabilities in the tolog function in httpdx 1.4, 1.4.5, 1.4.6, 1.4.6b, and 1.5 allow (1) remote attackers to execute arbitrary code via format string specifiers in a GET request to the HTTP server component when logging is enabled, and allow (2) remote authenticated users to execute arbitrary code via format string specifiers in a PWD command to the FTP server component.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Jasper	Httpdx

Configuration 1 [-]

OR	cpe:2.3:a:jasper:httpdx:1.4:::::::*
	cpe:2.3:a:jasper:httpdx:1.4.5:::::::*
	cpe:2.3:a:jasper:httpdx:1.4.6:::::::*
	cpe:2.3:a:jasper:httpdx:1.4.6b:::::::*
	cpe:2.3:a:jasper:httpdx:1.5:::::::*

References

Link	Resource
http://osvdb.org/60181
http://osvdb.org/60182
http://www.metasploit.com/redmine/projects/framework/repository/revisions/7569/entry/modules/exploits/windows/ftp/httpdx_tolog_format.rb	Exploit
http://www.metasploit.com/redmine/projects/framework/repository/revisions/7569/entry/modules/exploits/windows/http/httpdx_tolog_format.rb	Exploit
http://www.vupen.com/english/advisories/2009/3312	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-10-03T16:24:01

Updated: 2022-10-03T16:24:01

Reserved: 2022-10-03T00:00:00

Link: CVE-2009-4769

JSON object: View

NVD Information

Status : Analyzed

Published: 2010-04-20T14:30:01.333

Modified: 2010-06-07T04:00:00.000

Link: CVE-2009-4769

JSON object: View

Redhat Information

No data.

CWE

CWE-134

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Multiple format string vulnerabilities in the tolog function in httpdx 1.4, 1.4.5, 1.4.6, 1.4.6b, and 1.5 allow (1) remote attackers to execute arbitrary code via format string specifiers in a GET request to the HTTP server component when logging is enabled, and allow (2) remote authenticated users to execute arbitrary code via format string specifiers in a PWD command to the FTP server component."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-10-03T16:24:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://www.metasploit.com/redmine/projects/framework/repository/revisions/7569/entry/modules/exploits/windows/http/httpdx_tolog_format.rb"}, {"name": "60181", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/60181"}, {"name": "ADV-2009-3312", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2009/3312"}, {"tags": ["x_refsource_MISC"], "url": "http://www.metasploit.com/redmine/projects/framework/repository/revisions/7569/entry/modules/exploits/windows/ftp/httpdx_tolog_format.rb"}, {"name": "60182", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/60182"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-4769", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple format string vulnerabilities in the tolog function in httpdx 1.4, 1.4.5, 1.4.6, 1.4.6b, and 1.5 allow (1) remote attackers to execute arbitrary code via format string specifiers in a GET request to the HTTP server component when logging is enabled, and allow (2) remote authenticated users to execute arbitrary code via format string specifiers in a PWD command to the FTP server component."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.metasploit.com/redmine/projects/framework/repository/revisions/7569/entry/modules/exploits/windows/http/httpdx_tolog_format.rb", "refsource": "MISC", "url": "http://www.metasploit.com/redmine/projects/framework/repository/revisions/7569/entry/modules/exploits/windows/http/httpdx_tolog_format.rb"}, {"name": "60181", "refsource": "OSVDB", "url": "http://osvdb.org/60181"}, {"name": "ADV-2009-3312", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/3312"}, {"name": "http://www.metasploit.com/redmine/projects/framework/repository/revisions/7569/entry/modules/exploits/windows/ftp/httpdx_tolog_format.rb", "refsource": "MISC", "url": "http://www.metasploit.com/redmine/projects/framework/repository/revisions/7569/entry/modules/exploits/windows/ftp/httpdx_tolog_format.rb"}, {"name": "60182", "refsource": "OSVDB", "url": "http://osvdb.org/60182"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2009-4769", "datePublished": "2022-10-03T16:24:01", "dateReserved": "2022-10-03T00:00:00", "dateUpdated": "2022-10-03T16:24:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:jasper:httpdx:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "D490B4E8-E863-4856-8031-3E08FBED4E66", "vulnerable": true}, {"criteria": "cpe:2.3:a:jasper:httpdx:1.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "595ADCF1-10CB-4346-A31A-2FAE38ADD865", "vulnerable": true}, {"criteria": "cpe:2.3:a:jasper:httpdx:1.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "2672204F-D5AC-4B04-BF24-41B8CD25FA82", "vulnerable": true}, {"criteria": "cpe:2.3:a:jasper:httpdx:1.4.6b:*:*:*:*:*:*:*", "matchCriteriaId": "F3BDE986-0CDB-4BAC-A11C-4F26BEBFC741", "vulnerable": true}, {"criteria": "cpe:2.3:a:jasper:httpdx:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "A7E6E22C-3EC6-4435-8256-D7777AE080B7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Multiple format string vulnerabilities in the tolog function in httpdx 1.4, 1.4.5, 1.4.6, 1.4.6b, and 1.5 allow (1) remote attackers to execute arbitrary code via format string specifiers in a GET request to the HTTP server component when logging is enabled, and allow (2) remote authenticated users to execute arbitrary code via format string specifiers in a PWD command to the FTP server component."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de formato de cadena en la funci\u00f3n tolog de httpdx v1.4, v1.4.5, v1.4.6, v1.4.6b, y v1.5 permiten (1) a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de especificadores de formato de cadena en una petici\u00f3n GET al componente de servidor HTTP cuando las trazas (logging) est\u00e1n habilitadas, y permiten (2) a usuarios remotos autenticados ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de especificadores de formato de cadena en un comando PWD al componente de servidor FTP."}], "id": "CVE-2009-4769", "lastModified": "2010-06-07T04:00:00.000", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2010-04-20T14:30:01.333", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/60181"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/60182"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.metasploit.com/redmine/projects/framework/repository/revisions/7569/entry/modules/exploits/windows/ftp/httpdx_tolog_format.rb"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.metasploit.com/redmine/projects/framework/repository/revisions/7569/entry/modules/exploits/windows/http/httpdx_tolog_format.rb"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2009/3312"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-134"}], "source": "nvd@nist.gov", "type": "Primary"}]}