Bug 634273 (CVE-2009-4491) - CVE-2009-4491 thttpd log file sanitization flaw
Summary: CVE-2009-4491 thttpd log file sanitization flaw
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2009-4491
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 634274
Blocks:
TreeView+ depends on / blocked
 
Reported: 2010-09-15 17:26 UTC by Josh Bressers
Modified: 2021-10-19 09:13 UTC (History)
1 user (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2021-10-19 09:13:51 UTC
Embargoed:


Attachments (Terms of Use)

Description Josh Bressers 2010-09-15 17:26:58 UTC
thttpd 2.25b0 writes data to a log file without sanitizing non-printable
characters, which might allow remote attackers to modify a window's title,
or possibly execute arbitrary commands or overwrite files, via an HTTP
request containing an escape sequence for a terminal emulator. 

http://www.ush.it/team/ush/hack_httpd_escape/adv.txt

There is no upstream patch for this flaw I can find. Upstream seems pretty
slow.

Comment 1 Josh Bressers 2010-09-15 17:27:49 UTC
Created thttpd tracking bugs for this issue

Affects: fedora-all [bug 634274]


Note You need to log in before you can comment on or make changes to this bug.