Published: 13/01/2010 Updated: 11/04/2024

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Varnish 2.0.6 writes data to a log file without sanitizing non-printable characters, which might allow remote malicious users to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator. NOTE: the vendor disputes the significance of this report, stating that "This is not a security problem in Varnish or any other piece of software which writes a logfile. The real problem is the mistaken belief that you can cat(1) a random logfile to your terminal safely.

Vulnerable Product	Search on Vulmon	Subscribe to Product
varnish.projects.linpro varnish 2.0.6

source: wwwsecurityfocuscom/bid/37713/info Varnish is prone to a command-injection vulnerability because it fails to adequately sanitize user-supplied input in logfiles Attackers can exploit this issue to execute arbitrary commands in a terminal Varnish 206 is vulnerable; other versions may also be affected The following example ...

Nginx, Varnish, Cherokee, thttpd, mini-httpd, WEBrick, Orion, AOLserver, Yaws and Boa are subject to log escape sequence injection vulnerabilities ...

Simple Python Version Exploits written by RiadhBenlamine, just for education

Python Exploits and Automation Exploits can be Found in exploit-db or another place , just i wrote python version for them Also , my own automation tools! varnish CVE-2009-4488 IIS microsoft

CWE-20 http://www.ush.it/team/ush/hack_httpd_escape/adv.txt http://www.securityfocus.com/bid/37713 http://www.securityfocus.com/archive/1/508830/100/0/threaded https://nvd.nist.gov https://github.com/RiadhBenlamine/Python-Exploits https://www.exploit-db.com/exploits/33498/

CVE-2009-4488

Vulnerability Summary

Vulnerability Trend

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect