CVE-2009-4492 — HIGH (7.5) — White Hats Nepal

Q: How severe is CVE-2009-4492?

CVE-2009-4492 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2009-4492?

Check the references section above for vendor advisories and patch information. Affected products include: Ruby-Lang Webrick, Ruby-Lang Ruby.

Vulnerability Description

WEBrick 1.3.1 in Ruby 1.8.6 through patchlevel 383, 1.8.7 through patchlevel 248, 1.8.8dev, 1.9.1 through patchlevel 376, and 1.9.2dev writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.

CVSS Score

7.5

HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Ruby-Lang	Webrick	1.3.1
Ruby-Lang	Ruby	>= 1.8.6, <= 1.8.6.383

References

http://secunia.com/advisories/37949Not ApplicableVendor Advisory
http://securitytracker.com/id?1023429Broken LinkExploitThird Party Advisory
http://www.redhat.com/support/errata/RHSA-2011-0908.htmlThird Party Advisory
http://www.redhat.com/support/errata/RHSA-2011-0909.htmlThird Party Advisory
http://www.ruby-lang.org/en/news/2010/01/10/webrick-escape-sequence-injectionPatchVendor Advisory
http://www.securityfocus.com/archive/1/508830/100/0/threadedBroken LinkThird Party AdvisoryVDB Entry
http://www.securityfocus.com/bid/37710Broken LinkExploitThird Party Advisory
http://www.ush.it/team/ush/hack_httpd_escape/adv.txtBroken LinkExploit
http://www.vupen.com/english/advisories/2010/0089Permissions Required
http://secunia.com/advisories/37949Not ApplicableVendor Advisory
http://securitytracker.com/id?1023429Broken LinkExploitThird Party Advisory
http://www.redhat.com/support/errata/RHSA-2011-0908.htmlThird Party Advisory
http://www.redhat.com/support/errata/RHSA-2011-0909.htmlThird Party Advisory
http://www.ruby-lang.org/en/news/2010/01/10/webrick-escape-sequence-injectionPatchVendor Advisory
http://www.securityfocus.com/archive/1/508830/100/0/threadedBroken LinkThird Party AdvisoryVDB Entry

FAQ

What is CVE-2009-4492?

CVE-2009-4492 is a vulnerability with a CVSS score of 7.5 (HIGH). WEBrick 1.3.1 in Ruby 1.8.6 through patchlevel 383, 1.8.7 through patchlevel 248, 1.8.8dev, 1.9.1 through patchlevel 376, and 1.9.2dev writes data to a log file without sanitizing non-printable charac...

How severe is CVE-2009-4492?

CVE-2009-4492 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2009-4492?

Check the references section above for vendor advisories and patch information. Affected products include: Ruby-Lang Webrick, Ruby-Lang Ruby.