Vulnerability Details : CVE-2009-4769
Public exploit exists!
Multiple format string vulnerabilities in the tolog function in httpdx 1.4, 1.4.5, 1.4.6, 1.4.6b, and 1.5 allow (1) remote attackers to execute arbitrary code via format string specifiers in a GET request to the HTTP server component when logging is enabled, and allow (2) remote authenticated users to execute arbitrary code via format string specifiers in a PWD command to the FTP server component.
Vulnerability category: OverflowExecute code
Products affected by CVE-2009-4769
- cpe:2.3:a:jasper:httpdx:1.4:*:*:*:*:*:*:*
- cpe:2.3:a:jasper:httpdx:1.4.6b:*:*:*:*:*:*:*
- cpe:2.3:a:jasper:httpdx:1.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:jasper:httpdx:1.4.6:*:*:*:*:*:*:*
- cpe:2.3:a:jasper:httpdx:1.5:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2009-4769
64.97%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 98 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2009-4769
-
HTTPDX tolog() Function Format String Vulnerability
Disclosure Date: 2009-11-17First seen: 2020-04-26exploit/windows/http/httpdx_tolog_formatThis module exploits a format string vulnerability in HTTPDX HTTP server. By sending a specially crafted HTTP request containing format specifiers, an attacker can corrupt memory and execute arbitrary code. By default logging is off for HTTP, but enabled for the ' -
HTTPDX tolog() Function Format String Vulnerability
Disclosure Date: 2009-11-17First seen: 2020-04-26exploit/windows/ftp/httpdx_tolog_formatThis module exploits a format string vulnerability in HTTPDX FTP server. By sending a specially crafted FTP command containing format specifiers, an attacker can corrupt memory and execute arbitrary code. By default logging is off for HTTP, but enabled for the 'mo
CVSS scores for CVE-2009-4769
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
CWE ids for CVE-2009-4769
-
The product uses a function that accepts a format string as an argument, but the format string originates from an external source.Assigned by: nvd@nist.gov (Primary)
References for CVE-2009-4769
-
http://www.metasploit.com/redmine/projects/framework/repository/revisions/7569/entry/modules/exploits/windows/http/httpdx_tolog_format.rb
Exploit
-
http://www.vupen.com/english/advisories/2009/3312
Vendor Advisory
-
http://www.metasploit.com/redmine/projects/framework/repository/revisions/7569/entry/modules/exploits/windows/ftp/httpdx_tolog_format.rb
Exploit
Jump to