Boa Webserver Terminal Escape Sequence In Logs Command Injection Vulnerability Network Vulnerability

Summary

Boa Webserver is prone to a command-injection vulnerability because it fails to adequately sanitize user-supplied input in logfiles. Attackers can exploit this issue to execute arbitrary commands in a terminal. Boa Webserver 0.94.14rc21 is vulnerable other versions may also be affected.

References

http://www.boa.org/
http://www.securityfocus.com/archive/1/508830
http://www.securityfocus.com/bid/37718

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-4496

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Acritum Femitter Server 1.03 Multiple Remote Vulnerabilities
Apache UserDir Sensitive Information Disclosure
Apache Tomcat Multiple Vulnerabilities January 2010
jHTTPd Directory Traversal Vulnerability
Apache Tomcat Session Fixation Vulnerability (Windows)

Boa Webserver Terminal Escape Sequence in Logs Command Injection Vulnerability

Take action and discover your vulnerabilities