cvelistv5 - CVE-2009-4444

CVE-2009-4444 (GCVE-0-2009-4444)

Vulnerability from cvelistv5

Published

2009-12-29 19:00

Modified

2024-09-16 18:12

Severity ?

CWE

Summary

References

URL

Tags

cve@mitre.org	http://blogs.technet.com/msrc/archive/2009/12/27/new-reports-of-a-vulnerability-in-iis.aspx	Broken Link
cve@mitre.org	http://secunia.com/advisories/37831	Third Party Advisory
cve@mitre.org	http://securitytracker.com/id?1023387	Third Party Advisory, VDB Entry
cve@mitre.org	http://soroush.secproject.com/downloadable/iis-semicolon-report.pdf	Third Party Advisory
cve@mitre.org	http://www.securityfocus.com/bid/37460	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.vupen.com/english/advisories/2009/3634	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://blogs.technet.com/msrc/archive/2009/12/27/new-reports-of-a-vulnerability-in-iis.aspx	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/37831	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1023387	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://soroush.secproject.com/downloadable/iis-semicolon-report.pdf	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/37460	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/3634	Third Party Advisory

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T07:01:20.317Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "37460",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/37460"
          },
          {
            "name": "1023387",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1023387"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://blogs.technet.com/msrc/archive/2009/12/27/new-reports-of-a-vulnerability-in-iis.aspx"
          },
          {
            "name": "37831",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37831"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://soroush.secproject.com/downloadable/iis-semicolon-report.pdf"
          },
          {
            "name": "ADV-2009-3634",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/3634"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Microsoft Internet Information Services (IIS) 5.x and 6.x uses only the portion of a filename before a ; (semicolon) character to determine the file extension, which allows remote attackers to bypass intended extension restrictions of third-party upload applications via a filename with a (1) .asp, (2) .cer, or (3) .asa first extension, followed by a semicolon and a safe extension, as demonstrated by the use of asp.dll to handle a .asp;.jpg file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-12-29T19:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "37460",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/37460"
        },
        {
          "name": "1023387",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1023387"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://blogs.technet.com/msrc/archive/2009/12/27/new-reports-of-a-vulnerability-in-iis.aspx"
        },
        {
          "name": "37831",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37831"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://soroush.secproject.com/downloadable/iis-semicolon-report.pdf"
        },
        {
          "name": "ADV-2009-3634",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/3634"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-4444",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Microsoft Internet Information Services (IIS) 5.x and 6.x uses only the portion of a filename before a ; (semicolon) character to determine the file extension, which allows remote attackers to bypass intended extension restrictions of third-party upload applications via a filename with a (1) .asp, (2) .cer, or (3) .asa first extension, followed by a semicolon and a safe extension, as demonstrated by the use of asp.dll to handle a .asp;.jpg file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "37460",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/37460"
            },
            {
              "name": "1023387",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1023387"
            },
            {
              "name": "http://blogs.technet.com/msrc/archive/2009/12/27/new-reports-of-a-vulnerability-in-iis.aspx",
              "refsource": "MISC",
              "url": "http://blogs.technet.com/msrc/archive/2009/12/27/new-reports-of-a-vulnerability-in-iis.aspx"
            },
            {
              "name": "37831",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/37831"
            },
            {
              "name": "http://soroush.secproject.com/downloadable/iis-semicolon-report.pdf",
              "refsource": "MISC",
              "url": "http://soroush.secproject.com/downloadable/iis-semicolon-report.pdf"
            },
            {
              "name": "ADV-2009-3634",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/3634"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-4444",
    "datePublished": "2009-12-29T19:00:00Z",
    "dateReserved": "2009-12-29T00:00:00Z",
    "dateUpdated": "2024-09-16T18:12:47.226Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2009-4444\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2009-12-29T21:00:24.327\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Microsoft Internet Information Services (IIS) 5.x and 6.x uses only the portion of a filename before a ; (semicolon) character to determine the file extension, which allows remote attackers to bypass intended extension restrictions of third-party upload applications via a filename with a (1) .asp, (2) .cer, or (3) .asa first extension, followed by a semicolon and a safe extension, as demonstrated by the use of asp.dll to handle a .asp;.jpg file.\"},{\"lang\":\"es\",\"value\":\"Microsoft Internet Information Services (IIS) 5.x y 6.x usa s\u00f3lo la porci\u00f3n de un nombre de fichero antes de un caracter ; (punto y coma) para determinar la extensi\u00f3n del fichero, lo que permite a atacantes remotos eludir las restricciones de extensi\u00f3n previstas para aplicaciones de subida de ficheros de terceros mediante un nombre de fichero con una primera extensi\u00f3n (1) .asp, (2) .cer o (3) .asa seguida de un punto y coma y una extensi\u00f3n segura, tal y como se ha quedado demostrado al usar asp.dll para manejar un fichero .asp;.jpg.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:S/C:P/I:P/A:P\",\"baseScore\":6.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":6.8,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":true,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:internet_information_services:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"413C07EA-139F-4B7D-A58B-835BD2591FA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:internet_information_services:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B4DF95D-B4B1-4FB6-9D27-A6D359EEACFA\"}]}]}],\"references\":[{\"url\":\"http://blogs.technet.com/msrc/archive/2009/12/27/new-reports-of-a-vulnerability-in-iis.aspx\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/37831\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://securitytracker.com/id?1023387\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://soroush.secproject.com/downloadable/iis-semicolon-report.pdf\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/37460\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/3634\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://blogs.technet.com/msrc/archive/2009/12/27/new-reports-of-a-vulnerability-in-iis.aspx\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/37831\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://securitytracker.com/id?1023387\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://soroush.secproject.com/downloadable/iis-semicolon-report.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/37460\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/3634\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}

fkie_cve-2009-4444

Vulnerability from fkie_nvd

Published

2009-12-29 21:00

Modified

2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://blogs.technet.com/msrc/archive/2009/12/27/new-reports-of-a-vulnerability-in-iis.aspx	Broken Link
cve@mitre.org	http://secunia.com/advisories/37831	Third Party Advisory
cve@mitre.org	http://securitytracker.com/id?1023387	Third Party Advisory, VDB Entry
cve@mitre.org	http://soroush.secproject.com/downloadable/iis-semicolon-report.pdf	Third Party Advisory
cve@mitre.org	http://www.securityfocus.com/bid/37460	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.vupen.com/english/advisories/2009/3634	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://blogs.technet.com/msrc/archive/2009/12/27/new-reports-of-a-vulnerability-in-iis.aspx	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/37831	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1023387	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://soroush.secproject.com/downloadable/iis-semicolon-report.pdf	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/37460	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/3634	Third Party Advisory

Impacted products

	Vendor	Product	Version
	microsoft	internet_information_services	5.0
	microsoft	internet_information_services	6.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:internet_information_services:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "413C07EA-139F-4B7D-A58B-835BD2591FA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:internet_information_services:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B4DF95D-B4B1-4FB6-9D27-A6D359EEACFA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Microsoft Internet Information Services (IIS) 5.x and 6.x uses only the portion of a filename before a ; (semicolon) character to determine the file extension, which allows remote attackers to bypass intended extension restrictions of third-party upload applications via a filename with a (1) .asp, (2) .cer, or (3) .asa first extension, followed by a semicolon and a safe extension, as demonstrated by the use of asp.dll to handle a .asp;.jpg file."
    },
    {
      "lang": "es",
      "value": "Microsoft Internet Information Services (IIS) 5.x y 6.x usa s\u00f3lo la porci\u00f3n de un nombre de fichero antes de un caracter ; (punto y coma) para determinar la extensi\u00f3n del fichero, lo que permite a atacantes remotos eludir las restricciones de extensi\u00f3n previstas para aplicaciones de subida de ficheros de terceros mediante un nombre de fichero con una primera extensi\u00f3n (1) .asp, (2) .cer o (3) .asa seguida de un punto y coma y una extensi\u00f3n segura, tal y como se ha quedado demostrado al usar asp.dll para manejar un fichero .asp;.jpg."
    }
  ],
  "id": "CVE-2009-4444",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-12-29T21:00:24.327",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://blogs.technet.com/msrc/archive/2009/12/27/new-reports-of-a-vulnerability-in-iis.aspx"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/37831"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://securitytracker.com/id?1023387"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://soroush.secproject.com/downloadable/iis-semicolon-report.pdf"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/37460"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/3634"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://blogs.technet.com/msrc/archive/2009/12/27/new-reports-of-a-vulnerability-in-iis.aspx"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/37831"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://securitytracker.com/id?1023387"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://soroush.secproject.com/downloadable/iis-semicolon-report.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/37460"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/3634"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

gsd-2009-4444

Vulnerability from gsd

Modified

2023-12-13 01:19

Details

Aliases

CVE-2009-4444

Aliases

CVE-2009-4444

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2009-4444",
    "description": "Microsoft Internet Information Services (IIS) 5.x and 6.x uses only the portion of a filename before a ; (semicolon) character to determine the file extension, which allows remote attackers to bypass intended extension restrictions of third-party upload applications via a filename with a (1) .asp, (2) .cer, or (3) .asa first extension, followed by a semicolon and a safe extension, as demonstrated by the use of asp.dll to handle a .asp;.jpg file.",
    "id": "GSD-2009-4444",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2009-4444"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2009-4444"
      ],
      "details": "Microsoft Internet Information Services (IIS) 5.x and 6.x uses only the portion of a filename before a ; (semicolon) character to determine the file extension, which allows remote attackers to bypass intended extension restrictions of third-party upload applications via a filename with a (1) .asp, (2) .cer, or (3) .asa first extension, followed by a semicolon and a safe extension, as demonstrated by the use of asp.dll to handle a .asp;.jpg file.",
      "id": "GSD-2009-4444",
      "modified": "2023-12-13T01:19:45.686298Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2009-4444",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Microsoft Internet Information Services (IIS) 5.x and 6.x uses only the portion of a filename before a ; (semicolon) character to determine the file extension, which allows remote attackers to bypass intended extension restrictions of third-party upload applications via a filename with a (1) .asp, (2) .cer, or (3) .asa first extension, followed by a semicolon and a safe extension, as demonstrated by the use of asp.dll to handle a .asp;.jpg file."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "37460",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/37460"
          },
          {
            "name": "1023387",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1023387"
          },
          {
            "name": "http://blogs.technet.com/msrc/archive/2009/12/27/new-reports-of-a-vulnerability-in-iis.aspx",
            "refsource": "MISC",
            "url": "http://blogs.technet.com/msrc/archive/2009/12/27/new-reports-of-a-vulnerability-in-iis.aspx"
          },
          {
            "name": "37831",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/37831"
          },
          {
            "name": "http://soroush.secproject.com/downloadable/iis-semicolon-report.pdf",
            "refsource": "MISC",
            "url": "http://soroush.secproject.com/downloadable/iis-semicolon-report.pdf"
          },
          {
            "name": "ADV-2009-3634",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2009/3634"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:internet_information_services:5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:internet_information_services:6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-4444"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Microsoft Internet Information Services (IIS) 5.x and 6.x uses only the portion of a filename before a ; (semicolon) character to determine the file extension, which allows remote attackers to bypass intended extension restrictions of third-party upload applications via a filename with a (1) .asp, (2) .cer, or (3) .asa first extension, followed by a semicolon and a safe extension, as demonstrated by the use of asp.dll to handle a .asp;.jpg file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://blogs.technet.com/msrc/archive/2009/12/27/new-reports-of-a-vulnerability-in-iis.aspx",
              "refsource": "MISC",
              "tags": [
                "Broken Link"
              ],
              "url": "http://blogs.technet.com/msrc/archive/2009/12/27/new-reports-of-a-vulnerability-in-iis.aspx"
            },
            {
              "name": "37460",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/37460"
            },
            {
              "name": "ADV-2009-3634",
              "refsource": "VUPEN",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/3634"
            },
            {
              "name": "1023387",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://securitytracker.com/id?1023387"
            },
            {
              "name": "http://soroush.secproject.com/downloadable/iis-semicolon-report.pdf",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://soroush.secproject.com/downloadable/iis-semicolon-report.pdf"
            },
            {
              "name": "37831",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/37831"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 6.8,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": true,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2020-11-23T19:50Z",
      "publishedDate": "2009-12-29T21:00Z"
    }
  }
}

ghsa-4jh7-wh4m-f4pq

Vulnerability from github

Published

2022-05-02 03:54

Modified

2022-05-02 03:54

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2009-4444"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2009-12-29T21:00:00Z",
    "severity": "MODERATE"
  },
  "details": "Microsoft Internet Information Services (IIS) 5.x and 6.x uses only the portion of a filename before a ; (semicolon) character to determine the file extension, which allows remote attackers to bypass intended extension restrictions of third-party upload applications via a filename with a (1) .asp, (2) .cer, or (3) .asa first extension, followed by a semicolon and a safe extension, as demonstrated by the use of asp.dll to handle a .asp;.jpg file.",
  "id": "GHSA-4jh7-wh4m-f4pq",
  "modified": "2022-05-02T03:54:50Z",
  "published": "2022-05-02T03:54:50Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-4444"
    },
    {
      "type": "WEB",
      "url": "http://blogs.technet.com/msrc/archive/2009/12/27/new-reports-of-a-vulnerability-in-iis.aspx"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/37831"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1023387"
    },
    {
      "type": "WEB",
      "url": "http://soroush.secproject.com/downloadable/iis-semicolon-report.pdf"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/37460"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/3634"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Microsoft Internet Information Services (IIS) 5.x and 6.x uses only the portion of a filename before a ; (semicolon) character to determine the file extension, which allows remote attackers to bypass intended extension restrictions of third-party upload applications via a filename with a (1) .asp, (2) .cer, or (3) .asa first extension, followed by a semicolon and a safe extension, as demonstrated by the use of asp.dll to handle a .asp;.jpg file. Microsoft IIS is prone to a security-bypass vulnerability. This vulnerability may cause IIS to interpret unexpected files as CGI applications. Attackers may be able to exploit this vulnerability to bypass intended security restrictions. UPDATE (December 25, 2009): Reports indicate that IIS 7.5 is not vulnerable to this issue. Furthermore, it is currently unknown whether IIS 7.0 is vulnerable. UPDATE (December 29, 2009): Reports indicate that IIS 5.0 SP1 under Windows XP SP 3 and IIS 7.0 under Windows Server 2008 are not affected. NOTE: This BID is being retired. For an exploit to succeed, IIS must be configured in a nondefault way and contrary to the vendor's recommended best practices. ----------------------------------------------------------------------

Do you have VARM strategy implemented?

(Vulnerability Assessment Remediation Management)

If not, then implement it through the most reliable vulnerability intelligence source on the market.

Implement it through Secunia.

For more information visit: http://secunia.com/advisories/business_solutions/

Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com

TITLE: Microsoft IIS ASP Multiple Extensions Security Bypass

SECUNIA ADVISORY ID: SA37831

VERIFY ADVISORY: http://secunia.com/advisories/37831/

DESCRIPTION: Soroush Dalili has discovered a vulnerability in Microsoft Internet Information Services (IIS), which can be exploited by malicious people to potentially bypass certain security restrictions and compromise a vulnerable system.

The vulnerability is caused due to the web server incorrectly executing e.g. ASP code included in a file having multiple extensions separated by ";", only one internal extension being equal to ".asp" (e.g. "file.asp;.jpg"). This can be exploited to potentially upload and execute arbitrary ASP code via a third-party application using file extensions to restrict uploaded file types.

The vulnerability is confirmed on a fully patched Windows Server 2003 R2 SP2 running Microsoft IIS version 6. Other versions may also be affected.

SOLUTION: Restrict file uploads to trusted users only.

PROVIDED AND/OR DISCOVERED BY: Soroush Dalili

ORIGINAL ADVISORY: http://soroush.secproject.com/downloadable/iis-semicolon-report.pdf

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200912-0321",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "iis",
        "scope": "eq",
        "trust": 1.2,
        "vendor": "microsoft",
        "version": "5.0"
      },
      {
        "model": "internet information services",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "microsoft",
        "version": "6.0"
      },
      {
        "model": "internet information services",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "microsoft",
        "version": "5.0"
      },
      {
        "model": "iis",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "microsoft",
        "version": "6.0"
      },
      {
        "model": "iis",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "microsoft",
        "version": "5.1"
      },
      {
        "model": "iis",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "microsoft",
        "version": "5.x and  6.x"
      },
      {
        "model": "iis",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "5.06"
      },
      {
        "model": "internet information server",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "6.0"
      },
      {
        "model": "iis",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "4.0"
      },
      {
        "model": "iis",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "3.0"
      },
      {
        "model": "iis",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "2.0"
      },
      {
        "model": "iis",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "1.0"
      },
      {
        "model": "iis",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "7.5"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "79188"
      },
      {
        "db": "BID",
        "id": "37460"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-005239"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200912-381"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-4444"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:microsoft:iis",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-005239"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Soroush Dalili\u203b Irsdl@yahoo.com",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200912-381"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2009-4444",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 6.8,
            "id": "CVE-2009-4444",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2009-4444",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2009-4444",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200912-381",
            "trust": 0.6,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-005239"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200912-381"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-4444"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Microsoft Internet Information Services (IIS) 5.x and 6.x uses only the portion of a filename before a ; (semicolon) character to determine the file extension, which allows remote attackers to bypass intended extension restrictions of third-party upload applications via a filename with a (1) .asp, (2) .cer, or (3) .asa first extension, followed by a semicolon and a safe extension, as demonstrated by the use of asp.dll to handle a .asp;.jpg file. Microsoft IIS is prone to a security-bypass vulnerability. \nThis vulnerability may cause IIS to interpret unexpected files as CGI applications. Attackers may be able to exploit this vulnerability to bypass intended security restrictions. \nUPDATE (December 25, 2009): Reports indicate that IIS 7.5 is not vulnerable to this issue. Furthermore, it is currently unknown whether IIS 7.0 is vulnerable. \nUPDATE (December 29, 2009): Reports indicate that IIS 5.0 SP1 under Windows XP SP 3 and IIS 7.0 under Windows Server 2008 are not affected. \nNOTE: This BID is being retired. For an exploit to succeed, IIS must be configured in a nondefault way and contrary to the vendor\u0027s recommended best practices. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management)  \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nFor more information visit:\nhttp://secunia.com/advisories/business_solutions/\n\nAlternatively request a call from a Secunia representative today to\ndiscuss how we can help you with our capabilities contact us at:\nsales@secunia.com\n\n----------------------------------------------------------------------\n\nTITLE:\nMicrosoft IIS ASP Multiple Extensions Security Bypass\n\nSECUNIA ADVISORY ID:\nSA37831\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/37831/\n\nDESCRIPTION:\nSoroush Dalili has discovered a vulnerability in Microsoft Internet\nInformation Services (IIS), which can be exploited by malicious\npeople to potentially bypass certain security restrictions and\ncompromise a vulnerable system. \n\nThe vulnerability is caused due to the web server incorrectly\nexecuting e.g. ASP code included in a file having multiple extensions\nseparated by \";\", only one internal extension being equal to \".asp\"\n(e.g. \"file.asp;.jpg\"). This can be exploited to potentially upload\nand execute arbitrary ASP code via a third-party application using\nfile extensions to restrict uploaded file types. \n\nThe vulnerability is confirmed on a fully patched Windows Server 2003\nR2 SP2 running Microsoft IIS version 6. Other versions may also be\naffected. \n\nSOLUTION:\nRestrict file uploads to trusted users only. \n\nPROVIDED AND/OR DISCOVERED BY:\nSoroush Dalili\n\nORIGINAL ADVISORY:\nhttp://soroush.secproject.com/downloadable/iis-semicolon-report.pdf\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2009-4444"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-005239"
      },
      {
        "db": "BID",
        "id": "79188"
      },
      {
        "db": "BID",
        "id": "37460"
      },
      {
        "db": "PACKETSTORM",
        "id": "84231"
      }
    ],
    "trust": 2.25
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2009-4444",
        "trust": 2.7
      },
      {
        "db": "BID",
        "id": "37460",
        "trust": 2.2
      },
      {
        "db": "SECTRACK",
        "id": "1023387",
        "trust": 1.9
      },
      {
        "db": "SECUNIA",
        "id": "37831",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2009-3634",
        "trust": 1.6
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-005239",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200912-381",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "79188",
        "trust": 0.3
      },
      {
        "db": "PACKETSTORM",
        "id": "84231",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "79188"
      },
      {
        "db": "BID",
        "id": "37460"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-005239"
      },
      {
        "db": "PACKETSTORM",
        "id": "84231"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200912-381"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-4444"
      }
    ]
  },
  "id": "VAR-200912-0321",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 1.0
  },
  "last_update_date": "2024-11-23T21:47:41.367000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "New Reports of a Vulnerability in IIS",
        "trust": 0.8,
        "url": "http://blogs.technet.com/msrc/archive/2009/12/27/new-reports-of-a-vulnerability-in-iis.aspx"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-005239"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-20",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-005239"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-4444"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "http://soroush.secproject.com/downloadable/iis-semicolon-report.pdf"
      },
      {
        "trust": 2.2,
        "url": "http://blogs.technet.com/msrc/archive/2009/12/27/new-reports-of-a-vulnerability-in-iis.aspx"
      },
      {
        "trust": 1.9,
        "url": "http://securitytracker.com/id?1023387"
      },
      {
        "trust": 1.9,
        "url": "http://www.securityfocus.com/bid/37460"
      },
      {
        "trust": 1.6,
        "url": "http://secunia.com/advisories/37831"
      },
      {
        "trust": 1.6,
        "url": "http://www.vupen.com/english/advisories/2009/3634"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4444"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-4444"
      },
      {
        "trust": 0.3,
        "url": "http://blog.metasploit.com/2009/12/exploiting-microsoft-iis-with.html"
      },
      {
        "trust": 0.3,
        "url": "http://www.microsoft.com/windowsserver2003/iis/default.mspx"
      },
      {
        "trust": 0.3,
        "url": "http://blogs.iis.net/nazim/archive/2009/12/29/public-disclosure-of-iis-security-issue-with-semi-colons-in-url.aspx"
      },
      {
        "trust": 0.3,
        "url": "http://blogs.technet.com/msrc/archive/2009/12/29/results-of-investigation-into-holiday-iis-claim.aspx"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/508620"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/508604"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/508638"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/37831/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/business_solutions/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "79188"
      },
      {
        "db": "BID",
        "id": "37460"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-005239"
      },
      {
        "db": "PACKETSTORM",
        "id": "84231"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200912-381"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-4444"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "BID",
        "id": "79188"
      },
      {
        "db": "BID",
        "id": "37460"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-005239"
      },
      {
        "db": "PACKETSTORM",
        "id": "84231"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200912-381"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-4444"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2009-12-29T00:00:00",
        "db": "BID",
        "id": "79188"
      },
      {
        "date": "2009-12-23T00:00:00",
        "db": "BID",
        "id": "37460"
      },
      {
        "date": "2012-09-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2009-005239"
      },
      {
        "date": "2009-12-29T10:23:50",
        "db": "PACKETSTORM",
        "id": "84231"
      },
      {
        "date": "2009-12-29T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200912-381"
      },
      {
        "date": "2009-12-29T21:00:24.327000",
        "db": "NVD",
        "id": "CVE-2009-4444"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2009-12-29T00:00:00",
        "db": "BID",
        "id": "79188"
      },
      {
        "date": "2009-12-29T21:42:00",
        "db": "BID",
        "id": "37460"
      },
      {
        "date": "2012-09-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2009-005239"
      },
      {
        "date": "2020-11-24T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200912-381"
      },
      {
        "date": "2024-11-21T01:09:39.660000",
        "db": "NVD",
        "id": "CVE-2009-4444"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200912-381"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Microsoft IIS Vulnerabilities that allow third-party extension restrictions to be bypassed",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-005239"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200912-381"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2009-4444 (GCVE-0-2009-4444)

Vulnerability from cvelistv5

fkie_cve-2009-4444

Vulnerability from fkie_nvd

gsd-2009-4444

Vulnerability from gsd

ghsa-4jh7-wh4m-f4pq

Vulnerability from github

var-200912-0321

Vulnerability from variot

Tags

Sightings

Nomenclature