CVE-2009-5047

Name of the Vulnerable Software and Affected Versions Jetty versions 6.x through 6.1.21

Description The issue concerns an escape sequence injection vulnerability that can be exploited through two vectors: the "Cookie Dump Servlet" and the HTTP Content-Length header. Specifically, a POST request to the form at "/test/cookie/" with the Age parameter set to a string can throw a "java.lang.NumberFormatException" which reflects binary characters, including ESC. These characters could potentially be used to execute arbitrary commands or buffer dumps in the terminal. Similarly, the same attack can be exploited by requesting a page using an HTTP request with the "Content-Length" header set to a literal string.

Recommendations For Jetty versions 6.x through 6.1.21, update to version 6.1.22 or later to resolve the issue. As a temporary workaround, consider restricting access to the "/test/cookie/" endpoint and limiting the use of the Age parameter to mitigate the risk of exploitation. Avoid using literal strings in the "Content-Length" header of HTTP requests to minimize the risk of exploitation.