CVE-2008-3906
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
CVE
CVE-2008-3906
Status
Candidate
Description
CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the query string.
Phase
Assigned (04.09.2008)
NVD:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3906
References
BID :
30867
BUGTRAQ :
20080930 rPSA-2008-0286-1 mono
CONFIRM :
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0286
CONFIRM :
https://bugzilla.novell.com/show_bug.cgi?id=418620
MANDRIVA :
MDVSA-2008:210
MLIST :
[oss-security] 20080827 CVE request: mono Sys.Web header injection
SECUNIA :
31643
SECUNIA :
36494
UBUNTU :
USN-826-1
VUPEN :
ADV-2008-2443
XF :
mono-sysweb-xss(44740)
SecurityVulns:
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Nizhny Novgorod
Enter your search terms
Web
securityvulns.com
Submit search form
test server
