AIST Netcat 3.1.2 Multiple Input Validation Vulnerabilities

AIST Netcat 3.1.2 Multiple Input Validation Vulnerabilities

AIST Netcat is prone to multiple input-validation vulnerabilities:

- Multiple local file-include vulnerabilities
- Multiple cross-site scripting vulnerabilities
- Multiple HTTP response-splitting vulnerabilities
- A CRLF-injection vulnerability

Attackers can exploit these issues to compromise the affected application; misrepresent how web content is served, cached, or interpreted; execute arbitrary script code and PHP code within the context of the webserver process; and obtain sensitive information. Other attacks are also possible.

AIST Netcat 3.1.2 is vulnerable; other versions may also be affected.