Comersus Cart HTTP响应拆分攻击漏洞

Comersus Cart HTTP响应拆分攻击漏洞

漏洞ID 1108158 漏洞类型 输入验证
发布时间 2004-09-01 更新时间 2005-10-20
图片[1]-Comersus Cart HTTP响应拆分攻击漏洞-安全小百科CVE编号 CVE-2004-1656
图片[2]-Comersus Cart HTTP响应拆分攻击漏洞-安全小百科CNNVD-ID CNNVD-200409-004
漏洞平台 ASP CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/24422
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200409-004
|漏洞详情
ComersusShoppingCart5.0991版本存在CRLF注入漏洞。远程攻击者借助redirecturl参数执行HTTP响应拆分攻击修改服务器期望HTML内容。
|漏洞EXP
source: http://www.securityfocus.com/bid/11083/info

Comersus Cart is reported prone to a HTTP response splitting vulnerability. A remote attacker may exploit this vulnerability to influence or misrepresent how web content is served, cached or interpreted. This could aid in various attacks, which try to entice client users into a false sense of trust.

This issue was identified in Comersus Shopping Cart 5.0991, however, other versions may be affected as well. 

http://www.example.com/path_to_comersus/comersus_customerLoggedVerify.asp?

redirecturl=%0d%0a%0d%0aHTTP/1.0%20200%20OK%0d%0aContent-Type:%20text/html%0d%0aContent-L

ength:%2028%0d%0a%0d%0a{html}0wned%20by%20me{/html}
|参考资料

来源:XF
名称:comersus-cart-response-splitting(17201)
链接:http://xforce.iss.net/xforce/xfdb/17201
来源:BID
名称:11083
链接:http://www.securityfocus.com/bid/11083
来源:BUGTRAQ
名称:20040901ADVISORY:httpresponsesplittingholeinComersusshoppingcart
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=109405777905519&w;=2

相关推荐: vBulletin Register.PHP HTML Injection Vulnerability

vBulletin Register.PHP HTML Injection Vulnerability 漏洞ID 1099792 漏洞类型 Input Validation Error 发布时间 2003-08-06 更新时间 2003-08-06 CVE编号…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享