https://www.exploit-db.com/exploits/25907
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200506-219

ASP-Nuke是一款开放源码的软件应用，可在WebServer上运行基于社区的站点。ASP-Nuke中存在HTTP响应拆分漏洞，成功利用这个漏洞的攻击者可以影响或误导保存、缓存或解释Web内容的方式。起因是没有正确的过滤用户输入。请看/module/support/language/language_select.asp第31行代码：…IfsteForm(“action”)=”go”Then’makesuretherequiredfieldsarepresentIfTrim(steForm(“LangCode”))=””ThensErrorMsg=steGetText(“Pleaseselectalanguagefromthelistbelow”)Else’redirecttothelanguageadministrationResponse.Redirect”tran_list.asp?langcode=”&steEncForm(“LangCode”)EndIfEndIf…?>在重新定向时，由于没有过滤攻击者可能执行CRLF注入攻击。

source: http://www.securityfocus.com/bid/14063/info

ASPNuke is prone to an HTTP response splitting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.

A remote attacker may exploit this vulnerability to influence or misrepresent how Web content is served, cached or interpreted. This could aid in various attacks that attempt to entice client users into a false sense of trust. 

http://www.example.com/module/support/language/language_select.asp?action=go&LangCode=trivero%0d%0aSet-Cookie%3Asome%3Dvalue

来源:BID
名称:14063
链接:http://www.securityfocus.com/bid/14063
来源:BUGTRAQ
名称:20050626M4DR007-07SA(securityadvisory):MultiplevulnerabilitiesinASPNuke0.80
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=111989223906484&w;=2