Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Vista

Multiple Vendor HTTP Response Splitting Vulnerability

Bugtraq ID: 9804
Class: Input Validation Error
CVE:
Remote: Yes
Local: No
Published: Mar 04 2004 12:00AM
Updated: Mar 04 2004 12:00AM
Credit: Amit Klein of Sanctum Inc. is credited with discovering how various implementations may contribute to CR/LF attacks.
Vulnerable: Sun Java System Web Server 6.1
Squid Web Proxy Cache 2.5 .STABLE7
+ Conectiva Linux 10.0
+ Conectiva Linux 9.0
+ Gentoo Linux
+ RedHat Fedora Core3
 + RedHat Fedora Core2
 Squid Web Proxy Cache 2.5 .STABLE6
+ MandrakeSoft Linux Mandrake 10.1 x86_64
 + S.u.S.E. Linux Personal 9.2 x86_64
 + S.u.S.E. Linux Personal 9.2
+ Turbolinux Appliance Server 1.0 Workgroup Edition
 + Turbolinux Appliance Server 1.0 Hosting Edition
 + Turbolinux Appliance Server Hosting Edition 1.0
+ Turbolinux Appliance Server Workgroup Edition 1.0
+ Turbolinux Turbolinux Server 10.0
+ Turbolinux Turbolinux Server 8.0
+ Turbolinux Turbolinux Server 7.0
+ Turbolinux Turbolinux Workstation 8.0
+ Turbolinux Turbolinux Workstation 7.0
Squid Web Proxy Cache 2.5 .STABLE5
+ Conectiva Linux 10.0
+ Conectiva Linux 9.0
+ S.u.S.E. Linux Personal 9.1 x86_64
 + S.u.S.E. Linux Personal 9.1
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0
+ Ubuntu Ubuntu Linux 4.1 ppc
 + Ubuntu Ubuntu Linux 4.1 ia64
 + Ubuntu Ubuntu Linux 4.1 ia32
 Squid Web Proxy Cache 2.5 .STABLE4
+ MandrakeSoft Corporate Server 3.0
+ MandrakeSoft Linux Mandrake 10.0 AMD64
 + MandrakeSoft Linux Mandrake 10.0
+ OpenPKG OpenPKG 2.0
+ OpenPKG OpenPKG Current
 Squid Web Proxy Cache 2.5 .STABLE3
+ MandrakeSoft Linux Mandrake 9.2 amd64
 + MandrakeSoft Linux Mandrake 9.2
+ OpenPKG OpenPKG 1.3
+ RedHat Desktop 3.0
+ RedHat Enterprise Linux AS 3
 + RedHat Enterprise Linux ES 3
 + RedHat Enterprise Linux WS 3
 + RedHat Fedora Core1
 + S.u.S.E. Linux Personal 9.0 x86_64
 + S.u.S.E. Linux Personal 9.0
Squid Web Proxy Cache 2.5 .STABLE1
+ MandrakeSoft Linux Mandrake 9.1 ppc
 + MandrakeSoft Linux Mandrake 9.1
+ S.u.S.E. Linux Personal 8.2
Squid Web Proxy Cache 2.4 .STABLE7
+ MandrakeSoft Corporate Server 2.1 x86_64
 + MandrakeSoft Corporate Server 2.1
+ MandrakeSoft Multi Network Firewall 2.0
+ RedHat Enterprise Linux AS 2.1 IA64
 + RedHat Enterprise Linux AS 2.1
 + RedHat Enterprise Linux ES 2.1 IA64
 + RedHat Enterprise Linux ES 2.1
 + RedHat Enterprise Linux WS 2.1 IA64
 + RedHat Enterprise Linux WS 2.1
 + RedHat Linux Advanced Work Station 2.1
Squid Web Proxy Cache 2.4 .STABLE6
+ Debian Linux 3.0 sparc
 + Debian Linux 3.0 s/390
 + Debian Linux 3.0 ppc
 + Debian Linux 3.0 mipsel
 + Debian Linux 3.0 mips
 + Debian Linux 3.0 m68k
 + Debian Linux 3.0 ia-64
 + Debian Linux 3.0 ia-32
 + Debian Linux 3.0 hppa
 + Debian Linux 3.0 arm
 + Debian Linux 3.0 alpha
 + Debian Linux 3.0
Squid Web Proxy Cache 2.4 .STABLE2
Squid Web Proxy Cache 2.4
+ Debian Linux 3.0 sparc
 + Debian Linux 3.0 s/390
 + Debian Linux 3.0 ppc
 + Debian Linux 3.0 mipsel
 + Debian Linux 3.0 mips
 + Debian Linux 3.0 m68k
 + Debian Linux 3.0 ia-64
 + Debian Linux 3.0 ia-32
 + Debian Linux 3.0 hppa
 + Debian Linux 3.0 arm
 + Debian Linux 3.0 alpha
 + Debian Linux 3.0
Squid Web Proxy Cache 2.3 .STABLE5
Squid Web Proxy Cache 2.3 .STABLE4
Network Appliance NetCache 5.2
+ Network Appliance NetCacheC1100 Series
National Science Foundation Squid Web Proxy 2.4 STABLE7
National Science Foundation Squid Web Proxy 2.4 STABLE6
+ MandrakeSoft Corporate Server 1.0.1
+ MandrakeSoft Linux Mandrake 8.2
+ MandrakeSoft Linux Mandrake 8.1 ia64
 + MandrakeSoft Linux Mandrake 8.1
+ MandrakeSoft Linux Mandrake 8.0 ppc
 + MandrakeSoft Linux Mandrake 8.0
+ MandrakeSoft Linux Mandrake 7.2
+ MandrakeSoft Linux Mandrake 7.1
+ MandrakeSoft Single Network Firewall 7.2
+ Trustix Secure Linux 1.5
+ Trustix Secure Linux 1.2
+ Trustix Secure Linux 1.1
National Science Foundation Squid Web Proxy 2.4 STABLE4
- MandrakeSoft Corporate Server 1.0.1
- MandrakeSoft Linux Mandrake 8.2
- MandrakeSoft Linux Mandrake 8.1 ia64
 - MandrakeSoft Linux Mandrake 8.1
- MandrakeSoft Linux Mandrake 8.0 ppc
 - MandrakeSoft Linux Mandrake 8.0
- MandrakeSoft Linux Mandrake 7.2
- MandrakeSoft Linux Mandrake 7.1
- MandrakeSoft Single Network Firewall 7.2
National Science Foundation Squid Web Proxy 2.4 STABLE3
- Conectiva Linux 7.0
National Science Foundation Squid Web Proxy 2.4 STABLE2-3
- Caldera OpenLinux Server 3.1.1
- Caldera OpenLinux Workstation 3.1.1
National Science Foundation Squid Web Proxy 2.4 STABLE2-2
+ Caldera OpenLinux Server 3.1.1
- Caldera OpenLinux Workstation 3.1.1
National Science Foundation Squid Web Proxy 2.4 STABLE2
+ Caldera OpenLinux Server 3.1.1
+ Caldera OpenServer 5.0.6
- Conectiva Linux 7.0
National Science Foundation Squid Web Proxy 2.4 STABLE1
+ Conectiva Linux 8.0
+ Conectiva Linux 7.0
+ Conectiva Linux 6.0
+ HP Secure OS software for Linux 1.0
+ MandrakeSoft Corporate Server 1.0.1
+ MandrakeSoft Linux Mandrake 8.0 ppc
 + MandrakeSoft Linux Mandrake 8.0
+ MandrakeSoft Linux Mandrake 7.2
+ MandrakeSoft Linux Mandrake 7.1
+ MandrakeSoft Single Network Firewall 7.2
+ RedHat Linux 7.2
- S.u.S.E. Linux 7.2
National Science Foundation Squid Web Proxy 2.4 PRE-STABLE2
National Science Foundation Squid Web Proxy 2.4 PRE-STABLE
National Science Foundation Squid Web Proxy 2.4 DEVEL4
National Science Foundation Squid Web Proxy 2.4 DEVEL2
National Science Foundation Squid Web Proxy 2.4
+ FreeBSD FreeBSD 5.0
+ FreeBSD FreeBSD 4.5
+ FreeBSD FreeBSD 4.4
+ Trustix Secure Linux 1.5
+ Trustix Secure Linux 1.2
+ Trustix Secure Linux 1.1
Microsoft ISA Server 2000 SP1
+ Microsoft Small Business Server 2000 0
 + Microsoft Small Business Server 2003 Premium Edition
- Microsoft Windows 2000 Advanced Server SP2
 - Microsoft Windows 2000 Advanced Server SP1
 - Microsoft Windows 2000 Datacenter Server SP2
 - Microsoft Windows 2000 Datacenter Server SP1
 - Microsoft Windows 2000 Server SP2
 - Microsoft Windows 2000 Server SP1
 Microsoft ISA Server 2000
+ Microsoft Small Business Server 2000 0
 + Microsoft Small Business Server 2003 Premium Edition
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Server
Microsoft Internet Explorer 6.0 SP1
Microsoft Internet Explorer 6.0
- Microsoft Windows 2000 Advanced Server SP2
 - Microsoft Windows 2000 Advanced Server SP2
 - Microsoft Windows 2000 Advanced Server SP2
 - Microsoft Windows 2000 Advanced Server SP1
 - Microsoft Windows 2000 Advanced Server SP1
 - Microsoft Windows 2000 Advanced Server SP1
 - Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Datacenter Server SP2
 - Microsoft Windows 2000 Datacenter Server SP2
 - Microsoft Windows 2000 Datacenter Server SP2
 - Microsoft Windows 2000 Datacenter Server SP1
 - Microsoft Windows 2000 Datacenter Server SP1
 - Microsoft Windows 2000 Datacenter Server SP1
 - Microsoft Windows 2000 Datacenter Server
- Microsoft Windows 2000 Datacenter Server
- Microsoft Windows 2000 Datacenter Server
- Microsoft Windows 2000 Professional SP2
 - Microsoft Windows 2000 Professional SP2
 - Microsoft Windows 2000 Professional SP2
 - Microsoft Windows 2000 Professional SP1
 - Microsoft Windows 2000 Professional SP1
 - Microsoft Windows 2000 Professional SP1
 - Microsoft Windows 2000 Professional
- Microsoft Windows 2000 Professional
- Microsoft Windows 2000 Professional
- Microsoft Windows 2000 Server SP2
 - Microsoft Windows 2000 Server SP2
 - Microsoft Windows 2000 Server SP2
 - Microsoft Windows 2000 Server SP1
 - Microsoft Windows 2000 Server SP1
 - Microsoft Windows 2000 Server SP1
 - Microsoft Windows 2000 Server
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Terminal Services SP2
 - Microsoft Windows 2000 Terminal Services SP2
 - Microsoft Windows 2000 Terminal Services SP2
 - Microsoft Windows 2000 Terminal Services SP1
 - Microsoft Windows 2000 Terminal Services SP1
 - Microsoft Windows 2000 Terminal Services SP1
 - Microsoft Windows 2000 Terminal Services
- Microsoft Windows 2000 Terminal Services
- Microsoft Windows 2000 Terminal Services
- Microsoft Windows 98
- Microsoft Windows 98
- Microsoft Windows 98
- Microsoft Windows 98SE
- Microsoft Windows 98SE
- Microsoft Windows 98SE
- Microsoft Windows ME
- Microsoft Windows ME
- Microsoft Windows ME
- Microsoft Windows NT 4.0 SP6a
 - Microsoft Windows NT 4.0 SP6a
 - Microsoft Windows NT Enterprise Server 4.0 SP6a
 - Microsoft Windows NT Enterprise Server 4.0 SP6a
 - Microsoft Windows NT Enterprise Server 4.0 SP6a
 - Microsoft Windows NT Server 4.0 SP6a
 - Microsoft Windows NT Server 4.0 SP6a
 - Microsoft Windows NT Server 4.0 SP6a
 - Microsoft Windows NT Terminal Server 4.0 SP6a
 - Microsoft Windows NT Terminal Server 4.0 SP6a
 - Microsoft Windows NT Workstation 4.0 SP6a
 - Microsoft Windows NT Workstation 4.0 SP6a
 - Microsoft Windows NT Workstation 4.0 SP6a
 + Microsoft Windows Server 2003 Datacenter Edition
+ Microsoft Windows Server 2003 Datacenter Edition
+ Microsoft Windows Server 2003 Datacenter Edition
+ Microsoft Windows Server 2003 Datacenter Edition Itanium 0
 + Microsoft Windows Server 2003 Datacenter Edition Itanium 0
 + Microsoft Windows Server 2003 Enterprise Edition
+ Microsoft Windows Server 2003 Enterprise Edition
+ Microsoft Windows Server 2003 Enterprise Edition
+ Microsoft Windows Server 2003 Enterprise Edition Itanium 0
 + Microsoft Windows Server 2003 Enterprise Edition Itanium 0
 + Microsoft Windows Server 2003 Enterprise Edition Itanium 0
 + Microsoft Windows Server 2003 Standard Edition
+ Microsoft Windows Server 2003 Standard Edition
+ Microsoft Windows Server 2003 Standard Edition
+ Microsoft Windows Server 2003 Web Edition
+ Microsoft Windows Server 2003 Web Edition
+ Microsoft Windows Server 2003 Web Edition
+ Microsoft Windows XP Home
+ Microsoft Windows XP Home
+ Microsoft Windows XP Home
+ Microsoft Windows XP Professional
+ Microsoft Windows XP Professional
+ Microsoft Windows XP Professional
Microsoft ASP.NET 1.1
Microsoft ASP.NET 1.0
Microsoft ASP 3.0
Macromedia ColdFusion Server MX 6.1
Macromedia ColdFusion Server MX 6.0
IBM Websphere Application Server 5.1.1
IBM Websphere Application Server 5.1 .0.5
IBM Websphere Application Server 5.1 .0.4
IBM Websphere Application Server 5.1 .0.3
IBM Websphere Application Server 5.1 .0.2
IBM Websphere Application Server 5.0.2 .6
IBM Websphere Application Server 5.0.2 .5
IBM Websphere Application Server 5.0.2 .4
IBM Websphere Application Server 5.0.2 .3
BEA Systems WebLogic Server for Win32 8.1 SP 1
BEA Systems WebLogic Server for Win32 8.1
BEA Systems Weblogic Server 8.1 SP 1
BEA Systems Weblogic Server 8.1
Apache Software Foundation Tomcat 4.1.24
+ Gentoo Linux 1.4 _rc3
 + Gentoo Linux 1.4 _rc2
 + Gentoo Linux 1.4 _rc1
 + Gentoo Linux 1.2
Apache Software Foundation Apache 2.0.48
+ MandrakeSoft Linux Mandrake 10.0 AMD64
 + MandrakeSoft Linux Mandrake 10.0
+ S.u.S.E. Linux 8.1
+ S.u.S.E. Linux Personal 9.0 x86_64
 + S.u.S.E. Linux Personal 9.0
+ S.u.S.E. Linux Personal 8.2
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0
Apache Software Foundation Apache 2.0.47
+ Apple Mac OS X Server 10.3.5
+ Apple Mac OS X Server 10.3.4
+ Apple Mac OS X Server 10.3.3
+ Apple Mac OS X Server 10.3.2
+ Apple Mac OS X Server 10.3.1
+ Apple Mac OS X Server 10.3
+ Apple Mac OS X Server 10.2.8
+ Apple Mac OS X Server 10.2.7
+ Apple Mac OS X Server 10.2.6
+ Apple Mac OS X Server 10.2.5
+ Apple Mac OS X Server 10.2.4
+ Apple Mac OS X Server 10.2.3
+ Apple Mac OS X Server 10.2.2
+ Apple Mac OS X Server 10.2.1
+ Apple Mac OS X Server 10.2
+ Apple Mac OS X Server 10.1.5
+ Apple Mac OS X Server 10.1.4
+ Apple Mac OS X Server 10.1.3
+ Apple Mac OS X Server 10.1.2
+ Apple Mac OS X Server 10.1.1
+ Apple Mac OS X Server 10.1
+ MandrakeSoft Linux Mandrake 9.2 amd64
 + MandrakeSoft Linux Mandrake 9.2
+ MandrakeSoft Linux Mandrake 9.1 ppc
 + MandrakeSoft Linux Mandrake 9.1
Apache Software Foundation Apache 2.0.46
+ RedHat Desktop 3.0
+ RedHat Enterprise Linux AS 3
 + RedHat Enterprise Linux ES 3
 + RedHat Enterprise Linux WS 3
 + Trustix Secure Linux 2.0
Apache Software Foundation Apache 2.0.45
- Apple Mac OS X 10.2.6
- Apple Mac OS X 10.2.5
- Apple Mac OS X 10.2.4
- Apple Mac OS X 10.2.3
- Apple Mac OS X 10.2.2
- Apple Mac OS X 10.2.1
- Apple Mac OS X 10.2
- Apple Mac OS X 10.1.5
- Apple Mac OS X 10.1.4
- Apple Mac OS X 10.1.3
- Apple Mac OS X 10.1.2
- Apple Mac OS X 10.1.1
- Apple Mac OS X 10.1
- Apple Mac OS X 10.1
- Apple Mac OS X 10.0.4
- Apple Mac OS X 10.0.3
- Apple Mac OS X 10.0.2
- Apple Mac OS X 10.0.1
- Apple Mac OS X 10.0
+ Conectiva Linux 9.0
Apache Software Foundation Apache 2.0.44
Apache Software Foundation Apache 2.0.43
Apache Software Foundation Apache 2.0.42
+ Gentoo Linux 1.4 _rc1
 + Gentoo Linux 1.2
Apache Software Foundation Apache 2.0.41
Apache Software Foundation Apache 2.0.40
+ RedHat Linux 9.0 i386
 + RedHat Linux 8.0
+ Terra Soft Solutions Yellow Dog Linux 3.0
Apache Software Foundation Apache 2.0.39
Apache Software Foundation Apache 2.0.38
Apache Software Foundation Apache 2.0.37
Apache Software Foundation Apache 2.0.36
Apache Software Foundation Apache 2.0.35
Apache Software Foundation Apache 2.0.32
Apache Software Foundation Apache 2.0.28
Apache Software Foundation Apache 2.0
Not Vulnerable:







 

Privacy Statement
Copyright 2007, SecurityFocus