CVE-2008-3906 - Secunia Advisories - Vulnerability Intelligence

Secunia Advisories

CVE Reference: CVE-2008-3906
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-3906

Description: CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the query string.

CVE Status: Candidate

References: SAID Secunia Advisory: SA31643 MLIST http://www.openwall.com/lists/oss-security/2008/08/27/6 MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:210 CONFIRM http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0286 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/496845/100/0/threaded BID 30867

Return to the previous page.