Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 4 May 2015 15:31:02 +0800
From: Jing Wang <justqdjing@...il.com>
To: oss-security@...ts.openwall.com
Subject: NetCat CMS Multiple HTTP Response Splitting (CRLF) Security
 Vulnerabilities - CVE Request

Hello,

Could you assign a CVE reference ID for the following vulnerability?
Thank you very much.

http://seclists.org/fulldisclosure/2015/Mar/36
http://packetstormsecurity.com/files/130721/NetCat-CMS-5.01-Header-Injection.html
http://www.osvdb.org/show/osvdb/119342
http://www.osvdb.org/show/osvdb/119343
http://tetraph.com/security/http-response-splitting-vulnerability/netcat-cms-multiple-http-response-splitting-crlf-security-vulnerabilities/



========

Exploit Title:
NetCat CMS Multiple CRLF Web Security Vulnerabilities

Product:
NetCat

Vendor:
NetCat

Vendor Link:
http://netcat.ru/

Vulnerable Versions:
 5.01   3.12   3.0   2.4   2.3   2.2   2.1   2.0   1.1

Tested Versions:
3.12

========

Best Regards,
Wang Jing

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ