NASLDB: Adobe ColdFusion HTTP Response Splitting (APSB12-15)
General
ID: 59715
Name: Adobe ColdFusion HTTP Response Splitting (APSB12-15)
Summary: Attempts to inject an HTTP header into server response
Credits: Tenable Network Security, Inc.
Classification
Risk: –
CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N
CVSS Temporal Vector: CVSS2#E:F/RL:OF/RC:C
Port: 80
Family: CGI abuses
Type: Remote
Description
The version of Adobe ColdFusion running on the remote host has an HTTP
response splitting vulnerability.
The coldfusion.filter.ComponentFilter class does not properly sanitize
input used in the Location header of an HTTP response. A remote
attacker could exploit this by tricking a user into making a malicious
request, resulting in the injection of HTTP headers, modification of
the HTTP response body, or splitting the HTTP response into multiple
responses.
Exploiting
Exploit Available: True
Exploitability Ease: Exploits are available
Sources
CVE: CVE-2012-2041
OSVDB: –
Bugtraq: –
scipID: –
Timeline
Vulnerability Disclosure: 2012/06/12
Patch Release: 2012/06/12
Plugin Release: 2012/06/26
Plugin
Version: 1.7
Filename: coldfusion_apsb12-15.nasl
Filesize: 4198 bytes
MD5 Hash: 66d62259cf8cca08558d8bfa66faaa43
Identification: –
Require Keys: www/coldfusion
Dependencies: "coldfusion_detect.nasl"
Copyright: This script is Copyright© 2012 Tenable Network Security, Inc.
- Letzte Plugins
- USN-1611-1 : thunderbird vulnerabilities
- USN-1610-1 : linux vulnerability
- USN-1609-1 : linux-ti-omap4 vulnerability
- SuSE 10 Security Update : PostgreSQL
- RHSA-2012-1364: bind97
- RHSA-2012-1363: bind
- RHSA-2012-1362: thunderbird
- RHSA-2012-1361: xulrunner
- Mandriva Linux Security Advisory : graphicsmagick
- FreeBSD : phpMyAdmin — Multiple XSS due to unescaped HTML output in Trigger, Procedure and Event pages and Fetching the version information from a non-SSL site is vulnerable to a MITM attack