[<prev] [next>] [day] [month] [year] [list]
Message-ID: <CAFWG0-hyKnOmmiNO-MGR2DkifuOFKvNh=wQ0Q243S3cgK3UdRw@mail.gmail.com>
Date: Mon, 4 May 2015 15:31:02 +0800
From: Jing Wang <justqdjing@...il.com>
To: oss-security@...ts.openwall.com
Subject: NetCat CMS Multiple HTTP Response Splitting (CRLF) Security
Vulnerabilities - CVE Request
Hello,
Could you assign a CVE reference ID for the following vulnerability?
Thank you very much.
http://seclists.org/fulldisclosure/2015/Mar/36
http://packetstormsecurity.com/files/130721/NetCat-CMS-5.01-Header-Injection.html
http://www.osvdb.org/show/osvdb/119342
http://www.osvdb.org/show/osvdb/119343
http://tetraph.com/security/http-response-splitting-vulnerability/netcat-cms-multiple-http-response-splitting-crlf-security-vulnerabilities/
========
Exploit Title:
NetCat CMS Multiple CRLF Web Security Vulnerabilities
Product:
NetCat
Vendor:
NetCat
Vendor Link:
http://netcat.ru/
Vulnerable Versions:
5.01 3.12 3.0 2.4 2.3 2.2 2.1 2.0 1.1
Tested Versions:
3.12
========
Best Regards,
Wang Jing
Powered by blists - more mailing lists
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
