Lucene search
HistoryNov 29, 2009 - 1:07 p.m.
CVE-2009-4086
crlf injection
xerver http server
vulnerability
http response splitting
cve-2009-4086
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
6.8 Medium
AI Score
Confidence
Low
0.006 Low
EPSS
Percentile
79.0%
CRLF injection vulnerability in Xerver HTTP Server 4.31 and 4.32 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via certain byte sequences at the end of a URL. NOTE: some of these details are obtained from third party information.
Affected configurations
Node
javascriptxerver_http_serverMatch4.31
ORjavascriptxerver_http_serverMatch4.32
Related
openvas
openvas
Xerver <= 4.32 HTTP Response Splitting Vulnerability
2009-11-20 00:00:00
Xerver HTTP Response Splitting Vulnerability
2009-11-20 00:00:00
prion
prion
Crlf injection
2009-11-29 13:07:00
cvelist
cvelist
CVE-2009-4086
2009-11-27 20:45:00
nvd
nvd
CVE-2009-4086
2009-11-29 13:07:34
nessus
nessus
Xerver HTTP Response Splitting
2009-11-25 00:00:00
checkpoint_advisories
checkpoint_advisories
Xerver HTTP CRLF Injection Response Splitting (CVE-2009-4086)
2011-06-28 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
6.8 Medium
AI Score
Confidence
Low
0.006 Low
EPSS
Percentile
79.0%
Related for CVE-2009-4086