The remote host is running ViewCVS, a tool to browse CVS repositories over the web. There is a flaw in the remote ViewCVS server that may allow an attacker to steal the credentials of third-party users via an HTTP response splitting attack.
Binary data 2478.prm