httpd: CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir

🗓️ 12 Jul 2018 16:14:46Reported by RedHatType

redhat

redhat🔗 access.redhat.com👁 3 Views

Apache httpd mod_userdir allows HTTP response splitting via CRLF header injection, risking access.

Reporter	Title	Published	Views	Family All 67
IBM Security Bulletins	Security Bulletin: Potential vulnerability in IBM HTTP Server (CVE-2016-8743)	8 Sep 202200:09	–	ibm
IBM Security Bulletins	WebSphere Application Server and IBM HTTP Server Security Bulletin List	13 Jul 202218:04	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in Apache HTTP Server affect IBM Cognos Business Intelligence	24 Apr 201920:50	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cognos Controller 2019Q2 Security Updater: Multiple vulnerabilities have been identified in IBM Cognos Controller	13 Jun 201919:15	–	ibm
Tenable Nessus	Apache 2.2.x < 2.2.32 Multiple Vulnerabilities (httpoxy)	12 Jan 201700:00	–	nessus
Tenable Nessus	Apache 2.4.x < 2.4.25 Multiple Vulnerabilities (httpoxy)	12 Jan 201700:00	–	nessus
Tenable Nessus	CentOS 7 : httpd (CESA-2017:0906)	14 Apr 201700:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP2 : httpd (EulerOS-SA-2019-2402)	10 Dec 201900:00	–	nessus
Tenable Nessus	openSUSE Security Update : apache2 (openSUSE-2018-1046)	27 Sep 201800:00	–	nessus
Tenable Nessus	RHEL 7 : httpd (RHSA-2017:0906)	13 Apr 201700:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Red Hat Enterprise Linux	7	any	jbcs-httpd24-apache-commons-daemon	0:1.1.0-1.redhat_2.1.jbcs.el7.noarch	jbcs-httpd24-apache-commons-daemon-0:1.1.0-1.redhat_2.1.jbcs.el7.noarch.noarch.rpm
Red Hat Enterprise Linux	7	x86_64	jbcs-httpd24-apache-commons-daemon-jsvc	1:1.1.0-1.redhat_2.jbcs.el7	jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-1.redhat_2.jbcs.el7.x86_64.rpm
Red Hat Enterprise Linux	7	x86_64	jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo	1:1.1.0-1.redhat_2.jbcs.el7	jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-1.redhat_2.jbcs.el7.x86_64.rpm
Red Hat Enterprise Linux	7	x86_64	jbcs-httpd24-apr	0:1.6.3-14.jbcs.el7	jbcs-httpd24-apr-0:1.6.3-14.jbcs.el7.x86_64.rpm
Red Hat Enterprise Linux	7	x86_64	jbcs-httpd24-apr-debuginfo	0:1.6.3-14.jbcs.el7	jbcs-httpd24-apr-debuginfo-0:1.6.3-14.jbcs.el7.x86_64.rpm
Red Hat Enterprise Linux	7	x86_64	jbcs-httpd24-apr-devel	0:1.6.3-14.jbcs.el7	jbcs-httpd24-apr-devel-0:1.6.3-14.jbcs.el7.x86_64.rpm
Red Hat Enterprise Linux	7	x86_64	jbcs-httpd24-apr-util	0:1.6.1-9.jbcs.el7	jbcs-httpd24-apr-util-0:1.6.1-9.jbcs.el7.x86_64.rpm
Red Hat Enterprise Linux	7	x86_64	jbcs-httpd24-apr-util-debuginfo	0:1.6.1-9.jbcs.el7	jbcs-httpd24-apr-util-debuginfo-0:1.6.1-9.jbcs.el7.x86_64.rpm
Red Hat Enterprise Linux	7	x86_64	jbcs-httpd24-apr-util-devel	0:1.6.1-9.jbcs.el7	jbcs-httpd24-apr-util-devel-0:1.6.1-9.jbcs.el7.x86_64.rpm
Red Hat Enterprise Linux	7	x86_64	jbcs-httpd24-apr-util-ldap	0:1.6.1-9.jbcs.el7	jbcs-httpd24-apr-util-ldap-0:1.6.1-9.jbcs.el7.x86_64.rpm

Source	Link
access	www.access.redhat.com/security/cve/CVE-2016-4975
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
httpd	www.httpd.apache.org/security/vulnerabilities_22.html
httpd	www.httpd.apache.org/security/vulnerabilities_24.html
nvd	www.nvd.nist.gov/vuln/detail/CVE-2016-4975
cve	www.cve.org/CVERecord

14 May 2026 22:23Current

6.8Medium risk

Vulners AI Score6.8

CVSS 24.3

CVSS 36.1

EPSS0.59605

Apache httpd user directory module HTTP response splitting CRLF injection header injection