CVE-2008-7257
Cisco ASA WebVPN (WebVPN on ASA) is affected by a CRLF injection/HTTP response splitting vulnerability tracked as CVE-2008-7257. The flaw occurs in +webvpn+/index.html for ASA 5580-series devices with software before 8.1(2). An attacker can craft a URL containing %0d%0a sequences to inject arbitr...