4 matches found
RabbitMQ: /api/definitions response splitting vulnerability
A response-splitting vulnerability was discovered in RabbitMQ. An /api/definitions URL could be specified, which then caused an arbitrary additional header to be returned. A remote attacker could use this flaw to inject arbitrary HTTP headers and possibly gain access to secure data...
RabbitMQ: /api/definitions response splitting vulnerability
A response-splitting vulnerability was discovered in RabbitMQ. An /api/definitions URL could be specified, which then caused an arbitrary additional header to be returned. A remote attacker could use this flaw to inject arbitrary HTTP headers and possibly gain access to secure data...
RabbitMQ: /api/definitions response splitting vulnerability
A response-splitting vulnerability was discovered in RabbitMQ. An /api/definitions URL could be specified, which then caused an arbitrary additional header to be returned. A remote attacker could use this flaw to inject arbitrary HTTP headers and possibly gain access to secure data...
PT-2015-4326 · Pivotal +1 · Rabbitmq
Name of the Vulnerable Software and Affected Versions: RabbitMQ versions 2.1.0 through 3.4.x Description: A CRLF injection issue exists in the management plugin, allowing remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the download parameter to th...