HTTP Response Splitting in Comersus Cart

vendor:

Comersus Cart

by:

Unknown

4.3

CVSS

MEDIUM

HTTP Response Splitting

113

CWE

Product Name: Comersus Cart

Affected Version From: 5.0991

Affected Version To: Unknown

Patch Exists: NO

Related CWE: Unknown

CPE: comersus_cart:5.0991

Metasploit:

Other Scripts:

Platforms Tested:

Unknown

HTTP Response Splitting in Comersus Cart

A remote attacker can exploit this vulnerability in Comersus Cart to influence or misrepresent how web content is served, cached or interpreted, potentially aiding in various attacks that try to deceive client users.

Mitigation:

Upgrade to a version of Comersus Cart that has been patched to address this issue.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/11083/info

Comersus Cart is reported prone to a HTTP response splitting vulnerability. A remote attacker may exploit this vulnerability to influence or misrepresent how web content is served, cached or interpreted. This could aid in various attacks, which try to entice client users into a false sense of trust.

This issue was identified in Comersus Shopping Cart 5.0991, however, other versions may be affected as well. 

http://www.example.com/path_to_comersus/comersus_customerLoggedVerify.asp?

redirecturl=%0d%0a%0d%0aHTTP/1.0%20200%20OK%0d%0aContent-Type:%20text/html%0d%0aContent-L

ength:%2028%0d%0a%0d%0a{html}0wned%20by%20me{/html}