CVE-2008-7257
CVE-2008-7257
CRLF injection vulnerability in +webvpn+/index.html in WebVPN on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to inject arbitrary HTTP headers as demonstrated by a redirect attack involving a %0d%0aLocation%3a sequence in a URI, or conduct HTTP response splitting attacks via unspecified vectors, aka Bug ID CSCsr09163.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/34200unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://securitytracker.com/id?1024155https://exchange.xforce.ibmcloud.com/vulnerabilities/59850http://www.cisco.com/en/US/docs/security/asa/asa81/release/notes/asarn812.htmlhttp://www.secureworks.com/ctu/advisories/SWRX-2010-001http://www.securityfocus.com/archive/1/512023/100/0/threadedhttp://www.securityfocus.com/bid/41159