CVE-2008-3906 - OpenCVE

CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the query string.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Mono Project	Mono
Mono	Mono

Configuration 1 [-]

OR	cpe:2.3:a:mono:mono:1.0:::::::*
	cpe:2.3:a:mono:mono:1.0.5:::::::*
	cpe:2.3:a:mono:mono:1.1.4:::::::*
	cpe:2.3:a:mono:mono:1.1.8.3:::::::*
	cpe:2.3:a:mono:mono:1.1.13:::::::*
	cpe:2.3:a:mono:mono:1.1.13.4:::::::*
	cpe:2.3:a:mono:mono:1.1.13.6:::::::*
	cpe:2.3:a:mono:mono:1.1.13.7:::::::*
	cpe:2.3:a:mono:mono:1.1.17:::::::*
	cpe:2.3:a:mono:mono:1.1.17.1:::::::*
	cpe:2.3:a:mono:mono:1.1.18:::::::*
	cpe:2.3:a:mono:mono:1.2.5.1:::::::*
	cpe:2.3:a:mono_project:mono::::::::
	cpe:2.3:a:mono_project:mono:1.2.1:::::::*
	cpe:2.3:a:mono_project:mono:1.2.2:::::::*
	cpe:2.3:a:mono_project:mono:1.2.3:::::::*
	cpe:2.3:a:mono_project:mono:1.2.4:::::::*
	cpe:2.3:a:mono_project:mono:1.2.5:::::::*
	cpe:2.3:a:mono_project:mono:1.2.6:::::::*
	cpe:2.3:a:mono_project:mono:1.9:::::::*

References

Link	Resource
http://secunia.com/advisories/31643	Vendor Advisory
http://secunia.com/advisories/36494
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0286
http://www.mandriva.com/security/advisories?name=MDVSA-2008:210
http://www.openwall.com/lists/oss-security/2008/08/27/6
http://www.securityfocus.com/archive/1/496845/100/0/threaded
http://www.securityfocus.com/bid/30867	Exploit
http://www.vupen.com/english/advisories/2008/2443
https://bugzilla.novell.com/show_bug.cgi?id=418620
https://exchange.xforce.ibmcloud.com/vulnerabilities/44740
https://usn.ubuntu.com/826-1/

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2008-09-04T17:00:00

Updated: 2018-10-11T19:57:01

Reserved: 2008-09-04T00:00:00

Link: CVE-2008-3906

JSON object: View

NVD Information

Status : Modified

Published: 2008-09-04T17:41:00.000

Modified: 2018-10-11T20:50:21.453

Link: CVE-2008-3906

JSON object: View

Redhat Information

No data.

CWE

CWE-20

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-08-27T00:00:00", "descriptions": [{"lang": "en", "value": "CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the query string."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-11T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "30867", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/30867"}, {"name": "mono-sysweb-xss(44740)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44740"}, {"name": "36494", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/36494"}, {"name": "[oss-security] 20080827 CVE request: mono Sys.Web header injection", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2008/08/27/6"}, {"name": "ADV-2008-2443", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2443"}, {"name": "20080930 rPSA-2008-0286-1 mono", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/496845/100/0/threaded"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0286"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.novell.com/show_bug.cgi?id=418620"}, {"name": "USN-826-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/826-1/"}, {"name": "31643", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31643"}, {"name": "MDVSA-2008:210", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:210"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-3906", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the query string."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "30867", "refsource": "BID", "url": "http://www.securityfocus.com/bid/30867"}, {"name": "mono-sysweb-xss(44740)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44740"}, {"name": "36494", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/36494"}, {"name": "[oss-security] 20080827 CVE request: mono Sys.Web header injection", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2008/08/27/6"}, {"name": "ADV-2008-2443", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2443"}, {"name": "20080930 rPSA-2008-0286-1 mono", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/496845/100/0/threaded"}, {"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0286", "refsource": "CONFIRM", "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0286"}, {"name": "https://bugzilla.novell.com/show_bug.cgi?id=418620", "refsource": "CONFIRM", "url": "https://bugzilla.novell.com/show_bug.cgi?id=418620"}, {"name": "USN-826-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/826-1/"}, {"name": "31643", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31643"}, {"name": "MDVSA-2008:210", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:210"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-3906", "datePublished": "2008-09-04T17:00:00", "dateReserved": "2008-09-04T00:00:00", "dateUpdated": "2018-10-11T19:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mono:mono:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "B31A3175-7CC6-4367-9A3C-F3324156C818", "vulnerable": true}, {"criteria": "cpe:2.3:a:mono:mono:1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "DBB77289-2AED-4BD4-9578-FEB0EC83701E", "vulnerable": true}, {"criteria": "cpe:2.3:a:mono:mono:1.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "A4299404-6C79-4B21-BB8C-115FA1E3AC28", "vulnerable": true}, {"criteria": "cpe:2.3:a:mono:mono:1.1.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "919CAD10-2F17-4F94-8116-815E77F5E998", "vulnerable": true}, {"criteria": "cpe:2.3:a:mono:mono:1.1.13:*:*:*:*:*:*:*", "matchCriteriaId": "19877D33-5DBF-40D7-87CB-545558C64771", "vulnerable": true}, {"criteria": "cpe:2.3:a:mono:mono:1.1.13.4:*:*:*:*:*:*:*", "matchCriteriaId": "F64E7267-E010-4FC8-879A-448C85BC250B", "vulnerable": true}, {"criteria": "cpe:2.3:a:mono:mono:1.1.13.6:*:*:*:*:*:*:*", "matchCriteriaId": "683F75A5-E4E4-4416-8E1C-A2C694A30BA3", "vulnerable": true}, {"criteria": "cpe:2.3:a:mono:mono:1.1.13.7:*:*:*:*:*:*:*", "matchCriteriaId": "EBE3CDD7-8553-4CB7-A0A7-B059B4D75B0C", "vulnerable": true}, {"criteria": "cpe:2.3:a:mono:mono:1.1.17:*:*:*:*:*:*:*", "matchCriteriaId": "DE2C11F2-2A21-481E-8350-F3777A0A8033", "vulnerable": true}, {"criteria": "cpe:2.3:a:mono:mono:1.1.17.1:*:*:*:*:*:*:*", "matchCriteriaId": "EFC21FA7-648F-4E41-962B-664140FA4812", "vulnerable": true}, {"criteria": "cpe:2.3:a:mono:mono:1.1.18:*:*:*:*:*:*:*", "matchCriteriaId": "A9FF02E9-070C-4AAA-ABB7-26FC9E56C7A2", "vulnerable": true}, {"criteria": "cpe:2.3:a:mono:mono:1.2.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "EC72C972-FF09-4A5D-9AD4-A422EDADF5AF", "vulnerable": true}, {"criteria": "cpe:2.3:a:mono_project:mono:*:*:*:*:*:*:*:*", "matchCriteriaId": "0F33FED4-EE33-41EF-8B24-F751D0A9891B", "versionEndIncluding": "2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mono_project:mono:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "403E554C-FD1B-42CE-82C2-43CC191905DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:mono_project:mono:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "78278FE6-26EA-4E89-9423-EABA6C4D8877", "vulnerable": true}, {"criteria": "cpe:2.3:a:mono_project:mono:1.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "15E1695E-FD6E-4602-9BD9-9CFFF20574CA", "vulnerable": true}, {"criteria": "cpe:2.3:a:mono_project:mono:1.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "691B3AF1-7F3F-4A7D-9F16-FE6044E33482", "vulnerable": true}, {"criteria": "cpe:2.3:a:mono_project:mono:1.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "E2DE3739-A2ED-47D7-9AE9-442A95ACFC3A", "vulnerable": true}, {"criteria": "cpe:2.3:a:mono_project:mono:1.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "DDAB5331-AD2E-483C-93C3-8095BBBA0572", "vulnerable": true}, {"criteria": "cpe:2.3:a:mono_project:mono:1.9:*:*:*:*:*:*:*", "matchCriteriaId": "E3CC03DC-14A6-4C45-9511-7CE8E7F727BB", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the query string."}, {"lang": "es", "value": "Vulnerabilidad de inyecci\u00f3n CRLF en Sys.Web en Mono 2.0 y anteriores, permite a atacantes remotos inyectar cabeceras HTTP de su elecci\u00f3n y llevar a cabo ataques de divisi\u00f3n de respuesta HTTP mediante secuencias CRLF en la cadena de consulta(query)."}], "id": "CVE-2008-3906", "lastModified": "2018-10-11T20:50:21.453", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2008-09-04T17:41:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/31643"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/36494"}, {"source": "cve@mitre.org", "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0286"}, {"source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:210"}, {"source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2008/08/27/6"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/496845/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/30867"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/2443"}, {"source": "cve@mitre.org", "url": "https://bugzilla.novell.com/show_bug.cgi?id=418620"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44740"}, {"source": "cve@mitre.org", "url": "https://usn.ubuntu.com/826-1/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}