[Owasp-delhi] HTTP RESPONSE SPLITTING ?

Soi, Dhruv dhruv.soi at ariosesoftware.com
Fri Feb 20 04:18:53 EST 2009


See my inline comments:

 

1. What is http response splitting ?
2. Which type of application can have this vulnerability ?

http://www.google.co.in/search?hl=en
<http://www.google.co.in/search?hl=en&q=HTTP+Response+splitting&btnG=Google+
Search&meta> &q=HTTP+Response+splitting&btnG=Google+Search&meta=

Refer to top 10 results

 

3. Whether it can be present in any site (login module or without 
login modules) ?

http://secunia.com/advisories/search/?search=HTTP+response+splitting

 

4. How to show the attack ? Or how to show POC step by step with 
screen shot ?
5. Any dummy or test application to check and understand ?
6. Other details on the vulnerability.
            Refer back to above said links :-)

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-delhi/attachments/20090220/2494c627/attachment.html 


More information about the Owasp-delhi mailing list