[Owasp-delhi] HTTP RESPONSE SPLITTING ?

Gunwant Singh gunwant.s at gmail.com
Fri Feb 20 23:48:53 EST 2009


Besides what Dhruv told, this may help you:

http://gunwantsingh.blogspot.com/2008/12/http-response-splitting-in-plain-words.html


-Gunwant

On Fri, Feb 20, 2009 at 2:48 PM, Soi, Dhruv <dhruv.soi at ariosesoftware.com>wrote:

>  See my inline comments:
>
>
>
> 1. What is http response splitting ?
> 2. Which type of application can have this vulnerability ?
>
>
> http://www.google.co.in/search?hl=en&q=HTTP+Response+splitting&btnG=Google+Search&meta
> =
>
> Refer to top 10 results
>
>
>
> 3. Whether it can be present in any site (login module or without
> login modules) ?
>
> http://secunia.com/advisories/search/?search=HTTP+response+splitting
>
>
>
> 4. How to show the attack ? Or how to show POC step by step with
> screen shot ?
> 5. Any dummy or test application to check and understand ?
> 6. Other details on the vulnerability.
>             Refer back to above said links J
>
> _______________________________________________
> Owasp-delhi mailing list
> Owasp-delhi at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-delhi
>
>


-- 
Gunwant Singh
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-delhi/attachments/20090221/0d9ce755/attachment.html 


More information about the Owasp-delhi mailing list