This script is Copyright (C) 2009-2014 Tenable Network Security, Inc.
The remote web server has an HTTP response splitting vulnerability.
The version of Xerver running on the remote host has an HTTP response
splitting vulnerability due to its failure to sanitize specially
encoded carriage return and newline characters. A remote attacker
could exploit this by tricking a user into requesting a maliciously
crafted URL, resulting in the injection of HTTP headers, HTML, or
See also :
There is no known solution at this time.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 4.1
Public Exploit Available : true