CiscoWorks Common Services HTTP Response Splitting

This script is Copyright (C) 2012-2013 Tenable Network Security, Inc.


Synopsis :

The network management framework on the remote web server has an HTTP
response splitting vulnerability.

Description :

The version of CiscoWorks Common Services on the remote host has an
HTTP response splitting vulnerability. Common Services is a framework
included with several Cisco products. Input to the 'URL' parameter of
Autologin.jsp is not properly sanitized.

A remote attacker could exploit this by tricking a user into making a
malicious request, resulting in the injection of HTTP headers,
modification of the HTTP response body, or splitting the HTTP response
into multiple responses.

See also :

http://www.nessus.org/u?9a4f1b73
http://www.nessus.org/u?4da1bafd
http://www.nessus.org/u?46462822
http://www.nessus.org/u?3749073d
http://www.nessus.org/u?af05872e
http://www.nessus.org/u?2d0fd883

Solution :

Refer to the referenced Cisco Bug IDs for more information.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 3.6
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: CGI abuses

Nessus Plugin ID: 58950 ()

Bugtraq ID: 53439

CVE ID: CVE-2011-4237