icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

ViewCVS < 1.0.0 HTTP Response Splitting

High

Synopsis

The remote host is vulnerable to a HTTP response splitting attack.

Description

The remote host is running ViewCVS, a tool to browse CVS repositories over the web. There is a flaw in the remote ViewCVS server that may allow an attacker to steal the credentials of third-party users via an HTTP response splitting attack.

Solution

Upgrade to version 1.0.0 or higher.