Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Snitz Forum < 3.4.05 HTTP Response Splitting

Medium

Synopsis

The remote host is vulnerable to an HTTP 'response splitting' vulnerability.

Description

The remote host appears to be running Snitz Forum, a web forum application implemented in ASP. It is reported that versions of Snitz Forum prior 3.4.0.04 are prone to a HTTP response splitting vulnerability. An attacker may influence how the website is served, cached and interpreted by the means of a malformed link to the web site that would alter the server HTTP headers.

Solution

Upgrade to Snitz Forum 3.4.05 or higher.