Mobile Mp3 Search Script 'dl.php' HTTP Response Splitting Vulnerability
BID:52136
Info
Mobile Mp3 Search Script 'dl.php' HTTP Response Splitting Vulnerability
| Bugtraq ID: | 52136 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 23 2012 12:00AM |
| Updated: | Feb 23 2012 12:00AM |
| Credit: | Corrado Liotta |
| Vulnerable: |
PHP Search Engine Mobile Mp3 Search Script 2.0 |
| Not Vulnerable: | |
Discussion
Mobile Mp3 Search Script 'dl.php' HTTP Response Splitting Vulnerability
Mobile Mp3 Search Script is prone to an HTTP-response-splitting vulnerability because it fails to sufficiently sanitize user-supplied data.
Attackers can leverage this issue to influence or misrepresent how web content is served, cached, or interpreted. This could aid in various attacks that try to entice client users into a false sense of trust.
Mobile Mp3 Search Script 2.0 is vulnerable; other versions may also be affected
Mobile Mp3 Search Script is prone to an HTTP-response-splitting vulnerability because it fails to sufficiently sanitize user-supplied data.
Attackers can leverage this issue to influence or misrepresent how web content is served, cached, or interpreted. This could aid in various attacks that try to entice client users into a false sense of trust.
Mobile Mp3 Search Script 2.0 is vulnerable; other versions may also be affected
Exploit / POC
Mobile Mp3 Search Script 'dl.php' HTTP Response Splitting Vulnerability
To exploit this issue, an attacker must entice an unsuspecting victim into following a malicious URI.
The following example URI is available:
http://www.example.com/dl.php?url=http://www.google.it
To exploit this issue, an attacker must entice an unsuspecting victim into following a malicious URI.
The following example URI is available:
http://www.example.com/dl.php?url=http://www.google.it
Solution / Fix
Mobile Mp3 Search Script 'dl.php' HTTP Response Splitting Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Mobile Mp3 Search Script 'dl.php' HTTP Response Splitting Vulnerability
References:
References:
- Mobile Mp3 Search Script Homepage (PHP Search Engine)