Tornado 'tornado.web.RequestHandler.set_header()' HTTP Response Splitting Vulnerability
BID:53612
Info
Tornado 'tornado.web.RequestHandler.set_header()' HTTP Response Splitting Vulnerability
| Bugtraq ID: | 53612 |
| Class: | Input Validation Error |
| CVE: |
CVE-2012-2374 |
| Remote: | Yes |
| Local: | No |
| Published: | May 18 2012 12:00AM |
| Updated: | May 21 2012 08:20PM |
| Credit: | The vendor reported this issue. |
| Vulnerable: |
Tornado Tornado 2.2 |
| Not Vulnerable: |
Tornado Tornado 2.2.1 |
Discussion
Tornado 'tornado.web.RequestHandler.set_header()' HTTP Response Splitting Vulnerability
Tornado is prone to an HTTP-response-splitting vulnerability because it fails to sufficiently sanitize user-supplied data.
Attackers can leverage this issue to influence or misrepresent how web content is served, cached, or interpreted. This could aid in various attacks that try to entice client users into a false sense of trust.
Versions prior to Tornado 2.2.1 are vulnerable.
Tornado is prone to an HTTP-response-splitting vulnerability because it fails to sufficiently sanitize user-supplied data.
Attackers can leverage this issue to influence or misrepresent how web content is served, cached, or interpreted. This could aid in various attacks that try to entice client users into a false sense of trust.
Versions prior to Tornado 2.2.1 are vulnerable.
Exploit / POC
Tornado 'tornado.web.RequestHandler.set_header()' HTTP Response Splitting Vulnerability
To exploit this issue, an attacker must entice an unsuspecting victim into following a malicious URI.
To exploit this issue, an attacker must entice an unsuspecting victim into following a malicious URI.
References
Tornado 'tornado.web.RequestHandler.set_header()' HTTP Response Splitting Vulnerability
References:
References:
- Tornado Homepage (Tornado)
- What�??s new in Tornado 2.2.1 (Tornado)