Описание
Mortbay Jetty CRLF Injection Vulnerability
CRLF injection vulnerability in Mortbay Jetty before 6.1.6rc0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-5615
- https://github.com/jetty-project/codehaus-jetty6/commit/0d2592ea3183914163d0921e4855bd3e18582a05
- https://web.archive.org/web/20071007232422/http://svn.codehaus.org:80/jetty/jetty/trunk/VERSION.txt
- https://web.archive.org/web/20150112202621/http://www.securityfocus.com/bid/26696
- https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00227.html
- https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00250.html
- http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
- http://www.kb.cert.org/vuls/id/212984
Пакеты
Наименование
org.mortbay.jetty:jetty
maven
Затронутые версииВерсия исправления
< 6.1.6rc0
6.1.6rc0
Связанные уязвимости
nvd
почти 18 лет назад
CRLF injection vulnerability in Mortbay Jetty before 6.1.6rc0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
debian
почти 18 лет назад
CRLF injection vulnerability in Mortbay Jetty before 6.1.6rc0 allows r ...