News
Vigil@nce - Perl CGI.pm: HTTP header injection via header
December 2012 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker who controls an application based on the Perl CGI.pm
module, can inject headers in HTTP responses.
Impacted products: Fedora, Windows (platform), Unix (platform)
Severity: 2/4
Creation date: 16/11/2012
DESCRIPTION OF THE VULNERABILITY
The Perl module CGI.pm from the standard library facilitates the
development of Web applications based on the CGI interface, which
specifies the communication protocol between the application and
the HTTP server.
The module defines a routine header(), which generates headers of
HTTP responses. The header value should not include end of line
characters. However, the routine header() does not reject values
containing line ends for headers Set-Cookie and P3P, which leads
to the injection of headers in the response from the HTTP server.
An attacker who controls an application based on the Perl CGI.pm
module, can therefore inject headers in HTTP responses.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Perl-CGI-pm-HTTP-header-injection-via-header-12167
