H2O HTTP Response Splitting Vulnerability Fixed by v1.6.2


Description   (#A vulnerability has been identified in H2O HTTP.#A remote attacker could exploit it in order to split HTTP response via sending a specially crafted request containing CR LF characters.##This vulnerability stems from a bad process of HTTP requests when "redirect" directive is used.##Updated, 16/01/2016:#The h2o packages provided by FreeBSD are vulnerable.)
     
Vulnerable Products   Vulnerable OS:
FreeBSD (FreeBSD) - All
     
Solution   Version 1.6.2 of H2O fixes this vulnerability.
     
CVE   CVE-2016-1133
     
References   - VuXML : h2o -- directory traversal vulnerability
http://www.vuxml.org/freebsd/6c808811-bb9a-11e5-a65c-485d605f4717.html
- H2O : CVE-2016-1133 (Response Splitting)
https://h2o.examp1e.net/vulnerabilities.html
     
Vulnerability Manager Detection   No
     
IPS Protection  
ASQ Engine alarm Available Since
HTTP Request Smuggling : HTTP command found in header
3.2.0
HTTP Response Splitting : suspicious Content-Length in URL
3.2.0
HTTP Response Splitting : suspicious HTTP/1.x in URL
3.2.0
HTTP Request Smuggling : Content-Length and Transfer-Encoding: chunked fields in header
3.2.0
HTTP Response Splitting : suspicious Set-Cookie in URL
3.2.0
HTTP Request Smuggling : suspicious syntax using HTTP keyword
3.2.0
HTTP Request Smuggling : multiple Content-Length fields
3.2.0
HTTP Response Splitting : suspicious Content-Type in URL
3.5.0
     


 
 
 
 
 Risk level 
Low 

 Vulnerability First Public Report Date 
2016-01-13 

 Target Type 
Server 

 Possible exploit 
Remote