| Release Date | Sep 15, 2009 |
| Severity | Medium |
| Impact | System compromise: Provides unauthorized access, bypassing security. |
| Description | This indicates an attack attempt to exploit the HTTP-splitting vulnerability.
The vulnerability is due to the application's failure to properly sanitize user HTTP requests. An attacker can send a specially crafted request containing malicious HTTP responses to poison the cache of the vulnerable web server. As a result, the attacker can bypass content restrictions or cause user requests to be redirected. |
| Affected Products | All web application environments are susceptible to HTTP splitting. |
| Recommended Actions | The signature can be enabled to block this traffic. |
Reference: VID-17701
|