CVE-2016-4975: mod_userdir CRLF injection

First published: Tue Aug 14 2018(Updated: )

Possible CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir. This issue was mitigated by changes made in 2.4.25 and 2.2.32 which prohibit CR or LF injection into the "Location" or other outbound header key or value. Fixed in Apache HTTP Server 2.4.25 (Affected 2.4.1-2.4.23). Fixed in Apache HTTP Server 2.2.32 (Affected 2.2.0-2.2.31).

Credit: security@apache.org

Affected Software	Affected Version	How to fix
Apache HTTP server	=2.2.0
Apache HTTP server	=2.2.2
Apache HTTP server	=2.2.3
Apache HTTP server	=2.2.4
Apache HTTP server	=2.2.6
Apache HTTP server	=2.2.8
Apache HTTP server	=2.2.9
Apache HTTP server	=2.2.10
Apache HTTP server	=2.2.11
Apache HTTP server	=2.2.12
Apache HTTP server	=2.2.13
Apache HTTP server	=2.2.14
Apache HTTP server	=2.2.15
Apache HTTP server	=2.2.16
Apache HTTP server	=2.2.17
Apache HTTP server	=2.2.18
Apache HTTP server	=2.2.19
Apache HTTP server	=2.2.20
Apache HTTP server	=2.2.21
Apache HTTP server	=2.2.22
Apache HTTP server	=2.2.23
Apache HTTP server	=2.2.24
Apache HTTP server	=2.2.25
Apache HTTP server	=2.2.26
Apache HTTP server	=2.2.27
Apache HTTP server	=2.2.29
Apache HTTP server	=2.2.31
Apache HTTP server	=2.4.1
Apache HTTP server	=2.4.2
Apache HTTP server	=2.4.3
Apache HTTP server	=2.4.4
Apache HTTP server	=2.4.6
Apache HTTP server	=2.4.7
Apache HTTP server	=2.4.9
Apache HTTP server	=2.4.10
Apache HTTP server	=2.4.12
Apache HTTP server	=2.4.16
Apache HTTP server	=2.4.17
Apache HTTP server	=2.4.18
Apache HTTP server	=2.4.20
Apache HTTP server	=2.4.23

Never miss a vulnerability like this again

Reference Links

collector/nvd-index
agent/softwarecombine
agent/type
collector/mitre-cve
source/MITRE
agent/weakness
agent/severity
agent/author
agent/references
agent/last-modified-date
agent/title
agent/tags
agent/description
agent/first-publish-date
agent/event
vendor/apache
canonical/apache http server
version/apache http server/2.2.0
version/apache http server/2.2.2
version/apache http server/2.2.3
version/apache http server/2.2.4
version/apache http server/2.2.6
version/apache http server/2.2.8
version/apache http server/2.2.9
version/apache http server/2.2.10
version/apache http server/2.2.11
version/apache http server/2.2.12
version/apache http server/2.2.13
version/apache http server/2.2.14
version/apache http server/2.2.15
version/apache http server/2.2.16
version/apache http server/2.2.17
version/apache http server/2.2.18
version/apache http server/2.2.19
version/apache http server/2.2.20
version/apache http server/2.2.21
version/apache http server/2.2.22
version/apache http server/2.2.23
version/apache http server/2.2.24
version/apache http server/2.2.25
version/apache http server/2.2.26
version/apache http server/2.2.27
version/apache http server/2.2.29
version/apache http server/2.2.31
version/apache http server/2.4.1
version/apache http server/2.4.2
version/apache http server/2.4.3
version/apache http server/2.4.4
version/apache http server/2.4.6
version/apache http server/2.4.7
version/apache http server/2.4.9
version/apache http server/2.4.10
version/apache http server/2.4.12
version/apache http server/2.4.16
version/apache http server/2.4.17
version/apache http server/2.4.18
version/apache http server/2.4.20
version/apache http server/2.4.23

CVE-2016-4975: mod_userdir CRLF injection

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact