Vulnerability Name:

CVE-2008-3906 (CCN-44740)

Assigned:2008-08-20
Published:2008-08-20
Updated:2018-10-11
Summary:CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the query string.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-20
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2008-3906

Source: CCN
Type: Mono Project Web site
Mono

Source: CCN
Type: SA31643
Mono Sys.Web HTTP Header Injection Vulnerability

Source: SECUNIA
Type: Vendor Advisory
31643

Source: SECUNIA
Type: UNKNOWN
36494

Source: CONFIRM
Type: UNKNOWN
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0286

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2008:210

Source: MLIST
Type: UNKNOWN
[oss-security] 20080827 CVE request: mono Sys.Web header injection

Source: CCN
Type: OSVDB ID: 47855
Mono Sys.Web Module HTTP Header Injection

Source: BUGTRAQ
Type: UNKNOWN
20080930 rPSA-2008-0286-1 mono

Source: BID
Type: Exploit
30867

Source: CCN
Type: BID-30867
Mono 'System.Web' HTTP Header Injection Vulnerability

Source: CCN
Type: USN-826-1
Mono vulnerabilities

Source: VUPEN
Type: UNKNOWN
ADV-2008-2443

Source: CCN
Type: Novell Bugzilla Bug 418620
Sys.Web is prone to "HTTP header injection" attacks

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.novell.com/show_bug.cgi?id=418620

Source: XF
Type: UNKNOWN
mono-sysweb-crlf-injection(44740)

Source: XF
Type: UNKNOWN
mono-sysweb-xss(44740)

Source: UBUNTU
Type: UNKNOWN
USN-826-1

Vulnerable Configuration:Configuration 1:
  • cpe:/a:mono:mono:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:mono:mono:1.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mono:mono:1.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:mono:mono:1.1.8.3:*:*:*:*:*:*:*
  • OR cpe:/a:mono:mono:1.1.13:*:*:*:*:*:*:*
  • OR cpe:/a:mono:mono:1.1.13.4:*:*:*:*:*:*:*
  • OR cpe:/a:mono:mono:1.1.13.6:*:*:*:*:*:*:*
  • OR cpe:/a:mono:mono:1.1.13.7:*:*:*:*:*:*:*
  • OR cpe:/a:mono:mono:1.1.17:*:*:*:*:*:*:*
  • OR cpe:/a:mono:mono:1.1.17.1:*:*:*:*:*:*:*
  • OR cpe:/a:mono:mono:1.1.18:*:*:*:*:*:*:*
  • OR cpe:/a:mono:mono:1.2.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:mono_project:mono:1.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:mono_project:mono:1.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:mono_project:mono:1.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:mono_project:mono:1.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:mono_project:mono:1.2.5:*:*:*:*:*:*:*
  • OR cpe:/a:mono_project:mono:1.2.6:*:*:*:*:*:*:*
  • OR cpe:/a:mono_project:mono:1.9:*:*:*:*:*:*:*
  • OR cpe:/a:mono_project:mono:*:*:*:*:*:*:*:* (Version <= 2.0)

    • Configuration CCN 1:
  • cpe:/a:mono:mono:*:*:*:*:*:*:*:*
  • AND
  • cpe:/o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0::x86-64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:x86_64:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007.1::x86-64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:8.04::lts:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.0:-:x86_64:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:13875
    P
    		USN-826-1 -- mono vulnerabilities
    2014-06-30
    BACK
    mono mono 1.0
    mono mono 1.0.5
    mono mono 1.1.4
    mono mono 1.1.8.3
    mono mono 1.1.13
    mono mono 1.1.13.4
    mono mono 1.1.13.6
    mono mono 1.1.13.7
    mono mono 1.1.17
    mono mono 1.1.17.1
    mono mono 1.1.18
    mono mono 1.2.5.1
    mono_project mono 1.2.1
    mono_project mono 1.2.2
    mono_project mono 1.2.3
    mono_project mono 1.2.4
    mono_project mono 1.2.5
    mono_project mono 1.2.6
    mono_project mono 1.9
    mono_project mono *
    mono mono *
    mandrakesoft mandrake linux 2007.1
    mandrakesoft mandrake linux 2008.0
    mandrakesoft mandrake linux 2008.0
    mandrakesoft mandrake linux 2008.1 x86_64
    mandrakesoft mandrake linux 2007.1
    mandrakesoft mandrake linux 2008.1
    canonical ubuntu 8.04
    mandriva linux 2009.0
    mandriva linux 2009.0 -