HTTP Response Splitting

1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5.00 out of 5)
Loading...Loading...
HTTP Response Splitting

HTTP Response Splitting

When using HTTP Response Splitting vulnerabilities (splitting of HTTP request), the hacker sends to a server a specially-formed request, the answer on which is interpreted by an attack aim as two different answers. The second answer is under a full control of a hacker and it allows him to forge the server’s answer.
If an attack is successful, hacker can perform the following actions:

  • Cross-site scripting.
  • Modification of cash data of the proxy-server.
  • Cross-user attack (one user, one page, a temporary page substitution).
  • Page interception, which contains a user data.