From oss-security  Mon May 04 07:31:02 2015
From: Jing Wang <justqdjing () gmail ! com>
Date: Mon, 04 May 2015 07:31:02 +0000
To: oss-security
Subject: [oss-security] NetCat CMS Multiple HTTP Response Splitting (CRLF) Security Vulnerabilities - CVE Req
Message-Id: <CAFWG0-hyKnOmmiNO-MGR2DkifuOFKvNh=wQ0Q243S3cgK3UdRw () mail ! gmail ! com>
X-MARC-Message: https://marc.info/?l=oss-security&m=143072469727770
MIME-Version: 1
Content-Type: multipart/mixed; boundary="--001a11c299bc4eb22805153c8b13"

--001a11c299bc4eb22805153c8b13
Content-Type: text/plain; charset=UTF-8

Hello,

Could you assign a CVE reference ID for the following vulnerability?
Thank you very much.

http://seclists.org/fulldisclosure/2015/Mar/36
http://packetstormsecurity.com/files/130721/NetCat-CMS-5.01-Header-Injection.html
http://www.osvdb.org/show/osvdb/119342
http://www.osvdb.org/show/osvdb/119343
http://tetraph.com/security/http-response-splitting-vulnerability/netcat-cms-multiple-http-response-splitting-crlf-security-vulnerabilities/



========

Exploit Title:
NetCat CMS Multiple CRLF Web Security Vulnerabilities

Product:
NetCat

Vendor:
NetCat

Vendor Link:
http://netcat.ru/

Vulnerable Versions:
 5.01   3.12   3.0   2.4   2.3   2.2   2.1   2.0   1.1

Tested Versions:
3.12

========

Best Regards,
Wang Jing

--001a11c299bc4eb22805153c8b13--