Uploaded image for project: 'Undertow'
  1. Undertow
  2. UNDERTOW-1302

CVE-2018-1067 undertow: HTTP header injection using CRLF with UTF-8 Encoding (incomplete fix of CVE-2016-4993)

    XMLWordPrintable

Details

    • This issue is security relevant

    Description

      Flaw:


      CVE-2018-1067 wildfly: HTTP header injection using CRLF with UTF-8 Encoding (incomplete fix of CVE-2016-4993)
      https://bugzilla.redhat.com/show_bug.cgi?id=1550671

      A flaw was reported in WildFly 12.0.0.CR1 web server is vulnerable to the injection of arbitrary HTTP Header due to insufficient sanitisation and validation of user UTF-8 encoded input before it is used as part of an HTTP header value.

      Although there is a protection against CRLF injection by detecting the presence of a NewLine character (0x0a), it can be bypassed using characters encoded in UTF-8 as the page will try to convert them back to the original Unicode form and extract the last byte.

      Attachments

        Activity

          People

            sdouglas1@redhat.com Stuart Douglas
            sdouglas1@redhat.com Stuart Douglas
            Bharti Kundal (Inactive), Brad Maxwell, Carlo de Wolf, Chess Hazlett, Coty Sutherland, Darran Lofthouse, Dimitrios Andreadis, James Perkins, Jason Shepherd, Jimmy Wilson, Lin Gao, Mark Yarborough, Panagiotis Sotiropoulos, Paul Gier (Inactive), Pavel Slavicek, Petr Sakar (Inactive), Radovan Netuka, Rostislav Svoboda, Tim Walsh, Václav Tunka, Vladimir Dosoudil
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: