CVE-2016-5331

CRLF injection vulnerability in VMware vCenter Server 6.0 before U2 and ESXi 6.0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

Weakness

The product uses CRLF (carriage return line feeds) as a special element, e.g. to separate lines or records, but it does not neutralize or incorrectly neutralizes CRLF sequences from inputs.

Affected Software

Name	Vendor	Start Version	End Version
Vcenter_server	Vmware	*	6.0 (including)
Esxi	Vmware	6.0 (including)	6.0 (including)

Potential Mitigations

https://cwe.mitre.org/data/definitions/15.html
https://cwe.mitre.org/data/definitions/81.html

References

http://packetstormsecurity.com/files/138211/VMware-vSphere-Hypervisor-ESXi-HTTP-Response-Injection.html
http://seclists.org/fulldisclosure/2016/Aug/38
http://www.securityfocus.com/archive/1/539128/100/0/threaded
http://www.securityfocus.com/bid/92324
http://www.securitytracker.com/id/1036543
http://www.securitytracker.com/id/1036544
http://www.securitytracker.com/id/1036545
http://www.vmware.com/security/advisories/VMSA-2016-0010.html
http://packetstormsecurity.com/files/138211/VMware-vSphere-Hypervisor-ESXi-HTTP-Response-Injection.html
http://seclists.org/fulldisclosure/2016/Aug/38
http://www.securityfocus.com/archive/1/539128/100/0/threaded
http://www.securityfocus.com/bid/92324
http://www.securitytracker.com/id/1036543
http://www.securitytracker.com/id/1036544
http://www.securitytracker.com/id/1036545
http://www.vmware.com/security/advisories/VMSA-2016-0010.html

NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-5331
CWE	https://cwe.mitre.org/data/definitions/93.html

Improper Neutralization of CRLF Sequences ('CRLF Injection')

Weakness

Affected Software

Potential Mitigations

Related Attack Patterns

References