You are here

PHP: sapi_header_op() %0D sequence handling security bypass

IDs: 
CVE-2011-1398, CB-K13/1037
Keywords: 
PHP, response-splitting
Description: 

The HTTP response-splitting protection mechanism in certain versions of PHP can be circumvented by using the carriage return control character %0d [1].

Airlock is not affected because PHP is not used in Airlock.

Resolution: 

Airlock protects back-ends with it's own HTTP response splitting deny rule which considers both, carriage return (%0D) and new line (%0A) control characters.

Component: 
Airlock
Airlock Vulnerability Status: 
Does not affect Airlock
Back-end Vulnerability Status: 
Does not affect back-end behind Airlock