Files
Nagalakshmi Veeramallu ca3fbcd57d CVE-2018-11652 nikto: arbitray OS command injection via http server field.
CSV Injection vulnerability in Nikto 2.1.6 and earlier allows remote attackers
to inject arbitrary OS commands via the Server field in an HTTP response header,
 which is directly injected into a CSV report.

Signed-off-by: Nagalakshmi Veeramallu <nveeramallu@mvista.com>
Reviewed-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
2018-07-03 15:35:17 -07:00
..
2013-07-10 16:41:44 +03:00