Re: [Webappsec] Tacking A Difficult Problem - Solutions HTTP Response Splitting

[Amit Klein <aksecurity () gmail com>]

James Landis wrote:
> I tested local HTTPRS caching on whatever browsers were available in 
> July 2005 with no success. I can't imagine browsers are getting worse 
> about it than better, but I certainly wouldn't discourage anyone from 
> trying to make sure.

I'm sure I managed to do that in my lab, back in 2004, for IE6 SP1. And 
Alex/kuza55 published his results from experimenting with the issue in 
February 2007 
(http://kuza55.blogspot.com/2007/02/http-response-splitting-attacks-without.html), 
where he says he poisoned the cache of IE (I suppose IE6 SP2) and Opera8.

Perhaps I can try to help you to reproduce HTTP Response Splitting -> 
browser cache poisoning?

-Amit

-------------------------------------------------------------------------
Sponsored by: Watchfire

Cross-Site Scripting (XSS) is one of the most common application-level 
attacks that hackers use to sneak into web applications today. This 
whitepaper will discuss how traditional XSS attacks are performed, how to 
secure your site against these attacks and check if your site is protected. 
Cross-Site Scripting Explained - Download this whitepaper today!

https://www.watchfire.com/securearea/whitepapers.aspx?id=701500000008fHA
--------------------------------------------------------------------------