[原文]SAP Web Application Server (WebAS) Kernel before 7.0 allows remote attackers to inject arbitrary bytes into the HTTP response and obtain sensitive authentication information, or have other impacts, via a ";%20" followed by encoded HTTP headers.
Arnold Grossmann <email@example.com> is credited with the discovery of this vulnerability.
SAP Web Application Server 7.0
SAP Web Application Server 6.40
SAP Web Application Server 6.20
SAP Web Application Server 6.10
SAP Web Application Server is prone to an input-validation vulnerability that results in HTTP response-splitting attacks. This issue is due to a failure in the application to properly sanitize user-supplied input.
A remote attacker may exploit this vulnerability to influence or misrepresent how web content is served, cached, or interpreted. This could aid in various attacks that attempt to entice client users into a false sense of trust.
Attackers use a web browser to exploit this issue.