PT-2011-34: HTTP Response Splitting in Citrix XenServer Web Self Service

Vulnerable software

Citrix XenServer Web Self Service
Version: 1.1 and earlier


Severity level

Severity level: Medium
Impact: HTTP Response Splitting
Access Vector: Remote

CVSS v2:
Base Score: 4.3
Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVE: not assigned


Vulnerability description

The specialists of the Positive Research center have detected "HTTP Response Splitting" vulnerability in Citrix XenServer Web Self Service.

GET parameter page of the login page allows one to insert an arbitrary HTTP header into the server response.

How to fix

Update your software up to the latest version

Advisory status

10.11.2011 - Vendor is notified
10.11.2011 - Vendor gets vulnerability details
10.03.2012 - Vendor releases fixed version and details
28.09.2012 - Public disclosure


The vulnerability has discovered by Maxim Tsoy, Positive Research Center (Positive Technologies Company)


Reports on the vulnerabilities previously discovered by Positive Research: