CVE-2009-4086

Name of the Vulnerable Software and Affected Versions Xerver HTTP Server versions 4.31 through 4.32

Description A CRLF injection issue allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via certain byte sequences at the end of a URL.

Recommendations For versions 4.31 and 4.32, consider restricting access to certain URL sequences to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.