CVE-2005-3751

HTTP request smuggling vulnerability in Pound before 1.9.4 allows remote attackers to poison web caches, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with conflicting Content-length and Transfer-encoding headers.

CVSS v2.0 4.3 MEDIUM

4.3^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://www.apsis.ch/pound/pound_list/archive/2005/2005-10/1129827166000/index_html?fullMode=1#1129827166000
http://www.debian.org/security/2005/dsa-934
http://secunia.com/advisories/18367	Vendor Advisory
http://secunia.com/advisories/18381	Vendor Advisory
http://www.novell.com/linux/security/advisories/2006_05_19.html
http://secunia.com/advisories/20215	Vendor Advisory
http://www.gentoo.org/security/en/glsa/glsa-200606-05.xml
http://secunia.com/advisories/20510	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:apsis:pound:*:*:*:*:*:*:*:*

Information

Published : 2005-11-22 12:03

Updated : 2008-09-05 13:55

NVD link : CVE-2005-3751

Mitre link : CVE-2005-3751

JSON object : View

CWE

NVD-CWE-Other

Products Affected

apsis

pound

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.apsis.ch/pound/pound_list/archive/2005/2005-10/1129827166000/index_html?fullMode=1#1129827166000", "name": "[pound-list] 20051020 ANNOUNCE: Pound - reverse proxy and load balancer - v1.9.4", "tags": [], "refsource": "MLIST"}, {"url": "http://www.debian.org/security/2005/dsa-934", "name": "DSA-934", "tags": [], "refsource": "DEBIAN"}, {"url": "http://secunia.com/advisories/18367", "name": "18367", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/18381", "name": "18381", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.novell.com/linux/security/advisories/2006_05_19.html", "name": "SUSE-SR:2006:011", "tags": [], "refsource": "SUSE"}, {"url": "http://secunia.com/advisories/20215", "name": "20215", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.gentoo.org/security/en/glsa/glsa-200606-05.xml", "name": "GLSA-200606-05", "tags": [], "refsource": "GENTOO"}, {"url": "http://secunia.com/advisories/20510", "name": "20510", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "HTTP request smuggling vulnerability in Pound before 1.9.4 allows remote attackers to poison web caches, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with conflicting Content-length and Transfer-encoding headers."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2005-3751", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "severity": "MEDIUM", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2005-11-22T20:03Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:apsis:pound:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "1.9.3"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2008-09-05T20:55Z"}

4.3 /10