[CVE] HTTP Smuggling issues: Double Content Length and bad EOL
Bug #1709153 reported by
Simon Quigley
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
varnish (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Trusty |
Fix Released
|
Undecided
|
Simon Quigley |
Bug Description
Varnish 3.x before 3.0.7, when used in certain stacked installations, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a header line terminated by a \r (carriage return) character in conjunction with multiple Content-Length headers in an HTTP request.
This is tracked in CVE-2015-8852.
CVE References
information type: | Public → Public Security |
Changed in varnish (Ubuntu): | |
status: | New → Fix Released |
Changed in varnish (Ubuntu Trusty): | |
status: | New → In Progress |
assignee: | nobody → Simon Quigley (tsimonq2) |
summary: |
- HTTP Smuggling issues: Double Content Length and bad EOL + [CVE] HTTP Smuggling issues: Double Content Length and bad EOL |
Changed in varnish (Ubuntu Trusty): | |
status: | In Progress → Fix Committed |
To post a comment you must log in.
Attached is a debdiff for Trusty applicable to 3.0.5-2.