24 Avr 2016
CVE-2015-8852 Vulnerability
Varnish 3.x before 3.0.7, when used in certain stacked installations, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a header line terminated by a \r (carriage return) character in conjunction with multiple Content-Length headers in an HTTP request. (CVSS:5.0) (Last Update:2016-05-06)
Vulnerability Details : Varnish 3.x before 3.0.7, when used in certain stacked installations, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a header line terminated by a \r (carriage return) character in conjunction with multiple Content-Length headers in an HTTP request. Publish Date : 2016-04-25 Last Update Date : 2016-05-06 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2015-8852
- Number Of Affected Versions By Product
- References For CVE-2015-8852
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2015-8852There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |