4.3

CVE-2005-3751

EPSS 1.77%
Veröffentlicht 22.11.2005 20:03:00
Zuletzt bearbeitet 16.04.2026 00:27:16
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

HTTP request smuggling vulnerability in Pound before 1.9.4 allows remote attackers to poison web caches, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with conflicting Content-length and Transfer-encoding headers.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 11

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Apsis ≫ Pound Version <= 1.9.3

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.77%	0.81

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://secunia.com/advisories/18381

Vendor Advisory

http://www.debian.org/security/2005/dsa-934

http://secunia.com/advisories/18367

Vendor Advisory

http://secunia.com/advisories/20215

Vendor Advisory

http://secunia.com/advisories/20510

Vendor Advisory

http://www.apsis.ch/pound/pound_list/archive/2005/2005-10/1129827166000/index_html?fullMode=1#1129827166000

http://www.gentoo.org/security/en/glsa/glsa-200606-05.xml

http://www.novell.com/linux/security/advisories/2006_05_19.html

https://nvd.nist.gov/vuln/detail/CVE-2005-3751

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-3751

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-3751

EUVD