GLSA
Advocate
Joined: 12 May 2004
Posts: 2663
|
 Posted: Wed Jun 07, 2006 8:26 pm Post subject: [ GLSA 200606-05 ] Pound: HTTP request smuggling |
 |
|
Gentoo Linux Security Advisory
Title: Pound: HTTP request smuggling (GLSA 200606-05)
Severity: low
Exploitable: remote
Date: June 07, 2006
Updated: November 24, 2006
Bug(s): #118541
ID: 200606-05
Synopsis
Pound is vulnerable to HTTP request smuggling, which could be exploited to bypass security restrictions or poison web caches.
Background
Pound is a reverse proxy, load balancer and HTTPS front-end. It allows to distribute the load on several web servers and offers a SSL wrapper for web servers that do not support SSL directly.
Affected Packages
Package: www-servers/pound
Vulnerable: < 2.0.5
Unaffected: >= 2.0.5
Unaffected: >= 1.10 < 1.11
Unaffected: >= 1.9.4 < 1.9.5
Architectures: All supported architectures
Description
Pound fails to handle HTTP requests with conflicting "Content-Length" and "Transfer-Encoding" headers correctly.
Impact
An attacker could exploit this vulnerability by sending HTTP requests with specially crafted "Content-Length" and "Transfer-Encoding" headers to bypass certain security restrictions or to poison the web proxy cache.
Workaround
There is no known workaround at this time.
Resolution
All Pound users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose www-servers/pound |
References
CVE-2005-3751
Last edited by GLSA on Sat Nov 25, 2006 4:17 am; edited 4 times in total |
|
News & Announcements
