HTTP request smuggling vulnerability in Pound before 1.9.4 allows remote attackers to poison web caches, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with conflicting Content-length and Transfer-encoding headers.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2005-11-22T20:00:00
Updated: 2006-01-12T10:00:00
Reserved: 2005-11-22T00:00:00
Link: CVE-2005-3751
JSON object: View
NVD Information
Status : Analyzed
Published: 2005-11-22T20:03:00.000
Modified: 2008-09-05T20:55:11.837
Link: CVE-2005-3751
JSON object: View
Redhat Information
No data.
CWE