CVE-2005-3751
published 2005-11-22CVE-2005-3751: HTTP request smuggling vulnerability in Pound before 1.9.4 allows remote attackers to poison web caches, bypass web application firewall protection, and…
PriorityP418medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EPSS
1.47%
70.4th percentile
HTTP request smuggling vulnerability in Pound before 1.9.4 allows remote attackers to poison web caches, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with conflicting Content-length and Transfer-encoding headers.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apsis | pound | <= 1.9.3 | — |
| apsis | pound | <= 2.7 | — |
| apsis | pound | >= 0 < 1.9.4-1 | 1.9.4-1 |
| apsis | pound | >= 0 < 2.8-2 | 2.8-2 |
| apsis | pound | >= 0 < 1.9.4-1 | 1.9.4-1 |
| apsis | pound | >= 0 < 2.8-2 | 2.8-2 |
| apsis | pound | >= 0 < 1.9.4-1 | 1.9.4-1 |
| apsis | pound | >= 0 < 2.8-2 | 2.8-2 |
| debian | debian_linux | — | — |
| debian | pound | < pound 2.8-2 (bullseye) | pound 2.8-2 (bullseye) |
| debian | pound | < pound 1.9.4-1 (bullseye) | pound 1.9.4-1 (bullseye) |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
osv4.3MEDIUM
vendor_debian4.3LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-v3w2-x73g-vf6m: Apsis Pound before 2
ghsa_unreviewed·2022-05-13·CVSS 4.3
CVE-2016-10711 [MEDIUM] CWE-444 GHSA-v3w2-x73g-vf6m: Apsis Pound before 2
Apsis Pound before 2.8a allows request smuggling via crafted headers, a different vulnerability than CVE-2005-3751.
GHSA
GHSA-5349-pqgh-vm4f: HTTP request smuggling vulnerability in Pound before 1
ghsa_unreviewed·2022-05-01
CVE-2005-3751 [MEDIUM] GHSA-5349-pqgh-vm4f: HTTP request smuggling vulnerability in Pound before 1
HTTP request smuggling vulnerability in Pound before 1.9.4 allows remote attackers to poison web caches, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with conflicting Content-length and Transfer-encoding headers.
OSV
CVE-2016-10711: Apsis Pound before 2
osv·2018-01-29·CVSS 4.3
CVE-2016-10711 [MEDIUM] CVE-2016-10711: Apsis Pound before 2
Apsis Pound before 2.8a allows request smuggling via crafted headers, a different vulnerability than CVE-2005-3751.
OSV
CVE-2005-3751: HTTP request smuggling vulnerability in Pound before 1
osv·2005-11-22·CVSS 4.3
CVE-2005-3751 [MEDIUM] CVE-2005-3751: HTTP request smuggling vulnerability in Pound before 1
HTTP request smuggling vulnerability in Pound before 1.9.4 allows remote attackers to poison web caches, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with conflicting Content-length and Transfer-encoding headers.
Debian
CVE-2016-10711: pound - Apsis Pound before 2.8a allows request smuggling via crafted headers, a differen...
vendor_debian·2016·CVSS 4.3
CVE-2016-10711 [MEDIUM] CVE-2016-10711: pound - Apsis Pound before 2.8a allows request smuggling via crafted headers, a differen...
Apsis Pound before 2.8a allows request smuggling via crafted headers, a different vulnerability than CVE-2005-3751.
Scope: local
bullseye: resolved (fixed in 2.8-2)
forky: resolved (fixed in 2.8-2)
sid: resolved (fixed in 2.8-2)
trixie: resolved (fixed in 2.8-2)
Debian
CVE-2005-3751: pound - HTTP request smuggling vulnerability in Pound before 1.9.4 allows remote attacke...
vendor_debian·2005·CVSS 4.3
CVE-2005-3751 [MEDIUM] CVE-2005-3751: pound - HTTP request smuggling vulnerability in Pound before 1.9.4 allows remote attacke...
HTTP request smuggling vulnerability in Pound before 1.9.4 allows remote attackers to poison web caches, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with conflicting Content-length and Transfer-encoding headers.
Scope: local
bullseye: resolved (fixed in 1.9.4-1)
forky: resolved (fixed in 1.9.4-1)
sid: resolved (fixed in 1.9.4-1)
trixie: resolved (fixed in 1.9.4-1)
No detection rules found.
No public exploits indexed.
http://secunia.com/advisories/18367http://secunia.com/advisories/18381http://secunia.com/advisories/20215http://secunia.com/advisories/20510http://www.apsis.ch/pound/pound_list/archive/2005/2005-10/1129827166000/index_html?fullMode=1#1129827166000http://www.debian.org/security/2005/dsa-934http://www.gentoo.org/security/en/glsa/glsa-200606-05.xmlhttp://www.novell.com/linux/security/advisories/2006_05_19.htmlhttp://secunia.com/advisories/18367http://secunia.com/advisories/18381http://secunia.com/advisories/20215http://secunia.com/advisories/20510http://www.apsis.ch/pound/pound_list/archive/2005/2005-10/1129827166000/index_html?fullMode=1#1129827166000http://www.debian.org/security/2005/dsa-934http://www.gentoo.org/security/en/glsa/glsa-200606-05.xmlhttp://www.novell.com/linux/security/advisories/2006_05_19.html
2005-11-22
Published