Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3058


Vulnerability Score 7.5 7.5
CVE Id CVE-2005-3058
Last Modified 11 Oct 2011 12:00:00
Published 31 Dec 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Interpretation conflict in Fortinet FortiGate 2.8, running FortiOS 2.8MR10 and v3beta, allows remote attackers to bypass the URL blocker via an (1) HTTP request terminated with a line feed (LF) and not carriage return line feed (CRLF) or (2) HTTP request with no Host field, which is still processed by most web servers without violating RFC2616.

Vulnerable Systems

Operating System

  • Fortinet Fortios 2.8 Mr10

  • Fortinet Fortios 3 Beta


XF - fortinet-web-filter-bypass(24626)

VUPEN - ADV-2006-0539

BID - 16599

BUGTRAQ - 20060213 URL filter bypass in Fortinet


SECUNIA - 18844

Last Updated: 27 May 2016 10:40:47