Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-0881

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2015-0881
Last Modified 04 Mar 2015 12:13:07
Published 20 Feb 2015 06:59:04
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2015-0881

Summary

CRLF injection vulnerability in Squid before 3.1.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted header in a response.

Vulnerable Systems

Application

  • Squid-cache Squid 3.1.0.18

  • Squid-cache Squid 3.1.9


References

JVNDB - JVNDB-2015-000019

JVN - JVN#64455813


Last Updated: 27 May 2016 11:07:58