Bug 156699 - CAN-2005-1389 HTTP Response Splitting Vulnerabilities
CAN-2005-1389 HTTP Response Splitting Vulnerabilities
Status: CLOSED DUPLICATE of bug 146161
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: squid (Show other bugs)
All Linux
medium Severity low
: ---
: ---
Assigned To: Jay Fenlason
: Security
Depends On:
  Show dependency treegraph
Reported: 2005-05-03 10:33 EDT by Josh Bressers
Modified: 2014-08-31 19:27 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2005-05-06 11:34:46 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Josh Bressers 2005-05-03 10:33:25 EDT
Squid is susceptible to a class of attacks known as "HTTP Response
Splitting."  These attacks involve tricking servers into sending
malformed or unexpected HTTP responses by exploiting weaknesses
in input validation on dynamic pages. This may in some situations
lead to cache poisoning.

Comment 1 Josh Bressers 2005-05-03 10:39:49 EDT
This issue should also affect RHEL2.1 and RHEL3
Comment 2 Josh Bressers 2005-05-06 11:34:46 EDT

*** This bug has been marked as a duplicate of 146161 ***

Note You need to log in before you can comment on or make changes to this bug.