*** This bug is a security vulnerability *** Public security bug reported:
Varnish 3.x before 3.0.7, when used in certain stacked installations, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a header line terminated by a \r (carriage return) character in conjunction with multiple Content-Length headers in an HTTP request. This is tracked in CVE-2015-8852. ** Affects: varnish (Ubuntu) Importance: Undecided Status: Fix Released ** Affects: varnish (Ubuntu Trusty) Importance: Undecided Assignee: Simon Quigley (tsimonq2) Status: In Progress ** Information type changed from Public to Public Security ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2015-8852 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1709153 Title: [CVE] HTTP Smuggling issues: Double Content Length and bad EOL To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/varnish/+bug/1709153/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs