Buffer overflow in the add_port function in APSIS Pound 1.8.2 and previous versions allows remote malicious users to execute arbitrary code via a long Host HTTP header.
Two vulnerabilities have been discovered in Pound, a reverse proxy and
load balancer for HTTP The Common Vulnerabilities and Exposures project
identifies the following problems:
CVE-2005-1391:
Overly long HTTP Host: headers may trigger a buffer overflow in the
add_port() function, which may lead to the execution of arbitrary
code
...