Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2015-8400

Published: 12/01/2016 Updated: 20/01/2016
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 7.4 | Impact Score: 4 | Exploitability Score: 2.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Fedoraproject

Vulnerability Summary

The HTTPS fallback implementation in Shell In A Box (aka shellinabox) prior to 2.19 makes it easier for remote malicious users to conduct DNS rebinding attacks via the "/plain" URL.

Vulnerable Product Search on Vulmon Subscribe to Product

fedoraproject fedora 22

fedoraproject fedora 23

shellinabox project shellinabox

References

CWE-254https://github.com/shellinabox/shellinabox/releases/tag/v2.19http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175117.htmlhttp://www.openwall.com/lists/oss-security/2015/12/02/7http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175224.htmlhttp://www.openwall.com/lists/oss-security/2015/12/02/6https://github.com/shellinabox/shellinabox/issues/355https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322CVE-2006-4304wirelessCVE-2023-23022local file inclusionCVE-2024-27058CVE-2024-33820open redirectCVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook