mime_header.cc in Squid prior to 3.5.18 allows remote malicious users to bypass intended same-origin restrictions and possibly conduct cache-poisoning attacks via a crafted HTTP Host header, aka a "header smuggling" issue.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
oracle linux 7 |
||
oracle linux 6 |
||
squid-cache squid |
||
canonical ubuntu linux 14.04 |
||
canonical ubuntu linux 12.04 |
||
canonical ubuntu linux 16.04 |
||
canonical ubuntu linux 15.10 |