CVE-2005-3751 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2005-3751 Interim 1 4 2023-12-09T02:20:16Z current 2021-05-30T12:34:15Z 2023-12-09T02:20:16Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2005-3751 HTTP request smuggling vulnerability in Pound before 1.9.4 allows remote attackers to poison web caches, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with conflicting Content-length and Transfer-encoding headers. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/CKZ2OYI74TXD37KVSNPDOGRS2FZR7RDC/#CKZ2OYI74TXD37KVSNPDOGRS2FZR7RDC E-Mail link for SUSE-SR:2006:011 https://www.suse.com/support/security/rating/ SUSE Security Ratings HTTP request smuggling vulnerability in Pound before 1.9.4 allows remote attackers to poison web caches, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with conflicting Content-length and Transfer-encoding headers. CVE-2005-3751 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N