Vulnerabilities > CVE-2011-3596 - Reachable Assertion vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
Polipo before 1.0.4.1 suffers from a DoD vulnerability via specially-crafted HTTP POST / PUT request.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Exploit-Db
description | Polipo 1.0.4.1 POST/PUT Requests HTTP Header Processing Denial Of Service Vulnerability. CVE-2011-3596. Dos exploits for multiple platform |
id | EDB-ID:36198 |
last seen | 2016-02-04 |
modified | 2011-10-01 |
published | 2011-10-01 |
reporter | Usman Saeed |
source | https://www.exploit-db.com/download/36198/ |
title | Polipo 1.0.4.1 POST/PUT Requests HTTP Header Processing Denial Of Service Vulnerability |
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2012-0840.NASL description - add daily cache cleanup - fix missing creation of /var/run directory (bz #755198) - make sure log directory context is set correctly (bz #741779) - fix denial of service vulnerability CVE-2011-3596 (bz #742897) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2012-02-02 plugin id 57783 published 2012-02-02 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/57783 title Fedora 16 : polipo-1.0.4.1-6.fc16 (2012-0840) NASL family Fedora Local Security Checks NASL id FEDORA_2012-0849.NASL description - add daily cache cleanup - fix missing creation of /var/run directory (bz #755198) - make sure log directory context is set correctly (bz #741779) - fix denial of service vulnerability CVE-2011-3596 (bz #742897) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2012-02-02 plugin id 57784 published 2012-02-02 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/57784 title Fedora 15 : polipo-1.0.4.1-6.fc15 (2012-0849)
References
- https://access.redhat.com/security/cve/cve-2011-3596
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=644289
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3596
- https://security-tracker.debian.org/tracker/CVE-2011-3596
- https://access.redhat.com/security/cve/cve-2011-3596
- https://security-tracker.debian.org/tracker/CVE-2011-3596
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3596
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=644289