Vulnerabilities > CVE-2011-3596 - Reachable Assertion vulnerability in multiple products

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

nessus

exploit available

NVD

Published: 2019-11-26

Updated: 2019-12-04

Summary

Polipo before 1.0.4.1 suffers from a DoD vulnerability via specially-crafted HTTP POST / PUT request.

Part	Description	Count
Application	Polipo_Project Polipo Project Polipo 0.9.2 Polipo Project Polipo 0.9.3 Polipo Project Polipo 0.9.4 Polipo Project Polipo 0.9.5 Polipo Project Polipo 0.9.99.0 Polipo Project Polipo 0.9.99.1 Polipo Project Polipo 0.9.99.2 Polipo Project Polipo 1.0.0 Polipo Project Polipo 1.0.1 Polipo Project Polipo 1.0.2 Polipo Project Polipo 1.0.3 Polipo Project Polipo 1.0.4	12
OS	Debian Debian Debian Linux 8.0 Debian Debian Linux 9.0 Debian Debian Linux 10	3

description	Polipo 1.0.4.1 POST/PUT Requests HTTP Header Processing Denial Of Service Vulnerability. CVE-2011-3596. Dos exploits for multiple platform
id	EDB-ID:36198
last seen	2016-02-04
modified	2011-10-01
published	2011-10-01
reporter	Usman Saeed
source	https://www.exploit-db.com/download/36198/
title	Polipo 1.0.4.1 POST/PUT Requests HTTP Header Processing Denial Of Service Vulnerability

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2012-0840.NASL
description	- add daily cache cleanup - fix missing creation of /var/run directory (bz #755198) - make sure log directory context is set correctly (bz #741779) - fix denial of service vulnerability CVE-2011-3596 (bz #742897) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-03-17
modified	2012-02-02
plugin id	57783
published	2012-02-02
reporter	This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/57783
title	Fedora 16 : polipo-1.0.4.1-6.fc16 (2012-0840)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2012-0849.NASL
description	- add daily cache cleanup - fix missing creation of /var/run directory (bz #755198) - make sure log directory context is set correctly (bz #741779) - fix denial of service vulnerability CVE-2011-3596 (bz #742897) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-03-17
modified	2012-02-02
plugin id	57784
published	2012-02-02
reporter	This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/57784
title	Fedora 15 : polipo-1.0.4.1-6.fc15 (2012-0849)