CVE-2015-8400

Опубликовано: 12 янв. 2016

Источник: debian

EPSS Низкий

Описание

The HTTPS fallback implementation in Shell In A Box (aka shellinabox) before 2.19 makes it easier for remote attackers to conduct DNS rebinding attacks via the "/plain" URL.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
shellinabox	fixed	2.19		package
shellinabox	no-dsa		jessie	package
shellinabox	no-dsa		wheezy	package

Примечания

https://www.openwall.com/lists/oss-security/2015/12/02/6

EPSS

Процентиль: 68%

0.00556

Низкий

Связанные уязвимости

CVE-2015-8400

CVSS3: 7.4

ubuntu

около 10 лет назад

The HTTPS fallback implementation in Shell In A Box (aka shellinabox) before 2.19 makes it easier for remote attackers to conduct DNS rebinding attacks via the "/plain" URL.

CVE-2015-8400

CVSS3: 7.4

nvd

около 10 лет назад

The HTTPS fallback implementation in Shell In A Box (aka shellinabox) before 2.19 makes it easier for remote attackers to conduct DNS rebinding attacks via the "/plain" URL.

openSUSE-SU-2016:3215-1

suse-cvrf

около 9 лет назад

Security update for shellinabox

GHSA-56hv-7v48-w28m

CVSS3: 7.4

github

больше 3 лет назад

The HTTPS fallback implementation in Shell In A Box (aka shellinabox) before 2.19 makes it easier for remote attackers to conduct DNS rebinding attacks via the "/plain" URL.

EPSS

Процентиль: 68%

0.00556

Низкий