CVE-2015-8400

Опубликовано: 12 янв. 2016

Источник: ubuntu

Приоритет: low

CVSS2: 4.3

CVSS3: 7.4

Описание

The HTTPS fallback implementation in Shell In A Box (aka shellinabox) before 2.19 makes it easier for remote attackers to conduct DNS rebinding attacks via the "/plain" URL.

Релиз	Статус	Примечание
devel	not-affected
esm-apps/xenial	not-affected	2.19
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was released [2.14-1ubuntu0.1]]
precise	DNE
trusty	released	2.14-1ubuntu0.1
trusty/esm	DNE	trusty was released [2.14-1ubuntu0.1]
upstream	needs-triage
vivid	ignored	end of life
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE

Показывать по

Ссылки на источники

4.3 Medium

CVSS2

7.4 High

CVSS3

Связанные уязвимости

CVE-2015-8400

CVSS3: 7.4

nvd

около 10 лет назад

The HTTPS fallback implementation in Shell In A Box (aka shellinabox) before 2.19 makes it easier for remote attackers to conduct DNS rebinding attacks via the "/plain" URL.

CVE-2015-8400

CVSS3: 7.4

debian

около 10 лет назад

The HTTPS fallback implementation in Shell In A Box (aka shellinabox) ...

openSUSE-SU-2016:3215-1

suse-cvrf

около 9 лет назад

Security update for shellinabox

GHSA-56hv-7v48-w28m

CVSS3: 7.4

github

больше 3 лет назад

The HTTPS fallback implementation in Shell In A Box (aka shellinabox) before 2.19 makes it easier for remote attackers to conduct DNS rebinding attacks via the "/plain" URL.

4.3 Medium

CVSS2

7.4 High

CVSS3

CVE-2015-8400

Описание

Пакет shellinabox

Ссылки на источники

Связанные уязвимости