Vulnerability Description
SurfControl SuperScout only filters packets containing both an HTTP GET request and a Host header, which allows local users to bypass filtering by fragmenting packets so that no packet contains both data elements.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Surfcontrol | Superscout Web Filter | All versions |
References
- http://securitytracker.com/id?1001801
- http://www.kb.cert.org/vuls/id/139315US Government Resource
- http://securitytracker.com/id?1001801
- http://www.kb.cert.org/vuls/id/139315US Government Resource
FAQ
What is CVE-2001-1465?
CVE-2001-1465 is a vulnerability with a CVSS score of 4.6 (MEDIUM). SurfControl SuperScout only filters packets containing both an HTTP GET request and a Host header, which allows local users to bypass filtering by fragmenting packets so that no packet contains both d...
How severe is CVE-2001-1465?
CVE-2001-1465 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2001-1465?
Check the references section above for vendor advisories and patch information. Affected products include: Surfcontrol Superscout Web Filter.