Vulnerability Description
Fortinet FortiGuard Fortinet FortiGate-1000 3.00 build 040075,070111 allows remote attackers to bypass URL filtering via fragmented GET or POST requests that use HTTP/1.0 without the Host header. NOTE: this issue might be related to CVE-2005-3058.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Fortinet | Fortigate-1000 | 3.00 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/archive/1/485794/100/200/threaded
- http://www.securityfocus.com/archive/1/485813/100/200/threaded
- http://www.securityfocus.com/bid/27276Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39684
- http://www.securityfocus.com/archive/1/485794/100/200/threaded
- http://www.securityfocus.com/archive/1/485813/100/200/threaded
- http://www.securityfocus.com/bid/27276Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39684
FAQ
What is CVE-2008-7161?
CVE-2008-7161 is a vulnerability with a CVSS score of 7.5 (HIGH). Fortinet FortiGuard Fortinet FortiGate-1000 3.00 build 040075,070111 allows remote attackers to bypass URL filtering via fragmented GET or POST requests that use HTTP/1.0 without the Host header. NOT...
How severe is CVE-2008-7161?
CVE-2008-7161 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-7161?
Check the references section above for vendor advisories and patch information. Affected products include: Fortinet Fortigate-1000.