HTTP: Invalid Duplicate Header
This anomaly triggers when it detects two consecutive HTTP headers in a request. Attackers can be attempting to trick the Web server into parsing the request incorrectly and producing an incorrect Web server state. This condition can indicate your system in under attack.
Extended Description
A remote unspecified vulnerability reportedly affects Squid Proxy. This issue is due to the application's failure to properly handle malformed HTTP headers. The impact of this issue is currently unknown. This BID will be updated when more information becomes available.
Affected Products
Squid web_proxy_cache
References
BugTraq: 12412
CVE: CVE-2005-1215
URL: http://www.faqs.org/rfcs/rfc2616.html http://www.w3.org/Protocols/rfc1945/rfc1945
Short Name
HTTP:INVALID:DUPLICATE-HEADER
Severity
Minor
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
CVE-2005-0174 CVE-2005-1215 HTTP bid:12412 double header
Release Date
11/07/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3577
False Positive
Occasionally
Vendors
Red_hat
Suse
Squid
Turbolinux
Sgi
Astaro
CVSS Score
7.5
5.0