CVE-2015-8400

Published: Jan 12, 2016

Modified: Aug 6, 2024

PUBLISHED

Description

The HTTPS fallback implementation in Shell In A Box (aka shellinabox) before 2.19 makes it easier for remote attackers to conduct DNS rebinding attacks via the "/plain" URL.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/shellinabox/shellinabox/releases/tag/v2.19

x_refsource_CONFIRM

FEDORA-2015-463143720f

vendor-advisory

x_refsource_FEDORA

[oss-security] 20151202 Re: shellinabox - DNS rebinding attack due to HTTP fallback

mailing-list

x_refsource_MLIST

FEDORA-2015-1c773e8702

vendor-advisory

x_refsource_FEDORA

https://github.com/shellinabox/shellinabox/issues/355

x_refsource_CONFIRM

[oss-security] 20151202 shellinabox - DNS rebinding attack due to HTTP fallback

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2015-8400

Description

Affected Products

References