CVE-2008-7161

Fortinet FortiGuard Fortinet FortiGate-1000 3.00 build 040075,070111 allows remote attackers to bypass URL filtering via fragmented GET or POST requests that use HTTP/1.0 without the Host header.  NOTE: this issue might be related to CVE-2005-3058.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 81%
VendorProductVersion
fortinetfortigate-1000
3.00
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/archive/1/485794/100/200/threaded
http://www.securityfocus.com/archive/1/485813/100/200/threaded
http://www.securityfocus.com/bid/27276
https://exchange.xforce.ibmcloud.com/vulnerabilities/39684
http://www.securityfocus.com/archive/1/485794/100/200/threaded
http://www.securityfocus.com/archive/1/485813/100/200/threaded
http://www.securityfocus.com/bid/27276
https://exchange.xforce.ibmcloud.com/vulnerabilities/39684