What is the severity of CVE-2005-3058?

CVE-2005-3058 is considered a medium severity vulnerability due to its potential to allow remote attackers to bypass URL filters.

How do I fix CVE-2005-3058?

To fix CVE-2005-3058, upgrade FortiOS to a version that is not affected, such as any version after 2.8MR10 and 3beta.

Who is affected by CVE-2005-3058?

CVE-2005-3058 affects users running Fortinet FortiGate version 2.8 and FortiOS versions 2.8MR10 and 3beta.

What types of requests can exploit CVE-2005-3058?

CVE-2005-3058 can be exploited through HTTP requests that either terminate with a line feed (LF) or lack a Host field.

What are the potential impacts of CVE-2005-3058?

The potential impact of CVE-2005-3058 includes the bypassing of URL blocking measures, which could lead to unauthorized access to harmful content.

Vulnerability/
CVE-2005-3058

high

7.5

CWE

264

31/12/2005

14/2/2006

7/8/2024

CVE-2005-3058

First published: Sat Dec 31 2005(Updated: )

Interpretation conflict in Fortinet FortiGate 2.8, running FortiOS 2.8MR10 and v3beta, allows remote attackers to bypass the URL blocker via an (1) HTTP request terminated with a line feed (LF) and not carriage return line feed (CRLF) or (2) HTTP request with no Host field, which is still processed by most web servers without violating RFC2616.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Fortinet FortiOS IPS Engine	<=2.8_mr10
Fortinet FortiOS IPS Engine	<=3_beta
Fortinet Fortigate	=2.8

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2005-3058?
CVE-2005-3058 is considered a medium severity vulnerability due to its potential to allow remote attackers to bypass URL filters.
How do I fix CVE-2005-3058?
To fix CVE-2005-3058, upgrade FortiOS to a version that is not affected, such as any version after 2.8MR10 and 3beta.
Who is affected by CVE-2005-3058?
CVE-2005-3058 affects users running Fortinet FortiGate version 2.8 and FortiOS versions 2.8MR10 and 3beta.
What types of requests can exploit CVE-2005-3058?
CVE-2005-3058 can be exploited through HTTP requests that either terminate with a line feed (LF) or lack a Host field.
What are the potential impacts of CVE-2005-3058?
The potential impact of CVE-2005-3058 includes the bypassing of URL blocking measures, which could lead to unauthorized access to harmful content.

agent/type
agent/softwarecombine
agent/first-publish-date
agent/references
agent/author
agent/severity
agent/weakness
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
agent/source
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/fortinet
canonical/fortinet fortios ips engine
version/fortinet fortios ips engine/2.8_mr10
version/fortinet fortios ips engine/3_beta
canonical/fortinet fortigate
version/fortinet fortigate/2.8

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.