CVE-2008-7161 – Fortinet Fortigate - CRLF Characters URL Filtering Bypass

https://notcve.org/view.php?id=CVE-2008-7161

04 Sep 2009 — Fortinet FortiGuard Fortinet FortiGate-1000 3.00 build 040075,070111 allows remote attackers to bypass URL filtering via fragmented GET or POST requests that use HTTP/1.0 without the Host header. NOTE: this issue might be related to CVE-2005-3058. Fortinet FortiGuard Fortinet FortiGate-1000 v3.00 build 040075,070111 permite a atacantes remotos evitar el filtrado URL a través de una petición GET o POST fragmentada que utiliza HTTP/1.0 sin la cabecera Host. Nota: este caso podría estar relacionado con CVE-200... • https://www.exploit-db.com/exploits/31026 • CWE-264: Permissions, Privileges, and Access Controls •