Lucene search

CVE-2015-8400

🗓️ 12 Jan 2016 19:10:59Reported by mitreType

The HTTPS fallback implementation in Shell In A Box before 2.19 facilitates DNS rebinding attacks

Reporter	Title	Published	Views	Family All 12
Tenable Nessus	Fedora 23 : shellinabox-2.19-1.fc23 (2015-1c773e8702)	4 Mar 201600:00	–	nessus
Tenable Nessus	Fedora 22 : shellinabox-2.19-1.fc22 (2015-463143720f)	4 Mar 201600:00	–	nessus
Tenable Nessus	openSUSE Security Update : shellinabox (openSUSE-2016-1501)	22 Dec 201600:00	–	nessus
OpenVAS	Fedora Update for shellinabox FEDORA-2015-463143720	8 Jan 201600:00	–	openvas
OpenVAS	Fedora Update for shellinabox FEDORA-2015-1	8 Jan 201600:00	–	openvas
Fedora	[SECURITY] Fedora 23 Update: shellinabox-2.19-1.fc23	7 Jan 201620:00	–	fedora
Fedora	[SECURITY] Fedora 22 Update: shellinabox-2.19-1.fc22	8 Jan 201603:37	–	fedora
Debian CVE	CVE-2015-8400	12 Jan 201619:59	–	debiancve
UbuntuCve	CVE-2015-8400	12 Jan 201600:00	–	ubuntucve
Cvelist	CVE-2015-8400	12 Jan 201619:00	–	cvelist

Nvd

Node

fedoraproject fedoraMatch22

fedoraproject fedoraMatch23

Node

shellinabox_project shellinaboxRange≤2.18

Source	Link
github	www.github.com/shellinabox/shellinabox/releases/tag/v2.19
lists	www.lists.fedoraproject.org/pipermail/package-announce/2016-January/175224.html
lists	www.lists.fedoraproject.org/pipermail/package-announce/2016-January/175117.html
openwall	www.openwall.com/lists/oss-security/2015/12/02/7
github	www.github.com/shellinabox/shellinabox/issues/355
openwall	www.openwall.com/lists/oss-security/2015/12/02/6

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

12 Jan 2016 19:59Current

7.2High risk

Vulners AI Score7.2

CVSS24.3

CVSS37.4

EPSS0.00578

CWE-254

cve-2015-8400 shell in a box https dns rebinding security vulnerability remote attack