Lucene search
Eclipse Jetty HTTP Header Vulnerability (GHSA-hmr7-m48g-48f6) - Linux
🗓️ 19 Sep 2023 00:00:00Reported by Copyright (C) 2023 Greenbone AGType 
openvas🔗 plugins.openvas.org👁 23 Views
Eclipse Jetty HTTP Header Vulnerability, fix availabl
Show more
| Reporter | Title | Published | Views | Family All 112 |
|---|---|---|---|---|
 | CVE-2023-40167 | 15 Sep 202320:15 | – | osv |
| CGA-VQPM-QWJ8-MFQ5 | 6 Jun 202412:29 | – | osv |
| GHSA-HMR7-M48G-48F6 Jetty accepts "+" prefixed value in Content-Length | 14 Sep 202316:17 | – | osv |
| CGA-J3H8-74JW-2W8W | 6 Jun 202412:28 | – | osv |
| UBUNTU-CVE-2023-40167 | 15 Sep 202320:15 | – | osv |
| DLA-3592-1 jetty9 - security update | 30 Sep 202300:00 | – | osv |
| DSA-5507-1 jetty9 - security update | 28 Sep 202300:00 | – | osv |
| OPENSUSE-SU-2024:13329-1 jetty-annotations-9.4.53-1.1 on GA media | 15 Jun 202400:00 | – | osv |
| SUSE-SU-2023:4210-1 Security update for jetty-minimal | 26 Oct 202308:26 | – | osv |
| RHSA-2024:0797 Red Hat Security Advisory: Satellite 6.14.2 Async Security Update | 30 Sep 202407:12 | – | osv |
10
# SPDX-FileCopyrightText: 2023 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
CPE = "cpe:/a:eclipse:jetty";
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.151001");
script_version("2024-06-11T05:05:40+0000");
script_tag(name:"last_modification", value:"2024-06-11 05:05:40 +0000 (Tue, 11 Jun 2024)");
script_tag(name:"creation_date", value:"2023-09-19 04:32:31 +0000 (Tue, 19 Sep 2023)");
script_tag(name:"cvss_base", value:"5.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:P/A:N");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2023-09-20 20:20:00 +0000 (Wed, 20 Sep 2023)");
script_cve_id("CVE-2023-40167");
script_tag(name:"qod_type", value:"remote_banner_unreliable");
script_tag(name:"solution_type", value:"VendorFix");
script_name("Eclipse Jetty HTTP Header Vulnerability (GHSA-hmr7-m48g-48f6) - Linux");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2023 Greenbone AG");
script_family("Web Servers");
script_dependencies("gb_jetty_http_detect.nasl", "os_detection.nasl");
script_mandatory_keys("jetty/detected", "Host/runs_unixoide");
script_tag(name:"summary", value:"Eclipse Jetty is prone to an HTTP header vulnerability.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
script_tag(name:"insight", value:"Jetty accepts the '+' character proceeding the content-length
value in a HTTP/1 header field. This is more permissive than allowed by the RFC and other servers
routinely reject such requests with 400 responses. There is no known exploit scenario, but it is
conceivable that request smuggling could result if jetty is used in combination with a server
that does not close the connection after sending such a 400 response.");
script_tag(name:"affected", value:"Eclipse Jetty version 9.0.0 through 9.4.51, 10.0.0 through
10.0.15, 11.0.0 through 11.0.15 and version 12.0.0.");
script_tag(name:"solution", value:"Update to version 9.4.52, 10.0.16, 11.0.16, 12.0.1 or later.");
script_xref(name:"URL", value:"https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6");
exit(0);
}
include("host_details.inc");
include("version_func.inc");
if (!port = get_app_port(cpe: CPE))
exit(0);
if (!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))
exit(0);
version = infos["version"];
location = infos["location"];
if (version_in_range_exclusive(version: version, test_version_lo: "9.0.0", test_version_up: "9.4.52")) {
report = report_fixed_ver(installed_version: version, fixed_version: "9.4.52", install_path: location);
security_message(port: port, data: report);
exit(0);
}
if (version_in_range_exclusive(version: version, test_version_lo: "10.0.0", test_version_up: "10.0.16")) {
report = report_fixed_ver(installed_version: version, fixed_version: "10.0.16", install_path: location);
security_message(port: port, data: report);
exit(0);
}
if (version_in_range_exclusive(version: version, test_version_lo: "11.0.0", test_version_up: "11.0.16")) {
report = report_fixed_ver(installed_version: version, fixed_version: "11.0.16", install_path: location);
security_message(port: port, data: report);
exit(0);
}
if (version_is_equal(version: version, test_version: "12.0.0")) {
report = report_fixed_ver(installed_version: version, fixed_version: "12.0.1", install_path: location);
security_message(port: port, data: report);
exit(0);
}
exit(99);
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo19 Sep 2023 00:00Current
6.3Medium risk
Vulners AI Score6.3
CVSS35.3
EPSS0.03921
SSVC