3 matches found
CVE-2009-3287
lib/thin/connection.rb in Thin web server before 1.2.4 relies on the X-Forwarded-For header to determine the IP address of the client, which allows remote attackers to spoof the IP address and hide activities via a modified X-Forwarded-For header...
CVE-2009-3287
lib/thin/connection.rb in Thin web server before 1.2.4 relies on the X-Forwarded-For header to determine the IP address of the client, which allows remote attackers to spoof the IP address and hide activities via a modified X-Forwarded-For header...
CVE-2009-3287
CVE-2009-3287 affects Thin (lib/thin/connection.rb) prior to 1.2.4. The root cause is reliance on the X-Forwarded-For header to determine the client IP, allowing remote attackers to spoof the IP address and hide activities via a modified header. Impact is described as partial confidentiality, int...