Pound is vulnerable to HTTP request smuggling, which could be exploited to bypass security restrictions or poison web caches.
|Package||www-servers/pound on all architectures|
|Affected versions||< 2.0.5|
|Unaffected versions||>= 2.0.5, revision >= 1.10, revision >= 1.9.4|
Pound is a reverse proxy, load balancer and HTTPS front-end. It allows to distribute the load on several web servers and offers a SSL wrapper for web servers that do not support SSL directly.
Pound fails to handle HTTP requests with conflicting "Content-Length" and "Transfer-Encoding" headers correctly.
An attacker could exploit this vulnerability by sending HTTP requests with specially crafted "Content-Length" and "Transfer-Encoding" headers to bypass certain security restrictions or to poison the web proxy cache.
There is no known workaround at this time.
All Pound users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose www-servers/pound
June 07, 2006
November 24, 2006: 03