Candidate: CVE-2013-7299
PublicDate: 2014-01-26 20:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7299
Description:
 framework/common/messageheaderparser.cpp in Tntnet before 2.2.1 allows
 remote attackers to obtain sensitive information via a header that ends in
 \n instead of \r\n, which prevents a null terminator from being added and
 causes Tntnet to include headers from other requests.
Ubuntu-Description:
Notes:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=735881
Priority: medium
Discovered-by: Matthew Daley
Assigned-to:
CVSS: 

Patches_tntnet:
 upstream: https://github.com/maekitalo/tntnet/commit/9bd3b14042e12d84f39ea9f55731705ba516f525 (p1)
 upstream: https://github.com/maekitalo/tntnet/commit/9d1a859e28b78bfbf769689454b529ac7709dee4 (p2)
upstream_tntnet: released (2.2.1)
lucid_tntnet: ignored (reached end-of-life)
precise_tntnet: ignored (reached end-of-life)
precise/esm_tntnet: DNE (precise was needed)
quantal_tntnet: ignored (reached end-of-life)
raring_tntnet: ignored (reached end-of-life)
saucy_tntnet: ignored (reached end-of-life)
trusty_tntnet: not-affected (2.2.1-1)
trusty/esm_tntnet: DNE (trusty was not-affected [2.2.1-1])
utopic_tntnet: not-affected (2.2.1-1)
vivid_tntnet: not-affected (2.2.1-1)
vivid/stable-phone-overlay_tntnet: DNE
vivid/ubuntu-core_tntnet: DNE
wily_tntnet: not-affected (2.2.1-1)
xenial_tntnet: not-affected (2.2.1-1)
yakkety_tntnet: not-affected (2.2.1-1)
zesty_tntnet: not-affected (2.2.1-1)
devel_tntnet: not-affected (2.2.1-1)