|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[SA14530] Apache HTTP Request Smuggling Vulnerability
From: Secunia Security Advisories (sec-adv
secunia.com)
Date: Tue Jul 26 2005 - 09:35:28 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
----------------------------------------------------------------------
Bist Du interessiert an einem neuen Job in IT-Sicherheit?
Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-
Sicherheit:
http://secunia.com/secunia_vacancies/
----------------------------------------------------------------------
TITLE:
Apache HTTP Request Smuggling Vulnerability
SECUNIA ADVISORY ID:
SA14530
VERIFY ADVISORY:
http://secunia.com/advisories/14530/
CRITICAL:
Less critical
IMPACT:
Security Bypass, Cross Site Scripting, Manipulation of data
WHERE:
From remote
SOFTWARE:
Apache 2.0.x
http://secunia.com/product/73/
DESCRIPTION:
A vulnerability has been reported in Apache, which can be exploited
by malicious people to conduct HTTP request smuggling attacks.
The vulnerability is caused due to an error in the handling of
malformed HTTP requests with both "Transfer-Encoding" and
"Content-Length" headers and can be exploited to cause Apache to
forward malicious HTTP requests in the HTTP body, which will be
processed as a separate HTTP requests by the receiving server.
Successful exploitation allows poisoning of the web proxy cache or
bypass of certain web application firewall protections, but requires
that Apache is configured as a web proxy.
An off-by-one error has also been reported in mod_ssl when printing
debug information and configured to use a malicious CRL (Certificate
Revocation List).
SOLUTION:
Reportedly, the vulnerabilities will be fixed in the upcoming version
2.0.55.
PROVIDED AND/OR DISCOVERED BY:
HTTP request smuggling reported by:
Watchfire
CRL issue reported by:
Marc Stern
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
----------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]